Transcript The PORTIA Project: Research Overview

The PORTIA Project:
Research Overview
Dan Boneh
PORTIA Project Site Visit
Stanford CA, May 12-13, 2005
http://crypto.stanford.edu/portia
1
Agenda Overview
• 8:00 – 12:00 : Technical presentations
• 12:00 – 2:00 : Lunch, posters, and students.
• 2:00 – 3:45 : Technical presentations.
• 3:45 – 4:15 : Four demos.
• 4:15 - 4:30 : Wrap-up.
• 4:30 - 5:30 : Site visitors meeting.
• 5:30 - 6:00 : Clarifications.
2
PORTIA: Privacy, Obligations,
and Rights in Technologies of
Information Assessment
Five year, NSF Large-ITR project on
handling of sensitive information in a
networked world
Currently in middle of year 2.
3
Motivation: Sensitive Data
• Data that can harm data subjects, data owners, or data
users if it is mishandled.
– Not all of it is strictly “private.”
• There’s a lot more of it than there used to be:
– Increased use of computers and networks
Decreased storage costs
• “Mishandling” can be very harmful.
− e.g., ID theft or Loss of employment or insurance
• Multi-faceted: technological, social, and legal issues.
4
Academic Participants
Stanford
Yale
Dan Boneh
Hector Garcia-Molina
John Mitchell
Rajeev Motwani
Joan Feigenbaum
Ravi Kannan
Avi Silberschatz
Univ. of NM
Stephanie Forrest
Stevens
Rebecca Wright
NYU
Helen Nissenbaum
5
Research Partners
J. Balkin (Yale Law School)
C. Dwork (Microsoft)
S. Hawala (Census Bureau)
B. LaMacchia (Microsoft)
K. McCurley (IBM)
P. Miller (Yale Medical
School)
J. Morris (CDT)
T. Pageler (Secret Service)
B. Pinkas (Hewlett Packard)
M. Rotenberg (EPIC)
A. Schäffer (NIH)
D. Schutzer (CitiGroup)
Successful collaborations with (joint research, interns):
• SF-ECFT (SS), Microsoft, IBM, Google, HP.
• CDT, NIH, Census Bureau, Yale Medical and Law.
6
Statistics on Research Output
• Students: 29 supported PhD students,
9 supported MS student
5 supported postdocs, and
6 undergraduates.
• Available from PORTIA web site:
– 92 publications since inception (18 months).
• 43 with women co-authors, 4 with undergrads.
– 4 open source software systems.
7
Five Major Research Themes
1.
Privacy-preserving data mining and
privacy-preserving surveillance
2. Policy-enforcement tools for database systems
3. Sensitive data in distributed systems and P2P.
4. Contextual integrity
5. Identity theft and identity privacy
•
Tightly knit: many of the talks today will
touch on more than one topic.
8
Benefit of a Large ITR:
Research Collaboration
Stanford
PPDM
Yale
DB Policy Tools
Stevens
Distrib. Systems
UNM
Contextual Integrity
NYU
ID Protection
9
1. Privacy-Preserving Data mining
• Developed new techniques to mine large data sets that
limit compromise of user privacy:
– Mining shared sensitive data without ever
aggregating data in a single location (e.g. for using
bayesian-based data-mining methods)
– Initial experiments with PPDM on sensitive data
(e.g. Taulbee survey)
• Began building experimental PPDM platform:
– Several components including MySQL PIR and
distributed log computations.
10
2. Policy Enforcement in DB Systems
• Evaluated enterprise-wide
information-disclosure policies:
– Found inconsistencies in P3P and EPAL languages
and suggested modifications.
– Developed tools to distribute and access vertically
partitioned data (e.g. SB1386 compliance)
– Database tools for biosciences applications
• Developed methods and tools for policy
development, testing, and maintenance:
– e.g. tools to extract P3P policy from an EPAL policy.
11
3. Sensitive Data in Distributed
Systems and P2P
• Sample results:
1. Paranoid Platform for Privacy Preferences (P4P)
• Enable owner to retain the desired level of
control over particular information types.
2. New mechanisms for long-term and secure data
preservation in a peer-to-peer (P2P) system.
3. Combating P2P-based bot-nets (current-work).
• Trusted platforms:
–
–
–
Terra architecture and Private Attestation.
Economic analysis of trusted platforms and DRM,
Studied applicability to privacy protection.
12
Trusted Platforms
(TCG)
• Research results:
– Trusted-computing platform called Terra
(SOSP ’03).
– Privacy preserving attestation (ACM CCS ’04)
– Economic analysis of trusted platforms and DRM
(WEIS’04)
• Events since project’s inception:
– Delay/canceling of software tools (MS-NGSCB)
– Premature open source virt. tools (Xen, QEMU)
• Result: Need to rework PORTIA's trusted-
computing agenda in light of these events.
13
4. ID Theft and ID Privacy
• PORTIA Tools to combat online ID theft:
– Anti-phishing tools: SpoofGuard, PwdHash
– Anti-Spyware tools: SpyBlock (under development)
– All our tools are available with source code
on PORTIA web site.
• New ID privacy mechanisms:
– New group signatures designed for privacy
in VSC and Trusted Computing.
• Implemented as open source software library.
– New algorithms for k-anonymity in databases.
14
5. Contextual Integrity
• Continued developing the concept of
contextual integrity:
– Developed norms of Appropriateness and
transmission.
– Applied to PORTIA via case studies, e.g.
• Vehicle Safety Communication (VSC), and
• Census Bureau.
• Cyber-crime and Cyber-policing.
15
Summary
• One and a half years into a five year project.
• Significant progress on all research goals.
• Continuing with planned research agenda.
– Many remaining challenges in all five
project themes.
• Extensive educational and outreach activity.
16