English  |  正體中文  |  简体中文  |  Post-Print筆數 : 27 |  Items with full text/Total items : 113822/144841 (79%)
Visitors : 51827814      Online Users : 678
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version
    政大機構典藏 > 資訊學院 > 資訊科學系 > 學位論文 >  Item 140.119/124876
    Please use this identifier to cite or link to this item: https://nccur.lib.nccu.edu.tw/handle/140.119/124876


    Title: 應用 Intel SGX 於多重資料源功能加密:落實機器學習二元分類
    Applying Intel SGX for Multi-Input Functional Encryption on Binary Classification of Machine Learning
    Authors: 林信甫
    Lin, Sin-Fu
    Contributors: 胡毓忠
    Hu, Yuh-Jong
    林信甫
    Lin, Sin-Fu
    Keywords: 隱私保護
    雲端計算安全
    功能加密
    多重資料源功能加密
    安全式機器學習
    Privacy protection
    Secure cloud computing
    Functional encryption
    Multi-input functional encryption
    Intel SGX
    Date: 2019
    Issue Date: 2019-08-07 16:37:01 (UTC+8)
    Abstract: 網際網路和行動裝置高度普及,各式各樣的隱私資料上傳至雲端進行分析運用,然而駭客入侵雲端作業系統、VMM (Virtual Machine Monitor) 或雲端管理員擁有權限查看資料等眾多攻擊面向,皆使得個人隱私資料面臨洩漏風險。本研究使用Intel所提出軟硬體可信執行環境解決方案:SGX (Software Guard Extensions) ,為雲端隱私保護議題提出一個包含使用者、雲端業者、SecaaS(Security as a Service)和MLaaS(Machine Learning as a Service)提供者等四種角色的架構,並設計各個角色間資料、加解密過程與運算流程,以多重資料源功能加密於機器學習的應用,說明此架構滿足資料在儲存、傳遞、使用中皆擁有隱私保護效果。本論文亦闡述SGX限制與安全議題,並進一步與差分隱私、全同態加密進行隱私保護應用之比較。
    Due to the fact that mobile devices and the usage of the internet have become integral parts of our lives, various kinds of private data have been collected and uploaded to the cloud for analysis. Followed by, hackers attack cloud OS, VMM(Virtual Machine Monitor); cloud administrators take on unauthorized action, all leave privacy data at risk. This research aims to resolve the issue by conducting SGX (Software Guard Extensions), Intel’s software and hardware trusted execution environment solution, to propose a software architecture. The designed architecture contains four characters, Users, Cloud Service Provider, Security as a Service and Machine Learning as a Service, which then designed data flow, encryption/decryption flow as well as computation flow between the characters. To explain how the architecture meets the privacy protection demands of data at all time (at-rest, in-transit, and in-use), the research takes Multi-Input Functional Encryption on binary classification of Machine Learning as examples.
    Reference: [1] C. Gentry, A fully homomorphic encryption scheme. Stanford University, 2009.
    [2] D. Boneh, A. Sahai, and B. Waters, “Functional encryption: definitions and challenges,” in Theory of Cryptography Conference, pp. 253–273, Springer, 2011.
    [3] C. Dwork, “Differential privacy: A survey of results,” in International Conference
    on Theory and Applications of Models of Computation, pp. 1–19, Springer, 2008.
    [4] C. Gentry and S. Halevi, “Implementing Gentry’ s fully-homomorphic encryption
    scheme,” in Annual International Conference on the Theory and Applications of
    Cryptographic Techniques, pp. 129–148, Springer, 2011.
    [5] M. Van Dijk and A. Juels, “On the impossibility of cryptography alone for privacypreserving cloud computing.,” HotSec, vol. 10, pp. 1–8, 2010.
    [6] K. Lewi et al., “5Gen: A framework for prototyping applications using multilinear
    maps and matrix branching programs,” in Proceedings of the 2016 ACM SIGSAC
    Conference on Computer and Communications Security, pp. 981–992, ACM, 2016.
    [7] B. Gellman and A. Soltani, “NSA infiltrates links to Yahoo, Google data centers
    worldwide, snowden documents say,” The Washington Post, vol. 30, p. 2013, 2013.
    [8] R. A. Popa et al., “CryptDB: protecting confidentiality with encrypted query processing,” in Proceedings of the Twenty-Third ACM Symposium on Operating Systems
    Principles, pp. 85–100, ACM, 2011.
    [9] F. McKeen et al., “Innovative instructions and software model for isolated execution.,” HASP@ ISCA, vol. 10, 2013.
    [10] I. Intel, “Software guard extensions programming reference, revision 2.”
    [11] Y. Lindell, “The security of Intel SGX for key protection and data privacy applications,” 2018.
    [12] M. R. Albrecht et al., “Implementing candidate graded encoding schemes from ideal
    lattices,” in International Conference on the Theory and Application of Cryptology
    and Information Security, pp. 752–775, Springer, 2014.
    [13] J.-S. Coron, T. Lepoint, and M. Tibouchi, “Practical multilinear maps over the integers,” in Advances in Cryptology–CRYPTO 2013, pp. 476–493, Springer, 2013.
    [14] B. Fisch et al., “Iron: functional encryption using Intel SGX,” in Proceedings of
    the 2017 ACM SIGSAC Conference on Computer and Communications Security,
    pp. 765–782, ACM, 2017.
    [15] J. W. Bos, K. Lauter, and M. Naehrig, “Private predictive analysis on encrypted
    medical data,” Journal of biomedical informatics, vol. 50, pp. 234–243, 2014.
    [16] R. Bost, R. A. Popa, S. Tu, and S. Goldwasser, “Machine learning classification over
    encrypted data.,” in NDSS, p. 432, 2015.
    [17] K. Bache and M. Lichman, “Uci machine learning repository,” 2013.
    [18] F. Schuster and other, “Vc3: Trustworthy data analytics in the cloud using SGX,” in
    Security and Privacy (SP), 2015 IEEE Symposium on, pp. 38–54, IEEE, 2015.
    [19] A. Baumann, M. Peinado, and G. Hunt, “Shielding applications from an untrusted
    cloud with haven,” ACM Transactions on Computer Systems (TOCS), vol. 33, no. 3,
    p. 8, 2015.
    [20] P. C. Kocher, “Timing attacks on implementations of Diffie-Hellman, RSA, DSS,
    and other systems,” in Annual International Cryptology Conference, p. 104–113,
    Springer, 1996.
    [21] W. Wang et al., “Leaky cauldron on the dark land: understanding memory sidechannel hazards in SGX,” in Proceedings of the 2017 ACM SIGSAC Conference on
    Computer and Communications Security, p. 2421–2434, ACM, 2017.
    [22] F. Brasser et al., “Software grand exposure:SGX cache attacks are practical,” in 11th
    USENIX Workshop on Offensive Technologies (WOOT 17), 2017.
    [23] A. Moghimi, T. Eisenbarth, and B. Sunar, “Memjam: A false dependency attack
    against constant-time crypto implementations in SGX,” in Cryptographers’ Track
    at the RSA Conference, p. 21–44, Springer, 2018.
    [24] G. Chen et al., “Sgxpectre attacks: Leaking enclave secrets via speculative execution,” arXiv preprint arXiv:1802.09085, 2018.
    Description: 碩士
    國立政治大學
    資訊科學系
    1049710011
    Source URI: http://thesis.lib.nccu.edu.tw/record/#G1049710011
    Data Type: thesis
    DOI: 10.6814/NCCU201900580
    Appears in Collections:[資訊科學系] 學位論文

    Files in This Item:

    File SizeFormat
    001101.pdf3139KbAdobe PDF20View/Open


    All items in 政大典藏 are protected by copyright, with all rights reserved.


    社群 sharing

    著作權政策宣告 Copyright Announcement
    1.本網站之數位內容為國立政治大學所收錄之機構典藏,無償提供學術研究與公眾教育等公益性使用,惟仍請適度,合理使用本網站之內容,以尊重著作權人之權益。商業上之利用,則請先取得著作權人之授權。
    The digital content of this website is part of National Chengchi University Institutional Repository. It provides free access to academic research and public education for non-commercial use. Please utilize it in a proper and reasonable manner and respect the rights of copyright owners. For commercial use, please obtain authorization from the copyright owner in advance.

    2.本網站之製作,已盡力防止侵害著作權人之權益,如仍發現本網站之數位內容有侵害著作權人權益情事者,請權利人通知本網站維護人員(nccur@nccu.edu.tw),維護人員將立即採取移除該數位著作等補救措施。
    NCCU Institutional Repository is made to protect the interests of copyright owners. If you believe that any material on the website infringes copyright, please contact our staff(nccur@nccu.edu.tw). We will remove the work from the repository and investigate your claim.
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback