Practical Security and Privacy for Database Systems

Conference Paper

Computing technology has enabled massive digital traces of our personal lives to be collected and stored. These datasets play an important role in numerous real-life applications and research analysis, such as contact tracing for COVID 19, but they contain sensitive information about individuals. When managing these datasets, privacy is usually addressed as an afterthought, engineered on top of a database system optimized for performance and usability. This has led to a plethora of unexpected privacy attacks in the news. Specialized privacy-preserving solutions usually require a group of privacy experts and they are not directly transferable to other domains. There is an urgent need for a generally trustworthy database system that offers end-to-end security and privacy guarantees. In this tutorial, we will first describe the security and privacy requirements for database systems in different settings and cover the state-of-the-art tools that achieve these requirements. We will also show challenges in integrating these techniques together and demonstrate the design principles and optimization opportunities for these security and privacy-aware database systems. This is designed to be a three hour tutorial.

Full Text

Duke Authors

Cited Authors

  • He, X; Rogers, J; Bater, J; MacHanavajjhala, A; Wang, C; Wang, X

Published Date

  • January 1, 2021

Published In

Start / End Page

  • 2839 - 2845

International Standard Serial Number (ISSN)

  • 0730-8078

Digital Object Identifier (DOI)

  • 10.1145/3448016.3457544

Citation Source

  • Scopus