CAREER: Privacy-Compliant Web Services By Construction
职业:构建符合隐私的 Web 服务
基本信息
- 批准号:2045170
- 负责人:
- 金额:$ 58.5万
- 依托单位:
- 依托单位国家:美国
- 项目类别:Continuing Grant
- 财政年份:2021
- 资助国家:美国
- 起止时间:2021-02-15 至 2026-01-31
- 项目状态:未结题
- 来源:
- 关键词:
项目摘要
Today's web services store and process sensitive personal data without sufficient attention to data privacy. Privacy laws like the European Union's General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the proposed United States Consumer Data Privacy Act (CDPA) and Consumer Online Privacy Rights Act (CORPA) give users new rights to control their data (e.g., access and erasure on request, rights to object to processing). With today's systems, compliance with these laws requires onerous manual labor, particularly from small and medium-sized organizations. This project investigates new systems that – by construction – comply with these privacy laws. The key idea is to provide a "micro-database" for each user, which stores all their data and which they can choose to withdraw or resubscribe. This design enables new, fundamentally privacy-centric models, such as automatically removing idle users' data while making it easy for the users to return. Realizing compliance-by-construction requires innovation in storage systems and data processing techniques. To succeed, compliant-by-construction systems must match the convenience and performance of today's systems, and the project will contribute systems that efficiently handle millions of per-user micro-databases by advancing the state-of-the-art in scalable computing techniques (e.g., dataflow systems).The proposed research will lead to new, compliant-by-construction equivalents of today's popular web service software. These privacy-first systems will provide off-the-shelf tools that automate and "democratize" good privacy practices for small and medium-size organizations. This has the potential to save considerable expense, prevent costly mistakes, and improve data privacy on the internet. The work will affect academic state-of-the-art through papers, industry practice through technology transfer and open-source software, and the general public through new tools and raised awareness of privacy issues. All software developed in this project will be available as open-source code on the project website (https://cs.brown.edu/people/malte/research/privacy-by-construction.html). Undergraduate and graduate students will be trained in privacy-conscious system design and implementation, and in the implications of new privacy laws for system design, through curriculum integration of the research.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
今天的Web服务存储和处理敏感的个人数据,而没有充分关注数据隐私。欧盟的《通用数据保护条例》(GDPR)、《加州消费者隐私法》(CCPA)以及拟议中的《美国消费者数据隐私法》(CDPA)和《消费者在线隐私权法》(CORPA)等隐私法赋予用户控制其数据的新权利(例如,根据请求访问和擦除,反对处理的权利)。在当今的系统中,遵守这些法律需要繁重的体力劳动,特别是中小型组织。这个项目调查新的系统,通过建设,符合这些隐私法。其核心思想是为每个用户提供一个"微型数据库",存储他们所有的数据,他们可以选择撤回或重新订阅。这种设计实现了新的、从根本上以隐私为中心的模型,例如自动删除空闲用户的数据,同时使用户更容易返回。通过建设实现合规,需要在存储系统和数据处理技术方面进行创新。为了取得成功,符合建设的系统必须匹配当今系统的便利性和性能,该项目将通过推进可扩展计算技术的最新技术(例如,拟议的研究将导致新的,符合建设相当于今天流行的web服务软件。这些隐私优先系统将提供现成的工具,使中小型组织的良好隐私做法自动化和“民主化”。这有可能节省大量费用,防止代价高昂的错误,并改善互联网上的数据隐私。这项工作将通过论文影响最先进的学术水平,通过技术转让和开源软件影响行业实践,并通过新工具和提高对隐私问题的认识影响公众。该项目开发的所有软件都将作为开源代码在项目网站上提供(https://cs.brown.edu/people/malte/research/privacy-by-construction.html)。本科生和研究生将通过研究课程的整合,在隐私意识的系统设计和实施,以及新的隐私法对系统设计的影响方面进行培训。该奖项反映了NSF的法定使命,并通过使用基金会的智力价值和更广泛的影响审查标准进行评估,被认为值得支持。
项目成果
期刊论文数量(5)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)
Unleashing True Utility Computing with Quicksand
- DOI:10.1145/3593856.3595893
- 发表时间:2023-06
- 期刊:
- 影响因子:0
- 作者:Zhenyuan Ruan;Shihang Li;Kaiyan Fan;M. Aguilera;A. Belay;S. Park;Malte Schwarzkopf
- 通讯作者:Zhenyuan Ruan;Shihang Li;Kaiyan Fan;M. Aguilera;A. Belay;S. Park;Malte Schwarzkopf
Retrofitting GDPR compliance onto legacy databases
将 GDPR 合规性改造到旧数据库
- DOI:10.14778/3503585.3503603
- 发表时间:2021
- 期刊:
- 影响因子:2.5
- 作者:Agarwal, Archita;George, Marilyn;Jeyaraj, Aaron;Schwarzkopf, Malte
- 通讯作者:Schwarzkopf, Malte
Edna: Disguising and Revealing User Data in Web Applications
Edna:在 Web 应用程序中伪装和泄露用户数据
- DOI:10.1145/3600006.3613146
- 发表时间:2023
- 期刊:
- 影响因子:0
- 作者:Tsai, Lillian;Gross, Hannah;Kohler, Eddie;Kaashoek, Frans;Schwarzkopf, Malte
- 通讯作者:Schwarzkopf, Malte
Privacy Heroes Need Data Disguises
隐私英雄需要数据伪装
- DOI:10.1145/3458336.3465284
- 发表时间:2021
- 期刊:
- 影响因子:0
- 作者:Tsai, Lillian;Schwarzkopf, Malte;Kohler, Eddie
- 通讯作者:Kohler, Eddie
K9db: Privacy-Compliant Storage For Web Applications By Construction
K9db:通过构建实现 Web 应用程序的隐私兼容存储
- DOI:
- 发表时间:2023
- 期刊:
- 影响因子:0
- 作者:Albab, Kinan Dak;Sharma, Ishan;Adam, Justus;Kilimnik, Benjamin;Jeyaraj, Aaron;Paul, Raj;Agvanian, Artem;Spiegelberg, Leonhard;Schwarzkopf, Malte
- 通讯作者:Schwarzkopf, Malte
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
数据更新时间:{{ journalArticles.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ monograph.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ sciAawards.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ conferencePapers.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ patent.updateTime }}
Malte Schwarzkopf其他文献
Research Statement – Malte Schwarzkopf
研究报告——马尔特·施瓦茨科普夫
- DOI:
- 发表时间:
2018 - 期刊:
- 影响因子:0
- 作者:
Malte Schwarzkopf - 通讯作者:
Malte Schwarzkopf
Cluster Scheduling for Data Centers
- DOI:
10.1145/3155112.3173558 - 发表时间:
2017-10 - 期刊:
- 影响因子:0
- 作者:
Malte Schwarzkopf - 通讯作者:
Malte Schwarzkopf
Operating system support for warehouse-scale computing
- DOI:
10.17863/cam.26443 - 发表时间:
2018-11 - 期刊:
- 影响因子:0
- 作者:
Malte Schwarzkopf - 通讯作者:
Malte Schwarzkopf
DEMO: Integrating MPC in Big Data Workflows
演示:将 MPC 集成到大数据工作流程中
- DOI:
- 发表时间:
2016 - 期刊:
- 影响因子:0
- 作者:
Nikolaj Volgushev;Malte Schwarzkopf;A. Lapets;Mayank Varia;Azer Bestavros - 通讯作者:
Azer Bestavros
Malte Schwarzkopf的其他文献
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
{{ truncateString('Malte Schwarzkopf', 18)}}的其他基金
Education DCL: EAGER: Teaching Privacy via Stakeholder Modeling
教育 DCL:EAGER:通过利益相关者建模教授隐私
- 批准号:
2335625 - 财政年份:2024
- 资助金额:
$ 58.5万 - 项目类别:
Standard Grant
Travel: Student Travel Support to SOSP 2023
旅行:SOSP 2023 学生旅行支持
- 批准号:
2342883 - 财政年份:2024
- 资助金额:
$ 58.5万 - 项目类别:
Standard Grant
EAGER: SaTC-EDU: Instilling a Mindset of Adversarial Thinking into Computer Science Courses Early and Often
EAGER:SaTC-EDU:尽早且经常地将对抗性思维方式灌输到计算机科学课程中
- 批准号:
2039354 - 财政年份:2020
- 资助金额:
$ 58.5万 - 项目类别:
Standard Grant
相似海外基金
Evolving privacy and utility in data storage and publishing
数据存储和发布中不断发展的隐私和实用性
- 批准号:
DE240100165 - 财政年份:2024
- 资助金额:
$ 58.5万 - 项目类别:
Discovery Early Career Researcher Award
CAREER: Verifying Security and Privacy of Distributed Applications
职业:验证分布式应用程序的安全性和隐私
- 批准号:
2338317 - 财政年份:2024
- 资助金额:
$ 58.5万 - 项目类别:
Continuing Grant
CRII: SaTC: Privacy vs. Accountability--Usable Deniability and Non-Repudiation for Encrypted Messaging Systems
CRII:SaTC:隐私与责任——加密消息系统的可用否认性和不可否认性
- 批准号:
2348181 - 财政年份:2024
- 资助金额:
$ 58.5万 - 项目类别:
Standard Grant
A Principled Framework for Explaining, Choosing and Negotiating Privacy Parameters of Differential Privacy
解释、选择和协商差异隐私的隐私参数的原则框架
- 批准号:
23K24851 - 财政年份:2024
- 资助金额:
$ 58.5万 - 项目类别:
Grant-in-Aid for Scientific Research (B)
Global Road Damage Detection with privacy-preserved collaboration
通过保护隐私的协作进行全球道路损坏检测
- 批准号:
24K17366 - 财政年份:2024
- 资助金额:
$ 58.5万 - 项目类别:
Grant-in-Aid for Early-Career Scientists
CAREER: Architectural Foundations for Practical Privacy-Preserving Computation
职业:实用隐私保护计算的架构基础
- 批准号:
2340137 - 财政年份:2024
- 资助金额:
$ 58.5万 - 项目类别:
Continuing Grant
Collaborative Research: SHF: Small: Efficient and Scalable Privacy-Preserving Neural Network Inference based on Ciphertext-Ciphertext Fully Homomorphic Encryption
合作研究:SHF:小型:基于密文-密文全同态加密的高效、可扩展的隐私保护神经网络推理
- 批准号:
2412357 - 财政年份:2024
- 资助金额:
$ 58.5万 - 项目类别:
Standard Grant
Collaborative Research: CIF-Medium: Privacy-preserving Machine Learning on Graphs
合作研究:CIF-Medium:图上的隐私保护机器学习
- 批准号:
2402815 - 财政年份:2024
- 资助金额:
$ 58.5万 - 项目类别:
Standard Grant
Collaborative Research: NeTS: Small: A Privacy-Aware Human-Centered QoE Assessment Framework for Immersive Videos
协作研究:NetS:小型:一种具有隐私意识、以人为本的沉浸式视频 QoE 评估框架
- 批准号:
2343619 - 财政年份:2024
- 资助金额:
$ 58.5万 - 项目类别:
Standard Grant
SHF: Small: Hardware-Software Co-design for Privacy Protection on Deep Learning-based Recommendation Systems
SHF:小型:基于深度学习的推荐系统的隐私保护软硬件协同设计
- 批准号:
2334628 - 财政年份:2024
- 资助金额:
$ 58.5万 - 项目类别:
Standard Grant