TY - GEN
T1 - Privacy Changes Everything
AU - Rogers, Jennie
AU - Bater, Johes
AU - He, Xi
AU - Machanavajjhala, Ashwin
AU - Suresh, Madhav
AU - Wang, Xiao
N1 - Publisher Copyright:
© 2019, Springer Nature Switzerland AG.
PY - 2019
Y1 - 2019
N2 - We are storing and querying datasets with the private information of individuals at an unprecedented scale in settings ranging from IoT devices in smart homes to mining enormous collections of click trails for targeted advertising. Here, the privacy of the people described in these datasets is usually addressed as an afterthought, engineered on top of a DBMS optimized for performance. At best, these systems support security or managing access to sensitive data. This status quo has brought us a plethora of data breaches in the news. In response, governments are stepping in to enact privacy regulations such as the EU’s GDPR. We posit that there is an urgent need for trustworthy database system that offer end-to-end privacy guarantees for their records with user interfaces that closely resemble that of a relational database. As we shall see, these guarantees inform everything in the database’s design from how we store data to what query results we make available to untrusted clients. In this position paper we first define trustworthy database systems and put their research challenges in the context of relevant tools and techniques from the security community. We then use this backdrop to walk through the “life of a query” in a trustworthy database system. We start with the query parsing and follow the query’s path as the system plans, optimizes, and executes it. We highlight how we will need to rethink each step to make it efficient, robust, and usable for database clients.
AB - We are storing and querying datasets with the private information of individuals at an unprecedented scale in settings ranging from IoT devices in smart homes to mining enormous collections of click trails for targeted advertising. Here, the privacy of the people described in these datasets is usually addressed as an afterthought, engineered on top of a DBMS optimized for performance. At best, these systems support security or managing access to sensitive data. This status quo has brought us a plethora of data breaches in the news. In response, governments are stepping in to enact privacy regulations such as the EU’s GDPR. We posit that there is an urgent need for trustworthy database system that offer end-to-end privacy guarantees for their records with user interfaces that closely resemble that of a relational database. As we shall see, these guarantees inform everything in the database’s design from how we store data to what query results we make available to untrusted clients. In this position paper we first define trustworthy database systems and put their research challenges in the context of relevant tools and techniques from the security community. We then use this backdrop to walk through the “life of a query” in a trustworthy database system. We start with the query parsing and follow the query’s path as the system plans, optimizes, and executes it. We highlight how we will need to rethink each step to make it efficient, robust, and usable for database clients.
UR - http://www.scopus.com/inward/record.url?scp=85077768191&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85077768191&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-33752-0_7
DO - 10.1007/978-3-030-33752-0_7
M3 - Conference contribution
AN - SCOPUS:85077768191
SN - 9783030337513
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 96
EP - 111
BT - Heterogeneous Data Management, Polystores, and Analytics for Healthcare - VLDB 2019 Workshops, Poly and DMAH, Los Angeles, CA, USA, August 30, 2019, Revised Selected Papers
A2 - Gadepally, Vijay
A2 - Mattson, Timothy
A2 - Stonebraker, Michael
A2 - Wang, Fusheng
A2 - Luo, Gang
A2 - Laing, Yanhui
A2 - Dubovitskaya, Alevtina
PB - Springer Science and Business Media Deutschland GmbH
T2 - International Workshops on Polystores and other Systems for Heterogeneous Data, Poly 2018, and Data Management and Analytics for Medicine and Healthcare, DMAH 2018 held in conjunction with the 44th International Conference on Very Large Data Bases, VLDB 2018
Y2 - 30 August 2018 through 30 August 2018
ER -