# Exploiting Data Sensitivity on Partitioned Data

**Authors:** Sharad Mehrotra, Kerim Yasin Oktay, Shantanu Sharma

arXiv: 1812.01741 · 2018-12-06

## TL;DR

This paper explores partitioned data processing on cloud platforms, leveraging data sensitivity to improve efficiency while addressing security concerns, especially in hybrid and public cloud environments.

## Contribution

It introduces a formal security criterion for partitioned computing on public clouds and analyzes the balance between efficiency and security in hybrid and public cloud settings.

## Key findings

- Partitioned computing reduces costs for non-sensitive data processing.
- Secure partitioned computing can prevent information leakage during cloud queries.
- Formal security definitions guide safe data partitioning strategies.

## Abstract

Several researchers have proposed solutions for secure data outsourcing on the public clouds based on encryption, secret-sharing, and trusted hardware. Existing approaches, however, exhibit many limitations including high computational complexity, imperfect security, and information leakage. This chapter describes an emerging trend in secure data processing that recognizes that an entire dataset may not be sensitive, and hence, non-sensitivity of data can be exploited to overcome some of the limitations of existing encryption-based approaches. In particular, data and computation can be partitioned into sensitive or non-sensitive datasets - sensitive data can either be encrypted prior to outsourcing or stored/processed locally on trusted servers. The non-sensitive dataset, on the other hand, can be outsourced and processed in the cleartext. While partitioned computing can bring new efficiencies since it does not incur (expensive) encrypted data processing costs on non-sensitive data, it can lead to information leakage. We study partitioned computing in two contexts - first, in the context of the hybrid cloud where local resources are integrated with public cloud resources to form an effective and secure storage and computational platform for enterprise data. In the hybrid cloud, sensitive data is stored on the private cloud to prevent leakage and a computation is partitioned between private and public clouds. Care must be taken that the public cloud cannot infer any information about sensitive data from inter-cloud data access during query processing. We then consider partitioned computing in a public cloud only setting, where sensitive data is encrypted before outsourcing. We formally define a partitioned security criterion that any approach to partitioned computing on public clouds must ensure in order to not introduce any new vulnerabilities to the existing secure solution.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1812.01741/full.md

## Figures

18 figures with captions in the complete paper: https://tomesphere.com/paper/1812.01741/full.md

## References

46 references — full list in the complete paper: https://tomesphere.com/paper/1812.01741/full.md

---
Source: https://tomesphere.com/paper/1812.01741