Open access
Autor(in)
Datum
2022Typ
- Doctoral Thesis
ETH Bibliographie
yes
Altmetrics
Abstract
In recent years we have seen unprecedented growth in networked devices and services that collect increasingly detailed information about individuals.
This trend of large-scale data collection prompts various important challenges, including ensuring that the collected data is protected from data breaches and misuse. Although increasing public perception and expectations toward data privacy have led to new data privacy regulations, modern data processing systems offer little to no privacy protection mechanisms, and users must fully entrust third parties with their data.
To resolve this issue, many recent research efforts are exploring how to build data processing systems that follow the end-to-end encryption paradigm where data is encrypted at the source such that services never see data in the clear.
Existing encrypted data processing systems show great promise by allowing for confidential computation, but they are often limited to a few aspects of the system design.
Important functionalities such as notions of data ownership, selective release of information, or even guarantees about the robustness of the computations are missing.
In this dissertation, we propose a new class of encrypted data processing tools and systems that expand to the requirements of streaming data applications. We present three privacy-centric systems designs, each addressing issues in employing encrypted data processing in data streaming pipelines and introducing new tools to support extended functionality. TimeCrypt presents techniques for time series databases to offer efficient queries on encrypted streaming data while supporting fine-grained access control. Zeph introduces the concept of providing a service with the means to extract value from encrypted streaming data safely while ensuring data confidentiality and privacy by serving only privacy-compliant views of the data. Zeph cryptographically enforces that privacy transformations are executed before releasing data. Lastly, RoFL extends collaborative analytics systems that stream ephemeral encrypted updates to a service with techniques that provide robustness guarantees.
We present the design, implementation, and detailed evaluation for each of the three systems, demonstrating their feasibility. Mehr anzeigen
Persistenter Link
https://doi.org/10.3929/ethz-b-000594164Publikationsstatus
publishedExterne Links
Printexemplar via ETH-Bibliothek suchen
Beteiligte
Referent: Paterson, Kenneth
Referent: Hithnawi, Anwar
Referent: Capkun, Srdjan
Referent: Druschel, Peter
Verlag
ETH ZurichThema
Security; Privacy; Cloud Computing; Stream Processing; Encrypted Data Processing; Access Control; Secure Multiparty Computation; Homomorphic Encryption; Privacy-Preserving AnalyticsOrganisationseinheit
09653 - Paterson, Kenneth / Paterson, Kenneth
ETH Bibliographie
yes
Altmetrics