Accredited Symmetrically Private Information Retrieval

Layouni, Mohamed

doi:10.1007/978-3-540-75651-4_18

Cited by 6 publications

(14 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Research on this topic received a significant attention in the past (e.g., [1,2,3,4,5,6]). More recently, a partial solution that contributes to reinforcing user's control over their data, has been proposed in [7]. This solution, called accredited symmetrically private information retrieval (ASPIR), assumes a setting where sensitive information belonging to users (data-subjects) is stored on a remote database DB managed by a party called a Sender.…”

Section: Introductionmentioning

confidence: 99%

“…The setting includes an additional party called a Receiver who retrieves records from the database. The construction in [7], allows a Receiver to retrieve data owned by the user (data-subject), from a database DB managed by the Sender, such that the following three requirements are satisfied: (1) Privacy for the data-subject: the Receiver can retrieve a data record only if he has a valid authorization to do so from the record owner, (2) Privacy for the Receiver: the Sender is convinced that the Receiver's query is authorized by the owner of the target DB record, without learning any information about the content of the query, or the identity of the record owner, and (3) Privacy for the Sender: the Receiver cannot retrieve information about more than one record per query. For example, the Receiver cannot use an authorization from user U to learn information about database records not belonging to U .…”

Section: Introductionmentioning

confidence: 99%

“…The constructions in [7] cover a setting where each record in the database is owned by a single user. In many applications, data records are the property of several parties simultaneously rather than a single one.…”

Section: Introductionmentioning

confidence: 99%

“…The ASPIR constructions of [7] rely on privacy-preserving digital credentials [4] to protect the anonymity of the authorizer with respect to the Sender. The digital credential primitive has been used in addition to hide the index of the retrieved record, and to guarantee the unforgeability of the issued authorizations.…”

Section: Introductionmentioning

confidence: 99%

“…While highly versatile, the digital credentials of [4] do require a certain amount of computations from the different participants, especially the authorizers. In addition, the construction in [7] assumes that each record owner possesses a digital credential of the type in [4], and that he is willing to use it to issue authorizations.…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

Efficient Multi-authorizer Accredited Symmetrically Private Information Retrieval

Layouni

Yoshida

Okamura

2008

Information and Communications Security

Self Cite

View full text Add to dashboard Cite

Abstract. We consider a setting where records containing sensitive personal information are stored on a remote database managed by a storage provider. Each record in the database is co-owned by a fixed number of parties called data-subjects. The paper proposes a protocol that allows data-subjects to grant access to their records, to self-approved parties, without the DB manager being able to learn if and when their records are accessed. We provide constructions that allow a Receiver party to retrieve a DB record only if he has authorizations from all owners of the target record (respectively, from a subset of the owners of size greater than a threshold.) We also provide a construction where owners of the same record do not have equal ownership rights, and the record in question is retrieved using a set of authorizations consistent with a general access structure. The proposed constructions are efficient and use a pairingbased signature scheme. The presented protocol is proved secure under the Bilinear Diffie-Hellman assumption.

show abstract

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Efficient Multi-authorizer Accredited Symmetrically Private Information Retrieval

Layouni

Yoshida

Okamura

2008

Information and Communications Security

Self Cite

View full text Add to dashboard Cite

show abstract

Private predictions on hidden Markov models

Polat

Renckes

et al. 2010

Artif Intell Rev

View full text Add to dashboard Cite

Hidden Markov models (HMMs) are widely used in practice to make predictions. They are becoming increasingly popular models as part of prediction systems in finance, marketing, bio-informatics, speech recognition, signal processing, and so on. However, traditional HMMs do not allow people and model owners to generate predictions without disclosing their private information to each other. To address the increasing needs for privacy, this work identifies and studies the private prediction problem; it is demonstrated with the following scenario: Bob has a private HMM, while Alice has a private input; and she wants to use Bob's model to make a prediction based on her input. However, Alice does not want to disclose her private input to Bob, while Bob wants to prevent Alice from deriving information about his model. How can Alice and Bob perform HMMs-based predictions without violating their privacy? We propose privacy-preserving protocols to produce predictions on HMMs without greatly exposing Bob's and Alice's privacy. We then analyze our schemes in terms of accuracy, privacy, and performance. Since they are conflicting goals, due to privacy concerns, it is expected that accuracy or performance might degrade. However, our schemes make it possible for Bob and Alice to produce the same predictions efficiently while preserving their privacy.

show abstract