sesa 19(19): e5

Research Article

Privacy-Preserving Multi-Party Directory Services

Download85 downloads
  • @ARTICLE{10.4108/eai.29-7-2019.159627,
        author={Yuzhe  Tang and Kai  Li and Katchaguy  Areekijseree and Shuigeng  Zhou and Liting  Hu},
        title={Privacy-Preserving Multi-Party Directory Services},
        journal={EAI Endorsed Transactions on Security and Safety},
        volume={6},
        number={19},
        publisher={EAI},
        journal_a={SESA},
        year={2019},
        month={1},
        keywords={Secure Multi-party Computation, Public Directory, Background-knowledge Attacks},
        doi={10.4108/eai.29-7-2019.159627}
    }
    
  • Yuzhe Tang
    Kai Li
    Katchaguy Areekijseree
    Shuigeng Zhou
    Liting Hu
    Year: 2019
    Privacy-Preserving Multi-Party Directory Services
    SESA
    EAI
    DOI: 10.4108/eai.29-7-2019.159627
Yuzhe Tang1,*, Kai Li1, Katchaguy Areekijseree1, Shuigeng Zhou2, Liting Hu3
  • 1: Department of EECS, Syracuse University, NY, USA
  • 2: School of Computer Science, Fudan University, China
  • 3: School of Computing and Information Sciences, Florida International University, FL, USA
*Contact email: ytang100@syr.edu

Abstract

In the era of big data, the data-processing pipeline becomes increasingly distributed among multiple sites. To connect data consumers with remote producers, a public directory service is essential. This is evidenced by adoption in emerging applications such as electronic healthcare. This work systematically studies the privacy-preserving and security hardening of a public directory service. First, we address the privacy preservation of serving a directory over the Internet. With Internet eavesdroppers performing attacks with background knowledge, the directory service has to be privacy preserving, for the compliance with data-protection laws (e.g., HiPAA). We propose techniques to adaptively inject noises to the public directory in such a way that is aware of application-level data schema, effectively preserving privacy and achieving high search recall. Second, we tackle the problem of securely constructing the directory among distrusting data producers. For provable security, we model the directory construction problem by secure multi-party computations (MPC). For efficiency, we propose a pre-computation framework that minimizes the private computation and conducts aggressive pre-computation on public data. In addition, we tackle the systems-level efficiency by exploiting data-level parallelism on general-purpose graphics processing units (GPGPU). We apply the proposed scheme to real health-care scenarios for constructing patient-locator services in emerging Health Information Exchange (or HIE) networks. For privacy evaluation, we conduct extensive analysis of our noise-injecting techniques against various background-knowledge attacks. We conduct experiments on real-world datasets and demonstrate the low attack success rate for the protection effectiveness. For performance evaluation, we implement our MPC optimization techniques on open-source MPC software. Through experiments on local and geo-distributed settings, our performance results show that the proposed pre-computation achieves a speedup of more than an order of magnitude without security loss.