We presented at the 4th IEEE International Conference on Information Privacy, Security, Risk and Trust (PASSAT 2012) the paper entitled “Privacy-Preserving Techniques and System for Streaming Databases”, By Anderson Santana de Oliveira, Florian Kerschbaum, Hoon Wei Lim, Su-Yang Yu.
Streaming databases and other distributed, event-based systems are very useful tools for business and security applications. When event sources and event processing are distributed across multiple distinct domains, confidentiality and privacy issues emerge. These can be addressed by a number of cryptographic techniques. In this paper we consider high-performance symmetric encryption techniques. We build a system for privacy-preserving event correlation and evaluate the performance of its techniques. We demonstrate efficient privacy-preserving event correlation using equality tests, greater-than comparisons and range queries over encrypted data. The results indicate that in comparable settings, it is therefore recommended to employ these techniques to address pertinent security and privacy concerns.
Context and Summary of the Results
Streaming databases allow efficiently processing events, i.e. single database tuples. In a distributed event-based system, data sources (signalers) are constantly generating event data that need to be rapidly consumed by data sinks (also called event processors, CEP). Complex event processing (CEP) helps aggregate single, stateless events into complex, stateful events. They have many applications, e.g. in supply chain execution, intrusion detection, and monitoring cloud computing resource consumption, to mention a few applications. The animation below illustrates how data sources and data sinks interact to produce correlated data.
In a distributed setting, confidentiality or — in case of personal-related data — privacy concerns arise between parties. Event sources may not want to reveal their event data to the event processor. This may even be necessitated by privacy legislation, such as the Health Insurance Portability and Accountability Act Privacy Rule, the Data Protection Act, or the Fair Credit Reporting Act. Yet, the event processor must still be able to infer complex events, e.g. a counterfeit item or a coordinated network attack.
This conflict can be solved using a number of techniques. Secure computation allows the distributed computation of any function (with a public output) while preserving the privacy and confidentiality of the inputs. Public key homomorphic encryption allows the computation of any function on encrypted inputs (with an encrypted output). Yet, all of these techniques generally suffer from poor computational performance, or require bi-directional communication between event sources and processor. They impose a high overhead when handling high event arrival rates, being inappropriate to several applications.
In this paper we therefore consider high-performance symmetric encryption techniques, i.e. of practical interest, for privacy-preserving event correlation. These techniques enable a non-interactive evaluation of the query at the event processor and thus perform significantly better in WAN settings than their interactive alternatives. The basic approach is to not modify the event processing engine, but only enable existing queries to run on encrypted data. The next animation motivates our approach, showing how we eliminate the need for cryptographic operations at the CEP level:
We have investigated the performance penalty of these techniques and built a prototypical system implementing them. Hence, we allow the choice of its use according to application-specific constraints. Such a choice is a typical instance of a performance vs. security trade-off.