Explore a conference talk on Zeph, a system that cryptographically enforces end-to-end data privacy in large-scale data analytics frameworks. Learn how Zeph allows users to set and enforce privacy preferences on their data, ensuring compliance with privacy policies through real-time, privacy-adhering data transformations. Discover the hybrid cryptographic protocol behind Zeph's privacy-preserving capabilities and its implementation on Apache Kafka. Understand the system's threat model, design principles, and performance in web analytics scenarios. Gain insights into how Zeph addresses the growing need for native privacy controls in data processing, protecting against potential breaches and unauthorized access.
Zeph - Cryptographic Enforcement of End-to-End Data Privacy
Overview
Syllabus
Intro
One of Many Scenarios
Existing End-to-End Encrypted Streaming Pipeline
Integrate Privacy Controls into Existing Pipelines
Zeph's End-to-End Approach to Privacy
Zeph's Threat Model and Assumptions
How Zeph augments existing System Designs
Keep End-User Control Simple
Organize Privacy Transformations
Meeting Privacy Transformation Requirements
Additive Homomorphic Secret Sharing
Additive Homomorphic Privacy Transformations
Independent and Efficient Privacy Controller
Enable Federated Privacy Control
Zeph Implementation and Evaluation
Web Analytics: End-to-End Benchmark
Taught by
USENIX
