A Data Usage Control System Using Dynamic Taint Tracking
| Autor: | Gerd Stefan Brost, Julian Schütte |
|---|---|
| Rok vydání: | 2016 |
| Předmět: |
Database
Computer science business.industry Complex event processing 02 engineering and technology computer.software_genre Data modeling Data flow diagram Data set Taint checking Analytics 020204 information systems Data quality Business intelligence 0202 electrical engineering electronic engineering information engineering Data analysis 020201 artificial intelligence & image processing The Internet business computer |
| Zdroj: | AINA |
| DOI: | 10.1109/aina.2016.127 |
| Popis: | Data analytics services are on the rise, fostered byan increasing number of wearables and industrial sensors whichare connected over the Internet. As a result, users who want totake advantage of these services are confronted with the challengeof keeping their private data and business secrets secure, whilestill providing the information required for the analytics serviceto operate. Traditional access and usage control do not solve thisproblem, as they only take binary access decisions, but do notenforce specific views on data sets. We propose a mechanism tocontrol the ways in which data may be processed, thereby limitingthe information which can be gained from data sets to the specificneeds of a service. The core of our approach is to model dataanalytics as a data flow problem and to apply dynamic taintanalysis for monitoring the processing of individual records. Wepropose a policy language to state requirements on the way howdata is processed and enforce measures to ensure that critical datais not revealed. Our approach is based on the query evaluationof a complex event processing engine, which is thereby turnedinto a policy-controlled privacy-preserving data analytics service. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|