Resilient, Secure and Robust Data Storage in Internet Applications
Large-scale privacy and trust problems with today’s centralized systems, and increased privacy regulations under the form of the GDPR, calls for a radical changes in data ownership. These privacy issues are especially apparent on the World Wide Web, where large internet corporations and secret services frequently invade the privacy of their users or citizens. To warrant the privacy of its users, applications on the web should shift from the classical centralized client-server model to a decentralized model, where users can regain control over their data and personal information. However moving data from centralized infrastructure to a decentralized context poses many security risks. Data controlled by other parties is by no means guaranteed to be correct. Fraudulent parties may delete or manipulate data to their advantage. To safeguard the privacy and interests of the users, information stored in these distributed web applications should be protected by the appropriate control policies that can be enforced by the webapp, even in the presence of malicious users. To be able to enforce these control policies, users should be identified. An extra challenge in this distributed environment is the management of all these different identities, which may be spread over many nodes. Besides being secure, distributed web applications should be able to scale to a large number of users and nodes in the system. Scaling on its own is a hard problem, but providing robust scaling together with the aforementioned security requirements is a non-trivial task.