Abstract
Mining and analysis of digital data has the potential to provide improved quality of life and offer even life-saving insights. However, loss of privacy or secret information would be detrimental to these goals and inhibit widespread application. Traditional data protection measures tend to result in the formation of data silos, severely limiting the scope and yield of “Big Data”. Technology such as privacy-preserving multi-party computation (MPC) and data de-identification can break these silos enabling privacy-preserving computation. However, currently available de-identification schemes tend to suffer from privacy/utility trade-offs, and MPC has found deployment only in niche applications.
As the assurance and availability of hardware-based Trusted Execution Environments (TEEs) is increasing, we propose an alternative direction of using TEEs as “neutral” environments for efficient yet secure multi-party computation. To this end, we survey the current state of the art, propose a generic initial solution architecture and identify remaining challenges.
Thomas Schneider—This work has been co-funded by the European Union (EU FP7/2007-2013) grant agreement n. 609611 (PRACTICE), by the DFG project E3 within the CRC 1119 CROSSING, by the BMBF within EC SPRIDE, and by the Hessian LOEWE excellence initiative within CASED.
Maria Zhdanova—This work has been co-funded by the EU project PRIPARE ID 610613.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Asokan, N., Ekberg, J.E., Kostiainen, K., Rajan, A., Rozas, C., Sadeghi, A.R., Schulz, S., Wachsmann, C.: Mobile trusted computing. Proceedings of the IEEE 102(8), 1189–1206 (2014)
Berger, S., Cáceres, R., Pendarakis, D.E., Sailer, R., Valdez, E., Perez, R., Schildhauer, W., Srinivasan, D.: TVDc: Managing security in the trusted virtual datacenter. Operating Syst. Rev. 42(1), 40–47 (2008)
Bogetoft, P., Christensen, D.L., Damgård, I., Geisler, M., Jakobsen, T., Krøigaard, M., Nielsen, J.D., Nielsen, J.B., Nielsen, K., Pagter, J., Schwartzbach, M., Toft, T.: Secure multiparty computation goes live. In: Dingledine, R., Golle, P. (eds.) FC 2009. LNCS, vol. 5628, pp. 325–343. Springer, Heidelberg (2009)
Dalenius, T.: The invasion of privacy problem and statistics production. an overview. Statistik Tidskrift 12, 213–225 (1974)
Danezis, G., Domingo-Ferrer, J., Hansen, M., Hoepman, J.H., Métayer, D.L., Tirtea, R., Schiffner, S.: Privacy and data protection by design - from policy to engineering. Technical report, ENISA (2015)
Defrawy, K.E., Francillon, A., Perito, D., Tsudik, G.: SMART: Secure and minimal architecture for (establishing a dynamic) root of trust. In: Network and Distributed System Security Symposium (NDSS 2012). The Internet Society (2012)
Demmler, D., Schneider, T., Zohner, M.: Ad-hoc secure two-party computation on mobile devices using hardware tokens. In: USENIX Security Symposium, pp. 893–908. USENIX (2014)
Domingo-Ferrer, J., Torra, V.: A critique of k-anonymity and some of its enhancements. In: Conference on Availability, Reliability and Security (ARES 2008) (2008)
Dwork, C.: Differential privacy. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006. LNCS, vol. 4052, pp. 1–12. Springer, Heidelberg (2006)
Dwork, C.: A firm foundation for private data analysis. Commun. ACM 54(1), 86–95 (2011)
Global Platform: TEE system architecture v1.0 (2011). http://www.globalplatform.org/specificationsdevice.asp
Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or a completeness theorem for protocols with honest majority. In: Symposium on Theory of Computing (STOC 1987), pp. 218–229. ACM (1987)
Hazay, C., Lindell, Y.: Constructions of truly practical secure protocols using standard smartcards. In: ACM CCS 2008, pp. 491–500. ACM (2008)
Hoekstra, M., Lal, R., Pappachan, P., Phegade, V., Del Cuvillo, J.: Using innovative instructions to create trustworthy software solutions. In: Hardware and Architectural Support for Security and Privacy (HASP). ACM (2013)
Koeberl, P., Schulz, S., Sadeghi, A.R., Varadharajan, V.: Trustlite: A security architecture for tiny embedded devices. In: European Conference on Computer Systems (EuroSys). ACM (2014)
Malkhi, D., Nisan, N., Pinkas, B., Sella, Y.: Fairplay – a secure two-party computation system. In: USENIX Security Symposium, pp. 287–302. USENIX (2004)
McCune, J.M., Li, Y., Qu, N., Zhou, Z., Datta, A., Gligor, V., Perrig, A.: TrustVisor: Efficient TCB reduction and attestation. In: Security and Privacy (S&P), pp. 143–158. IEEE (2010)
McCune, J.M., Parno, B.J., Perrig, A., Reiter, M.K., Isozaki, H.: Flicker: An execution infrastructure for TCB minimization. In: European Conference on Computer Systems (EuroSys), pp. 315–328. ACM (2008)
McKeen, F., Alexandrovich, I., Berenzon, A., Rozas, C.V., Shafi, H., Shanbhogue, V., Savagaonkar, U.R.: Innovative instructions and software model for isolated execution. In: Hardware and Architectural Support for Security and Privacy (HASP). ACM (2013)
Noorman, J., Agten, P., Daniels, W., Strackx, R., Van Herrewege, A., Huygens, C., Preneel, B., Verbauwhede, I., Piessens, F.: Sancus: Low-cost trustworthy extensible networked devices with a zero-software trusted computing base. In; USENIX Security Symposium. USENIX (2013)
Pfitzmann, B., Riordan, J., Stüble, C., Waidner, M., Weber, A.: The PERSEUS system architecture. Technical report, RZ 3335 (#93381), IBM Research (2001)
Schuster, F., Costa, M., Fournet, C., Gkantsidis, C., Peinado, M., Mainar-Ruiz, G., Russinovich, M.: VC3: Trustworthy data analytics in the cloud using SGX. In: IEEE Security and Privacy (S&P 2015). IEEE (2015)
Schwartz, E.J., Brumley, D., McCune, J.M.: A contractual anonymity system. In: Network and Distributed System Security (NDSS). The Internet Society (2010)
Singaravelu, L., Pu, C., Haertig, H., Helmuth, C.: Reducing TCB complexity for security-sensitive applications: three case studies. In: European Conference on Computer Systems (EuroSys). ACM SIGOPS (2006)
Sweeney, L.: k-anonymity: A model for protecting privacy. Int. J. Uncertainty, Fuzziness Knowl.-Based Syst. 10(05), 557–570 (2002)
Verykios, V.S., Bertino, E., Fovino, I.N., Provenza, L.P., Saygin, Y., Theodoridis, Y.: State-of-the-art in privacy preserving data mining. SIGMOD Rec. 33(1), 50–57 (2004)
Yao, A.C.: How to generate and exchange secrets. In; Foundations of Computer Science (FOCS 1986). pp. 162–167. IEEE (1986)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Koeberl, P., Phegade, V., Rajan, A., Schneider, T., Schulz, S., Zhdanova, M. (2015). Time to Rethink: Trust Brokerage Using Trusted Execution Environments. In: Conti, M., Schunter, M., Askoxylakis, I. (eds) Trust and Trustworthy Computing. Trust 2015. Lecture Notes in Computer Science(), vol 9229. Springer, Cham. https://doi.org/10.1007/978-3-319-22846-4_11
Download citation
DOI: https://doi.org/10.1007/978-3-319-22846-4_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-22845-7
Online ISBN: 978-3-319-22846-4
eBook Packages: Computer ScienceComputer Science (R0)