Abstract
Owner-centric control is a widely adopted method for easing owners' concerns over data abuses and motivating them to share their data out to gain collective knowledge. However, while many control enforcement techniques have been proposed, privacy threats due to the metadata leakage therein are largely neglected in existing works. Unfortunately, a sophisticated attacker can infer very sensitive information based on either owners' data control policies or their analytic task participation histories (e.g., participating in a mental illness or cancer study can reveal their health conditions). To address this problem, we introduce Vizard, a metadata-hiding analytic system that enables privacy-hardened and enforceable control for owners. Vizard is built with a tailored suite of lightweight cryptographic tools and designs that help us efficiently handle analytic queries over encrypted data streams coming in real-time (like heart rates). We propose extension designs to further enable advanced owner-centric controls (with AND, OR, NOT operators) and provide owners with release control to additionally regulate how the result should be protected before deliveries. We develop a prototype of Vizard that is interfaced with Apache Kafka, and the evaluation results demonstrate the practicality of Vizard for large-scale and metadata-hiding analytics over data streams.
| Original language | English |
|---|---|
| Title of host publication | CCS '22 |
| Subtitle of host publication | Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security |
| Publisher | Association for Computing Machinery |
| Pages | 441-454 |
| ISBN (Print) | 978-1-4503-9450-5 |
| DOIs | |
| Publication status | Published - 7 Nov 2022 |
| Event | 28th ACM SIGSAC Conference on Computer and Communications Security (CCS 2022) - Hybrid , Los Angeles, United States Duration: 7 Nov 2022 → 11 Nov 2022 https://www.sigsac.org/ccs/CCS2022/ |
Publication series
| Name | Proceedings of the ACM Conference on Computer and Communications Security |
|---|---|
| ISSN (Print) | 1543-7221 |
Conference
| Conference | 28th ACM SIGSAC Conference on Computer and Communications Security (CCS 2022) |
|---|---|
| Place | United States |
| City | Los Angeles |
| Period | 7/11/22 → 11/11/22 |
| Internet address |
Bibliographical note
Full text of this publication does not contain sufficient affiliation information. With consent from the author(s) concerned, the Research Unit(s) information for this record is based on the existing academic department affiliation of the author(s).Funding
We sincerely thank all anonymous reviewers for their useful comments and instructions. This work was funded in part by the Research Grants Council of Hong Kong under Grants CityU 11217819, 11217620, 11218521, 11202419, N_CityU139/21, RFS2122-1S04, C2004- 21GF, R1012-21, and R6021-20F, and by the National Natural Science Foundation of China under Grants U20B2049 and U21B2018, by InnoHK initiative, the Government of the HKSAR, and Laboratory for AI-Powered Financial Technologies.
Research Keywords
- end-to-end control
- metadata privacy
- secure data analytics
RGC Funding Information
- RGC-funded
