Curie: Policy-based secure data exchange

Z. Berkay Celik, Abbas Acar, Hidayet Aksu, Ryan Sheatsley, Patrick Drew McDaniel, A. Selcuk Uluagac

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Data sharing among partners—users, companies, organizations—is crucial for the advancement of collaborative machine learning in many domains such as healthcare, finance, and security. Sharing through secure computation and other means allow these partners to perform privacy-preserving computations on their private data in controlled ways. However, in reality, there exist complex relationships among members (partners). Politics, regulations, interest, trust, data demands and needs prevent members from sharing their complete data. Thus, there is a need for a mechanism to meet these conflicting relationships on data sharing. This paper presents Curie1, an approach to exchange data among members who have complex relationships. A novel policy language, CPL, that allows members to define the specifications of data exchange requirements is introduced. With CPL, members can easily assert who and what to exchange through their local policies and negotiate a global sharing agreement. The agreement is implemented in a distributed privacy-preserving model that guarantees sharing among members will comply with the policy as negotiated. The use of Curie is validated through an example healthcare application built on recently introduced secure multi-party computation and differential privacy frameworks, and policy and performance trade-offs are explored.

Original languageEnglish (US)
Title of host publicationCODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy
PublisherAssociation for Computing Machinery, Inc
Pages121-132
Number of pages12
ISBN (Electronic)9781450360999
DOIs
StatePublished - Mar 13 2019
Event9th ACM Conference on Data and Application Security and Privacy, CODASPY 2019 - Richardson, United States
Duration: Mar 25 2019Mar 27 2019

Publication series

NameCODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy

Conference

Conference9th ACM Conference on Data and Application Security and Privacy, CODASPY 2019
CountryUnited States
CityRichardson
Period3/25/193/27/19

Fingerprint

Electronic data interchange
Finance
Learning systems
Specifications
Industry

All Science Journal Classification (ASJC) codes

  • Information Systems
  • Computer Science Applications
  • Software

Cite this

Celik, Z. B., Acar, A., Aksu, H., Sheatsley, R., McDaniel, P. D., & Uluagac, A. S. (2019). Curie: Policy-based secure data exchange. In CODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy (pp. 121-132). (CODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy). Association for Computing Machinery, Inc. https://doi.org/10.1145/3292006.3300042
Celik, Z. Berkay ; Acar, Abbas ; Aksu, Hidayet ; Sheatsley, Ryan ; McDaniel, Patrick Drew ; Uluagac, A. Selcuk. / Curie : Policy-based secure data exchange. CODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy. Association for Computing Machinery, Inc, 2019. pp. 121-132 (CODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy).
@inproceedings{344912ed585e4dd080db48738fa61eaa,
title = "Curie: Policy-based secure data exchange",
abstract = "Data sharing among partners—users, companies, organizations—is crucial for the advancement of collaborative machine learning in many domains such as healthcare, finance, and security. Sharing through secure computation and other means allow these partners to perform privacy-preserving computations on their private data in controlled ways. However, in reality, there exist complex relationships among members (partners). Politics, regulations, interest, trust, data demands and needs prevent members from sharing their complete data. Thus, there is a need for a mechanism to meet these conflicting relationships on data sharing. This paper presents Curie1, an approach to exchange data among members who have complex relationships. A novel policy language, CPL, that allows members to define the specifications of data exchange requirements is introduced. With CPL, members can easily assert who and what to exchange through their local policies and negotiate a global sharing agreement. The agreement is implemented in a distributed privacy-preserving model that guarantees sharing among members will comply with the policy as negotiated. The use of Curie is validated through an example healthcare application built on recently introduced secure multi-party computation and differential privacy frameworks, and policy and performance trade-offs are explored.",
author = "Celik, {Z. Berkay} and Abbas Acar and Hidayet Aksu and Ryan Sheatsley and McDaniel, {Patrick Drew} and Uluagac, {A. Selcuk}",
year = "2019",
month = "3",
day = "13",
doi = "10.1145/3292006.3300042",
language = "English (US)",
series = "CODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy",
publisher = "Association for Computing Machinery, Inc",
pages = "121--132",
booktitle = "CODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy",

}

Celik, ZB, Acar, A, Aksu, H, Sheatsley, R, McDaniel, PD & Uluagac, AS 2019, Curie: Policy-based secure data exchange. in CODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy. CODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy, Association for Computing Machinery, Inc, pp. 121-132, 9th ACM Conference on Data and Application Security and Privacy, CODASPY 2019, Richardson, United States, 3/25/19. https://doi.org/10.1145/3292006.3300042

Curie : Policy-based secure data exchange. / Celik, Z. Berkay; Acar, Abbas; Aksu, Hidayet; Sheatsley, Ryan; McDaniel, Patrick Drew; Uluagac, A. Selcuk.

CODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy. Association for Computing Machinery, Inc, 2019. p. 121-132 (CODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Curie

T2 - Policy-based secure data exchange

AU - Celik, Z. Berkay

AU - Acar, Abbas

AU - Aksu, Hidayet

AU - Sheatsley, Ryan

AU - McDaniel, Patrick Drew

AU - Uluagac, A. Selcuk

PY - 2019/3/13

Y1 - 2019/3/13

N2 - Data sharing among partners—users, companies, organizations—is crucial for the advancement of collaborative machine learning in many domains such as healthcare, finance, and security. Sharing through secure computation and other means allow these partners to perform privacy-preserving computations on their private data in controlled ways. However, in reality, there exist complex relationships among members (partners). Politics, regulations, interest, trust, data demands and needs prevent members from sharing their complete data. Thus, there is a need for a mechanism to meet these conflicting relationships on data sharing. This paper presents Curie1, an approach to exchange data among members who have complex relationships. A novel policy language, CPL, that allows members to define the specifications of data exchange requirements is introduced. With CPL, members can easily assert who and what to exchange through their local policies and negotiate a global sharing agreement. The agreement is implemented in a distributed privacy-preserving model that guarantees sharing among members will comply with the policy as negotiated. The use of Curie is validated through an example healthcare application built on recently introduced secure multi-party computation and differential privacy frameworks, and policy and performance trade-offs are explored.

AB - Data sharing among partners—users, companies, organizations—is crucial for the advancement of collaborative machine learning in many domains such as healthcare, finance, and security. Sharing through secure computation and other means allow these partners to perform privacy-preserving computations on their private data in controlled ways. However, in reality, there exist complex relationships among members (partners). Politics, regulations, interest, trust, data demands and needs prevent members from sharing their complete data. Thus, there is a need for a mechanism to meet these conflicting relationships on data sharing. This paper presents Curie1, an approach to exchange data among members who have complex relationships. A novel policy language, CPL, that allows members to define the specifications of data exchange requirements is introduced. With CPL, members can easily assert who and what to exchange through their local policies and negotiate a global sharing agreement. The agreement is implemented in a distributed privacy-preserving model that guarantees sharing among members will comply with the policy as negotiated. The use of Curie is validated through an example healthcare application built on recently introduced secure multi-party computation and differential privacy frameworks, and policy and performance trade-offs are explored.

UR - http://www.scopus.com/inward/record.url?scp=85063873129&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85063873129&partnerID=8YFLogxK

U2 - 10.1145/3292006.3300042

DO - 10.1145/3292006.3300042

M3 - Conference contribution

AN - SCOPUS:85063873129

T3 - CODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy

SP - 121

EP - 132

BT - CODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy

PB - Association for Computing Machinery, Inc

ER -

Celik ZB, Acar A, Aksu H, Sheatsley R, McDaniel PD, Uluagac AS. Curie: Policy-based secure data exchange. In CODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy. Association for Computing Machinery, Inc. 2019. p. 121-132. (CODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy). https://doi.org/10.1145/3292006.3300042