TY - JOUR
T1 - Practical Security and Privacy for Database Systems
AU - He, Xi
AU - Rogers, Jennie
AU - Bater, Johes
AU - MacHanavajjhala, Ashwin
AU - Wang, Chenghong
AU - Wang, Xiao
N1 - Funding Information:
This work was supported by National Science Foundation under the grant #1846447, #2016240, #2016393, #2029853, by DARPA and SPAWAR under contract N66001-15-C-4067, and by NSERC through a Discovery Grant.
Funding Information:
Ashwin Machanavajjhala is an associate professor in the Department of Computer Science, Duke University and an associate director at the Information Initiative@Duke (iiD). Previously, he was a Senior Research Scientist in the Knowledge Management group at Yahoo! Research. His primary research interests lie in algorithms for ensuring privacy in statistical databases and augmented reality applications. He is a recipient of the National Science Foundation Faculty Early CAREER award in 2013, and the 2008 ACM SIGMOD Jim Gray Dissertation Award Honorable Mention. Ashwin graduated with a Ph.D. from the Department of Computer Science, Cornell University and a B.Tech in Computer Science and Engineering from the Indian Institute of Technology, Madras.
Publisher Copyright:
© 2021 ACM.
PY - 2021
Y1 - 2021
N2 - Computing technology has enabled massive digital traces of our personal lives to be collected and stored. These datasets play an important role in numerous real-life applications and research analysis, such as contact tracing for COVID 19, but they contain sensitive information about individuals. When managing these datasets, privacy is usually addressed as an afterthought, engineered on top of a database system optimized for performance and usability. This has led to a plethora of unexpected privacy attacks in the news. Specialized privacy-preserving solutions usually require a group of privacy experts and they are not directly transferable to other domains. There is an urgent need for a generally trustworthy database system that offers end-to-end security and privacy guarantees. In this tutorial, we will first describe the security and privacy requirements for database systems in different settings and cover the state-of-the-art tools that achieve these requirements. We will also show challenges in integrating these techniques together and demonstrate the design principles and optimization opportunities for these security and privacy-aware database systems. This is designed to be a three hour tutorial.
AB - Computing technology has enabled massive digital traces of our personal lives to be collected and stored. These datasets play an important role in numerous real-life applications and research analysis, such as contact tracing for COVID 19, but they contain sensitive information about individuals. When managing these datasets, privacy is usually addressed as an afterthought, engineered on top of a database system optimized for performance and usability. This has led to a plethora of unexpected privacy attacks in the news. Specialized privacy-preserving solutions usually require a group of privacy experts and they are not directly transferable to other domains. There is an urgent need for a generally trustworthy database system that offers end-to-end security and privacy guarantees. In this tutorial, we will first describe the security and privacy requirements for database systems in different settings and cover the state-of-the-art tools that achieve these requirements. We will also show challenges in integrating these techniques together and demonstrate the design principles and optimization opportunities for these security and privacy-aware database systems. This is designed to be a three hour tutorial.
KW - differential privacy
KW - privacy
KW - secure computation
KW - security
KW - trusted execution environment
UR - http://www.scopus.com/inward/record.url?scp=85108956885&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85108956885&partnerID=8YFLogxK
U2 - 10.1145/3448016.3457544
DO - 10.1145/3448016.3457544
M3 - Conference article
AN - SCOPUS:85108956885
SN - 0730-8078
SP - 2839
EP - 2845
JO - Proceedings of the ACM SIGMOD International Conference on Management of Data
JF - Proceedings of the ACM SIGMOD International Conference on Management of Data
T2 - 2021 International Conference on Management of Data, SIGMOD 2021
Y2 - 20 June 2021 through 25 June 2021
ER -