MIT’s New platform “Riverbed” is putting data privacy in the hands of users

MIT and Harvard University researchers have developed a platform, called Riverbed, that ensures that web services adhere to users’ preferences on how their data are stored and shared in the cloud.

These days, the usage of Cloud Computing is increasing very fast, as it provides many benefits like, performing large-scale computations on outsourced servers. Most of the Mobile Apps are Web Services store the personal data of the Users on remote data center servers.

Image: Chelsea Turner, MIT

These Personal data include photos, social media profiles, email addresses, and even fitness data from wearable devices. Many services are using this data in various ways. They aggregate personal data of many users available on a server to gain many insights and they use it for advertising.

Currently the users are not having control to allow or prevent such usage. To solve this issue, the researchers have come with a platform, called Riverbed, that forces data center servers to only use data in ways that users explicitly approve.

In Riverbed, a user’s web browser or smartphone app does not communicate with the cloud directly. Instead, a Riverbed proxy runs on a user’s device to mediate communication. When the service tries to upload user data to a remote service, the proxy tags the data with a set of permissible uses for their data, called a “policy.”

Users can select any number of predefined restrictions — such as, “do not store my data on persistent storage” or “my data may only be shared with the external service x.com.” The proxy tags all the data with the selected policy.

In the datacenter, Riverbed assigns the uploaded data to an isolated cluster of software components, with each cluster processing only data tagged with the same policies. For example, one cluster may contain data that can’t be shared with other services, while another may hold data that can’t be written to disk. Riverbed monitors the server-side code to ensure it adheres to a user’s policies. If it doesn’t, Riverbed terminates the service.

This New platform will be useful only if many people are adopting it. Social media discussions are reflecting this fact.

I like the direction its going but it sounds really complicated and requires a lot of installation and integration on the part of services. I can see such a thing working only if its government mandated.

In the end though, information leaking is unidirectional – there’s nothing stopping anyone from legitimately accessing data and then sharing it openly, to which the cat will be out of the bag. This is the same information theory problem of DRM. Maybe we need some kind of zero knowledge proof system for consumer data?

carrotcypher, Reddit User

News Source: MIT News

Author: Rajamanickam

Rajamanickam is the Founder of QualityPoint Technologies which runs this RtoZ.org News Site.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.