Skip to contentSkip to site navigation
Computer Science
Completed Project

Aegis: A Smartphone Data Privacy Solution

Nick Weiner ’22, Jemma Brooker ’23, Ryan Hornby ’21, and Professor Jason Waterman (Computer Science)

Smartphones use privately generated data to make the applications we use more convenient. For example, Spotify uses listening history to generate suggestions for what to listen to next. Applications can also collect location, sensor, call history, and biometric data to give more personalized results. This convenience comes with a price - some of these applications collect data in unexpected ways, such as to create a profile for their users, to sell data, or to use it for targeted advertisements. Aegis is a proposed solution to prevent illicit use of private smartphone data. Aegis is a plugin for Flutter, a cross platform toolkit for Android and iOS applications, that serves as a runtime monitor for the use of private data. When data enters into Aegis, it is tagged with a privacy policy that controls access to the data. All computation is done inside the Aegis trusted execution environment and is checked in real-time for policy compliance. Applications never have direct access to the data unless the policy explicitly authorizes data to be released to the application. Policies are regular expressions that determine which operations are compliant. As operations are performed, both the data and policy react and transform accordingly. We have demonstrated the feasibility of Aegis by developing a location fetching application which anonymizes a location to a given radius bound.