Privacy-enhancing mechanisms for securing data access and analysis

Abstract

Data has been widely recognized as one of the most valuable assets that can be utilized to make dynamic decisions, improve service quality, optimize business operations and reduce costs. Most organizations are becoming more data-driven and leverage emerging technologies (e.g., the Internet of Things (IoT), cloud services, and machine learning) more frequently for collecting, storing, and analyzing data to provide better services to individuals. However, this also places new challenges on the protection of individual privacy. As with the widespread adoption of these emerging technologies, it becomes much easier to get unauthorized data access, infer and disclose sensitive personal information during the storage and analysis of data. Therefore, due to the capability to improve privacy, Privacy-enhancing Technologies (PETs) have received much attention from academic researchers, industry practitioners, and government regulators. In this thesis, we mainly focus on the mechanisms integrating PETs for securing data access and analysis. Firstly, to protect data security and improve the access control system for cloud storage, we propose a blockchain-based approach that distributes the access control tasks for authentication, authorization, and auditing to a distributed network of nodes. In particular, the auditing records are kept in the transparent blockchain. We propose different protocols for access control generation and verification, and design the corresponding transaction structures. In addition, Shamir's secret sharing scheme is employed to manage the encryption key for cloud users. Secondly, to prevent data leakage in federated learning for data analysis as well as enhance the quality of the Federated Learning (FL) model, we propose a privacy-enhanced FL scheme, based on cryptographic mechanisms. This scheme allows both data significance evaluation and weighted aggregation of local models in a privacy-preserving manner. Experimental results show that our scheme is practical and secure. Considering the FL participants are inevitably resource-constrained mobile devices, they may drop out of the system due to their mobility nature. To further improve the resilience of privacy-preserving aggregation, we propose a scalable privacy-preserving aggregation scheme that can tolerate dropout by participants at any time, and is secure against both semi-honest and active malicious adversaries by setting proper system parameters. By replacing communication-intensive building blocks with a seed homomorphic pseudo-random generator, and relying on the additive homomorphic property of Shamir's secret sharing scheme, our scheme achieves a significantly smaller cost and provides stronger dropout-resilience than existing schemes. The simplicity of our scheme makes it attractive both for implementation and for further improvements.