Preventing data leakage in web services
Thesis: Ph. D., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2018.
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Thesis |
| Language: | eng |
| Published: |
Massachusetts Institute of Technology
2019
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/1721.1/120410 |
| _version_ | 1811083972788092928 |
|---|---|
| author | Wang, Frank Yi-Fei |
| author2 | Nickolai Zeldovich and James Mickens. |
| author_facet | Nickolai Zeldovich and James Mickens. Wang, Frank Yi-Fei |
| author_sort | Wang, Frank Yi-Fei |
| collection | MIT |
| description | Thesis: Ph. D., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2018. |
| first_indexed | 2024-09-23T12:42:33Z |
| format | Thesis |
| id | mit-1721.1/120410 |
| institution | Massachusetts Institute of Technology |
| language | eng |
| last_indexed | 2024-09-23T12:42:33Z |
| publishDate | 2019 |
| publisher | Massachusetts Institute of Technology |
| record_format | dspace |
| spelling | mit-1721.1/1204102019-04-12T23:17:37Z Preventing data leakage in web services Wang, Frank Yi-Fei Nickolai Zeldovich and James Mickens. Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science. Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science. Electrical Engineering and Computer Science. Thesis: Ph. D., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2018. Cataloged from PDF version of thesis. Includes bibliographical references (pages 77-86). Web services like Google, Facebook, and Dropbox are a regular part of users' lives. However, using these applications can cause sensitive data leakage both on the server and client. On the server-side, applications collect and analyze sensitive user data to monetize it. Consequently, this sensitive data can leak through data breaches or can be accessed by malicious service providers. On the client, when a user accesses a web service through the browser, sensitive user information may leak outside of the browser, e.g., to DNS interfaces or the swap space. An attacker who accesses the user device after a session has terminated can view this information. This dissertation presents two practical, secure systems, Veil and Splinter, that prevent some of this data leakage. Veil minimizes client-side information leakage from the browser by allowing web application developers to enforce stronger private browsing semantics without browser support. Splinter allows the server to properly respond to a user query without the server learning any sensitive information present in the query. by Frank Yi-Fei Wang. Ph. D. 2019-02-14T15:49:05Z 2019-02-14T15:49:05Z 2018 2018 Thesis http://hdl.handle.net/1721.1/120410 1084286224 eng MIT theses are protected by copyright. They may be viewed, downloaded, or printed from this source but further reproduction or distribution in any format is prohibited without written permission. http://dspace.mit.edu/handle/1721.1/7582 86 pages application/pdf Massachusetts Institute of Technology |
| spellingShingle | Electrical Engineering and Computer Science. Wang, Frank Yi-Fei Preventing data leakage in web services |
| title | Preventing data leakage in web services |
| title_full | Preventing data leakage in web services |
| title_fullStr | Preventing data leakage in web services |
| title_full_unstemmed | Preventing data leakage in web services |
| title_short | Preventing data leakage in web services |
| title_sort | preventing data leakage in web services |
| topic | Electrical Engineering and Computer Science. |
| url | http://hdl.handle.net/1721.1/120410 |
| work_keys_str_mv | AT wangfrankyifei preventingdataleakageinwebservices |