Search Icon
Register

VICEROY: GDPR-/CCPA-compliant Enforcement of Verifiable Accountless Consumer Requests

Yoshimichi Nakatsuka (University of California, Irvine)

GDPR and CCPA granted consumers various rights, including the right to access, modify, or delete any personal information collected by online services. During the process, services must authenticate the consumer and this is especially a challenge for users without accounts. To overcome this issue, we presented VICEROY at NDSS 2023. In this talk, we will be presenting the experimental efforts of VICEROY. The first section of the talk will provide a brief introduction of VICEROY and its design. Next, we will discuss the implementation and evaluation aspects of VICEROY and how the research community can benefit from it. Our talk will be especially focusing on: (1) the use of Solokey, a secure hardware token with open source firmware and bootloader, and (2) the challenges we faced during the end-to-end evaluation of VICEROY, including the server, browser extension, and the secure hardware token. Finally, we will conclude the talk with future directions for VICEROY.

Speaker’s Biography

Yoshimichi Nakatsuka is a Ph.D. candidate at the University of California, Irvine under the supervision of Professor Gene Tsudik. His main research interest lies in the intersection of Web security / privacy and Confidential Computing.

Slides

View More Papers

coucouArray ( [post_type] => ndss-paper [post_status] => publish [posts_per_page] => 4 [orderby] => rand [tax_query] => Array ( [0] => Array ( [taxonomy] => category [field] => id [terms] => Array ( [0] => 42 [1] => 66 ) ) ) [post__not_in] => Array ( [0] => 13871 ) )

Experimental Evaluation of a Binary-level Symbolic Analyzer for Spectre:...

Lesly-Ann Daniel (CEA List), Sébastien Bardin (CEA List, Université Paris-Saclay), Tamara Rezk (INRIA)

Read More

Security Awareness Training through Experiencing the Adversarial Mindset

Jens Christian Dalgaard, Niek A. Janssen, Oksana Kulyuk, Carsten Schurmann (IT University of Copenhagen)

Read More

Detecting DolphinAttacks Based on Microphone Array

Guoming Zhang, Xiaoyu Ji (Zhejiang University)

Read More

Augmented Reality’s Potential for Identifying and Mitigating Home Privacy...

Stefany Cruz (Northwestern University), Logan Danek (Northwestern University), Shinan Liu (University of Chicago), Christopher Kraemer (Georgia Institute of Technology), Zixin Wang (Zhejiang University), Nick Feamster (University of Chicago), Danny Yuxing Huang (New York University), Yaxing Yao (University of Maryland), Josiah Hester (Georgia Institute of Technology)

Read More

Privacy Starts with UI: Privacy Patterns and Designer Perspectives in UI/UX Practice

Anxhela Maloku (Technical University of Munich), Alexandra Klymenko (Technical University of Munich), Stephen Meisenbacher (Technical University of Munich), Florian Matthes (Technical University of Munich)

Vision: Profiling Human Attackers: Personality and Behavioral Patterns in Deceptive Multi-Stage CTF Challenges

Khalid Alasiri (School of Computing and Augmented Intelligence Arizona State University), Rakibul Hasan (School of Computing and Augmented Intelligence Arizona State University)

From Underground to Mainstream Marketplaces: Measuring AI-Enabled NSFW Deepfakes on Fiverr

Mohamed Moustafa Dawoud (University of California, Santa Cruz), Alejandro Cuevas (Princeton University), Ram Sundara Raman (University of California, Santa Cruz)