The trend towards remote storage and analysis of data leads to the development of platforms providing a central infrastructure that manages the remote connection to customers, offers storage for collected data, and can perform analytics on the collected data. One crucial aspect of such platforms is confidentiality and integrity, i.e., the platform should not learn anything about the data it stores and processes, while executing aggregation and other functions on the data.
The difficulty of achieving this goal increases when there are several users, which neither trust each other nor the storage and processing platform, yet functions across all users must be carried out. A specific case of this problem is fleet management. A fleet is a set of serviced products/systems of the same type that are managed together, e.g., by a single asset owner. In particular this concerns the scenario where several customers provide encrypted data to a particular platform, which in turn computes key performance indicators, KPIs, across this data without learning more than the computed aggregate values. In this context KPIs, hereinafter also referred to as performance indicator, refer to any aggregate function over any set of the device's output data or over any set of performance data relating to the device itself.
In particular, product line managers at a company with a multi-vendor strategy who are responsible for a fleet of products would like to aggregate/compose/combine the results of individual asset health checks of the equipment by the equipment type. This allows the product line managers to know at any point in time how the fleet is performing and which members of the fleet require attention. This information helps to rapidly respond to inquiries from management, schedule maintenance actions, and also to compare their fleet with those of competitors.
This use case is different from classic remote data processing since every customer ideally encrypts their data with their own private key, yet the service provider should be able to derive actionable insights from this information. In contrast to traditional multi-party computation, the customers should be involved as little as possible. In the ideal case, they provide input only and are not needed for further interactions.
Privacy is considered to be a key requirement by customers. In the chemical industry, for example, chemical reactions are well known, but the customers consider the intellectual property to be the production process. For such applications, even the lead provider is not allowed to view individual parameters, which makes fleet management of the data very difficult.
There is a lot of related work on privacy-preserving outsourcing of computation. However, the mechanisms found in the literature have either different scenarios, weaker security assumptions or higher complexity, e.g., in terms of the required communication between all parties.
[1] relates to efficient outsourcing multi-party computation being based on the assumption that all parties are “semi-honest”, i.e., they faithfully execute the given protocols and only collect information that is accessible to them. However, it is not assumed that an attacker can also actively try to gather information, e.g., by misusing the protocols.
A scheme based on “multi-key fully homomorphic encryption” has also been proposed in [2] that does not require many communication rounds; however, the decryption phase is interactive and the computational overhead is large [2].
The journal contribution of Rafik et al., “SA-SPKC: Secure and efficient aggregation scheme for wireless sensor networks using stateful public key cryptography”, IEEE Programming and Systems (ISPS), 2013 11th International Symposium, p. 96-102, relates to data aggregation in wireless sensor networks and a respective security protocol which addresses the security services for the wireless sensor networks wherein only the base station can verify the individual data and identify the malicious node.
The journal contribution of Lu et al., “EPPA: An Efficient and Privacy-Preserving Aggregation Scheme for Secure Smart Grid Communications”, IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, 2012, p. 1621-1631, relates to an aggregation scheme for secure smart grid communications.