Skip to main content

Enforcing user privacy in web applications using Erlang

Papagiannis, Ioannis, Migliavacca, Matteo, Eyers, David M., Shand, Brian, Bacon, Jean, Pietzuch, Peter (2010) Enforcing user privacy in web applications using Erlang. In: W2SP 2010: Web 2.0 security and privacy 2010, May 20th, 2010, The Claremont Resort, Oakland, California. (Access to this publication is currently restricted. You may be able to access a copy if URLs are provided) (KAR id:31872)

Language: English

Restricted to Repository staff only
[thumbnail of 10-w2sp.pdf]
Official URL


Social networking applications on the web handle the personal data of a large number of concurrently

active users. These applications must comply with complex

privacy requirements, while achieving scalability and high

performance. Applying constraints to the ?ow of data through

such applications to enforce privacy policy is challenging

because individual components process data belonging to many

different users.

We introduce a practical approach for uniformly enforcing

privacy requirements in such applications using the actor-based

Erlang programming language. To isolate the personal data

of users, we exploit Erlang’s inexpensive process model and

use Erlang’s message passing mechanism to add policy checks.

We illustrate this approach by describing the architecture of

a privacy-preserving message dispatcher in a micro-blogging

service. Our performance evaluation of a prototype implementation shows that this approach can enforce ?ne-grained

privacy guarantees with a low performance overhead.

Item Type: Conference or workshop item (Paper)
Projects: [UNSPECIFIED] SmartFlow: Extendable Event-Based Middleware
Subjects: Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming,
Divisions: Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing
Depositing User: Matteo Migliavacca
Date Deposited: 23 Oct 2012 21:53 UTC
Last Modified: 16 Nov 2021 10:09 UTC
Resource URI: (The current URI for this page, for reference purposes)
Migliavacca, Matteo:
  • Depositors only (login required):