Detailseite
Projekt Druckansicht

Datenschutzkonforme Verwaltung relationaler Datenbestände

Fachliche Zuordnung Sicherheit und Verlässlichkeit, Betriebs-, Kommunikations- und verteilte Systeme
Förderung Förderung von 2014 bis 2018
Projektkennung Deutsche Forschungsgemeinschaft (DFG) - Projektnummer 256809816
 
Erstellungsjahr 2019

Zusammenfassung der Projektergebnisse

Outsourcing of private data to service providers, aka. database as a service (DBaaS), is an important scenario in today’s economy and is gaining more and more importance. However, up to now, we are not aware of any fully satisfying approach that copes well with all secrecy requirements of all different scenarios. In this approach we target at the development of efficient approaches tailored to individual scenarios in contrast to a general approach. The core contributions of this project are: (1) fundamental contributions that helps developing tailored approaches in the context of DBaaS and (2) concrete solutions for outsourcing and querying OSN data. A secretization scheme for DBaaS have in general three distinctive procedures: (1) a secretization procedure sec, that transforms the original database db to a corresponding secretized database db by means of data transformations, (2) a query transformation procedure T , that translates a query q for db to a corresponding query q for db , and (3) a result construction procedure R, that constructs the final result of q for db from the result of q for db . The data transformations of an approach determine its secrecy, but also its query support and performance. Regarding the first category, we have shown how one can delimit the design alternatives of secrecy approaches in the context of DBaaS. Concretely, we specified two characteristics of the query transformation procedure T and the result construction procedure R, that can detect secrecy-effective data transformation, the ones that contribute to secrecy, from others. This characterization (a) allow us to detect the chosen design alternatives of an approach only by analyzing its procedures R and T and so its general weakness, without involving concrete data, (b) help us choosing the right data transformations for the right scenario, (c) help us exploring new secrecy-effective data transformations. Based on these findings we have developed FEAST a framework that (a) reduces the implementation effort for secrecy approaches in the context of DBaaS, (b) automates the execution of experiments, and (c) facilitates comparisons of secrecy approaches with different query support. Next, we have proposed the notion of distancepreserving encryption (DPE), having shown that our definition is exact and cannot be relaxed. Based of our DPE definition we developed DisPE, a general procedure for designing DPE implementations for given data types and distance functions. Regarding the second category of contributions, we addressed to main issues: (a) the flexibility of access policies and (b) the distrust of users toward the service providers. For the first issue, we propose and define the syntax and semantics of a new type of authorization, called mutual, which allows to model reciprocal behavior in the context of access control models. For the second issue, we consider two different scenarios. In the first scenario, the query performer is at the same time the data owner. In the second scenario we consider the case in which the query performer is not allowed to access the data needed to compute queries, however, he is allowed to access query results over the data. For both scenarios we developed tailored schemes with provable secrecy guarantees. Both approaches include a revocation feature and provide secrecy guarantees under collusion assumption, i.e., an adversary can collude with the service provider.

Projektbezogene Publikationen (Auswahl)

 
 

Zusatzinformationen

Textvergrößerung und Kontrastanpassung