Paper 2017/803

Role-Based Ecosystem for Design, Development, and Deployment of Secure Multi-Party Data Analytics Applications

Andrei Lapets, Kinan Dak Albab, Rawane Issa, Lucy Qin, Mayank Varia, Azer Bestavros, and Frederick Jansen

Abstract

Software applications that employ secure multi-party computation (MPC) can empower individuals and organizations to benefit from privacy-preserving data analyses when data sharing is encumbered by confidentiality concerns, legal constraints, or corporate policies. MPC is already being incorporated into software solutions in some domains; however, individual use cases do not fully convey the variety, extent, and complexity of the opportunities of MPC. This position paper articulates a role-based perspective that can provide some insight into how future research directions, infrastructure development and evaluation approaches, and deployment practices for MPC may evolve. Drawing on our own lessons from existing real-world deployments and the fundamental characteristics of MPC that make it a compelling technology, we propose a role-based conceptual framework for describing MPC deployment scenarios. Our framework acknowledges and leverages a novel assortment of roles that emerge from the fundamental ways in which MPC protocols support federation of functionalities and responsibilities. Defining these roles using the new opportunities for federation that MPC enables in turn can help identify and organize the capabilities, concerns, incentives, and trade-offs that affect the entities (software engineers, government regulators, corporate executives, end-users, and others) that participate in an MPC deployment scenario. This framework can not only guide the development of an ecosystem of modular and composable MPC tools, but can make explicit some of the opportunities that researchers and software engineers (and any organizations they form) have to differentiate and specialize the artifacts and services they choose to design, develop, and deploy. We demonstrate how this framework can be used to describe existing MPC deployment scenarios, how new opportunities in a scenario can be observed by disentangling roles inhabited by the involved parties, and how this can motivate the development of MPC libraries and software tools that specialize not by application domain but by role.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. IEEE Proceedings
Keywords
secure multi-party computationimplementationapplications
Contact author(s)
lapets @ bu edu
History
2019-09-24: revised
2017-08-28: received
See all versions
Short URL
https://ia.cr/2017/803
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2017/803,
      author = {Andrei Lapets and Kinan Dak Albab and Rawane Issa and Lucy Qin and Mayank Varia and Azer Bestavros and Frederick Jansen},
      title = {Role-Based Ecosystem for Design, Development, and Deployment of Secure Multi-Party Data Analytics Applications},
      howpublished = {Cryptology ePrint Archive, Paper 2017/803},
      year = {2017},
      note = {\url{https://eprint.iacr.org/2017/803}},
      url = {https://eprint.iacr.org/2017/803}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.