Abstract
Modern data services need to meet application developers’ demands in terms of scalability and resilience, and also support privacy regulations such as the EU’s GDPR. We outline the main systems challenges of supporting data privacy regulations in the context of large-scale data services, and advocate for causal snapshot consistency to ensure application-level and privacy-level consistency. We present Pods, an extension to the dataflow model that allows external services to access snapshotted operator state directly, with built-in support for addressing the outlined privacy challenges, and summarize open questions and research directions.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Akidau, T., et al.: Millwheel: fault-tolerant stream processing at internet scale. Proc. VLDB Endow. 6(11), 1033–1044 (2013). https://doi.org/10.14778/2536222.2536229, http://www.vldb.org/pvldb/vol6/p1033-akidau.pdf
Akidau, T., et al.: The dataflow model: a practical approach to balancing correctness, latency, and cost in massive-scale, unbounded, out-of-order data processing. Proc. VLDB Endow. 8(12), 1792–1803 (2015). https://doi.org/10.14778/2824032.2824076, http://www.vldb.org/pvldb/vol8/p1792-Akidau.pdf
Arfelt, E., Basin, D., Debois, S.: Monitoring the GDPR. In: Sako, K., Schneider, S., Ryan, P.Y.A. (eds.) ESORICS 2019. LNCS, vol. 11735, pp. 681–699. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-29959-0_33
Burckhardt, S., Gillum, C., Justo, D., Kallas, K., McMahon, C., Meiklejohn, C.S.: Serverless workflows with durable functions and netherite. CoRR abs/2103.00033 (2021). https://arxiv.org/abs/2103.00033
California Legislature: California consumer privacy act of 2018 (CCPA) (2018). https://leginfo.legislature.ca.gov/faces/codes_displayText.xhtml?division=3.&part=4.&lawCode=CIV&title=1.81.5
Carbone, P., Ewen, S., Fóra, G., Haridi, S., Richter, S., Tzoumas, K.: State management in apache flink®: consistent stateful distributed stream processing. Proc. VLDB Endow. 10(12), 1718–1729 (2017). https://doi.org/10.14778/3137765.3137777, http://www.vldb.org/pvldb/vol10/p1718-carbone.pdf
Carbone, P., Katsifodimos, A., Ewen, S., Markl, V., Haridi, S., Tzoumas, K.: Apache Flink™: stream and batch processing in a single engine. IEEE Data Eng. Bull. 38(4), 28–38 (2015). http://sites.computer.org/debull/A15dec/p28.pdf
Chandy, K.M., Lamport, L.: Distributed snapshots: determining global states of distributed systems. ACM Trans. Comput. Syst. 3(1), 63–75 (1985). https://doi.org/10.1145/214451.214456
Council of the European Union: Regulation (EU) 2016/679 of the European parliament and of the council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing directive 95/46/ec (general data protection regulation) (2016). https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=OJ:L:2016:119:TOC
Fragkoulis, M., Carbone, P., Kalavri, V., Katsifodimos, A.: A survey on the evolution of stream processing systems. CoRR abs/2008.00842 (2020). https://arxiv.org/abs/2008.00842
Gjengset, J., et al.: Noria: dynamic, partially-stateful data-flow for high-performance web applications. In: Arpaci-Dusseau, A.C., Voelker, G. (eds.) 13th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2018, Carlsbad, CA, USA, 8–10 October 2018, pp. 213–231. USENIX Association (2018). https://www.usenix.org/conference/osdi18/presentation/gjengset
Lightbend Inc: Akka. https://akka.io/. Accessed 21 May 2021
Murray, D.G., McSherry, F., Isaacs, R., Isard, M., Barham, P., Abadi, M.: Naiad: a timely dataflow system. In: Kaminsky, M., Dahlin, M. (eds.) ACM SIGOPS 24th Symposium on Operating Systems Principles, SOSP ’13, Farmington, PA, USA, 3–6 November 2013, pp. 439–455. ACM (2013). https://doi.org/10.1145/2517349.2522738
Sabelfeld, A., Sands, D.: Dimensions and principles of declassification. In: 18th IEEE Computer Security Foundations Workshop, (CSFW-18 2005), 20–22 June 2005, Aix-en-Provence, France, pp. 255–269. IEEE Computer Society (2005). https://doi.org/10.1109/CSFW.2005.15
Salvaneschi, G., Köhler, M., Sokolowski, D., Haller, P., Erdweg, S., Mezini, M.: Language-integrated privacy-aware distributed queries. In: Proceedings ACM Programming Language 3(OOPSLA), pp. 167:1–167:30 (2019). https://doi.org/10.1145/3360593
Schwarzkopf, M., Kohler, E., Frans Kaashoek, M., Morris, R.: Position: GDPR compliance by construction. In: Gadepally, V., et al. (eds.) DMAH/Poly -2019. LNCS, vol. 11721, pp. 39–53. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-33752-0_3
Sreekanti, V., et al.: Cloudburst: stateful functions-as-a-service. Proc. VLDB Endow. 13(11), 2438–2452 (2020). http://www.vldb.org/pvldb/vol13/p2438-sreekanti.pdf
Stonebraker, M., Çetintemel, U.: “One size fits all”: an idea whose time has come and gone. In: Aberer, K., Franklin, M.J., Nishio, S. (eds.) Proceedings of the 21st International Conference on Data Engineering, ICDE 2005, 5–8 April 2005, Tokyo, Japan, pp. 2–11. IEEE Computer Society (2005). https://doi.org/10.1109/ICDE.2005.1
Stonebraker, M., Mattson, T.G., Kraska, T., Gadepally, V.: Poly’19 workshop summary: GDPR. SIGMOD Rec. 49(3), 55–58 (2020). https://doi.org/10.1145/3444831.3444842
The Apache Software Foundation: Apache Flink stateful functions (2021). https://flink.apache.org/stateful-functions.html. Accessed 14 June 2021
Volpano, D.M., Irvine, C.E., Smith, G.: A sound type system for secure flow analysis. J. Comput. Secur. 4(2/3), 167–188 (1996). https://doi.org/10.3233/JCS-1996-42-304
Wang, L., et al.: Data capsule: a new paradigm for automatic compliance with data privacy regulations. In: Gadepally, V., et al. (eds.) DMAH/Poly -2019. LNCS, vol. 11721, pp. 3–23. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-33752-0_1
Zhang, W., Fang, V., Panda, A., Shenker, S.: Kappa: a programming framework for serverless computing. In: Fonseca, R., Delimitrou, C., Ooi, B.C. (eds.) SoCC 2020: ACM Symposium on Cloud Computing, Virtual Event, USA, 19–21 October 2020, pp. 328–343. ACM (2020). https://doi.org/10.1145/3419111.3421277
Acknowledgements
We would like to thank the anonymous reviewers for their helpful comments. This work was partially funded by the Swedish Foundation for Strategic Research (SSF grant no. BD15-0006) and by Digital Futures.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Spenger, J., Carbone, P., Haller, P. (2021). WIP: Pods: Privacy Compliant Scalable Decentralized Data Services. In: Rezig, E.K., et al. Heterogeneous Data Management, Polystores, and Analytics for Healthcare. DMAH Poly 2021 2021. Lecture Notes in Computer Science(), vol 12921. Springer, Cham. https://doi.org/10.1007/978-3-030-93663-1_7
Download citation
DOI: https://doi.org/10.1007/978-3-030-93663-1_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-93662-4
Online ISBN: 978-3-030-93663-1
eBook Packages: Computer ScienceComputer Science (R0)