Towards a Threat Model and Security Analysis for Data Cooperatives

SECRYPT ... : proceedings of the International Conference on Security and Cryptography. International Conference on Security and Cryptography Pub Date : 2022-01-01 DOI:10.5220/0011328700003283

Abiola Salau, R. Dantu, Kirill Morozov, Kritagya Upadhyay, Syed Badruddoja

{"title":"Towards a Threat Model and Security Analysis for Data Cooperatives","authors":"Abiola Salau, R. Dantu, Kirill Morozov, Kritagya Upadhyay, Syed Badruddoja","doi":"10.5220/0011328700003283","DOIUrl":null,"url":null,"abstract":": Data cooperative (called “data coop” for short) is an emerging approach in the area of secure data management. It promises its users a better protection and control of their data, as compared to the traditional way of their handling by the data collectors (such as governments, big data companies, and others). However, for the success of data coops, existing challenges with respect to data management systems need to be adequately addressed. Especially, they concern terms of security and privacy, as well as the power imbalance between providers/owners and collectors of data. Designing a security and privacy model for a data coop requires a systematic threat modeling approach that identiﬁes the security landscape, attack vectors, threats, and vulnerabilities, as well as the respective mitigation strategies. In this paper, we analyze the security of data cooperatives, identify potential security risks and threats, and suggest adequate countermeasures. We also discuss existing challenges that hinder the widespread adoption of data coops.","PeriodicalId":74779,"journal":{"name":"SECRYPT ... : proceedings of the International Conference on Security and Cryptography. International Conference on Security and Cryptography","volume":"66 1","pages":"707-713"},"PeriodicalIF":0.0000,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"SECRYPT ... : proceedings of the International Conference on Security and Cryptography. International Conference on Security and Cryptography","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.5220/0011328700003283","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 8

Abstract

: Data cooperative (called “data coop” for short) is an emerging approach in the area of secure data management. It promises its users a better protection and control of their data, as compared to the traditional way of their handling by the data collectors (such as governments, big data companies, and others). However, for the success of data coops, existing challenges with respect to data management systems need to be adequately addressed. Especially, they concern terms of security and privacy, as well as the power imbalance between providers/owners and collectors of data. Designing a security and privacy model for a data coop requires a systematic threat modeling approach that identiﬁes the security landscape, attack vectors, threats, and vulnerabilities, as well as the respective mitigation strategies. In this paper, we analyze the security of data cooperatives, identify potential security risks and threats, and suggest adequate countermeasures. We also discuss existing challenges that hinder the widespread adoption of data coops.

查看原文本刊更多论文

面向数据合作社的威胁模型与安全分析

数据协作(简称“Data coop”)是安全数据管理领域的一种新兴方法。与数据收集者(如政府、大数据公司等)处理数据的传统方式相比，它承诺用户可以更好地保护和控制他们的数据。然而，为了数据合作社的成功，现有的数据管理系统方面的挑战需要得到充分解决。特别是，它们涉及安全和隐私方面，以及数据提供者/所有者和数据收集者之间的权力不平衡。为数据合作社设计安全和隐私模型需要一种系统的威胁建模方法，该方法可以识别安全环境、攻击向量、威胁和漏洞，以及相应的缓解策略。本文分析了数据合作社的安全性，识别了潜在的安全风险和威胁，并提出了相应的对策。我们还讨论了阻碍数据合作社广泛采用的现有挑战。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

SECRYPT ... : proceedings of the International Conference on Security and Cryptography. International Conference on Security and Cryptography

自引率

0.00%

发文量