🎓Privacy-preserving third-party computations on secure personal data management systems

Abstract: The privacy of individuals is constantly undermined by some of the most prominent companies in the world which centralize vast amounts of personal data. Recent legal means such as the General Data Protection Regulation in Europe regulate the collection and processing of citizens’ data. In particular, data portability grants individuals the right to recover a copy of their data held by an organization. At the same time, Personal Data Management Systems (PDMS) are emerging, empowering users by facilitating the management of their data. For example, these solutions enable automatic data collection, sharing, and advanced processing. In these solutions, the user’s data is processed directly where it is stored by a processing code potentially written by a third party. Here, only the results are shared with a third party upon the user’s decision. This paradigm diverges from the traditional approach in which the user’s data is entirely shared with a third party for processing. To be viable, PDMS must satisfy two prerequisites: they must ensure the security of the data in the presence of a layman user while being as extensible as possible to support diverse computations on this data. To address this conflict between extensibility and security, this thesis relies on an architecture including third-party modules coupled with hardware security mechanisms called Trusted Executions Environments. In this context, we propose security building blocks to limit data leakage resulting from the use of these third-party modules as well as execution strategies implementing these building blocks and limiting the impact on performances.