research-article

On the tracking of sensitive data and confidential executions

Authors:

José Roberto Nascimento, Jr,

José B. S. Nunes,

Eduardo Lucena Falcão,

Andrey BritoAuthors Info & Claims

DEBS '20: Proceedings of the 14th ACM International Conference on Distributed and Event-based Systems

Pages 51 - 60

https://doi.org/10.1145/3401025.3404097

Published: 15 July 2020 Publication History

Abstract

The production of large amounts of sensitive data raises growing concerns on confidentiality guarantees. Considering this, it is natural that data owners have an interest in how their data are being used. In this work, we propose Data aNd Application Tracking (DNAT), a trustworthy platform for tracking the executions of applications over sensitive data in untrusted environments. For traceability purposes, we use blockchain and smart contracts, and to guarantee execution confidentiality and, especially, enforce that operations are appropriately logged in the blockchain, we use Intel SGX. Experiments show that tracking costs on Ethereum varies from 1 to 61 cents of a US dollar, depending on the operation and urgency for consolidation. The time cost of confidential execution is associated with the SGX overhead. It increases non-linearly initially but has a linear growth rate when data and application size gets much higher than the available enclave page cache (≈ 93 MB).

References

[1]

S. Ali, G. Wang, M. Z. A. Bhuiyan, and H. Jiang. 2018. Secure Data Provenance in Cloud-Centric Internet of Things via Blockchain Smart Contracts. In 2018 IEEE SmartWorld, Ubiquitous Intelligence Computing, Advanced Trusted Computing, Scalable Computing Communications, Cloud Big Data Computing, Internet of People and Smart City Innovation. 991--998.

[2]

Ittai Anati, Shay Gueron, Simon Johnson, and Vincent Scarlata. 2013. Innovative technology for CPU based attestation and sealing. In HASP '13: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, Vol. 13. ACM.

[3]

Sergei Arnautov, Bohdan Trach, Franz Gregor, Thomas Knauth, Andre Martin, Christian Priebe, Joshua Lind, Divya Muthukumaran, Dan O'Keeffe, Mark L. Stillwell, David Goltzsche, David Eyers, Rüdiger Kapitza, Peter Pietzuch, and Christof Fetzer. 2016. SCONE: Secure Linux Containers with Intel SGX. In Proceedings of the 12th USENIX Conference on Operating Systems Design and Implementation (OSDI'16). USENIX Association, 689--703.

Digital Library

[4]

Marcus Brandenburger, Christian Cachin, Rüdiger Kapitza, and Alessandro Sorniotti. 2018. Blockchain and Trusted Computing: Problems, Pitfalls, and a Solution for Hyperledger Fabric. CoRR abs/1805.08541 (2018). http://arxiv.org/abs/1805.08541

[5]

European Commission. 2018. EU General Data Protection Regulation. http://eugdpr.org/.

[6]

Consensys. 2019. Infura - Scalable Blockchain Infrastructure. http://infura.io/.

[7]

Concourse Open Construction. 2019. Eth Gas Station. http://ethgasstation.info/.

[8]

Dheeru Dua and Casey Graff. 2017. UCI Machine Learning Repository. http://archive.ics.uci.edu/ml

[9]

Ethereum. 2019. Ethereum: A blockchain app platform. http://www.ethereum.org/.

[10]

Ethereum. 2019. Etherscan: Block Explorer and Analytics Platform for Ethereum. http://etherscan.io/chart/blocktime.

[11]

Gilles Fedak, Haiwu He, Mircea Moca, Wassim Bendella, and Eduardo Alves. 2018. iExec: Blockchain-Based Decentralized Cloud Computing. Technical Report. 40 pages. http://iex.ec/wp-content/uploads/pdf/iExec-WPv3.0-English.pdf

[12]

Varun Grover, Roger H.L. Chiang, Ting-Peng Liang, and Dongsong Zhang. 2018. Creating Strategic Business Value from Big Data Analytics: A Research Framework. Journal of Management Information Systems 35, 2 (2018), 388--423. arXiv http://doi.org/10.1080/07421222.2018.1451951

[13]

Intel. 2015. Intel Software Guard Extensions. Cryptology ePrint Archive, Report 2016/086. http://software.intel.com/sites/default/.

[14]

Alistair E. W. Johnson, Tom J. Pollard, Lu Shen, Li-wei H. Lehman, Mengling Feng, Mohammad Ghassemi, Benjamin Moody, Peter Szolovits, Leo Anthony Celi, and Roger G. Mark. 2016. MIMICIII, a freely accessible critical care database. Scientific Data 3 (24 May 2016), 160035 EP -.

[15]

X. Liang, S. Shetty, D. Tosh, C. Kamhoua, K. Kwiat, and L. Njilla. 2017. Prov-Chain: A Blockchain-Based Data Provenance Architecture in Cloud Environment with Enhanced Privacy and Availability. In 2017 17th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGRID). 468--477.

Digital Library

[16]

Oleksii Oleksenko, Bohdan Trach, Robert Krahn, Mark Silberstein, and Christof Fetzer. 2018. Varys: Protecting SGX Enclaves from Practical Side-Channel Attacks. In 2018 USENIX Annual Technical Conference (USENIX ATC 18). USENIX Association, Boston, MA, 227--240. https://www.usenix.org/conference/atc18/presentation/oleksenko

Digital Library

[17]

Aravind Ramachandran and Murat Kantarcioglu. 2018. SmartProvenance: A Distributed, Blockchain Based DataProvenance System. In Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy (CODASPY '18). ACM, New York, NY, USA, 35--42.

Digital Library

[18]

JE Rossouw, JP Du Plessis, AJ Benadé, PC Jordaan, JP Kotzé, PL Jooste, and JJ Ferreira. 1983. Coronary risk factor screening in three rural communities. The CORIS baseline study. South African medical journal 64, 12 (September 1983), 430--436. http://europepmc.org/abstract/MED/6623218

[19]

Scontain. 2020. SCONE-Python. https://sconedocs.github.io/Python/. [Online; Last access: June 03, 2020].

[20]

R. Silva, P. Barbosa, and A. Brito. 2017. DynSGX: A Privacy Preserving Toolset for Dinamically Loading Functions into Intel(R) SGX Enclaves. In 2017 IEEE International Conference on Cloud Computing Technology and Science (CloudCom). 314--321.

[21]

The Guardian. 2017. Uber concealed massive hack that exposed data of 57m users and drivers. http://www.theguardian.com/technology/2017/nov/21/uber-data-hack-cyber-attack.

[22]

The Guardian. 2018. Facebook to contact 87 million users affected by data breach. http://www.theguardian.com/technology/2018/apr/08/facebook-to-contact-the-87-million-users-affected-by-data-breach.

[23]

Liehuang Zhu, Yulu Wu, Keke Gai, and Kim-Kwang Raymond Choo. 2019. Controllable and trustworthy blockchain-based cloud data management. Future Generation Computer Systems 91 (2019), 527 -- 535. http://www.sciencedirect.com/science/article/pii/S0167739X18311993

Digital Library

[24]

Guy Zyskind, Oz Nathan, and Alex Pentland. 2015. Enigma: Decentralized Computation Platform with Guaranteed Privacy. CoRR abs/1506.03471 (2015). arXiv:1506.03471 http://arxiv.org/abs/1506.03471

Cited By

Obuba M(2023)Spiritual Leadership - Serving God in the Digital Age: Harnessing Technology for Christian Spiritual GrowthSSRN Electronic Journal10.2139/ssrn.4574819Online publication date: 2023
https://doi.org/10.2139/ssrn.4574819
Will NMaziero C(2023)Intel Software Guard Extensions Applications: A SurveyACM Computing Surveys10.1145/359302155:14s(1-38)Online publication date: 17-Jul-2023
https://dl.acm.org/doi/10.1145/3593021
Bigini GLattanzi E(2022)Toward the InterPlanetary Health Layer for the Internet of Medical Things With Distributed Ledgers and StoragesIEEE Access10.1109/ACCESS.2022.319693310(82883-82895)Online publication date: 2022
https://doi.org/10.1109/ACCESS.2022.3196933
Show More Cited By

Index Terms

On the tracking of sensitive data and confidential executions
1. Security and privacy
  1. Security services
    1. Privacy-preserving protocols
  2. Systems security
    1. Distributed systems security

Recommendations

Privacy-Preserving Mechanism for Monitoring Sensitive Data
ITNG '15: Proceedings of the 2015 12th International Conference on Information Technology - New Generations

The warranty of privacy of a person's data is understood as the capacity of managing, altering, restricting or publishing for a group of individuals chosen by the person. The shared data can be sensitive revealing something private, which deserves ...
Protecting Privacy of Sensitive Data Dissemination Using Active Bundles
CONGRESS '09: Proceedings of the 2009 World Congress on Privacy, Security, Trust and the Management of e-Business

The solution for protecting data privacy proposed in this paper—, called Active Bundles—, protects sensitive data from their disclosure to unauthorized parties and from unauthorized dissemination (even if started by an authorized party). The Active ...
Sensitive and Private Data Analysis: A Systematic Review
ICFNDS '19: Proceedings of the 3rd International Conference on Future Networks and Distributed Systems

Each day an extensive amount of data is produced from various organisations, such as e-commerce, IT, hospitals, retail and supply chain, etc. Due to the expansion of computer devices and advances in technology this immense amount of data has been ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

DEBS '20: Proceedings of the 14th ACM International Conference on Distributed and Event-based Systems

July 2020

244 pages

ISBN:9781450380287

DOI:10.1145/3401025

Conference Chair:
Julien Gascon-Samson
ÉTS
,
General Chairs:
Kaiwen Zhang
ÉTS Montréal
,
Khuzaima Daudjee
University of Waterloo
,
Bettina Kemme
McGill University

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 15 July 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Dell-EMC Brazil
EU-BRA ATMOSPHERE project

Conference

DEBS '20

Sponsor:

DEBS '20: The 14th ACM International Conference on Distributed and Event-based Systems

July 13 - 17, 2020

Quebec, Montreal, Canada

Acceptance Rates

DEBS '20 Paper Acceptance Rate 11 of 43 submissions, 26%;

Overall Acceptance Rate 145 of 583 submissions, 25%

Upcoming Conference

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
140
Total Downloads

Downloads (Last 12 months)11
Downloads (Last 6 weeks)0

Reflects downloads up to 08 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Obuba M(2023)Spiritual Leadership - Serving God in the Digital Age: Harnessing Technology for Christian Spiritual GrowthSSRN Electronic Journal10.2139/ssrn.4574819Online publication date: 2023
https://doi.org/10.2139/ssrn.4574819
Will NMaziero C(2023)Intel Software Guard Extensions Applications: A SurveyACM Computing Surveys10.1145/359302155:14s(1-38)Online publication date: 17-Jul-2023
https://dl.acm.org/doi/10.1145/3593021
Bigini GLattanzi E(2022)Toward the InterPlanetary Health Layer for the Internet of Medical Things With Distributed Ledgers and StoragesIEEE Access10.1109/ACCESS.2022.319693310(82883-82895)Online publication date: 2022
https://doi.org/10.1109/ACCESS.2022.3196933
Bigini GFreschi VBogliolo ALattanzi E(2022)Decentralising the Internet of Medical Things with Distributed Ledger Technologies and Off-Chain Storages: A Proof of ConceptSmart Objects and Technologies for Social Good10.1007/978-3-030-91421-9_7(80-90)Online publication date: 1-Jan-2022
https://doi.org/10.1007/978-3-030-91421-9_7
Samanta DBanerjee ASamanta DBanerjee A(2021)Approaches of Data Analytics in Intelligent Medicare Utilizing IoTComputationally Intensive Statistics for Intelligent IoT10.1007/978-981-16-5936-2_4(65-98)Online publication date: 3-Oct-2021
https://doi.org/10.1007/978-981-16-5936-2_4

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten