The Decoupling Privacy Framework
I came across a concept I liked. It’s a privacy framework called the “decoupling principle” and has potential to greatly improve online/cloud security, with the indirect benefit of improving diversity in the cloud (de-consolidation). Here is the paper that was published last year. The concept is not totally new, but this paper tries to organize and revive the ideas. https://conferences.sigcomm.org/hotnets/2022/papers/hotnets22_schmitt.pdf
Here are some excerpts:
- “…information should be divided architecturally and institutionally such that each entity has only the information they need to perform their relevant function.”
- “Architectural decoupling entails splitting functionality for different fundamental actions in a system.”
- “This decoupling makes service providers individually breach-proof, as they each have little or no sensitive data that can be lost to hackers.”
I see similarities with a cool project called SOLID (SOcial LInked Data), which I might post about later.