Graduation Year

2020

Document Type

Dissertation

Degree

Ph.D.

Degree Name

Doctor of Philosophy (Ph.D.)

Degree Granting Department

Computer Science and Engineering

Major Professor

Attila A. Yavuz, Ph.D.

Committee Member

Jean-François Biasse, Ph.D.

Committee Member

Morris Chang, Ph.D.

Committee Member

Jay Ligatti, Ph.D.

Committee Member

Xinming (Simon) Ou, Ph.D.

Committee Member

Mike Rosulek, Ph.D.

Keywords

oblivious ram, privacy-enhancing technologies, secure computation

Abstract

Information systems generally involve storage and analytics of large-scale data, many of which may be highly sensitive (e.g., personal information, medical records). It is vital to ensure that these systems not only provide essential functionalities at large scale efficiently but also achieve a high level of security against cyber threats. However, there are significant research challenges in offering security and privacy for such information systems while preserving their original functionalities (e.g., search, analytics) effectively. Hence, there is a critical need for efficient cryptographic protocols that can address data privacy vs. utilization dilemma for real-life applications.

In this dissertation, we introduce a new series of privacy-enhancing technologies toward enabling breach-resilient and functional information systems. We focus on privacy-preserving data outsourcing applications featuring critical functionalities such as data query, accessibility and analytics. Specifically, we designed new dynamic searchable encryption schemes that permit the client to perform encrypted search and update queries on the encrypted data. We proposed new distributed oblivious access frameworks that allow the client to access and compute over the outsourced data efficiently without leaking the access pattern, thereby achieving a very high level of privacy in the presence of powerful adversaries. Finally, we built several privacy-preserving data storage and query

platforms, which harness Trusted Execution Environment to enable critical functionalities (e.g., search, update, concurrent access), security (e.g., access control, integrity) and privacy properties (e.g., access pattern obliviousness) in a highly efficient manner (i.e., high throughput, low delay).

Share

COinS