Lime: Data Lineage in the Malicious Environment

  • Michael Backes
  • Niklas Grimm
  • Aniket Kate
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8743)

Abstract

Intentional or unintentional leakage of confidential data is undoubtedly one of the most severe security threats that organizations face in the digital era. The threat now extends to our personal lives: a plethora of personal information is available to social networks and smartphone providers and is indirectly transferred to untrustworthy third party and fourth party applications. In this work, we present a generic data lineage framework Lime for data flow across multiple entities that take two characteristic, principal roles (i.e., owner and consumer). We define the exact security guarantees required by such a data lineage mechanism toward identification of a guilty entity, and identify the simplifying non-repudiation and honesty assumptions. We then develop a novel accountable data transfer protocol between two entities within a malicious environment by building upon oblivious transfer, robust watermarking, and signature primitives.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Chronology of data breaches, http://www.privacyrights.org/data-breach
  2. 2.
  3. 3.
    Adelsbach, A., Katzenbeisser, S., Sadeghi, A.-R.: A computational model for watermark robustness. In: Camenisch, J.L., Collberg, C.S., Johnson, N.F., Sallee, P. (eds.) IH 2006. LNCS, vol. 4437, pp. 145–160. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  4. 4.
    Backes, M., Grimm, N., Kate, A.: Lime: Data lineage in the malicious environment (2014), http://arxiv.org/abs/1408.1076
  5. 5.
    Mascher-Kampfer, A., Stögner, H., Uhl, A.: Multiple re-watermarking scenarios. In: IWSSIP, pp. 53–56 (2006)Google Scholar
  6. 6.
    Naor, M., Pinkas, B.: Efficient oblivious transfer protocols. In: SODA, pp. 448–457 (2001)Google Scholar
  7. 7.
    Papadimitriou, P., Garcia-Molina, H.: Data leakage detection. IEEE Transactions on Knowledge and Data Engineering, 51–63 (2011)Google Scholar
  8. 8.
    Pfitzmann, B., Waidner, M.: Asymmetric fingerprinting for larger collusions. In: CCS, pp. 151–160 (1997)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Michael Backes
    • 1
  • Niklas Grimm
    • 1
  • Aniket Kate
    • 1
  1. 1.Saarland UniversityGermany

Personalised recommendations