K9db: {Privacy-Compliant} Storage For Web Applications By Construction

Kinan Dak Albab; Ishan Sharma; Justus Adam; Benjamin Kilimnik; Aaron Jeyaraj; Raj Paul; Artem Agvanian; Leonhard Spiegelberg; Malte Schwarzkopf

Authors:

Kinan Dak Albab, Ishan Sharma, Justus Adam, Benjamin Kilimnik, Aaron Jeyaraj, Raj Paul, Artem Agvanian, Leonhard Spiegelberg, and Malte Schwarzkopf, Brown University

Abstract:

Data privacy laws like the EU's GDPR grant users new rights, such as the right to request access to and deletion of their data. Manual compliance with these requests is error-prone and imposes costly burdens especially on smaller organizations, as non-compliance risks steep fines.

K9db is a new, MySQL-compatible database that complies with privacy laws by construction. The key idea is to make the data ownership and sharing semantics explicit in the storage system. This requires K9db to capture and enforce applications' complex data ownership and sharing semantics, but in exchange simplifies privacy compliance. Using a small set of schema annotations, K9db infers storage organization, generates procedures for data retrieval and deletion, and reports compliance errors if an application risks violating the GDPR.

Our K9db prototype successfully expresses the data sharing semantics of real web applications, and guides developers to getting privacy compliance right. K9db also matches or exceeds the performance of existing storage systems, at the cost of a modest increase in state size.

Kinan Dak Albab, Brown University

Ishan Sharma, Brown University

Justus Adam, Brown University

Benjamin Kilimnik, Brown University

Aaron Jeyaraj, Brown University

Raj Paul, Brown University

Artem Agvanian, Brown University

Leonhard Spiegelberg, Brown University

Malte Schwarzkopf, Brown University

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX

@inproceedings {288536,
author = {Kinan Dak Albab and Ishan Sharma and Justus Adam and Benjamin Kilimnik and Aaron Jeyaraj and Raj Paul and Artem Agvanian and Leonhard Spiegelberg and Malte Schwarzkopf},
title = {K9db: {Privacy-Compliant} Storage For Web Applications By Construction},
booktitle = {17th USENIX Symposium on Operating Systems Design and Implementation (OSDI 23)},
year = {2023},
isbn = {978-1-939133-34-2},
address = {Boston, MA},
pages = {99--116},
url = {https://www.usenix.org/conference/osdi23/presentation/albab},
publisher = {USENIX Association},
month = jul
}

Download

Albab PDF

View the slides

K9db: Privacy-Compliant Storage For Web Applications By Construction