Airavat: Security and Privacy for MapReduce
We present Airavat, a MapReduce-based system which provides strong security and privacy guarantees for distributed computations on sensitive data. Airavat is a novel integration of mandatory access control and differential privacy. Data providers control the security policy for their sensitive data, including a mathematical bound on potential privacy violations. Users without security expertise can perform computations on the data, but Airavat conﬁnes these computations, preventing information leakage beyond the data providerís policy. Our prototype implementation demonstrates the ﬂexibility of Airavat on several case studies. The prototype is efﬁcient, with run times on Amazonís cloud computing infrastructure within 32% of a MapReduce system with no security.