PASS - Privacy Architectures for System Services

Introduction

'The proliferation of Internet services and, perhaps unavoidably, Internet crime, has left users more vulnerable than ever before. Taken in conjunction with the expanded deployment of wireless networks and the popularity of mobile devices, this trend is exerting tremendous pressure on user security. Due to the increased likelihood of communication monitoring, the issue of electronic privacy has of late attracted considerable attention. Unfortunately, implementing privacy in personal computer systems has traditionally been the domain of the paranoid computer specialist. In order for basic privacy to become pervasive among the non-technical user base, it must imitate the usage of other successful security (and other) services. There are a number of available tools that perform data scrubbing on a per file basis. The majority of these tools treat the file as a black box. For example, they will remove cookie, history, document history, log files, and preference files. These techniques work well when the user does not care about the posterity of the data, but they cannot address more complex information scrubbing where often the only course of action is manual removal. What is needed is a systematic way of handling personally identifying information, at every level of the user’s operating environment: the operating system, the application, and the network. Our goal in this project is to investigate and implement new paradigms for implementing privacy as a system service. The privacy service should automatically sanitize user data according to some predefined user preferences. Specifically it is the goal of this project to: 1. Investigate the various design options in architectures that provide privacy services. 2. Create the infrastructure necessary for carrying out the above work. 3. Leverage both the infrastructure and the results of the research work for the training of undergraduate and graduate students and other interested parties.'