Séminaire confiance numérique (Benjamin Nguyen, INSA Centre Val de Loire, LIFO, Equipe Security and Distributed Systems, SQL/AA)

Private and Scalable Execution of SQL Aggregates on a Secure Decentralized Architecture (to appear in ACM TODS'16)

Current applications, from complex sensor systems (e.g. quantified self) to online e-markets acquire vast quantities of personal information which usually end-up on central servers where they are exposed to prying eyes. Conversely, decentralized architectures helping individuals keep full control of their data, complexify global treatments and queries, impeding the development of innovative services.

In this presentation, we will show how to reconcile individual's privacy on one side and global benefits for the community and business perspectives on the other side. We promote the idea of pushing the security to secure hardware devices controlling the data at the place of their acquisition. Thanks to these tangible physical elements of trust, secure distributed querying protocols can reestablish the capacity to perform global computations, such as SQL aggregates, without revealing any sensitive information to central servers. In this presentation, we will show how to secure the execution of such queries in the presence of honest-but-curious and malicious attackers.

We will also discuss how the resulting querying protocols can be integrated in a concrete decentralized architecture. Cost models and experiments on SQL/AA, our distributed prototype running on real tamper- resistant hardware, demonstrate that this approach can scale to nationwide applications.

194 vues
Vendredi 07 Octobre 2016
Tag(s) : confiance numerique, sécurité informatique
Partager : Facebook
Intégrer :
Vidéos suggérées