Xinyu Lei, Computer Science, has been awarded a two-year $174,855 grant from the National Science Foundation for his project, “CRII: SaTC: Enabling Secure Machine Learning Queries over Encrypted Database in Cloud Computing.
In the project, Lei is developing a scheme to support secure ML queries over encrypted databases in cloud storage by employing an index-aid approach.
An assistant professor, Lei’s research interest are in matching learning and cybersecurity. Visit Lei’s faculty website here.
Project Abstract
In cloud computing, public cloud service providers can provide cloud storage as the primary service, while providing additional machine learning (ML)-based services by using the clients’ data in storage. Although this business model is promising, it also brings in security concerns since the public commercial cloud cannot be fully trusted. For example, public commercial clouds may sell clients’ sensitive data to third parties. In this project, the investigator develops a scheme to enable secure and privacy-preserving machine learning services over the encrypted database in cloud storage. The project’s broader significance and importance are two-fold. First, the project extends the border of cloud computing services and brings in new business growth possibilities that enable safer and privacy-preserving AI analyses on data stored in public clouds. Second, the project engages female and under-represented minority students in computing, thus fostering the 21st-century data-capable workforce.
In this project, the investigator develops a scheme to support secure ML queries over encrypted databases in cloud storage by employing an index-aid approach. In this approach, each data item (i.e., a training example) in a dataset is formally encrypted using AES/DES to achieve strong ciphertext privacy. For each data item, a secure index item that can support ML analyses is generated. Therefore, this scheme achieves strong ciphertext privacy and ML capability simultaneously, as well as index, model, and token privacy. In summary, this project makes two significant technical contributions. First, the development of an index-aid approach that addresses the conflict between data security and utility. Second, the development of AI-driven data encryption/mask techniques that outperform differential privacy and homomorphic encryption regarding privacy and runtime performance.