16,451 research outputs found
Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and Deployments
Decentralized systems are a subset of distributed systems where multiple
authorities control different components and no authority is fully trusted by
all. This implies that any component in a decentralized system is potentially
adversarial. We revise fifteen years of research on decentralization and
privacy, and provide an overview of key systems, as well as key insights for
designers of future systems. We show that decentralized designs can enhance
privacy, integrity, and availability but also require careful trade-offs in
terms of system complexity, properties provided, and degree of
decentralization. These trade-offs need to be understood and navigated by
designers. We argue that a combination of insights from cryptography,
distributed systems, and mechanism design, aligned with the development of
adequate incentives, are necessary to build scalable and successful
privacy-preserving decentralized systems
A Critical Look at Decentralized Personal Data Architectures
While the Internet was conceived as a decentralized network, the most widely
used web applications today tend toward centralization. Control increasingly
rests with centralized service providers who, as a consequence, have also
amassed unprecedented amounts of data about the behaviors and personalities of
individuals.
Developers, regulators, and consumer advocates have looked to alternative
decentralized architectures as the natural response to threats posed by these
centralized services. The result has been a great variety of solutions that
include personal data stores (PDS), infomediaries, Vendor Relationship
Management (VRM) systems, and federated and distributed social networks. And
yet, for all these efforts, decentralized personal data architectures have seen
little adoption.
This position paper attempts to account for these failures, challenging the
accepted wisdom in the web community on the feasibility and desirability of
these approaches. We start with a historical discussion of the development of
various categories of decentralized personal data architectures. Then we survey
the main ideas to illustrate the common themes among these efforts. We tease
apart the design characteristics of these systems from the social values that
they (are intended to) promote. We use this understanding to point out numerous
drawbacks of the decentralization paradigm, some inherent and others
incidental. We end with recommendations for designers of these systems for
working towards goals that are achievable, but perhaps more limited in scope
and ambition
WARP: A ICN architecture for social data
Social network companies maintain complete visibility and ownership of the
data they store. However users should be able to maintain full control over
their content. For this purpose, we propose WARP, an architecture based upon
Information-Centric Networking (ICN) designs, which expands the scope of the
ICN architecture beyond media distribution, to provide data control in social
networks. The benefit of our solution lies in the lightweight nature of the
protocol and in its layered design. With WARP, data distribution and access
policies are enforced on the user side. Data can still be replicated in an ICN
fashion but we introduce control channels, named \textit{thread updates}, which
ensures that the access to the data is always updated to the latest control
policy. WARP decentralizes the social network but still offers APIs so that
social network providers can build products and business models on top of WARP.
Social applications run directly on the user's device and store their data on
the user's \textit{butler} that takes care of encryption and distribution.
Moreover, users can still rely on third parties to have high-availability
without renouncing their privacy
- …