Skip to content
's image

End-to-End Designs for Data Privacy

As we increasingly expose sensitive data to gain valuable insights and as regulatory privacy provisions are on the rise, the need to natively integrate privacy controls in data analytics frameworks is growing in importance. Today, privacy solutions are mostly ad hoc efforts that are implemented and enforced by data curators who have full access to data in the clear. Additionally, as these systems cannot provide proof of privacy compliance to end-users, there is no assurance that data processing complies with the stated privacy policy. In this project, we investigate a new cohesive end-to-end solutions to data privacy that follows the data from the source to downstream. Such solutions should be designed such that they can be easily integrated with existing data processing and analytics frameworks, coexist with data protection mechanisms in place and align with the strong notion of end-to-end data protection.


Zeph (Published in USENIX OSDI’21): A new system that enables users to set privacy preferences on how their data can be shared and processed. Zeph enforces privacy policies cryptographically and ensures that data available to third-party applications complies with users’ privacy policies. Zeph executes privacy-adhering data transformations in real-time and scales to thousands of data sources, allowing it to support large-scale low-latency data stream analytics.


People

Nicolas Küchler
Nicolas Küchler

PhD Student

Lukas Burkhalter
Lukas Burkhalter

PhD Student

Alexander Viand
Alexander Viand

PhD Student

Hidde Lycklama
Hidde Lycklama

PhD Student

Anwar Hithnawi
Anwar Hithnawi

Group Leader

Publications

Thumbnail of Zeph: Cryptographic Enforcement of End-to-End Data Privacy.

Zeph: Cryptographic Enforcement of End-to-End Data Privacy. Paper Slides Github Video

Lukas Burkhalter*, Nicolas Küchler*, Alexander Viand, Hossein Shafagh, Anwar Hithnawi

USENIX OSDI 2021. Online.