Skip to main content

A New Sharing Paradigm for the Personal Cloud

  • Conference paper
  • First Online:
Trust, Privacy and Security in Digital Business (TrustBus 2017)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10442))

Included in the following conference series:

  • 1055 Accesses

Abstract

Pushed by recent legislation and smart disclosure initiatives, personal cloud solutions emerge and hold the promise of giving the control back to the individual on her data. However, this shift leaves the privacy and security issues in user’s hands, a role that few people can properly endorse. Considering the inadequacy of existing sharing models, we advocate the definition of a new sharing paradigm dedicated to the personal cloud context. This sharing paradigm, called SWYSWYK (Share What You See with Who You Know), allows to derive intuitive sharing rules from the personal cloud content, to self-administer the subjects and the sensitive permissions, and to visualize the net effects of the sharing policy on the user’s personal cloud. We then propose a reference architecture providing the users tangible guarantees about the enforcement of the SWYSWYK policies. An instance of this architecture has been implemented on top of an existing personal cloud platform to demonstrate the practicality of the approach.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    In practice, isolated containers can be implemented using a dedicated hardware platform (physical isolation), an hypervisor or a microkernel. Recent hardware advances propose an hardware support for running isolated code, e.g., using ARM Trustzone [2] or SGX processors [9].

  2. 2.

    http://wanda.inria.fr/CIKM/cikm.ogg.

References

  1. Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, 27 April 2016

    Google Scholar 

  2. Bertino, E., Ghinita, G., Kamra, A.: Access control for databases: concepts and systems. Found. Trends Databases 3(1-2), 1–148 (2011)

    Article  MATH  Google Scholar 

  3. Brickley, D., Miller, L.: FOAF vocabulary specification 0.91. TR ILRT Bristol (2007)

    Google Scholar 

  4. Fang, L., LeFevre, K.: Privacy wizards for social networking sites. In: ACM WWW (2010)

    Google Scholar 

  5. Squicciarini, A.C., Sundareswaran, S., et al.: A3P: adaptive policy prediction for shared images over popular content sharing sites. In: ACM Hypertext and Hypermedia (HT) (2011)

    Google Scholar 

  6. Tootoonchian, A., Saroiu, S., Ganjali, Y., Wolman, A.: Lockr: better privacy for social networks. In: Conference Emerging Networking Experiments and Technologies (CoNEXT) (2009)

    Google Scholar 

  7. Van Kleek, M., Smith, D.A., Shadbolt, N., Schraefel, M.C.: A decentralized architecture for consolidating personal information ecosystems: the WebBox. In: PIM (2012)

    Google Scholar 

  8. Seong, S.-W., Seo, J., Nasielski, M., Sengupta, D., et al.: PrPl: a decentralized social networking infrastructure. In: ACM Mobile Cloud Computing & Services (MCS) (2010)

    Google Scholar 

  9. Ali, M., et al.: SeDaSC: secure data sharing in clouds. IEEE Syst. J. 11(2), 395–404 (2015)

    Article  Google Scholar 

  10. Thilakanathan, D., Chen, S., Nepal, S., Calvo, R.A.: Secure data sharing in the cloud. In: Nepal, S., Pathan, M. (eds.) Security, Privacy and Trust in Cloud Systems, pp. 45–72. Springer, Heidelberg (2014). doi:10.1007/978-3-642-38586-5_2

    Chapter  Google Scholar 

  11. Wang, F., et al.: Cryptographically enforced access control for user data in untrusted clouds. In: USENIX Symposium on Networked Systems Design and Implementation (NSDI) (2016)

    Google Scholar 

  12. Baden, R., Bender, A., Spring, N., et al.: Persona: an online social network with user-defined privacy. In: ACM SIGCOMM Computer Communication Review, vol. 39(4) (2009)

    Google Scholar 

  13. Guha, S., Tang, K., Francis, P.: NOYB: privacy in online social networks. In: ACM Workshop on Online Social Networks (2008)

    Google Scholar 

  14. Yuan, L., et al.: Privacy-preserving photo sharing based on a secure JPEG. In: CCC (2015)

    Google Scholar 

  15. Liu, Y., Gummadi, K.P., Krishnamurthy, B., Mislove, A.: Analyzing facebook privacy settings: user expectations vs. reality. In: ACM SIGCOMM (2011)

    Google Scholar 

  16. Mazurek, M.L., Liang, Y., et al.: Toward strong, usable access control for shared distributed data. In: USENIX Conference on File and Storage Technologies (FAST) (2014)

    Google Scholar 

  17. Wang, L., Wijesekera, D., Jajodia, S.: A Logic-based framework for attribute based access control. In: ACM Workshop on Formal Methods in Security Engineering (FMSE) (2004)

    Google Scholar 

  18. Geambasu, R., Balazinska, M., Gribble, S.D., Levy, H.M.: Homeviews: peer-to-peer middleware for personal data sharing applications. In: ACM SIGMOD (2007)

    Google Scholar 

  19. Carminati, B., Ferrari, E., Perego, A.: Rule-based access control for social networks. In: Meersman, R., Tari, Z., Herrero, P. (eds.) OTM 2006. LNCS, vol. 4278, pp. 1734–1744. Springer, Heidelberg (2006). doi:10.1007/11915072_80

    Chapter  Google Scholar 

  20. Mori, J., Sugiyama, T., Matsuo, Y.: Real-world oriented information sharing using social networks. In: ACM SIGGROUP (GROUP) (2005)

    Google Scholar 

  21. Park, J., Sandhu, R.: The UCON ABC usage control model. ACM TISSEC 7(1), 128–174 (2004)

    Article  Google Scholar 

  22. Anciaux, N., Bouganim, L., Pucheral, P., Guo, Y., Le Folgoc, L., Yin, S.: MILo-DB: a personal, secure and portable database machine. DAPD 32(1), 37–63 (2014)

    Google Scholar 

  23. Anciaux, N., Lallali, S., Popa, I.S., Pucheral, P.: A scalable search engine for mass storage smart objects. PVLDB 8(9), 910–921 (2015)

    Google Scholar 

  24. Costan, V., Devadas, S.: Intel SGX explained. IACR Cryptology ePrint Archive (2016)

    Google Scholar 

  25. Alves, T., Felton, D.: Trustzone: integrated hardware and software security. ARM White Pap. (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Paul Tran-Van .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Tran-Van, P., Anciaux, N., Pucheral, P. (2017). A New Sharing Paradigm for the Personal Cloud. In: Lopez, J., Fischer-Hübner, S., Lambrinoudakis, C. (eds) Trust, Privacy and Security in Digital Business. TrustBus 2017. Lecture Notes in Computer Science(), vol 10442. Springer, Cham. https://doi.org/10.1007/978-3-319-64483-7_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-64483-7_12

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-64482-0

  • Online ISBN: 978-3-319-64483-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics