Show simple item record

dc.contributor.advisorNickolai Zeldovich and James Mickens.en_US
dc.contributor.authorWang, Frank Yi-Feien_US
dc.contributor.otherMassachusetts Institute of Technology. Department of Electrical Engineering and Computer Science.en_US
dc.date.accessioned2019-02-14T15:49:05Z
dc.date.available2019-02-14T15:49:05Z
dc.date.copyright2018en_US
dc.date.issued2018en_US
dc.identifier.urihttp://hdl.handle.net/1721.1/120410
dc.descriptionThesis: Ph. D., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2018.en_US
dc.descriptionCataloged from PDF version of thesis.en_US
dc.descriptionIncludes bibliographical references (pages 77-86).en_US
dc.description.abstractWeb services like Google, Facebook, and Dropbox are a regular part of users' lives. However, using these applications can cause sensitive data leakage both on the server and client. On the server-side, applications collect and analyze sensitive user data to monetize it. Consequently, this sensitive data can leak through data breaches or can be accessed by malicious service providers. On the client, when a user accesses a web service through the browser, sensitive user information may leak outside of the browser, e.g., to DNS interfaces or the swap space. An attacker who accesses the user device after a session has terminated can view this information. This dissertation presents two practical, secure systems, Veil and Splinter, that prevent some of this data leakage. Veil minimizes client-side information leakage from the browser by allowing web application developers to enforce stronger private browsing semantics without browser support. Splinter allows the server to properly respond to a user query without the server learning any sensitive information present in the query.en_US
dc.description.statementofresponsibilityby Frank Yi-Fei Wang.en_US
dc.format.extent86 pagesen_US
dc.language.isoengen_US
dc.publisherMassachusetts Institute of Technologyen_US
dc.rightsMIT theses are protected by copyright. They may be viewed, downloaded, or printed from this source but further reproduction or distribution in any format is prohibited without written permission.en_US
dc.rights.urihttp://dspace.mit.edu/handle/1721.1/7582en_US
dc.subjectElectrical Engineering and Computer Science.en_US
dc.titlePreventing data leakage in web servicesen_US
dc.typeThesisen_US
dc.description.degreePh. D.en_US
dc.contributor.departmentMassachusetts Institute of Technology. Department of Electrical Engineering and Computer Science
dc.identifier.oclc1084286224en_US


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record