Jana: Private Data as a Service

Funded by DARPA’s Brandis program, Jana aims to provide practical private data as a service to protect subject privacy while retaining data utility to analysts.

Data as a Service (DaaS), a scalable model where shared data is accessed by many analysts, typically faces security breaches as well as legal but unintended use of data that can compromise privacy of data subjects.

Funded by DARPA’s Brandis program, Jana aims to provide practical private data as a service (PDaaS) atop DaaS to protect subject privacy while retaining data utility to analysts. Most importantly, Jana aims to demonstrate how an interoperable, open-source set of cryptographic, secure computation, and privacy analytics building blocks can meet these goals in a practical way that future systems can leverage.

In Jana, contributed data is encrypted at all times, starting before it leaves the subject’s possession. Results of queries against data are limited to how much data subjects are willing to reveal, to whom, and when. Jana combines multiple privacy-preserving techniques in practical, interoperable ways while preventing unintended privacy gaps. We do this by keeping data encrypted always, even during computation, using formal methods to analyze privacy leakage, and using differential privacy to mitigate that leakage.

To be practically deployable, Jana:

  • leverages open-source relational database and index technology to scale up to practical data volumes,
  • uses high-throughput secure computation for query processing to achieve practical throughput and latency,
  • uses machine learning techniques to make security policy evaluation efficient, and
  • performs functions “in the clear” when possible without compromising privacy.

Jana aims to enable DaaS relational database and SQL language middleware paradigms while providing privacy at the discretion of data subjects. It can reduce the problem of data breaches by keeping data encrypted while in transit, while stored, and while computed upon.

Jana is a project led by Galois that also includes the KU Leuven, Rutgers University, and George Mason University.

This material is based upon work supported by the Defense Advanced Research Projects Agency (DARPA) and Space and Naval Warfare Systems Center, Pacific (SSC Pacific) under contract No. N66001-15-C-4070. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of DARPA or SSC Pacific.  Distribution Statement A: Approved for Public Release, Distribution Unlimited