Tue 20 Jun 2023 10:00 - 10:20 at Cypress 1 - PLDI: Security Chair(s): Limin Jia

As more organizations are leveraging third-party cloud and edge data centers to process data efficiently, the issue of preserving data confidentiality becomes increasingly important. In response, numerous security mechanisms have been introduced and promoted in recent years including software-based ones such as homomorphic encryption, as well as hardware-based ones such as Intel SGX and AMD SEV. However these mechanisms vary in their security properties, performance characteristics, availability, and application modalities, making it hard for programmers to judiciously choose and correctly employ the right one for a given data query.

This paper presents a mechanism-independent approach to distributed confidentiality-preserving data analytics. Our approach hinges on a core programming language which abstracts the intricacies of individual security mechanisms. Data is labeled using custom confidentiality levels arranged along a lattice in order to capture its exact confidentiality constraints. High-level mappings between available mechanisms and these labels are captured through a novel expressive form of security policy. Confidentiality is guaranteed through a type system based on a novel formulation of noninterference, generalized to support our security policy definition. Queries written in a largely security-agnostic subset of our language are transformed to the full language to automatically use mechanisms in an efficient, possibly combined manner, while provably preserving confidentiality in data queries end-to-end. We prototype our approach as an extension to the popular Apache Spark analytics engine, demonstrating the significant versatility and performance benefits of our approach over single hardwired mechanisms — including in existing systems — without compromising on confidentiality.

Tue 20 Jun

Displayed time zone: Eastern Time (US & Canada) change

09:00 - 11:00
PLDI: SecurityPLDI Research Papers at Cypress 1
Chair(s): Limin Jia Carnegie Mellon University

#pldi-tue-0900-security-cypress Discord icon small YouTube icon small

09:00
20m
Talk
Obtaining Information Leakage Bounds via Approximate Model Counting
PLDI Research Papers
Seemanta Saha University of California Santa Barbara, Surendra Ghentiyala University of California Santa Barbara, Shihua Lu University of California Santa Barbara, Lucas Bang Harvey Mudd College, Tevfik Bultan University of California at Santa Barbara
DOI
09:20
20m
Talk
CommCSL: Proving Information Flow Security for Concurrent Programs using Abstract Commutativity
PLDI Research Papers
Marco Eilers ETH Zurich, Thibault Dardinier ETH Zurich, Peter Müller ETH Zurich
DOI
09:40
20m
Talk
Discrete Adversarial Attack to Models of Code
PLDI Research Papers
Fengjuan Gao Nanjing University of Science and Technology, Yu Wang Nanjing University, Ke Wang Visa Research
DOI
10:00
20m
Talk
Generalized Policy-Based Noninterference for Efficient Confidentiality-Preservation
PLDI Research Papers
Shamiek Mangipudi Università della Svizzera italiana (USI), Pavel Chuprikov USI Lugano, Patrick Eugster USI Lugano; Purdue University, Malte Viering TU Darmstadt, Savvas Savvides Purdue University
DOI
10:20
20m
Talk
Taype: A Policy-Agnostic Language for Oblivious Computation
PLDI Research Papers
Qianchuan Ye Purdue University, Benjamin Delaware Purdue University
DOI
10:40
20m
Talk
Automated Detection of Under-Constrained Circuits in Zero-Knowledge Proofs
PLDI Research Papers
Shankara Pailoor University of Texas at Austin, Yanju Chen University of California at Santa Barbara, Franklyn Wang Harvard University, 0xparc, Clara Rodríguez-Núñez Complutense University of Madrid, Jacob Van Geffen Veridise Inc., Jason Morton ZKonduit, Michael Chu 0xparc, Brian Gu 0xparc, Yu Feng University of California at Santa Barbara, Işıl Dillig University of Texas at Austin
DOI