Aggregating privatized medical data for secure querying applications

Public and private organizations generate large amounts of data which they are happy to allow others to query as long as it is privatized. (One example is that of medical data which can be used for research purposes.) Aggregation of such data on a cloud provides an opportunity for querying over rich data. This paper provides a solution for sharing sensitive data where large numbers of data contributors publish their privatized data sets which are then aggregated by a cloud manager on a cloud so that data can be made available to anyone who wants to query it. Additionally, our solution determines how aggregated data can be efficiently and effectively queried, while retaining privacy not only of the data, but also of the original data owner, the query and the person querying. We introduce a non-standard diagonal data aggregation method and, by experimental testing, demonstrate that our data querying procedure is efficient, maintains acceptable data privacy and acceptable data utility, along with practical computation and storage costs. Our solution also accepts a number of varied queries including join, aggregate, range, nested, ordered by and pattern matching. Finally, we discuss four potential threats posed by our cloud manager against which our scheme is resistant.