Privacy, theory

Considerable research in the field has been focused on developing new technologies to enhance privacy; encryption of personal data is often presented as a potential solution. Many of the technologies resulting from this research are not being effectively utilized because of issues rooted in human judgment under risk and uncertainty. The majority of existing models and products related to human judgement are based on a limited number of documented incidents and on questionable assumptions about user intent and behavior.

Data structures have a prominent modern computational role, due to their wide applicability, such as in database querying, web searching, and social network analysis. This project focuses on the interplay of data structures with security protocols, examining two different paradigms: the security for data structures paradigm (SD) and the data structures for security paradigm (DS).

Many compelling applications involve computations that require sensitive data from two or more individuals. For example, as the cost of personal genome sequencing rapidly plummets many genetics applications will soon be within reach of individuals such as comparing one?s genome with the genomes of different groups of participants in a study to determine which treatment is likely to be most effective. Such comparisons could have tremendous value, but are currently infeasible because of the privacy concerns both for the individual and study participants.

Increasing cyber security depends on our ability to guarantee that the system will provide the expected functionality under normal circumstances as well as if the system is perturbed by some random events or security threats. Providing such guarantee is often complicated due to several factors such as changes in system requirements caused by user demands, exposure to a new threat model that was not considered (or not relevant) in the original design, or identifying bugs or vulnerabilities during a system life cycle.

In order to enable collaboration between different parties it is necessary that the partners reach an agreement on the policy rules that will govern their interaction. While state-of-the-art mechanisms will allow the parties to reconcile their polices, today's policy reconciliation protocols have two main shortcomings. First, they violate privacy since at least one of the parties is required to discloses all its information during the reconciliation process. Second, they generally lack fairness, i.e., the parties' preferences are not recognized.