Riverbed - Enforcing User-defined Privacy Constraints in Distributed Web Services
Offered By: USENIX via YouTube
Course Description
Overview
Explore a presentation from NSDI '19 on Riverbed, a groundbreaking framework for creating privacy-conscious web services. Learn how users can define restrictions on sensitive data processing and storage using a simple policy language. Discover the role of the transparent Riverbed proxy in mediating between front-end clients and back-end servers, and understand the remote attestation process that ensures server code compliance with user policies. Delve into the concept of universes, which allow Riverbed to work seamlessly with legacy software without requiring developers to navigate complex security lattices or manually label code. Examine the framework's performance impact, with experimental results showing minimal slowdowns for real-world applications. Gain insights into user-defined policies, remote attestation, and the innovative approach to enforcing privacy constraints in distributed web services.
Syllabus
Introduction
The Problem
The Goal
UserDefined Policies
Millennials
Alice Bob
Remote attestation
Recap
Experimental Results
Memory Pressure
Conclusion
Taught by
USENIX
Related Courses
Exploring Modern and Secure Operations of Kubernetes Clusters on the EdgeOpen Data Science via YouTube Using the Observer Effect and Cyber Feng Shui - Jacob Torrey
Hack In The Box Security Conference via YouTube OAT - Attesting Operation Integrity of Embedded Devices
IEEE via YouTube The Remote Working Security Conundrum - What Is Reasonably Secure Anyway?
USENIX via YouTube Using TPMs to Cryptographically Verify Devices at Scale
Linux Foundation via YouTube