Please use this identifier to cite or link to this item:
http://hdl.handle.net/10397/95803
Title: | Privacy-preserving query processing based on trusted execution environment and access pattern obfuscation technologies | Authors: | Han, Ziyang | Degree: | Ph.D. | Issue Date: | 2022 | Abstract: | The thesis involves three research works in the field of privacy-preserving query processing. They focus on the research problems of memory level security and privacy of data querying services in the cloud hosting environment. In such a scenario, the proposed schemes consider not only the direct attacks tampering with the data and the data processing but also the threats from semi-honest adversaries in cloud platforms that attempt to derive sensitive information for inference attacks through analyzing the access pattern leakage. Motivated by these security goals, three privacy-preserving schemes are designed based on different principles and for different types of queries that comprise the body of the thesis. The first work proposes memory-secure DBMS adaptation encapsulating a bare SQL processor into the trusted execution environment (TEE) and optimizes the existing Oblivious RAM scheme to efficiently shuffle the access patterns generated in retrieving data blocks from untrusted memory for processing inside TEE. The second work provides a perturbation mechanism in a two-tier index to obfuscate the access pattern on the trapdoors of the fuzzy keyword search over encrypted document database. The TEE technology is employed to encapsulate the plaintext secondary index which is sensitive and conceals the obfuscation process. The third work gives a middleware solution to obfuscate access frequency patterns for general queries without leaking sensitive information of individual queries in a harsher threat model in which the query boundaries are exposed to attackers. Different from the former two schemes, it introduces a K-isomorphism perturbation mechanism on the query requests while not over the data storage and query processor. In each of these works, adequate literature is reviewed, and the most related works are involved in comparative evaluations. The thesis unifies the three works under a common background to summarize the research outcomes in the Ph.D. program and gives a prospect of future works. | Subjects: | Computer security Data privacy Computer networks -- Security measures Querying (Computer science) Hong Kong Polytechnic University -- Dissertations |
Pages: | x, 144 pages : color illustrations |
Appears in Collections: | Thesis |
Access
View full-text via https://theses.lib.polyu.edu.hk/handle/200/11937
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.