A Light-Weight Solution to Preservation of Access Pattern Privacy in Un-trusted Clouds

  • Ka Yang
  • Jinsheng Zhang
  • Wensheng Zhang
  • Daji Qiao
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6879)


Cloud computing is a new computing paradigm that is gaining increased popularity. More and more sensitive user data are stored in the cloud. The privacy of users’ access pattern to the data should be protected to prevent un-trusted cloud servers from inferring users’ private information or launching stealthy attacks. Meanwhile, the privacy protection schemes should be efficient as cloud users often use thin client devices to access the cloud. In this paper, we propose a lightweight scheme to protect the privacy of data access pattern. Comparing with existing state-of-the-art solutions, our scheme incurs less communication and computational overhead, requires significantly less storage space at the cloud user, while consuming similar storage space at the cloud server. Rigorous proofs and extensive evaluations have been conducted to demonstrate that the proposed scheme can hide the data access pattern effectively in the long run after a reasonable number of accesses have been made.


Cloud Computing Data Item Cloud Server Storage Location Access Pattern 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Armbrust, M., Fox, A., Griffith, R., Joseph, A.D., Katz, R.H., Konwinski, A., Lee, G., Patterson, D.A., Rabkin, A., Stoica, I., Zaharia, M.: Above the clouds: A berkeley view of cloud computing. Tech. Rep. UCB-EECS (2009)Google Scholar
  2. 2.
  3. 3.
    Bloom, B.H.: Space/time trade-offs in hash coding with allowable errors. Communications of the ACM 13 (1970)Google Scholar
  4. 4.
    Chor, B., Gilboa, N.: Computationally private information retrieval. In: Proc. STOC 1997 (1997)Google Scholar
  5. 5.
    Chor, B., Goldreich, O., Kushilevitz, E., Sudan, M.: Private information retrieval. In: Proc. FOCS 1998 (1998)Google Scholar
  6. 6.
    Diaz, C., Troncoso, C., Preneel, B.: A framework for the analysis of mix-based steganographic file systems. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol. 5283, pp. 428–445. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  7. 7.
    Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M., Boneh, D.: Terra: A virtual machine-based platform for trusted computing. In: Proc. SOSP 2003 (2003)Google Scholar
  8. 8.
    Goldreich, O.: Towards a theory of software protection and simulation by oblivious rams. In: Proc. STOC 1987 (1987)Google Scholar
  9. 9.
    Goldreich, O., Ostrovsky, R.: Software protection and simulation on oblivious ram. In: JACM 1996 (1996)Google Scholar
  10. 10.
    Itkis, G.: Personal communication, via oded goldreich (1996)Google Scholar
  11. 11.
    Kushilevitz, E., Ostrovsky, R.: Replication is not needed: Single database, computationally-private information retrieval. In: Proc. IEEE Symposium on Foundations of Computer Science (1997)Google Scholar
  12. 12.
    Mell, P., Grance, T.: Draft: Nist working definition of cloud computing (2010)Google Scholar
  13. 13.
    Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)CrossRefzbMATHGoogle Scholar
  14. 14.
    Ostrovsky, R., Shoup, V.: Private information storage. In: Proc. STOC 1997 (1997)Google Scholar
  15. 15.
    Sion, R., Carbunar, B.: On the computational practicality of private information retrieval. In: Proc. NDSS 2007 (2007)Google Scholar
  16. 16.
    Troncoso, C., Diaz, C., Dunkelman, O., Preneel, B.: Traffic analysis attacks on a continuously-observable steganographic file system. In: Furon, T., Cayre, F., Doërr, G., Bas, P. (eds.) IH 2007. LNCS, vol. 4567, pp. 220–236. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  17. 17.
    De Capitani di Vimercati, S., Foresti, S., Paraboschi, S., Pelosi, G., Samarati, P.: Efficient and private access to outsourced data. In: Proc. ICDCS 2011 (2011)Google Scholar
  18. 18.
    Wang, C., Wang, Q., Ren, K., Lou, W.: Ensuring data storage security in cloud computing. In: Proc. IWQoS 2009 (2009)Google Scholar
  19. 19.
    Wang, C., Wang, Q., Ren, K., Lou, W.: Secure ranked keyword search over encrypted cloud data. In: Proc. ICDCS 2010 (2010)Google Scholar
  20. 20.
    Williams, P., Sion, R., Carbunar, B.: Building castles out of mud: practical access pattern privacy and correctness on untrusted storage. In: Proc. CCS 2008 (2008)Google Scholar
  21. 21.
    Yang, K., Zhang, J., Zhang, W., Qiao, D.: A light-weight solution to preservation of access pattern privacy in un-trusted clouds. Technical Report (2011),
  22. 22.
  23. 23.
    Yu, S., Wang, C., Ren, K., Lou, W.: Achieving secure, scalable, and fine-grained access control in cloud computing. In: Proc. INFOCOM 2010 (2010)Google Scholar
  24. 24.
    Zhou, X., Pang, H., Tan, K.L.: Hiding data accesses in steganographic file system. In: Proc. ICDE 2004 (2004)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Ka Yang
    • 1
  • Jinsheng Zhang
    • 1
  • Wensheng Zhang
    • 1
  • Daji Qiao
    • 1
  1. 1.Iowa State UniversityAmesUSA

Personalised recommendations