Elsevier

Knowledge-Based Systems

Volume 180, 15 September 2019, Pages 104-115
Knowledge-Based Systems

Privacy preserving service selection using fully homomorphic encryption scheme on untrusted cloud service platform

https://doi.org/10.1016/j.knosys.2019.05.022Get rights and content

Abstract

In this paper, we present a privacy-preserving service selection framework for cloud-based service systems. In the cloud-based service system, a cloud provider selects the best service from a set of services based on their Quality-of-Service (QoS) information. The QoS information of services is sensitive from the service provider’s point of view. We claim that the service selection process in the cloud can be biased. A service provider can bribe a dishonest employee of the cloud provider for taking unfair advantage during a service selection process. Therefore, it is important to execute the service selection tasks keeping QoS information private. We use a fully homomorphic encryption (FHE) scheme in this paper for encrypting QoS values. Service selection task is performed by the cloud provider on encrypted QoS values to ensure privacy. In order to reduce computation overhead, we propose a MapReduce model for parallel execution. We conduct several experiments to evaluate the performance of our proposed privacy preserving service selection framework using synthetic QoS dataset.

Introduction

The cloud computing technology is a key service delivery platform in the field of service computing [1]. The technology enables a cloud service ecosystem that allows multiple service providers to participate and provision their services to end users [2]. Individuals and organizations register as service providers and publish their service related data in the cloud. The service-related data is abstracted as a service. A cloud provider acts as an intermediary for selecting services based on the better quality-of-service (QoS) parameters. We argue that the service selection process executed by the cloud can be biased. The cloud-based service ecosystems are designed under the assumption that a cloud provider is fundamentally trusted [2]. However, the cloud cannot be fully trusted from the data privacy point-of-view [3], [4], [5], [6]. The QoS values of services are stored in the cloud as plaintexts. Therefore, it is hard to keep a cloud provider, or disgruntled employees of the cloud provider, from introspecting on the QoS values. The QoS values of services can be manipulated during service selection phase to give the advantage to a particular service provider. As a result, the service from that service provider is selected most of the time during service selection phase. This leads to is clearly a threat to the privacy of service providers.

A great amount of work existing work considers issues of QoS-aware services selection. The QoS-aware service selection solutions in [7], [8], [9], [10], [11], [12], [13], [14], [15] focus on different aspects of finding the optimal service selection. However, none of the aforementioned research works takes into account the privacy of users and service providers. Only few works have investigated privacy issues in service selection [16], [17] and composition [18], [19], [20], [21]. Aforementioned research work focuses on user’s privacy. More specifically, existing privacy aware service selection and composition approaches model a relationship between user and service provider privacy preferences. In particular, existing works fails to provide privacy of QoS-aware service selection at the cloud keeping service QoS values private. To the best of our knowledge, no research work exists that perform service selection keeping corresponding QoS values private.

In order to discuss the privacy issue in the cloud-based service system, we consider a generic service scenario. Assume that the cloud has several components: service registry, Quality-of-Service (QoS) database, QoS Monitor, and service mediator. A service registry stores service instances and their functional information. A service needs to be registered in the service registry by its service provider to be considered in the selection process. The QoS repository is the database that stores values of Quality-of-Services (QoSs) or nonfunctional properties associated with registered services. QoS values in the QoS repository are used to find the best service during service selection. A service monitor is a component of the cloud that monitors services in service registry, determines QoS values, and updates QoS values in the QoS database. The service mediator takes service request from service users and selects best services based on QoS properties of stored in QoS database. Afterward, the service mediator sends a list of selected services to the service user.

There exists a privacy threat in the aforementioned service system. The threat scenario is illustrated in Fig. 1. It is possible that a dishonest employee of the cloud provider takes a bribe from service providers to manipulate QoS values stored in the QoS database. For example, the dishonest employee observes the other QoS values in the QoS database and changes the QoS values of the bribing service provider to get advantage. The privacy of other service providers is breached. As a result, the service selection tasks executed using the QoS values stored in the QoS database will be biased. From that perspective, a privacy-preserving service system is required for ensuring unbiased service selection.

In this paper, we present a novel privacy preserving service selection framework for the cloud-based service system. We assume that the cloud provider is not trusted. Hence, we introduce a trusted third-party or TTP in this paper. A TTP is composed of a service registry and service monitor. There are several service providers that publish their service information in the service registry. The cloud provider abstracts the service information as service. The service monitor observes published services and determines QoS values. The QoS values are encrypted using the service monitor’s secret key and stored in an encrypted QoS database placed in the cloud. We use the Fully homomorphic encryption (FHE) scheme [22] in this paper for encrypting QoS values. More specifically, we use Brakerski–Gentry–Vaikuntanathan (BGV) [23] FHE scheme for encrypting QoS values. The service selection process is performed by the cloud on encrypted QoS values to ensure service providers’ privacy. We use the service selection approach that is presented in [15]. The service selection tasks on encrypted QoS data introduces computational overhead. Therefore, we design a MapReduce [24] based parallel task distribution model for reducing the computational overhead of our proposed privacy-preserving service selection framework.

The contributions of this paper are highlighted as follows:

  • 1.

    A novel privacy preserving service selection framework using Brakerski–Gentry–Vaikuntanathan (BGV) FHE scheme is presented.

  • 2.

    A MapReduce based parallel task distribution model is designed and implemented to deal with the involved computational overheads.

  • 3.

    A comprehensive evaluation of the proposed framework is presented. Experimental results demonstrate that the proposed privacy-preserving service selection framework works efficiently when compared to the results obtained using plaintext QoS values.

The rest of the paper is organized as follows: Section 2presents preliminary concepts that are used in this paper. The proposed privacy preserving service selection framework is described in Section 3. Experimental results and evaluation are demonstrated in Section 4. Some of the key related work on service selection and privacy preservation in service computing are discussed in Section 5. Some of the alternative distributed programming models to MapReduce are discussed in Section 5 as well. Finally, Section 6 concludes this paper.

Section snippets

Preliminaries

We discuss some preliminary concepts that are used in this paper. The discussion includes the overview of fully homomorphic encryption (FHE) scheme and BrakerskiGentryVaikuntanathan (BGV) FHE scheme. The BGV is public-key cryptography based FHE scheme. Additionally, we discuss the MapReduce model based distribution approach.

Proposed privacy preserving service selection framework in untrusted cloud service platform

In this section, we discuss our proposed privacy-preserving service selection framework in detail. First, we discuss the architecture of the proposed framework. Second, the QoS model of the framework is described. Third, we present the original QoS-aware service selection approach on top of which our privacy preserving service selection approach is built. Fourth, our proposed fully homomorphic encryption based privacy-preserving service selection approach is described. Fifth, a MapReduce model

Experimental results and discussion

We conduct a set of experiments for evaluating performance of our proposed privacy preserving QoS-aware service selection framework.

Related work

In this section, we discuss some key research works on QoS aware service selection and privacy preserving service selections. Additionally, we briefly discuss some of the distributed data processing models alternative to the MapReduce model that can be used to reduce the computational overhead in the proposed privacy-preserving Service selection framework.

QoS-aware service selection. Quality-of-Service (QoS) aware service composition has been fully investigated in [7], [8], [9], [10], [11], [12]

Conclusion

In conclusion, we present novel privacy preserving QoS-aware service selection framework using fully homomorphic encryption scheme. We mainly focus on the novelty of privacy preservation during the service selection process in an untrusted cloud service platform rather than proposing any new service selection algorithm. We conduct several experiments in both centralized and distributed computing environment to evaluate the performance of proposed privacy preserving service selection framework

References (50)

  • AliM. et al.

    Security in cloud computing: Opportunities and challenges

    Inform. Sci.

    (2015)
  • LiJ. et al.

    Fuzzy keyword search over encrypted data in cloud computing

  • WuQ. et al.

    Transactional and qos-aware dynamic service composition based on ant colony optimization

    Future Gener. Comput. Syst.

    (2013)
  • ZhangL.-J. et al.

    Services Computing

    (2007)
  • BestavrosA. et al.

    Toward an open cloud marketplace: Vision and first steps

    IEEE Internet Comput.

    (2014)
  • RahmanM.S. et al.

    A lossless dna data hiding approach for data authenticity in mobile cloud based healthcare systems

    Int. J. Inf. Manage.

    (2018)
  • AlabdulatifA. et al.

    Privacy-preserving anomaly detection in the cloud for quality assured decision-making in smart cities

    J. Parallel Distrib. Comput.

    (2018)
  • WuQ. et al.

    Qos-aware multigranularity service composition: Modeling and optimization

    IEEE Trans. Syst. Man Cybern. Syst.

    (2016)
  • GaoH. et al.

    Toward service selection for workflow reconfiguration: An interface-based computing solution

    Future Gener. Comput. Syst.

    (2018)
  • WuQ. et al.

    Qos-aware multi-granularity service composition based on generalized component services

  • BenatallahB. et al.

    Declarative composition and peer-to-peer provisioning of dynamic web services

  • ZengL. et al.

    Qos-aware middleware for web services composition

    IEEE Trans. Softw. Eng.

    (2004)
  • ZengL. et al.

    Quality driven web services composition

  • CanforaG. et al.

    An approach for qos-aware service composition based on genetic algorithms

  • AlrifaiM. et al.

    Selecting skyline services for qos-based web service composition

  • MassacciF. et al.

    Hierarchical hippocratic databases with minimal disclosure for virtual organizations

    VLDB J. Int. J. Very Large Data Bases

    (2006)
  • SquicciariniA. et al.

    A privacy-preserving approach for web service selection and provisioning

  • CostanteE. et al.

    Privacy-aware web service composition and ranking

  • TbahritiS.-E. et al.

    Privacy-aware daas services composition

  • HewettR. et al.

    Privacy and recovery in composite web service transactions

    Int. J. Inf.

    (2010)
  • XuW. et al.

    A framework for building privacy-conscious composite web services

  • GentryC.

    A Fully Homomorphic Encryption Scheme

    (2009)
  • BrakerskiZ. et al.

    (Leveled) fully homomorphic encryption without bootstrapping

    ACM Trans. Comput. Theory (TOCT)

    (2014)
  • DeanJ. et al.

    Mapreduce: simplified data processing on large clusters

    Commun. ACM

    (2008)
  • LyubashevskyV. et al.

    On ideal lattices and learning with errors over rings

    J. ACM

    (2013)
  • Cited by (31)

    • Blockchain-of-blockchains: An interoperable blockchain platform for ensuring IoT data integrity in smart city

      2022, Journal of Industrial Information Integration
      Citation Excerpt :

      Cloud computing is a prominent technology for provisioning third-party storage and processing as services for sensors and IoT data in the smart city. However, the cloud is considered as an untrusted party as data can be scrutinized by the cloud service provider unauthorizedly, and privacy of data is at risk [7,8]. Moreover, the processing and storage services offered by the cloud relies on centralized administrative control.

    • Machine learning in precision medicine to preserve privacy via encryption

      2021, Pattern Recognition Letters
      Citation Excerpt :

      To deliver targeted, personalized care, personal data (e.g., specific human genome sequencing) must be shared with many professionals in possibly diverse geographic locations or jurisdictions and sometimes over unreliable channels, such as the internet. This poses several risks, such as insider threats, social engineering, distributed denial of service (DDoS), illicit data inferences, cyber bullying/blackmailing, etc. [15]. Unlike protected health information (PHI), precision health data, such as genomic data, not only identifies patients but also multiple generations of their families.

    • Secure collaborative few-shot learning

      2020, Knowledge-Based Systems
      Citation Excerpt :

      In this section, we briefly review differential privacy and homomorphic encryption techniques, then introduce few-shot learning and two popular parameter transfer based few-shot algorithms. Homomorphic encryption is widely used for privacy data storage and computation [32–35], which enables users to obtain correct results after retrieval, comparison and other operations in the encrypted data, without decrypting the data in the whole process. Homomorphic encryption performs particular algebraic operations directly on ciphertext, and the operations generate an encrypted result which matches the result of performing the same operations on plaintext.

    • Towards privacy preserving AI based composition framework in edge networks using fully homomorphic encryption

      2020, Engineering Applications of Artificial Intelligence
      Citation Excerpt :

      The proposed parallel processing for the edge service composition based on the MapReduce model is illustrated in Fig. 5. We adopt the MapReduce model from work in Rahman et al. (2019). There are two main components in the proposed MapReduce model-based edge service composition tasks: edge service mapper and edge service reducer.

    • Novel trajectory privacy-preserving method based on prefix tree using differential privacy

      2020, Knowledge-Based Systems
      Citation Excerpt :

      This method not only protects the data stream from privacy disclosure attacks, but also ensures the correctness of data mining and analysis results, and minimizes information loss and delay time. Rahman et al. [13] presented a privacy protection service selection framework based on the cloud service system. The framework first encrypted the QoS value by using the full homomorphic encryption (FHE) method, and then the cloud provider performed the service selection task on the encrypted QoS value, which ensured the privacy of the data during the use of the system.

    View all citing articles on Scopus

    No author associated with this paper has disclosed any potential or pertinent conflicts which may be perceived to have impending conflict with this work. For full disclosure statements refer to https://doi.org/10.1016/j.knosys.2019.05.022.

    View full text