Lihi Idan
ABSTRACT
We consider the task of interorganizational data sharing, in which data owners, data clients, and data subjects have different and sometimes competing privacy concerns. One real-world scenario in which this problem arises is law-enforcement use of phone-call metadata: The data owner is a phone company, the data clients are law-enforcement agencies, and the data subjects are individuals who make phone calls. A key challenge in this type of scenario is that each organization uses its own set of proprietary intraorganizational attributes to describe the shared data; such attributes cannot be shared with other organizations. Moreover, data-access policies are determined by multiple parties and may be specified using attributes that are not directly comparable with the ones used by the owner to specify the data. We propose a system architecture and a suite of protocols that facilitate dynamic, efficient, and privacy-preserving interorganizational data sharing, while allowing each party to use its own set of proprietary attributes. We introduce the novel technique of Attribute-Based Encryption With Oblivious Attribute Translation (OTABE), which plays a crucial role in our solution and may be of independent interest.
- Joseph A. Akinyele, Christina Garman, Ian Miers, Matthew W. Pagano, Michael Rushanan, Matthew Green, and Aviel D. Rubin. 2013. Charm: a framework for rapidly prototyping cryptosystems. Journal of Cryptographic Engineering 3, 2 (2013), 111--128.Google Scholar
Cross Ref
- Joseph A. Akinyele, Matthew W. Pagano, Matthew D. Green, Christoph U. Lehmann, Zachary N. J. Peterson, and Aviel D. Rubin. 2011. Securing Electronic Medical Records Using Attribute-based Encryption on Mobile Devices. In 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices. 75--86.Google Scholar
- Giuseppe Ateniese, Kevin Fu, Matthew Green, and Susan Hohenberger. 2005. Improved Proxy Re-Encryption Schemes with Applications to Secure Distributed Storage. In 12th Network and Distributed System Security Symposium. 29--43.Google Scholar
- Nuttapong Attrapadung, Benoît Libert, and Elie de Panafieu. 2011. Expressive Key-Policy Attribute-Based Encryption with Constant-Size Ciphertexts. In 14th International Conference on Practice and Theory in Public-Key Cryptography. Springer LNCS volume 6571, 90--108.Google Scholar
- Tara Siegel Bernard, Tiffany Hsu, Nicole Perlroth, and Ron Lieber. 2017. Equifax Says Cyberattack May Have Affected 143 Million in the U.S. The New York Times (Sept. 7, 2017).Google Scholar
- John Bethencourt, Amit Sahai, and Brent Waters. 2007. Ciphertext-Policy Attribute-Based Encryption. In 28th IEEE Symposium on Security and Privacy. 321--334.Google Scholar
- Matt Blaze, Gerrit Bleumer, and Martin Strauss. 1998. Divertible Protocols and Atomic Proxy Cryptography. In 17th EUROCRYPT. Springer LNCS volume 1403, 127--144.Google Scholar
- Dan Boneh, Giovanni Di Crescenzo, Rafail Ostrovsky, and Giuseppe Persiano. 2004. Public-Key Encryption with Keyword Search. In 23rd EUROCRYPT. Springer LNCS volume 3027, 506--522.Google Scholar
- Dan Boneh, Xuhua Ding, Gene Tsudik, and Chi-Ming Wong. 2001. A Method for Fast Revocation of Public Key Certificates and Security Capabilities. In 10th USENIX Security Symposium. 22--22.Google Scholar
- Melissa Chase. 2007. Multi-authority Attribute Based Encryption. In 4th Theory of Cryptography Conference. Springer LNCS volume 4392, 515--534.Google Scholar
- Nathan Chenette, Kevin Lewi, Stephen A. Weiss, and David J. Wu. 2016. Practical Order-Revealing Encryption with Limited Leakage. In 23rd International Conference on Fast Sofware Encryption. Springer LNCS volume 9783, 474--493.Google Scholar
- Sabrina De Capitani di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi, and Pierangela Samarati. 2011. Private Data Indexes for Selective Access to Outsourced Data. In 10th ACM Workshop on Privacy in the Electronic Society. 69--80.Google ScholarDigital Library
- Xin Dong, Jiadi Yu, Yuan Luo, Yingying Chen, Guangtao Xue, and Minglu Li. 2013. Achieving an Effective, Scalable and Privacy-preserving Data Sharing Service in Cloud Computing. Computers and Security 42 (2013), 151--164.Google ScholarCross Ref
- ECPA 1986. Electronic Communications Privacy Act, Public law 99--508. https: //it.ojp.gov/PrivacyLiberty/authorities/statutes/1285.Google Scholar
- Benjamin Fabian, Tatiana Ermakova, and Philipp Junghanns. 2015. Collaborative and secure sharing of healthcare data in multi-clouds. Information Systems 48 (2015), 132--150.Google ScholarDigital Library
- FCRA 1970. Fair Credit Reporting Act, Public law 91--508. https://www.consumer. ftc.gov/articles/pdf-0111-fair-credit-reporting-act.pdf.Google Scholar
- Federal Trade Commission. 2017. Equifax Data Breach Settlement. https://www.ftc.gov/enforcement/cases-proceedings/refunds/equifax-databreach-settlement.Google Scholar
- Jonathan Frankle, Sunoo Park, Daniel Shaar, Shafi Goldwasser, and Daniel Weitzner. 2018. Practical Accountability of Secret Processes. In 27th USENIX Security Symposium. 657--674.Google Scholar
- David Froelicher, Patricia Egger, Joao Sa Sousa, Jean Louis Raisaro, Zhicong Huang, Christian Mouchet, Bryan Ford, and Jean-Pierre Hubaux. 2017. UnLynx: A Decentralized System for Privacy-Conscious Data Sharing. Proceedings on Privacy Enhancing Technologies 2017, 4 (2017), 232--250.Google ScholarCross Ref
- Vipul Goyal, Omkant Pandey, Amit Sahai, and Brent Waters. 2006. Attribute Based Encryption for Fine-Grained Access Control of Encrypted Data. In 13th ACM Conference on Computer and Communications Security. 89--98.Google Scholar
- Matthew Green and Giuseppe Ateniese. 2007. Identity-Based Proxy Reencryption. In 5th International Conference on Applied Cryptography and Network Security. Springer LNCS volume 4521, 288--306.Google Scholar
- Matthew Green, Susan Hohenberger, and Brent Waters. 2011. Outsourcing the Decryption of ABE Ciphertexts. In 20th USENIX Security Symposium. 523--538.Google Scholar
- Luan Ibraimi, Milan Petkovic, Svetla Nikova, Pieter H. Hartel, and Willem Jonker. 2009. Mediated Ciphertext-Policy Attribute-Based Encryption and Its Application. In 10th international conference on information security applications. 309--323.Google Scholar
- Lihi Idan and Joan Feigenbaum. 2020. PRShare: A Framework for Privacy-Preserving Interorganizational Data Sharing, Technical Report YALEU/DCS/TR1554. https://cpsc.yale.edu/sites/default/files/files/tr1554.pdf.Google Scholar
- Sushil Jajodia, Witold Litwin, and Thoms Schwarz. 2011. Privacy of Data Outsourced to a Cloud for Selected Readers through Client-Side Encryption. In 10th ACM Workshop on Privacy in the Electronic Society. 171--176.Google Scholar
- Seny Kamara. 2014. Restructuring the NSA Metadata Program. In 2nd Financial Cryptography Workshop on Applied Homomorphic Cryptography and Encrypted Computing. Springer LNCS volume 8438, 235--247.Google Scholar
- Joshua A. Kroll, Edward W. Felten, and Dan Boneh. 2014. Secure protocols for accountable warrant execution. https://www.cs.princeton.edu/~felten/warrantpaper.pdf.Google Scholar
- Allison Lewko, Tatsuaki Okamoto, Amit Sahai, Katsuyuki Takashima, and Brent Waters. 2010. Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner-Product Encryption. In 29th EUROCRYPT. Springer LNCS volume 6110, 62--91.Google Scholar
- Ming Li, Shucheng Yu, Kui Ren, and Wenjing Lou. 2010. Securing Personal Health Records in Cloud Computing: Patient-Centric and Fine-Grained Data Access Control in Multi-owner Settings. In 6th International ICST Conference on Security and Privacy in Communication Networks. Springer LNICST volume 50, 89--106.Google Scholar
- Xiaohui Liang, Zhenfu Cao, Huang Lin, and Jun Shao. 2009. Attribute based proxy re-encryption with delegating capabilities. In 4th ACM Symposium on Information, Computer, and Communications Security. 276--286.Google ScholarDigital Library
- Chang Liu, Xiao Shaun Wang, Kartik Nayak, Yang Huang, and Elaine Shi. 2015. ObliVM: A Programming Framework for Secure Computation. In 36th IEEE Symposium on Security and Privacy. 359--376.Google Scholar
- Xuefeng Liu, Yuqing Zhang, Boyang Wang, and Jingbo Yan. 2013. Mona: Secure Multi-Owner Data Sharing for Dynamic Groups in the Cloud. IEEE Transactions on Parallel and Distributed Systems 24, 6 (2013), 1182--1191.Google ScholarDigital Library
- Kartik Nayak, Xiao Shaun Wang, Stratis Ioannidis, Udi Weinsberg, Nina Taft, and Elaine Shi. 2015. GraphSC: Parallel Secure Computation Made Easy. In 36th IEEE Symposium on Security and Privacy. 377--394.Google Scholar
- Takashi Nishide, Kazuki Yoneyama, and Kazuo Ohta. 2008. Attribute-Based Encryption with Partially Hidden Encryptor-Specified Access Structures. In 6th International Conference on Applied Cryptography and Network Security. Springer LNCS volume 5037, 111--129.Google Scholar
- Rafail Ostrovsky, Amit Sahai, and Brent Waters. 2007. Attribute-Based Encryption with Non-Monotonic Access Structures. In 14th ACM Conference on Computer and Communications Security. 195--203.Google Scholar
- Raluca Popa, Catherine M. S. Redfield, Nickolai Zeldovich, and Hari Balakrishnan. 2011. CryptDB: Protecting Confidentiality with Encrypted Query Processing. In 23rd ACM Symposium on Operating Systems Principles. 85--100.Google ScholarDigital Library
- Yogachandran Rahulamathavan, Raphael C.-W. Phan, Muttukrishnan Rajarajan, Sudip Misra, and Ahmet Kondoz. 2017. Privacy-preserving blockchain based IoT ecosystem using attribute-based encryption. In 11th IEEE International Conference on Advanced Networks and Telecommunications Systems.Google ScholarCross Ref
- Yannis Rouselakis and Brent Waters. 2013. Practical constructions and new proof methods for large universe attribute-based encryption. In 20th ACM Conference on Computer and Communications Security. 463--474.Google ScholarDigital Library
- Amit Sahai, Hakan Seyalioglu, and Brent Waters. 2012. Dynamic Credentials and Ciphertext Delegation for Attribute-Based Encryption. In 32nd CRYPTO. Springer LNCS volume 7417, 199--217.Google Scholar
- Amit Sahai and Brent Waters. 2005. Fuzzy Identity-Based Encryption. In 24th EUROCRYPT. Springer LNCS volume 3494, 457--473.Google Scholar
- Aaron Segal, Joan Feigenbaum, and Bryan Ford. 2016. Open, privacy-preserving protocols for lawful surveillance. CoRR abs/1607.03659 (2016). http://arxiv.org/ abs/1607.03659Google Scholar
- Aaron Segal, Joan Feigenbaum, and Bryan Ford. 2016. Privacy-Preserving Lawful Contact Chaining [Preliminary Report]. In 15th ACM Workshop on Privacy in the Electronic Society. 185--188.Google Scholar
- Dhinakaran Vinayagamurthy, Alexey Gribov, and Sergey Gorbunov. 2019. StealthDB: a Scalable Encrypted Database with Full SQL Query Support. Proceedings on Privacy Enhancing Technologies 2019, 3 (2019), 370--388.Google ScholarCross Ref
- Guojun Wang, Qin Liu, and Jie Wu. 2010. Hierarchical Attribute-based Encryption for Fine-grained Access Control in Cloud-Storage Services. In 17th ACM Conference on Computer and Communications Security. 735--737.Google Scholar
- Xuanxia Yao, Zhi Chen, and Ye Tian. 2015. A lightweight attribute-based encryption scheme for the Internet of Things. Future Generation Computer Systems 49 (2015), 104--112.Google ScholarDigital Library
- Shucheng Yu, Cong Wang, Kui Ren, and Wenjing Lou. 2010. Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing. In 29th IEEE Conference on Computer Communications. 534--542.Google ScholarCross Ref
- Shucheng Yu, Cong Wang, Kui Ren, and Wenjing Lou. 2010. Attribute-based data sharing with attribute revocation. In 5th ACM Symposium on Information, Computer, and Communications Security. 261--270.Google ScholarDigital Library
Index Terms
- PRShare: A Framework for Privacy-Preserving, Interorganizational Data Sharing
Recommendations
PRShare: A Framework for Privacy-preserving, Interorganizational Data Sharing
We consider the task of interorganizational data sharing, in which data owners, data clients, and data subjects have different and sometimes competing privacy concerns. One real-world scenario in which this problem arises concerns law-enforcement use of ...
Secure attribute sharing of linked microdata
Two organizations that have records on the same collection of individuals can benefit from sharing attributes on these individuals. The combined data, with records linked on certain common identifying information, is termed linked microdata. Linked ...
An expressive and provably secure Ciphertext-Policy Attribute-Based Encryption
Ciphertext-Policy Attribute-Based Encryption (CP-ABE) allows to encrypt data under an access policy, specified as a logical combination of attributes. Such ciphertexts can be decrypted by anyone with a set of attributes that satisfy the access policy. ...
Comments