November 30, 2010
1132 Harold Frank Hall
Ben Y. Zhao (Chair)
Amr El Abbadi
Title: Towards Practical Privacy in Existing Distributed Systems
Distributed systems consisting of multiple, loosely coupled components perform many critical tasks in our daily lives: ranging from running aircrafts and industrial control systems, to managing our financial transactions and providing Internet access. Some components in such systems, however, are inevitably more vulnerable than others, which can lead to severe privacy breaches.
The recent trends in computing, such as widespread use of cloud computing infrastructures, mash-up based Web 2.0 sites, and mobile devices, have increased the complexity and the size of the user base of today’s distributed systems. This increase in complexity has increased the potential avenues for privacy compromises, while the larger user base implies that the privacy attacks can impact millions of users in various ways.
Examining existing systems reveals that they often make a hard choice between privacy and performance. One set, consisting of systems such as third-party compute clouds, focus mainly on performance but provide minimal privacy guarantees to users. The other set, consisting of systems such as anonymous communication systems, focus on providing strong privacy guarantees but suffer from poor performance. Moving forward, the robust distributed systems we need must provide both usability in terms of good user-side performance and also protect privacy of their many users.
In this talk, we argue that it is necessary to design these systems by giving high priority to both privacy and performance. We present our research on third-party compute clouds, peer-to-peer anonymous communication systems, and online social networks. Our proposed mechanisms dramatically improve even existing systems to attain high privacy and high performance without significantly degrading their existing properties. Thus, we have made a significant first step in making today’s distributed systems usable and safe for users to use.