In conventional data federations, a set of data providers each possess an autonomous database and collectively make the union of these databases available for querying by a client from a unified SQL interface. This setting however, provides no guarantees on data privacy or security. With my work, I consider a specific subset of database security and privacy: the private data federation. A private data federation is a generalization of conventional data federations where each data provider holds private data, but wants to make that data accessible from a unified SQL interface. Each provider wishes to keep the tuples in their own data store confidential, but they are willing to provide private data for queries over the union of data from all federation members. I present three projects on this topic: SMCQL, Shrinkwrap, and SAQE. In SMCQL, I built and open-sourced the first private data federation that uses secure cryptographic protocols to execute SQL queries over the union of data from mutually distrustful parties. With Shrinkwrap, I introduced a novel query evaluator that extends differentially private data release policies to improve the performance of SMCQL. Finally, with SAQE, I created an query optimizer that utilizes approximate query processing with secure cryptographic protocols to dramatically improve performance while balancing accuracy and privacy. In this dissertation, I describe the contributions of SMCQL, Shrinkwrap, and SAQE. Combining these three systems, I show how to build a private data federation that provides security and privacy guarantees for distributed analytics.

Creator

• Bater, Johes

DOI

• https://doi.org/10.21985/n2-gdyf-v050

Subject

• Computer science

Language

• en

Alternate Identifier

• etdadmin_upload_764150
• http://dissertations.umi.com/northwestern:15258

Date created

• 2020-01-01

Resource type

• Dissertation

Rights statement

• In Copyright