Vizard: A Metadata-hiding Data Analytic System with End-to-End Policy Controls

Chengjun Cai, Yichen Zang, Cong Wang, Xiaohua Jia, Qian Wang
{"title":"Vizard: A Metadata-hiding Data Analytic System with End-to-End Policy Controls","authors":"Chengjun Cai, Yichen Zang, Cong Wang, Xiaohua Jia, Qian Wang","doi":"10.1145/3548606.3559349","DOIUrl":null,"url":null,"abstract":"Owner-centric control is a widely adopted method for easing owners' concerns over data abuses and motivating them to share their data out to gain collective knowledge. However, while many control enforcement techniques have been proposed, privacy threats due to the metadata leakage therein are largely neglected in existing works. Unfortunately, a sophisticated attacker can infer very sensitive information based on either owners' data control policies or their analytic task participation histories (e.g., participating in a mental illness or cancer study can reveal their health conditions). To address this problem, we introduce Vizard, a metadata-hiding analytic system that enables privacy-hardened and enforceable control for owners. Vizard is built with a tailored suite of lightweight cryptographic tools and designs that help us efficiently handle analytic queries over encrypted data streams coming in real-time (like heart rates). We propose extension designs to further enable advanced owner-centric controls (with AND, OR, NOT operators) and provide owners with release control to additionally regulate how the result should be protected before deliveries. We develop a prototype of Vizard that is interfaced with Apache Kafka, and the evaluation results demonstrate the practicality of Vizard for large-scale and metadata-hiding analytics over data streams.","PeriodicalId":435197,"journal":{"name":"Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security","volume":"60 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-11-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3548606.3559349","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3

Abstract

Owner-centric control is a widely adopted method for easing owners' concerns over data abuses and motivating them to share their data out to gain collective knowledge. However, while many control enforcement techniques have been proposed, privacy threats due to the metadata leakage therein are largely neglected in existing works. Unfortunately, a sophisticated attacker can infer very sensitive information based on either owners' data control policies or their analytic task participation histories (e.g., participating in a mental illness or cancer study can reveal their health conditions). To address this problem, we introduce Vizard, a metadata-hiding analytic system that enables privacy-hardened and enforceable control for owners. Vizard is built with a tailored suite of lightweight cryptographic tools and designs that help us efficiently handle analytic queries over encrypted data streams coming in real-time (like heart rates). We propose extension designs to further enable advanced owner-centric controls (with AND, OR, NOT operators) and provide owners with release control to additionally regulate how the result should be protected before deliveries. We develop a prototype of Vizard that is interfaced with Apache Kafka, and the evaluation results demonstrate the practicality of Vizard for large-scale and metadata-hiding analytics over data streams.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
一个包含端到端策略控制的元数据隐藏数据分析系统
以所有者为中心的控制是一种广泛采用的方法,可以缓解所有者对数据滥用的担忧,并激励他们分享数据以获得集体知识。然而,尽管已经提出了许多控制实施技术,但现有工作在很大程度上忽略了其中元数据泄漏带来的隐私威胁。不幸的是,一个老练的攻击者可以根据所有者的数据控制策略或他们的分析任务参与历史推断出非常敏感的信息(例如,参与精神疾病或癌症研究可以揭示他们的健康状况)。为了解决这个问题,我们引入了Vizard,这是一个元数据隐藏分析系统,可以为所有者提供隐私强化和强制控制。Vizard构建了一套定制的轻量级加密工具和设计,帮助我们有效地处理实时(如心率)加密数据流的分析查询。我们提出了扩展设计,以进一步实现先进的以业主为中心的控制(使用AND, OR, NOT操作),并为业主提供释放控制,以额外调节交付前应如何保护结果。我们开发了一个与Apache Kafka接口的Vizard原型,评估结果证明了Vizard在数据流上进行大规模和元数据隐藏分析的实用性。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
P-Verifier: Understanding and Mitigating Security Risks in Cloud-based IoT Access Policies When Frodo Flips: End-to-End Key Recovery on FrodoKEM via Rowhammer Poster: MUSTARD - Adaptive Behavioral Analysis for Ransomware Detection Poster: Fingerprint-Face Friction Based Earable Authentication A Run a Day Won't Keep the Hacker Away: Inference Attacks on Endpoint Privacy Zones in Fitness Tracking Social Networks
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1