Giving users a handle on their data

Ning Zhang is developing a novel user privacy protection framework that will give users full privacy control over their data

Beth Miller 

McKelvey Engineering researcher to develop privacy protection framework

Everything we do on the internet creates data, from sending an email, doing a simple Google search or looking up directions. With numerous high-profile data breaches over the past few years and new government regulations such as General Data Protection Regulation (GDPR), both individual users and governments are becoming more concerned about who has access to their data and how they can protect it.

Ning Zhang, assistant professor of computer science & engineering at Washington University in St. Louis, is developing a novel user privacy protection framework that will give users full privacy control over their data. The framework, known as PrivacyGuard, will allow users to enforce that their data can only be used by programs they approve.

The work is funded by a four-year, collaborative, $1.2 million grant from the National Science Foundation. Zhang is collaborating with Wenjing Lou, the W. C. English Professor of Computer Science, and Thomas Hou, Bradley Distinguished Professor of Electrical and Computer Engineering, both at Virginia Polytechnic Institute and State University.

"Privacy is always contextual," said Zhang, who joined the McKelvey School of Engineering in 2018 after an 11-year career in cybersecurity at Raytheon.


"There are things that I would be comfortable releasing for a specific reason, such as releasing my genetic data for the sole purpose of conducting medical research, but not for any other applications. To enable control of such context, we not only need to specify who has access to our data, but also how they can access our data."

Zhang's PrivacyGuard would integrate two technologies: smart contracts, or computer programs, that are stored in blockchain, a public, digital ledger of transactions; and attested trust execution environment (TEE), a trusted, protected area within a processor. Ultimately, Zhang expects to integrate all research components of the work to develop and open-source framework prototype that could be used by individuals or industry.

"We hope to make this platform a transparent platform such that anybody who uses our data will have a nonrepudiable recording of what they have done that's backed by blockchain," he said. "We don't just want to say, 'Yes, you can use my data,' and your data is protected. We also want to say 'Yes, you can use my data,' but this is the way specifically you can use it inside this trust environment."

The McKelvey School of Engineering at Washington University in St. Louis promotes independent inquiry and education with an emphasis on scientific excellence, innovation and collaboration without boundaries. McKelvey Engineering has top-ranked research and graduate programs across departments, particularly in biomedical engineering, environmental engineering and computing, and has one of the most selective undergraduate programs in the country. With 165 full-time faculty, 1,420 undergraduate students, 1,614 graduate students and 21,000 living alumni, we are working to solve some of society’s greatest challenges; to prepare students to become leaders and innovate throughout their careers; and to be a catalyst of economic development for the St. Louis region and beyond.

Click on the topics below for more stories in those areas

Back to News