Airavat: Security and Privacy for MapReduce
Paper Critique: “Airavat: Security and Privacy for MapReduce”
Reviewer: Jeffrey A. Ingalsbe
1. (10%) State the problem the paper is trying to solve.
This paper is trying to demonstrate how Airavat, a MapReduce-based system for distributed computations provides end-to-end confidentiality, integrity, and privacy guarantees using a combination of mandatory access control and differential privacy which provides security and privacy guarantees against data leakage.
2. (20%) State the main contribution of the paper: solving a new problem, proposing a new algorithm, or presenting a new evaluation (analysis). If a new problem, why was the problem important? Is the problem still important today? Will the problem be important tomorrow? If a new algorithm or new evaluation (analysis), what are the improvements over previous algorithms or evaluations? How do they come up with the new algorithm or evaluation?
The main contribution of the paper is that Airavat builds on mandatory access control (MAC) and differential privacy to ensure untrusted MapReduce computations on sensitive data do not leak private information and provide confidentiality, integrity, and privacy guarantees. The goal is to prevent malicious computation providers from violating privacy policies a data provider imposes on the data to prevent leaking information about individual items in the data. The system is implemented as a modification to MapReduce and the Java virtual machine, and runs on top of SELinux
3. (15%) Summarize the (at most) 3 key main ideas (each in 1 sentence.)
(1) First work to add MAC and differential privacy to mapreduce.
(2) Proposes a new framework for privacy preserving mapreduce computations.
(3) Confines untrusted code.
4. (30%) Critique the main contribution a. Rate the significance of the paper on a scale of 5 (breakthrough), 4 (significant contribution), 3 (modest contribution), 2 (incremental contribution), 1 (no contribution or
Reviewer: Jeffrey A. Ingalsbe
1. (10%) State the problem the paper is trying to solve.
This paper is trying to demonstrate how Airavat, a MapReduce-based system for distributed computations provides end-to-end confidentiality, integrity, and privacy guarantees using a combination of mandatory access control and differential privacy which provides security and privacy guarantees against data leakage.
2. (20%) State the main contribution of the paper: solving a new problem, proposing a new algorithm, or presenting a new evaluation (analysis). If a new problem, why was the problem important? Is the problem still important today? Will the problem be important tomorrow? If a new algorithm or new evaluation (analysis), what are the improvements over previous algorithms or evaluations? How do they come up with the new algorithm or evaluation?
The main contribution of the paper is that Airavat builds on mandatory access control (MAC) and differential privacy to ensure untrusted MapReduce computations on sensitive data do not leak private information and provide confidentiality, integrity, and privacy guarantees. The goal is to prevent malicious computation providers from violating privacy policies a data provider imposes on the data to prevent leaking information about individual items in the data. The system is implemented as a modification to MapReduce and the Java virtual machine, and runs on top of SELinux
3. (15%) Summarize the (at most) 3 key main ideas (each in 1 sentence.)
(1) First work to add MAC and differential privacy to mapreduce.
(2) Proposes a new framework for privacy preserving mapreduce computations.
(3) Confines untrusted code.
4. (30%) Critique the main contribution a. Rate the significance of the paper on a scale of 5 (breakthrough), 4 (significant contribution), 3 (modest contribution), 2 (incremental contribution), 1 (no contribution or