In this paper, we investigate privacy-preserving query processing (P3Q) techniques on partitioned databases, where relational queries have to be executed on horizontal data partitions held by different data owners. In our scenario, data owners use Secure Multi-party Computation (SMC) to compute privacy-preserving queries on entire relation(s) without sharing their private partitions. Our solution is applicable to a subset of SQL query language called SQL−− including selection and equi-join queries. To nicely scale up with large size data, we show that computation and communication costs can be reduced via a novel bucketization technique. We consider the classical notion of query privacy, where the querier only learns query results (and what can be inferred from it), and data owners learn as little as possible (in a computational sense) about the query. To ensure such privacy, our technique involves a trusted party only at the beginning of the protocol execution. Experimental results on horizontally partitioned, distributed data show the effectiveness of our approach.
Privacy-Preserving Query Processing by Multi-Party Computation / M. Sepehri, S. Cimato, E. Damiani. - In: COMPUTER JOURNAL. - ISSN 0010-4620. - 58:10(2015 Oct), pp. 2195-2212. [10.1093/comjnl/bxu093]
Privacy-Preserving Query Processing by Multi-Party Computation
M. Sepehri;S. Cimato;E. Damiani
2015
Abstract
In this paper, we investigate privacy-preserving query processing (P3Q) techniques on partitioned databases, where relational queries have to be executed on horizontal data partitions held by different data owners. In our scenario, data owners use Secure Multi-party Computation (SMC) to compute privacy-preserving queries on entire relation(s) without sharing their private partitions. Our solution is applicable to a subset of SQL query language called SQL−− including selection and equi-join queries. To nicely scale up with large size data, we show that computation and communication costs can be reduced via a novel bucketization technique. We consider the classical notion of query privacy, where the querier only learns query results (and what can be inferred from it), and data owners learn as little as possible (in a computational sense) about the query. To ensure such privacy, our technique involves a trusted party only at the beginning of the protocol execution. Experimental results on horizontally partitioned, distributed data show the effectiveness of our approach.
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
