CryptStream: Cryptographic Access Controls for Streaming Data

With data becoming available in larger quantities and at higher rates, new data processing paradigms have been proposed to handle large and fast data. Data Stream Processing is one such paradigm wherein transient data flows as streams through sets of continuous queries, only returning results when data is of interest to the querier, allowing uninteresting data to be ignored. To process these data streams, users are employing third party computational platforms or large private platforms to reduce the individual cost for querying and computing over data streams. Utilizing third parties for outsourcing computation means data being processed is available to the third party as well, which could violate the data provider's privacy. There has been research done into access control for streaming data, and these works provide a good first step, but fall short of a complete system. In this paper, we introduce CryptStream for cryptographically enforcing access controls over streaming data. CryptStream combines data providers access control policies with ones prescribed by the data consumer and the server as well. We show that CryptStream improves over earlier work in the same design space while providing smaller overheads and more flexibility.