Full metadata record
DC FieldValueLanguage
dc.contributorDepartment of Electronic and Information Engineeringen_US
dc.contributor.advisorHu, Haibo (EIE)en_US
dc.creatorHan, Ziyang-
dc.identifier.urihttps://theses.lib.polyu.edu.hk/handle/200/11937-
dc.languageEnglishen_US
dc.publisherHong Kong Polytechnic Universityen_US
dc.rightsAll rights reserveden_US
dc.titlePrivacy-preserving query processing based on trusted execution environment and access pattern obfuscation technologiesen_US
dcterms.abstractThe thesis involves three research works in the field of privacy-preserving query processing. They focus on the research problems of memory level security and privacy of data querying services in the cloud hosting environment. In such a scenario, the proposed schemes consider not only the direct attacks tampering with the data and the data processing but also the threats from semi-honest adversaries in cloud platforms that attempt to derive sensitive information for inference attacks through analyzing the access pattern leakage. Motivated by these security goals, three privacy-preserving schemes are designed based on different principles and for different types of queries that comprise the body of the thesis. The first work proposes memory-secure DBMS adaptation encapsulating a bare SQL processor into the trusted execution environment (TEE) and optimizes the existing Oblivious RAM scheme to efficiently shuffle the access patterns generated in retrieving data blocks from untrusted memory for processing inside TEE. The second work provides a perturbation mechanism in a two-tier index to obfuscate the access pattern on the trapdoors of the fuzzy keyword search over encrypted document database. The TEE technology is employed to encapsulate the plaintext secondary index which is sensitive and conceals the obfuscation process. The third work gives a middleware solution to obfuscate access frequency patterns for general queries without leaking sensitive information of individual queries in a harsher threat model in which the query boundaries are exposed to attackers. Different from the former two schemes, it introduces a K-isomorphism perturbation mechanism on the query requests while not over the data storage and query processor. In each of these works, adequate literature is reviewed, and the most related works are involved in comparative evaluations. The thesis unifies the three works under a common background to summarize the research outcomes in the Ph.D. program and gives a prospect of future works.en_US
dcterms.extentx, 144 pages : color illustrationsen_US
dcterms.isPartOfPolyU Electronic Thesesen_US
dcterms.issued2022en_US
dcterms.educationalLevelPh.D.en_US
dcterms.educationalLevelAll Doctorateen_US
dcterms.LCSHComputer securityen_US
dcterms.LCSHData privacyen_US
dcterms.LCSHComputer networks -- Security measuresen_US
dcterms.LCSHQuerying (Computer science)en_US
dcterms.LCSHHong Kong Polytechnic University -- Dissertationsen_US
dcterms.accessRightsopen accessen_US

Files in This Item:
File Description SizeFormat 
6380.pdfFor All Users3.55 MBAdobe PDFView/Open


Copyright Undertaking

As a bona fide Library user, I declare that:

  1. I will abide by the rules and legal ordinances governing copyright regarding the use of the Database.
  2. I will use the Database for the purpose of my research or private study only and not for circulation or further reproduction or any other purpose.
  3. I agree to indemnify and hold the University harmless from and against any loss, damage, cost, liability or expenses arising from copyright infringement or unauthorized usage.

By downloading any item(s) listed above, you acknowledge that you have read and understood the copyright undertaking as stated above, and agree to be bound by all of its terms.

Show simple item record

Please use this identifier to cite or link to this item: https://theses.lib.polyu.edu.hk/handle/200/11937