The main impediment to a wide adoption of outsourcing storage and computing services is the need to keep the client's data private. Clients may directly own the data, or it can belong to third parties such as customers of the client in which case there may be a contractual or legal obligation to keep this data private. The data may be outsourced to external services due to it enormity or due to the complexity of the computations to be performed on the data. This project investigates how to design secure and private database services so they can be integrated within a larger design of secure systems. The broad impact of this work is new methods to ensure the private manipulations of large data sets in an efficient and easy to integrate manner, which is of vital importance to enable utilization of cloud services.
The investigators study mechanisms that allow one to privately outsource large amounts of data to the cloud and privately execute various computations over this data. The data may change over time which will require the design of efficient methods to update the data while maintaining its privacy which do not increase dramatically with the size of the database. The project focuses on the composability of the security guarantees provided, so as to ensure that the overall privacy and security guarantees of a service can be deduced from the properties of its components.
