Protecting User Data in Large-Scale Web Services
Speaker
Frank Wang
MIT CSAIL
Host
Nickolai Zeldovich
MIT CSAIL
Abstract:
Web services like Google, Facebook, and Dropbox are now an essential part of people’s lives. In order to provide value to users, these services collect, store, and analyze large amounts of their users’ sensitive data. However, once the user provides her information to the web service, she loses control over how the application manipulates that data. For example, a user cannot control where the application forwards her data. Even if the service wanted to allow users to define access controls, it is unclear how these access controls should be expressed and enforced. Not only is it difficult to develop these secure access control mechanisms, but it is also difficult to ensure these mechanisms are practical. My research addresses these concerns. More specifically, it focuses on building practical, secure mechanisms for protecting user data in large-scale, distributed web services.
Bio:
Frank Wang is a Ph.D. student at the MIT CSAIL, advised by Nickolai Zeldovich and James Mickens. He completed his undergraduate studies at Stanford University, focusing on applied cryptography. He runs the MIT security seminar and co-founded a summer program for early stage security companies called Cybersecurity Factory.
Committee:
Nickolai Zeldovich, James Mickens, Vinod Vaikuntanathan
Web services like Google, Facebook, and Dropbox are now an essential part of people’s lives. In order to provide value to users, these services collect, store, and analyze large amounts of their users’ sensitive data. However, once the user provides her information to the web service, she loses control over how the application manipulates that data. For example, a user cannot control where the application forwards her data. Even if the service wanted to allow users to define access controls, it is unclear how these access controls should be expressed and enforced. Not only is it difficult to develop these secure access control mechanisms, but it is also difficult to ensure these mechanisms are practical. My research addresses these concerns. More specifically, it focuses on building practical, secure mechanisms for protecting user data in large-scale, distributed web services.
Bio:
Frank Wang is a Ph.D. student at the MIT CSAIL, advised by Nickolai Zeldovich and James Mickens. He completed his undergraduate studies at Stanford University, focusing on applied cryptography. He runs the MIT security seminar and co-founded a summer program for early stage security companies called Cybersecurity Factory.
Committee:
Nickolai Zeldovich, James Mickens, Vinod Vaikuntanathan