A Multi-user Oblivious RAM for Outsourced Data

Date
2014-01-01
Authors
Jinsheng, Zhang
Wensheng, Zhang
Qiao, Daji
Journal Title
Journal ISSN
Volume Title
Publisher
Altmetrics
Authors
Qiao, Daji
Person
Research Projects
Organizational Units
Computer Science
Organizational Unit
Journal Issue
Series
Abstract

Outsourcing data to remote storage servers has become more and more popular, but the related security and privacy concerns have also been raised. To protect the pattern in which a user accesses the outsourced data, various oblivious RAM (ORAM) systems have been proposed. However, existing ORAM designs assume a single user or a group of mutually-trusted users to access a remote storage, which makes them inapplicable to many practical scenarios where multiple users share data but may not trust each other. Even if the data-sharing users do trust each other, such systems are vulnerable to the compromise of even a single user. To study the feasibility and costs for overcoming the limitation of existing ORAMs in multi-user scenarios, this paper proposes a new type of ORAM system called Multi-user ORAM (M-ORAM). The key idea is to introduce a new component, i.e., a chain of anonymizers, to act as a common proxy between users and the storage server. M-ORAM can protect the data access pattern of each individual user from others as long as not all anonymizers are compromised. Extensive security and overhead analysis has been conducted to quantify the strength of the scheme in protecting an individual user’s access pattern and the costs incurred to provide the protection.

Description
Keywords
Citation
DOI
Source
Collections