Please use this identifier to cite or link to this item:
|Title: ||應用 Intel SGX 於多重資料源功能加密：落實機器學習二元分類|
Applying Intel SGX for Multi-Input Functional Encryption on Binary Classification of Machine Learning
Secure cloud computing
Multi-input functional encryption
|Issue Date: ||2019-08-07 16:37:01 (UTC+8)|
|Abstract: ||網際網路和行動裝置高度普及，各式各樣的隱私資料上傳至雲端進行分析運用，然而駭客入侵雲端作業系統、VMM (Virtual Machine Monitor) 或雲端管理員擁有權限查看資料等眾多攻擊面向，皆使得個人隱私資料面臨洩漏風險。本研究使用Intel所提出軟硬體可信執行環境解決方案：SGX (Software Guard Extensions) ，為雲端隱私保護議題提出一個包含使用者、雲端業者、SecaaS（Security as a Service）和MLaaS（Machine Learning as a Service）提供者等四種角色的架構，並設計各個角色間資料、加解密過程與運算流程，以多重資料源功能加密於機器學習的應用，說明此架構滿足資料在儲存、傳遞、使用中皆擁有隱私保護效果。本論文亦闡述SGX限制與安全議題，並進一步與差分隱私、全同態加密進行隱私保護應用之比較。|
Due to the fact that mobile devices and the usage of the internet have become integral parts of our lives, various kinds of private data have been collected and uploaded to the cloud for analysis. Followed by, hackers attack cloud OS, VMM(Virtual Machine Monitor); cloud administrators take on unauthorized action, all leave privacy data at risk. This research aims to resolve the issue by conducting SGX (Software Guard Extensions), Intel’s software and hardware trusted execution environment solution, to propose a software architecture. The designed architecture contains four characters, Users, Cloud Service Provider, Security as a Service and Machine Learning as a Service, which then designed data flow, encryption/decryption flow as well as computation flow between the characters. To explain how the architecture meets the privacy protection demands of data at all time (at-rest, in-transit, and in-use), the research takes Multi-Input Functional Encryption on binary classification of Machine Learning as examples.
|Reference: || C. Gentry, A fully homomorphic encryption scheme. Stanford University, 2009.|
 D. Boneh, A. Sahai, and B. Waters, “Functional encryption: definitions and challenges,” in Theory of Cryptography Conference, pp. 253–273, Springer, 2011.
 C. Dwork, “Differential privacy: A survey of results,” in International Conference
on Theory and Applications of Models of Computation, pp. 1–19, Springer, 2008.
 C. Gentry and S. Halevi, “Implementing Gentry’ s fully-homomorphic encryption
scheme,” in Annual International Conference on the Theory and Applications of
Cryptographic Techniques, pp. 129–148, Springer, 2011.
 M. Van Dijk and A. Juels, “On the impossibility of cryptography alone for privacypreserving cloud computing.,” HotSec, vol. 10, pp. 1–8, 2010.
 K. Lewi et al., “5Gen: A framework for prototyping applications using multilinear
maps and matrix branching programs,” in Proceedings of the 2016 ACM SIGSAC
Conference on Computer and Communications Security, pp. 981–992, ACM, 2016.
 B. Gellman and A. Soltani, “NSA infiltrates links to Yahoo, Google data centers
worldwide, snowden documents say,” The Washington Post, vol. 30, p. 2013, 2013.
 R. A. Popa et al., “CryptDB: protecting confidentiality with encrypted query processing,” in Proceedings of the Twenty-Third ACM Symposium on Operating Systems
Principles, pp. 85–100, ACM, 2011.
 F. McKeen et al., “Innovative instructions and software model for isolated execution.,” HASP@ ISCA, vol. 10, 2013.
 I. Intel, “Software guard extensions programming reference, revision 2.”
 Y. Lindell, “The security of Intel SGX for key protection and data privacy applications,” 2018.
 M. R. Albrecht et al., “Implementing candidate graded encoding schemes from ideal
lattices,” in International Conference on the Theory and Application of Cryptology
and Information Security, pp. 752–775, Springer, 2014.
 J.-S. Coron, T. Lepoint, and M. Tibouchi, “Practical multilinear maps over the integers,” in Advances in Cryptology–CRYPTO 2013, pp. 476–493, Springer, 2013.
 B. Fisch et al., “Iron: functional encryption using Intel SGX,” in Proceedings of
the 2017 ACM SIGSAC Conference on Computer and Communications Security,
pp. 765–782, ACM, 2017.
 J. W. Bos, K. Lauter, and M. Naehrig, “Private predictive analysis on encrypted
medical data,” Journal of biomedical informatics, vol. 50, pp. 234–243, 2014.
 R. Bost, R. A. Popa, S. Tu, and S. Goldwasser, “Machine learning classification over
encrypted data.,” in NDSS, p. 432, 2015.
 K. Bache and M. Lichman, “Uci machine learning repository,” 2013.
 F. Schuster and other, “Vc3: Trustworthy data analytics in the cloud using SGX,” in
Security and Privacy (SP), 2015 IEEE Symposium on, pp. 38–54, IEEE, 2015.
 A. Baumann, M. Peinado, and G. Hunt, “Shielding applications from an untrusted
cloud with haven,” ACM Transactions on Computer Systems (TOCS), vol. 33, no. 3,
p. 8, 2015.
 P. C. Kocher, “Timing attacks on implementations of Diffie-Hellman, RSA, DSS,
and other systems,” in Annual International Cryptology Conference, p. 104–113,
 W. Wang et al., “Leaky cauldron on the dark land: understanding memory sidechannel hazards in SGX,” in Proceedings of the 2017 ACM SIGSAC Conference on
Computer and Communications Security, p. 2421–2434, ACM, 2017.
 F. Brasser et al., “Software grand exposure:SGX cache attacks are practical,” in 11th
USENIX Workshop on Offensive Technologies (WOOT 17), 2017.
 A. Moghimi, T. Eisenbarth, and B. Sunar, “Memjam: A false dependency attack
against constant-time crypto implementations in SGX,” in Cryptographers’ Track
at the RSA Conference, p. 21–44, Springer, 2018.
 G. Chen et al., “Sgxpectre attacks: Leaking enclave secrets via speculative execution,” arXiv preprint arXiv:1802.09085, 2018.
|Source URI: ||http://thesis.lib.nccu.edu.tw/record/#G1049710011|
|Data Type: ||thesis|
|Appears in Collections:||[資訊科學系] 學位論文|
Files in This Item:
All items in 政大典藏 are protected by copyright, with all rights reserved.