A Generalized Framework for Preserving Both Privacy and Utility in Data Outsourcing

Property preserving encryption techniques have significantly advanced the utility of encrypted data in data outsourcing. However, while preserving certain properties (e.g., the prefixes or order of the data) in the encrypted data, such encryption schemes are typically limited to specific data types (e.g., IP addresses) or applications (e.g., range queries over order-preserved data), and highly vulnerable to the emerging inference attacks which may greatly limit their applications in practice. In this paper, to the best of our knowledge, we make the first attempt to generalize the prefix-preserving encryption to make it applicable to more general data types (e.g., geo-locations, market basket data, DNA sequences, numerical data and timestamps) and secure against the inference attacks. Furthermore, we present a generalized multi-view outsourcing framework that generates multiple indistinguishable data views in which one view fully preserves the utility for data analysis, and its accurate analysis result can be obliviously retrieved. We empirically evaluate the performance of our outsourcing framework against two common inference attacks on two different real datasets: the check-in location dataset and network traffic dataset. The experimental results demonstrate that our proposed framework preserves both privacy (with bounded leakage and indistinguishable data views) and utility (with 100% analysis accuracy).