Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Toward Privacy-Preserving Decentralised Systems
KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.ORCID iD: 0000-0003-1025-826X
2017 (English)Licentiate thesis, comprehensive summary (Other academic)
Abstract [en]

Privacy enhancing technologies have proven to be a beneficial area of research lessening the threats users' privacy in centralised systems such as online social networks. Decentralised solutions have been proposed to extend the control that users have over their data as opposed to the centralised massive collection of personal and sensitive data.

The power that the service provider has in centralised systems has been shown to diminish the user’s privacy. Moreover, the disclosures in 2013 of a global surveillance program in collaboration with some of the service providers of such centralised systems have accelerated the debate on how to take action to counteract the threats to privacy.

Privacy-preserving decentralised systems are plausible solutions to such threats. However, the removal of the central authority comes with two main trade-offs, mimicking the features and taking over the supervision of the security and privacy threats that were a responsibility of the central authority.

In our thesis, we propose the use of privacy-preserving decentralised systems and develop three solutions in terms of decentralisation, functionality, and achievable security and privacy. For decentralised systems we show a mechanism for user authentication via standard credentials. Within the realm of decentralised online social networks we implement a coordination and cooperation mechanism to organise events without the need of a trusted third party. Finally, we improve one of the aspects of the user’s privacy: anonymity, by showing an implementation of a privacy-preserving system to submit and grade documents anonymously in systems where the central authority is still required.

Our solutions are some concrete examples of how privacy as data control can be achieved to varying degrees. Nonetheless, we hope that the protocols we propose and the evaluation of the security and privacy properties can be useful in other scenarios to mitigate the diverse dangers to personal privacy.

Abstract [sv]

Integritets främjande teknik — på engelska, privacy enhancing technologies — har visat sig vara ett positivt forskningsområde som syftar till att minska hoten mot den personliga integriteten av användarnas personuppgifter i centraliserade informationssystem som online sociala nätverk — på engelska, online social networks. Följaktligen har decentraliserade lösningar föreslagits för att förlänga den kontroll som användare har över sina data i motsats till en centraliserade massiv samling av personliga och känsliga data.

Den kraft som tjänsteleverantören har i centrala informationssystem har visat sig minska användarens integritet vid fall av missbruk, censur eller dataläckage. Vidare har upplysningarna 2013 av ett globalt övervakningsprogram som leds av offentliga efterlysningsinstitutioner i samarbete med några av tjänsteleverantörerna av sådana centraliserade informationssystem påskyndat debatten om hur man vidtar åtgärder för att motverka hot mot integritet. I synnerhet hotet mot den lagliga "rätten att bli ensam" — på engelska, "right to be let alone", som definierats av Samuel Warren och Louis Brandeis år 1890 i sin inflytelserika laggransknings artikel "The Right to Privacy".

Sekretessskyddande decentraliserade system är trovärdiga lösningar på sådana hot och ett av de vanligaste alternativen som åtgärdas idag. Avlägsnandet av den centrala auktoriteten kommer emellertid med två huvudsakliga kompromisser, efterlikna funktionerna i det centraliserade informationssystemet på ett användbart sätt och överta övervakningen av säkerhets och hoten som en gång var ett centralt ansvar för centralt auktoritet.

I vår avhandling använder vi decentraliserade system för integritetsskydd och utvecklar tre lösningar för centraliserade informationssystem när det gäller decentralisering, funktionalitet och uppnåelig säkerhet och integritet. I decentraliserade informationssystem generellt visar vi på en konkret mekanism för användarautentisering via standard användar-lösenordsuppgifter med jämförbar användbarhet för standardiserade centraliserade applikationer. Inom ramen för praktiska decentraliserade system visar vi på ett specifikt exempel på domänen för decentraliserade online sociala nätverk — på engelska, decentralised online social networks — som implementerar en samordnings- och samarbetsmekanism för att organisera händelser utan att behöva ha en betrodd tredje part. Slutligen går vi tillbaka till de centraliserade systemen där närvaron av den centrala myndigheten fortfarande krävs och i stället förbättrar en av aspekterna av användarens integritet: anonymitet genom att visa en implementering av ett system för att skicka in och klassificera dokument anonymt i akademisk sfär i ett generiskt centraliserat system för integritetsskydd.

Våra lösningar är några konkreta exempel på hur integritet som datakontroll, som det paradigm som Anita Allen förutser, kan uppnås i varierande grad i centraliserade och decentraliserade informationssystem för integritetsskydd. Ändå hoppas vi att de integritetsskydd protokollen som vi föreslår och utvärderingen av säkerhets- och sekretessegenskaperna kan vara användbara i andra scenarier för att mildra de olika farorna för personlig integritet som vi står inför för närvarande.

Abstract [es]

as tecnologías para mejorar la privacidad — en inglés, privacy enhancing L technologies — han demostrado ser una beneficiosa área de investigación para disminuir las amenazas a la privacidad de la información personal de los usuarios en sistemas de información centralizados como las redes sociales on line — en inglés, online social networks. Por ello, se han propuesto soluciones descentralizadas para ampliar el control que los usuarios ejercen sobre sus datos en contraposición a la recogida de datos personales y sensibles en sistemas centralizados.

Casos de mal uso, censura o incluso fuga de datos demuestran que el poder del proveedor de servicios en sistemas de información centralizados disminuye la privacidad del usuario. Las revelaciones en 2013 de un programa de vigilancia a nivel global dirigido por agencias de inteligencia públicas en colaboración con algunos de los proveedores de servicios de sistemas de información centralizados han acelerado el debate sobre las medidas a tomar para contrarrestar las amenazas a la privacidad. En particular, la amenaza al "derecho a la soledad" — en inglés, "right to be let alone"— enunciado por Samuel Warren y Louis Brandeis en 1890 en el influyente artículo legal, "El derecho a la intimidad".

Los sistemas descentralizados que preservan la privacidad son soluciones viables ante las amenazas a la privacidad, y una de las alternativas más comunes en la actualidad. Sin embargo, la supresión de la autoridad central conlleva tratar de resolver dos inconvenientes: replicar la funcionalidad de los sistemas de información centralizados de forma que sean utilizables y asumir la vigilancia de las amenazas a la seguridad y privacidad que anteriormente eran responsabilidad de la autoridad central.

En esta tesis, se propone el uso de sistemas descentralizados que preservan la privacidad y para ello desarrollamos tres soluciones a los sistemas de información centralizados desde los puntos de vista de descentralización, fun- cionalidad y, seguridad y privacidad. En los sistemas de información descentralizados, diseñamos un mecanismo de autenticación de usuarios mediante el uso de credenciales estándar usuario-contraseña cuya usabilidad es comparable a las aplicaciones en sistemas centralizados. En el ámbito más práctico de los sistemas descentralizados mostramos un ejemplo específico en el área de las redes sociales on line descentralizadas — en inglés, decentralised online social networks — implementando un mecanismo de coordinación y cooperación para la organización de eventos sin necesidad de existencia de un tercero de confianza. Finalmente, en los sistemas de información centralizados, en los que la presencia de una autoridad central sigue siendo necesaria, intentamos mejorar uno de los aspectos de la privacidad del usuario: el anonimato, diseñando e implementando un sistema para presentar y evaluar documentos de forma anónima en el ámbito académico en un sistema de información genérico y centralizado.

Las soluciones que proponemos son algunos ejemplos concretos del concepto de "privacidad como control de datos" — en inglés, "privacy as data control"— tal y como lo definió Anita Allen. Un paradigma que se puede conseguir en diversos niveles tanto en sistemas de información centralizados como descentralizados. No obstante, deseamos que los protocolos para preservar la privacidad que proponemos junto con la evaluación de las propiedades de seguridad y privacidad sean de utilidad en otros ámbitos para contribuir a mitigar las diversas amenazas a la privacidad a las que no enfrentamos en la actualidad.

Place, publisher, year, edition, pages
Stockholm: KTH Royal Institute of Technology, 2017. , 109 p.
Series
TRITA-CSC-A, ISSN 1653-5723 ; 2017:12
Keyword [en]
decentralised information systems, distributed systems, privacy, social networks
Keyword [sv]
decentraliserade informationssystem, distribuerade system, integritet, sociala nätverk
Keyword [es]
sistemas de información descentralizados, sistemas distribuidos, privacidad, redes sociales
National Category
Computer Science
Research subject
Computer Science
Identifiers
URN: urn:nbn:se:kth:diva-206444ISBN: 978-91-7729-406-1 (print)OAI: oai:DiVA.org:kth-206444DiVA: diva2:1093416
Presentation
2017-05-31, 4523, Lindstedtsvägen 5, Stockholm, 10:00 (English)
Opponent
Supervisors
Projects
PeerSoN: Privacy-Preserving P2P Social Networks
Funder
Swedish Foundation for Strategic Research , FFL09-0086Swedish Research Council, 2009-3793
Note

QC 20170508

Available from: 2017-05-09 Created: 2017-05-05 Last updated: 2017-05-09Bibliographically approved
List of papers
1. Passwords in Peer-to-Peer
Open this publication in new window or tab >>Passwords in Peer-to-Peer
Show others...
2012 (English)In: Peer-to-Peer Computing (P2P), 2012 IEEE 12th International Conference on, IEEE , 2012, 167-178 p.Conference paper (Refereed)
Abstract [en]

One of the differences between typical peer-to-peer (P2P) and client-server systems is the existence of user accounts. While many P2P applications, like public file sharing, are anonymous, more complex services such as decentralized online social networks require user authentication. In these, the common approach to P2P authentication builds on the possession of cryptographic keys. A drawback with that approach is usability when users access the system from multiple devices, an increasingly common scenario. In this work, we present a scheme to support logins based on users knowing a username-password pair. We use passwords, as they are the most common authentication mechanism in services on the Internet today, ensuring strong user familiarity. In addition to password logins, we also present supporting protocols to provide functionality related to password logins, such as resetting a forgotten password via e-mail or security questions. Together, these allow P2P systems to emulate centralized password logins. The results of our performance evaluation indicate that incurred delays are well within acceptable bounds.

Place, publisher, year, edition, pages
IEEE, 2012
Series
IEEE International Conference on Peer-to-Peer Computing, ISSN 2161-3567
Keyword
Authentication mechanisms, Client-server systems, Complex services, Cryptographic key, File Sharing, Multiple devices, Online social networks, P2P applications, P2P system, Peer to peer, Performance evaluation, User authentication, Users access
National Category
Computer Science Telecommunications
Identifiers
urn:nbn:se:kth:diva-107785 (URN)10.1109/P2P.2012.6335797 (DOI)000312674500024 ()2-s2.0-84870369349 (ScopusID)978-146732862-3 (ISBN)
Conference
IEEE 12th International Conference on Peer-to-Peer Computing, P2P 2012; Tarragona;3 September 2012 through 5 September 2012
Funder
Swedish Foundation for Strategic Research , SSF FFL09-0086Swedish Research Council, VR 2009-3793ICT - The Next Generation
Note

QC 20130111

Available from: 2012-12-17 Created: 2012-12-17 Last updated: 2017-05-05Bibliographically approved
2. Event Invitations in Privacy-Preserving DOSNs: Formalization and Protocol Design
Open this publication in new window or tab >>Event Invitations in Privacy-Preserving DOSNs: Formalization and Protocol Design
2015 (English)In: Privacy and Identity Management for the Future Internet in the Age of Globalisation: 9th IFIP WG 9.2, 9.5, 9.6/11.7, 11.4, 11.6/SIG 9.2.2 International Summer School, Patras, Greece, September 7-12, 2014, Revised Selected Papers / [ed] Camenisch, Jan; Fischer-Hübner, Simone; Hansen, Marit, Springer Publishing Company, 2015, Vol. 457, 185-200 p.Chapter in book (Refereed)
Abstract [en]

Online Social Networks (OSNs) have an infamous history of privacy and security issues. One approach to avoid the massive collection of sensitive data of all users at a central point is a decentralized architecture.

An event invitation feature - allowing a user to create an event and invite other users who then can confirm their attendance - is part of the standard functionality of OSNs. We formalize security and privacy properties of such a feature like allowing different types of information related to the event (e.g., how many people are invited/attending, who is invited/attending) to be shared with different groups of users (e.g., only invited/attending users).

Implementing this feature in a Privacy-Preserving Decentralized Online Decentralized Online is non-trivial because there is no fully trusted broker to guarantee fairness to all parties involved. We propose a secure decentralized protocol for implementing this feature, using tools such as storage location indirection, ciphertext inferences and a disclose-secret-if-committed mechanism, derived from standard cryptographic primitives.

The results can be applied in the context of Privacy-Preserving DOSNs, but might also be useful in other domains that need mechanisms for cooperation and coordination, e.g., Collaborative Working Environment and the corresponding collaborative-specific tools, i.e., groupware, or Computer-Supported Collaborative Learning.

Place, publisher, year, edition, pages
Springer Publishing Company, 2015
Series
IFIP Advances in Information and Communication Technology, ISSN 1868-4238 ; 457
Keyword
Event invitation, Privacy, Decentralized Online Social Networks
National Category
Computer Systems Telecommunications
Research subject
Computer Science
Identifiers
urn:nbn:se:kth:diva-166775 (URN)10.1007/978-3-319-18621-4_13 (DOI)000380771600013 ()2-s2.0-84942575280 (ScopusID)978-3-319-18620-7 (ISBN)978-3-319-18621-4 (ISBN)
Funder
Swedish Foundation for Strategic Research , FFL09-0086Swedish Research Council, 2009-3793
Note

QC 20150618

Available from: 2015-05-18 Created: 2015-05-18 Last updated: 2017-05-05Bibliographically approved
3. Design of a Privacy-Preserving Document Submission and Grading System
Open this publication in new window or tab >>Design of a Privacy-Preserving Document Submission and Grading System
2015 (English)In: Secure IT Systems: 20th Nordic Conference, NordSec 2015, Stockholm, Sweden, October 19–21, 2015, Proceedings / [ed] Sonja Buchegger and Mads Dam, Springer Berlin/Heidelberg, 2015, 64-71 p.Conference paper (Refereed)
Abstract [en]

Documentsubmissionandgradingsystemsarecommonlyused in educational institutions. They facilitate the hand-in of assignments by students, the subsequent grading by the course teachers and the management of the submitted documents and corresponding grades. But they might also undermine the privacy of students, especially when documents and related data are stored long term with the risk of leaking to malicious parties in the future. We propose a protocol for a privacy- preserving, anonymous document submission and grading system based on blind signatures. Our solution guarantees the unlinkability of a document with the authoring student even after her grade has been reported, while the student can prove that she received the grade assigned to the document she submitted. We implemented a prototype of the proposed protocol to show its feasibility and evaluate its privacy and security properties. 

Place, publisher, year, edition, pages
Springer Berlin/Heidelberg, 2015
Series
Lecture Notes in Computer Science, ISSN 0302-9743 ; 9417
National Category
Computer Systems
Research subject
Computer Science
Identifiers
urn:nbn:se:kth:diva-179125 (URN)10.1007/978-3-319-26502-5_5 (DOI)2-s2.0-84951870493 (ScopusID)978-3-319-26501-8 (ISBN)978-3-319-26502-5 (ISBN)
Conference
Secure IT Systems: 20th Nordic Conference,Stockholm, Sweden, October 19–21, 2015
Funder
Swedish Foundation for Strategic Research , FFL09-0086Swedish Research Council, 2009-3793
Note

QC 20160318

Available from: 2015-12-10 Created: 2015-12-10 Last updated: 2017-05-05Bibliographically approved

Open Access in DiVA

The full text will be freely available from 2017-05-31 10:00
Available from 2017-05-31 10:00

Search in DiVA

By author/editor
Rodríguez-Cano, Guillermo
By organisation
Theoretical Computer Science, TCS
Computer Science

Search outside of DiVA

GoogleGoogle Scholar

Total: 127 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf