A decentralized model for information flow control
Proceedings of the sixteenth ACM symposium on Operating systems principles
A lattice model of secure information flow
Communications of the ACM
A note on the confinement problem
Communications of the ACM
Revealing information while preserving privacy
Proceedings of the twenty-second ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Practical taint-based protection using demand emulation
Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006
Understanding data lifetime via whole system simulation
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Making information flow explicit in HiStar
OSDI '06 Proceedings of the 7th USENIX Symposium on Operating Systems Design and Implementation - Volume 7
Information flow control for standard OS abstractions
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Noninterference for a Practical DIFC-Based Operating System
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
CLAMP: Practical Prevention of Large-Scale Data Leaks
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds
Proceedings of the 16th ACM conference on Computer and communications security
Neon: system support for derived data management
Proceedings of the 6th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Differential privacy under continual observation
Proceedings of the forty-second ACM symposium on Theory of computing
Privacy integrated queries: an extensible platform for privacy-preserving data analysis
Communications of the ACM
Discovering frequent patterns in sensitive data
Proceedings of the 16th ACM SIGKDD international conference on Knowledge discovery and data mining
Proceedings of the Sixth Symposium on Usable Privacy and Security
Airavat: security and privacy for MapReduce
NSDI'10 Proceedings of the 7th USENIX conference on Networked systems design and implementation
xBook: redesigning privacy control in social networking platforms
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Privad: practical privacy in online advertising
Proceedings of the 8th USENIX conference on Networked systems design and implementation
"You Might Also Like: " Privacy Risks of Collaborative Filtering
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
CryptDB: protecting confidentiality with encrypted query processing
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Cells: a virtual mobile smartphone architecture
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Android permissions demystified
Proceedings of the 18th ACM conference on Computer and communications security
Proceedings of the 18th ACM conference on Computer and communications security
Auctions in do-not-track compliant internet advertising
Proceedings of the 18th ACM conference on Computer and communications security
Information-Theoretic Bounds for Differentially Private Mechanisms
CSF '11 Proceedings of the 2011 IEEE 24th Computer Security Foundations Symposium
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Calibrating noise to sensitivity in private data analysis
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Towards statistical queries over distributed private user data
NSDI'12 Proceedings of the 9th USENIX conference on Networked Systems Design and Implementation
ObliviAd: Provably Secure and Practical Online Behavioral Advertising
SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
Android permissions: user attention, comprehension, and behavior
Proceedings of the Eighth Symposium on Usable Privacy and Security
Keeping information safe from social networking apps
Proceedings of the 2012 ACM workshop on Workshop on online social networks
HotSec'12 Proceedings of the 7th USENIX conference on Hot Topics in Security
Hails: protecting data privacy in untrusted web applications
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
Embassies: radically refactoring the web
nsdi'13 Proceedings of the 10th USENIX conference on Networked Systems Design and Implementation
ipShield: a framework for enforcing context-aware privacy
NSDI'14 Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation
| Hi-index | 0.00 |
We present πBox, a new application platform that prevents apps from misusing information about their users. To strike a useful balance between users' privacy and apps' functional needs, πBox shifts much of the responsibility for protecting privacy from the app and its users to the platform itself. To achieve this, πBox deploys (1) a sandbox that spans the user's device and the cloud, (2) specialized storage and communication channels that enable common app functionalities, and (3) an adaptation of recent theoretical algorithms for differential privacy under continual observation.We describe a prototype implementation of πBox and show how it enables a wide range of useful apps with minimal performance overhead and without sacrificing user privacy.