short-paper

Public Access

Accessible Privacy-Preserving Web-Based Data Analysis for Assessing and Addressing Economic Inequalities

Authors:

Frederick Jansen,

Kinan Dak Albab,

Azer BestavrosAuthors Info & Claims

COMPASS '18: Proceedings of the 1st ACM SIGCAS Conference on Computing and Sustainable Societies

Article No.: 48, Pages 1 - 5

https://doi.org/10.1145/3209811.3212701

Published: 20 June 2018 Publication History

Abstract

An essential component of initiatives that aim to address pervasive inequalities of any kind is the ability to collect empirical evidence of both the status quo baseline and of any improvement that can be attributed to prescribed and deployed interventions. Unfortunately, two substantial barriers can arise preventing the collection and analysis of such empirical evidence: (1) the sensitive nature of the data itself and (2) a lack of technical sophistication and infrastructure available to both an initiative's beneficiaries and to those spearheading it. In the last few years, it has been shown that a cryptographic primitive called secure multi-party computation (MPC) can provide a natural technological resolution to this conundrum. MPC allows an otherwise disinterested third party to contribute its technical expertise and resources, to avoid incurring any additional liabilities itself, and (counterintuitively) to reduce the level of data exposure that existing parties must accept to achieve their data analysis goals. However, achieving these benefits requires the deliberate design of MPC tools and frameworks whose level of accessibility to non-technical users with limited infrastructure and expertise is state-of-the-art. We describe our own experiences designing, implementing, and deploying such usable web applications for secure data analysis within the context of two real-world initiatives that focus on promoting economic equality.

References

[1]

Tom Ashbrook. 2016. Will Data Help Close the Gender Pay Gap? NPR OnPoint radio show, WBUR 90.9. (March 2016). Retrieved May 8, 2018 from http://www.wbur.org/onpoint/2016/03/30/gender-gap-pay-gap-boston-amazon.

[2]

Laura Bassett. 2016. Apple, Facebook, Other Major Companies Commit to Paying Women the Same as Men. HuffPost News. (August 2016). Retrieved May 8, 2018 from http://www.huffingtonpost.com/entry/apple-facebook-obama-pay-gap_us_57bf44ede4b02673444f228f.

[3]

Assaf Ben-David, Noam Nisan, and Benny Pinkas. 2008. FairplayMP: A System for Secure Multi-party Computation. In Proceedings of the 15th ACM Conference on Computer and Communications Security (CCS '08). ACM, New York, NY, USA, 257--266.

Digital Library

[4]

Michael Ben-Or, Shafi Goldwasser, and Avi Wigderson. 1988. Completeness Theorems for Non-cryptographic Fault-tolerant Distributed Computation. In Proceedings of the Twentieth Annual ACM Symposium on Theory of Computing (STOC '88). ACM, New York, NY, USA, 1--10.

Digital Library

[5]

Azer Bestavros, Andrei Lapets, and Mayank Varia. 2017. User-Centric Distributed Solutions for Privacy-Preserving Analytics. Commun. ACM 60, 2 (January 2017), 37--39.

Digital Library

[6]

Dan Bogdanov, Marko Jõemets, Sander Siim, and Meril Vaht. 2015. How the Estonian Tax and Customs Board Evaluated a Tax Fraud Detection System Based on Secure Multi-party Computation. Springer Berlin Heidelberg, Berlin, Heidelberg, 227--234.

[7]

Dan Bogdanov, Sven Laur, and Jan Willemson. 2008. Sharemind: A Framework for Fast Privacy-Preserving Computations. In Computer Security - ESORICS 2008 (Lecture Notes in Computer Science), Sushil Jajodia and Javier Lopez (Eds.), Vol. 5283. Springer Berlin Heidelberg, Berlin, Heidelberg, 192--206.

Digital Library

[8]

Peter Bogetoft, Dan Lund Christensen, Ivan Damgård, Martin Geisler, Thomas P. Jakobsen, Mikkel Krøigaard, Janus Dam Nielsen, Jesper Buus Nielsen, Kurt Nielsen, Jakob Pagter, Michael I. Schwartzbach, and Tomas Toft. 2009. Secure Multiparty Computation Goes Live. In Financial Cryptography and Data Security (Lecture Notes in Computer Science), Roger Dingledine and Philippe Golle (Eds.), Vol. 5628. Springer Berlin Heidelberg, Berlin, Heidelberg, 325--343.

Digital Library

[9]

Martin Burkhart, Mario Strasser, Dilip Many, and Xenofontas Dimitropoulos. 2010. SEPIA: Privacy-preserving Aggregation of Multi-domain Network Events and Statistics. In Proceedings of the 19th USENIX Conference on Security (USENIX Security'10). USENIX Association, Berkeley, CA, USA, 15--15.

Digital Library

[10]

Chris Clifton, Murat Kantarcioglu, Jaideep Vaidya, Xiaodong Lin, and Michael Y. Zhu. 2002. Tools for Privacy Preserving Distributed Data Mining. SIGKDD Explor. Newsl. 4, 2 (December 2002), 28--34.

Digital Library

[11]

U.S. Equal Employment Opportunity Commission. 2018. EEO-1 Survey. (2018). Retrieved May 8, 2018 from https://www.eeoc.gov/employers/eeo1survey/index.cfm.

[12]

Boston Women's Workforce Council. 2018. Boston Women's Workforce Council Report 2017. (January 2018). Retrieved May 8, 2018 from https://www.boston.gov/sites/default/files/document-file-01-2018/bwwc_2017_report.pdf.

[13]

Ivan Damgård, Kasper Damgård, Kurt Nielsen, Peter Sebastian Nordholt, and Tomas Toft. 2017. Confidential Benchmarking Based on Multiparty Computation. In Financial Cryptography and Data Security. Springer Berlin Heidelberg, Berlin, Heidelberg, 169--187.

[14]

Daniel Demmler, Thomas Schneider, and Michael Zohner. 2015. ABY - A Framework for Efficient Mixed-Protocol Secure Two-Party Computation. In 22nd Annual Network and Distributed System Security Symposium (NDSS 2015). The Internet Society.

[15]

Yael Ejgenberg, Moriya Farbstein, Meital Levy, and Yehuda Lindell. 2012. SCAPI: The Secure Computation Application Programming Interface. Cryptology ePrint Archive, Report 2012/629. (November 2012). Retrieved from https://eprint.iacr.org/2012/629.

[16]

Khaled El Emam, Jun Hu, Jay Mercer, Liam Peyton, Murat Kantarcioglu, Bradley Malin, David Buckeridge, Saeed Samet, and Craig Earle. 2011. A secure protocol for protecting the identity of providers when disclosing data for disease surveillance. Journal of the American Medical Informatics Association 18, 3 (May 2011), 212--217.

[17]

Oded Goldreich. 2004. The Foundations of Cryptography - Volume 2, Basic Applications. Cambridge University Press, New York, NY, USA.

Digital Library

[18]

Oded Goldreich, Silvio Micali, and Avi Wigderson. 1987. How to Play ANY Mental Game or A Completeness Theorem for Protocols with Honest Majority. In Proceedings of the Nineteenth Annual ACM Symposium on Theory of Computing (STOC '87). ACM, New York, NY, USA, 218--229.

Digital Library

[19]

Ayman Jarrous and Benny Pinkas. 2013. Canon-MPC, a System for Casual Non-interactive Secure Multi-party Computation Using Native Client. In Proceedings of the 12th ACM Workshop on Workshop on Privacy in the Electronic Society (WPES '13). ACM, New York, NY, USA, 155--166.

Digital Library

[20]

Katie Johnston. 2015. Mayor Walsh pushes to gather data on gender wage gap. The Boston Globe. (April 2015). Retrieved May 8, 2018 from https://www.bostonglobe.com/business/2015/04/07/walsh-women-venture-capital-summit-says-female-staff-members-underpaid/nKlivDh1VtOCV8hwVJ5XNM/story.html.

[21]

Andrei Lapets, Mayank Varia, Azer Bestavros, and Frederick Jansen. 2017. Role-Based Ecosystem Model for Design, Development, and Deployment of Secure Multi-Party Data Analytics Applications. Cryptology ePrint Archive, Report 2017/803. (August 2017). Retrieved from https://eprint.iacr.org/2017/803.

[22]

Andrei Lapets, Nikolaj Volgushev, Azer Bestavros, Frederick Jansen, and Mayank Varia. 2016. Secure MPC for Analytics as a Web Application. In 2016 IEEE Cybersecurity Development (SecDev). 73--74.

[23]

John Launchbury, Iavor S. Diatchki, Thomas DuBuisson, and Andy Adams-Moran. 2012. Efficient Lookup-table Protocol in Secure Multiparty Computation. In Proceedings of the 17th ACM SIGPLAN International Conference on Functional Programming (ICFP '12). ACM, New York, NY, USA, 189--200.

Digital Library

[24]

Chang Liu, Xiao Shaun Wang, Kartik Nayak, Yan Huang, and Elaine Shi. 2015. ObliVM: A Programming Framework for Secure Computation. In 2015 IEEE Symposium on Security and Privacy. 359--376.

Digital Library

[25]

Alfred J. Menezes, Scott A. Vanstone, and Paul C. Van Oorschot. 1996. Handbook of Applied Cryptography (1st ed.). CRC Press, Inc., Boca Raton, FL, USA.

Digital Library

[26]

Kartik Nayak, Xiao Shaun Wang, Stratis Ioannidis, Udi Weinsberg, Nina Taft, and Elaine Shi. 2015. GraphSC: Parallel Secure Computation Made Easy. In 2015 IEEE Symposium on Security and Privacy. 377--394.

Digital Library

[27]

Greater Boston Chamber of Commerce. 2018. GBCC Launches Pacesetters Initiative Aimed at Uniting the Business Community's Response to Economic Inclusion. (January 2018). Retrieved May 8, 2018 from http://bostonchamber.com/about-us/media-center/gbcc-launches-pacesetters-initiative.

[28]

Greater Boston Chamber of Commerce. 2018. Pacesetters Initiative. (January 2018). Retrieved May 8, 2018 from http://bostonchamber.com/programs-events/pacesetters.

[29]

Jason Perry, Debayan Gupta, Joan Feigenbaum, and Rebecca N. Wright. 2014. Systematizing Secure Computation for Research and Decision Support. In Security and Cryptography for Networks, Michel Abdalla and Roberto De Prisco (Eds.). Springer International Publishing, Cham, 380--397.

[30]

Aseem Rastogi, Matthew A. Hammer, and Michael Hicks. 2014. Wysteria: A Programming Language for Generic, Mixed-Mode Multiparty Computations. In 2014 IEEE Symposium on Security and Privacy. IEEE Computer Society, Washington, DC, USA, 655--670.

Digital Library

[31]

Axel Schroepfer and Florian Kerschbaum. 2011. Demo: Secure Computation in JavaScript. In Proceedings of the 18th ACM Conference on Computer and Communications Security (CCS '11). ACM, New York, NY, USA, 849--852.

Digital Library

[32]

Adi Shamir. 1979. How to Share a Secret. Commun. ACM 22, 11 (November 1979), 612--613.

Digital Library

[33]

Ebrahim M. Songhori, Siam U. Hussain, Ahmad-Reza Sadeghi, Thomas Schneider, and Farinaz Koushanfar. 2015. TinyGarble: Highly Compressed and Scalable Sequential Garbled Circuits. In 2015 IEEE Symposium on Security and Privacy. IEEE Computer Society, Washington, DC, USA, 411--428.

Digital Library

[34]

Multiparty.org Development Team. 2018. JavaScript Implementation of Federated Functionalities. (May 2018). Retrieved May 8, 2018 from https://github.com/multiparty/jiff.

[35]

Multiparty.org Development Team. 2018. Web-MPC. (March 2018). Retrieved May 8, 2018 from https://github.com/multiparty/web-mpc.

[36]

VIFF Development Team. 2009. VIFF, the Virtual Ideal Functionality Framework. (December 2009). Retrieved May 8, 2018 from http://viff.dk/.

[37]

Andrew C. Yao. 1982. Protocols for Secure Computations. In Proceedings of the 23rd Annual Symposium on Foundations of Computer Science (SFCS '82). IEEE Computer Society, Washington, DC, USA, 160--164.

Digital Library

Cited By

Espiritu ZGeorge MKamara SQin L(2024)Synq: Public Policy Analytics Over Encrypted Data2024 IEEE Symposium on Security and Privacy (SP)10.1109/SP54263.2024.00085(146-165)Online publication date: 19-May-2024
https://doi.org/10.1109/SP54263.2024.00085
Ashurst CWeller A(2023)Fairness Without Demographic Data: A Survey of ApproachesProceedings of the 3rd ACM Conference on Equity and Access in Algorithms, Mechanisms, and Optimization10.1145/3617694.3623234(1-12)Online publication date: 30-Oct-2023
https://dl.acm.org/doi/10.1145/3617694.3623234
Beck GGoel AHegde AJain AJin ZKaptchuk GMeng WJensen CCremers CKirda E(2023)Scalable Multiparty GarblingProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3623132(2158-2172)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3623132
Show More Cited By

Index Terms

Accessible Privacy-Preserving Web-Based Data Analysis for Assessing and Addressing Economic Inequalities
1. Information systems
  1. Information systems applications
2. Security and privacy
  1. Human and societal aspects of security and privacy
  2. Security services
    1. Privacy-preserving protocols

Recommendations

An efficient fair UC-secure protocol for two-party computation

With the development of modern Internet and mobile networks, there is an increasing need for collaborative privacy-preserving applications. Secure multi-party computation SMPC gives a general solution to these applications and has become a hot topic. ...
Privacy-Preserving Multi-Party Reconciliation Secure in the Malicious Model
Revised Selected Papers of the 8th International Workshop on Data Privacy Management and Autonomous Spontaneous Security - Volume 8247

The problem of fair and privacy-preserving ordered set reconciliation arises in a variety of applications like auctions, e-voting, and appointment reconciliation. While several multi-party protocols have been proposed that solve this problem in the semi-...
Design and implementation of privacy-preserving reconciliation protocols
EDBT '13: Proceedings of the Joint EDBT/ICDT 2013 Workshops

Privacy-preserving reconciliation protocols on ordered sets are protocols that solve a particular subproblem of secure multiparty computation. Here, each party holds a private input set of equal size in which the elements are ordered according to the ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

COMPASS '18: Proceedings of the 1st ACM SIGCAS Conference on Computing and Sustainable Societies

June 2018

472 pages

ISBN:9781450358163

DOI:10.1145/3209811

Conference Chair:
Ellen Zegura
Georgia Tech

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGCAS: ACM Special Interest Group on Computers and Society

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 20 June 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper
Research
Refereed limited

Funding Sources

National Science Foundation

Conference

COMPASS '18

Sponsor:

SIGCAS

COMPASS '18: ACM SIGCAS Conference on Computing and Sustainable Societies

June 20 - 22, 2018

CA, Menlo Park and San Jose, USA

Acceptance Rates

Overall Acceptance Rate 25 of 50 submissions, 50%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

18
Total Citations
View Citations
1,451
Total Downloads

Downloads (Last 12 months)349
Downloads (Last 6 weeks)29

Reflects downloads up to 12 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Espiritu ZGeorge MKamara SQin L(2024)Synq: Public Policy Analytics Over Encrypted Data2024 IEEE Symposium on Security and Privacy (SP)10.1109/SP54263.2024.00085(146-165)Online publication date: 19-May-2024
https://doi.org/10.1109/SP54263.2024.00085
Ashurst CWeller A(2023)Fairness Without Demographic Data: A Survey of ApproachesProceedings of the 3rd ACM Conference on Equity and Access in Algorithms, Mechanisms, and Optimization10.1145/3617694.3623234(1-12)Online publication date: 30-Oct-2023
https://dl.acm.org/doi/10.1145/3617694.3623234
Beck GGoel AHegde AJain AJin ZKaptchuk GMeng WJensen CCremers CKirda E(2023)Scalable Multiparty GarblingProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3623132(2158-2172)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3623132
Zhang HMa XWang JZhang XPan DZhong K(2023)Privacy-Preserving Link Prediction in Multiple Private NetworksIEEE Transactions on Computational Social Systems10.1109/TCSS.2022.316801010:2(538-550)Online publication date: Apr-2023
https://doi.org/10.1109/TCSS.2022.3168010
Sanon SReddy RLipps CSchotten H(2023)Secure Federated Learning: An Evaluation of Homomorphic Encrypted Network Traffic Prediction2023 IEEE 20th Consumer Communications & Networking Conference (CCNC)10.1109/CCNC51644.2023.10060116(1-6)Online publication date: 8-Jan-2023
https://doi.org/10.1109/CCNC51644.2023.10060116
Walsh JVaria MCohen ASellars ABestavros AWeitzner DFeigenbaum JYoo C(2022)Multi-Regulation ComputingProceedings of the 2022 Symposium on Computer Science and Law10.1145/3511265.3550445(53-65)Online publication date: 1-Nov-2022
https://dl.acm.org/doi/10.1145/3511265.3550445
Tsao MYang KZoepf SPavone M(2022)Trust but Verify: Cryptographic Data Privacy for Mobility ManagementIEEE Transactions on Control of Network Systems10.1109/TCNS.2022.31410279:1(50-61)Online publication date: Mar-2022
https://doi.org/10.1109/TCNS.2022.3141027
Agahari WOfe Hde Reuver M(2022)It is not (only) about privacy: How multi-party computation redefines control, trust, and risk in data sharingElectronic Markets10.1007/s12525-022-00572-w32:3(1577-1602)Online publication date: 30-Jul-2022
https://doi.org/10.1007/s12525-022-00572-w
LINDELL YPointcheval D(2022)Secure Multiparty ComputationAsymmetric Cryptography10.1002/9781394188369.ch4(85-106)Online publication date: 30-Nov-2022
https://doi.org/10.1002/9781394188369.ch4
Vomvas MBlass ENoubir GPöpper CVanhoef MBatina LMayrhofer R(2021)SELESTProceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks10.1145/3448300.3468228(238-249)Online publication date: 28-Jun-2021
https://dl.acm.org/doi/10.1145/3448300.3468228
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents