政大機構典藏-National Chengchi University Institutional Repository(NCCUR):Item 140.119/124876

English | 正體中文 | 简体中文 | Post-Print筆數 : 27 | Items with full text/Total items : 110944/141864 (78%)
Visitors : 47994880 Online Users : 1113

RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.

Scope

please add "double quotation mark" for query phrases to get precise results

please goto advance search for comprehansive author search

Adv. Search

Home ‧ Login ‧ Upload ‧ Help ‧ About ‧ Administer

Goto mobile version

政大機構典藏 > 資訊學院 > 資訊科學系 > 學位論文 > Item 140.119/124876

Please use this identifier to cite or link to this item: https://nccur.lib.nccu.edu.tw/handle/140.119/124876

Title:	應用 Intel SGX 於多重資料源功能加密：落實機器學習二元分類 Applying Intel SGX for Multi-Input Functional Encryption on Binary Classification of Machine Learning
Authors:	林信甫 Lin, Sin-Fu
Contributors:	胡毓忠 Hu, Yuh-Jong 林信甫 Lin, Sin-Fu
Keywords:	隱私保護雲端計算安全功能加密多重資料源功能加密安全式機器學習 Privacy protection Secure cloud computing Functional encryption Multi-input functional encryption Intel SGX
Date:	2019
Issue Date:	2019-08-07 16:37:01 (UTC+8)
Abstract:	網際網路和行動裝置高度普及，各式各樣的隱私資料上傳至雲端進行分析運用，然而駭客入侵雲端作業系統、VMM (Virtual Machine Monitor) 或雲端管理員擁有權限查看資料等眾多攻擊面向，皆使得個人隱私資料面臨洩漏風險。本研究使用Intel所提出軟硬體可信執行環境解決方案：SGX (Software Guard Extensions) ，為雲端隱私保護議題提出一個包含使用者、雲端業者、SecaaS（Security as a Service）和MLaaS（Machine Learning as a Service）提供者等四種角色的架構，並設計各個角色間資料、加解密過程與運算流程，以多重資料源功能加密於機器學習的應用，說明此架構滿足資料在儲存、傳遞、使用中皆擁有隱私保護效果。本論文亦闡述SGX限制與安全議題，並進一步與差分隱私、全同態加密進行隱私保護應用之比較。 Due to the fact that mobile devices and the usage of the internet have become integral parts of our lives, various kinds of private data have been collected and uploaded to the cloud for analysis. Followed by, hackers attack cloud OS, VMM(Virtual Machine Monitor); cloud administrators take on unauthorized action, all leave privacy data at risk. This research aims to resolve the issue by conducting SGX (Software Guard Extensions), Intel’s software and hardware trusted execution environment solution, to propose a software architecture. The designed architecture contains four characters, Users, Cloud Service Provider, Security as a Service and Machine Learning as a Service, which then designed data flow, encryption/decryption flow as well as computation flow between the characters. To explain how the architecture meets the privacy protection demands of data at all time (at-rest, in-transit, and in-use), the research takes Multi-Input Functional Encryption on binary classification of Machine Learning as examples.
Reference:	[1] C. Gentry, A fully homomorphic encryption scheme. Stanford University, 2009. [2] D. Boneh, A. Sahai, and B. Waters, “Functional encryption: definitions and challenges,” in Theory of Cryptography Conference, pp. 253–273, Springer, 2011. [3] C. Dwork, “Differential privacy: A survey of results,” in International Conference on Theory and Applications of Models of Computation, pp. 1–19, Springer, 2008. [4] C. Gentry and S. Halevi, “Implementing Gentry’ s fully-homomorphic encryption scheme,” in Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 129–148, Springer, 2011. [5] M. Van Dijk and A. Juels, “On the impossibility of cryptography alone for privacypreserving cloud computing.,” HotSec, vol. 10, pp. 1–8, 2010. [6] K. Lewi et al., “5Gen: A framework for prototyping applications using multilinear maps and matrix branching programs,” in Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 981–992, ACM, 2016. [7] B. Gellman and A. Soltani, “NSA infiltrates links to Yahoo, Google data centers worldwide, snowden documents say,” The Washington Post, vol. 30, p. 2013, 2013. [8] R. A. Popa et al., “CryptDB: protecting confidentiality with encrypted query processing,” in Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, pp. 85–100, ACM, 2011. [9] F. McKeen et al., “Innovative instructions and software model for isolated execution.,” HASP@ ISCA, vol. 10, 2013. [10] I. Intel, “Software guard extensions programming reference, revision 2.” [11] Y. Lindell, “The security of Intel SGX for key protection and data privacy applications,” 2018. [12] M. R. Albrecht et al., “Implementing candidate graded encoding schemes from ideal lattices,” in International Conference on the Theory and Application of Cryptology and Information Security, pp. 752–775, Springer, 2014. [13] J.-S. Coron, T. Lepoint, and M. Tibouchi, “Practical multilinear maps over the integers,” in Advances in Cryptology–CRYPTO 2013, pp. 476–493, Springer, 2013. [14] B. Fisch et al., “Iron: functional encryption using Intel SGX,” in Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 765–782, ACM, 2017. [15] J. W. Bos, K. Lauter, and M. Naehrig, “Private predictive analysis on encrypted medical data,” Journal of biomedical informatics, vol. 50, pp. 234–243, 2014. [16] R. Bost, R. A. Popa, S. Tu, and S. Goldwasser, “Machine learning classification over encrypted data.,” in NDSS, p. 432, 2015. [17] K. Bache and M. Lichman, “Uci machine learning repository,” 2013. [18] F. Schuster and other, “Vc3: Trustworthy data analytics in the cloud using SGX,” in Security and Privacy (SP), 2015 IEEE Symposium on, pp. 38–54, IEEE, 2015. [19] A. Baumann, M. Peinado, and G. Hunt, “Shielding applications from an untrusted cloud with haven,” ACM Transactions on Computer Systems (TOCS), vol. 33, no. 3, p. 8, 2015. [20] P. C. Kocher, “Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems,” in Annual International Cryptology Conference, p. 104–113, Springer, 1996. [21] W. Wang et al., “Leaky cauldron on the dark land: understanding memory sidechannel hazards in SGX,” in Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, p. 2421–2434, ACM, 2017. [22] F. Brasser et al., “Software grand exposure:SGX cache attacks are practical,” in 11th USENIX Workshop on Offensive Technologies (WOOT 17), 2017. [23] A. Moghimi, T. Eisenbarth, and B. Sunar, “Memjam: A false dependency attack against constant-time crypto implementations in SGX,” in Cryptographers’ Track at the RSA Conference, p. 21–44, Springer, 2018. [24] G. Chen et al., “Sgxpectre attacks: Leaking enclave secrets via speculative execution,” arXiv preprint arXiv:1802.09085, 2018.
Description:	碩士國立政治大學資訊科學系 1049710011
Source URI:	http://thesis.lib.nccu.edu.tw/record/#G1049710011
Data Type:	thesis
DOI:	10.6814/NCCU201900580
Appears in Collections:	[資訊科學系] 學位論文

Files in This Item:

File	Size	Format
001101.pdf	3139Kb	Adobe PDF2	0	View/Open

All items in 政大典藏 are protected by copyright, with all rights reserved.

社群 sharing

著作權政策宣告 Copyright Announcement

1.本網站之數位內容為國立政治大學所收錄之機構典藏，無償提供學術研究與公眾教育等公益性使用，惟仍請適度，合理使用本網站之內容，以尊重著作權人之權益。商業上之利用，則請先取得著作權人之授權。
The digital content of this website is part of National Chengchi University Institutional Repository. It provides free access to academic research and public education for non-commercial use. Please utilize it in a proper and reasonable manner and respect the rights of copyright owners. For commercial use, please obtain authorization from the copyright owner in advance.

2.本網站之製作，已盡力防止侵害著作權人之權益，如仍發現本網站之數位內容有侵害著作權人權益情事者，請權利人通知本網站維護人員(nccur@nccu.edu.tw)，維護人員將立即採取移除該數位著作等補救措施。
NCCU Institutional Repository is made to protect the interests of copyright owners. If you believe that any material on the website infringes copyright, please contact our staff(nccur@nccu.edu.tw). We will remove the work from the repository and investigate your claim.

DSpace Software Copyright © 2002-2004 MIT & Hewlett-Packard / Enhanced by NTU Library IR team Copyright © - Feedback