The document proposes a technique for privacy-preserving publishing of set-valued data on cloud computing. It extends the existing Extended Quasi Identifier Partitioning (EQI-partitioning) technique by incorporating l-diversity and k-anonymity to reduce information loss. A multi-level accessibility model is also developed to provide security based on user access levels. Identity-based proxy re-encryption is used to encrypt the data according to sensitivity values and provide access to different user levels. The proposed method aims to reduce information loss while improving security when outsourcing sensitive set-valued data to the cloud.

1. Jour of Adv Research in Dynamical & Control Systems, 05-Special Issue, July 2017
Efficient Technique for Privacy Preserving
Publishing of Set Valued Data on Cloud
G. Elavarasan, Ph.D (FT) Research Scholar, Department of Computer Science, Karpagam University Karpagam Academy of
Higher Education Coimbatore, Tamil Nadu, India.
Dr.S. Veni, Assistant Professor & Head, Department of Computer Science, Karpagam University Karpagam Academy of Higher
Education, Coimbatore, Tamil Nadu, India.
Abstract--- Cloud computing is an emerging technology to store, handle and access the huge volume of data from
anywhere and in anytime. The data in the cloud also contain private information and sensitive information. The
concerns of privacy breaches have hindered the development of cloud computing. A data partitioning technique
called as extended quasi identifier partitioning (EQI-partitioning)was proposed for privacy preserving in cloud
computing. The EQI partitioning technique disassociates the data records which participate in identifying
combinations. This technique guaranteed the privacy to cloud data. But this technique protects only the data privacy
and it does not considered the information loss and security of cloud data. In this paper, the information loss is
considered by using l-diversity and 𝑘𝑘 𝑚𝑚
anonymity in EQI partitioning scheme. In addition to that, a multi level
accessibility model is developed to provide the security based on the user’s level. The sensitivity value of data stored
in cloud computing is computed from the availability, integrity and confidentiality of data. Then identity based
proxy re-encryption scheme is used to provide the security for different level of users. Thus the proposed work
reduces the information loss and provides the security to data in the cloud. The experimental results are conduced to
prove the effectiveness of the proposed work in terms of average relative error, time, anonymization time and
information loss.
Keywords--- Cloud Computing, Privacy Preserving, k-anonymity, l-diversity, Extended Quasi Identifier
Partitioning, Multi Level Security.
I. Introduction
Cloud computing [1] is one of the most popular network computing and interesting paradigms. Through cloud
computing, the users can access a shared collection of configurable computing resources such as applications,
services, storage, and networks from anywhere and at anytime due to the on-demand self service for users. It brings
users a lot appealing benefits. The cloud service provider can handle the data which are stored in the cloud. So there
may be a chance to publish, stole or abuse the user sensitive data. This hampered the development of cloud
computing. There is different privacy and security concerns have been developed to prevent users from subscribing
the sensitive data in the cloud. These concerns include un trustiness, dynamic environment and uncensored new
services.
Privacy concerns arise whenever sensitive data is outsourced to the cloud. In such cases privacy preserving
techniques plays an important role to protect the sensitive data which are shared in the cloud environment.
Encryption, suppression and generalization techniques [2] are widely used privacy preserving techniques. In
encryption based privacy preserving technique, the cloud data are preserved by encrypting the data stored it in a
cipher form. Suppression based privacy preserving technique which diminishes the size of the database or the
content of the database. The generalization based privacy preserving technique mapped each attribute to more
general values. These privacy preserving techniques are not applicable for real world scenes because they would
leads large overhead and high information loss for data query.
A data partitioning technique called as extended quasi identifier partitioning (EQI-partitioning)[3] which makes
privacy aware set valued data publishing feasible on hybrid cloud. The EQI was proposed on the data publishing
phase of the hybrid cloud. This technique identifies the record items participate in combinations and disassociate
those records. By this process the cloud server cannot associate the high probability a record with the rare term
combinations. The privacy breaches from batch linear query, counting query, and linear query was resisted by using
different privacy at data querying stage. This technique guarantees the privacy preserving to cloud data. But this
technique does not consider the information loss and security model for cloud data.
In the proposed work, the information loss is considered along with the privacy preserving by applying l-
diversity method along with the 𝑘𝑘 𝑚𝑚
anonymity in EQI partitioning. It classified the data as public chunk and private
ISSN 1943-023X 120

2. Jour of Adv Research in Dynamical & Control Systems, 05-Special Issue, July 2017
chunk. Then for the data in the public and private chunk multi level accessibility model is provided by introducing a
multi level security framework. In the multi level framework, the sensitivity values are computed to provide the
security based on the user level. Based on the sensitivity value, identity based proxy re-encryption technique is
utilized to encrypt the data.
II. Literature Survey
Pan, Y., et al [4] proposed retrievable data perturbation method used in the privacy preserving in data
outsourcing in cloud computing and it also used to satisfy all requirements of three parties at the same time. In this
method an accurate noise was generated based on the proposed improved random generator. Following to that more
noise was added with the original data by introduced a perturbation algorithm. These processes hide the privacy
information but the covariance and mean of data remains unchanged. Then a retrieval algorithm was proposed to
obtain the original data and finally combined the access control and the retrievable perturbation process. The
perturbed data in this process is order sensitive it may affect the retrieving process which is the major disadvantage
of this method.
Rong, H., et al [5] focused on privacy preserving k-Nearest Neighbor (kNN)computation among multiple cloud
environments. Traditional secure outsourcing protocols are impractical for wider application. These issues were
addressed by proposed outsourced Collaborative kNN (OCkNN) and a set of secure building blocks. This method
allowed the user to encrypt the data with their user defined keys and it does not require any user server interactions
during the outsourcing stage. It provides high confidentiality to data and it is rapid enough for large volume of
datasets.
Zhou, J., et al [6] established a novel authorized accessible privacy model (AAPM) to keep the patients data
confidentiality and patient identity privacy. By initializing an access tree supporting flexible tree threshold
predicates the patients were effectively authorized. Based on this threshold a new technique was devised named as
attribute-based designated verifier signature and proposed patient self controllable multi-level privacy-preserving
cooperative authentication scheme (PSMPA). The PSMPA provided a three level of security and a privacy
requirement in a distributed cloud environment. But the security level of this method is depends on the threshold
value which is the major disadvantage of this method.
Liu, H., et al [7] proposed shared authority based privacy preserving authentication protocol which addressed
various problems involved about privacy of cloud storage data. The anonymous access request matching algorithm
with privacy and privacy considerations was utilized to address the privacy problems in cloud data. This can be
achieved by anonymous access request matching mechanism with privacy and privacy considerations. Then adopted
an attribute based access control that realized the user can accessed only their data fields only. Finally proxy data re-
encryption was applied which provide the data sharing among multiple users.
Pasupuleti, S. K., et al [8] proposed an efficient and secure privacy preserving approach for outsourced data in
the cloud computing. The files in the cloud were retrieved by employed a probabilistic public key encryption
technique to encrypt the data and invoked ranked keyword search over the encrypted data. The main intend of this
approach is to encrypt the data efficiently without sacrificing the data privacy in the cloud. This approach is failed to
efficient dynamic data operations and ranked keyword search over the encrypted data in the cloud.
Aldeen, Y. A. A. S., et al [9] proposed a new anonymization technique to obtain better privacy protection with
high data utility over incremental and distributed datasets on cloud computing. It realized the superior privacy
security with high utility datasets on cloud computing. The incremental anonymization technique was applied to
improve the security of data in cloud. The anonymized dataset are integrated in the cloud data which was performed
through the privacy preservation metric together along with the additional metrics like computation and storage.
Jung, T., et al [10] presented ananonymous privilege control scheme named as Anony Controlto address the data
privacy problem in cloud computing along with the user identity privacy issues in access control schemes. In this
scheme multiple authorities were used in the cloud computing system it achieved fine grained privilege control and
anonymous cloud data access. It protects user’s privacy against each single authority and it has capability to tolerate
against authority compromise and compromising of up to N-2 authority does not bring the whole system down. The
experiments are conducted with the fixed number of attributes the performance may vary for different number of
attributes.
Chen, R., et al [11]proposed a probabilistic top down partitioning algorithm to publish set valued data in the
framework of differential privacy. In this paper, it was demonstrated that the set valued data should be effectively
ISSN 1943-023X 121

3. Jour of Adv Research in Dynamical & Control Systems, 05-Special Issue, July 2017
released under differential privacy with guaranteed utility with the help of context free taxonomy trees. The
proposed algorithm created a differentially private release it increased linearly with input data size. The differential
privacy was achieved by demonstrating an efficient non iterative solution which was achieved by make use of the
underlying datasets. The running time of this method is high.
Terrovitis, M., et al [12] proposed an anonymization technique named as disassociation to preserve original
terms and it hides the fact that two or more terms present in the same record. This method protects the user privacy
by disassociating the records terms which present in identifying combinations. By doing this process, the adversary
cannot associate with high probability a record with a rare combination of terms. It provides protection against
identity disclosure. But the transformation of records in this method may leads to different types of information loss
in data.
Huang, Q. L., et al [13] proposed a secure and privacy preserving digital right management scheme to provide a
convenient way for content trading and sharing. This scheme used homomorphic encryption technique and it
allowed content provider to outsourced encrypted contents to centralized content server. It also allowed the user to
obtain contents with the licenses that was issued by the license server. Moreover, a secure content key distribution
scheme was provided based on theproxy re-encryption and additive homomorphic probabilistic public key
encryption. This scheme also achieved privacy preserving by allowing users to stay anonymous towards service
provider and key server. The major disadvantage of this method is high complexity.
III. Methodology
In this section the proposed method extended quasi-identifier-partitioning(EQI) with l diversity, user level
privacy preserving and identity encryption for privacy preserving was described in detail. The extended quasi-
identifier-partitioning with l diversity reduced the information loss in privacy preserving process. Moreover, the
multi level accessibility model is provided for data stored in cloud computing where the encryption is based on the
identity based encryption and proxy re-encryption. Thus the proposed methods provide an efficient privacy
preserving scheme with less information loss along with the high protection of data.
Extended Quasi-identifier Partitioning with l Diversity
EQI partitioning, hides infrequent term combinations in the original records by partitioning the original data into
smaller chunks. The EQI partitioning scheme partition the original data into P number of clusters. For EQI
partitioning, EQI identifying was introduced with a data structure𝐷𝐷 (𝐻𝐻, 𝑚𝑚(𝐻𝐻))called a concept where𝐻𝐻 ⊆ 𝑌𝑌 is
called the intension of concepts and |𝐻𝐻| represents the dimension of the intension, 𝑚𝑚(𝐻𝐻) ⊆ 𝑋𝑋called as extension of
concept which is composed of the record that contain the term set H. The concept sets U are classified over E(X, Y,
N) by the size of |H|, where𝑋𝑋 = {𝑥𝑥1, … , 𝑥𝑥𝑛𝑛 }, each 𝑥𝑥𝑖𝑖(𝑖𝑖 ≤ 𝑛𝑛)represents a record, 𝑌𝑌 = {𝑦𝑦1,… , 𝑦𝑦ℎ }, each 𝑥𝑥𝑗𝑗 (𝑗𝑗 ≤ ℎ)
represents a term and 𝑁𝑁 = 𝑋𝑋 × 𝑌𝑌 → 𝑍𝑍 ∈ {0,1} represents the implication relation between X and Y.The EQI
identifying scheme reduced the computation time for scanning the data and storage space for massive volume and
high dimensional datasets.
EQI partitioning is a one of the vertical partitioning strategy which applied on each cluster and splits the cluster
into chunks. According to chunks whether it satisfies the 𝑘𝑘 𝑚𝑚
anonymity then the partitioned chunks are further
classified into public chunks and private chunks. 𝑘𝑘 𝑚𝑚
anonymity(Zhang, H., et al [3])is equivalent to k-anonymity
which is integrated with l-diversity to reduce the information loss in cloud data. To make the instantiation of l-
diversity principle theoretic notation of entropy taken for everyx block
𝐸𝐸𝐸𝐸𝐸𝐸𝐸𝐸𝐸𝐸𝐸𝐸𝐸𝐸 = − � 𝑃𝑃(𝑥𝑥∗
, 𝑦𝑦) log�𝑃𝑃(𝑥𝑥∗
, 𝑦𝑦)� ≥ log⁡(𝑙𝑙)
𝑠𝑠∈𝑆𝑆
𝑃𝑃(𝑥𝑥∗
, 𝑦𝑦) =
𝑛𝑛(𝑥𝑥∗,𝑦𝑦)
∑ 𝑛𝑛(𝑥𝑥∗,𝑦𝑦′)𝑦𝑦′ 𝜖𝜖𝜖𝜖
Where 𝑃𝑃(𝑥𝑥∗
, 𝑦𝑦) is the fraction of records in the 𝑥𝑥∗
block with sensitive attribute value equal to y.
From the above equation, every 𝑥𝑥∗
block contains l distinct values for every sensitive attributes. y denotes
sensitive value. Since x log (x)is a concave function, it is shown that if 𝑥𝑥∗
block is splitted into 𝑥𝑥𝑎𝑎
∗
and 𝑥𝑥𝑏𝑏
∗
then
entropy(𝑥𝑥∗) ≥ min(𝑒𝑒𝑒𝑒𝑒𝑒𝑒𝑒𝑒𝑒𝑒𝑒𝑒𝑒 (𝑥𝑥𝑎𝑎
∗), 𝑒𝑒𝑒𝑒𝑒𝑒𝑒𝑒𝑒𝑒𝑒𝑒𝑒𝑒 (𝑥𝑥𝑏𝑏
∗)). This implies that in order for entropy l-diversity, the entropy
of the entire value must be at least log (l). In EQI portioning modeling public chunk satisfying the 𝑘𝑘 𝑚𝑚
anonymity
and l-diversity is outsourced in public cloud and private chunk is made up of few terms where any non empty subset
ISSN 1943-023X 122

4. Jour of Adv Research in Dynamical & Control Systems, 05-Special Issue, July 2017
does not satisfy𝑘𝑘 𝑚𝑚
anonymity and l-diversity𝑘𝑘 𝑚𝑚
anonymity and l-diversityand is kept in a private cloud for security
reasons.
EQI partitioning Algorithm:
Input:D, P
Output:Public chunkPUB, private chunk PRI
Step 1: while 𝐷𝐷 ≠ ∅ do
Step 2: Arrange D in descending order of intension size
Step 3: Concept list in D as [𝐷𝐷|𝐷𝐷𝑑𝑑�], consider D is the first element and 𝐷𝐷𝑑𝑑�is the remaining list
Step 4: PUB = PUB ∪ 𝐷𝐷
Step 5: 𝐴𝐴 = ∅; 𝑌𝑌 = ∅;
Step 6: for (i=0;i<n;i++)// n is the number of concepts in 𝐷𝐷𝑑𝑑�
Step 7:𝐴𝐴 = 𝐴𝐴 ∪ (𝐷𝐷|𝐶𝐶 𝐷𝐷𝑖𝑖);
Step 8: for ( j=0;j<n;j++)
Step 9: = 𝑌𝑌 ∪ (𝐷𝐷|𝑟𝑟 𝐷𝐷𝑗𝑗 );
Step 10: D=Y;
Step 11: PRI=P- pub;
Step 12: return PUB and PRI
In the above algorithm, the input D obtained from EQI identifying scheme that satisfied both 𝑘𝑘 𝑚𝑚
anonymity and
l-diversity. A and 𝑌𝑌 are the concept covering and concept reducing that refine a set of non overlapping concept set
from D. Each chunk of PUB satisfies the 𝑘𝑘 𝑚𝑚
anonymity and l-diversity. PRI does not satisfy the 𝑘𝑘 𝑚𝑚
anonymity and
l-diversity that contains the remaining terms in D.
By the EQI partitioning the number of the data chunks which satisfied the confidentiality constraints should be
minimized. But the minimal EQI partitioning problem is NP-complete because it does not provide the support of
concept compatibility. This was resolved by concept expansion operation which is easy to prove that the dimension
size of each concept in 𝐷𝐷𝑐𝑐
(non covered concept set)is maximal.
Multi Level Security Model for Cloud Data
For both the public chunk and private chunkthe multi level security is provided by multi level security
framework. The cloud user level data is divided into three classes are high level, low level and moderate level.
These are classified based on the values assigned for the security objectives of the data. The sensitivity value of data
is determined by the sum of all security objectives. There are three security objectives are considered such as
availability, integrity and confidentiality of data. If the sensitivity value is high then the user level is considered as
high level and if the sensitivity value is low then the user level is considered as low level and if the sensitivity value
is moderate then it is considered as moderate level. The data with the high security objective values is highly
important and should not be compromised they require high level security. The data with a combination of low and
moderate security objective values are fixed with the high sensitivity value which is moderate when compared to
low level data and it needs to protect with a medium security level scheme. The data with low sensitivity value
needs only a base line security. By using this framework the data in the public chunk and private chunk are
classified based on the sensitivity value.
Proxy Re-encryption and Identity Based Encryption
The cryptography methods are utilized to protect the data in the cloud. The authorization model is protected by
advanced cryptographic techniques in order to avoid disclosing data without data owner consent. In this proposed
work, proxy re-encryption is used to enable an entity named as proxy. It re-encrypt the data from one key to another
without being able to decrypt it. For an instance, 𝜇𝜇 and 𝛿𝛿 are the couple of key pairs, the proxy re-encrypt a cipher
text 𝐶𝐶𝐶𝐶𝜇𝜇 encrypted under a public key 𝜇𝜇to another ciphertext 𝐶𝐶𝐶𝐶𝛿𝛿which can be decrypted using 𝛿𝛿 private key. By
using this technique, a user used their own public key to encrypt a piece of data that obtain a cipher text. A re-
ISSN 1943-023X 123

5. Jour of Adv Research in Dynamical & Control Systems, 05-Special Issue, July 2017
encryption key was created for proxy to re-encrypt from 𝜇𝜇 to 𝛿𝛿which converting 𝐶𝐶𝐶𝐶𝜇𝜇 to 𝐶𝐶𝐶𝐶𝛿𝛿 . Another user can use
their own private key to decrypt the data and obtain the original data.
Identity based encryption is one of the type of public key cryptography where key pairs for a given identity. The
identity based encryption encrypts a piece of data m using the identity 𝐼𝐼𝜇𝜇 of a user 𝑈𝑈𝜇𝜇 that returns a cipher text 𝐶𝐶𝐶𝐶𝜇𝜇 .
Another user 𝑈𝑈𝛿𝛿 can use private key of 𝑈𝑈𝜇𝜇 (𝑃𝑃𝑃𝑃𝑃𝑃𝜇𝜇 ) to decrypt 𝐶𝐶𝐶𝐶𝛿𝛿 and obtain the plain piece of data m. This scheme
requires the creation of a master key pair that derives the user keys based on their identities. The master public key
is known by any user and it can be used by another user to generate their public key based on their identity. But the
master private key should be kept private and the master private key can be obtained from the trusted entity that
owns the master private key and this entity is named as Private Key Generator (PKG). The authorization model is
the combination of several elements like roles, subjects, grants etc. in order to avoid the need of creation and
management of private and public key pair identities of elements are directly used within the cryptographic
operations. The identity proxy re-encryption is used for encryption which is the combination of identity based
encryption and Proxy re-encryption where a master secret key (MSK) used to create secret keys from their identities.
The following functions are used in the identity based proxy re-encryption scheme.
setup(h, n) → (h, msk) (1)
keygen (h, msk, Iμ) → secμ (2)
encrypt (h, Iδ, m, s) → CIμ (3)
rekeygen(h, secμ, Iμ, Iδ) → rekeyμ→δ (4)
reencrypt(h, rekeyμ→δ, CIμ) → CIδ (5)
decrypt(h, secμ, CIμ) → m (6)
The Identity based proxy re-encryption scheme was performed by the above defined function. Initially the
cryptographic scheme is initialized which takes the input as security parameter h and it returns Master Secret Key
(MSK) and h which denotes a set of parameters which is given as input to the remaining functions of identity based
proxy re-encryption. The keygen function takes the input as h, msk and an identity𝐼𝐼𝜇𝜇 and it generates secret key
𝑠𝑠𝑠𝑠𝑠𝑠𝜇𝜇 for that identity 𝐼𝐼𝜇𝜇 . Based on the identity, h, plain piece of data and sensitivity value encrypt function the plain
piece of data and generates cipher text 𝐶𝐶𝐶𝐶𝜇𝜇 . The encryption is based on the Advanced Encryption Standard (AES),
Rivest, Shamir, and Adelman (RSA) and Eliptic Curve (ECC) technologies. The re-encryption key is generated by
the rekeygen function that gets the input as ℎ, source and target identities 𝐼𝐼𝜇𝜇 and 𝐼𝐼𝛿𝛿 along with the secret key of the
source identity 𝑠𝑠𝑠𝑠𝑠𝑠𝜇𝜇 . It enables to re-encrypt from 𝐼𝐼𝜇𝜇 to 𝐼𝐼𝛿𝛿 . The re-encryption is carried out by 𝑟𝑟𝑟𝑟𝑟𝑟𝑟𝑟𝑟𝑟𝑟𝑟𝑟𝑟𝑟𝑟𝑟𝑟 function
which gets input as cipher text 𝐶𝐶𝐶𝐶𝜇𝜇 under identity 𝐼𝐼𝜇𝜇 and a re-encryption key 𝑟𝑟𝑟𝑟𝑟𝑟𝑟𝑟𝑟𝑟𝜇𝜇→𝛿𝛿 which obtain output the re-
encrypted cipher text 𝐶𝐶𝐶𝐶𝛿𝛿 under identity 𝐼𝐼𝛿𝛿 .Finally the decrypt the data using 𝑑𝑑𝑑𝑑𝑑𝑑𝑑𝑑𝑑𝑑𝑑𝑑𝑑𝑑function that gets input as
cipher text 𝐶𝐶𝐶𝐶𝜇𝜇 and its corresponding secret key 𝑠𝑠𝑠𝑠𝑠𝑠𝜇𝜇 and it returns the plain text m resulting of decrypting 𝐶𝐶𝐶𝐶𝜇𝜇 .Thus
this method provides the security to data in the cloud.
Algorithm
Input: Plain data m
//EQI identifying
Step 1: Introduce EQI identifying scheme
Step 2: Obtain P number of clusters
//EQI partitioning
Step 3: Apply EQI partitioning scheme on each cluster
Step 4: Based on 𝑘𝑘 𝑚𝑚
anonymity and l-diversity splits the cluster
Step 5: obtain the private and public chunks
//user level security model
Step 6: Obtain the availability, integrity and confidentiality of both public and private chunk data
Step 7: calculate the sensitivity value based on the availability, integrity and confidentiality of data
ISSN 1943-023X 124

6. Jour of Adv Research in Dynamical & Control Systems, 05-Special Issue, July 2017
Step 8: Apply encryption scheme based on the sensitivity value
//Identity based proxy re-encryption scheme
Step 9: Initialize the cryptographic scheme suing equation (1)
Step 10: Generate a secret key based on the user identity using equation (2)
Step 11: Encrypt the plain piece of data based on the sensitivity value using equation (3)
Step 12: Process the Re-key generation using equation(4)
Step 13: Re-encrypt the data using equation (5)
Step 14: Decrypt the data using equation (6)
IV. Result and Discussion
A public cloud test bed is built that including 2 nodes connected by WS-C3750X-24T-S switch. Each node has
Xeon E5506 core processors running at 2.13 GHz CPUs, 16G dual channel 1333 GHz memory and 500GB 7200
RPM disk and Intel core 2 duo processor E7500 running at 3 M cache, 2.93 GHZ , 2GB memory and 1066 MHz.
For the experimental purpose, 106 bit of elliptic curve, 1024 bit of RSA and 1024 bit of AES are selected. The
effectiveness of the proposed work is tested in terms of average relative error, time, anonymization time and
information loss.
Average Relative Error
Average relative error decides how an incorrect a quantity from a number considered to be true. The following
table 4.1, shows the average relative error value of k-anonymity and k-anonymity with l-diversity methods.
Table 4.1: Comparison of Average Relative Error
Quasi Identifier Average relative error
k-anonymity k-anonymity with l-diversity
5 0.12 0.08
10 0.13 0.09
15 0.14 0.11
20 0.15 0.12
25 0.16 0.13
Figure 4.1: Comparison of Average Relative Error
Figure 4.1, depicts the comparison of average relative error between k-anonymity and k-anonymity with l-
diversity techniques. X axis represents the quasi identifier and Y axis represents the average relative error. From the
figure 4.1, it is proved that the proposed k-anonymity with l-diversity technique has less average relative error than
the k-anonymity technique.
Time
Time is measured by amount of time taken for key generation, rekey generation, encryption, re-encryption and
decryption. The following table depicts the comparison of time Advanced Encryption Standard (AES), Rivest,
Shamir, and Adelman (RSA) and Eliptic Curve (ECC) technologies.
ISSN 1943-023X 125

7. Jour of Adv Research in Dynamical & Control Systems, 05-Special Issue, July 2017
Table 4.2: Comparison of Time
Process Time (secs)
AES RSA ECC
KeyGen 12 15 10
ReKeyGen 13 14 9
Enc 40 35 39
ReEnc 39 34 29
Dec 40 35 29
Figure 4.2: Comparison of Time
Figure 4.2, shows the comparison of Time between Advanced Encryption Standard (AES), Rivest, Shamir, and
Adelman (RSA) and Eliptic Curve (ECC) technologies. X axis represents the different functions like key generation
(keygen), Re-key generation (RekeyGen), Encryption (Enc) and decryption (Dec) and Y axis represents time in
seconds. From the figure 4.2, it is proved that the elliptic curve takes less time than the other technologies.
Anonymization Time
Anonymization time is the amount of time taken for anonymization process. The following table 4.3, shows the
comparison of anonymization time for different values of l.
Table 4.3: Comparison of Anonymization Time
l values Anonymization Time (secs)
5 10 15 20 25
3 1.6 3 3.6 4 5
8 2 3.6 4 4.3 5.2
13 2.5 4 4.8 5 6
17 3 4.5 5 5.8 6.4
23 3.6 5 5.3 6.3 7.2
Figure 4.3: Comparison of Anonymization Time
ISSN 1943-023X 126

8. Jour of Adv Research in Dynamical & Control Systems, 05-Special Issue, July 2017
Figure 4.3, shows the comparison of anonymization time for different l values. X axis represents k values and Y
axis represents the anonymization time in seconds. From the figure 4.3, it is proved that the anonymization time
increases when the k and l value increases.
Information Loss
Information loss is the amount of information loosed during EQI partitioning process. The following table 4.4,
shows the comparison of information loss between K-anonymity and k-anonymity with l-diversity techniques.
Table 4.4: Comparison of Information Loss
K values Average relative error
k-anonymity k-anonymity with l-diversity
20 0.2 0.28
40 0.23 0.32
60 0.3 0.38
80 0.35 0.43
100 0.43 0.5
Figure 4.4: Comparison of Information Loss
Figure 4.4, shows the comparison of information loss between K-anonymity and k-anonymity with l-diversity
techniques. X axis represents k values and Y axis represents the information loss. From the figure 4.4, it is proved
that proposed k-anonymity with l-diversity has less information loss than the k-anonymity technique.
V. Conclusion
In this paper, the information loss during the EQI partitioning is considered by l-diversity along with the k-
anonymity process. Initially EQI identifying process the original data is clustered into number of clusters then based
on k-anonymity and l-diversity the clusters are partitioned into public chunk and private chunk. Then the multi level
accessibility is provided to both the public chunk and private chunk data. The multi level accessibility is provided
based on the sensitivity value of data. Then the data are secured using identity based proxy re-encryption method
where the AES, RAS and ECC technologies are used to encrypt the data. Thus in this paper, the different techniques
are used to make privacy-aware set-valued data publishing on cloud is feasible with less information loss and with
high secured model. The experimental results prove that the proposed methods perform better than the existing
method in terms of average relative error, time, anonymization time and information loss.
References
[1] Dixit, A., Yadav, A.K. and Kumar, S. An efficient architecture and algorithm for server provisioning in
Cloud computing using clustering approach. International Conference System Modeling & Advancement in
Research Trends (SMART), 2016, 260-266.
[2] Kavitha, I. Suppression and Generalization–Based Privacy Preserving Updates to Confidential Databases.
IOSR Journal of Computer Engineering (IOSR-JCE) 10 (1) (2013) 51-54.
[3] Zhang, H., Zhou, Z., Ye, L. and Xiaojiang, D.U. Towards Privacy Preserving Publishing of Set-valued
Data on Hybrid Cloud. IEEE Transactions on Cloud Computing (2015).
ISSN 1943-023X 127

9. Jour of Adv Research in Dynamical & Control Systems, 05-Special Issue, July 2017
[4] Pan, Y., Xiaolin, G., Jian, A., Jing, Y., Jiancai, L. and Feng, T. A retrievable data perturbation method used
in privacy-preserving in cloud computing. China Communications 11 (8) (2014), 73-84.
[5] Rong, H., Wang, H., Liu, J. and Xian, M. Privacy-Preserving k-Nearest Neighbor Computation in Multiple
Cloud Environments. IEEE Access (2016).
[6] Zhou, J., Lin, X., Dong, X. and Cao, Z. PSMPA: Patient self-controllable and multi-level privacy-
preserving cooperative authentication in distributed m-healthcare cloud computing system. IEEE
Transactions on Parallel and Distributed Systems 26 (6) (2015) 1693-1703.
[7] Liu, H., Ning, H., Xiong, Q. and Yang, L.T. Shared authority based privacy-preserving authentication
protocol in cloud computing. IEEE Transactions on Parallel and Distributed Systems 26 (1) (2015) 241-
251.
[8] Pasupuleti, S.K., Ramalingam, S. and Buyya, R. An efficient and secure privacy-preserving approach for
outsourced data of resource constrained mobile devices in cloud computing. Journal of Network and
Computer Applications 64 (2016) 12-22.
[9] Aldeen, Y.A.A.S., Salleh, M. and Aljeroudi, Y. An innovative privacy preserving technique for incremental
datasets on cloud computing. Journal of Biomedical Informatics 62 (2016) 107-116.
[10] Jung, T., Li, X.Y., Wan, Z. and Wan, M. (2013). Privacy preserving cloud data access with multi-
authorities. Proceedings IEEE INFOCOM, 2013, 2625-2633.
[11] Chen, R., Mohammed, N., Fung, B.C., Desai, B.C. and Xiong, L. Publishing set-valued data via differential
privacy. Proceedings of the VLDB Endowment, 2011, 4 (11) 1087-1098.
[12] Terrovitis, M., Mamoulis, N., Liagouris, J. and Skiadopoulos, S. Privacy preservation by
disassociation. Proceedings of the VLDB Endowment, 2012, 5(10) 944-955.
[13] Huang, Q.L., Yang, Y.X., Fu, J.Y. and Niu, X.X. Secure and privacy-preserving DRM scheme using
homomorphic encryption in cloud computing. The Journal of China Universities of Posts and
Telecommunications 20 (6) (2013) 88-95.
ISSN 1943-023X 128