patterns and packages
play

Patterns and Packages in PostgreSQL for Privacy Preservation - PowerPoint PPT Presentation

Jun 29, 2023 •250 likes •508 views

PostgreSQL, Planning, PostGIS, Partitioning, PaaS, Permissions and now. Patterns and Packages in PostgreSQL for Privacy Preservation mantaq10 15 November 2019, Sydney www.2019.pgdu.org Atif Rahman I was like her According to Pearson-R

  1. PostgreSQL, Planning, PostGIS, Partitioning, PaaS, Permissions and now…. Patterns and Packages in PostgreSQL for Privacy Preservation mantaq10 15 November 2019, Sydney www.2019.pgdu.org Atif Rahman

  2. I was like her According to Pearson-R We were both outliers • Data Engineering • ML Pipelines • Herding Cats

  3. April 2018 – March 2019 964 NDB Breach Notifications OAIC Report 2019 Human Error Attack Healthcare 55% 35% 60% Error Others Financial 41% www.2019.pgdu.org mantaq10

  4. OAIC Report 2019 www.2019.pgdu.org mantaq10

  5. You can have security but not necessarily privacy www.2019.pgdu.org mantaq10

  6. Security Protection Binary Usage Privacy Contextual ISO/IEC 29100:2011: Privacy Framework www.2019.pgdu.org mantaq10

  7. Privacy Guarantees 𝐺 Loss-less Functions De-Identification (Record Keys (PK, FK, SK)) 1 vs x f(x) Lossy Functions 𝐺 "# Re-Identification (Brute Force & Decryption) 2 Re-Identification (Record Linkage * Math) 3 4 Ethical Computing (Permissibility & Compliance) PII and Attribute “Homomorphic encryption schemes are often Augmentation repackaging vulnerabilities (practical chosen- ciphertext attacks) as features.” – The Internet www.2019.pgdu.org mantaq10

  8. Record Linkage "87% of the U.S. population is uniquely identified by date of birth, gender, postal code.” Latanya Sweeney (k-anonymity) “Decreasing the precision of the data, or perturbing it statistically, makes re-identification gradually harder at a substantial cost to utility”. Chris Culnane, Benjamin Rubinstein, Vanessa Teague @UniMelb www.2019.pgdu.org mantaq10

  9. Privacy vs Utility Trade-off Bleeding Edge Cutting Edge Established DP SM HE AN Better Privacy Utility Guarantee SM: Secure Multiparty Computing DP: Differential Privacy HE: Homomorphic Encryption AN: Anonymisation www.2019.pgdu.org mantaq10

  10. 1. AN: (Pseudo)Anonymisation ID NAME DOB EMPLOYER ZIPCODE FK_SHOP 101 SARAH CONNOR 12-06-1962 JB Vet 63456 12 112 PAMELA LANDY 18-10-1971 FBI 54367 45 REPLACEMENT SUPRESSION (PG String Functions) (reversible or random) REPLACEMENT (PGAnonymizer) PERTURBATION GENERALISATION ID NAME DOB EMPLOYER ZIPCODE FK_SHOP 101 MIKE OBAMA 13-07-1982 JB Vet 63456 12 112 BRUCE LEE 19-11-1991 FBI 54367 45 www.2019.pgdu.org mantaq10

  11. 1. AN: (Pseudo) Anonymisation ID NAME DOB EMPLOYER ZIPCODE FK_SHOP 101 SARAH CONNOR 12-06-1962 JB Vet 63456 12 112 PAMELA LANDY 18-10-1971 FBI 54367 45 REPLACEMENT SUPRESSION (PG String Functions) (Wildcard or Removal) SUPRESSION (PGAnonymizer) - 18 PII Attributes PERTURBATION GENERALISATION ID NAME EMPLOYER ZIPCODE FK_SHOP 101 M*** ****A JB Vet 63456 12 112 B**** **E FBI 54367 45 www.2019.pgdu.org mantaq10

  12. 1. AN: (Pseudo) Anonymisation ID NAME DOB EMPLOYER ZIPCODE FK_SHOP 101 SARAH CONNOR 12-06-1962 JB Vet 63456 12 112 PAMELA LANDY 18-10-1971 FBI 54367 45 REPLACEMENT SUPRESSION (Additive Noise) (PGAnonymizer) (PDF) (Google DP) PERTURBATION (Data Imputation) (Uber DP) PERTURBATION GENERALISATION ID NAME DOB EMPLOYER ZIPCODE FK_SHOP 101 SARAH CONNOR 12-07-1958 JB Vet 64532 12 112 PAMELA LANDY 18-11-1973 FBI 57843 45 www.2019.pgdu.org mantaq10

  13. 1. AN: (Pseudo)Anonymisation ID NAME DOB EMPLOYER ZIPCODE FK_SHOP 101 SARAH CONNOR 12-06-1962 JB Vet 63456 12 112 PAMELA LANDY 18-10-1971 FBI 54367 45 REPLACEMENT SUPRESSION (PGAnonymizer) GENERALISATION (K-Anonymity or Masking) (PG Aggregate Functions) PERTURBATION 𝝉 _ZIPCODE ID NAME DOB EMPLOYER FK_SHOP GENERALISATION 101 SARAH CONNOR 1960s JB Vet 0.37 12 112 PAMELA LANDY 1970s FBI -0.99 45 www.2019.pgdu.org mantaq10

  14. Privacy vs Utility Trade-off Bleeding Edge Cutting Edge Established DP SM HE AN Better Privacy Utility Guarantee SM: Secure Multiparty Computing DP: Differential Privacy HE: Homomorphic Encryption AN: Anonymisation www.2019.pgdu.org mantaq10

  15. Differential Privacy ? Database with Statistical Perturbations Private The Oracle Ned in it Properties (Noise) Database. Not sure if Ned is there anymore • Works on the Data itself, not on the management environment • Considerably fast compared to encryption techniques. • Quantum Safe (ish) www.2019.pgdu.org mantaq10

  16. Differential Privacy on PostgreSQL https://github.com/google/differential-privacy Privacy Loss Count Sum Mean - Epsilon & Delta Variance - Risk Score for every attribute Standard deviation Order statistics (including min, max, used for a particular person and median) - Risk Score for total number of records with similar values Laplace Functions for UDFs - (rule of thumb) k = 11 www.2019.pgdu.org mantaq10

  17. HE: Homomorphic Encryption Malleable BFV Microsoft SEAL Partial Ability to apply PALISADE HE computations HELib BGV Performance on encrypted HEAAN Full TFHE data! HE CKKS Operators Trade-Offs Categories Schemes Libraries www.2019.pgdu.org mantaq10

  18. Privacy vs Utility Trade-off Bleeding Edge Cutting Edge Established DP SM HE AN Better Privacy Utility Guarantee SM: Secure Multiparty Computing DP: Differential Privacy HE: Homomorphic Encryption AN: Anonymisation www.2019.pgdu.org mantaq10

  19. Secure Multi-party Computing K-Anonymity X4/4 = Avg_pay A X4 = D_pay + X3 X1 = A_pay + 876532 D B X3 = C_pay + X2 C X2 = B_pay + X1 www.2019.pgdu.org mantaq10

  20. Privacy Guarantees 𝐺 Loss-less Functions De-Identification (Record Keys (PK, FK, SK)) 1 vs x f(x) Lossy Functions 𝐺 "# Re-Identification (Brute Force & Decryption) 2 Re-Identification (Record Linkage & Math) 3 4 Ethical Computing (Permissibility & Compliance) PII and Attribute “Homomorphic encryption schemes are often Augmentation repackaging vulnerabilities (practical chosen- ciphertext attacks) as features.” – The Internet www.2019.pgdu.org mantaq10

  21. Typical Data Pipelines Sources Landing Processing Serving ………Privacy Gates 1 1 2 4 3 2 Unified Key 1 2 Management System Ethical Computing (Permissibility & De-Identification (Record Keys (PK, FK, SK)) Re-Identification (Brute Force & Decryption) Re-Identification (Record Linkage) Compliance) www.2019.pgdu.org mantaq10

  22. Emerging Data Architecture (Data Fabrics) [HTAP = OLTP + OLAP] Processing & Serving Persistence Sources *Gaps to Close: Encryption • Performance Developer UX • Admin Tooling • Extensions! • Unified Key Management System Ethical Computing (Permissibility & De-Identification (Record Keys (PK, FK, SK)) Re-Identification (Brute Force & Decryption) Re-Identification (Record Linkage) Compliance) www.2019.pgdu.org mantaq10

  23. Key Takeaways Securing your database doesn ’t guarantee data privacy. There are trade-offs between privacy and utility You can provision privacy controls within PostgreSQL PostgreSQL fits emerging (data) architecture patterns Atif is pledging to build an extension, he needs my help! www.2019.pgdu.org mantaq10

  24. Questions 24

Recommend

Patterns for Testing Debian Packages Antonio Terceiro terceiro@debian.org A brief intro to

Patterns for Testing Debian Packages Antonio Terceiro terceiro@debian.org A brief intro to

Patterns for Testing Debian Packages Antonio Terceiro terceiro@debian.org A brief intro to Debian CI autopkgtest created back in 2006 (!) 2014: Debian CI launches Goal: provide automated testing for the Debian archive (i.e. run

816 views • 68 slides
Home Care Packages Program 1 Key points Home Care Packages More packages Four levels

Home Care Packages Program 1 Key points Home Care Packages More packages Four levels

Home Care Packages Program 1 Key points Home Care Packages More packages Four levels Existing clients transitioned to new program No Agreements required Single list of care and services Home Care Packages Program

332 views • 14 slides
MATLAB 1 Mathematical Software Symbolic Math Packages - This amorphous set of packages can

MATLAB 1 Mathematical Software Symbolic Math Packages - This amorphous set of packages can

MATLAB 1 Mathematical Software Symbolic Math Packages - This amorphous set of packages can be used to perform symbolic analyses. These packages typically can solve algebraic and differential equations, can integrate and differentiate

1.18k views • 72 slides
Parcel Pro Mockup Presentation 2.009 Pink B Packages get lost Packages get stolen

Parcel Pro Mockup Presentation 2.009 Pink B Packages get lost Packages get stolen

Parcel Pro Mockup Presentation 2.009 Pink B Packages get lost Packages get stolen Packages get delayed Mailboxes too small No mailbox access for UPS / FedEx Package delivery outpacing letter delivery

591 views • 14 slides
Building DICE Building DICE Building DICE Building DICE Packages Packages Packages Packages

Building DICE Building DICE Building DICE Building DICE Packages Packages Packages Packages

Building DICE Building DICE Building DICE Building DICE Packages Packages Packages Packages Paul Anderson Division of Informatics University of Edinburgh <paul@dcs.ed.ac.uk> Summary Summary Summary Summary ! Background DICE

490 views • 16 slides
Extending R through packages: Theres a package for everything R packages are available on CRAN

Extending R through packages: Theres a package for everything R packages are available on CRAN

Extending R through packages: Theres a package for everything R packages are available on CRAN (Comprehensive R Archive Network) Well be working with the package ggplot2 ggplot2: A grammar of graphics Traditional plotting: You are a

169 views • 16 slides
A new way to pick up your packages How many student packages arrive on campus annually? A.

A new way to pick up your packages How many student packages arrive on campus annually? A.

INTRODUCING A new way to pick up your packages How many student packages arrive on campus annually? A. 40,00070,000 B. 70,000100,000 C. 100,000130,000 D. More than 130,000 C. 100,000130,000 128,407 packages delivered in AY

557 views • 27 slides
Design Patterns Applications Programming What is design patterns? The design patterns are

Design Patterns Applications Programming What is design patterns? The design patterns are

10/26/2011 G52APR Design Patterns Applications Programming What is design patterns? The design patterns are language- Design Patterns 1 independent strategies for solving common object-oriented design problems. Jiawei Li (Michael)

316 views • 8 slides
More Design Patterns Horstmann ch.10.1,10.4 Design patterns Structural design patterns

More Design Patterns Horstmann ch.10.1,10.4 Design patterns Structural design patterns

More Design Patterns Horstmann ch.10.1,10.4 Design patterns Structural design patterns Adapter Composite Decorator Proxy Behavioral design patterns Iterator Observer Strategy Template method

777 views • 16 slides
Design Patterns in Eiffel Dr. Till Bay design patterns? [Design Patterns] are

Design Patterns in Eiffel Dr. Till Bay design patterns? [Design Patterns] are

Design Patterns in Eiffel Dr. Till Bay design patterns? [Design Patterns] are descriptions of communicating objects and classes that are customized to solve a general design problem in a particular context. Design Patterns,

1.44k views • 69 slides
Packages Packages 1. Every Java object resides in a package . 2. An objects package is

Packages Packages 1. Every Java object resides in a package . 2. An objects package is

Packages Packages 1. Every Java object resides in a package . 2. An objects package is explicitly declared on the first line of code in a .java file: package edu.pcwe.uw.javaintro.misc; public class HelloWorld { public static void main(

1.02k views • 56 slides
Design Patterns 1 What are Design Patterns? Design patterns describe common (and successful)

Design Patterns 1 What are Design Patterns? Design patterns describe common (and successful)

Design Patterns 1 What are Design Patterns? Design patterns describe common (and successful) ways of building software. 2 What are Design Patterns? A pattern describes a problem that occurs often, along with a tried solution to the

727 views • 48 slides
pkgsrc meets pkg-ng Generating pkg-ng packages from pkgsrc pkgsrcCon Berlin, July 4 th 2015

pkgsrc meets pkg-ng Generating pkg-ng packages from pkgsrc pkgsrcCon Berlin, July 4 th 2015

pkgsrc meets pkg-ng Generating pkg-ng packages from pkgsrc pkgsrcCon Berlin, July 4 th 2015 Pierre Pronchery <khorben@defora.org> Why pkg-ng Why not? Binary packages first-class citizens No more options for packages

449 views • 8 slides
4 OO Package Design Principles 4.1 Packages Introduction 4.2 Packages in UML 4.3 Three

4 OO Package Design Principles 4.1 Packages Introduction 4.2 Packages in UML 4.3 Three

4 OO Package Design Principles 4.1 Packages Introduction 4.2 Packages in UML 4.3 Three Package Design Principles 4.4 Development Environment (Three more principles) 4.5 Summary OO Package Design Principles Stefan Kluth 1 4.1 Packages

392 views • 36 slides
Algorithm Design Patterns and Anti-Patterns Algorithm design patterns. Ex. Greed. O(n log n)

Algorithm Design Patterns and Anti-Patterns Algorithm design patterns. Ex. Greed. O(n log n)

Algorithm Design Patterns and Anti-Patterns Algorithm design patterns. Ex. Greed. O(n log n) interval scheduling. Divide-and-conquer. O(n log n) FFT. Dynamic programming. O(n 2 ) edit distance. Duality. O(n 3 ) bipartite

626 views • 21 slides
Extending R through packages: Theres a package for everything R packages are available on CRAN

Extending R through packages: Theres a package for everything R packages are available on CRAN

Extending R through packages: Theres a package for everything R packages are available on CRAN (Comprehensive R Archive Network) R packages are available on CRAN (Comprehensive R Archive Network) Well be working with the package ggplot2

428 views • 18 slides
1. Packages in R - Why and How - are all installed in the correct places by a single command that

1. Packages in R - Why and How - are all installed in the correct places by a single command that

The following slides are (only) an Introduction to R packages. How to Write an R Package Additionally, we will work with The reference : the Writing R Extensions manual 1 . We will get an overview and consider some

586 views • 9 slides
CORPORATE EVENT PACKAGES BANGKOK CONTENTS - Description - Benefits - Packages - Package

CORPORATE EVENT PACKAGES BANGKOK CONTENTS - Description - Benefits - Packages - Package

V L I E E E S T C A A M P I T E L U G A E M H E T B D A N N A G L I K A O H K T CORPORATE EVENT PACKAGES BANGKOK CONTENTS - Description - Benefits - Packages - Package Details - Interior Game

559 views • 13 slides
Design Patterns (1) CSE 331 University of Washington Michael Ernst Outline Introduction to

Design Patterns (1) CSE 331 University of Washington Michael Ernst Outline Introduction to

Design Patterns (1) CSE 331 University of Washington Michael Ernst Outline Introduction to design patterns Creational patterns (constructing objects) Structural patterns (controlling heap layout) Behavioral patterns (affecting

532 views • 38 slides
Patterns of Projects: From Adrenaline Junkies to Template Zombies Tim Lister Patterns

Patterns of Projects: From Adrenaline Junkies to Template Zombies Tim Lister Patterns

Patterns of Projects: From Adrenaline Junkies to Template Zombies Tim Lister Patterns QuickTime and a TIFF (Uncompressed) decompressor are needed to see this picture. Lets look at some Project Patterns More Patterns Lets look at

592 views • 27 slides
Privacy Design Patterns and Anti-Patterns Patterns Misapplied and Unintended Consequences Nick

Privacy Design Patterns and Anti-Patterns Patterns Misapplied and Unintended Consequences Nick

Privacy Design Patterns and Anti-Patterns Patterns Misapplied and Unintended Consequences Nick Doty & Mohit Gupta UC Berkeley, School of Information Privacy-by-Design ... in practice for designers and developers of technologies document

266 views • 11 slides
Principles and Patterns 26 February, 2020 Recap Principles Patterns Inheritance Anti-patterns

Principles and Patterns 26 February, 2020 Recap Principles Patterns Inheritance Anti-patterns

Principles and Patterns 26 February, 2020 Recap Principles Patterns Inheritance Anti-patterns Lecture overview agile development agile design principles and patterns software testing Principles and Patterns Recap Principles

1.04k views • 89 slides
1 A step backwards? Our first set of patterns & componentization Patterns are not reusable

1 A step backwards? Our first set of patterns & componentization Patterns are not reusable

References Last update: 18 April 2007 Erich Gamma, Ralph Johnson, Richard Helms, John Software Architecture Vlissides: Design Patterns , Addison-Wesley, 1994 Bertrand Meyer Jean-Marc Jezequel, Michel Train, Christine Mingins: Design Patterns

79 views • 7 slides
Patterns 2020/4/12 Structural Design Patterns Creational Structural Behavioral Design

Patterns 2020/4/12 Structural Design Patterns Creational Structural Behavioral Design

Poly- mor- phism Abstra ction Class OOP Inheri -tance En- capsu- lation Structural Design Kuan-Ting Lai Patterns 2020/4/12 Structural Design Patterns Creational Structural Behavioral Design Patterns Design Patterns Design

931 views • 30 slides

More recommend