Large cloud computing services are generally run for multiple users. In a few cases, all the data processed by that service is public. In virtually all cases, users have an expectation that some of the information about them is kept private. Even if the data store itself is public, logs about access to that data are generally not. Keeping each person’s information separate is most simple in the primary data stores, where each object can easily have its own access control list. However, most cloud services cannot effectively run separate processing pipelines for each user, but rather must combine them. In this latest in a series of posts for Privacy Tech, Humu Chief Privacy Officer Lea Kissner discusses the value of an "access control list-aware" data processing model for processing data from multiple sources while maintaining user privacy.
If you want to comment on this post, you need to login.