The unintentional misuse of data by authorized persons is a growing concern as more and more private information moves online. The HTTP with Accountability protocol under development at the Massachusetts Institute of Technology's Computer Science and Artificial Intelligence Laboratory is designed to automatically track the transmission of private data and enable the data owner to see how it is used online.
With the protocol, every item of private data would be assigned an individual uniform resource identifier (URI). Remote Web server access would be controlled via passwords and encryption, but each time the server transmits an item of sensitive data, it also would send a description of the data's usage restrictions and log the transaction using only the URI in a network of encrypted, special-purpose servers.
This network is where most of the work would transpire, as a data owner's audit request causes the servers to work through the chain of derivations, identifying everyone who has accessed the data and how they have used it. Transaction logs are distributed among the servers using distributed hash tables, and redundant retention of data on multiple servers both guarantees data accessibility if some servers go down and provides a way of learning whether log tampering has been attempted and by whom.
From MIT News
View Full Article
Abstracts Copyright © 2014 Information Inc., Bethesda, Maryland, USA
No entries found