Context-Aware Privacy-Optimizing Address Tracing
- 1 September 2021
- conference paper
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
Abstract
Application tuning requires a coordinated effort across hardware and software to achieve optimized application performance. Execution traces offer unique insights into a program’s behavior over real inputs and serve as an invaluable resource for hardware and software engineers during the co-optimization process. Unfortunately, these traces are rarely shared between technology partners because even the simplest address traces gathered from applications that utilize private data can divulge sensitive information. Developers must choose between sharing accurate and precise execution information that will lead to the best co-optimization results while protecting sensitive data. This is the fundamental tradeoff between utility and privacy in the context of program traces.Concurrently, global policy is moving in favor of providing users with privacy protections. As a field, we must develop tools, mechanisms, and primitives to uphold these regulatory protections. In this work, we utilize the leading industry standard: the LINDDUN privacy threat modeling method, to model the threats to privacy of traces. We leverage advances in information flow tracking techniques and LINDDUN’s mitigation strategies to prevent inadvertent leakage of information. We introduce multiple classes of privacy-enhancing tracing techniques that allow context-aware differentiation of what information should remain in the trace and in what amounts based on annotations of private user input. To explore how meaningful the privatized traces are, we compare cache simulation and prefetching properties. This new approach leaks as few as zero bits of sensitive information and has an order of magnitude better utility than prior work.Keywords
This publication has 47 references indexed in Scilit:
- TaintEraserACM SIGOPS Operating Systems Review, 2011
- Complete information flow tracking from the gates upACM SIGPLAN Notices, 2009
- Flexible Hardware Acceleration for Instruction-Grain Program MonitoringACM SIGARCH Computer Architecture News, 2008
- Quantitative information flow as network flow capacityACM SIGPLAN Notices, 2008
- Better bug reporting with better privacyACM SIGOPS Operating Systems Review, 2008
- RakshaACM SIGARCH Computer Architecture News, 2007
- VigilanteACM SIGOPS Operating Systems Review, 2005
- PinACM SIGPLAN Notices, 2005
- Secure program execution via dynamic information flow trackingACM SIGPLAN Notices, 2004
- Certification of programs for secure information flowCommunications of the ACM, 1977