It Takes Two to #MeToo - Using Enclaves to Build Autonomous Trusted Systems

08/08/2018
by   Danny Harnik, et al.
0

We provide enhanced security against insider attacks in services that manage extremely sensitive data. One example is a #MeToo use case where sexual harassment complaints are reported but only revealed when another complaint is filed against the same perpetrator. Such a service places tremendous trust on service operators which our work aims to relieve. To this end we introduce a new autonomous data management concept which transfers responsibility for the sensitive data from administrators to secure and verifiable hardware. The main idea is to manage all data access via a cluster of autonomous computation agents running inside Intel SGX enclaves. These EConfidante agents share a secret data key which is unknown to any external entity, including the data service administrators, thus eliminating many opportunities for data exposure. In this paper we describe a detailed design of the EConfidante system, its flow and how it is managed and implemented. Our #MeToo design also uses an immutable distributed ledger which is built using components from a Blockchain framework. We implemented a proof of concept of our system for the #MeToo use case and analyze its security properties and implementation details.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
12/20/2019

Design and Implementation of a Blockchain-based Consent Management System

A blockchain is a distributed ledger forming a distributed consensus on ...
research
12/28/2021

A Blockchain-based Data Governance Framework with Privacy Protection and Provenance for e-Prescription

Real-world applications in healthcare and supply chain domains produce, ...
research
01/22/2020

A Cloud Security Framework Based on Trust Model and Mobile Agent

Cloud computing as a potential paradigm offers tremendous advantages to ...
research
05/08/2018

Towards blockchain-based robonomics: autonomous agents behavior validation

The decentralized trading market approach, where both autonomous agents ...
research
06/02/2022

The Loop of the Rings: A Distributed Cooperative System

We introduce a decentralized and distributed collaborative environment d...
research
04/03/2018

Blockchain-based TLS Notary Service

The Transport Layer Security (TLS) protocol is a de facto standard of se...

Please sign up or login with your details

Forgot password? Click here to reset