Privacy-preserving Image Processing In the Cloud
This paper studies the design targets and technical challenges lie in constructing cloud-based privacy-preserving image processing system. We explore various image processing tasks, including image feature detection, digital watermarking, content-based image search. The state-of-the-art techniques, including secure multiparty computation, and homomorphic encryption are investigated. A detailed taxonomy of the problem statement and the corresponding solutions is provided. The consequent massive computational workload makes people turn to cloud computing platforms for their economical computation resources. Meanwhile, the privacy concerns over the sensitive information contained in outsourced image data arise in public. In fact, once uploaded to the cloud, the security and privacy of the image content can only presume upon the reliability of the cloud service providers. Lack of assuring security and privacy guarantees becomes the main barrier to further deployment of cloud-based image processing systems.
Motivated by the rapid growth of image processing and data mining techniques, more and more image processing based applications are deployed in various end-users’ devices. For example, content-based image search, digital watermark verification, and so on. The consequent massive image processing tasks bring enormous computation overhead to data owners. To solve this problem, more and more users are outsourcing the “expensive” tasks to cloud computing platforms. In one such cloud computing platform, Cloud Service Provider (CSP) offers a pay-peruse business model, which lets individual users use robust computation power in the cloud while saving time and costs on setting up corresponding infrastructures. However, the participation of a third-party cloud computing platform also increases the vulnerability of private data, e.g., potential data breaches and losses. Under current cloud architecture, the content of outsourced image data will inevitably be leaked to CSPs.
The proposed system consists of two main entities: the Cloud Computing Platform (CCP) and the user. The user is a data owner who holds massive image data and intends to outsource the image processing tasks to the CCP. In this setting, a user utilizes the CCP as a complementary resource for his limited computational power and also outsources complicated image processing tasks to the CCP. Meanwhile, users need to protect the privacy of their data. For example, hospitals are under an obligation to protect patients’ records such as medical images and profiles. In this case, to protect a user’s privacy, he or she has to encrypt the image data before outsourcing to the CCP. Meanwhile, the entity CCP is composed of a set of cloud servers assumed to be honest but curious. It can only access the encrypted image data uploaded by users and perform the corresponding image processing algorithms over the ciphertext domain. After that, the CCP returns the requested results in the form of ciphertext back to a user. Finally, a user can use her private key to decrypt the returned results. Throughout the process, the CCP should not have any access to the content or results of the user outsourced image computation tasks in plaintext domain. The proposed system consists of two main phases as follows: i) Data Preprocessing and ii) Encrypted Image Evaluation
This article studies the problem of privacy-preserving image processing in the cloud, which could enable robust image-processing based applications on devices with limited computation power, e.g., a variety of instant image processing apps on lenses, watches, or other personal devices. Compared with other outsourced computation tasks, image-processing algorithms are relatively complicated and have high computation complexity. To solve the problem, we start by building a system model and formulating design targets. After that, state-of-the-art techniques
are introduced, including homomorphic encryption, secure multiparty computation, and so on. We also present several case studies for different techniques and analyze their merits and drawbacks. Through the analysis, we find that the balance among design targets: functionality, security, and efficiency makes it difficult to solve the problem by applying only one technique. The integration of different techniques instead of traditional cryptography tools is the most promising research direction in this area. Also, considering the prevalence of JPEG compression among some data, privacy-preserving decompression of JPEG file as a special case of privacy-preserving DCT computation is also a promising research direction in this area.
- M. Armbrust et al., “A view of cloud computing,” Communications of the ACM, vol.53, no. 4, 2010, pp. 50–58.
- H. Esfahani et al., “Cloudbuild: Microsoft’s Distributed and Caching Build Service,”Software Engineering in Practice (SEIP 16), 2016.
- C. Wang et al., “Privacy-assured outsourcing of image reconstruction service in
cloud,” IEEE Transactions on Emerging Topics in Computing, vol. 1, no. 1, 2013, pp.166–177.
- C. Modi et al., “A survey of intrusion detection techniques in cloud,” Journal of
Network and Computer Applications, vol. 36, no. 1, 2013, pp. 42–57.
- W. Lu et al., “Secure image retrieval through feature protection,” Procedings of the International Conference on Acoustics, Speech, and Signal Processing (ICASSP 09), 2009.
- Z. Qin et al., “Privacy-preserving outsourcing of image global feature detection,” Proceedings of the Global Communications Conference (GLOBECOM 14), 2014.
- C.-Y. Hsu et al., “Image feature extraction in encrypted domain with privacypreserving SIFT,” IEEE Transactions on Image Processing, vol. 21, no. 11, 2012, pp.4593–4607.
- C.-Y. Hsu et al., “Homomorphic encryption-based secure SIFT for privacy-preserving feature extraction,” Proceedings of SPIE (SPIE 11), 2011.
- Z. Qin et al., “Towards efficient privacy-preserving image feature ex-traction in cloud computing,” Proceedings of the 2014 ACM on Multimedia Conference (MM 14), 2014.
- J. Eggers, J. Su, and B. Girod, “Public key watermarking by eigenvectors of linear transforms,” Proceedings of the European Symposium on Security and Privacy (Euro SP), 2000.
- H. Wang et al., “Security protection between users and the mobile media cloud,” IEEE Communications Magazine, 2014.
- W. Lu et al., “Enabling search over encrypted multimedia databases,” Proceedings of SPIE (SPIE), 2009.
- Z. Erkin et al., “Privacy-preserving face recognition,” Proceedings of Privacy
Enhancing Technologies Symposium (PETS 09), 2009.
- K. Ivanova et al., “Features for art painting classification based on vector quantization of mpeg-7 descriptors,” Data Engineering and Management, Springer, 2012.
- T. Sikor, “The MPEG-7 visual standard for content description-an overview,” IEEE Transactions on Circuits and Systems for Video Technology, vol. 11, no. 6, 2001, pp. 696–702.
- C. Gentry, “Fully homomorphic encryption using ideal lattices,” Proceedings of the 41st Annual ACM Symposium on Theory of Computing (STOC 09), 2009.
- M. Naehrig et al., “Can homomorphic encryption be practical?,” Proceedings of ACM Cloud Computing Security Workshop (CCSW 11), 2011.
- M.K. Khan, J. Zhang, and K. Alghathbar, “Challenge-response-based biometric image scrambling for secure personal identification,” Future Generation Computer Systems, vol. 27, no. 4, 2011, pp. 411–418.
- S. Pandey et al., “An autonomic cloud environment for hosting ECG data analysis services,” Future Generation Computer Systems, vol. 28, no. 1, 2012, pp. 147–154.
- O. Goldreich, Secure multi-party computation Manuscript, 1998.
- M. Malkin and T. Kalker, “A cryptographic method for secure watermark detection,”
Proceedings of the 8th International Workshop on Information Hiding, 2006.
- C. Lin, C. Lee, and S. Chien, “Digital Video Watermarking on Cloud Computing Environments,” Proceedings of the Second International Conference on Cyber Security (CyberSec 13), 2013.