University of Wollongong
Browse

File(s) not publicly available

A Privacy-Preserving and Verifiable Statistical Analysis Scheme for an E-Commerce Platform

journal contribution
posted on 2024-11-17, 13:35 authored by Hua Shen, Ge Wu, Zhe Xia, Willy Susilo, Mingwu Zhang
To know the most recent market conditions, an e-commerce platform needs to be aware of the sales situation of its sellers' commodities. The most recent market conditions can help to forecast future market trends and develop policies to guide sellers in reasonably allocating their inventory proportion. Statistical analysis is a fundamental approach to studying the sales situation. However, the sales data of an e-commerce platform usually has a significant volume. Therefore, outsourcing statistical analysis to cloud servers is an effective method. Nevertheless, sellers do not want their sales data leaked to anyone or any other organization. Moreover, in many circumstances, we cannot fully trust cloud servers. Thus, we need to utilize cryptographic or non-cryptographic tools to realize the above outsourcing. Secret sharing is a lightweight and powerful non-cryptographic tool to realize privacy-preserving data analysis. However, it needs secure channels to distribute secret shares. On the other hand, homomorphic encryption is a powerful cryptographic tool for designing privacy-preserving data analysis schemes. Nevertheless, these schemes usually do not allow the entity that holds the decryption key to collude with other entities. We propose a privacy-preserving and verifiable statistical analysis scheme for an e-commerce platform that combines a threshold secret sharing scheme with a verifiable threshold homomorphic encryption scheme. Our solution's demand for secure channels is reduced by 40%∼ 60% compared with a traditional threshold secret sharing scheme, thanking the designed novel distribution model for delivering secret shares. Furthermore, our solution has a stronger ability to resist collusive attacks, keep sales data private from any entity, and ensure that the platform can only obtain the analysis results with the help of some cloud servers, alleviating the single point of trust. And meanwhile, the novel distributed model makes our solution enjoy better robustness and fault tolerance. The proposed solution is validated through security analyses, performance evaluations, and comparison analyses.

Funding

National Natural Science Foundation of China (kx202014)

History

Journal title

IEEE Transactions on Information Forensics and Security

Volume

18

Pagination

2637-2652

Language

English

Usage metrics

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC