revisiting the privacy needs of real-world applicable ... · 2 jan pennekamp...
TRANSCRIPT
https://comsys.rwth-aachen.de/
Revisiting the Privacy Needs of Real-World Applicable Company
Benchmarking
Jan Pennekamp, Patrick Sapel, Ina Berenice Fink, Simon Wagner, Sebastian Reuter, Christian Hopmann, Klaus Wehrle, and Martin Henze
Virtual Event / WAHC 2020, 15th December 2020
2 Jan [email protected]
Vision of an Internet of Production (IoP)
� Federal-funded research cluster in Aachen, Germany� Over 35 institutes in Aachen, ~ 50 Mio € in funding
� Goal is to create a “World Wide Lab”� To utilize data from production, development and usage
� In real time (adaptively) with an adequate level of granularity
� Even in cross-domain collaboration
2 Funded by the Deutsche Forschungsgemeinschaft (DFG, German Research Foundation) under Germany‘s Excellence Strategy – EXC-2023 Internet of Production – 390621612
How to identify unrealized potentials in industrial settings?
3 Jan [email protected]
An Introduction to Company Benchmarking
2
4
6
8
10
Overall Company Performance
Finance
Efficiency of the manufacturing equipment
Efficiency of theproduct range
Efficiency of themanufacturing processes
Staff
Quality andcustomer
satisfaction
Maximum Company Average 10 = good; 1 = bad
� Measure performance� Based on KPIs
� Includes several aspects
¾Business perspective¾Operational practices¾…
� Identify potentials� Adapt own business
processes to catch up
� Utility improves with the number of participants
� Advance overall state (in production)
4 Jan [email protected]
Scenario: Stakeholders in Benchmarking Services
Company n
Company 1
Benchmark Service
Analyst
Participate in Benchmarking
ProvidesAlgorithm
Storage Statistics
ComputesBenchmark
Require a solution that (a) addresses the concerns of allparticipants and the analyst and (b) is ready for today’s use
Access to Data (Company Inputs)
Access to Algorithm(Analyst’s Property)
Keep sensitive data private
Protect the algorithm
5 Jan [email protected]
Data Challenges for Benchmarking Platforms
ComputedKPI xyz [%]
Best in ClassWorst in Class AverageOwn
95.337.1 71.657.4
Output/Result
� Compare to and learn from other “similar” companies
• Company Privacy• Raw data is sensitive• Fear of data leaks & a loss
of competitive advantage• “Own” result should be
known exclusively
• Exactness• Identified potential
should be accurate• Participants pay to get
access to the results • Disallows abstraction
Company privacy & exactness define the utility of a benchmarkand encourage companies to participate
6 Jan [email protected]
Platform-specific Challenges
• Complexity• KPIs are based on
complex computations• Different operators and
inputs required
• Algo. Confidentiality• Lots of effort invested in
constructing the algo.• Competitive advantage
of the analyst
• Flexibility• Easy to deploy & use• Companies participate
at own discretion• Future-proof
Essential for real-world applicability
Not considered by related work!
Not considered by related work!
7 Jan [email protected]
Cryptographic Primitives and Related Work
� Several approaches considered benchmarking settings� However: Focus on private comparison of KPIs, not their derivation� Thus, real-world value is questionable (also due to used primitives)
� Several cryptographic primitives are available� Secure Multi-Party Computation
¾Round-based approaches contradict flexibility¾Proposed approaches leak the algorithm or do not consider its sensitivity!¾Overhead in terms of computation and communication?
� Homomorphic Encryption
� Zero Knowledge Proofs (?)
� …
Related work is insufficient for industrial settings, andcentralized (plaintext) solutions are not an option either!
8 Jan [email protected]
Shares Enc.Aggregates
Statistics Server
PCB: Privacy-preserving Company Benchmarking
Company n
Requests Enc. Inputs& Calculations
Provides Enc. Inputs & Results
ProvidesAlgorithm
Company 1
Analyst
Privacy Proxy
Provides KPI Statistics
Encrypted Storage
ComputesBenchmark
∑
1
2
3
4
OffloadsComplex
CalculationsB
5
LocalCalculationsA
Operates
6
Protects the algorithm!
Access to aggregates only!Own KPIs only locally known
(Raw) Data is encrypted
Complete independenceof participants
Flexibility introducedthrough offloading
Usability eased withweb-based client
Unique key per Company
Statistic Server’s key
9 Jan [email protected]
Realization of PCB
� Offloading & algorithm confidentiality� Operations not supported by HE are computed by the participants
� Tunable obfuscation of the algorithm using
¾Randomization of requests (and computation)¾Dummy requests (discarded afterward)¾Blinding of computations (supported even without private HE key)
� Web-based client for usability� Requiring a web browser only
� No other dependencies (implements calculations and HE in WebAssembly)
� Participants only need to interact with the browser, no challenging setup required
Privacy Proxy
10 Jan [email protected]
Implementation & Evaluation of PCB
� Python prototype with an additional WebAssembly client� Microsoft SEAL with FHE CKKS scheme
� For support of floating point numbers
� Configured 128 bit-level security (polynomial modulus of 16,384)
� Our prototype identifies extrema with OPE for simplicity� A more secure HE-based approach should be used in the real world
Single Operations1
Nested Computations2
Real-World Evaluation3
30 runs99% CI
Intel i5-2410M4GB RAM & HDD
no network constrains
11 Jan [email protected]
Single Operations & Nested Computations1 2
No network effects captured!HE overhead as expected
Linear scalability for long chains is acceptable
1
2
12 Jan [email protected]
Real-World Company Benchmark
� Domain of injection molding� Companies answered paper questionnaires
� Presentation of results individually by analyst
� Conducted in 2014
� 48 KPIs derived� 674 inputs� 2173 operations
� 1429 locally
� 744 offloaded� 15 layers of formula
3
13 Jan [email protected]
Real-World Performance Results3
Aggregation is negligible
Observed runtime and traffic are real-world feasible
8.7 min 6.7 GB
Exactness
Network
Complexity
14 Jan [email protected]
� Real-world benchmarks must considercompany privacy and algorithm confidentiality� Related work previously neglected the algorithm’s value!
� To address these needs,we propose our HE-basedbenchmark service PCB
� Our evaluation based on a real-world benchmark underlines its applicability in today’s industrial settings� Thus, we enable companies to identify potentials with a ready design
Conclusion: PCB – A Privacy-Preserving Benchmark
Thank you for your attention!
6
Statistics Server
Analyst
Privacy Proxy
∑
1
2
3
4
B
5
A