Data Confidentiality Workshop
Home Workshop Agenda Participants Travel Information

 

Contact

 

WORKSHOP ON DATA CONFIDENTIALITY

September 6-7, 2007 in Arlington, VA

White Paper & Bio

Data confidentiality is frequently a barrier for collaborative distributed applications, as frequently the data that an individual or an organization might contribute to a collaborative task is sensitive and cannot be easily shared. Privacy-preserving techniques that either transform the data or perform a cryptographic computation between parties can serve to enable collaborative applications despite these barriers. However, there are several remaining challenges in using such techniques in practice. The first is knowing when the privacy-preserving techniques have removed enough information. Though it may be easy to describe what information is revealed and what is kept secret by a particular scheme, the privacy value of confidential data is difficult to evaluate, as new ways to infer confidential information from seemingly innocuous data are demonstrated all the time. Another question is verifying the validity of shared data -- always a difficult question, but made more difficult by the fact that the data is obfuscated or perhaps not shared at all. Finally, privacy-preserving techniques by necessity remove some patterns from the data, and hence an important question is how to ensure that the data still remain useful for a particular application. Our understanding of both the privacy constraints on shared data and the functionality needs of applications will evolve with both developments in technology and changing social values. The research challenge is to develop privacy-preserving techniques that can adapt to an evolving set of constraints on privacy and functionality, and at the same time provide a way to guarantee integrity. A broader challenge, both for the research community and for industry, is broader deployment of privacy-preserving techniques and other privacy enhancing technologies in business. Recent history is replete of examples of data disclosures that resulted from lost computers, stolen media, compromised servers, or insider attacks. These disclosures show that internal policies for safeguarding data are not sufficient without a technical backing, and that privacy enhancing technologies can be useful within an organization, rather than among mutually distrusting parties. They can be used to create a need-to-know data environment, mitigating the effects of a loss or compromise of computers.

Nikita Borisov

University of Illinois

 

Biographical Data

Nikita Borisov is an Assistant Professor at the University of Illinois at Urbana-Champaign. He received his Ph.D. from U.C. Berkeley in 2005. His research interests are in the are of privacy enhancing technologies, including anonymous communication and privacy-preserving distributed collaborative applications. Prof. Borisov serves as program co-chair of the Privacy Enhancing Technologies Symposium in 2007 and 2008.