Searchable encryption for outsourcing data analytics
First Claim
Patent Images
1. A method for performing data analytics on outsourced data, the method comprising:
- receiving, at a computing device associated with a data analyst, cipher text representing data comprising one or more tuples, from a computing device associated with a data owner such that the data is undecipherable by the computing device associated with the data analyst, wherein the cipher text is generated by the computing device associated with the data owner encrypting the tuples using a secret key and a corresponding public security parameter such that the cipher text is unique for each of the tuples;
generating a query token using a constant provided by the computing device associated with the data analyst such that the constant is undiscoverable by the computing device associated with the data owner;
searching the cipher text by performing a query against the cipher text with the constant as a search term using the query token;
outputting one or more identity query tokens as a result of searching the cipher text, wherein the identity query tokens including encrypted search results;
searching the cipher text by performing a new query against the cipher text using the outputted identity query tokens as search terms; and
outputting additional identity query tokens as a result of searching the cipher text with the new query.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for performing data analytics on outsourced data may include receiving, at a data analyst, cipher text representing data from a data owner such that the data remains hidden from the data analyst, generating a query token using a constant provided by the data analyst such that the constant remains hidden from the data owner, and analyzing the cipher text using the query token.
41 Citations
11 Claims
-
1. A method for performing data analytics on outsourced data, the method comprising:
-
receiving, at a computing device associated with a data analyst, cipher text representing data comprising one or more tuples, from a computing device associated with a data owner such that the data is undecipherable by the computing device associated with the data analyst, wherein the cipher text is generated by the computing device associated with the data owner encrypting the tuples using a secret key and a corresponding public security parameter such that the cipher text is unique for each of the tuples; generating a query token using a constant provided by the computing device associated with the data analyst such that the constant is undiscoverable by the computing device associated with the data owner; searching the cipher text by performing a query against the cipher text with the constant as a search term using the query token; outputting one or more identity query tokens as a result of searching the cipher text, wherein the identity query tokens including encrypted search results; searching the cipher text by performing a new query against the cipher text using the outputted identity query tokens as search terms; and outputting additional identity query tokens as a result of searching the cipher text with the new query. - View Dependent Claims (2, 3, 4)
-
-
5. A system for performing data analytics on outsourced data, comprising:
-
an encryption generator that is arranged and configured to use at least one processor to encrypt data comprising one or more tuples from a computing device associated with a data owner, output a cipher text and communicate the cipher text to a computing device associated with a data analyst such that the data is undecipherable by the computing device associated with the data analyst, and encrypt the tuples using a secret key and a corresponding public security parameter such that the cipher text is unique for each of the tuples; a query generator that is arranged and configured to use at least one processor to generate a query token using a constant provided by the computing device associated with the data analyst such that the constant is undiscoverable by the computing device associated with the data owner; and an analysis engine that is arranged and configured to; use at least one processor to search the cipher text by performing a query against the cipher text with the constant as a search term using the query token, use the at least one processor to output one or more identity query tokens as a result of analyzing the cipher text, wherein the identity query tokens including encrypted search results, search the cipher text by performing a new query against the cipher text using the outputted identity query tokens as search terms, and output additional identity query tokens as a result of searching the cipher text with the new query. - View Dependent Claims (6, 7, 8)
-
-
9. A computer program product for performing data analytics on outsourced data, the computer program product being tangibly embodied on a non-transitory computer-readable storage medium and including executable code that, when executed, is configured to cause a data processing apparatus to:
-
encrypt data from a data owner, output a cipher text and communicate the cipher text to a computing device associated with a data analyst such that the data is undecipherable by the computing device associated with the data analyst; generate a query token using a constant provided by the computing device associated with the data analyst such that the constant is undiscoverable by the computing device associated with the data owner by; receiving the constant and a public security parameter from the computing device associated with the data analyst such that the constant is undiscoverable by the computing device associate with the data owner; receiving a secret key from the computing device associated with the data owner such that the secret key is undecipherable by the computing device associated with the data analyst; and outputting the query token to the computing device associated with the data analyst; search the cipher text using the query token by performing a query against the cipher text with the constant as a search term; output one or more identity query tokens as a result of searching the cipher text, wherein the identity query tokens including encrypted search results; search the cipher text by performing a new query against the cipher text using the outputted identity query tokens as search terms; and output additional identity query tokens as a result of searching the cipher text with the new query. - View Dependent Claims (10, 11)
-
Specification