Abstract
The Data Track is a transparency-enhancing tool that aims to educate users by providing them with an overview of all their data disclosures. In this paper, we describe a cryptographic scheme for storing all data disclosures tracked by the Data Track centrally in the cloud in a privacy-friendly way. Our scheme allows users to store their data anonymously, while keeping the cloud provider accountable with regard to the integrity of the data. Furthermore, we introduce a separation of concerns for the different components of the Data Track, well suited for tracking data disclosures from semi-trusted devices that may become compromised. We provide an informal evaluation of our scheme and briefly describe a proof of concept implementation.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
The Legion of the Bouncy Castle, http://bouncycastle.org/ , (accessed June 5, 2012)
Commission proposes a comprehensive reform of the data protection rules (January 2012), http://ec.europa.eu/justice/newsroom/data-protection/news/120125_en.htm (accessed April 24, 2012)
Directive 95/46/EC of the European Parliament and of the Council of 24, on the protection of individuals with regard to the processing of personal data and on the free movement of such data (23111995) (October 1995)
Bellare, M., Boldyreva, A., Desai, A., Pointcheval, D.: Key-Privacy in Public-Key Encryption. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 203–211. Springer, Heidelberg (2001)
Bellare, M., Desai, A., Pointcheval, D., Rogaway, P.: Relations among Notions of Security for Public-Key Encryption Schemes. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 26–45. Springer, Heidelberg (1998)
Bichsel, P., Camenisch, J., Preiss, F.-S.: A comprehensive framework enabling data-minimizing authentication. In: Proceedings of the 7th ACM Workshop on Digital Identity Management, DIM 2011, pp. 13–22. ACM Press, New York (2011), http://doi.acm.org/10.1145/2046642.2046647
Byun, J.W., Rhee, H.S., Park, H.-A., Lee, D.-H.: Off-Line Keyword Guessing Attacks on Recent Keyword Search Schemes over Encrypted Data. In: Jonker, W., Petković, M. (eds.) SDM 2006. LNCS, vol. 4165, pp. 75–83. Springer, Heidelberg (2006)
Camenisch, J., Van Herreweghen, E.: Design and implementation of the idemix anonymous credential system. In: Atluri, V. (ed.) ACM Conference on Computer and Communications Security, pp. 21–30. ACM (2002)
Camenisch, J., Leenes, R., Sommer, D. (eds.): PRIME – Privacy and Identity Management for Europe. LNCS, vol. 6545. Springer, Berlin (2011)
Camenisch, J.L., Lysyanskaya, A.: An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001)
Camenisch, J., Lysyanskaya, A.: Signature Schemes and Anonymous Credentials from Bilinear Maps. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 56–72. Springer, Heidelberg (2004)
Chang, F., Dean, J., Ghemawat, S., Hsieh, W.C., Wallach, D.A., Burrows, M., Chandra, T., Fikes, A., Gruber, R.E.: Bigtable: a distributed storage system for structured data. In: Proceedings of the 7th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2006, vol. 7, pp. 15–15. USENIX Association, Berkeley (2006)
Crosby, S.A., Wallach, D.S.: Efficient data structures for tamper-evident logging. In: USENIX Security Symposium, pp. 317–334. USENIX Association (2009)
Crosby, S.A.: Efficient tamper-evident data structures for untrusted servers. Ph.D. thesis, Houston, TX, USA (2010), aAI3421155
Danezis, G., Clayton, R.: Introducing traffic analysis. In: Attacks, Defences and Public Policy Issues. CRC Press (2007)
EUR-Lex - Access to European Union law (2012), http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:32006L0024:EN:NOT (accessed May 14, 2012)
Fischer-Hübner, S., Hedbom, H., Wästlund, E.: Trust and assurance hci. In: Camenisch, J., Fischer-Hübner, S., Rannenberg, K. (eds.) Privacy and Identity Management for Life, pp. 245–260. Springer, Heidelberg (2011)
Harnik, D., Pinkas, B., Shulman-Peleg, A.: Side channels in cloud services: Deduplication in cloud storage. IEEE Security & Privacy 8(6), 40–47 (2010)
IBM Research – Zurich: Specification of the identity mixer cryptographic library – version 2.3.4 (2012), https://prime.inf.tu-dresden.de/idemix/
Kamara, S., Lauter, K.: Cryptographic Cloud Storage. In: Sion, R., Curtmola, R., Dietrich, S., Kiayias, A., Miret, J.M., Sako, K., Sebé, F. (eds.) RLCPS, WECSR, and WLC 2010. LNCS, vol. 6054, pp. 136–149. Springer, Heidelberg (2010)
Kamara, S., Papamanthou, C., Roeder, T.: CS2: A semantic cryptographic cloud storage system. Tech. Rep. MSR-TR-2011-58, Microsoft Technical Report (May 2011), http://research.microsoft.com/apps/pubs/?id=148632
Pfitzmann, A., Hansen, M.: A terminology for talking about privacy by data minimization: Anonymyity, unlinkability, undetectability, unobservability, pseudonymity, and identity management (August 2010)
Popa, R.A., Lorch, J.R., Molnar, D., Wang, H.J., Zhuang, L.: Enabling security in cloud storage slas with cloudproof. In: Proceedings of the 2011 USENIX Conference on USENIX Annual Technical Conference, USENIXATC 2011, pp. 31–31. USENIX Association, Berkeley (2011)
PrimeLife WP4.2: End User Transparency Tools: UI Prototypes. In: Wästlund, E., Fischer-Hübner, S. (eds.) PrimeLife Deliverable D4.2.2. PrimeLife (June 2010), http://www.PrimeLife.eu/results/documents
Pulls, T. (More) Side Channels in Cloud Storage. In: Camenisch, J., Crispo, B., Fischer-Hübner, S., Leenes, R., Russello, G. (eds.) Privacy and Identity 2011. IFIP AICT, vol. 375, pp. 102–115. Springer, Heidelberg (2012)
Shen, E., Shi, E., Waters, B.: Predicate Privacy in Encryption Systems. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 457–473. Springer, Heidelberg (2009)
Slamanig, D.: Efficient Schemes for Anonymous Yet Authorized and Bounded Use of Cloud Resources. In: Miri, A., Vaudenay, S. (eds.) SAC 2011. LNCS, vol. 7118, pp. 73–91. Springer, Heidelberg (2012)
Soghoian, C.: Caught in the cloud: Privacy, encryption, and government back doors in the Web 2.0 era. Journal on Telecommunications and High Technology Law 8(2), 359–424 (2010)
Sommer, D., Mont, M.C., Pearson, S.: Prime architecture v3 (July 2008), https://www.prime-project.eu/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Pulls, T. (2012). Privacy-Friendly Cloud Storage for the Data Track. In: Jøsang, A., Carlsson, B. (eds) Secure IT Systems. NordSec 2012. Lecture Notes in Computer Science, vol 7617. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-34210-3_16
Download citation
DOI: https://doi.org/10.1007/978-3-642-34210-3_16
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-34209-7
Online ISBN: 978-3-642-34210-3
eBook Packages: Computer ScienceComputer Science (R0)