Articles‎ > ‎

Data privacy for online transactions

posted 13 Mar 2010, 12:20 by Atharva Inamdar   [ updated 17 Apr 2010, 16:22 ]

Recently, I had to write a executive summary. This wasn't any ordinary  executive summary, it was slightly modified to include an argument. Something I had to argue for or against. Ask a question and answer it using the material from a single paper. 

 When googling for a suitable technical paper, I came across Google Research. A place where google hosts all its research publications. Papers written by google engineers and philosophers, this also includes a section called Tech Talks, where outside speakers are invited to Google to talk about a particular subject. I found an interesting paper titled: "Choose the red pill and the blue pill". Wondering how "The Matrix" was connected to research at google, I opened it and found out that it was actually related to online security. mainly transactions of any kind. A position paper laying out the thoughts and proposal of Google engineer Ben Laurie and Abe Singer of California Intitute of Technology.

In this paper they state that having secure protocols is not enough for security and data privacy. Today's general purpose operating system isn't good for security at all. Infact, the OS is the biggest weakness. But to rewrite a secure OS is out of the question as it will reduce the functionality of a system. Ben Laurie and Abe Singer propose a complimentary device running a secure OS to authenticate and authorise any transactions made on a general purpose system (insecure client). 

I have summarised this paper here. You can download the original paper below.

Atharva Inamdar,
17 Apr 2010, 16:21