{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,14]],"date-time":"2026-01-14T15:46:31Z","timestamp":1768405591957,"version":"3.49.0"},"reference-count":71,"publisher":"Association for Computing Machinery (ACM)","issue":"PLDI","license":[{"start":{"date-parts":[[2023,6,6]],"date-time":"2023-06-06T00:00:00Z","timestamp":1686009600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc-nd\/4.0\/"}],"funder":[{"name":"Cisco Research University Funding","award":["2853380"],"award-info":[{"award-number":["2853380"]}]},{"name":"Hasler Foundation","award":["20053"],"award-info":[{"award-number":["20053"]}]},{"name":"Meta Security Research","award":["474960397718052"],"award-info":[{"award-number":["474960397718052"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["Proc. ACM Program. Lang."],"published-print":{"date-parts":[[2023,6,6]]},"abstract":"<jats:p>As more organizations are leveraging third-party cloud and edge data centers to process data efficiently, the issue of preserving data confidentiality becomes increasingly important. In response, numerous security mechanisms have been introduced and promoted in recent years including software-based ones such as homomorphic encryption, as well as hardware-based ones such as Intel SGX and AMD SEV. However these mechanisms vary in their security properties, performance characteristics, availability, and application modalities, making it hard for programmers to judiciously choose and correctly employ the right one for a given data query.<\/jats:p><jats:p>This paper presents a mechanism-independent approach to distributed confidentiality-preserving data analytics. Our approach hinges on a core programming language which abstracts the intricacies of individual security mechanisms. Data is labeled using custom confidentiality levels arranged along a lattice in order to capture its exact confidentiality constraints. High-level mappings between available mechanisms and these labels are captured through a novel expressive form of security policy. Confidentiality is guaranteed through a type system based on a novel formulation of noninterference, generalized to support our security policy definition. Queries written in a largely security-agnostic subset of our language are transformed to the full language to automatically use mechanisms in an efficient, possibly combined manner, while provably preserving confidentiality in data queries end-to-end. We prototype our approach as an extension to the popular Apache Spark analytics engine, demonstrating the significant versatility and performance benefits of our approach over single hardwired mechanisms --- including in existing systems --- without compromising on confidentiality.<\/jats:p>","DOI":"10.1145\/3591231","type":"journal-article","created":{"date-parts":[[2023,6,6]],"date-time":"2023-06-06T20:06:24Z","timestamp":1686081984000},"page":"267-291","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["Generalized Policy-Based Noninterference for Efficient Confidentiality-Preservation"],"prefix":"10.1145","volume":"7","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-9510-7665","authenticated-orcid":false,"given":"Shamiek","family":"Mangipudi","sequence":"first","affiliation":[{"name":"USI Lugano, Switzerland"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6673-1143","authenticated-orcid":false,"given":"Pavel","family":"Chuprikov","sequence":"additional","affiliation":[{"name":"USI Lugano, Switzerland"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3864-9078","authenticated-orcid":false,"given":"Patrick","family":"Eugster","sequence":"additional","affiliation":[{"name":"USI Lugano, Switzerland"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4466-6299","authenticated-orcid":false,"given":"Malte","family":"Viering","sequence":"additional","affiliation":[{"name":"TU Darmstadt, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2971-0933","authenticated-orcid":false,"given":"Savvas","family":"Savvides","sequence":"additional","affiliation":[{"name":"Purdue University, USA"}]}],"member":"320","published-online":{"date-parts":[[2023,6,6]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/3453483.3454074"},{"key":"e_1_2_1_2_1","volume-title":"Orthogonal Security with Cipherbase. In Conference on Innovative DataSystems Research (CIDR \u201913)","author":"Arasu Arvind","year":"2013","unstructured":"Arvind Arasu , Spyros Blanas , Ken Eguro , Raghav Kaushik , Donald Kossmann , Ravishankar Ramamurthy , and Ramarathnam Venkatesan . 2013 . Orthogonal Security with Cipherbase. In Conference on Innovative DataSystems Research (CIDR \u201913) . Arvind Arasu, Spyros Blanas, Ken Eguro, Raghav Kaushik, Donald Kossmann, Ravishankar Ramamurthy, and Ramarathnam Venkatesan. 2013. Orthogonal Security with Cipherbase. In Conference on Innovative DataSystems Research (CIDR \u201913)."},{"key":"e_1_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/2723372.2742797"},{"key":"e_1_2_1_4_1","volume-title":"SCONE: Secure Linux Containers with Intel SGX. In USENIX Symposium on Operating Systems Design and Implementation (OSDI \u201916)","author":"Arnautov Sergei","year":"2016","unstructured":"Sergei Arnautov , Bohdan Trach , Franz Gregor , Thomas Knauth , Andre Martin , Christian Priebe , Joshua Lind , Divya Muthukumaran , Dan O\u2019Keeffe , Mark L. Stillwell , David Goltzsche , Dave Eyers , R\u00fcdiger Kapitza , Peter R. Pietzuch , and Christof Fetzer . 2016 . SCONE: Secure Linux Containers with Intel SGX. In USENIX Symposium on Operating Systems Design and Implementation (OSDI \u201916) . Sergei Arnautov, Bohdan Trach, Franz Gregor, Thomas Knauth, Andre Martin, Christian Priebe, Joshua Lind, Divya Muthukumaran, Dan O\u2019Keeffe, Mark L. Stillwell, David Goltzsche, Dave Eyers, R\u00fcdiger Kapitza, Peter R. Pietzuch, and Christof Fetzer. 2016. SCONE: Secure Linux Containers with Intel SGX. In USENIX Symposium on Operating Systems Design and Implementation (OSDI \u201916)."},{"key":"e_1_2_1_5_1","volume-title":"ACM Conference on Data and Application Security and Privacy, (CODASPY \u201916)","author":"Balliu Musard","year":"2016","unstructured":"Musard Balliu , Benjamin Liebe , Daniel Schoepe , and Andrei Sabelfeld . 2016 . JSLINQ: Building Secure Applications across Tiers . In ACM Conference on Data and Application Security and Privacy, (CODASPY \u201916) . Musard Balliu, Benjamin Liebe, Daniel Schoepe, and Andrei Sabelfeld. 2016. JSLINQ: Building Secure Applications across Tiers. In ACM Conference on Data and Application Security and Privacy, (CODASPY \u201916)."},{"key":"e_1_2_1_6_1","volume-title":"USENIX Symposium on Operating Systems Design and Implementation (OSDI \u201914)","author":"Baumann Andrew","unstructured":"Andrew Baumann , Marcus Peinado , and Galen C. Hunt . 2014. Shielding Applications from an Untrusted Cloud with Haven . In USENIX Symposium on Operating Systems Design and Implementation (OSDI \u201914) . Andrew Baumann, Marcus Peinado, and Galen C. Hunt. 2014. Shielding Applications from an Untrusted Cloud with Haven. In USENIX Symposium on Operating Systems Design and Implementation (OSDI \u201914)."},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134054"},{"key":"e_1_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/360051.360056"},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/359636.359712"},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/2972206.2972209"},{"key":"e_1_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/3190619.3190638"},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/3139923.3139933"},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1561\/0400000042"},{"key":"e_1_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIT.1985.1057074"},{"key":"e_1_2_1_15_1","volume-title":"Felten","author":"Feldman Ariel J.","year":"2010","unstructured":"Ariel J. Feldman , William P. Zeller , Michael J. Freedman , and Edward W . Felten . 2010 . SPORC : Group Collaboration using Untrusted Cloud Resources. In USENIX Symposium on Operating Systems Design and Implementation (OSDI \u201910). Ariel J. Feldman, William P. Zeller, Michael J. Freedman, and Edward W. Felten. 2010. SPORC: Group Collaboration using Untrusted Cloud Resources. In USENIX Symposium on Operating Systems Design and Implementation (OSDI \u201910)."},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/3132747.3132782"},{"key":"e_1_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1536414.1536440"},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.1982.10014"},{"key":"e_1_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/28395.28416"},{"key":"e_1_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/2983990.2984002"},{"key":"e_1_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSF.2019.00028"},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-23082-0_5"},{"key":"e_1_2_1_23_1","volume-title":"USENIX Symposium on Operating Systems Design and Implementation (OSDI \u201914)","author":"Hawblitzel Chris","year":"2014","unstructured":"Chris Hawblitzel , Jon Howell , Jacob R. Lorch , Arjun Narayan , Bryan Parno , Danfeng Zhang , and Brian Zill . 2014 . Ironclad Apps: End-to-End Security via Automated Full-System Verification . In USENIX Symposium on Operating Systems Design and Implementation (OSDI \u201914) . Chris Hawblitzel, Jon Howell, Jacob R. Lorch, Arjun Narayan, Bryan Parno, Danfeng Zhang, and Brian Zill. 2014. Ironclad Apps: End-to-End Security via Automated Full-System Verification. In USENIX Symposium on Operating Systems Design and Implementation (OSDI \u201914)."},{"key":"e_1_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/3434316"},{"key":"e_1_2_1_25_1","unstructured":"INTEL. 2016. INTEL SGX SDK. https:\/\/01.org\/intel-software-guard-extensions INTEL. 2016. INTEL SGX SDK. https:\/\/01.org\/intel-software-guard-extensions"},{"key":"e_1_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/3187009.3177733"},{"key":"e_1_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-31424-7_54"},{"key":"e_1_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/357172.357176"},{"key":"e_1_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/3308558.3314129"},{"key":"e_1_2_1_30_1","unstructured":"Jinyuan Li Maxwell Krohn David Mazi\u00e8res and Dennis Shasha. 2004. Secure Untrusted Data Repository (SUNDR). In Operating Systems Design & Implementation (OSDI\u201904). Jinyuan Li Maxwell Krohn David Mazi\u00e8res and Dennis Shasha. 2004. Secure Untrusted Data Repository (SUNDR). In Operating Systems Design & Implementation (OSDI\u201904)."},{"key":"e_1_2_1_31_1","volume-title":"Glamdring: Automatic Application Partitioning for Intel SGX. In USENIX Annual Technical Conference (ATC \u201917)","author":"Lind Joshua","unstructured":"Joshua Lind , Christian Priebe , Divya Muthukumaran , Dan O\u2019Keeffe , Pierre-Louis Aublin , Florian Kelbert , Tobias Reiher , David Goltzsche , David M. Eyers , R\u00fcdiger Kapitza , Christof Fetzer , and Peter R. Pietzuch . 2017 . Glamdring: Automatic Application Partitioning for Intel SGX. In USENIX Annual Technical Conference (ATC \u201917) . Joshua Lind, Christian Priebe, Divya Muthukumaran, Dan O\u2019Keeffe, Pierre-Louis Aublin, Florian Kelbert, Tobias Reiher, David Goltzsche, David M. Eyers, R\u00fcdiger Kapitza, Christof Fetzer, and Peter R. Pietzuch. 2017. Glamdring: Automatic Application Partitioning for Intel SGX. In USENIX Annual Technical Conference (ATC \u201917)."},{"key":"e_1_2_1_32_1","volume-title":"ACM Symposium on Operating Systems Principles , SOSP","author":"Liu Jed","year":"2009","unstructured":"Jed Liu , Michael D. George , K. Vikram , Xin Qi , Lucas Waye , and Andrew C. Myers . 2009. Fabric: a platform for secure distributed computation and storage . In ACM Symposium on Operating Systems Principles , SOSP 2009 . Jed Liu, Michael D. George, K. Vikram, Xin Qi, Lucas Waye, and Andrew C. Myers. 2009. Fabric: a platform for secure distributed computation and storage. In ACM Symposium on Operating Systems Principles , SOSP 2009."},{"key":"e_1_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/2535925"},{"key":"e_1_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/2063509.2063512"},{"key":"e_1_2_1_35_1","doi-asserted-by":"crossref","unstructured":"Shamiek Mangipudi Pavel Chuprikov Patrick Eugster Malte Viering and Savvas Savvides. 2023. Generalized policy-based noninterference for efficient confidentiality-preservation (Supplementary Material). https:\/\/swystems.usi.ch\/files\/hydra_supplementary.pdf Shamiek Mangipudi Pavel Chuprikov Patrick Eugster Malte Viering and Savvas Savvides. 2023. Generalized policy-based noninterference for efficient confidentiality-preservation (Supplementary Material). https:\/\/swystems.usi.ch\/files\/hydra_supplementary.pdf","DOI":"10.1145\/3591231"},{"key":"e_1_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSFW.2004.9"},{"key":"e_1_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSF51468.2021.00037"},{"key":"e_1_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-48910-X_16"},{"key":"e_1_2_1_39_1","volume-title":"USENIX Symposium on Operating Systems Design and Implementation (OSDI \u201916)","author":"Papadimitriou Antonis","year":"2016","unstructured":"Antonis Papadimitriou , Ranjita Bhagwan , Nishanth Chandran , Ramachandran Ramjee , Andreas Haeberlen , Harmeet Singh , Abhishek Modi , and Saikrishna Badrinarayanan . 2016 . Big Data Analytics over Encrypted Datasets with Seabed . In USENIX Symposium on Operating Systems Design and Implementation (OSDI \u201916) . Antonis Papadimitriou, Ranjita Bhagwan, Nishanth Chandran, Ramachandran Ramjee, Andreas Haeberlen, Harmeet Singh, Abhishek Modi, and Saikrishna Badrinarayanan. 2016. Big Data Analytics over Encrypted Datasets with Seabed. In USENIX Symposium on Operating Systems Design and Implementation (OSDI \u201916)."},{"key":"e_1_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/3290388"},{"key":"e_1_2_1_41_1","doi-asserted-by":"crossref","DOI":"10.1016\/S1567-8326(04)00026-8","article-title":"A Structural Approach to Operational Semantics","author":"Plotkin Gordon D.","year":"2004","unstructured":"Gordon D. Plotkin . 2004 . A Structural Approach to Operational Semantics . Journal of Logic and Algebraic Methods Programming. Gordon D. Plotkin. 2004. A Structural Approach to Operational Semantics. Journal of Logic and Algebraic Methods Programming.","journal-title":"Journal of Logic and Algebraic Methods Programming."},{"key":"e_1_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/2330667.2330691"},{"key":"e_1_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/503272.503302"},{"key":"e_1_2_1_44_1","volume-title":"Jif: Language-based Information-flow Security in Java. CoRR, abs\/1412.8639","author":"Pullicino Kyle","year":"2014","unstructured":"Kyle Pullicino . 2014 . Jif: Language-based Information-flow Security in Java. CoRR, abs\/1412.8639 (2014), arXiv:1412.8639. arxiv:1412.8639 Kyle Pullicino. 2014. Jif: Language-based Information-flow Security in Java. CoRR, abs\/1412.8639 (2014), arXiv:1412.8639. arxiv:1412.8639"},{"key":"e_1_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSFW.1999.779776"},{"key":"e_1_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/3341301.3359660"},{"key":"e_1_2_1_47_1","volume-title":"USENIX Symposium on Operating Systems Design and Implementation, (OSDI \u201920)","author":"Roth Edo","unstructured":"Edo Roth , Hengchu Zhang , Andreas Haeberlen , and Benjamin C. Pierce . 2020. Orchard: Differentially Private Analytics at Scale . In USENIX Symposium on Operating Systems Design and Implementation, (OSDI \u201920) . Edo Roth, Hengchu Zhang, Andreas Haeberlen, and Benjamin C. Pierce. 2020. Orchard: Differentially Private Analytics at Scale. In USENIX Symposium on Operating Systems Design and Implementation, (OSDI \u201920)."},{"key":"e_1_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40001.2021.00060"},{"key":"e_1_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1109\/2.241422"},{"key":"e_1_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.14778\/3389133.3389144"},{"key":"e_1_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/3127479.3129256"},{"key":"e_1_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1145\/2628136.2628151"},{"key":"e_1_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.10"},{"key":"e_1_2_1_54_1","unstructured":"Open Enclave SDK. 2016. Open Enclave SDK. https:\/\/openenclave.io\/sdk\/ Open Enclave SDK. 2016. Open Enclave SDK. https:\/\/openenclave.io\/sdk\/"},{"key":"e_1_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1145\/3373376.3378469"},{"key":"e_1_2_1_56_1","volume-title":"Panoply: Low-TCB Linux Applications With SGX Enclaves. In Network and Distributed System Security Symposium, (NDSS \u201917)","author":"Shinde Shweta","year":"2017","unstructured":"Shweta Shinde , Dat Le Tien , Shruti Tople , and Prateek Saxena . 2017 . Panoply: Low-TCB Linux Applications With SGX Enclaves. In Network and Distributed System Security Symposium, (NDSS \u201917) . Shweta Shinde, Dat Le Tien, Shruti Tople, and Prateek Saxena. 2017. Panoply: Low-TCB Linux Applications With SGX Enclaves. In Network and Distributed System Security Symposium, (NDSS \u201917)."},{"key":"e_1_2_1_57_1","volume-title":"Nickel: A Framework for Design and Verification of Information Flow Control Systems. In USENIX Symposium on Operating Systems Design and Implementation (OSDI \u201918)","author":"Sigurbjarnarson Helgi","year":"2018","unstructured":"Helgi Sigurbjarnarson , Luke Nelson , Bruno Castro-Karney , James Bornholt , Emina Torlak , and Xi Wang . 2018 . Nickel: A Framework for Design and Verification of Information Flow Control Systems. In USENIX Symposium on Operating Systems Design and Implementation (OSDI \u201918) . Helgi Sigurbjarnarson, Luke Nelson, Bruno Castro-Karney, James Bornholt, Emina Torlak, and Xi Wang. 2018. Nickel: A Framework for Design and Verification of Information Flow Control Systems. In USENIX Symposium on Operating Systems Design and Implementation (OSDI \u201918)."},{"key":"e_1_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1109\/CloudCom.2017.42"},{"key":"e_1_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813608"},{"key":"e_1_2_1_60_1","volume-title":"Practical Confidentiality Preserving Big Data Analysis. In USENIX Workshop on Hot Topics in Cloud Computing (HotCloud \u201914)","author":"Stephen Julian James","year":"2014","unstructured":"Julian James Stephen , Savvas Savvides , Russell Seidel , and Patrick Eugster . 2014 . Practical Confidentiality Preserving Big Data Analysis. In USENIX Workshop on Hot Topics in Cloud Computing (HotCloud \u201914) . Julian James Stephen, Savvas Savvides, Russell Seidel, and Patrick Eugster. 2014. Practical Confidentiality Preserving Big Data Analysis. In USENIX Workshop on Hot Topics in Cloud Computing (HotCloud \u201914)."},{"key":"e_1_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1145\/2642937.2643006"},{"key":"e_1_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1145\/2509136.2509554"},{"key":"e_1_2_1_63_1","doi-asserted-by":"publisher","DOI":"10.1145\/3075564.3075572"},{"key":"e_1_2_1_64_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516666"},{"key":"e_1_2_1_65_1","unstructured":"TPC. 1988. TPC-H benchmark. http:\/\/www.tpc.org\/tpch\/ TPC. 1988. TPC-H benchmark. http:\/\/www.tpc.org\/tpch\/"},{"key":"e_1_2_1_66_1","volume-title":"Graphene-SGX: A Practical Library OS for Unmodified Applications on SGX. In USENIX Annual Technical Conference (ATC \u201917)","author":"Porter Donald E.","year":"2017","unstructured":"Chia-che Tsai, Donald E. Porter , and Mona Vij . 2017 . Graphene-SGX: A Practical Library OS for Unmodified Applications on SGX. In USENIX Annual Technical Conference (ATC \u201917) . Chia-che Tsai, Donald E. Porter, and Mona Vij. 2017. Graphene-SGX: A Practical Library OS for Unmodified Applications on SGX. In USENIX Annual Technical Conference (ATC \u201917)."},{"key":"e_1_2_1_67_1","doi-asserted-by":"publisher","DOI":"10.14778\/2535573.2488336"},{"key":"e_1_2_1_68_1","unstructured":"UC Berkley RISE Lab. 2021. MC2. https:\/\/mc2-project.github.io\/opaque-sql-docs\/src\/benchmarking\/benchmarking.html UC Berkley RISE Lab. 2021. MC2. https:\/\/mc2-project.github.io\/opaque-sql-docs\/src\/benchmarking\/benchmarking.html"},{"key":"e_1_2_1_69_1","volume-title":"Resilient Distributed Datasets: A Fault-Tolerant Abstraction for In-Memory Cluster Computing. In USENIX Symposium on Networked Systems Design and Implementation (NSDI \u201912)","author":"Zaharia Matei","year":"2012","unstructured":"Matei Zaharia , Mosharaf Chowdhury , Tathagata Das , Ankur Dave , Justin Ma , Murphy McCauly , Michael J. Franklin , Scott Shenker , and Ion Stoica . 2012 . Resilient Distributed Datasets: A Fault-Tolerant Abstraction for In-Memory Cluster Computing. In USENIX Symposium on Networked Systems Design and Implementation (NSDI \u201912) . Matei Zaharia, Mosharaf Chowdhury, Tathagata Das, Ankur Dave, Justin Ma, Murphy McCauly, Michael J. Franklin, Scott Shenker, and Ion Stoica. 2012. Resilient Distributed Datasets: A Fault-Tolerant Abstraction for In-Memory Cluster Computing. In USENIX Symposium on Networked Systems Design and Implementation (NSDI \u201912)."},{"key":"e_1_2_1_70_1","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.2003.1199340"},{"key":"e_1_2_1_71_1","volume-title":"Opaque: An Oblivious and Encrypted Distributed Analytics Platform. In USENIX Symposium on Networked Systems Design and Implementation (NSDI \u201917)","author":"Zheng Wenting","year":"2017","unstructured":"Wenting Zheng , Ankur Dave , Jethro G. Beekman , Raluca Ada Popa , Joseph E. Gonzalez , and Ion Stoica . 2017 . Opaque: An Oblivious and Encrypted Distributed Analytics Platform. In USENIX Symposium on Networked Systems Design and Implementation (NSDI \u201917) . Wenting Zheng, Ankur Dave, Jethro G. Beekman, Raluca Ada Popa, Joseph E. Gonzalez, and Ion Stoica. 2017. Opaque: An Oblivious and Encrypted Distributed Analytics Platform. In USENIX Symposium on Networked Systems Design and Implementation (NSDI \u201917)."}],"container-title":["Proceedings of the ACM on Programming Languages"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3591231","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3591231","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T16:47:46Z","timestamp":1750178866000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3591231"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,6,6]]},"references-count":71,"journal-issue":{"issue":"PLDI","published-print":{"date-parts":[[2023,6,6]]}},"alternative-id":["10.1145\/3591231"],"URL":"https:\/\/doi.org\/10.1145\/3591231","relation":{},"ISSN":["2475-1421"],"issn-type":[{"value":"2475-1421","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,6,6]]},"assertion":[{"value":"2023-06-06","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}