Skip to main content

Research Talk:  Retrofitting Privacy into Traditional Operating Systems

Date:July 14, 2016 
Talk Title:Retrofitting Privacy into Traditional Operating Systems
Speaker:Kaan Onarlioglu, PhD Student at Northeastern University
Time & Location:12:00pm - 1:00pm
CIC 2101, Pittsburgh

Abstract

With the scale of sensitive information processed and stored on computers today, implementing and maintaining application-specific privacy features is inefficient and bug prone. While it would be a relatively straightforward task to build a secure computing environment from the ground up, a significant challenge is to design privacy-enhancing techniques compatible with already widely-deployed operating systems, which also do not require modifications to existing user space software. In this talk I will present two systems to retrofit novel, application-agnostic privacy features into traditional operating systems: 1) PrivExec is an operating system service that allows a "private browsing mode-like" execution platform for arbitrary applications. 2) Overhaul is a user-driven access control architecture, where access to privacy-sensitive resources is mediated based on the temporal proximity of user inputs to access requests. I will present operating system-independent designs for the two systems, and then demonstrate with concrete Linux implementations that low-complexity, low-overhead, and high-usability privacy defenses can be integrated into existing operating systems.

Speaker Bio

Kaan Onarlioglu is a PhD student at Northeastern University, Boston. He is a member of the Secure Systems Lab (SecLab). Kaan's research interests span a wide array of systems and Internet security topics, with an emphasis on designing practical tools and technologies to help users stay secure online. His recent work involves retrofitting novel privacy features into operating systems, and hardening existing software against evolving security threats.