Personalized Services in a Privacy-Preserving Datacenter

Privacy is a growing concern for users and regulators, but collecting personal information enables companies to deliver a better user experience. Thus, we present a general framework for building services that are both personalized and privacy-preserving. The framework leverages small protected modules running in the datacenter. These isolated and verifiable modules operate on behalf of the user to personalize queries based on encrypted personal information. We will demonstrate a prototype location-based search service that returns results based on the user’s exact location without revealing that location to the datacenter.

In the second part of the talk, we present new techniques for private data retrieval that hide even the statistical information that might otherwise be revealed by the pattern of data accesses. These techniques rely on a new model for oblivious RAM that is adapted to the realities of modern datacenters. We present our initial findings and proposed implementation for privately retrieving Bing Map tiles.