Mitigator: Privacy policy compliance using Intel SGX
| dc.contributor.author | Mazmudar, Miti | |
| dc.date.accessioned | 2019-06-19T18:50:35Z | |
| dc.date.available | 2019-06-19T18:50:35Z | |
| dc.date.issued | 2019-06-19 | |
| dc.date.submitted | 2019-06-11 | |
| dc.description.abstract | Privacy policies have been known to be hard to read and understand by internet users and yet users are obliged to accept these one-sided terms of usage of their data before they can effectively use websites. Although research has been conducted into alternative representations of privacy policies, it does not consider whether the website provider actually adheres to the data handling practices outlined in the privacy policy. However, there has been significant research towards achieving compliance of internal processing systems to access control policies that capture some aspects of privacy policies, such as those related to confidentiality of collected information, the time period of its retention, and its disclosure to third parties. Apart from the fact that these access control policies may not be designed to be translatable to machine-readable or simplified text policies, such systems suffer from two related drawbacks: first, they assume a large trusted computing base (TCB) and in particular, the operating system is included within their TCB. Secondly, as they are only aimed at achieving compliance of different internal data processing systems to these access control policies, they do not seek to provide users of any proof of a compliant system. On the other hand, trusted hardware seeks to reduce the TCB on a remote machine that a user needs to trust in order to run a program and obtain its results. Trusted hardware platforms provide two novel security properties: they disallow a malicious operating system from learning secrets from the program state and secondly, they allow the user to verify that the OS has not modified the program before or while running it, as long as the user trusts the hardware platform. Our goal is to design an architecture that uses an underlying trusted hardware platform to run a program, named the decryptor, that only hands users' data to a target program that has been determined to be compliant with a privacy policy model. As both of these programs are run on a trusted hardware platform, users can verify that the decryptor is indeed the correct, unmodified program. Most importantly, in our architecture, we provide trustworthy information about the verifier program used on the server side to a client program such that it can ensure that the target program has been checked for compliance with a privacy policy model by a valid verifier program. Such a verifier program should be made open-sourced so that it can be checked by experts. Our second contribution lies in implementing this architecture on the Intel SGX hardware platform, using a shim layer, namely the Graphene-SGX library. Finally, we also evaluate our system for its efficiency and find that it has a very small overhead in comparison with a setup that does not provide such guarantees. | en |
| dc.identifier.uri | http://hdl.handle.net/10012/14765 | |
| dc.language.iso | en | en |
| dc.pending | false | |
| dc.publisher | University of Waterloo | en |
| dc.subject | Intel SGX | en |
| dc.subject | Privacy policies | en |
| dc.subject | Privacy-enhancing technologies | en |
| dc.subject | Trusted hardware platforms | en |
| dc.subject | source-code compliance | en |
| dc.title | Mitigator: Privacy policy compliance using Intel SGX | en |
| dc.type | Master Thesis | en |
| uws-etd.degree | Master of Mathematics | en |
| uws-etd.degree.department | David R. Cheriton School of Computer Science | en |
| uws-etd.degree.discipline | Computer Science | en |
| uws-etd.degree.grantor | University of Waterloo | en |
| uws.comment.hidden | Changes made to address the problems found with the previous version: 1. Table of Contents - please include 'References' to the list. It must appear before the 'Appendices' -> I changed it to add 'References' to the TOC and moved it to before the Appendices in the PDF. 2. Page 104, 105 - currently, you have the page numbers centered on the left short-edge. You can keep the pages in a landscape orientation - but can you please ensure the page numbers appear on the bottom long-edge, centered. They should be consistent with the rest of the page numbers. - I kept the pages in a landscape orientation and moved the page numbers to appear as requested. | en |
| uws.contributor.advisor | Goldberg, Ian | |
| uws.contributor.affiliation1 | Faculty of Mathematics | en |
| uws.peerReviewStatus | Unreviewed | en |
| uws.published.city | Waterloo | en |
| uws.published.country | Canada | en |
| uws.published.province | Ontario | en |
| uws.scholarLevel | Graduate | en |
| uws.typeOfResource | Text | en |