The rapid increase of Internet of Things (IoT) systems across several domains has led to the generation of vast volumes of sensitive data, presenting significant challenges in terms of storage and data analytics. Cloud-assisted IoT solutions offer storage, scalability, and computational resources, but introduce new security and privacy risks that conventional trust-based approaches fail to adequately mitigate. To address these challenges, this paper presents MOZAIK, a novel end-to-end privacy-preserving confidential data storage and distributed processing architecture tailored for IoT-to-cloud scenarios. MOZAIK ensures that data remains encrypted throughout its lifecycle, including during transmission, storage, and processing. This is achieved by employing a cryptographic privacy-enhancing technology known as computing on encrypted data (COED). Two distinct COED techniques are explored, specifically secure multi-party computation (MPC) and fully homomorphic encryption (FHE). The paper includes a comprehensive analysis of the MOZAIK architecture, including a proof-of-concept implementation and performance evaluations. The evaluation results demonstrate the feasibility of the MOZAIK system and indicate the cost of an end-to-end privacy-preserving system compared to regular plaintext alternatives. All components of the MOZAIK platform are released as open-source software alongside this publication, with the aim of advancing secure and privacy-preserving data processing practices.

翻译：物联网系统在各领域的快速增长产生了海量敏感数据，对存储与数据分析提出了重大挑战。云辅助物联网解决方案虽能提供存储、可扩展性与计算资源，却引入了传统基于信任的方法无法充分缓解的新型安全与隐私风险。为应对这些挑战，本文提出MOZAIK——一种专为物联网至云端场景设计的新型端到端隐私保护机密数据存储与分布式处理架构。MOZAIK确保数据在其完整生命周期（包括传输、存储与处理阶段）始终保持加密状态，这是通过采用一种称为加密数据计算（COED）的密码学隐私增强技术实现的。研究具体探讨了两种不同的COED技术：安全多方计算（MPC）与全同态加密（FHE）。本文对MOZAIK架构进行了全面分析，包括概念验证实现与性能评估。评估结果证明了MOZAIK系统的可行性，并揭示了端到端隐私保护系统相较于常规明文方案的成本代价。MOZAIK平台的所有组件均已作为开源软件随本论文同步发布，旨在推动安全且隐私保护的数据处理实践发展。