Evaluation of Secure Remote Offering Service for Information Bank

Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy Pub Date : 2020-03-16 DOI:10.1145/3374664.3379526

Keita Kayaba, Hidenobu Oguri, Yuji Yamaoka

{"title":"Evaluation of Secure Remote Offering Service for Information Bank","authors":"Keita Kayaba, Hidenobu Oguri, Yuji Yamaoka","doi":"10.1145/3374664.3379526","DOIUrl":null,"url":null,"abstract":"An information bank is a reliable data ecosystem for the distribution and utilization of personal data (PD). In order to maintain the trust of individuals, sharing of personal data between businesses and the information bank is required to be secure. Therefore, the information bank must prevent abuse and leaking of personal data. There are several measures that can be taken to limit the damage imposed upon the individual in the case of data abuse or leakage. However, it is difficult to prevent abuse and leakage once the data has been shared with businesses. This work focuses on the security of an offering service on the information bank. The information bank offers useful information or services to individuals from businesses' based on shared personal data. We devise a remote offering service enabling businesses to target individuals without sharing personal data. Moreover, we consider a malicious threat on the remote offering service and propose a mechanism for detecting this threat. The experimental results suggest that the proposed mechanism is useful in some real security use cases.","PeriodicalId":171521,"journal":{"name":"Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy","volume":"69 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3374664.3379526","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

An information bank is a reliable data ecosystem for the distribution and utilization of personal data (PD). In order to maintain the trust of individuals, sharing of personal data between businesses and the information bank is required to be secure. Therefore, the information bank must prevent abuse and leaking of personal data. There are several measures that can be taken to limit the damage imposed upon the individual in the case of data abuse or leakage. However, it is difficult to prevent abuse and leakage once the data has been shared with businesses. This work focuses on the security of an offering service on the information bank. The information bank offers useful information or services to individuals from businesses' based on shared personal data. We devise a remote offering service enabling businesses to target individuals without sharing personal data. Moreover, we consider a malicious threat on the remote offering service and propose a mechanism for detecting this threat. The experimental results suggest that the proposed mechanism is useful in some real security use cases.

查看原文本刊更多论文

信息库安全远程提供服务的评价

信息库是一个可靠的数据生态系统，用于分发和利用个人数据。为了保持个人的信任，企业和信息库之间的个人数据共享需要安全。因此，信息库必须防止个人数据的滥用和泄露。在数据滥用或泄露的情况下，可以采取若干措施来限制对个人造成的损害。但是，一旦与企业共享，就很难防止滥用和泄露。本文主要研究信息库上提供服务的安全性。信息库以企业共享的个人数据为基础，向个人提供有用的信息或服务。我们设计了一种远程提供服务，使企业能够在不共享个人数据的情况下针对个人。此外，我们考虑了远程提供服务上的恶意威胁，并提出了一种检测这种威胁的机制。实验结果表明，该机制在实际安全用例中是有效的。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy

自引率

0.00%

发文量