Efficient Security and Privacy Enhancing Solutions in Untrusted Environments
MetadataShow full item record
Today, it is common to connect to Internet-based services through a variety of devices. While using the Internet, a user's personal information is exposed to untrusted or unreliable environments, from the applications they are using, to the networks delivering packets, to cloud-based remote services. As personal information increases in value, the incentives for remote services to collect as much of it as possible increase as well. On the other hand, users do not have much control over information exposure, while the risk is high as it is irreversible once it occurs. Despite the increasing security and privacy risk and much attention from research community and developers, many privacy issues remain unsolved. This dissertation explores the answers to the question: Can we design security and privacy enhancing systems in the current untrusted environment? In answering the question, my dissertation considers and tackles two key challenges---untrusted cloud services and linkability of user behavior by providing users with control over how and which of their information is exposed to other parties. It presents the solutions with two systems: MetaSync, a secure and reliable file synchronization service across multiple untrusted service providers, and the IPv6 pseudonym abstraction, a cross-layer architecture allowing users to have flexible control of linkability.