MIT Libraries homeMIT Libraries logoDSpace@MIT

MIT
View Item 
  • DSpace@MIT Home
  • MIT Libraries
  • MIT Theses
  • Graduate Theses
  • View Item
  • DSpace@MIT Home
  • MIT Libraries
  • MIT Theses
  • Graduate Theses
  • View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.

Jelf : a web framework for automatic privacy policy enforcement

Author(s)
Hance, Travis J
Thumbnail
DownloadFull printable version (1.766Mb)
Alternative title
Web framework for automatic privacy policy enforcement
Other Contributors
Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science.
Advisor
Armando Solar-Lezama.
Terms of use
M.I.T. theses are protected by copyright. They may be viewed from this source for any purpose, but reproduction or distribution in any format is prohibited without written permission. See provided URL for inquiries about permission. http://dspace.mit.edu/handle/1721.1/7582
Metadata
Show full item record
Abstract
As people share more personal data on the web, it is increasingly important to correctly enforce policies on sensitive data. To address this problem, we have developed Jelf, a web framework that allows the programmer to separate the implementation of information flow policies from the rest of the functionality. The framework builds on previous work on the Jeeves programming language [28, 7] for automatically enforcing privacy policies. Our approach is novel in that it provides end-to-end guarantees by mediating interactions between the front-end, application, and database layers. The programmer only needs to specify information flow policies once for automatic enforcement across the web framework. To build Jelf, we have integrated Jeeves with Python and extended the Django web framework. Jelf consists of a Django template layer, a Python Jeeves application layer, and a Jeeves-compatible database layer. Our Python integration does not require changing the Python interpreter: we use have implemented our solution as a dynamic source transformation and a runtime library. The programmer may use Jelf with Python 2.7 and a standard SQL database. We have used Jelf to implement a conference management system. We describe the implementation and performance of this conference management system, as well as our experience using and running Jelf. Jelf policies comprise less than 3% of the code base and are concentrated in one place. We have deployed this system to collect submissions and reviews for an actual workshop.
Description
Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2014.
 
Thesis: S.B., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2014.
 
Cataloged from PDF version of thesis.
 
Includes bibliographical references (pages 55-57).
 
Date issued
2014
URI
http://hdl.handle.net/1721.1/91824
Department
Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science
Publisher
Massachusetts Institute of Technology
Keywords
Electrical Engineering and Computer Science.

Collections
  • Graduate Theses
  • Undergraduate Theses

Browse

All of DSpaceCommunities & CollectionsBy Issue DateAuthorsTitlesSubjectsThis CollectionBy Issue DateAuthorsTitlesSubjects

My Account

Login

Statistics

OA StatisticsStatistics by CountryStatistics by Department
MIT Libraries homeMIT Libraries logo

Find us on

Twitter Facebook Instagram YouTube RSS

MIT Libraries navigation

SearchHours & locationsBorrow & requestResearch supportAbout us
PrivacyPermissionsAccessibility
MIT
Massachusetts Institute of Technology
Content created by the MIT Libraries, CC BY-NC unless otherwise noted. Notify us about copyright concerns.