Bijit Hore

A privacy-preserving index for range queries

Database outsourcing is an emerging data management paradigm which has the potential to transform the IT operations of corporations. In this paper we address privacy threats in database outsourcing scenarios where trust in the service provider is limited. Specifically, we analyze the data partitioning (bucketization) technique and algorithmically develop this technique to build privacy-preserving indices on sensitive attributes of a relational table. Such indices enable an untrusted server to evaluate obfuscated range queries with minimal information leakage. We analyze the worst-case scenario of inference attacks that can potentially lead to breach of privacy (e.g., estimating the value of a data element within a small error margin) and identify statistical measures of data privacy in the context of these attacks. We also investigate precise privacy guarantees of data partitioning which form the basic building blocks of our index. We then develop a model for the fundamental privacy-utility tradeoff and design a novel algorithm for achieving the desired balance between privacy and utility (accuracy of range query evaluation) of the index.

Secure multidimensional range queries over outsourced data

In this paper, we study the problem of supporting multidimensional range queries on encrypted data. The problem is motivated by secure data outsourcing applications where a client may store his/her data on a remote server in encrypted form and want to execute queries using server’s computational capabilities. The solution approach is to compute a secure indexing tag of the data by applying bucketization (a generic form of data partitioning) which prevents the server from learning exact values but still allows it to check if a record satisfies the query predicate. Queries are evaluated in an approximate manner where the returned set of records may contain some false positives. These records then need to be weeded out by the client which comprises the computational overhead of our scheme. We develop a bucketization procedure for answering multidimensional range queries on multidimensional data. For a given bucketization scheme, we derive cost and disclosure-risk metrics that estimate client’s computational overhead and disclosure risk respectively. Given a multidimensional dataset, its bucketization is posed as an optimization problem where the goal is to minimize the risk of disclosure while keeping query cost (client’s computational overhead) below a certain user-specified threshold value. We provide a tunable data bucketization algorithm that allows the data owner to control the trade-off between disclosure risk and cost. We also study the trade-off characteristics through an extensive set of experiments on real and synthetic data.

CREW: A Gossip-based Flash-Dissemination System

In this paper, we explore a new form of dissemination called Flash Dissemination that involves dissemination of fixed, rich information to a large number of recipients in as short a time as possible. Key characteristics of Flash Dissemination include unpredictability in its need, scalability to large number of recipients and autonomic performance in highly heterogenous and failureprone environments. Previous work either addresses large content delivery in heterogenous networks or fault-tolerant dissemination of (streaming) events. We investigate a peer-based approach using foundations from broadcast networks, gossip theory and random networks. In this paper, we propose CREW (Concurrent Random Expanding Walkers), a scalable, lightweight, and autonomic gossip-based protocol. CREW is also explicitly designed to maximize the speed of dissemination using adaptive and intelligent intra and inter node concurrency. We implemented CREW on top of a scalable middleware environment and compared it to optimized implementations of popular gossip and peer-based systems. Our experiments show that CREW outperforms both traditional gossip and current large content dissemination systems, across a wide range of comparative metrics, even though its design is counterintuitive from a systems perspective.

Risk-Aware Workload Distribution in Hybrid Clouds

This paper explores an efficient and secure mechanism to partition computations across public and private machines in a hybrid cloud setting. We propose a principled framework for distributing data and processing in a hybrid cloud that meets the conflicting goals of performance, sensitive data disclosure risk and resource allocation costs. The proposed solution is implemented as an add-on tool for a Hadoop and Hive based cloud computing infrastructure. Our experiments demonstrate that the developed mechanism can lead to a major performance gain by exploiting both the hybrid cloud components without violating any pre-determined public cloud usage constraints.

Building disclosure risk aware query optimizers for relational databases

Many DBMS products in the market provide built in encryption support to deal with the security concerns of the organizations. This solution is quite effective in preventing data leakage from compromised/stolen storage devices. However, recent studies show that a significant part of the leaked records have been done so by using specialized malwares that can access the main memory of systems. These malwares can easily capture the sensitive information that are decrypted in the memory including the cryptographic keys used to decrypt them. This can further compromise the security of data residing on disk that are encrypted with the same keys. In this paper we quantify the disclosure risk of encrypted data in a relational DBMS for main memory-based attacks and propose modifications to the standard query processing mechanism to minimize such risks. Specifically, we propose query optimization techniques and disclosure models to design a data-sensitivity aware query optimizer. We implemented a prototype DBMS by modifying both the storage engine and optimizer of MySQL-InnoDB server. The experimental results show that the disclosure risk of such attacks can be reduced dramatically while incurring a small performance overhead in most cases.

Subscription subsumption evaluation for content-based publish/subscribe systems

In this paper we address the problem of subsumption checking for subscriptions in pub/sub systems. We develop a novel approach based on negative space representation for subsumption checking and provide efficient algorithms for subscription forwarding in a dynamic pub/sub environment. We then provide heuristics for approximate subsumption checking that greatly enhance the performance without compromising the correct execution of the system and only adding incremental cost in terms of extra computation in brokers. We illustrate the advantages of this novel approach by carrying out extensive experimentation.

CloudProtect: Managing Data Privacy in Cloud Applications

This paper describes the CloudProtect middleware that empowers users to encrypt sensitive data stored within various cloud applications. However, most web applications require data in plaintext for implementing the various functionalities and in general, do not support encrypted data management. Therefore, CloudProtect strives to carry out the data transformations (encryption/decryption) in a manner that is transparent to the application, i.e., preserves all functionalities of the application, including those that require data to be in plaintext. Additionally, CloudProtect allows users flexibility in trading off performance for security in order to let them optimally balance their privacy needs and usage-experience.

Indexing text data under space constraints

An important class of queries is the LIKE predicate in SQL. In the absence of an index, LIKE queries are subject to performance degradation. The notion of indexing on substrings (or <i>q</i>-grams) has been explored earlier without sufficient consideration of efficiency. <i>q</i>-grams are used to prune away rows that do not qualify for the query. The problem is to identify a finite number of grams subject to storage constraint that gives maximal pruning for a given query workload. Our contributions include: i) a formal problem definition, that produces results within a provable error bound, ii) performance evaluation of the application of the novel method to real data, and iii) parallelization of the algorithm, scaling considerations and a proposal to handle scaling issues.

CCD: efficient customized content dissemination in distributed publish/subscribe

In this paper, we propose a new content-based publish/subscribe (pub/sub) framework that enables a pub/sub system to accommodate richer content formats including multimedia publications with image and video content. The pub/sub system besides being responsible for matching and routing the published content, is also responsible for converting the content into the suitable (target) format for each subscriber. Content conversion is achieved through a set of content adaptation operators (e.g., image transcoder, document translator, etc.) at different nodes in the overlay network. We study algorithms for placement of such operators in the pub/sub broker overlay in order to minimize the communication and computation resource consumption. Our experimental results show that careful placement of these operators in pub/sub overlay network can lead to significant cost reduction.

Design and Implementation of a Middleware for Sentient Spaces

Surveillance is an important task for guaranteeing the security of individuals. Being able to intelligently monitor the activity in given spaces is essential to achieve such surveillance. Sentient spaces based on a large set of sensors provide the potential for such intelligent monitoring. However, heavily instrumenting a space with sensors it is not enough to build a sentient space. One needs a software architecture that allows programming all these sensors in a transparent and efficient manner. In this paper, we present SATware, a stream acquisition and transformation middleware we are developing to analyze, query, and transform multimodal sensor data streams to facilitate flexible development of sentient environments. SATware provides a powerful application development environment in which users (i.e., application builders) can focus on the specifics of the application without having to deal with the technical peculiarities of accessing a large number of diverse sensors via different protocols.