-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathabstract.tex
25 lines (24 loc) · 1.07 KB
/
abstract.tex
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Web services like Google, Facebook, and Dropbox
are a regular part of users' lives. However,
using these applications can cause sensitive data
leakage both on the server and client.
On the server-side, applications collect and analyze
sensitive user data to monetize it. Consequently,
this sensitive data can leak through data breaches
or can be accessed by malicious service providers.
On the client, when a user accesses a web service
through the browser, sensitive user information
may leak outside of the browser,
e.g., to DNS interfaces or the swap space.
An attacker who accesses the user
device after a session has terminated can view
this information.
This dissertation presents two practical,
secure systems, Veil and Splinter, that
prevent some of this data leakage. Veil minimizes
client-side information leakage from the browser by allowing
web application developers to enforce stronger private browsing
semantics without browser support. Splinter
allows the server to properly respond to a user
query without the server learning any sensitive
information present in the query.