Petrus team @ Inria & Univerity Paris Saclay (Versailles, France)
Supervisors: Iulian Sandu Popa (iulian.sandu-popa@uvsq.fr) and Nicolas Anciaux (nicolas.anciaux@inria.fr) — Applications to be sent by email with CV and cover letter.
Thesis objectives. The targeted approach leads to a paradigm shift, as the processing code on user data comes to the data and not the other way around. However, this does not guarantee secure processing. The aim of this thesis is to design and implement strategies for running personal data classification and learning algorithms, while guaranteeing each user participating in the computation with her data an upper bound on the potential leakage of data concerning her (quantifiable as a function of the type of computation, the data, …) during the computation. Preliminary work has made it possible to guarantee minimal leakage when running simple statistics (sum or average) on a single user’s data [3,4]. The aim of this thesis will be to propose and implement solutions for processing complex data (such as images) and advanced processing such as classification and learning algorithms, on populations of users.
This thesis is part of the PEPR (Priority Research Program and Equipment) Cybersecurity iPoP (interdisciplinary Project on Privacy) project involving several internationally recognized French research teams working on data protection, from universities, engineering schools and national research organizations, as well as the CNIL (French National Commission on Information Technology and Civil Liberties).
Profile and skills required: Data management systems, classification techniques, machine learning techniques; Interest in system aspects, privacy, security and trusted environments; Notions of C++ programming.
Thesis location: Petrus project-team, Versailles, France
[1] Nicolas Anciaux, Philippe Bonnet, Luc Bouganim, Benjamin Nguyen, Philippe Pucheral, Iulian Sandu Popa, Guillaume Scerri. « Personal Data Management Systems: The security and functionality standpoint ». Information Systems 80, 2019. pdf
[2] Nicolas Anciaux, Luc Bouganim, Philippe Pucheral, Iulian Sandu Popa, Guillaume Scerri. « Personal Database Security and Trusted Execution Environments: A Tutorial at the Crossroads ». Tutorial at PVLDB 12(12), 2019.
[3] Robin Carpentier, Iulian Sandu Popa, Nicolas Anciaux: Data Leakage Mitigation of User-Defined Functions on Secure Personal Data Management Systems. SSDBM 2022. pdf
[4] Robin Carpentier, Floris Thiant, Iulian Sandu Popa, Nicolas Anciaux, Luc Bouganim: An Extensive and Secure Personal Data Management System Using SGX. EDBT 2022. pdf
