CoVault: A Secure Analytics Platform

De Viti, Roberta; Sheff, Isaac; Glaeser, Noemi; Dinis, Baltasar; Rodrigues, Rodrigo; Katz, Jonathan; Bhattacharjee, Bobby; Hithnawi, Anwar; Garg, Deepak; Druschel, Peter

Item

ITEM ACTIONSEXPORT

Add to Basket

Local TagsRelease HistoryDetailsSummary

Released

Paper

CoVault: A Secure Analytics Platform

MPS-Authors

/persons/resource/persons246362

De Viti, Roberta
Group P. Druschel, Max Planck Institute for Software Systems, Max Planck Society;

/persons/resource/persons144522

Garg, Deepak
Group D. Garg, Max Planck Institute for Software Systems, Max Planck Society;

/persons/resource/persons144511

Druschel, Peter
Group P. Druschel, Max Planck Institute for Software Systems, Max Planck Society;

External Resource

No external resources are shared

Fulltext (restricted access)

There are currently no full texts shared for your IP range.

Fulltext (public)

arXiv:2208.03784.pdf
(Preprint), 2MB

Supplementary Material (public)

There is no public supplementary material available

Citation

De Viti, R., Sheff, I., Glaeser, N., Dinis, B., Rodrigues, R., Katz, J., et al. (2022). CoVault: A Secure Analytics Platform. Retrieved from https://arxiv.org/abs/2208.03784.

Cite as: https://hdl.handle.net/21.11116/0000-000B-B445-C

Abstract

In a secure analytics platform, data sources consent to the exclusive use of
their data for a pre-defined set of analytics queries performed by a specific
group of analysts, and for a limited period. If the platform is secure under a
sufficiently strong threat model, it can provide the missing link to enabling
powerful analytics of sensitive personal data, by alleviating data subjects'
concerns about leakage and misuse of data. For instance, many types of powerful
analytics that benefit public health, mobility, infrastructure, finance, or
sustainable energy can be made differentially private, thus alleviating
concerns about privacy. However, no platform currently exists that is
sufficiently secure to alleviate concerns about data leakage and misuse; as a
result, many types of analytics that would be in the interest of data subjects
and the public are not done. CoVault uses a new multi-party implementation of
functional encryption (FE) for secure analytics, which relies on a unique
combination of secret sharing, multi-party secure computation (MPC), and
different trusted execution environments (TEEs). CoVault is secure under a very
strong threat model that tolerates compromise and side-channel attacks on any
one of a small set of parties and their TEEs. Despite the cost of MPC, we show
that CoVault scales to very large data sizes using map-reduce based query
parallelization. For example, we show that CoVault can perform queries relevant
to epidemic analytics at scale.