Practical Data-intensive Secure Computation: a Data Structural Approach

In the past a few year, we have seen a dramatic increase in the scale and financial damage caused by cyber attacks. A survey commissioned by the government's Department for Business, Innovations and Skills (BIS) found that 93% of large businesses and 87% of smaller businesses suffered security breaches during 2013. An estimation from IDC says that companies around the world will spend $364 billion for dealing with data breaches in 2014. Data security is of paramount importance for most organisations. Compounding the problem, changes in computing -- particularly the booming of Cloud computing and collaborative data analysis -- has added another layer of complexity to the security landscape.

Secure computation has the potential to completely reshape the cybersecruity landscape, but this will happen only if we can make it practical. Despite significant improvements recently, secure computation is still orders of magnitude slower than computation in the clear. Even with the latest technology, running the killer apps, which are often data-intensive, in secure computation is still a mission impossible. To make secure computation practical, we propose this groundbreaking data structural approach.

In computer science, there are two fundamental approaches to improve performance of computation: by using a better algorithm, or by using a proper data structure. In secure computation, we have seen many improvements through the algorithmic approach. But surprisingly, data structures have been largely overlooked in the past. Recently, we have found ample evidence in our own and also others' research that data structures can be a key efficiency and scalability booster of secure computation. Based on the evidence, we believe the situation is sure to change: with data playing the central role and driving the computation, data structural design will become an indispensable part of secure computation.

It is time to systematically investigate the design of data structures and accompanied protocols in the context of secure computation. Our proposed research will make scientific advances by investigating both data structures and cryptography. The starting point will be comprehensive case-by-case studies. Then the focus will be solving more complex problems by composition and to make data structures generic across multiple secure computation frameworks. Eventually we will draw design principles to guide future design practice.

Who will benefit from the research and how:

* Academia, including researchers in secure computation or more broadly the security and cryptography community, and researchers from other communities such as data mining/management, networking and systems. We will open a new research area, and provide results for others to exploit.

*Private sector, such as practitioners in IT security industry, developers of secure application, cloud computing providers, data analytics companies that provide data analysis services to clients. Furthermore, corporates including banks will benefit from better platform security and easier information sharing across organisation borders. We will enable technology that gives private sector companies competitive advantage, by making it possible to integrate secure computation in their products and/or deploy secure computation in their critical applications.

* Government and public sector, many parts of which will deploy data analysis applications and requires effective integration/sharing of data from different departments (e.g., NHS, HMRC, DVLA). There are obvious concerns over information leaks, especially when a significant part of the data is sensitive or private (e.g. medical records). We will enable technology that provides a secure open data exchange platform that encourages information sharing and facilitates information integration, thus will help to improve services and support better decision making.

*Researcher in this project, will be trained with skills, including transferable skills, highly sought by industry and academia. The person will gain experiences, forge collaborations, and prepare for the job market.