Welcome to the ADMT Publication Server

PolyStream: Cryptographically Enforced Access Controls for Outsourced Data Stream Processing

DocUID: 2016-006 Full Text: PDF

Author: Cory Thoma, Adam J. Lee, Alexandros Labrinidis

Abstract: With data becoming available in larger quantities and at higher rates, new data processing paradigms have been proposed to handle high-volume, fast-moving data. Data Stream Processing is one such paradigm wherein transient data streams flow through sets of continuous queries, only returning results when data is of interest to the querier. To avoid the large costs associated with maintaining the infrastructure required for processing these data streams, many companies will outsource their computation to third-party cloud services. This outsourcing, however, can lead to private data being accessed by parties that a data provider may not trust. The literature offers solutions to this confidentiality and access control problem but they have fallen short of providing a complete solution to these problems, due to either immense overheads or trust requirements placed on these third-party services. To address these issues, we have developed PolyStream, an enhancement to existing data stream management systems that enables data providers to specify attribute-based access control policies that are cryptographically enforced while simultaneously allowing many types of in-network data processing. We detail the access control models and mechanisms used by PolyStream, and describe a novel use of security punctuations that enables flexible, online policy management and key distribution. We detail how queries are submitted and executed using an unmodified Data Stream Management System, and show through an extensive evaluation that PolyStream yields a 550x performance gain versus the state-of-the-art system StreamForce in Codaspy 2014, while providing greater functionality to the querier

Keywords: Access Control, Data Streams, Security Punctuations

Published In: Symposium on Access Control Models and Technologies

ISBN: 978-1-4503-3802-8/16/06

Place Published: Shanghai, China

Year Published: 2016

Project: Others Subject Area: Data Privacy, Data Streams

Publication Type: Conference Paper

Sponsor: NSF OIA-1028162, CNS-1228697, CNS-1253204, Career IIS-0746696

Citation:Text Latex BibTex XML Cory Thoma, Adam J. Lee, and Alexandros Labrinidis. PolyStream: Cryptographically Enforced Access Controls for Outsourced Data Stream Processing. Symposium on Access Control Models and Technologies. 2016. Shanghai, China.