Privacy-Centric Systems for Stream Data Processing
OPEN ACCESS
Author / Producer
Date
2022
Publication Type
Doctoral Thesis
ETH Bibliography
yes
Citations
Altmetric
OPEN ACCESS
Data
Rights / License
Abstract
In recent years we have seen unprecedented growth in networked devices and services that collect increasingly detailed information about individuals.
This trend of large-scale data collection prompts various important challenges, including ensuring that the collected data is protected from data breaches and misuse. Although increasing public perception and expectations toward data privacy have led to new data privacy regulations, modern data processing systems offer little to no privacy protection mechanisms, and users must fully entrust third parties with their data.
To resolve this issue, many recent research efforts are exploring how to build data processing systems that follow the end-to-end encryption paradigm where data is encrypted at the source such that services never see data in the clear.
Existing encrypted data processing systems show great promise by allowing for confidential computation, but they are often limited to a few aspects of the system design.
Important functionalities such as notions of data ownership, selective release of information, or even guarantees about the robustness of the computations are missing.
In this dissertation, we propose a new class of encrypted data processing tools and systems that expand to the requirements of streaming data applications. We present three privacy-centric systems designs, each addressing issues in employing encrypted data processing in data streaming pipelines and introducing new tools to support extended functionality. TimeCrypt presents techniques for time series databases to offer efficient queries on encrypted streaming data while supporting fine-grained access control. Zeph introduces the concept of providing a service with the means to extract value from encrypted streaming data safely while ensuring data confidentiality and privacy by serving only privacy-compliant views of the data. Zeph cryptographically enforces that privacy transformations are executed before releasing data. Lastly, RoFL extends collaborative analytics systems that stream ephemeral encrypted updates to a service with techniques that provide robustness guarantees.
We present the design, implementation, and detailed evaluation for each of the three systems, demonstrating their feasibility.
Permanent link
Publication status
published
External links
Editor
Contributors
Examiner : Paterson, Kenneth
Examiner : Hithnawi, Anwar
Examiner: Capkun, Srdjan
Examiner : Druschel, Peter
Book title
Journal / series
Volume
Pages / Article No.
Publisher
ETH Zurich
Event
Edition / version
Methods
Software
Geographic location
Date collected
Date created
Subject
Security; Privacy; Cloud Computing; Stream Processing; Encrypted Data Processing; Access Control; Secure Multiparty Computation; Homomorphic Encryption; Privacy-Preserving Analytics
Organisational unit
09653 - Paterson, Kenneth / Paterson, Kenneth