1. (10%) State the problem the paper is attempting to resolve.
This paper is trying to demonstrate how Airavat, a MapReduce-based system for dispersed calculations provides end-to-end confidentiality, stability, and privacy guarantees utilizing a combination of mandatory access control and differential personal privacy which offers security and privacy assurances against data leak.
2. (20%) State the primary contribution of the paper: fixing a brand-new issue, proposing a new algorithm, or presenting a new examination (analysis). If a new problem, why was the problem crucial? Is the issue still essential today? Will the issue be essential tomorrow? If a brand-new algorithm or brand-new examination (analysis), what are the enhancements over previous algorithms or examinations? How do they develop the new algorithm or evaluation?
The main contribution of the paper is that Airavat constructs on mandatory gain access to control (MAC) and differential personal privacy to make sure untrusted MapReduce computations on delicate information do not leak private details and provide privacy, integrity, and personal privacy warranties.
The goal is to avoid harmful computation providers from violating personal privacy policies an information service provider imposes on the data to prevent leaking info about individual products in the data.
The system is executed as a modification to MapReduce and the Java virtual device, and operates on top of SELinux
3. (15%) Summarize the (at a lot of) 3 crucial primary concepts (each in 1 sentence.).
( 1) First work to add MAC and differential privacy to mapreduce. (2) Proposes a brand-new framework for personal privacy preserving mapreduce calculations. (3) Confines untrusted code.
4. (30%) Critique the primary contribution.
a. Rate the significance of the paper on a scale of 5 (development), 4 (significant contribution), 3 (modest contribution), 2 (incremental contribution), 1 (no contribution or negative contribution). Describe your ranking in a sentence or more.
This system provides security and privacy guarantees for distributed computations on sensitive data at the ends. However, the data still can be leaked in the cloud. Because multiple machines are involved in the computation and malicious worker can sent the intermediate data to the outside system, which threatens the privacy of the input data. Even not to this extent, temporary data is stored in the workers and those data can be fetched even after computation is done.
b. Rate how convincing the methodology is: how do the authors justify the solution approach or evaluation? Do the authors use arguments, analyses, experiments, simulations, or a combination of them? Do the claims and conclusions follow from the arguments, analyses or experiments? Are the assumptions realistic (at the time of the research)? Are the assumptions still valid today? Are the experiments well designed? Are there different experiments that would be more convincing? Are there other alternatives the authors should have considered? (And, of course, is the paper free of methodological errors.)
c. What is the most important limitation of the approach?
As the authors mention, one computation provider could exhaust this budget on a dataset for all other computation providers and use more than its fair share. While there is some estimation of effective parameters, there are a large number of parameters that must be set for Airavat to work properly. This increases the probability of misconfigurations or configurations that might severely limit the computations that can be performed on the data.
5. (15%) What lessons should researchers and builders take away from this work. What (if any) questions does this work leave open?
The current implementation of Airavat supports both trusted and untrusted Mappers, but Reducers must be trusted and they also modified the JVM to make mappers independent (using invocation numbers to identify current and previous mappers). They also modified the reducer to provide differential privacy. From the data provider’s perspective they must provide several privacy parameters like- privacy group and privacy budget.
6. (10%) Propose your improvement on the same problem.
I have no suggested improvements.
Cite this page
Paper Critique: “Airavat: Security and Privacy for Mapreduce”. (2016, Nov 17). Retrieved from https://studymoose.com/paper-critique-airavat-security-and-privacy-for-mapreduce-essay