Major technology providers are not the only ones thinking about how to best protect user data. Users, too, are becoming increasingly concerned, and when those users are PhDs and professors at some of the world’s top universities, innovation is spawned.
Last week, MIT News posted an announcement about Sieve, a secure, cryptographic system that allows users to control the type of data access the applications with which they interact receive. Frank Wang, a PhD candidate in electrical engineering and computer science at MIT, first had machinations of such a system while using his Fitbit over a year ago.
Like many security professionals, he wondered where his personal data was going, how it was being stored, and how—and by whom, exactly—it could be accessed.
Most Web app users don’t put a lot of thought into the permissions they’re granting the services (or the companies behind the services) they use. From smartphone to smart home to wearables and retail apps, these new and evolving apps are convenient and fun! Most users click and install, even when/if they have the ability to customize or limit permissions. As security practitioners, we’ve seen that ease of use takes precedence over privacy, but that’s all starting to change. According to Forrester Research, 44% of consumers worry that apps are collecting information without their consent.
As users become more privacy conscious, Sieve can help users take back control, even after installation of the app, and especially in cases where the user is not given the opportunity to customize permissions.
I don’t want to do it your way
As Wang explains, Sieve is “a rethinking of Web infrastructure.” When utilized, the model allows the user to store all of his or her data in the cloud (whose cloud is not specified), encrypted. When the installed app wants to gain access to data, a request is sent to the user, who can then decide what permissions to grant to the app. At that point, an encryption key is exchanged and the app receives the encrypted data. One of the most interesting aspects of Sieve is that Wang and team used key homomorphism to allow the user to send a message to the cloud and revoke the app’s access to data at any time without decrypting it first. The revocation can happen whenever the user chooses and for any segment of data.
Wang, along with MIT associate professors of electrical engineering and computer science Nickolai Zeldovich and Vinod Vaikuntanathan, and James Mickens, associate professor of computer science at Harvard University, also implemented attribute-based encryption. “With attribute-based encryption,” the report explains, “data items in a file are assigned different labels, or ‘attributes.’ After encryption, secret keys can be generated that unlock only particular combinations of attributes: name and zip code but not street name, for instance, or zip code and date of birth but not name.”
Attributes are an important part of this system; without the labeling, the app receives all or nothing, which has been the problem with apps from the start. With Sieve, the user can decide if the apps gets to see, for instance, what he is buying from the grocery store but not necessarily the location of the store or his rewards card account number. By handing control to the user, the user—not the app developer—decides what’s shared and what’s not. Many apps collect extraneous data but that’s not transparent to the user. This way, everything is transparent to the user but not necessarily the app (or developer).
User control and data privacy were the motivating factors behind the creation of Sieve, but another aspect Wang and team considered was regulation. Federal regulators have already voiced concerns about current lax data privacy practices. With the government grabbing at user data when and wherever possible, Wang feels users should ultimately be the gatekeepers of their information, not companies.
For now, but not for long
For now, Sieve is not commercially available. To be a viable product, Wang and team would have to convince app developers that Sieve can be a beneficial business tool, allowing them to build a competitive advantage, increase market share, and drive up revenues by offering consumers Privacy-as-a-service. Other kinks, like improving speed and creating a user-friendly interface, would need to be considered, too, but where there’s smoke, there’s fire. By most measures, there is interest from both the security community and consumers to get data privacy under control (and with the proliferation of IoT, it’s becoming urgent). Sieve has been under development for nearly a year; hopefully it’s not too long before the concept becomes a readily available reality.