A Breakthrough in Anonymity X Utility for Anonymized Analytics

Paul Francis (Max Planck Institute for Software Systems & Aircloak)

Working over the past few years in close conjunction with the MPI-SWS spinoff Aircloak, we have developed what we believe is a breakthrough in the anonymity X utility “product”.  Our system, dubbed the “Cloak”, may be installed in front of any existing SQL database (unmodified), with negligible configuration.  Untrusted analysts may submit an unlimited number of SQL queries to the database through the Cloak with, so far as we know, virtually no possibility of inferring individual user information from the answers.  The noise added by the Cloak is minimal: Gaussian with a typical standard deviation of 2 for counting queries. The SQL queries may be composed of the “aggregate subset” of SQL, which includes most standard math, string, datetime, and aggregate functions, as well as custom functions.  This talk will describe cloak operation, present a case study based on a real medical database, and give an overview of the anonymization mechanisms.

About Paul Franics
Paul Francis is a tenured faculty at the Max Planck Institute for Software Systems in Germany. Paul has held research positions at Cornell University, ACIRI, NTT Software Labs, Bellcore, and MITRE, and was Chief Scientist at two Silicon Valley startups. In the past, Paul’s research centered around routing and addressing problems in the Internet and P2P networks. Paul’s innovations include NAT, shared-tree multicast, the first P2P multicast system, the first DHT (as part of landmark routing), and Virtual Aggregation. More recently, Paul’s research has focused on Internet privacy with a focus on private behavioral advertising systems and anonymized analytics. Paul is cofounder of the startup Aircloak.

About Aircloak
Aircloak is a startup, based in Germany which is building a system that provides rich and accurate analytics over user data while keeping the data anonymous. More information here.