Compute Globally, Act Locally: Protecting Federated Systems from Systemic Threats

Building dependable federated systems is often complicated by privacy concerns: if the domains are not willing to share information with each other, a global or 'systemic' threat may not be detected until it is too late. In this paper, we study this problem using a somewhat unusual example: the financial crisis of 2008. Based on results from the economics literature, we argue that a) the impending crisis could have been predicted by performing a specific distributed computation on the financial information of each bank, but that b) existing tools, such as secure multiparty computation, do not offer enough privacy to make participation safe from the banks' perspective. We then sketch the design of a system that can perform this (and possibly other) computation at scale with strong privacy guarantees. Results from an early prototype suggest that the computation and communication costs are reasonable.

[1]  Aart J. C. Bik,et al.  Pregel: a system for large-scale graph processing , 2010, SIGMOD Conference.

[2]  Cynthia Dwork,et al.  Differential Privacy , 2006, ICALP.

[3]  Oded Goldreich,et al.  Foundations of Cryptography: Volume 2, Basic Applications , 2004 .

[4]  M. Elliott,et al.  Financial Networks and Contagion , 2014 .

[5]  Vitaly Shmatikov,et al.  Robust De-anonymization of Large Sparse Datasets , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[6]  A. Tahbaz-Salehi,et al.  Systemic Risk and Stability in Financial Networks , 2013 .

[7]  S. Rajsbaum Foundations of Cryptography , 2014 .

[8]  Andrew Chi-Chih Yao,et al.  Protocols for Secure Computations (Extended Abstract) , 1982, FOCS.

[9]  Cynthia Dwork,et al.  Calibrating Noise to Sensitivity in Private Data Analysis , 2006, TCC.

[10]  Nick Feamster,et al.  Detecting General Network Neutrality Violations with Causal Inference , 2009 .

[11]  S. Kapadia,et al.  Andrew G Haldane: Rethinking the Financial Network , 2022 .

[12]  Jonathan Katz,et al.  Cryptography and the Economics of Supervisory Information: Balancing Transparency and Confidentiality , 2013 .

[13]  Prateek Mittal,et al.  BotGrep: Finding P2P Bots with Structured Graph Analysis , 2010, USENIX Security Symposium.

[14]  Oded Goldreich Foundations of Cryptography: Volume 1 , 2006 .

[15]  Andreas Haeberlen,et al.  Linear dependent types for differential privacy , 2013, POPL.

[16]  Jonathan Katz,et al.  Secure Multi-Party Computation of Boolean Circuits with Applications to Privacy in On-Line Marketplaces , 2012, CT-RSA.

[17]  Nick Feamster,et al.  Detecting network neutrality violations with causal inference , 2009, CoNEXT '09.

[18]  Emmanuel Abbe,et al.  Privacy-Preserving Methods for Sharing Financial Risk Exposures , 2011, ArXiv.

[19]  Márk Jelasity,et al.  Towards Automated Detection of Peer-to-Peer Botnets: On the Limits of Local Approaches , 2009, LEET.

[20]  Marcel Dischinger,et al.  Detecting bittorrent blocking , 2008, IMC '08.

[21]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[22]  A. Lo,et al.  A Survey of Systemic Risk Analytics , 2012 .

[23]  Moni Naor,et al.  Our Data, Ourselves: Privacy Via Distributed Noise Generation , 2006, EUROCRYPT.

[24]  Ratul Mahajan,et al.  Negotiation-based routing between neighboring ISPs , 2005, NSDI.