Obfuscating data for cloud privacy Miranda Mowbray and Siani Pearson HP Labs Bristol Image by Scott Robinson,  http://www....
Cloud computing: privacy issues <ul><li>Your data is present unencrypted in the cloud </li></ul><ul><ul><li>Threat of thef...
Scenario: sales force automation <ul><li>Business stores sales data on service provider’s computers </li></ul><ul><li>Uses...
  Querying an obfuscated sales database
  Querying an obfuscated sales database
  Querying an obfuscated sales database
  Querying an obfuscated sales database
  Querying an obfuscated sales database
  Querying an obfuscated sales database
  Querying an obfuscated sales database
Good news, bad news <ul><li>can help keep your data private  even if you don’t trust the service provider  </li></ul><ul><...
Status <ul><li>Proof-of-concept demos for 2 scenarios </li></ul><ul><li>Not an HP product (yet) </li></ul><ul><li>Not pate...
Upcoming SlideShare
Loading in …5
×

Miranda Mowbray "Obfuscating data for cloud privacy"

1,634 views

Published on

Miranda Mowbray's lightning talk at CloudCamp London #4 9th July 2009 see video at http://skillsmatter.com/podcast/cloud-grid/breako

Published in: Technology, News & Politics
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,634
On SlideShare
0
From Embeds
0
Number of Embeds
11
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Sherlock Holmes
  • Sherlock Holmes
  • Sherlock Holmes
  • Sherlock Holmes
  • . Sherlock Holmes
  • Sherlock Holmes
  • Sherlock Holmes
  • Sherlock Holmes
  • Sherlock Holmes
  • For some applications, you can use obfuscation with no cooperation from the service provider. They don’t need to change their code. They only receive data in obfuscated from, so they can’t misuse the private data even if they want to. The service provider may not be able to tell that the data that you input is obfuscated. Mention privacy-preserving data mining and Benny Pinkas when you mention Yao’s protocol Not only may user’s computing resources be limited, also the service provider may not be willing to change the coding of their application to use these types of protocols Although obfuscation isn’t practical for all applications, we’ve looked at Salesforce.com’s sales force animation suite, and we believe that 80 out of the 87 applications that Salesforce offers could be provided in an obfuscated fashion. The ones that can’t either allow arbitrary functions of data to be caluclated, or send marketing emails from Salesforce’s own servers, which means that unless you use a privacy infomediary you have to tell Salesforce.com the email list to send them to. In general we believe that there are probably a large number of applications which can work with obfuscated input data that reveals no private information. When obfuscation isn’t the whole solution, it may be part of the solution; for example, you may be able to obfuscate some data entries but not others. To protect the data you can’t obfuscate, you can use the other features. The next scenario gives an example of this.
  • Trusted platform modules bootstrap security from tamper-resistant hardware. They can check that no-one’s tampered with the privacy manager software, and also allow you to build up trust with a service provider or infomediary by enabling you to be sure that you’re talking to the same entity each time.
  • Miranda Mowbray "Obfuscating data for cloud privacy"

    1. 1. Obfuscating data for cloud privacy Miranda Mowbray and Siani Pearson HP Labs Bristol Image by Scott Robinson, http://www.flickr.com/photos/clearlyambiguous/17932076
    2. 2. Cloud computing: privacy issues <ul><li>Your data is present unencrypted in the cloud </li></ul><ul><ul><li>Threat of theft </li></ul></ul><ul><ul><li>Or unauthorized reuse </li></ul></ul><ul><li>Legal restrictions on cloud use for personal data </li></ul><ul><ul><li>UK data protection act 1998: notification, accuracy, marketing opt-out, special treatment of sensitive data, limits on cross-border data transfer, security </li></ul></ul>
    3. 3. Scenario: sales force automation <ul><li>Business stores sales data on service provider’s computers </li></ul><ul><li>Uses service provider’s software to query data </li></ul><ul><ul><li>Eg. top purchaser of product X </li></ul></ul><ul><ul><li>Eg. breakdown of last week’s sales by region </li></ul></ul><ul><li>Our solution: </li></ul><ul><ul><li>obfuscate data before sending it to the cloud </li></ul></ul><ul><ul><li>eg. multiply prices by a secret factor, encrypt customer names, shift dates by a secret amount </li></ul></ul><ul><ul><li>Data is never present in the cloud in the clear: fewer dangers for data subject, fewer legal requirements for service provider </li></ul></ul>
    4. 4. Querying an obfuscated sales database
    5. 5. Querying an obfuscated sales database
    6. 6. Querying an obfuscated sales database
    7. 7. Querying an obfuscated sales database
    8. 8. Querying an obfuscated sales database
    9. 9. Querying an obfuscated sales database
    10. 10. Querying an obfuscated sales database
    11. 11. Good news, bad news <ul><li>can help keep your data private even if you don’t trust the service provider </li></ul><ul><li> not practical for all applications </li></ul><ul><ul><li>in theory, could use secure multiparty communication protocols (Yao ’86), privacy-preserving data mining (Pinkas + Lindell ’02), fully homogeneous encryption (Gentry ’09) </li></ul></ul><ul><ul><li>in practice user’s resources are limited </li></ul></ul><ul><ul><li>but, practical for several useful applications </li></ul></ul><ul><li>not secure against all attacks </li></ul><ul><ul><li>but, at least your data isn’t in the clear in the cloud </li></ul></ul>
    12. 12. Status <ul><li>Proof-of-concept demos for 2 scenarios </li></ul><ul><li>Not an HP product (yet) </li></ul><ul><li>Not patented </li></ul><ul><li>More info: miranda.mowbray @ hp.com </li></ul>

    ×