Building a Privacy Web with SPIDEr -- Secure Pipeline for Information De-Identification with End-to-End Encryption

TL;DR

SPIDEr is an end-to-end encrypted data de-identification pipeline leveraging TEEs, supporting various anonymization techniques including formal privacy guarantees, with scalable batch processing for differential privacy on constrained hardware.

Contribution

The paper introduces SPIDEr, a novel secure pipeline enabling privacy-preserving data de-identification with end-to-end encryption and scalable differential privacy on TEE hardware.

Findings

Supports classical and formal privacy techniques like k-anonymity and differential privacy.

Enables scalable batch processing for differential privacy on constrained TEE hardware.

Provides a secure control flow with attestation for trusted execution environments.

Abstract

Data de-identification makes it possible to glean insights from data while preserving user privacy. The use of Trusted Execution Environments (TEEs) allow for the execution of de-identification applications on the cloud without the need for a user to trust the third-party application provider. In this paper, we present \textit{SPIDEr - Secure Pipeline for Information De-Identification with End-to-End Encryption}, our implementation of an end-to-end encrypted data de-identification pipeline. SPIDEr supports classical anonymisation techniques such as suppression, pseudonymisation, generalisation, and aggregation, as well as techniques that offer a formal privacy guarantee such as k-anonymisation and differential privacy. To enable scalability and improve performance on constrained TEE hardware, we enable batch processing of data for differential privacy computations. We present our design of the control flows for end-to-end secure execution of de-identification operations within a TEE. As part of the control flow for running SPIDEr within the TEE, we perform attestation, a process that verifies that the software binaries were properly instantiated on a known, trusted platform.