| NSF Org: |
CNS Division Of Computer and Network Systems |
| Recipient: |
|
| Initial Amendment Date: | July 7, 2015 |
| Latest Amendment Date: | August 1, 2016 |
| Award Number: | 1514520 |
| Award Instrument: | Standard Grant |
| Program Manager: |
Wei-Shinn Ku
CNS Division Of Computer and Network Systems CSE Directorate for Computer and Information Science and Engineering |
| Start Date: | July 15, 2015 |
| End Date: | June 30, 2020 (Estimated) |
| Total Intended Award Amount: | $600,007.00 |
| Total Awarded Amount to Date: | $616,007.00 |
| Funds Obligated to Date: |
FY 2016 = $16,000.00 |
| History of Investigator: |
|
| Recipient Sponsored Research Office: |
201 PRESIDENTS CIR SALT LAKE CITY UT US 84112-9049 (801)581-6903 |
| Sponsor Congressional District: |
|
| Primary Place of Performance: |
50 S Central Campus Drive Salt Lake City UT US 84112-9249 |
| Primary Place of
Performance Congressional District: |
|
| Unique Entity Identifier (UEI): |
|
| Parent UEI: |
|
| NSF Program(s): | Secure &Trustworthy Cyberspace |
| Primary Program Source: |
01001617DB NSF RESEARCH & RELATED ACTIVIT |
| Program Reference Code(s): |
|
| Program Element Code(s): |
|
| Award Agency Code: | 4900 |
| Fund Agency Code: | 4900 |
| Assistance Listing Number(s): | 47.070 |
ABSTRACT
Many organizations and individuals rely on the cloud to store their data and process their analytical queries. But such data may contain sensitive information. Not only do users want to conceal their data on a cloud, they may also want to hide analytical queries over their data, results of such queries, and data access patterns from a cloud service provider (that may be compromised either from within or by a third party).
This research designs and implements SEAL, a Secure Engine for AnaLytics over large data on a cloud. SEAL encrypts data using secure encryption schemes, but supports analytical operations through a new approach of building a meta-answer database. SEAL is developed within a security framework that allows specifying different levels of desired security. The design of SEAL in particular explores the tradeoff between security and efficiency, providing solutions with different provable security and efficiency features for a wide variety of analytical operations. Users are able to continue to enjoy the benefits a cloud has to offer, but now without the worry of losing sensitive information and with control over the security and efficiency tradeoff.
PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH
Note:
When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external
site maintained by the publisher. Some full text articles may not yet be available without a
charge during the embargo (administrative interval).
Some links on this page may take you to non-federal websites. Their policies may differ from
this site.
PROJECT OUTCOMES REPORT
Disclaimer
This Project Outcomes Report for the General Public is displayed verbatim as submitted by the Principal Investigator (PI) for this award. Any opinions, findings, and conclusions or recommendations expressed in this Report are those of the PI and do not necessarily reflect the views of the National Science Foundation; NSF has not approved or endorsed its content.
The main objective of the SEAL project is to design and develop novel query and analytical processing techniques that will enable efficient and scalable queries and analytics over large encrypted data. The project explores methods that are based on principled approach, so that users can reason about the security guarantees offered by the underlying system. To that end, the project has developed formal security models to quantify the tradeoff between security and efficiency. In particular, the project focuses on analytical jobs that can be expressed based on a few core operators such as similarity search and range queries. A secure analytical engine, that integrates the proposed techniques into the kernel of an analytical system, has been designed and implemented by this project. We also designed and implemented a fault tolerant oblivious storage system, where no servers or proxies are single points of failure. At the basis, this new system combines oblivious RAM with a fault tolerant key-value store. A open source library (SEAL-ORAM) has been released on Github.
This project has also explored other related secure crypto primitives, which includes secure multi-party computation protocols with minimal interaction pattern and with improved efficiency, as well as a new construction of Functional Encryption based on Learning With Errors (LWE),Bilinear maps, and a new assumption of the existence of certain weak pseudo-randomgenerators with simple structures.
This project has further investigated the issue of trust and integrity in SEAL. By integrating blockchain techniques with a database, this project designs and builds FalconDB which is a database fortified by blockchain to enable collaborative data sharing, data access, and data management.
The outcome of this project has helped bring the concept of secure data processing and secure data analytics into the mainstream and practical systems. This research also helps bridge the gap between providing formal security guarantees for data analytics and the efficiency and scalability challenges in executing secure analytical operators in practical systems for complex data analytics. The study of general cryptographic tools for private data processing has also positively impacted and helped advance the development of theoretical cryptography.
The research activities under this project do not directly bring impacts to other disciplines outside computer science, however, they enable the design and development of more efficient, more secure, and more practical secure data analytics that will lead to systems that are both secure and efficient forexecuting complex analytical tasks that are needed by different sectors in our society. These secure data analytics systems will ultimately enable new applications and infrastructures that will benefit the society as a whole.
Last Modified: 08/17/2020
Modified by: Feifei Li
Please report errors in award information by writing to: awardsearch@nsf.gov.
