Many organizations and individuals rely on the cloud to store their data and process their analytical queries. But such data may contain sensitive information. Not only do users want to conceal their data on a cloud, they may also want to hide analytical queries over their data, results of such queries, and data access patterns from a cloud service provider (that may be compromised either from within or by a third party). This research designs and implements SEAL, a Secure Engine for AnaLytics over large data on a cloud. SEAL encrypts data using secure encryption schemes, but supports analytical operations through a new approach of building a meta-answer database. SEAL is developed within a security framework that allows specifying different levels of desired security. The design of SEAL in particular explores the tradeoff between security and efficiency, providing solutions with different provable security and efficiency features for a wide variety of analytical operations. Users are able to continue to enjoy the benefits a cloud has to offer, but now without the worry of losing sensitive information and with control over the security and efficiency tradeoff.
Continuation of Award #: 1514526