Seminars

View all Seminars  |  Download ICal for this event

Orchestrating User-Centric Privacy Through Web Browsers

Series: Crypto talk

Speaker: Gayatri Priyadarshini Kancherla, Ph.D. student, Department of Computer Science and Engineering, IIT Gandhinagar, India

Date/Time: Jul 14 15:00:00

Location: CSA Auditorium, (Room No. 104, Ground Floor)

Abstract:
The modern web relies on browser-managed storage mechanisms to provide personalized and functional user experiences. Access to this data is governed by two key mechanisms: the webs origin-based security model, which determines who can access data, and user consent, which determines when data may be collected and used. While these mechanisms aim to balance the utility of the web with users privacy, their practical enforcement is often delegated to website developers, leading to important privacy challenges.
In this talk, I will present my research on strengthening privacy guarantees for browser-managed user data along these two dimensions. First, I will discuss browser-native mechanisms for enforcing least-privilege access to first-party storage, limiting unnecessary access by third-party scripts while preserving web functionality. Second, I will present empirical studies investigating the challenges developers face in implementing consent management and discuss how these challenges contribute to inconsistencies in respecting users consent preferences in practice.

Together, these works provide insights into the limitations of current web privacy mechanisms and highlight opportunities for designing more robust technical support for privacy on the web.

Speaker Bio:
Gayatri Priyadarsini Kancherla is a final-year Ph.D. candidate in the Department of Computer Science and Engineering at the Indian Institute of Technology Gandhinagar, advised by Prof. Abhishek Bichhawat. She has also been a Visiting Researcher at the Inria Center at Université Côte dAzur, France, and the Max Planck Institute for Security and Privacy (MPI-SP), Germany, during her PhD. Her research lies at the intersection of web security, privacy, and legal compliance. She combines browser systems, empirical measurements, and developer and user studies to design and evaluate practical privacy mechanisms that better align technical implementations with legal requirements and users privacy expectations.

Host Faculty: Prof. Arpita Patra