|
Cloud service providers offer a wide range of data storage and computation products. Customers increasingly outsource data and computation to third-party cloud providers. However, when customers upload their data to the cloud provider, they relinquish data confidentiality. As countless recent events attest, securing data and computation is a problem of tremendous importance. This project explores whether customers can take advantage of inexpensive, efficient, and convenient cloud services, including computation, while preserving to some extent data confidentiality, and retaining efficiency.
This project builds new program analyses that mitigate the impact of data conversion, and transform programs to compute securely using these methods. This research leverages prior work on SecureMR, a system that automatically transforms a MapReduce program into one that works over encrypted data on a public cloud. This project addresses a key issue with SecureMR, namely, that a single trusted client is bound to limit scalability of highly parallel MapReduce programs. This project envisions program analyses and transformations that split work between two cloud systems, and explores key challenges in building models and analyses that guarantee confidentiality of data such that neither system can reconstruct the original plaintext input data. The project develops SecureMR-2PC, based on 2-party computation (2PC), which splits input data into shares among two clouds, to avoid leakage of aggregate data and achieve provable privacy guarantees. Additionally, the project develops novel program analysis techniques that reason about sharing protocols to improve efficiency of multi-party computation. The project builds a comprehensive benchmark suite of MapReduce programs to facilitate research on secure computation on the cloud.
|
SaTC: CORE: Small: Program Analysis and Transformations for Secure Computation on the Cloud