Building Confidential and Efficient Query

Services in the Cloud with RASP Data

Perturbation
ABSTRACT
With the wide deployment of public cloud computing infrastructures, using clouds to host
data query services has become an appealing solution for the advantages on scalability and cost-
saving. However, some data might be sensitive that the data owner does not want to move to the
cloud unless the data confidentiality and query privacy are guaranteed. On the other hand, a
secured query service should still provide efficient query processing and significantly reduce the
in-house workload to fully realize the benefits of cloud computing. We propose the !"# data
perturbation method to provide secure and efficient range query and k$$ query services for
protected data in the cloud. %he !"# data perturbation method combines order preserving
encryption, dimensionality e&pansion, random noise in'ection, and random pro'ection, to provide
strong resilience to attacks on the perturbed data and queries. (t also preserves multidimensional
ranges, which allows e&isting inde&ing techniques to be applied to speedup range query
processing. %he k$$- algorithm is designed to work with the !"# range query algorithm to
process the k$$ queries. We have carefully analyzed the attacks on data and queries under a
precisely defined threat model and realistic security assumptions. )&tensive e&periments have
been conducted to show the advantages of this approach on efficiency and security.
Existing Syste
GLOBALSOFT TECHNOLOGIES
IEEE PROJECTS & SOFTWARE DEVELOPMENTS
IEEE FINAL YEAR PROJECTS|IEEE ENGINEERING PROJECTS|IEEE STUDENTS PROJECTS|IEEE
BULK PROJECTS|BE/BTECH/ME/MTECH/MS/MCA PROJECTS|CSE/IT/ECE/EEE PROJECTS
CELL: +91 9!9" #9$"% +91 99&&' #"(% +91 9!9" "(9$% +91 9($1! !$!$1
V)*)+: ,,,-.)/012304546738+*-649 M0)1 +6:)333.)/01*3:546738+*;9:0)1-86:
GLOBALSOFT TECHNOLOGIES
IEEE PROJECTS & SOFTWARE DEVELOPMENTS
IEEE FINAL YEAR PROJECTS|IEEE ENGINEERING PROJECTS|IEEE STUDENTS PROJECTS|IEEE
BULK PROJECTS|BE/BTECH/ME/MTECH/MS/MCA PROJECTS|CSE/IT/ECE/EEE PROJECTS
CELL: +91 9!9" #9$"% +91 99&&' #"(% +91 9!9" "(9$% +91 9($1! !$!$1
V)*)+: ,,,-.)/012304546738+*-649 M0)1 +6:)333.)/01*3:546738+*;9:0)1-86:
With the wide deployment of public cloud computing infrastructures, using clouds to host
data query services has become an appealing solution for the advantages on scalability and cost-
saving. However, some data might be sensitive that the data owner does not want to move to the
cloud unless the data confidentiality and query privacy are guaranteed. On the other hand, a
secured query service should still provide efficient query processing and significantly reduce the
in-house workload to fully realize the benefits of cloud computing.
Disadvantages
*. !dversaries, such as curious service providers, can possibly make a copy of the database
or eavesdrop users+ queries, which will be difficult to detect and prevent in the cloud
infrastructures.
Pro!osed Syste
We propose the !ndom "pace #erturbation ,!"#- approach to constructing practical
range query and k-nearest-neighbor ,k$$- query services in
the cloud. %he proposed approach will address all the . four aspects of the /#)0 criteria and aim
to achieve a good balance on them. %he basic idea is to randomly
transform the multidimensional datasets with a combination of order preserving encryption,
dimensionality e&pansion, random noise in'ection, and random pro'ect, so that the utility for
processing range queries is preserved. %he !"# perturbation is designed in such a way that the
queried ranges are securely transformed into polyhedra in the !"#-perturbed data space, which
can be efficiently processed with the support of inde&ing structures in the perturbed space. %he
!"# k$$ query service ,k$$-- uses the !"# range query service to process k$$ queries.
%he key components in the !"# framework include ,*- the definition and properties of !"#
perturbation1 ,.- the construction of the privacy-preserving range query services1 ,2- the
construction of privacy-preserving k$$ query services1 and ,3- an analysis of the attacks on the
!"#-protected data and queries.
Advantages"
*. %he !"# perturbation is a unique combination of O#), dimensionality e&pansion,
random noise in'ection, and random pro'ection, which provides strong confidentiality
guarantee.
.. %he proposed service constructions are able to minimize the in-house processing
workload because of the low perturbation cost and high precision query results. %his is an
important feature enabling practical cloud-based solutions.
ARC#$TECT%RE "
$&P'E&E(TAT$)(
(mplementation is the stage of the pro'ect when the theoretical design is turned out
into a working system. %hus it can be considered to be the most critical stage in achieving a
successful new system and in giving the user, confidence that the new system will work and
be effective.
%he implementation stage involves careful planning, investigation of the e&isting
system and it+s constraints on implementation, designing of methods to achieve changeover
and evaluation of changeover methods.
&ain &odules"*
1. %ser &odule "
(n this module, 4sers are having authentication and security to access the detail which is
presented in the ontology system. 5efore accessing or searching the details user should have the
account in that otherwise they should register first.
.. &ultidiensional $ndex Tree "
6ost multidimensional inde&ing algorithms are derived from -tree like algorithms ,
where the a&is-aligned minimum bounding region ,65- is the construction block for inde&ing
the multidimensional data. 7or .8 data, an 65 is a rectangle. 7or higher dimensions, the shape
of 65 is e&tended to hyper-cube. the 65s in the -tree for a .8 dataset, where each node is
bounded by a node 65. %he -tree range query algorithm compares the 65 and the queried
range
to find the answers.
+, Perforance of -((*R Query Processing "
(n this set of e&periments, we investigate several aspects of k$$ query processing. ,*-
We will study the cost of ,k, 9--ange algorithm, which mainly contributes to the server-side
cost. ,.- We will show the overall cost distribution over the cloud side and the pro&y server. ,2-
We will show the advantages of k$$- over another popular approach: the /asper approach for
privacy-preserving k$$ search.
.,Preserving Query Privacy "
#rivate information retrieval ,#(- tries to fully preserve the privacy of access pattern,
while the data may not be encrypted. #( schemes are normally very costly. 7ocusing on the
efficiency side of #(, Williams et al. use a pyramid hash inde& to implement efficient privacy
preserving data-block operations based
on the idea of Oblivious !6. (t is different from our setting of high throughput range query
processing. Hu et al. addresses the query privacy problem and requires the authorized query
users, the data owner, and the cloud to collaboratively process k$$ queries. However, most
computing tasks are done in the user+s local system with heavy interactions with the cloud server.
%he cloud server only aids query processing, which does not meet the principle of moving
computing to the cloud.
Syste Configuration"*
#/0 Syste Configuration"*
#rocessor - #entium ;(((
"peed - *.* <hz
!6 - .=> 65,min-
Hard 8isk - .? <5
7loppy 8rive - *.33 65
@ey 5oard - "tandard Windows @eyboard
6ouse - %wo or %hree 5utton 6ouse
6onitor - "A<!

S/0 Syste Configuration"*
Operating "ystem :WindowsB=CBDC.???CE#
!pplication "erver : %omcat=.?C>.E
7ront )nd : H%60, Fava, Fsp
"cripts : Fava"cript.
"erver side "cript : Fava "erver #ages.
8atabase : 6ysql =.?
8atabase /onnectivity : F85/.
Conclusion "
We propose the !"# perturbation approach to hosting query services in the cloud,
which satisfies the /#)0 criteria: data /onfidentiality, query #rivacy, )fficient query processing,
and 0ow in-house workload. %he requirement on low in-house workload is a critical feature to
fully realize the benefits of cloud *= computing, and efficient query processing is a key measure
of the quality of query services.
!"# perturbation is a unique composition of O#), dimensionality e&pansion, random noise
in'ection, and random pro'ection, which provides unique security features. (t aims to preserve the
topology of the queried range in the perturbed space, and allows to use indices for efficient range
query processing. With the topology-preserving features, we are able to develop efficient range
query services to achieve sublinear time comple&ity of processing queries. We then develop the
k$$ query service based on the range query service. %he security of both the perturbed data and
the protected queries is carefully analyzed under a precisely defined threat model. We also
conduct several sets of e&periments to show the efficiency of query processing and the low cost
of in-house processing. We will continue our studies on two aspects: ,*- further improve the
performance of query processing for both range queries and k$$ queries1 ,.- formally analyze
the leaked query and access patterns and the possible effect on both data and query
confidentiality.