Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Building a Privacy Web with SPIDEr -- Secure Pipeline for Information De-Identification with End-to-End Encryption

Novoneel Chakraborty, Anshoo Tandon, Kailash Reddy, Kaushal Kirpekar, Bryan Paul Robert, Hari Dilip Kumar, Abhilash Venkatesh, Abhay Sharma

TL;DR

SPIDEr addresses secure, privacy-preserving data de-identification in cloud settings by combining TEEs with end-to-end encryption to keep unencrypted data inaccessible to service providers. It fuses classical de-identification techniques (suppression, generalisation, pseudonymisation) with formal privacy guarantees (k-anonymity and differential privacy) and optimizes DP workloads through batch processing on constrained TEEs. The system enforces secure end-to-end control flows, including attestation via the Azure Attestation service and a multi-component enclave-management/authentication stack, plus Docker-based cloud deployment. By enabling explicit privacy-utility tradeoffs through parameters like $\varepsilon$ and leveraging the sensitivity $\Delta_f$, SPIDEr provides practical, scalable protection for data releases while reducing risk of leakage and enabling compliant analytics.

Abstract

Data de-identification makes it possible to glean insights from data while preserving user privacy. The use of Trusted Execution Environments (TEEs) allow for the execution of de-identification applications on the cloud without the need for a user to trust the third-party application provider. In this paper, we present \textit{SPIDEr - Secure Pipeline for Information De-Identification with End-to-End Encryption}, our implementation of an end-to-end encrypted data de-identification pipeline. SPIDEr supports classical anonymisation techniques such as suppression, pseudonymisation, generalisation, and aggregation, as well as techniques that offer a formal privacy guarantee such as k-anonymisation and differential privacy. To enable scalability and improve performance on constrained TEE hardware, we enable batch processing of data for differential privacy computations. We present our design of the control flows for end-to-end secure execution of de-identification operations within a TEE. As part of the control flow for running SPIDEr within the TEE, we perform attestation, a process that verifies that the software binaries were properly instantiated on a known, trusted platform.

Building a Privacy Web with SPIDEr -- Secure Pipeline for Information De-Identification with End-to-End Encryption

TL;DR

SPIDEr addresses secure, privacy-preserving data de-identification in cloud settings by combining TEEs with end-to-end encryption to keep unencrypted data inaccessible to service providers. It fuses classical de-identification techniques (suppression, generalisation, pseudonymisation) with formal privacy guarantees (k-anonymity and differential privacy) and optimizes DP workloads through batch processing on constrained TEEs. The system enforces secure end-to-end control flows, including attestation via the Azure Attestation service and a multi-component enclave-management/authentication stack, plus Docker-based cloud deployment. By enabling explicit privacy-utility tradeoffs through parameters like and leveraging the sensitivity , SPIDEr provides practical, scalable protection for data releases while reducing risk of leakage and enabling compliant analytics.

Abstract

Data de-identification makes it possible to glean insights from data while preserving user privacy. The use of Trusted Execution Environments (TEEs) allow for the execution of de-identification applications on the cloud without the need for a user to trust the third-party application provider. In this paper, we present \textit{SPIDEr - Secure Pipeline for Information De-Identification with End-to-End Encryption}, our implementation of an end-to-end encrypted data de-identification pipeline. SPIDEr supports classical anonymisation techniques such as suppression, pseudonymisation, generalisation, and aggregation, as well as techniques that offer a formal privacy guarantee such as k-anonymisation and differential privacy. To enable scalability and improve performance on constrained TEE hardware, we enable batch processing of data for differential privacy computations. We present our design of the control flows for end-to-end secure execution of de-identification operations within a TEE. As part of the control flow for running SPIDEr within the TEE, we perform attestation, a process that verifies that the software binaries were properly instantiated on a known, trusted platform.

Paper Structure

This paper contains 6 sections, 1 theorem, 2 equations, 2 figures.

Table of Contents

  1. Introduction
  2. Our Contributions
  3. The De-Identification Data Pipeline
  4. K-Anonymisation with ARX
  5. Differential Privacy
  6. End-to-End Encryption Control Flow

Key Result

Theorem 1

For any function $f$, the mechanism $M^{\text{Lap}}_f$ defined by $M^{\text{Lap}}_f(D) = f(D)+Z,$ where $Z\sim \text{Lap}(\Delta_f/\varepsilon)$ and is independent of $D$, is $\varepsilon$-DP.

Figures (2)

  • Figure 1: A flowchart representing the order of operations within the data de-identification pipeline.
  • Figure 2: Control flows between various entities of the SPIDEr framework, with AMD SEV-SNP (Azure VM) as a Trusted Execution Environment.

Theorems & Definitions (1)

  • Theorem 1