Security and Privacy in Big Data, Blessing or Curse?

Similar documents
Computing on Encrypted Data

Big Data - Security and Privacy

Associate Prof. Dr. Victor Onomza Waziri

COMPARING ENCRYPTED DATA. Thijs Veugen

Fully homomorphic encryption equating to cloud security: An approach

Digital Object Identifier /MSP Date of publication: 5 December 2012

ATTPS Publication: Trustworthy ICT Taxonomy

Experimental Analysis of Privacy-Preserving Statistics Computation

Secure Alternate Viable Technique of Securely Sharing The Personal Health Records in Cloud

Cyber DTU. Lars Ramkilde Knudsen

Top Ten Security and Privacy Challenges for Big Data and Smartgrids. Arnab Roy Fujitsu Laboratories of America

Efficient Privacy-Preserving Face Recognition

RIGOROUS PUBLIC AUDITING SUPPORT ON SHARED DATA STORED IN THE CLOUD BY PRIVACY-PRESERVING MECHANISM

K-NN CLASSIFICATION OVER SECURE ENCRYPTED RELATIONAL DATA IN OUTSOURCED ENVIRONMENT

NEW CRYPTOGRAPHIC CHALLENGES IN CLOUD COMPUTING ERA

EFFICIENT AND SECURE DATA PRESERVING IN CLOUD USING ENHANCED SECURITY

addressed. Specifically, a multi-biometric cryptosystem based on the fuzzy commitment scheme, in which a crypto-biometric key is derived from

A Comprehensive Data Forwarding Technique under Cloud with Dynamic Notification

Biometric Authentication Platform for a Safe, Secure, and Convenient Society

Security Infrastructure for Trusted Offloading in Mobile Cloud Computing

IEEE International Conference on Computing, Analytics and Security Trends CAST-2016 (19 21 December, 2016) Call for Paper

EIT ICT Labs MASTER SCHOOL. Specialisations

Secure Computation Martin Beck

Enabling Public Auditing for Secured Data Storage in Cloud Computing

3TU.BSR: Big Software on the Run

Secure and privacy-preserving DRM scheme using homomorphic encryption in cloud computing

Chapter 1: Introduction

Verifiable Outsourced Computations Outsourcing Computations to Untrusted Servers

A SECURE DECISION SUPPORT ESTIMATION USING GAUSSIAN BAYES CLASSIFICATION IN HEALTH CARE SERVICES

Whitewash: Securely Outsourcing Garbled Circuit Generation

Arnab Roy Fujitsu Laboratories of America and CSA Big Data WG

Global Soft Solutions JAVA IEEE PROJECT TITLES

Third Party Auditing For Secure Data Storage in Cloud through Trusted Third Party Auditor Using RC5

Paillier Threshold Encryption Toolbox

Xianrui Meng. MCS 138, 111 Cummington Mall Department of Computer Science Boston, MA (857)

Internet of Things (IoT): A vision, architectural elements, and future directions

Survey on Efficient Information Retrieval for Ranked Query in Cost-Efficient Clouds

Privacy-preserving Data-aggregation for Internet-of-things in Smart Grid

On the features and challenges of security and privacy in distributed internet of things. C. Anurag Varma CpE /24/2016

2. Cyber security research in the Netherlands

3-6 Toward Realizing Privacy-Preserving IP-Traceback

Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

A NOVEL APPROACH FOR MULTI-KEYWORD SEARCH WITH ANONYMOUS ID ASSIGNMENT OVER ENCRYPTED CLOUD DATA

NSF Workshop on Big Data Security and Privacy

Efficient and Robust Secure Aggregation of Encrypted Data in Wireless Sensor Networks

National Cybersecurity Challenges and NIST. Donna F. Dodson Chief Cybersecurity Advisor ITL Associate Director for Cybersecurity

Author. Ginés Dólera Tormo. Advisors Dr. Félix Gómez Mármol (NEC Laboratories Europe) Prof. Dr. Gregorio Martínez Pérez (University of Murcia)

E-Democracy and e-voting

End-to-end Secure Data Aggregation in Wireless Sensor Networks

Homomorphic Encryption Schema for Privacy Preserving Mining of Association Rules

1. Fault Attacks for Virtual Machines in Embedded Platforms. Supervisor: Dr Konstantinos Markantonakis,

Secure and Efficient Protocols for Iris and Fingerprint Identification

The Challenge of Data and Application Security and Privacy (DASPY): Are We Up to It?

PRISMACLOUD. Privacy and Security Maintaining Services in the Cloud Thomas Loruenser AIT Austrian Institute of Technology GmbH

Efficient Unlinkable Secret Handshakes for Anonymous Communications

Vector Calculus Fourier Series & Laplace Transform PYN106 Electromagnetic Field Theory 3 1/2 2/2 4

A Roadmap for Future Architectures and Services for Manufacturing. Carsten Rückriegel Road4FAME-EU-Consultation Meeting Brussels, May, 22 nd 2015

PROFESSIONAL INTERESTS WORK EXPERIENCE GINÉS DÓLERA TORMO CURRICULUM VITAE OCTOBER 2014

Data Grid Privacy and Secure Storage Service in Cloud Computing

Methodology for Emulating Self Organizing Maps for Visualization of Large Datasets

Resume. Dr. Vedat COSKUN. Organisational Personal Personal Web Site Research Lab Web Site

A Secure Model for Medical Data Sharing

Scalable and secure sharing of data in cloud computing using attribute based encryption

Cyber Security and Privacy

Improving data integrity on cloud storage services

Basheer Al-Duwairi Jordan University of Science & Technology

Approaches for privacy-friendly Smart Metering: Architecture using homomorphic encryption and homomorphic MACs

POSTGRADUATE OPEN DAY

Enabling Public Auditability, Dynamic Storage Security and Integrity Verification in Cloud Storage

An Efficient and Secure Data Sharing Framework using Homomorphic Encryption in the Cloud

Rfid Authentication Protocol for security and privacy Maintenance in Cloud Based Employee Management System

Innovation value pools for Utilities or Advanced Information and Communications (ICT) Technology in Energy

NATIONAL SUN YAT-SEN UNIVERSITY

EXAMINING OF HEALTH SERVICES BY UTILIZATION OF MOBILE SYSTEMS. Dokuri Sravanthi 1, P.Rupa 2

SECURE AND TRUSTY STORAGE SERVICES IN CLOUD COMPUTING

Research Topics in the National Cyber Security Research Agenda

An Application of the Goldwasser-Micali Cryptosystem to Biometric Authentication

Transcription:

Security and Privacy in Big Data, Blessing or Curse? 2 nd National Cryptography Days 9-11 April 2015 Dr. Zeki Erkin Cyber Security Section Department of Intelligent Systems Delft University of Technology 1

About me BSc and MSc @ITU, Istanbul, 2002, 2005 PhD @TU Delft, 2010 PostDoc @ TU Delft, 2010-2014 Assist. Prof. @ TU Delft, Cyber Security Group FET Signal Processing in the Encrypted Domain STW Kindred Spirits Dutch/COMMIT Trusted Healthcare and Extreme Wireless Sensor Networks 3TU Big Software on the Run Secure Signal Processing, Privacy Enhancing Technologies MPC, Homomorphic Encryption PCs, TCs: JoPETS, PETs, IEEE TIFS, WIFS, ICIP, ICASSP Bochum, Aarhus, UC Irvine, IBM Zurich 2

Outline Security and Privacy in Big data Motivation Secure Signal Processing Face Recognition Recommender Systems Research Challenges and Opportunities 3

Privacy concerns Data data and more data 4

Problem statement Sensitive Data Commercially valuable algorithm 1. Service provider trustworthy Bankruptcy, lost-theft of data, insiders 2. Service provider untrustworthy Malicious acts, selling-transfer of data to the 3 rd parties Cloud computing: outsourcing computation and storage Where, when, by whom? Laws? Privacy? Espionage? Can we protect privacy while processing data without hampering services? 5

Players Government Regulation, legalization, protecting privacy, providing security and safety (critical infrastructures), creating new business fields Citizens Demanding security and privacy. Economical benefits, job opportunities Business Increasing profit, reducing costs, reaching out to more customers, new business ideas Academia Solutions for societal problems 6

Secure Data Processing computational privacy Privacy Enhancing Technologies Privacy by Design Applied cryptography Homomorphic encryption Garbled circuits Secret sharing MPC techniques Do not reveal sensitive data in plaintext! 7

Face Recognition Alice Bob Is he a criminal? Database Processing Yes, ID/No 8

with Privacy Alice Bob Is he a criminal? Database Processing [Yes], [ID]/[No] Z. Erkin, M. Franz, J. Guajardo, S. Katzenbeisser, R. L. Lagendijk and T. Toft, Privacy- Preserving Face Recognition, 9th International Symposium on Privacy Enhancing Technologies, LNCS 5672, pp. 235-253, August 2009. 9

Eigenface Algorithm 10

Secure Face Recognition 11

Homomorphic Encryption A number of schemes preserve structure after encryption. Additive Homomorphism (Paillier 99) 12

Projection in the encrypted domain Alice (sk) Bob (pk) Input image Encrypted pixel values Feature vectors in a database Apply projection and obtain the feature vector of the input image. 13

Euclidean Distance Alice (sk) Bob (pk) F y =(f (y,1),f (y,2),...,f (y,k) ) Secure Multiplication Protocol! Homomorphism 14

Secure Multiplication Protocol Bob Alice 15

Finding the minimum Alice (sk) Bob (pk) [D 2 (F x,f y )], [D 2 (F x,f w )],...,[D 2 (F x,f z )] Find the minimum squared distance! But [D 2 (F x,f y )] = g D2 (F x,f y ) r n 1 mod n 2 = 154894318447855...4848948974897 [D 2 (F x,f w )] = g D2 (F x,f w ) r n 2 mod n 2 = 956814894149...123484987163 16

Finding the Minimum: Concept 17

Interactive Game Alice Bob 18

Comparison [e i ] = [1] [c i ] [r i ] 1 `Y 1 [c j ] [r j ] [c j ] 2r j j=i+1 19

Secure Face Recognition 20

Performance Implemented in 2009 Integer arithmetic 400 images (112x92) 18 seconds Implementation in 2009 (hybrid approach) Garbled circuits 1000 images 13 seconds 21

Recommender Systems Problem: Privacy likes/dislikes: identification and tracking medical data cannot be stored and processed Solution: Privacy Enhancing Technologies 22

Ideal System 23

3-Party Setting Erkin, Z., Veugen, T., Toft, T., Lagendijk, R.: Generating Private Recommendations Efficiently Using Homomorphic Encryption and Data Packing. IEEE Transactions on Information Forensics and Security 7 (06/2012 2012) 1053 1066 Beye, M., Erkin, Z., Lagendijk, R.: Efficient privacy preserving K-means clustering in a three-party setting. In: Information Forensics and Security (WIFS), 2011 IEEE International Workshop on. (29 2011-dec. 2 2011) 1 6 Canny, J.: Collaborative filtering with privacy. In Proceedings IEEE Symposium on Security and Privacy, IEEE (2002) 45 57 24

Dynamic Execution Problem Kononchuk, D., Z. Erkin, J. C. A. van der Lubbe, and R. L. Lagendijk, "Privacy-Preserving User Data Oriented Services For Groups With Dynamic Participation", ESORICS, Egham, UK, 09/2013. 25

Case Study: Ahold E(ID) Data Profiles 320M visitors in NL per year Suggestions This is BIG DATA 26

Curse or Blessing Curse Awareness - society Legalization - governments Limitations - industry Blessing Research questions! Privacy by design wins! 27

Research Challenges Efficiency Run-time, bandwidth, storage Security model Semi-honest, covert, malicious Cryptographic tools FHE, SHE, HE, GC, SS (additive, strong ramp) MPC techniques Application setting 2-party, 3-party, N-party Static and Dynamic Application domain Cloud computing Confidentiality(privacy), integrity (computation and storage) Smart grids Billing, data aggregation, verification, prediction Automotive, social networks, supply chains Data mining (finance), data fusion, real time, data mitigation etc 28

Opportunities Multi-disciplinary Cryptography, signal processing, pattern recognition, machine learning, social sciences: social-technical solutions (H2020) Wide application domain Biometrics, smart grids, cloud computing, finance, defence..etc H2020 Digital societies: Trust, Privacy ICT calls Thank you for your attention! 29

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information