dc.contributor.advisor | Nickolai Zeldovich and James Mickens. | en_US |
dc.contributor.author | Wang, Frank Yi-Fei | en_US |
dc.contributor.other | Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science. | en_US |
dc.date.accessioned | 2019-02-14T15:49:05Z | |
dc.date.available | 2019-02-14T15:49:05Z | |
dc.date.copyright | 2018 | en_US |
dc.date.issued | 2018 | en_US |
dc.identifier.uri | http://hdl.handle.net/1721.1/120410 | |
dc.description | Thesis: Ph. D., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2018. | en_US |
dc.description | Cataloged from PDF version of thesis. | en_US |
dc.description | Includes bibliographical references (pages 77-86). | en_US |
dc.description.abstract | Web services like Google, Facebook, and Dropbox are a regular part of users' lives. However, using these applications can cause sensitive data leakage both on the server and client. On the server-side, applications collect and analyze sensitive user data to monetize it. Consequently, this sensitive data can leak through data breaches or can be accessed by malicious service providers. On the client, when a user accesses a web service through the browser, sensitive user information may leak outside of the browser, e.g., to DNS interfaces or the swap space. An attacker who accesses the user device after a session has terminated can view this information. This dissertation presents two practical, secure systems, Veil and Splinter, that prevent some of this data leakage. Veil minimizes client-side information leakage from the browser by allowing web application developers to enforce stronger private browsing semantics without browser support. Splinter allows the server to properly respond to a user query without the server learning any sensitive information present in the query. | en_US |
dc.description.statementofresponsibility | by Frank Yi-Fei Wang. | en_US |
dc.format.extent | 86 pages | en_US |
dc.language.iso | eng | en_US |
dc.publisher | Massachusetts Institute of Technology | en_US |
dc.rights | MIT theses are protected by copyright. They may be viewed, downloaded, or printed from this source but further reproduction or distribution in any format is prohibited without written permission. | en_US |
dc.rights.uri | http://dspace.mit.edu/handle/1721.1/7582 | en_US |
dc.subject | Electrical Engineering and Computer Science. | en_US |
dc.title | Preventing data leakage in web services | en_US |
dc.type | Thesis | en_US |
dc.description.degree | Ph. D. | en_US |
dc.contributor.department | Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science | |
dc.identifier.oclc | 1084286224 | en_US |