1st USENIX Workshop on Hot Topics in Security
Pp. 4550 of the Proceedings
Privacy as an Operating System Service
Sotiris Ioannidis, Stevens Institute of Technology; Stelios Sidiroglou and Angelos D. Keromytis, Columbia University
The issue of electronic privacy has of late attracted considerable
attention. The proliferation of Internet services
and, perhaps unavoidably, Internet crime, in conjunction
with expanded government monitoring of communications
has caused irreparable damage to the basic definition
of privacy (the state or condition of being free from
Implementing privacy in personal computer systems
has traditionally been the domain of the paranoid computer
specialist. In order for basic privacy to become pervasive
among the non-technical user base, we believe that
it must imitate the usage of other successful security (and
other) services. Services like filesystem encryption, email
and web security are successful because they are invisible
to the user. Other services (not related to security)
such as backups, networking, file searching, etc., also gain
traction by being well integrated with the user's operating
environment. In most cases, this means embedding such
services in the OS.
In this work, we propose a new paradigm for implementing
privacy, as an operating system service. We believe
that privacy, similarly to other security services, is a
service that has cross-application appeal and must therefore
be centrally positioned.
- View the full text of this paper in PDF.
Until July 2007, you will need your USENIX membership identification in order to access the full papers. The Proceedings are published as a collective work, © 2006 by the USENIX Association. All Rights Reserved. Rights to individual papers remain with the author or the author's employer. Permission is granted for the noncommercial reproduction of the complete work for educational or research purposes. USENIX acknowledges all trademarks within this paper.
- If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.