View PDF
Secure, easily-deployable, and holistic program that allows users to control personal data exposed to online service providers

To allow users to keep their expectation of privacy and enjoy the convenience of these free services, inventors at Georgia Tech have designed a secure, easily-deployable, and holistic solution called Very Good Privacy (VGP) that allows privacy-aware users to control their personal data exposed to OSPs (Online Service Providers). VPS’s framework-extension architecture can support multiple services at the same time. As a standalone program, it differentiates itself from browser-plugin solutions by providing better security guarantees without sacrificing usability. VGP is capable of preserving the user’s original workflow when interacting with their preferred online services. Finally, as a client-side solution, VGP is able to enforce the proper access control on users’ data without requiring modifications on the server side. Using VGP also reduces or eliminates dependency by the user on the OSP’s privacy solutions to protect personal data in a comprehensive manner.

Solution Advantages
  • Easy-to-use – Overcomes usability problems and/or server modifications of existing privacy solutions
  • Standalone – Ability to be used as a standalone program that provides better isolation than other products
  • Secure – Allows the provider or online entity to enhance the user’s confidence that the personal data will be not be compromised
  • Versatile – Improved image cipher allows privacy preserving photo and image sharing
Potential Commercial Applications
  • Online service providers
  • Enterprises or other entities that require users to go online for any of a variety of reasons
Background and More Information

The increased usage of online services such as Facebook, Twitter, Flickr and YouTube has resulted in the exploitation and abuse of personal user data by the services legitimately or by malevolent agents hacking into the services’ databases and acquiring user’s personal data illegitimately. Users’ ability to protect their data from abuse is limited by the various solutions that are offered by the service providers. These solutions tend to be ad-hoc in design/implementation and cannot prevent inadvertent leakage of personal data. This effect becomes more severe due to the use of various plug-in applications that users are required to install in order to use the service.

Improved Privacy: A Data Security Solution