Figure 10 - uploaded by Tolga Soyata
Content may be subject to copyright.
Source publication
Extending cloud computing to medical software, where the hospitals rent the software from the provider sounds like a natural evolution for cloud computing. One problem with cloud computing, though, is ensuring the medical data privacy in applications such as long term health monitoring. Previously proposed solutions based on Fully Homomorphic Encry...
Context in source publication
Context 1
... branching program for ¬ f is considered. This means upon receiving the final matrix, the deter- minant is evaluated and the output is negated to obtain the precise answer to the computation. Our proposed approach works for any Boolean function that can be represented as a branching program. A branching program can compute any Boolean function by simply branching on all n input bits so that each of 2 n inputs result in a unique path. The size of this program is exponential in n . However, we are interested in what functions are representable by polynomial-size branching programs. As we have already seen from Lemma 1, any logspace computations can be represented as a branching program and can encompass a wide variety of problems. Therefore, this approach can be used for any logspace comput- able Boolean functions. The size of the matrix corresponds to the size of the graph. For the equation in our case study, we construct a branching program of size 600. If A is a band matrix, then there is a small w such that all nonzero entries are within w diagonals of the main diagonal, and we can multiply matrices much more efficiently using operations on bundled plaintexts. This w corresponds to the width of the branching program. By Barrington’s theorem, any NC 1 circuit can be converted into an equivalent branching program of polynomial size and width 5. For any such circuit, we can convert it into a band matrix with band width 10. If we pack each entire diago- nal into one ciphertext, then we can represent matrices of arbitrary size with just 21 ciphertexts. After multiplying two matrices with band width 10, we get a matrix with band width 11, and after we multiply two matrices with band width 11, we get a matrix with band width 12, and so on. Therefore the resulting matrices remain extremely sparse, even when iteratively multiplying many matrices together. This means that we get the advantage of sparseness for every round of matrix multiplications, not just the first one. We note that homomorphic evaluation and combining of branching programs can be supported for any branching program using only homomorphic matrix multiplication. It is therefore effective for the server to use highly-optimized software or even special hardware to enhance the efficiency of this op- eration. The branching program we construct for our case study has width 10, and the corresponding band matrix has width 9. In this section, we will provide simulated results for our proposed method and will compare them to the circuit-based method, which will be referred to as the “naïve method.” Note that, while the circuit method allows a significantly more generalized application domain, we will demonstrate in this section that, once the function to achieve is very well defined (i.e., a Yes/No answer to a pre-determined ques- tion), the branching-programs method (which will be referred to as the “matrix method” provides much more improved performance results. In the previous section, we described our methodology. We compare the performance of our method with the naïve method of implementing the circuit that computes the function in entirety. We first describe the naïve method and how the two methods were compared. First, we explain how we use the SIMD-like operations in HElib. An example operation is shown in Figure 10, where two 4-bit numbers, A 1 =13 and B 1 =17 are compared. Simultaneously, two other 4-bit numbers A 0 =9 and B 0 =11 are compared. These two simultaneous comparisons are an example of how multiple identical operations can be performed in a SIMD environment as a benefit of the “packing” concept introduced previously. Each individual operation, applied to A i and B i is a 4-bit SIMD addition, for which the circuit in Figure 6 can be used. Note that, this circuit is composed of only XOR and AND gates, since the NOT gates (i.e., inverters) can be implemented by XOR gates. The reason for restricting the set of available gates to only these two is previously mentioned: We are only using the GF(2) homomorphic addition and homomorphic multiplication operations, which correspond to bitwise XOR and bitwise AND operations, respectively. Therefore, drawing the circuit for any function we are trying to implement allows us to use two of the four previously mentioned HElib primitives. A close observation of Figure 6 reveals that, just the bitwise XOR and AND operations will not be sufficient to perform the 4-bit comparison function, which can be denoted ...
Similar publications
In this article, we introduce a practical scheme that dynamically secures and outsources data on demand as well as propose a corresponding architecture to securely process data in database service provider. We also adopt the application of bring your own device in this scheme as an enhanced security solution. After studying over 1300 database model...
A growing number of organizations and individuals outsource their data to the cloud. As the cloud service provider (CSP) is potentially untrustworthy, cloud user needs to encrypt their sensitive data before outsourcing. One challenge of the cloud service is how to provide an effective search on encrypted data while preserving user privacy. The exis...
This paper aims to survey various techniques utilized for content moderation in end-to-end encryption systems. We assess the challenging aspect of content moderation: maintaining a safe platform while assuring user privacy. We study the unique features of some content moderation techniques, such as message franking and perceptual hashing, and highl...
The privacy of users must be considered as the utmost priority in distributed networks. To protect the identities of users, attribute-based encryption (ABE) was presented by Sahai et al. ABE has been widely used in many scenarios, particularly in cloud computing. In this paper, public key encryption with equality test is concatenated with key-polic...
We consider vertical logistic regression (VLR) trained with mini-batch gradient descent -- a setting which has attracted growing interest among industries and proven to be useful in a wide range of applications including finance and medical research. We provide a comprehensive and rigorous privacy analysis of VLR in a class of open-source Federated...
Citations
... As such, HE represents a promising tool to greatly enhance data privacy and security, especially when outsourcing computations to the public cloud. In the meantime, HE can be extremely computationally intensive [14], and improving its computation efficiency is key to making this technology practical for real applications. ...
... j −i has the same constant value in each i ∈ [pm, (p+1)m) and this means U ω k m×n has only 2 non-zero diagonals when m = l. When applying ω transformation on matrix B l×n in row-major order, we can formulate permutation matrix according to formula (14), but apply on B n×l instead of B m×l . Note that U Considering all the non-zero elements in U ω k m×n i,j , we have j − i = [k · n + i] n·l − i = k · n + i − k · n + i n · l · n · l − i = k · n − k · n + i n · l · n · l Since max(k) = l − 1 and max(i) = m · n − 1, we have max( k · n + i n · l ) < l − 1 + m l ...
... Proof. When applying ϵ transformation on matrix A m×l in column-major order, U ϵ is formulated in Equation (14). Note that U ...
Despite the enormous technical and financial advantages of cloud computing, security and privacy have always been the primary concerns for adopting cloud computing facilities, especially for government agencies and commercial sectors with high-security requirements. Homomorphic Encryption (HE) has recently emerged as an effective tool in ensuring privacy and security for sensitive applications by allowing computing on encrypted data. One major obstacle to employing HE-based computation, however, is its excessive computational cost, which can be orders of magnitude higher than its counterpart based on the plaintext. In this paper, we study the problem of how to reduce the HE-based computational cost for general Matrix Multiplication (MM), i.e., a fundamental building block for numerous practical applications, by taking advantage of the Single Instruction Multiple Data (SIMD) operations supported by HE schemes. Specifically, we develop a novel element-wise algorithm for general matrix multiplication, based on which we propose two HE-based General Matrix Multiplication (HEGMM) Approved for Public Release on 06 Mar 2024. Distribution is Unlimited. Case Number: 2024-0184 (original case number(s): AFRL-2024-0944) algorithms to reduce the HE computation cost. Our experimental results show that our algorithms can significantly outperform the state-of-the-art approaches of HE-based matrix multiplication.
... An overall innovative wellbeing application region is human advance action acknowledgment, which is significant for seeing every individual's muscular strength, for the most part, the senior ones. The authors in Reference [13] built up a strategy to distinguish human advance action by including more than 40 inserted sensors, a whirligig, accelerometers, and a gauss meter in a brace-like component. Sensors assist with the computation of step tally, swing time, moving speed, and pressing factor. ...
The goal of smart city development is to improve the quality of life by incorporating technology into daily activities. Artificial intelligence (AI) is critical to the ongoing development of future smart cities. The Internet of Things (IoT) idea connects every internet-enabled device for improved access and control. AI in various domains has changed ordinary towns into highly equipped smart cities. Machine learning and deep learning algorithms have proven indispensable in a variety of industries, and they are now being implemented into smart city concepts to automate and improve urban activities and operations on a large scale. IoT and machine learning technology are frequently used in smart cities to collect data from various sources. This article delves deeply into the significance, scope, and developments of AI-based smart cities. It also addresses some of the difficulties and restrictions associated with smart cities powered by AI. The goal of the study is to inspire and encourage academics to create original smart city solutions based on AI technologies.
... The following figure 1 shows the architecture of the entire system pointing out the main modules that are; the ESP module, sensors that is required to collect the data from the users, WIFI module to communicate with the local servers and routers that is needed to be connected to the internet while working [7]. The smart bangle should collect data from all of the sensors which are respectively the pulse rate and oxygen in blood concentration , body temperature of the workers, motion detection sensor which is specifically a 6-axis motion detection sensor with 3 axis gyroscope and a 3-axis accelerometer, then a separate sensor for collecting the environmental temperature and sensors for collecting the gaseous concentrations such as oxygen, carbon dioxide, methane etc [8]. ...
... They also proposed a dimension-modulus reduction technique by which the size of cipher text is reduced and the complexity of decryption algorithm is shortened. Ames et al. (2015) developed a scheme for a cloud based health monitoring system based on homomorphic encryption. Their proposal is based on the Branching Programs. ...
In this chapter, a cloud security mechanism is described in which the computation (addition) of messages securely stored on the cloud is possible. Any user encrypts the secret message using the receiver's public key and stores it. Later on, whenever the stored message is required by an authentic user, he retrieves the encrypted message and decrypts it by using his secret key. However, he can also request the cloud for an addition of encrypted messages. The cloud system only computes the requested addition and sends it to the authentic user; it cannot decrypt the stored encrypted messages on its own. This addition of encrypted messages should be the same as the encryption of the addition of original messages. In this chapter, the authors propose a homomorphic encryption technique in which the above-discussed scenario is possible. The cloud securely computes the addition of the encrypted messages which is ultimately the encryption of the addition of the original messages. The security of the proposed encryption technique depends on the hardness of elliptic curve hard problems.
... Privacy and security of the medical information are major concerns for Smart Health. Studies in References [8,73] aim at formulating a medical cloud computing environment for cardiac health monitoring, in which the medical data are transmitted from the sensing plane to the data plane in a privacy-preserving fashion. ...
Recent global smart city efforts resemble the establishment of electricity networks when electricity was first invented, which meant the start of a new era to sell electricity as a utility. A century later, in the smart era, the network to deliver services goes far beyond a single entity like electricity. Supplemented by a well-established Internet infrastructure that can run an endless number of applications, abundant processing and storage capabilities of clouds, resilient edge computing, and sophisticated data analysis like machine learning and deep learning, an already-booming Internet of Things movement makes this new era far more exciting.
In this article, we present a multi-faceted survey of machine intelligence in modern implementations. We partition smart city infrastructure into application, sensing, communication, security, and data planes and put an emphasis on the data plane as the mainstay of computing and data storage. We investigate (i) a centralized and distributed implementation of data plane’s physical infrastructure and (ii) a complementary application of data analytics, machine learning, deep learning, and data visualization to implement robust machine intelligence in a smart city software core. We finalize our article with pointers to open issues and challenges.
... In the USA, the privacy VOLUME 6, 2018 of PHI is strictly mandated by Health Information Privacy and Accountability Act (HIPAA) laws [54]. To prevent violation of the HIPAA laws (and similar laws around the globe), an MCPS consists of a component that encrypts/decrypts data that is being transmitted between any two nodes of the MCPS that can be temporarily intercepted by adversaries [419], with the intention to steal or modify the acquired patient medical data. For example, an adversary can intercept the Bluetooth communication of the WBAN on the patient's body with the intention to infer the patient's health condition, even if in rough form (e.g., healthy vs. abnormal), without actually accessing the data [414]. ...
Today, the US healthcare industry alone can save $300 B per year by using machine intelligence to analyze a rich set of existing medical data; results from these analyses can lead to breakthroughs such as more accurate medical diagnoses, discovery of new cures for diseases, and cost savings in the patient admission process at healthcare organizations. Because healthcare applications intrinsically imply a vast amount of data, the execution of any algorithm on medical data is computationally intensive. Significant advancements made in computational power in the past decade has provided the opportunity for many researchers to successfully implement various machine intelligencebased healthcare applications, which didn’t run efficiently on earlier computational platforms. In this paper, we provide a survey of machine intelligence algorithms within the context of healthcare applications; our survey includes a comprehensive list of the most commonly used computational models and algorithms. We view the application of these algorithms in multiple steps, namely data acquisition, feature extraction and aggregation, modeling, algorithm training, and algorithm execution and provide details —as well as representative case studies— for each step. We provide a set of metrics that are used to evaluate modeling and algorithmic performance, which facilitate the comparison of the presented models and algorithms. Medical cyber physical systems are presented as an emerging application case study of machine intelligence in healthcare. We conclude our paper by providing a list of opportunities and challenges for incorporating machine intelligence in healthcare applications and provide an extensive list of tools and databases to help other researchers.
... They also proposed a dimension-modulus reduction technique by which the size of cipher text is reduced and the complexity of decryption algorithm is shortened. Ames et al. (2015) developed a scheme for a cloud based health monitoring system based on homomorphic encryption. Their proposal is based on the Branching Programs. ...
In this chapter, a cloud security mechanism is described in which the computation (addition) of messages securely stored on the cloud is possible. Any user encrypts the secret message using the receiver's public key and stores it. Later on, whenever the stored message is required by an authentic user, he retrieves the encrypted message and decrypts it by using his secret key. However, he can also request the cloud for an addition of encrypted messages. The cloud system only computes the requested addition and sends it to the authentic user; it cannot decrypt the stored encrypted messages on its own. This addition of encrypted messages should be the same as the encryption of the addition of original messages. In this chapter, the authors propose a homomorphic encryption technique in which the above-discussed scenario is possible. The cloud securely computes the addition of the encrypted messages which is ultimately the encryption of the addition of the original messages. The security of the proposed encryption technique depends on the hardness of elliptic curve hard problems.
... To cope with computing and storage limitations in handling crowdsensed big data, and improve data quality, the authors in [66] present the architectural design of cloud based big data analytics. Authors in [67]- [69] study the big data analytics using novel encryption algorithms -such as homomorphic encryption-to eliminate privacy concerns on medical data. ...
In mobile crowd-sensing systems, the value of crowdsensed big data can be increased by incentivizing the users appropriately. Since data acquisition is participatory, crowdsensing systems face the challenge of data trustworthiness and truthfulness assurance in the presence of adversaries whose motivation can be either manipulating sensed data or collaborating unfaithfully with the motivation of maximizing their income. This paper proposes a game theoretic methodology to ensure trustworthiness in user recruitment in mobile crowd-sensing systems. The proposed methodology is a platform-centric framework that consists of three phases: User recruitment, collaborative decision making on trust scores, and badge rewarding. In the proposed framework, users are incentivized by running sub-game perfect equilibrium (SPE) and gamification techniques. Through simulations, we show that approximately 50% and a minimum of 15% improvement can be achieved by the proposed methodology in terms of platform and user utility, respectively, when compared to fully-distributed and user-centric trustworthy crowd-sensing.
... • A branching program based FHE implementation for e cient comparison operation is proposed [24]. This implementation reduces multiplication-depth compared to the circuit-based approach and improves the performance up to 20x with the availability of parallel processors. ...
... Such a process works even when the numbers are expressed in binary format. The problem of determining whether X > Y is equivalent to determining whether there exists a path from the vertex s to the vertex t in the incident graph [24,129]. In Figure 6.3, the example on the left considers X > Y and the incident graph has a path from s and t. ...
Current financial and regulatory pressure has provided strong incentives to in- stitute better disease prevention, improved patient monitoring, and push U.S. healthcare into the digital era. Outsourcing medical applications to a cloud oper- ator helps healthcare organizations (HCO) to provide better patient care without increasing the associated costs. Despite these advantages, the adoption of medi- cal cloud computing by HCO’s has been slow due to the strict regulations on the privacy of Personal Health Information (PHI) dictated by The Health Insurance Portability and Accountability Act (HIPAA).
In this dissertation, we propose a novel privacy-preserving medical cloud com- puting system with an emphasis on “secure computation.” The proposed system enables monitoring patients remotely outside the HCO using ECG signals. To eliminate privacy concerns associated with the public cloud providers, we uti- lize Fully Homomorphic Encryption (FHE) to enable computations on encrypted PHI data. Despite well-known performance penalties associated with FHE, we propose two methods for an e cient implementation. Specifically, we model our applications using two computational models: circuit and branching program, and propose optimizations to improve run-time performance. We compare our FHE- based solution with conventional and Attribute Based Encryption schemes for secure a) storage, b) computation, and c) sharing of the medical data. We show that despite the overhead compared to existing encryption schemes, our system can be implemented with a reasonable budget with major public cloud service providers. With the recent advances on FHE coupled with the decreasing costs of cloud services, we argue that our study is a novel step towards privacy-preserving cloud-based health monitoring that can improve the diagnosis of cardiac diseases, which are responsible for the highest percentage of deaths in the United States.
... Branching programs offer an alternate method for representing Boolean functions. Ames et al. [31] present a branching program formulation for secure health monitoring using homomorphic encryption. Ames et al. [31] present simulation results on real ECG (which stands for electrocardiogram) data, and note that their approach of using branching programs provides significant speedup in comparison to methods using traditional circuits. ...
... Ames et al. [31] present a branching program formulation for secure health monitoring using homomorphic encryption. Ames et al. [31] present simulation results on real ECG (which stands for electrocardiogram) data, and note that their approach of using branching programs provides significant speedup in comparison to methods using traditional circuits. It could be a very interesting avenue for future research to explore the use of garbled circuits in conjunction with branching programs, especially for secure cloud computing applications and mobile big data systems. ...
Cloud computing systems enable clients to rent and share computing resources of third party platforms, and have gained widespread use in recent years. Numerous varieties of mobile, small-scale devices such as smartphones, red e-health devices, etc., across users, are connected to one another through the massive internetwork of vastly powerful servers on the cloud. While mobile devices store “private information” of users such as location, payment, health data, etc., they may also contribute “semi-public information” (which may include crowdsourced data such as transit, traffic, nearby points of interests, etc.) for data analytics. In such a scenario, a mobile device may seek to obtain the result of a computation, which may depend on its private inputs, crowdsourced data from other mobile devices, and/or any “public inputs” from other servers on the Internet. We demonstrate a new method of delegating real-world computations of resource-constrained mobile clients using an encrypted program known as the garbled circuit. Using the garbled version of a mobile client’s inputs, a server in the cloud executes the garbled circuit and returns the resulting garbled outputs. Our system assures privacy of the mobile client’s input data and output of the computation, and also enables the client to verify that the evaluator actually performed the computation. We analyze the complexity of our system. We measure the time taken to construct the garbled circuit as well as evaluate it for varying number of servers. Using real-world data, we evaluate our system for a practical, privacy preserving search application that locates the nearest point of interest for the mobile client to demonstrate feasibility.
