Collaborative, Privacy-Preserving Data Aggregation at Scale
Combining and analyzing data collected at multiple administrative locations is critical for a wide variety of applications, such as detecting malicious attacks or computing an accurate estimate of the popularity of Web sites. However, legitimate concerns about privacy often inhibit participation in collaborative data aggregation. In this paper, the authors design, implement, and evaluate a practical solution for Privacy-preserving Data Aggregation (PDA) among a large number of participants. Scalability and efficiency is achieved through a "Semi-centralized" architecture that divides responsibility between a proxy that obliviously blinds the client inputs and a database that aggregates values by (blinded) keywords and identifies those keywords whose values satisfy some evaluation function.