research-article

Open access

KRAKEN: a privacy-preserving data market for authentic data

Authors:

Sebastian RamacherAuthors Info & Claims

DE '22: Proceedings of the 1st International Workshop on Data Economy

Pages 15 - 20

https://doi.org/10.1145/3565011.3569057

Published: 06 December 2022 Publication History

Abstract

Data marketplaces are online platforms that provide a way for individuals to monetize their (personal) data. In traditional data marketplaces, the data is uploaded to the marketplace platform in plain-text. Since the broker has access to all data, such marketplaces are risk to the users' privacy.

We present a privacy-preserving marketplace that allows data owners to keep control over their data. We use secure multi-party computation to enable data consumers to evaluate expressive functions on a set of data. In our marketplace, the broker has neither access to the data nor the results of a function evaluation. Furthermore, our design ensures data-origin authenticity and enables data owners to define data-usage policies that are enforced by the computation nodes.

In addition to the architecture of this private marketplace, we discuss a reference implementation. We also provide an evaluation of our approach, demonstrating its practicability.

References

[1]

Lukas Alber, Stefan More, Sebastian Mödersheim, and Anders Schlichtkrull. 2021. Adapting the TPL Trust Policy Language for a Self-Sovereign Identity World. In Open Identity Summit (LNI, Vol. P-312). Gesellschaft für Informatik e.V., 107--118.

[2]

Alexandra Institute. 2022. FRESCO - A FRamework for Efficient Secure COmputation. https://github.com/aicis/fresco.

[3]

Abdelrahaman Aly, Karl Cong, Daniele Cozzo, Marcel Keller, Emmanuela Orsini, Dragos Rotaru, Oliver Scherer, Peter Scholl, Nigel P. Smart, Titouan Tanguy, and Tim Wood. 2021. SCALE-MAMBA v1.14: Documentation. https://homes.esat.kuleuven.be/~nsmart/SCALE/Documentation-SCALE.pdf

[4]

Johes Bater, Gregory Elliott, Craig Eggen, Satyender Goel, Abel N. Kho, and Jennie Rogers. 2017. SMCQL: Secure Query Processing for Private Data Networks. Proc. VLDB Endow. 10, 6 (2017), 673--684.

Digital Library

[5]

Dan Bogdanov, Margus Niitsoo, Tomas Toft, and Jan Willemson. 2012. High-performance secure multi-party computation for data mining applications. Int. J. Inf. Sec. 11, 6 (2012), 403--418.

Digital Library

[6]

David Chaum and Eugène van Heyst. 1991. Group Signatures. In EUROCRYPT'91 (LNCS, Vol. 547), Donald W. Davies (Ed.). Springer, Heidelberg, 257--265.

[7]

Yuanfeng Chen, Gaofeng Huang, Junjie Shi, Xiang Xie, and Yilin Yan. 2020. Rosetta: A Privacy-Preserving Framework Based on TensorFlow. https://github.com/LatticeX-Foundation/Rosetta.

[8]

Cloudflare. 2022. bn256. https://github.com/cloudflare/bn256.

[9]

Cybernetica. 2020. Sharemind MPC. https://sharemind.cyber.ee/sharemind-mpc/.

[10]

Mina Deng, Kim Wuyts, Riccardo Scandariato, Bart Preneel, and Wouter Joosen. 2011. A privacy threat analysis framework: supporting the elicitation and fulfillment of privacy requirements. Requir. Eng. 16, 1 (2011), 3--32.

Digital Library

[11]

David Derler, Sebastian Ramacher, and Daniel Slamanig. 2017. Homomorphic Proxy Re-Authenticators and Applications to Verifiable Multi-User Data Aggregation. In FC 2017 (LNCS, Vol. 10322), Aggelos Kiayias (Ed.). Springer, Heidelberg, 124--142.

[12]

Duality Technologies Inc. 2020. Duality. https://dualitytech.com/.

[13]

Huayi Duan, Yifeng Zheng, Yuefeng Du, Anxin Zhou, Cong Wang, and Man Ho Au. 2019. Aggregating Crowd Wisdom via Blockchain: A Private, Correct, and Robust Realization. In PerCom. IEEE, 1--10.

[14]

Hesham Elzouka and Fatma Zada. 2007. A Survey on Digital Watermarking Technologies. In Security and Management. CSREA Press, 342--349.

[15]

Framingham Heart Study. 2022. About the Framingham Heart Study. https://www.framinghamheartstudy.org/fhs-about/ Accessed September 24th, 2022.

[16]

Jens Groth. 2016. On the Size of Pairing-Based Non-interactive Arguments. In EUROCRYPT 2016, Part II (LNCS, Vol. 9666), Marc Fischlin and Jean-Sébastien Coron (Eds.). Springer, Heidelberg, 305--326.

[17]

Mihaela Ion, Ben Kreuter, Ahmet Erhan Nergiz, Sarvar Patel, Shobhit Saxena, Karn Seth, Mariana Raykova, David Shanahan, and Moti Yung. 2020. On Deploying Secure Computing: Private Intersection-Sum-with-Cardinality. In EuroS&P. IEEE, 370--389.

[18]

Poonam Kadian, Shiafali M. Arora, and Nidhi Arora. 2021. Robust Digital Water-marking Techniques for Copyright Protection of Digital Data: A Survey. Wirel. Pers. Commun. 118, 4 (2021), 3225--3249.

Digital Library

[19]

Marcel Keller. 2020. MP-SPDZ: A Versatile Framework for Multi-Party Computation. In ACM CCS 2020, Jay Ligatti, Xinming Ou, Jonathan Katz, and Giovanni Vigna (Eds.). ACM Press, 1575--1590.

Digital Library

[20]

Karl Koch, Stephan Krenn, Donato Pellegrino, and Sebastian Ramacher. 2020. Privacy-Preserving Analytics for Data Markets Using MPC. In Privacy and Identity Management (IFIP Advances in Information and Communication Technology, Vol. 619). Springer, 226--246.

[21]

Vlasis Koutsos, Dimitrios Papadopoulos, Dimitris Chatzopoulos, Sasu Tarkoma, and Pan Hui. 2020. Agora: A Privacy-aware Data Marketplace. In ICDCS. IEEE, 1211--1212.

[22]

Paul Tak Shing Liu. 2016. Medical Record System Using Blockchain, Big Data and Tokenization. In ICICS (LNCS, Vol. 9977). Springer, 254--261.

[23]

Thomas Lorünser, Florian Wohner, and Stephan Krenn. 2022. A Privacy-Preserving Auction Platform with Public Verifiability for Smart Manufacturing. In ICISSP. SCITEPRESS, 637--647.

[24]

Thomas Lorünser, Florian Wohner, and Stephan Krenn. 2022. A Verifiable Multiparty Computation Solver for the Linear Assignment Problem And Applications to Air Traffic Management. In CCSW'22. to appear.

Digital Library

[25]

Vangelis Marinakis, Haris Ch. Doukas, John Tsapelas, Spyros Mouzakitis, Álvaro Sicilia, Leandro Madrazo, and Sgouris P. Sgouridis. 2020. From big data to smart energy services: An application for intelligent energy management. Future Gener. Comput. Syst. 110 (2020), 572--586.

[26]

Sebastian Mödersheim, Anders Schlichtkrull, Georg Wagner, Stefan More, and Lukas Alber. 2019. TPL: A Trust Policy Language. In IFIPTM (IFIP Advances in Information and Communication Technology, Vol. 563). Springer, 209--223.

[27]

Stefan More and Lukas Alber. 2022. YOU SHALL NOT COMPUTE on my Data: Access Policies for Privacy-Preserving Data Marketplaces and an Implementation for a Distributed Market using MPC. In ARES. ACM, 137:1--137:8.

[28]

Stefan More, Sebastian Ramacher, Lukas Alber, and Marco Herzl. 2022. Extending Expressive Access Policies with Privacy Features. In TrustCom 2022. to appear.

[29]

Chaoyue Niu, Zhenzhe Zheng, Fan Wu, Xiaofeng Gao, and Guihai Chen. 2019. Achieving Data Truthfulness and Privacy Preservation in Data Markets. IEEE Trans. Knowl. Data Eng. 31, 1 (2019), 105--119.

Digital Library

[30]

Chaoyue Niu, Zhenzhe Zheng, Fan Wu, Shaojie Tang, Xiaofeng Gao, and Guihai Chen. 2018. Unlocking the Value of Privacy: Trading Aggregate Statistics over Private Correlated Data. In KDD. ACM, 2031--2040.

Digital Library

[31]

Kazim Rifat Ozyilmaz, Mehmet Dogan, and Arda Yurdakul. 2018. IDMoB: IoT Data Marketplace on Blockchain. In CVCBT. IEEE, 11--19.

[32]

Torben P. Pedersen. 1992. Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing. In CRYPTO'91 (LNCS, Vol. 576), Joan Feigenbaum (Ed.). Springer, Heidelberg, 129--140.

[33]

Maria Rizzi, Matteo D'Aloia, and Annalisa Longo. 2020. Digital watermarking for healthcare: a survey of ECG watermarking methods in telemedicine. Int. J. Comput. Sci. Eng. 23, 3 (2020), 235--249.

Digital Library

[34]

Adi Shamir. 1979. How to Share a Secret. Communications of the Association for Computing Machinery 22, 11 (Nov. 1979), 612--613.

Digital Library

[35]

Aleksandar Simovic. 2018. A Big Data smart library recommender system for an educational institution. Libr. Hi Tech 36, 3 (2018), 498--523.

[36]

TF Encrypted. 2022. Moose. https://github.com/tf-encrypted/moose.

[37]

Andrew Chi-Chih Yao. 1982. Protocols for Secure Computations (Extended Abstract). In 23rd FOCS. IEEE Computer Society Press, 160--164.

[38]

Wenting Zheng, Ryan Deng, Weikeng Chen, Raluca Ada Popa, Aurojit Panda, and Ion Stoica. 2021. Cerebro: A Platform for Multi-Party Cryptographic Collaborative Learning. In USENIX Security 2021, Michael Bailey and Rachel Greenstadt (Eds.). USENIX Association, 2723--2740.

Cited By

Lohmöller JPennekamp JMatzutt RSchneider CVlad ETrautwein CWehrle K(2024)The unresolved need for dependable guarantees on security, sovereignty, and trust in data ecosystemsData & Knowledge Engineering10.1016/j.datak.2024.102301151:COnline publication date: 1-May-2024
https://dl.acm.org/doi/10.1016/j.datak.2024.102301
Dixit AZarpelao BSmith-Creasey MRajarajan M(2024)A privacy-aware authentication and usage-controlled access protocol for IIoT decentralized data marketplaceComputers & Security10.1016/j.cose.2024.104050146(104050)Online publication date: Nov-2024
https://doi.org/10.1016/j.cose.2024.104050
Golob SPentyala SDowsley RDavid BLarangeira MDe Cock MNascimento A(2023)A Decentralized Information Marketplace Preserving Input and Output PrivacyProceedings of the Second ACM Data Economy Workshop10.1145/3600046.3600047(1-6)Online publication date: 18-Jun-2023
https://dl.acm.org/doi/10.1145/3600046.3600047

Index Terms

KRAKEN: a privacy-preserving data market for authentic data
1. Security and privacy
  1. Database and storage security
    1. Management and querying of encrypted data
2. Theory of computation
  1. Computational complexity and cryptography
    1. Cryptographic protocols

Recommendations

Privacy-preserving data sharing in cloud computing

Storing and sharing databases in the cloud of computers raise serious concern of individual privacy. We consider two kinds of privacy risk: presence leakage, by which the attackers can explicitly identify individuals in (or not in) the database, and ...
Privacy protection in data sharing: towards feedback based solutions
ICEGOV '14: Proceedings of the 8th International Conference on Theory and Practice of Electronic Governance

Sharing data is gaining importance in recent years due to proliferation of social media and a growing tendency of governments to gain citizens' trust through being transparent. Data dissemination, however, increases chance of compromising privacy ...
Preserving Genomic Privacy via Selective Sharing
WPES'20: Proceedings of the 19th Workshop on Privacy in the Electronic Society

Although genomic data has significant impact and widespread usage in medical research, it puts individuals' privacy in danger, even if they anonymously or partially share their genomic data. To address this problem, we present a framework that is ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

DE '22: Proceedings of the 1st International Workshop on Data Economy

December 2022

70 pages

ISBN:9781450399234

DOI:10.1145/3565011

Conference Chairs:
Nikos Laoutaris
IMDEA
,
Marco Mellia
Politecnico di Torino

Copyright © 2022 Owner/Author.

This work is licensed under a Creative Commons Attribution International 4.0 License.

Sponsors

SIGCOMM: ACM Special Interest Group on Data Communication

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 06 December 2022

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Horizon 2020

Conference

CoNEXT '22

Sponsor:

SIGCOMM

CoNEXT '22: The 18th International Conference on emerging Networking EXperiments and Technologies

December 9, 2022

Rome, Italy

Upcoming Conference

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
457
Total Downloads

Downloads (Last 12 months)226
Downloads (Last 6 weeks)32

Reflects downloads up to 03 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Lohmöller JPennekamp JMatzutt RSchneider CVlad ETrautwein CWehrle K(2024)The unresolved need for dependable guarantees on security, sovereignty, and trust in data ecosystemsData & Knowledge Engineering10.1016/j.datak.2024.102301151:COnline publication date: 1-May-2024
https://dl.acm.org/doi/10.1016/j.datak.2024.102301
Dixit AZarpelao BSmith-Creasey MRajarajan M(2024)A privacy-aware authentication and usage-controlled access protocol for IIoT decentralized data marketplaceComputers & Security10.1016/j.cose.2024.104050146(104050)Online publication date: Nov-2024
https://doi.org/10.1016/j.cose.2024.104050
Golob SPentyala SDowsley RDavid BLarangeira MDe Cock MNascimento A(2023)A Decentralized Information Marketplace Preserving Input and Output PrivacyProceedings of the Second ACM Data Economy Workshop10.1145/3600046.3600047(1-6)Online publication date: 18-Jun-2023
https://dl.acm.org/doi/10.1145/3600046.3600047

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents