Dissertation/Thesis Abstract

Rethinking information privacy for the web
by Tierney, Matthew Ryan, Ph.D., New York University, 2013, 161; 3602740
Abstract (Summary)

Hanni M. Fakhoury, staff attorney with the Electronic Frontier Foundation, has argued against Supreme Court Justice Samuel Alito’s opinion that society should accept a decline in personal privacy with modern technology, “Technology doesn’t involve an ‘inevitable’ tradeoff [of increased convenience] with privacy. The only inevitability must be the demand that privacy be a value built into our technology” [40]. Our position resonates with Mr. Fakhoury’s assertion for rethinking information privacy for the web. In this thesis, we present three artifacts that address the balance between usability, efficiency, and privacy as we rethink information privacy for the web.

In the first part of this thesis, we propose the design, implementation and evaluation of Cryptagram, a system designed to enhance online photo privacy. Cryptagram enables users to convert photos into encrypted images, which the users upload to Online Social Networks (OSNs). Users directly manage access control to those photos via shared keys that are independent of OSNs or other third parties. OSNs apply standard image transformations (JPEG compression) to all uploaded images so Cryptagram provides image encoding and encryption protocols that are tolerant to these transformations. Cryptagram guarantees that the recipient with the right credentials can completely retrieve the original image from the transformed version of the uploaded encrypted image while the OSN cannot infer the original image. Cryptagram’s browser extension integrates seamlessly with preexisting OSNs, including Facebook and Google+, and currently has over 400 active users.

In the second part of this thesis, we introduce the design of Lockbox, a system designed to provide end-to-end private file-sharing with the convenience of Google Drive or Dropbox. Lockbox uniquely combines two important design points: (1) a federated system for detecting and recovering from server equivocation and (2) a hybrid cryptosystem over delta encoded data to balance storage and bandwidth costs with efficiency for syncing end-user data. To facilitate appropriate use of public keys in the hybrid cryptosystem, we integrate a service that we call KeyNet, which is a web service designed to leverage existing authentication media (e.g., OAuth, verified email addresses) to improve the usability of public key cryptography.

In the third part of this thesis, we propose a new system, Compass, which realizes the philosophical privacy framework of contextual integrity (CI) as a full OSN design. CI), which we believe better captures users privacy expectations in OSNs. In Compass, three properties hold: (a) users are associated with roles in specific contexts; (b) every piece of information posted by a user is associated with a specific context; (c) norms defined on roles and attributes of posts in a context govern how information is shared across users within that context. Given the definition of a context and its corresponding norm set, we describe the design of a compiler that converts the human-readable norm definitions to generate appropriate information flow verification logic including: (a) a compact binary decision diagram for the norm set; and (b) access control code that evaluates how a new post to a context will flow. We have implemented a prototype that shows how the philosophical framework of contextual integrity can be realized in practice to achieve strong privacy guarantees with limited additional verification overhead.

Supplemental Files

Some files may require a special program or browser plug-in. More Information

Indexing (document details)
Advisor: Subramanian, Lakshminarayanan
Commitee: Li, Jinyang, Memon, Nasir, Nissenbaum, Helen, Shasha, Dennis
School: New York University
Department: Computer Science
School Location: United States -- New York
Source: DAI-B 75/03(E), Dissertation Abstracts International
Source Type: DISSERTATION
Subjects: Computer science
Keywords: Contextual integrity, File sharing, Online social networks, Photos, Privacy
Publication Number: 3602740
ISBN: 9781303559778
Copyright © 2019 ProQuest LLC. All rights reserved. Terms and Conditions Privacy Policy Cookie Policy
ProQuest