[Busec] NISLAB meeting: A Framework for Distributed Anonymous Data Collection and Feedback, this Friday 10am, PHO 404/428
maxvt at bu.edu
Tue Apr 21 18:25:07 EDT 2015
This Friday at a NISLAB meeting I am going to present some ongoing
research that will form the basis of my masters thesis.
This might be of interest to BUsec members since the design considers
privacy and anonymity concerns, and I would be glad to hear of any
potential issues with the design as well as aspects of privacy or
security guarantees that need to be elaborated further.
In the feedback part of the design, there is potential for an extension
from a simple implementation into the field of PIR (private information
retrieval), which is fairly new to me. Any feedback related to that part
- related work, existing implementations - would be welcome.
The current state of the industry's methods of collecting diagnostic
and usage data requires a lot of trust in the entity receiving the
data. Given numerous high profile privacy failures, many individuals
and companies are understandably skeptical and therefore choose not
to contribute any information. It is unfortunate since the data
could be used for improving reliability, or getting stronger
security, or for valuable research into patterns of usage.
We thus propose and are in the process of implementing and
evaluating a framework for non-realtime anonymous data collection,
aggregation for analysis, and feedback. Departing from the usual
``trusted core'' approach, we aim to maintain the reporting agent's
anonymity, even if the centralized part of the system is
compromised. We design a peer-to-peer mix network tuned to carry
data to a centralized repository while maintaining (i) source
anonymity, (ii) privacy in transit, and (iii) the ability to provide
feedback from central server to source.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Busec