- Design a system architecture for access, search, and computation of encrypted data in the cloud under a new security threat model.
- Study techniques for efficient access and search of encrypted data in the cloud.
- Study techniques for efficient outsourced computation of encrypted data in the cloud.
- Develop software toolkits and proof of concept demonstrations.
Existing Solutions and Their Limitations
- Traditional access control models assume the servers are fully trusted and hence not suitable in heterogeneous computing environments such as the cloud.
- Fully homomorphic encryption (FHE) allows a cloud server to perform computation on encrypted data but with huge overhead.
- Mid-term: System design and implementation for access and search of encrypted data in the cloud.
- Final: System design and implementation for secure outsourced computation of encrypted data in the cloud.
Practical Applications and Impact
- Secure cloud data storage
- Data localization and access control
- Privacy-preserved machine learning
- Cloud service provider is assumed to be honest-but-curious, i.e., provides storage and computation services honestly but is persistently interested in learning users' sensitive information.
- End-to-end data privacy protection for data users.