UC Berkeley

Data analysis has become an indispensable part of today’s society and is greatly impacting our everyday life. At the same time, a variety of privacy attacks are threatening data sovereignty and safety in each step of data analysis from data collection to result release. Preservation of data privacy has been studied through various lens, and can be roughly classified into two categories: the top-down approach (e.g. General Data Protection Regulation) attempts to design a set of universal rules to regulate sensitive data, and the bottom-up approach (e.g. differential privacy) targets concrete privacy challenges and solves them from an algorithmic perspective.

These two approaches, although have achieved great success separately, suffer from their intrinsic defects as well. Specifically, 1) the effective enforcement of the top-down regulations and 2) the design of the bottom-up algorithms for various applications with different trade-offs have been critical problems to solve. Fortunately, these two approaches are complementary and can become more powerful once used together. The top-down approach can be used for guidance when designing bottom-up solutions and the bottom-up methods can be leveraged to enforce the top-down regulations.

In this dissertation, the researcher presents an end-to-end framework, namely Aegis. Aegis comprises two main components, a sub-system verifying the compliance between a privacy regulation and a data analysis task, and a library of standardized privacy-preserving algorithms to implement the data analysis tasks. These two components respectively address challenges 1) and 2) mentioned above to some extent. Furthermore, by gluing the two approaches, \aegis magnifies their advantages and promotes a new privacy-preserving data analysis paradigm.