Projects
Final projects should seek to answer a research question through implementation of a new idea in a real system. This could take one of several forms:
- Prototype a new, privacy-centered system design.
- Apply a privacy-enhancing or privacy-preserving technique in an existing system, and measure its impact.
- Conduct a study of privacy risks and deficiencies in existing software, and analyze what it would take to address them.
You may work on projects individually, or in groups of two to three students. Your project deliverables include a proposal, a progress report and poster presentation, a final paper describing design and implementation, your code, and a presentation I will post the final presentation and writeup to the course website (unless you explicitly want it kept confidential for a good reason).
Important dates
- October 10, 2019: submit your project proposal (by 11pm).
- November 14, 2019: project conference, at which you present your progress.
- December 9, 2019: submit your code and final report.
- December 12, 2019: presentation and demo.
Project proposal
Please use the OSDI 2018 submission template. Your proposal should be a one-page summary of what your idea is, how you plan to go about investigating it, and what techniques you will apply (or need to learn about beyond the course material).
Project ideas
Here's a list of some starter ideas to get you thinking. Please feel free to pursue your own ideas!
- Implement GDPR compliance by construction in Noria.
- Write a GDPR-compliant subject access and erasure tool for HotCRP or the class submission system.
- Add support for GDPR Subject Access Requests (SARs) and data deletion requests to another open-source web application.
- Design a language for machine-readable privacy policies, and write a compiler that generates RPC code that enforces the policy (e.g., by modifying GRPC).
- Build a multiverse database extension for MySQL or PostgreSQL (perhaps using the Postgres extension API).
- Investigate and map Bluetooth Beacons in Providence; develop a spoofing utility that makes users untraceable.
- Design and implement a GDPR-compliant blockchain.
- Investigate provable GDPR compliance for a simple storage system (e.g., a key-value store).
- Check out the ideas for decentralized application projects from MIT's 6.S974.