Archive

Posts Tagged ‘Privacy’

PhD defense of Alban Galland

September 19th, 2011
Comments Off

Alban Galland will defend his PhD, September 28th 2011 at 15:00, room 455 of PCRI at Gif-sur-Yvette (Plateau de Saclay)

Title: Distributed Data Management with Access Control
– Social Networks and Data of the Web

Abstract: The amount of information on the Web is spreading very rapidly. Users as
well as companies bring data to the network and are willing to share with
others. They quickly reach a situation where their information is hosted on
many machines they own and on a large number of autonomous systems
where they have accounts. Management of all this information is rapidly
becoming beyond human expertise. We introduce WebdamExchange, a
novel distributed knowledge-base model that includes logical statements
for specifying information, access control, secrets, distribution, and knowl-
edge about other peers. These statements can be communicated, replicated,
queried, and updated, while keeping track of time and provenance. The
resulting knowledge guides distributed data management. WebdamEx-
change model is based on WebdamLog, a new rule-based language for
distributed data management that combines in a formal setting deductive
rules as in Datalog with negation, (to specify intensional data) and active
rules as in Datalog¬¬ (for updates and communications). The model pro-
vides a novel setting with a strong emphasis on dynamicity and interactions
(in a Web 2.0 style). Because the model is powerful, it provides a clean
basis for the specification of complex distributed applications. Because it
is simple, it provides a formal framework for studying many facets of the
problem such as distribution, concurrency, and expressivity in the context
of distributed autonomous peers. We also discuss an implementation of a
proof-of-concept system that handles all the components of the knowledge
base and experiments with a lighter system designed for smartphones. We
believe that these contributions are a good foundation to overcome the
problems of Web data management, in particular with respect to access
control.

News , , , ,

PeerSoN : a P2P social networks

March 10th, 2009
Comments Off

Report on the presentation of Sonja Buchegger, March 9th, 2009
See PeerSoN web site and slides for more details
Warning : this report outlines the understanding of the post author (Alban Galland) and nothing more.

Context

Ubiquitous computing is a model where devices and systems collaborate to solve tasks given by the user without him being conscious of it. This paradigm leads to problems of privacy, since you leave trace everywhere in a virtual world integrated to real world. All these data could be used for data-mining, from advertising to surveillance. This virtual world usually suffer for a lack of memory loss. These systems also tends to centralize the data of the users on a part of the system. The personal (private), public and commercial spheres collide in this context.

Social networks are another model where this privacy issue is risen, since users store very personal data on these systems. They are usually web 2.0 services which need Internet connexion. The main feature is to let users keep in touch with their friend in an ambient way.

Integrating ubiquitous computing and social networks in an ubiquitous P2P social network helping privacy is then specially challenging. One of the main reason to design such a system is that social networks naturally collide with real world and ubiquity is then specially desirable. It also solves most of the ownership question about data and avoid that systems dictate terms of use.

Distribution

Social networks and ubiquitous computing are naturally distributed. PeerSoN use a distributed storage of data. To solve online availability problem, it uses replication on friends, the keys parameters chosen given a trace of users characterizing their temporal and geographical distribution. To solve boot-strapping, it also use storage on random nodes. The peers communicate directly but they use a DHT for lookup. This DHT was build using openDHT and Planet Labs in a first version, but too many availability problems lead to a centralized emulation of HT (put/get/remove operations) on the current version. The peers are identified by the hash of a globally unique identifier (such as email address) . When connecting to the DHT, the user register his user id, his machine IP and his data.

Direct exchange

In order not to be dependent of a network connection (and to go further on the ubiquity), the design should take in account delay tolerant networks. It is useful to carry information from friend to friend. Asynchronous messaging is an example of such content. But it is not clear that distribution will work well this way. It is also useful for storage, since the system should use the storage available around.

Access control

There is a trade-off between privacy and search. The user defines what he want to be searchable. The system emulates a fine-grained access control with keys (whom can see which part of the profile). This method would also provide protection against storage provider. The key management emulates a standard public key infrastructure and key may be exchanged by direct contact.

Related work and issues

  • Distributed file management: usually, the assumptions are that data is stable and interests follow Zipf’s distribution. In SN context, data change a lot and distribution of interest is local
  • Anonymity: distribution in a DHT leaves less traces of the query
  • Media storage: the storage should be optimized using novelty.

On-going work

Response time testings using different assumptions on the network.

News , , ,