February 21, 2014, 7:28 PM — Think about it: Who should be allowed to see photos of you drunk?
Now: Who should be able to see your "very drunk" pictures?
Enterprises have had sophisticated access-control tools for a long time. Researchers at Carnegie Mellon University and the University of North Carolina have now developed a way to apply fine-grained controls to the most sensitive data of all: your personal stuff.
The system, called Penumbra, is based on software that runs in the file system. Penumbra lets consumers apply tags to their content and set policies about who can access files based on those tags. The policies can also use automatically generated tags, such as those based on face recognition. The researchers' prototype system ran on a set of Linux desktops on a LAN, but it could also be implemented across tablets, smartphones and other devices. And the sweet spot for Penumbra could be cloud-based storage services.
In the past, controlling who saw a private photo or letter was relatively simple. Digital media and the Internet changed all that, said Carnegie Mellon graduate student Michelle Mazurek, who gave a presentation on Penumbra to the Usenix FAST conference this week in Santa Clara, California.
"The traditional physical and social boundaries for access control are really failing," Mazurek said. Consumers have content spread across multiple devices and online repositories, such as Web mail, photo sites and social-networking platforms. Instead of simply keeping an embarrassing photo in a drawer, users now have to understand multiple technologies and know how to use them.
"All of us .... are basically all our own access control administrators," Mazurek said. That job is hard even for IT administrators, let alone for consumers. When they try it and fail, things can get ugly. Along with the danger of employers and college admissions offices finding files that reflect poorly on applicants, Mazurek cited reports about a girl in the Netherlands who sent her Facebook friends a birthday party invitation without controlling who could receive it. About 30,000 people ultimately got the invitation, leading to a mob of 3,000 and a riot in which six people were injured.
The Carnegie Mellon researchers wanted to develop access controls that were easy to use and understand. They designed Penumbra to let consumers set up controls that match the way they organize and describe their own content. Rather than presenting users with predefined categories and rules, Penumbra gives them the flexibility to define whatever policies they like based on everyday terms, she said.
"The idea here is that we want to minimize the mismatch between the intended policy -- what the user thought of -- and the actual specified policy," Mazurek said.