Stories
Slash Boxes
Comments

SoylentNews is people

posted by chromas on Tuesday February 26 2019, @08:32PM   Printer-friendly

A new platform developed by MIT and Harvard University researchers ensures that web services adhere to users' preferences on how their data are stored and shared in the cloud.

In today's world of cloud computing, users of mobile apps and web services store personal data on remote data center servers. These data may include photos, social media profiles, email addresses, and even fitness data from wearable devices. Services often aggregate multiple users' data across servers to gain insights on, say, consumer shopping patterns to help recommend new items to specific users, or may share data with advertisers. Traditionally, however, users haven't had the power to restrict how their data are processed and shared.

In a paper [pdf] being presented at this week's USENIX Networked Systems Design and Implementation conference, the researchers describe a platform, called Riverbed, that forces data center servers to only use data in ways that users explicitly approve.

In Riverbed, a user's web browser or smartphone app does not communicate with the cloud directly. Instead, a Riverbed proxy runs on a user's device to mediate communication. When the service tries to upload user data to a remote service, the proxy tags the data with a set of permissible uses for their data, called a "policy."

Users can select any number of predefined restrictions -- such as, "do not store my data on persistent storage" or "my data may only be shared with the external service [domain name]." The proxy tags all the data with the selected policy.

In the datacenter, Riverbed assigns the uploaded data to an isolated cluster of software components, with each cluster processing only data tagged with the same policies. For example, one cluster may contain data that can't be shared with other services, while another may hold data that can't be written to disk. Riverbed monitors the server-side code to ensure it adheres to a user's policies. If it doesn't, Riverbed terminates the service.

Riverbed aims to enforce user data preferences, while maintaining advantages of cloud computing, such as performing large-scale computations on outsourced servers. "Users give a lot of data to web apps for services, but lose control of how the data is used or where it's going," says first author Frank Wang SM '16, PhD '18, a recent graduate of the Department of Electrical Engineering and Computer Science and the Computer Science and Artificial Intelligence Laboratory. "We give users control to tell web apps, 'This is exactly how you can use my data.'"

[...] In their paper, the researchers' evaluated Riverbed on several apps, demonstrating the platform keeps data secure with little overhead. Results show that more than 1,000 universes can squeeze onto a single server, with added computation that slows down the service by about 10 percent. That's fast and efficient enough for real-world use, Wang says.

The researchers envision the policies as being written by advocacy groups, such as Electronic Frontier Foundation (EFF), an international nonprofit digital rights group. New policies can be "dropped in" to a Riverbed-run service at any time, meaning developers don't need to rewrite code.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by MichaelDavidCrawford on Wednesday February 27 2019, @12:08AM

    by MichaelDavidCrawford (2339) Subscriber Badge <mdcrawford@gmail.com> on Wednesday February 27 2019, @12:08AM (#807359) Homepage Journal

    How often does it turn out that department store Santas are diddling their little charges?

    Some joker over at Facebook has been quite _energetically_ opposing my effort to eliminate Tracking Pixels from the Earth.

    And why?

    Because they're good for us!

    Or so he asserts. I've yet to follow his argument but I'm sure a seed of rationality must be in there _somewhere_.

    That's always the case for me, it so happens. For example I once pointed out to two complete strangers that I was a Secret Service Agent. I spent quite a lot of time puzzling over where that comes from.

    Here It Is:

    A friend writes a progressive political blog [seeingtheforest.com] of which Jimmy Carter is his Number One Fan.

    "A seed" indeed.

    --
    Yes I Have No Bananas. [gofundme.com]
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2