CS Seminar: "Privacy, Security, and Performance in Distributed Proof Systems" by Dr. Adam J. Lee
Date: May 14, 2009
Time: 2:00 pm – 3:00 pm
Where: BSB 3.03.02 Loeffler Room
Privacy, Security, and Performance in Distributed Proof Systems
by Dr. Adam J. Lee (University of Pittsburgh)
Distributed proof construction protocols have been shown to be valuable for reasoning about authorization decisions in open distributed environments such as pervasive computing spaces. Unfortunately, existing distributed proof protocols offer only limited support for protecting the confidentiality of sensitive facts, which limits their utility in many practical scenarios. In this talk, we will discuss a distributed proof construction protocol in which the release of a fact's truth value can be made contingent upon facts managed by other principals in the system. We will show that our protocol can safely prove conjunctions of facts without leaking the truth values of individual facts, even in the face of colluding adversaries or fact release policies with cyclical dependencies. This facilitates the definition of context-sensitive release policies that enable the conditional use of sensitive facts in distributed proofs. In addition to the setheoretical properties, we will discuss the performance of an implementation of our system, as well as initial musings regarding the privacy/performance trade-off in distributed proof systems. This research was carried out jointly with Kazuhiro Minami (UIUC), Nikita Borisov (UIUC), and Brian Wongchaowart (Pitt).
Dr. Adam J. Lee is currently an assistant professor of Computer Science at the University of Pittsburgh. He received the MS and PhD degrees in Computer Science from the University of Illinois at Urbana-Champaign in 2005 and 2008, respectively. Prior to that, he received his BS in Computer Science from Cornell University. His research interests lie at the intersection of the computer security, privacy, and distributed systems fields. He is particularly interested in trust management approaches to authorization, which can be used to facilitate secure interactions across multiple security domains while still preserving each individual's privacy and autonomy.