1 research outputs found
Collaborative Privacy for Web Applications
Real-time, online-editing web apps provide free and convenient services for
collaboratively editing, sharing and storing files. The benefits of these web
applications do not come for free: not only do service providers have full
access to the users' files, but they also control access, transmission, and
storage mechanisms for them. As a result, user data may be at risk of data
mining, third-party interception, or even manipulation. To combat this, we
propose a new system for helping to preserve the privacy of user data within
collaborative environments. There are several distinct challenges in producing
such a system, including developing an encryption mechanism that does not
interfere with the back-end (and often proprietary) control mechanisms utilized
by the service, and identifying transparent code hooks through which to
obfuscate user data. Toward the first challenge, we develop a character-level
encryption scheme that is more resilient to the types of attacks that plague
classical substitution ciphers. For the second challenge, we design a browser
extension that robustly demonstrates the feasibility of our approach, and show
a concrete implementation for Google Chrome and the widely-used Google Docs
platform. Our example tangibly demonstrates how several users with a shared key
can collaboratively and transparently edit a Google Docs document without
revealing the plaintext directly to Google.Comment: 14 pages, double column, 7 figure