Abstract
In the era of big-data, personal data is produced, collected and consumed at different sites. A public directory connects data producers and consumers over the Internet and should be constructed securely given the privacy-sensitive nature of personal data.
This work tackles the research problem of distributed, privacy-preserving directory publication, with strong security and practical efficiency. For proven security, we follow the protocols of secure multi-party computations (MPC). For efficiency, we propose a pre-computation framework that minimizes the private computation and conducts aggressive pre-computation on public data. Several pre-computation policies are proposed with varying degrees of aggressiveness. For systems-level efficiency, the pre-computation is implemented with data parallelism on general-purpose graphics processing units (GPGPU).We apply the proposed scheme to real health-care scenarios for constructing patient-locator services in emerging Health Information Exchange (or HIE) networks.
We conduct extensive performance studies on real datasets and with an implementation based on open-source MPC software. With experiments on local and geo-distributed settings, our performance results show that the proposed pre-computation achieves a speedup of more than an order of magnitude without security loss.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
References
CommonWell. http://www.commonwellalliance.org/
Directive 95/46/EC of the European parliament and of the council
GaHIN. http://www.gahin.org/
HealthEConnections. http://www.healtheconnections.org/rhio
http://health.usnews.com/best-hospitals/area/new-york-ny/specialty
NHIN Connect. http://www.connectopensource.org/
NHIN. https://www.healthit.gov
OpenEMPI. http://www.openempi.org/
Percy++/PIR in C++. http://percy.sourceforge.net/
2015 IEEE Symposium on Security and Privacy, SP 2015, San Jose, CA, USA, 17–21 May 2015. IEEE Computer Society (2015)
Asharov, G., Lindell, Y., Schneider, T., Zohner, M.: More efficient oblivious transfer and extensions for faster secure computation. In: 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS 2013, 4–8 November 2013, Berlin, Germany, pp. 535–548 (2013)
Bater, J., Elliott, G., Eggen, C., Goel, S., Kho, A.N., Duggan, J.: SMCQL: secure query processing for private data networks. CoRR, abs/1606.06808 (2016)
Bawa, M., Bayardo Jr., R.J., Agrawal, R., Vaidya, J.: Privacy-preserving indexing of documents on the network. VLDB J. 18(4), 837–856 (2009)
Bawa, M., Bayardo Jr, R.J., Agrawal, R.: Privacy-preserving indexing of documents on the network. In: VLDB, pp. 922–933 (2003)
Bellare, M., Hoang, V.T., Keelveedhi, S., Rogaway, P.: Efficient garbling from a fixed-key blockcipher. In: 2013 IEEE Symposium on Security and Privacy, SP 2013, 19–22 May 2013, Berkeley, CA, USA, pp. 478–492. IEEE Computer Society (2013)
Ben-David, A., Nisan, N., Pinkas, B.: Fairplaymp: a system for secure multi-party computation. In: Ning, P., Syverson, P.F., Jha, S. (eds.) ACM Conference on Computer and Communications Security, pp. 257–266. ACM (2008)
Bogdanov, D., Laur, S., Willemson, J.: Sharemind: a framework for fast privacy-preserving computations. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol. 5283, pp. 192–206. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-88313-5_13
Burkhart, M., Strasser, M., Many, D., Dimitropoulos, X.: SEPIA: privacy-preserving aggregation of multi-domain network events and statistics. In: Proceedings of 19th USENIX Security Symposium, 11–13 August 2010, Washington, DC, USA, pp. 223–240. USENIX Association (2010)
Cao, J., Rao, F., Bertino, E., Kantarcioglu, M.: A hybrid private record linkage scheme: Separating differentially private synopses from matching records. In: 31st IEEE International Conference on Data Engineering, ICDE 2015, 13–17 April 2015, Seoul, South Korea, pp. 1011–1022 (2015)
Choi, S.G., Hwang, K.W., Katz, J., Malkin, T., Rubenstein, D.: Secure multi-party computation of boolean circuits with applications to privacy in on-line marketplaces. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 416–432. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-27954-6_26
Choi, S.G., Katz, J., Kumaresan, R., Zhou, H.-S.: On the security of the “Free-XOR” technique. In: Cramer, R. (ed.) TCC 2012. LNCS, vol. 7194, pp. 39–53. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-28914-9_3
Cramer, R., Damgård, I., Nielsen, J.B.: Secure Multiparty Computation and Secret Sharing. Cambridge University Press, Cambridge (2015)
Damgård, I., Keller, M., Larraia, E., Pastro, V., Scholl, P., Smart, N.P.: Practical covertly secure MPC for dishonest majority – or: breaking the SPDZ limits. In: Crampton, J., Jajodia, S., Mayes, K. (eds.) ESORICS 2013. LNCS, vol. 8134, pp. 1–18. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40203-6_1
Demmler, D., Dessouky, G., Koushanfar, F., Sadeghi, A.R., Schneider, T., Zeitouni, S.: Automated synthesis of optimized circuits for secure computation. In: Ray, I. Li, N., Kruegel, C. (eds.) Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 12–6 October 2015, Denver, CO, USA, pp. 1504–1517. ACM (2015)
Demmler, D., Schneider, T., Zohner, M.: Aby - a framework for efficient mixed-protocol secure two-party computation. In: Network and Distributed System Security Symposium, NDSS 2015, February 2015
Du, W., Atallah, M.J.: Protocols for secure remote database access with approximate matching. In: Ghosh, A.K. (ed.) E-Commerce Security and Privacy. ADIS, vol. 2, pp. 87–111. Springer, Boston (2001). https://doi.org/10.1007/978-1-4615-1467-1_6
Dwork, C., Kenthapadi, K., McSherry, F., Mironov, I., Naor, M.: Our data, ourselves: privacy via distributed noise generation. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 486–503. Springer, Heidelberg (2006). https://doi.org/10.1007/11761679_29
Dwork, C., McSherry, F., Nissim, K., Smith, A.: Calibrating noise to sensitivity in private data analysis. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 265–284. Springer, Heidelberg (2006). https://doi.org/10.1007/11681878_14
Eigner, F., Maffei, M., Pampaloni, F., Pryvalov, I., Kate, A.: Differentially private data aggregation with optimal utility. In: Proceedings of the 30th Annual Computer Security Applications Conference, ACSAC 2014, 8–12 December 2014, New Orleans, LA, USA, pp. 316–325 (2014)
Ferguson, N., Schneier, B., Kohno, T.: Cryptography Engineering - Design Principles and Practical Applications. Wiley, Hoboken (2010)
Franz, M., Holzer, A., Katzenbeisser, S., Schallhart, C., Veith, H.: CBMC-GC: an ANSI C compiler for secure two-party computations. In: Cohen, A. (ed.) CC 2014. LNCS, vol. 8409, pp. 244–249. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-54807-9_15
Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or a completeness theorem for protocols with honest majority. In: Aho, A.V. (ed.) Proceedings of the 19th Annual ACM Symposium on Theory of Computing, New York, New York, USA, pp. 218–229. ACM (1987)
Henecka, W., Kögl, S. K., Sadeghi, A.-R., Schneider, T., Wehrenberg, I.: Tasty: tool for automating secure two-party computations. In: ACM CCS, pp. 451–462 (2010)
Henry, R., Olumofin, F.G., Goldberg, I.: Practical PIR for electronic commerce. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS 2011, 17–21 October 2011, Chicago, Illinois, USA, pp. 677–690 (2011)
Huang, Y., Evans, D., Katz, J., Malka, L.: Faster secure two-party computation using garbled circuits. In: USENIX Security Symposium. USENIX Association (2011)
Ishai, Y., Kilian, J., Nissim, K., Petrank, E.: Extending oblivious transfers efficiently. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 145–161. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45146-4_9
Jagomägis, R.: Secrec: a privacy-aware programming language with applications in data mining
Jurczyk, P., Lu, J.J., Xiong, L., Cragan, J.D., Correa, A.: FRIL: a tool for comparative record linkage. In: American Medical Informatics Association Annual Symposium, AMIA 2008, 8–12 November 2008, Washington, DC, USA (2008)
Jurczyk, P., Lu, J.J., Xiong, L., Cragan, J.D., Correa, A.: FRIL: a tool for comparative record linkage. AMIA Annu. Symp. Proc. 2008, 440 (2008)
Kantarcioglu, M., Clifton, C.: Privacy-preserving distributed mining of association rules on horizontally partitioned data. IEEE Trans. Knowl. Data Eng. 16(9), 1026–1037 (2004)
Keller, M., Scholl, P.: Efficient, oblivious data structures for MPC. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8874, pp. 506–525. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45608-8_27
Kerschbaum, F.: Automatically optimizing secure computation. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS 2011, 17–21 October 2011, Chicago, Illinois, USA, pp. 703–714 (2011)
Kreuter, B., Shelat, A., Mood, B., Butler, K.R.: PCF: a portable circuit format for scalable two-party secure computation. In: Proceedings of the 22th USENIX Security Symposium, 14–16 August 2013, Washington, DC, USA, pp. 321–336 (2013)
Laud, P., Pankova, A.: Preprocessing-based verification of multiparty protocols with honest majority. IACR Cryptology ePrint Archive 2015:674 (2015)
LeFevre, K., DeWitt, D.J., Ramakrishnan, R.: Mondrian multidimensional k-anonymity. In: Liu et al. [53], p. 25 (2006)
Li, N., Li, T., Venkatasubramanian, S.: t-closeness: Privacy beyond k-anonymity and l-diversity. In: Proceedings of the 23rd International Conference on Data Engineering, ICDE 2007, 15–20 April 2007, The Marmara Hotel, Istanbul, Turkey, pp. 106–115 (2007)
Liu, C., Wang, X.S., Nayak, K., Huang, Y., Shi, E.: Oblivm: a programming framework for secure computation. In: 2015 IEEE Symposium on Security and Privacy, SP 2015, 17–21 May 2015, San Jose, CA, USA [15], pp. 359–376 (2015)
Liu, L., Reuter, A. Whang, K., Zhang, J. (eds.): In: Proceedings of the 22nd International Conference on Data Engineering, ICDE 2006, 3–8 April 2006, Atlanta, GA, USA. IEEE Computer Society (2006)
Liu, Y.T.L.: Privacy-preserving multi-keyword search in information networks. IEEE Trans. Knowl. Data Eng. 27(9), 2424–2437 (2015)
Machanavajjhala, A., Gehrke, J., Kifer, D., Venkitasubramaniam, M.: l-diversity: privacy beyond k-anonymity. In: Liu et al. [53], p. 24 (2006)
Makulilo, A.B.: Asian Data Privacy Laws, Trade and Human Rights Perspective, By Graham Greenleaf, vol. 23, no. 3, pp. 322–324. I. J. Law and Information Technology (2015)
Malkhi, D., Nisan, N., Pinkas, B., Sella, Y.: Fairplay - secure two-party computation system. In: Blaze, M. (ed.) USENIX Security Symposium, pp. 287–302. USENIX (2004)
Martin, D.J., Kifer, D., Machanavajjhala, A., Gehrke, J., Halpern, J.Y.: Worst-case background knowledge for privacy-preserving data publishing. In: Proceedings of the 23rd International Conference on Data Engineering, ICDE 2007, 15–20 April 2007, The Marmara Hotel, Istanbul, Turkey, pp. 126–135 (2007)
McCamant, S., Ernst, M. D.: Quantitative information flow as network flow capacity. In: Proceedings of the ACM SIGPLAN 2008 Conference on Programming Language Design and Implementation, 7–13 June 2008, Tucson, AZ, USA, pp. 193–205 (2008)
Narayan, A., Haeberlen, A.: DJoin: differentially private join queries over distributed databases. In: OSDI, October 2012
Pettai, M., Laud, P.: Combining differential privacy and secure multiparty computation. In: Proceedings of the 31st Annual Computer Security Applications Conference, 7–11 December 2015, Los Angeles, CA, USA, pp. 421–430 (2015)
Rabin, M.O.: How to exchange secrets with oblivious transfer. IACR Cryptology ePrint Archive 2005:187 (2005)
Rastogi, A., Hammer, M.A., Hicks, M.: Wysteria: a programming language for generic, mixed-mode multiparty computations. In: 2014 IEEE Symposium on Security and Privacy, SP 2014, 18–21 May 2014, Berkeley, CA, USA, pp. 655–670. IEEE Computer Society (2014)
Seward, J., Nethercote, N., Weidendorfer, J.: Valgrind 3.3-Advanced Debugging and Profiling for GNU/Linux Applications. Network Theory Ltd., UK (2008)
Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)
Songhori, E.M., Hussain, S.U., Sadeghi, A.R., Schneider, T., Koushanfar, F.: Tinygarble: highly compressed and scalable sequential garbled circuits. In: 2015 IEEE Symposium on Security and Privacy, SP 2015, 17–21 May 2015, San Jose, CA, USA [15], pp. 411–428 (2015)
Sweeney, L.: K-anonymity: a model for protecting privacy. Int. J. Uncertain. Fuzziness Knowl.-Based Syst. 10(5), 557–570 (2002)
Tang, Y., Liu, L., Iyengar, A., Lee, K., Zhang, Q.: e-PPI: locator service in information networks with personalized privacy preservation. In: IEEE 34th International Conference on Distributed Computing Systems, ICDCS 2014, 30 June–3 July 2014, Madrid, Spain, pp. 186–197 (2014)
Tang, Y., Wang, T., Liu, L.: Privacy preserving indexing for ehealth information networks. In: CIKM, pp. 905–914 (2011)
Toth, C., Durham, E., Kantarcioglu, M., Xue, Y., Malin, B.: Soempi: A secure open enterprise master patient index software toolkit for private record linkage. In: AMIA Annual Symposium Proceedings, vol. 2014, p. 1105. American Medical Informatics Association (2014)
Vaidya, J., Clifton, C.: Privacy preserving association rule mining in vertically partitioned data. In: Proceedings of the Eighth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, 23–26 July 2002, Edmonton, Alberta, Canada, pp. 639–644 (2002)
Warner, S.L.: Randomized response: a survey technique for eliminating evasive answer bias. J. Am. Stat. Assoc. 60(309), 63–69 (1965)
Yao, A.C.: How to generate and exchange secrets (extended abstract). In: 27th Annual Symposium on Foundations of Computer Science, 27–29 October 1986, Toronto, Canada, pp. 162–167. IEEE Computer Society (1986)
Zerr, S., Demidova, E., Olmedilla, D., Nejdl, W., Winslett, M., Mitra, S.: Zerber: r-confidential indexing for distributed documents. In: EDBT, pp. 287–298 (2008)
Zhang, Y., Steele, A., Blanton, M.: PICCO: a general-purpose compiler for private distributed computation. In: 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS 2013, 4–8 November 2013, Berlin, Germany, pp. 813–826 (2013)
Acknowledgement
The authors would thank anonymous reviewers for their constructive suggestions. The first three authors were supported by the Cyber Research Institute in Rome, NY, under Grant Number #28254. Shuang Wang was supported by NIH R00HG008175.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Areekijseree, K., Tang, Y., Chen, J., Wang, S., Iyengar, A., Palanisamy, B. (2018). Secure and Efficient Multi-Party Directory Publication for Privacy-Preserving Data Sharing. In: Beyah, R., Chang, B., Li, Y., Zhu, S. (eds) Security and Privacy in Communication Networks. SecureComm 2018. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 254. Springer, Cham. https://doi.org/10.1007/978-3-030-01701-9_5
Download citation
DOI: https://doi.org/10.1007/978-3-030-01701-9_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-01700-2
Online ISBN: 978-3-030-01701-9
eBook Packages: Computer ScienceComputer Science (R0)