The PORTIA Project: Research Overview

1. The PORTIA Project:Research Overview Dan Boneh PORTIA Project Site Visit Stanford CA, May 12-13, 2005 http://crypto.stanford.edu/portia

2. Agenda Overview • 8:00 – 12:00 : Technical presentations • 12:00 – 2:00 : Lunch, posters, and students. • 2:00 – 3:45 : Technical presentations. • 3:45 – 4:15 : Four demos. • 4:15 - 4:30 : Wrap-up. • 4:30 - 5:30 : Site visitors meeting. • 5:30 - 6:00 : Clarifications.

3. PORTIA: Privacy, Obligations, and Rights in Technologies of Information Assessment Five year, NSF Large-ITR project on handling of sensitive information in a networked world Currently in middle of year 2.

4. Motivation: Sensitive Data • Data that can harm data subjects, data owners, or data users if it is mishandled. • Not all of it is strictly “private.” • There’s a lot more of it than there used to be: • Increased use of computers and networks • Decreased storage costs • “Mishandling” can be very harmful. • e.g., ID theft or Loss of employment or insurance • Multi-faceted: technological, social, and legal issues.

5. Stanford Dan Boneh Hector Garcia-Molina John Mitchell Rajeev Motwani Yale Joan Feigenbaum Ravi Kannan Avi Silberschatz Academic Participants Univ. of NMStevensNYU Stephanie Forrest Rebecca Wright Helen Nissenbaum

6. J. Balkin (Yale Law School) C. Dwork (Microsoft) S. Hawala (Census Bureau) B. LaMacchia (Microsoft) K. McCurley (IBM) P. Miller (Yale Medical School) J. Morris (CDT) T. Pageler (Secret Service) B. Pinkas (Hewlett Packard) M. Rotenberg (EPIC) A. Schäffer (NIH) D. Schutzer (CitiGroup) Research Partners • Successful collaborations with (joint research, interns): • SF-ECFT (SS), Microsoft, IBM, Google, HP. • CDT, NIH, Census Bureau, Yale Medical and Law.

7. Statistics on Research Output • Students: 29 supported PhD students, 9 supported MS student 5 supported postdocs, and 6 undergraduates. • Available from PORTIA web site: • 92 publications since inception (18 months). • 43 with women co-authors, 4 with undergrads. • 4 open source software systems.

8. Five Major Research Themes • Privacy-preserving data mining and privacy-preserving surveillance • Policy-enforcement tools for database systems • Sensitive data in distributed systems and P2P. • Contextual integrity • Identity theft and identity privacy • Tightly knit: many of the talks today will touch on more than one topic.

9. Benefit of a Large ITR: Research Collaboration Stanford PPDM Yale DB Policy Tools Stevens Distrib. Systems UNM Contextual Integrity NYU ID Protection

10. 1. Privacy-Preserving Data mining • Developed new techniques to mine large data sets that limit compromise of user privacy: • Mining shared sensitive data without ever aggregating data in a single location (e.g. for using bayesian-based data-mining methods) • Initial experiments with PPDM on sensitive data (e.g. Taulbee survey) • Began building experimental PPDM platform: • Several components including MySQL PIR and distributed log computations.

11. 2. Policy Enforcement in DB Systems • Evaluated enterprise-wide information-disclosure policies: • Found inconsistencies in P3P and EPAL languages and suggested modifications. • Developed tools to distribute and access vertically partitioned data (e.g. SB1386 compliance) • Database tools for biosciences applications • Developed methods and tools for policy development, testing, and maintenance: • e.g. tools to extract P3P policy from an EPAL policy.

12. 3. Sensitive Data in Distributed Systems and P2P • Sample results: • Paranoid Platform for Privacy Preferences (P4P) • Enable owner to retain the desired level of control over particular information types. • New mechanisms for long-term and secure data preservation in a peer-to-peer (P2P) system. • Combating P2P-based bot-nets (current-work). • Trusted platforms: • Terra architecture and Private Attestation. • Economic analysis of trusted platforms and DRM, • Studied applicability to privacy protection.

13. Trusted Platforms (TCG) • Research results: • Trusted-computing platform called Terra(SOSP ’03). • Privacy preserving attestation(ACM CCS ’04) • Economic analysis of trusted platforms and DRM (WEIS’04) • Events since project’s inception: • Delay/canceling of software tools (MS-NGSCB) • Premature open source virt. tools (Xen, QEMU) • Result: Need to rework PORTIA's trusted- computing agenda in light of these events.

14. 4. ID Theft and ID Privacy • PORTIA Tools to combat online ID theft: • Anti-phishing tools: SpoofGuard, PwdHash • Anti-Spyware tools: SpyBlock(under development) • All our tools are available with source code on PORTIA web site. • New ID privacy mechanisms: • New group signatures designed for privacy in VSC and Trusted Computing. • Implemented as open source software library. • New algorithms for k-anonymity in databases.

15. 5. Contextual Integrity • Continued developing the concept of contextual integrity: • Developed norms of Appropriateness and transmission. • Applied to PORTIA via case studies, e.g. • Vehicle Safety Communication (VSC), and • Census Bureau. • Cyber-crime and Cyber-policing.

16. Summary • One and a half years into a five year project. • Significant progress on all research goals. • Continuing with planned research agenda. • Many remaining challenges in all five project themes. • Extensive educational and outreach activity.