.

Sunday, May 26, 2019

Paper Critique: “Airavat: Security and Privacy for Mapreduce” Essay

1. (10%) State the riddle the wallpaper is trying to solve.This paper is trying to demonstrate how Airavat, a MapReduce-based system for distributed computations provides end-to-end confidentiality, integrity, and retirement guarantees using a combination of needful access control and differential solitude which provides security and silence guarantees against data leakage.2. (20%) State the main contribution of the paper solving a new problem, proposing a new algorithm, or presenting a new evaluation (analysis). If a new problem, why was the problem important? Is the problem still important today? Will the problem be important tomorrow? If a new algorithm or new evaluation (analysis), what are the improvements over previous algorithms or evaluations? How do they come up with the new algorithm or evaluation?The main contribution of the paper is that Airavat builds on mandatory access control (MAC) and differential privacy to run into untrusted MapReduce computations on sensit ive data do not leak private information and provide confidentiality, integrity, and privacy guarantees. The goal is to save malicious computation providers from violating privacy policies a data provider imposes on the data to prevent leaking information about individual items in the data. The system is implemented as a modification to MapReduce and the Java virtual machine, and runs on top of SELinux3. (15%) Summarize the (at well-nigh) 3 key main ideas (each in 1 sentence.)(1) First work to add MAC and differential privacy to mapreduce. (2) Proposes a new framework for privacy preserving mapreduce computations. (3) Confines untrusted code.4. (30%) Critique the main contributiona. graze the significance of the paper on a scale of 5 (breakthrough), 4 (significant contribution), 3 (modest contribution), 2 (incremental contribution), 1 (no contribution or negative contribution). Explain your grade in a sentence or two.This system provides security and privacy guarantees for distr ibuted computations on sensitive data at the ends. However, the data still can be leaked in the cloud. Beca lend oneself multiple machines are involved in the computation and malicious worker can sent the intermediate data to the outside system, which threatens the privacy of the excitant data. Even not to this extent, temporary data is stored in the workers and those data can be fetched even after computation is done.b. Rate how convincing the methodology is how do the authors justify the solution approach or evaluation? Do the authors use arguments, analyses, experiments, simulations, or a combination of them? Do the claims and conclusions follow from the arguments, analyses or experiments? atomic number 18 the assumptions pragmatic (at the time of the research)? Are the assumptions still valid today? Are the experiments well designed? Are there different experiments that would be to a greater extent convincing? Are there other alternatives the authors should have considered? ( And, of course, is the paper free of methodological errors.)As the authors stated on page 3 We aim to prevent malicious computation providers from violating the privacy policy of the data provider(s) by leaking information about individual data items. They use differential privacy mechanism to ensure this. One interesting solution to data leakage is that they have the mapper specify a range of its keys. It seems like that the larger your data even up is, the more privacy you have because a user affects less of the output, if removed. They showed results that were really close to 100% with the added noise, it seems this is viable solution to protect the privacy of your data inputc. What is the most important limitation of the approach?As the authors mention, one computation provider could exhaust this budget on a dataset for all other computation providers and use more than its fair share. While there is some estimation of effective parameters, there are a large number of parameters that must be set for Airavat to work properly. This increases the probability of misconfigurations or configurations that might severely limit the computations that can be performed on the data.5. (15%) What lessons should researchers and builders take away from this work. What (if any) questions does this work leave open?The flowing implementation of Airavat supports both trusted and untrusted Mappers, but Reducers must be trusted and they also modified the JVM to make mappers independent (using invocation numbers to identify current and previous mappers). They also modified the reducer to provide differential privacy. From the data providers perspective they must provide several privacy parameters like- privacy group and privacy budget.6. (10%) Propose your improvement on the same problem.I have no suggested improvements.

No comments:

Post a Comment