The Trusted Server: Concept and reference implementation of a fully autonomous and trustworthy computational server providing an advanced level of Privacy by Design through mac

02/26/2018
by   Nikolaus von Bomhard, et al.
0

Privacy by Design is a core element of the EU General Data Protection Regulation and of similar legislation in other countries. It both proposes and demands the use of appropriate methods to protect personal data and the privacy of individuals whose data is stored and processed in computing environments. These requirements are currently met through anonymization, pseudonymization and encryption. Multi-stage pseudonymization enhances privacy by assuring no single institution or person is in possession of sufficient data to identify an individual. This means privacy is not ensured by design, but rather based on workflow complexity and trust on individuals, especially that of system administrators who have unlimited access to systems and data under their governance. Secure Multiparty Computation using full data encryption is a promising method that has made substantial progress, though real-world cases are rare and highly specific. The Trusted Server is a completely autonomous and generic implementation of Privacy by Design. Once set up and running, it is irrevocably sealed for its whole lifecycle allowing only explicitly imple-mented data input, access, processing and output. Being unlimitedly validatable and verifiable, it supersedes trust built upon human individuals thus acting as trustworthy entity itself. It is strictly standard compliant, easy to set up and use, and is suitable for almost any computational service or processing task other than persistent storage. The Trusted Server allows implementation of straightforward solutions with full privacy protection for otherwise complex problems, as demonstrated in the following examples: first, a reference implementation of a fully-anonymous yet access-controlled web feedback submission server; second, a solution for Yao's Millionaires' Problem is given, which requires just a few simple scripts.

READ FULL TEXT
research
09/27/2019

Lightning-Fast and Privacy-Preserving Outsourced Computation in the Cloud

In this paper, we propose a framework for lightning-fast privacy-preserv...
research
04/18/2002

Trust Brokerage Systems for the Internet

This thesis addresses the problem of providing trusted individuals with ...
research
05/16/2020

Health Access Broker: Secure, Patient-Controlled Management of Personal Health Records in the Cloud

Secure and privacy-preserving management of Personal Health Records (PHR...
research
01/09/2019

Data Querying and Access Control for Secure Multiparty Computation

In the Internet of Things and smart environments data, collected from di...
research
08/02/2023

Integrating Homomorphic Encryption and Trusted Execution Technology for Autonomous and Confidential Model Refining in Cloud

With the popularity of cloud computing and machine learning, it has been...
research
10/31/2022

Mahiru: a federated, policy-driven data processing and exchange system

Secure, privacy-preserving sharing of scientific or business data is cur...
research
08/08/2018

It Takes Two to #MeToo - Using Enclaves to Build Autonomous Trusted Systems

We provide enhanced security against insider attacks in services that ma...

Please sign up or login with your details

Forgot password? Click here to reset