Abstract :
Cloud
Computing has great potential of providing robust computational power to the
society at reduced cost. It enables customers with limited computational
resources to outsource their large computation workloads to the cloud, and
economically enjoy the massive computational power, bandwidth, storage, and
even appropriate software that can be shared in a pay-per-use manner. Despite
the tremendous benefits, security is the primary obstacle that prevents the
wide adoption of this promising computing model, especially for customers when
their confidential data are consumed and produced during the computation.
Existing
System:
Despite the
tremendous benefits, outsourcing computation to the commercial public cloud is
also depriving customers’ direct control over the systems that consume and
produce their data during the computation, which inevitably brings in new
security concerns and challenges towards this promising computing model. On the
one hand, the outsourced computation workloads often contain sensitive
information, such as the business financial records, proprietary research data,
or personally identifiable health information etc.
Proposed
System:
On the one
hand, the outsourced computation workloads often contain sensitive information,
such as the business financial records, proprietary research data, or
personally identifiable health information etc. To combat against unauthorized
information leakage, sensitive data have to be encrypted before outsourcing so
as to provide end to- end data confidentiality assurance in the cloud and
beyond. However, ordinary data encryption techniques in essence prevent cloud
from performing any meaningful operation of the underlying plaintext data,
making the computation over encrypted data a very hard problem. On the other
hand, the operational details inside the cloud are not transparent enough to
customers. As a result, there do exist various motivations for cloud server to
behave unfaithfully and to return incorrect results, i.e., they may behave beyond
the classical semi honest model.
Fully
homomorphic encryption (FHE) scheme, a general result of secure computation
outsourcing has been shown viable in theory, where the computation is
represented by an encrypted combinational Boolean circuit that allows to be
evaluated with encrypted private inputs.
Module
Description:
Mechanism
Design Framework
Basic
Techniques
Enhanced
Techniques via Affine Mapping
Result
Verification
Mechanism
Design Framework:
We propose
to apply problem transformation for mechanism design. The general framework is
adopted from a generic approach, while our instantiation is completely
different and novel. In this framework, the process on cloud server can be
represented by algorithm ProofGen and the process on customer can be organized
into three algorithms (KeyGen, ProbEnc, ResultDec). These four algorithms are
summarized below and will be instantiated later.
Basic
Techniques
Before
presenting the details of our proposed mechanism, we study in this subsection a
few basic techniques and show that the input encryption based on these
techniques along may result in an unsatisfactory mechanism. However, the
analysis will give insights on how a stronger mechanism should be designed.
Note that to simplify the presentation, we assume that the cloud server
honestly performs the computation, and defer the discussion on soundness to a
later section.
1) Hiding
equality constraints (A, b): First of all, a randomly generated m × m
non-singular matrix Q can be part of the secret key K. The customer can apply
the matrix to Eq. (2) for the following constraints transformation, Ax = b ⇒ A′x = b′
where A′ =
QA and b′ = Qb.
Enhanced
Techniques via Affine Mapping
To enhance
the security strength of LP outsourcing, we must be able to change the feasible
region of original LP and at the same time hide output vector x during the
problem input encryption. We propose to encrypt the feasible region of _ by
applying an affine mapping on the decision variables x. This design principle
is based on the following observation: ideally, if we can arbitrarily transform
the feasible area of problem _ from one vector space to another and keep the
mapping
function as
the secret key, there is no way for cloud server to learn the original feasible
area information. Further, such a linear mapping also serves the important
purpose of output hiding.
Result
Verification
Till now,
we have been assuming the server is honestly performing the computation, while being
interested learning information of original LP problem. However, such
semihonest model is not strong enough to capture the adversary behaviors in the
real world. In many cases, especially when the computation on the cloud
requires a huge amount of computing resources, there exists strong financial
incentives for the cloud server to be “lazy”. They might either be not willing
to commit service-level-agreed computing resources to save cost, or even be
malicious just to sabotage any following up computation at the customers. Since
the cloud server promises to solve the LP problem _K = (A′,B′, b′, c′), we propose
to solve the result verification problem by designing a method to verify the
correctness of the solution y of _K. The soundness condition would be a
corollary thereafter when we present the whole mechanism in the next section.
Note that in our
design, the workload required for customers on the result verification is
substantially cheaper than solving the LP problem on their own, which ensures
the great computation savings for secure LP outsourcing.
Download :
Download :