Login
Talks & Seminars
Title: A Data Capsule Framework For Web Services: Providing Flexible Data Access Control To Users
Jayanthkumar Kannan, Intel Labs Berkeley and University of California, Berkeley
Date & Time: February 24, 2010 16:00
Venue: SIC201, KR building
Abstract:
As the Internet has grown to be an important conduit for commercial transactions, the security risks of relying on such an open global communication network have multiplied alongside. One of the primary risks is that of exposure of private data. Over 400 data loss incidents from web services that store sensitive data belonging to their users were reported in 2009; each such incident exposed an average of half a million customer records outside the service hosting those records. This talk presents the design and implementation of an architectural framework that is aimed at ameliorating this problem of data exposure from web services. Central to this framework is the notion of a secure data capsule, which refers to an encapsulation of sensitive user information (such as, a stock trading strategy that operates on ticker data) along with code that implements an interface suitable for the use of such information (such as, notify the trading strategy of a new stock price ticker event) by a web service (such as, an online brokerage service). In our capsule framework, users provide their data in the form of such capsules to web services rather than raw data. Capsules can be deployed in a variety of ways, either on a trusted third party or the user's own computer or at the service itself using an available trusted software or hardware module, such as a virtual machine monitor or a trusted platform module; our framework can leverage the trusted module to ensure that the user's data is only accessed via the interface sanctioned by the user. Our framework allows an user to specify policies regarding which services or machines may host her capsule, what parties are allowed to access the interface, and with what parameters. The combination of interface restrictions and policy control lets us bound the impact of an attacker who compromises the service to gain access to the user's capsule or a malicious insider at the service itself. We will discuss our prototype implementation of this framework, along with three sample capsules that are useful for stock trading, targeted advertising, and payment scenarios, and conclude with promising avenues for future work.
Speaker Profile:
Jayanthkumar Kannan, Intel Labs Berkeley and University of California, Berkeley This talk is based on joint work with Petros Maniatis (Intel Labs Berkeley) and Byung-Gon Chun (Intel Labs Berkeley).
List of Talks

Webmail

Username:
Password:
Faculty CSE IT
Forgot Password
    [+] Sitemap     Feedback