Results 1 -
2 of
2
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, MANUSCRIPT ID 1 ABTTP: A TTP-based Prototype for Protecting Confidentiality of Sensitive Data with Active Bundles
"... Abstract — The main challenges in information sharing are limitations of mechanisms for protecting confidentiality of sensitive data. An owner of the data may not be able to enumerate all entities that are allowed to access his data. The common approach to solve this problem is to attach privacy pol ..."
Abstract
- Add to MetaCart
(Show Context)
Abstract — The main challenges in information sharing are limitations of mechanisms for protecting confidentiality of sensitive data. An owner of the data may not be able to enumerate all entities that are allowed to access his data. The common approach to solve this problem is to attach privacy policies to the data. This approach assumes that the recipient’s hosts enforce the policies attached to the data. A solution that relaxes this assumption is to use active bundles which are containers with a payload of sensitive data, metadata, and a virtual machine (VM) specific to the active bundle. This paper investigates the question: Can data protect their own confidentiality? To answer this question we developed the ABTTP prototype. We assume trustworthy execution of VMs included in active bundles by requiring that hosts excuting VMs are Trusted Platform Modules enabled. Our ABTTP implementation uses a mobile agent framework. The prototype protects privacy of sensitive data through: (i) assuring enforcement of privacy policy by using VMs, (ii) using host trustworthiness to activate protection mechanisms when data is tampered with, and (iii) recording all data-related activities by its VM. The prototype demonstrates the solution in a mobile agent environment. It proves that data can protect its own confidentiality.
