CS700:Graduate Seminar in Computer Science & Informatics

Preserving Privacy and Security for Distributed Data Aggregation
Slawomir Goryczka, Department of Mathematics and Computer Science

We study the problem of distributed data aggregation with privacy and security constraints. Methods of ensuring both privacy and security of computations are presented for two different privacy goals - privacy of sensitive attribute values and privacy of participation. For the former goal, we address a new threat of the distributed setting caused by the "internal attackers", i.e., a coalition of data providers. To model such attacks we introduce the notion of m-privacy, which guarantees that the anonymized data satisfies a given privacy constraint against any group of up to m colluding data providers. We present heuristic algorithms to verify m-privacy of anonymized records as well as a data provider-aware anonymization algorithm. Proposed algorithms are implemented for scenarios with and without a trusted third party using Shamir's secret sharing scheme. To protect privacy of participation in distributed setting, we compare different security schemes: Shamir.s secret sharing, homomorphic encryption, and partial results perturbation. Differential privacy of the final result is achieved by three different mechanisms: Laplace, Gamma, and Gaussian. We compare the protocols implementing such mechanisms using different security schemes, in terms of their complexity and security characteristics as well as performance and scalability in a real distributed environment. We also present new challenges, questions and possible directions of further research.