Privacy and anonymity in untrusted data stores

Loading...
Thumbnail Image
File version

Version of Record (VoR)

Author(s)
Trevathan, J
Read, W
Ghodosi, H
Atkinson, I
Griffith University Author(s)
Primary Supervisor
Other Supervisors
Editor(s)
Date
2011
Size
File type(s)
Location

Perth, Australia

License
Abstract

This paper describes a security problem involving an online data repository, which acts as a proxy for multiple companies allowing their customers to perform online services (e.g., pay invoices). The repository's host is trusted to honestly fulfil its duties in maintaining the data in a manner consistent with each companies' required services. However, the information stored by the repository remains private in that the repository's host cannot openly read any companies' operational data, nor does it learn the identities of any companies' customers. We contrast several approaches describing their viability for web deployment using existing technologies. This is a fundamentally new security problem with no established literature or clearly defined cryptographic solution. The project originated from a commercial attempt to design a secure online data archive. A sample implementation of the system is presented that allows a customer to pay and view invoices online via the data repository using a popular and widely available small business accountancy application. © 2011, Australian Computer Society, Inc.

Journal Title
Conference Title

Conferences in Research and Practice in Information Technology Series

Book Title
Edition
Volume

115

Issue
Thesis Type
Degree Program
School
DOI
Patent number
Funder(s)
Grant identifier(s)
Rights Statement
Rights Statement

© 2011 Australian Computer Society Inc. The attached file is reproduced here in accordance with the copyright policy of the publisher. Please refer to the conference's website for access to the definitive, published version.

Item Access Status
Note
Access the data
Related item(s)
Subject

Cryptography

Information systems

Persistent link to this record
Citation

Trevathan, J; Read, W; Ghodosi, H; Atkinson, I, Privacy and anonymity in untrusted data stores, Conferences in Research and Practice in Information Technology Series, 2011, 115, pp. 75-84