Tracking User Activity While Safeguarding Data From Attackers

Author

Justin Dahmubed, San Jose State University

Publication Date

Spring 2016

Degree Type

Master's Project

Degree Name

Master of Science (MS)

Department

Computer Science

First Advisor

Thomas H. Austin

Second Advisor

Robert Chun

Third Advisor

Ron Mak

Keywords

User Tracking Data Encryption

Abstract

Companies constantly look for ways to better understand customer activity on their websites. Website owners may want to be able to analyze customer activity without having to concern themselves with a government agency forcing them to reveal their information. Multiple analytical tools have been created, most notably Google Analytics.

In my thesis, I demonstrate how analytics data can be stored so that only the site owners can view the data about their customers. With my design, even the analytics site itself cannot decrypt the data after a given window of time has elapsed. The novel aspect of my design is that the analytical data can be securely stored and be protected against a government agency forcing the analytical site to release the data of all users. Tracking data is encrypted with a symmetric key that is then encrypted with a public key. The symmetric key expires after a short period of time prior to being stored in the database. After that window has elapsed, the key is no longer available. Only the website owners have access to the private key for a lengthy period of time that allows them to go back and view the data.

Recommended Citation

Dahmubed, Justin, "Tracking User Activity While Safeguarding Data From Attackers" (2016). Master's Projects. 477.
DOI: https://doi.org/10.31979/etd.2rhu-v8xv
https://scholarworks.sjsu.edu/etd_projects/477