Abstract | ||
---|---|---|
The use of public cloud infrastructure for storing and processing large datasets raises new security concerns. Current solutions propose encrypting all data, and accessing it in plaintext only within secure hardware. Nonetheless, the distributed processing of large amounts of data still involves intensive encrypted communications between different processing and network storage units, and those communications patterns may leak sensitive information. We consider secure implementation of MapReduce jobs, and analyze their intermediate traffic between mappers and reducers. Using datasets that include personal and geographical data, we show how an adversary that observes the runs of typical jobs can infer precise information about their input. We give a new definition of data privacy for MapReduce, and describe two provably-secure, practical solutions. We implement our solutions on top of VC3, a secure implementation of Hadoop, and evaluate their performance. |
Year | DOI | Venue |
---|---|---|
2015 | 10.1145/2810103.2813695 | ACM Conference on Computer and Communications Security |
Keywords | Field | DocType |
Map-reduce, traffic analysis, oblivious shuffle, oblivious load balancing | Traffic analysis,Network storage,Computer security,Computer science,Encryption,Adversary,Information sensitivity,Information privacy,Plaintext,Cloud computing,Distributed computing | Conference |
Citations | PageRank | References |
16 | 0.61 | 21 |
Authors | ||
6 |
Name | Order | Citations | PageRank |
---|---|---|---|
Olga Ohrimenko | 1 | 494 | 27.48 |
Manuel Costa | 2 | 1589 | 88.62 |
Cédric Fournet | 3 | 3698 | 213.79 |
Christos Gkantsidis | 4 | 1269 | 72.28 |
Markulf Kohlweiss | 5 | 1469 | 65.13 |
Divya Sharma | 6 | 46 | 7.54 |