Browse Theses

Data outsourcing, also known as database-as-a-service, has been widely used in industry to provide better data management while lowering the cost. However data outsourcing is limited in the presence of sensitive data (e.g., medical records) due to the untrusted third party providing the data outsourcing service. In this thesis, we present a private data outsourcing model supporting both queries and updates by using anonymization.

Our private data outsourcing model is based on a data publishing technique called anatomization. Data are divided into identifying and sensitive data the same way in anatomization; however, the client can also reconstruct the original identifiable data from the separated data. Without the client, an adversary can link individuals to their actual sensitive values only to an extent specified by the underlying privacy preserving technique (such as k -anonymity or l -diversity). By exposing data where possible, the server can perform value-added services such as data analysis not possible with fully encrypted data, while still being unable to violate privacy constraints.

We first present a relational query processor limited to queries that minimize the client-side computation while ensuring that the server learns nothing violating the privacy constraints. We then focus on updates and present a dynamic private data outsourcing model on top of the query processor allowing the client to insert, delete and update tuples with the same privacy guarantees as our read-only model. Lastly, we present a prototype for our private data outsourcing model.