Privacy analysis and enhancements for data sharing in *nix systems

Singh, Aameek; Liu, Ling; Ahamad, Mustaque

doi:10.1504/ijics.2008.022489

Cited by 4 publications

(4 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It separated read and write access: read access to the physical storage device is granted to all principals and write access can be granted to everyone. The authors of first analyzed *nix systems and identify an urgent need for better privacy support in their data sharing mechanisms and gave two solutions for privacy enhancement. Later, they proposed a data sharing platform, named SHAROES, for outsourced storage environment.…”

Section: Related Workmentioning

confidence: 99%

Role‐based and time‐bound access and management of EHR data

Zhang

Liu

Xue

2013

Security Comm Networks

Self Cite

View full text Add to dashboard Cite

Security and privacy are widely recognized as important requirements for access and management of electronic health record (EHR) data. In this paper, we argue that EHR data need to be managed with customizable access control in both spatial and temporal dimensions. We present a role‐based and time‐bound access control (RBTBAC) model that provides more flexibility in both roles (spatial capability) and time (temporal capability) dimensions to control the access of sensitive data. Through algorithmic combination of role‐based access control and time‐bound key management, our RBTBAC model has two salient features. First, we have developed a privacy‐aware and dynamic key structure for role‐based privacy aware access and management of EHR data, focusing on the consistency of access authorization (including data and time interval) with the activated role of user. In addition to role‐based access, a path‐invisible EHR structure is built for preserving privacy of patients. Second, we have employed a time tree method for generating time granule values, offering fine granularity of time‐bound access authorization and control. Our initial experimental results show that tree‐like time structure can improve the performance of the key management scheme significantly, and RBTBAC model is more suitable than existing solutions for EHR data management because it offers high‐efficiency and better security and privacy. Copyright © 2013 John Wiley & Sons, Ltd.

show abstract

Section: Related Workmentioning

confidence: 99%

Role‐based and time‐bound access and management of EHR data

Zhang

Liu

Xue

2013

Security Comm Networks

Self Cite

View full text Add to dashboard Cite

show abstract

“…Further, they posit the argument that this approach is unstable and question its sustainability. Whilst most research undertaken in the field is case related or interpretive, based on secondary data, Singh et al (2008) take a proactive approach by undertaking experiments designed to gain access to private data in a chosen public sector organisation. That they recorded a high level of success without the aid of any technological weaknesses in the organisation provides an insight into the vulnerability of personal data held in the workplace.…”

Section: Literature Reviewmentioning

confidence: 99%

Observations on the UK transformational government strategy relative to citizen data sharing and privacy

Combe

2009

Transforming Government: People, Process and Policy

View full text Add to dashboard Cite

Purpose -One of the key aims of the UK's Transformational Government strategy is to create a "joined-up" government where communications within and between public organisations is improved by the use of information technology. Data sharing is a key enabler of "joined-up" government but the implementation of the strategy presents a series of risks. The purpose of this paper is to articulate and assess the nature of those risks in relation to violations of existing laws using the National Pupil Database (NPD) in England as a case study. Design/methodology/approach -The paper investigates examples of violations of EU law relating to rights to privacy of data sharing practices within the UK public sector using an interpretive approach to existing published information. The case of the NPD illustrates how certain identified data sharing practices contravene existing laws and exposes this aspect of the Transformational Government strategy to heightened risk of a legal challenge. Findings -Four examples of violations of existing EU laws on privacy are identified from an investigation into the NPD for schools in England. The analysis exposes the imbalance between the data sharing practices underpinning the Transformational Government strategy in the UK and the requirements for fulfilling privacy protection rights to citizens enshrined in EU law. The findings reveal that data sharing practices as a key enabler of the Transformational Government strategy risks violating existing laws designed to protect privacy. The UK government risks a legal challenge, the outcome of which may seriously undermine the prospects for achieving the stated aim of improving efficiency and effectiveness across the public sector.Research limitations/implications -The paper is largely restricted to the NPD for schools in England. The findings would be strengthened by expanding the research into other areas of the public sector where data sharing practices have been implemented. Originality/value -The findings are a significant and timely contribution to understanding the data sharing/privacy tension that ministers and legislators need to address. The work provides an insight into where weaknesses exist within current arrangements that is of value to policymakers, legislators, human rights advocates and government authorities at both central and local levels.

show abstract

“…Most of the related work [7], [8], [11], [12] provides only a restricted access control model with few permission settings. Typically, they only provide read and write permissions at a file level and hierarchical directory permissions are not supported, which studies suggest to be dominant in current local systems [13]. In contrast, the SHAROES system is able to provide rich data sharing semantics by carefully manipulating filesystem metadata and key distribution.…”

Section: A Data Sharing Challengesmentioning

confidence: 99%

“…In other words, a user can not do an "ls" on the directory, but can "cd" into it and access contents by using their exact name. This is a widely used permission in *nix systems and our study at two large organizations showed that greater than 70% of users use exec-only permissions on directories [13]. To support this permission in SHAROES, the directory-table structure requires further manipulation using cryptographic primitives.…”

Section: A *Nix Directory Capsmentioning

confidence: 99%

Sharoes: A Data Sharing Platform for Outsourced Enterprise Storage Environments

Singh

Liu

2008

2008 IEEE 24th International Conference on Data Engineering

Self Cite

View full text Add to dashboard Cite

Abstract-With fast paced growth of digital data and exploding storage management costs, enterprises are looking for new ways to effectively manage their data. One such cost-effective paradigm is the Storage-as-a-Service model, in which enterprises outsource their storage to a storage service provider (SSP) by storing data at a remote SSP-managed site and accessing it over a high speed network. Often for a variety of reasons, enterprises find it unacceptable to fully trust the SSP and prefer to store data in an encrypted form. This typically limits collaboration and data sharing among enterprise users due to complex key management and access control challenges.In this paper, we propose a platform called SHAROES that provides data sharing capability over such outsourced storage environments. SHAROES provide rich *nix-like data sharing semantics over SSP stored data, without trusting the SSP for data confidentiality or access control. SHAROES is unique in its ability in reducing user involvement during setup and operation through the use of in-band key management and allows a near-seamless transition of existing storage environments to the new model. It is also superior in performance by minimizing the use of expensive public-key cryptography in metadata management. We present the architecture and implementation of various SHAROES components and our experiments demonstrate performance superior to other proposals by over 40% on a number of benchmarks.

show abstract

Privacy analysis and enhancements for data sharing in *nix systems

Cited by 4 publications

References 16 publications

Role‐based and time‐bound access and management of EHR data

Role‐based and time‐bound access and management of EHR data

Observations on the UK transformational government strategy relative to citizen data sharing and privacy

Sharoes: A Data Sharing Platform for Outsourced Enterprise Storage Environments

Contact Info

Product

Resources

About