Glimmers: Resolving the Privacy/Trust Quagmire
This addresses the privacy-trust dilemma for users and service providers, offering a pragmatic solution that is incremental by applying existing hardware in a novel context.
The paper tackles the conflict between privacy and trust in user-contributed services by proposing the Glimmer architecture, which uses client-side trustworthy hardware like Intel SGX to validate contributions without sacrificing user privacy, demonstrating its effectiveness across various cases.
Many successful services rely on trustworthy contributions from users. To establish that trust, such services often require access to privacy-sensitive information from users, thus creating a conflict between privacy and trust. Although it is likely impractical to expect both absolute privacy and trustworthiness at the same time, we argue that the current state of things, where individual privacy is usually sacrificed at the altar of trustworthy services, can be improved with a pragmatic $Glimmer$ $of$ $Trust$, which allows services to validate user contributions in a trustworthy way without forfeiting user privacy. We describe how trustworthy hardware such as Intel's SGX can be used client-side -- in contrast to much recent work exploring SGX in cloud services -- to realize the Glimmer architecture, and demonstrate how this realization is able to resolve the tension between privacy and trust in a variety of cases.