Privacy-enhancing Search Technologies for Advanced Cloud Applications


Student thesis: Doctoral Thesis

View graph of relations


Related Research Unit(s)


Awarding Institution
Award date7 Jan 2019


Over the past decade, more and more organizations and institutions have started adopting public cloud for the storage and analytic infrastructure of their data. This trend will be further accelerated by the advancement of big data applications and Internet of Things. However, these systems do not ensure strong protection on data confidentiality, thereby falling short of addressing serious privacy concerns raised from massive data breaches. Despite the effectiveness in addressing the security concerns, directly applying data encryption to outsourced data would prevent data utilization like search over the encrypted data. Therefore, it explicitly invalidates many benefits of deploying the cloud applications.

This thesis presents algorithms and implementation for secure cloud-based outsourcing services, ensuring strong protection on data privacy while addressing the specific challenges in different cloud application scenarios. First, we designed an encrypted key-value store system, aiming to ease the privacy concern on data storage outsourcing, and preserve the benefits of modern backbones of cloud storage systems, i.e., high throughput, low latency, incremental scalability, and fine availability. Second, we proposed a searchable encryption scheme for secure and practical computation outsourcing, and applied this building block to enable privacy-preserving range-based network functions. It aims to address the dilemma between data confidentiality and data utility, and make search over encrypted data as convenient as over plaintext. Third, we further introduced a practical system framework for cloud applications to perform secure update operations and preserve forward-security in a practical manner. The line of research has impacts on both academy and industry. The proposed solutions promote new algorithms and new architectures for applications built on encrypted storage with security and performance guarantees, which bring the entire society confidence of migrating sensitive data applications to cloud computing.

    Research areas

  • Cloud computing, Cryptography