Privacy-Friendly Data Analytics
+49 631 9303 9601
+49 631 9303 6019
francis(Replace this parenthesis with the @ sign)mpi-sws.org
+49 631 9303 9318
munz(Replace this parenthesis with the @ sign)mpi-sws.org
+49 681 302 70782
fabienne.eigner(Replace this parenthesis with the @ sign)cispa.saarland
User data are constantly collected, by various organizations, for the purpose of aggregate analysis. Despite considering user data in the aggregate only, this threatens user privacy in two fundamental ways: the query result may leak too much information, or the data aggregator itself may leak collected data, intentionally (e.g., selling) or unintentionally (being compromised). Furthermore, the analyst is often interested in querying joined data collected by different organizations. How to sanitize query results in ways that resolve the tension between privacy and functionality? How to securely store and share the user data? Existing notions of differential privacy address the first question, protecting user privacy, yet providing insufficient utility to be accepted by stakeholders. We will investigate noiseless and user-centric approaches to provide precise query results and bypass the privacy budget limitation of current differential privacy notions; we will devise cryptographic techniques, based on secure multiparty computation, to allow queries over distributed data in a privacy-preserving manner. To address the second question, we advocate the use of secure hardware as the basis for protecting user data while allowing for aggregate analytics. We will devise a hardware-assisted architecture for the privacy-preserving processing of user data, of general applicability and providing privacy guarantees against a realistic attacker model. We will develop code-hiding property-based attestation techniques to establish trust in such hardware-assisted privacy preserving online services.
Role Within the Collaborative Research Center
In the context of this project we are looking for two qualified PhD students with a track record in topics relevant to the project. If you are interested please send a letter of intent together with your short CV to the PIs of the project.