TY - GEN
T1 - Neuralyzer
T2 - 6th ACM Conference on Data and Application Security and Privacy, CODASPY 2016
AU - Zarras, Apostolis
AU - Kohls, Katharina
AU - Dürmuth, Markus
AU - Pöpper, Christina
N1 - Publisher Copyright:
© 2016 ACM.
PY - 2016/3/9
Y1 - 2016/3/9
N2 - Once data is released to the Internet, there is little hope to successfully delete it, as it may have been duplicated, reposted, and archived in multiple places. This poses a significant threat to users' privacy and their right to permanently erase their very own data. One approach to control the implications on privacy is to assign a lifetime value to the published data and ensure that the data is no longer accessible after this point in time. However, such an approach suffers from the inability to successfully predict the right time when the data should vanish. Consequently, the author of the data can only estimate the correct time, which unfortunately can cause the premature or belated deletion of data. This paper tackles the problem of prefixed lifetimes in data deletion from a different angle and argues that alternative approaches are a desideratum for research. In our approach, we consider different criteria when data should be deleted, such as keeping data available as long as there is sufficient interest for it or untimely delete it in cases of excessive accesses. To assist the self-destruction of data, we propose a protocol and develop a prototype, called Neuralyzer, which leverages the caching mechanisms of the Domain Name System (DNS) to ensure the successful deletion of data. Our experimental results demonstrate that our approach can completely delete published data while at the same time achieving flexible expiration times varying from few days to several months depending on the users' interest.
AB - Once data is released to the Internet, there is little hope to successfully delete it, as it may have been duplicated, reposted, and archived in multiple places. This poses a significant threat to users' privacy and their right to permanently erase their very own data. One approach to control the implications on privacy is to assign a lifetime value to the published data and ensure that the data is no longer accessible after this point in time. However, such an approach suffers from the inability to successfully predict the right time when the data should vanish. Consequently, the author of the data can only estimate the correct time, which unfortunately can cause the premature or belated deletion of data. This paper tackles the problem of prefixed lifetimes in data deletion from a different angle and argues that alternative approaches are a desideratum for research. In our approach, we consider different criteria when data should be deleted, such as keeping data available as long as there is sufficient interest for it or untimely delete it in cases of excessive accesses. To assist the self-destruction of data, we propose a protocol and develop a prototype, called Neuralyzer, which leverages the caching mechanisms of the Domain Name System (DNS) to ensure the successful deletion of data. Our experimental results demonstrate that our approach can completely delete published data while at the same time achieving flexible expiration times varying from few days to several months depending on the users' interest.
UR - http://www.scopus.com/inward/record.url?scp=84964853930&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84964853930&partnerID=8YFLogxK
U2 - 10.1145/2857705.2857714
DO - 10.1145/2857705.2857714
M3 - Conference contribution
AN - SCOPUS:84964853930
T3 - CODASPY 2016 - Proceedings of the 6th ACM Conference on Data and Application Security and Privacy
SP - 14
EP - 25
BT - CODASPY 2016 - Proceedings of the 6th ACM Conference on Data and Application Security and Privacy
PB - Association for Computing Machinery, Inc
Y2 - 9 March 2016 through 11 March 2016
ER -