Partager cette page :

Contributions to Privacy-Preserving Data Intensive Systems

le 17 avril 2024


Campus de Beaulieu Salle i-50 - bât. 12D

Intervention de Tristan Allard, maître de conférences à l'Université de Rennes dans l'équipe SPICY à l'IRISA, dans le cadre des séminaires du département Informatique.


"Personal data is the new oil of the internet and the new currency of the digital world." claimed in March 2009 M. Kouneva, European Commissioner for Consumer Protection. More than a decade later, the collection of personal data has increased at a fast pace, fueled by the growth of digital services. Social networks, geolocation data, search queries on the web, smart metering, browsing patterns, chats, e-shopping, health services, speech recognition... A large part of the daily life of billions of individuals generates bytes. Given the ongoing massive personal data collection and the resulting massive personal data breaches, does this mean that "privacy is dead"? Strong tendencies suggest the opposite: personal data protection laws are flourishing worldwide, guaranteeing privacy is often both a selling argument and a legal requirement for industrial products or public organisation projects, and elaborate privacy-preserving techniques are being designed and implemented by academia and industries.

The design of privacy-preserving personal data management and analysis systems, called data intensive systems below for simplicity, is especially challenging. These systems have to cope with large volumes of data and may be required to support rich functionalities (e.g., SQL queries, analytical algorithms). Additionally, the infrastructure (i.e., servers, clients, peers) may be partially or completely untrusted, which leads to distributing the computation possibly over a large number of autonomous nodes (e.g., in a peer-to-peer fashion). In this context, although cryptography can bring necessary building blocks for reaching sound security guarantees, it might fail to cope with the large amount of data, with the required functionalities, or with the autonomy of clients/nodes. This thesis argues that combining cryptography with techniques that tolerate a controlled amount of information disclosure (typically, e.g., differentially private algorithms) is a promising track for coping with the requirements of privacy-preserving data intensive systems.

Formation, Recherche - Valorisation
Killian Barrere

Mise à jour le 16 avril 2024