Back to Search Start Over

C3PO: <u>C</u> loud-based <u>C</u> onfidentiality-preserving <u>C</u> ontinuous Query <u>P</u> r <u>o</u> cessing

Authors :
EugsterPatrick
SavvidesSavvas
StephenJulian James
KumarSeema
Source :
ACM Transactions on Privacy and Security. 25:1-36
Publication Year :
2021
Publisher :
Association for Computing Machinery (ACM), 2021.

Abstract

With the advent of the Internet of things (IoT), billions of devices are expected to continuously collect and process sensitive data (e.g., location, personal health factors). Due to the limited computational capacity available on IoT devices, the current de facto model for building IoT applications is to send the gathered data to the cloud for computation. While building private cloud infrastructures for handling large amounts of data streams can be expensive, using low-cost public (untrusted) cloud infrastructures for processing continuous queries including sensitive data leads to strong concerns over data confidentiality. This article presents C3PO, a confidentiality-preserving, continuous query processing engine, that leverages the public cloud. The key idea is to intelligently utilize partially homomorphic and property-preserving encryption to perform as many computationally intensive operations as possible—without revealing plaintext—in the untrusted cloud. C3PO provides simple abstractions to the developer to hide the complexities of applying complex cryptographic primitives, reasoning about the performance of such primitives, deciding which computations can be executed in an untrusted tier, and optimizing cloud resource usage. An empirical evaluation with several benchmarks and case studies shows the feasibility of our approach. We consider different classes of IoT devices that differ in their computational and memory resources (from a Raspberry Pi 3 to a very small device with a Cortex-M3 microprocessor) and through the use of optimizations, we demonstrate the feasibility of using partially homomorphic and property-preserving encryption on IoT devices.

Details

ISSN :
24712574 and 24712566
Volume :
25
Database :
OpenAIRE
Journal :
ACM Transactions on Privacy and Security
Accession number :
edsair.doi...........51226ad9cc30daaa5375fc1b9648d7e4
Full Text :
https://doi.org/10.1145/3472717