The recent proliferation of sensors has created an environment in which human behaviors are continuously monitored and recorded. However, many types of this passively-generated data are particularly sensitive. For example, locations traces can be used to identify shopping, fitness, and eating habits. These traces have also been used to set insurance rates and to identify individual users in large, anonymized databases. To develop a trustworthy platform for ubiquitous computing applications, it will be necessary to provide strong privacy guarantees for the data consumed by these applications. Use-based privacy, which re-frames privacy as the prevention of harmful uses, is well-suited to address this problem.
This webinar introduces Ancile, a platform for enforcing use-based privacy for applications. Ancile is a run-time monitor positioned between applications and the data (such as location) they wish to utilize. Applications submit requests to Ancile; each request contains a program to be executed in Ancile’s trusted environment along with credentials to authenticate the application to Ancile. Ancile fetches data from a data provider, executes the program, and returns any output data to the application if and only if all commands in the program are authorized. We find that Ancile is both expressive and scalable. This suggests that use-based privacy is a promising approach to developing a privacy-enhancing platform for implementing location-based services and other applications that consume passively-generated data.
About Trusted CI: Trusted CI is the NSF Cybersecurity Center of Excellence. See our website trustedci.org.
*NOTE:* Be sure to check your SPAM/JUNK folder for the registration confirmation email.