The past decade has seen the rapid development of data in many areas.Data has enormous commercial potential as a new strategic resource that may efficiently boost technical growth and service innovation.However,indivi...The past decade has seen the rapid development of data in many areas.Data has enormous commercial potential as a new strategic resource that may efficiently boost technical growth and service innovation.However,individuals are becoming increasingly concerned about data misuse and leaks.To address these issues,in this paper,we propose TrustControl,a trusted data usage control system to control,process,and protect data usage without revealing privacy.A trusted execution environment(TEE)is exploited to process confidential user data.First of all,we design a secure and reliable remote attestation mechanism for ARM TrustZone,which can verify the security of the TEE platform and function code,thus guaranteeing data processing security.Secondly,to address the security problem that the raw data may be misused,we design a remote dynamic code injection method to regulate that data can only be processed for the expected purpose.Our solution focuses on protecting the sensitive data of the data owner and the function code of the data user to prevent data misuse and leakage.Furthermore,we implement the prototype system of TrustControl on TrustZone-enabled hardware.Real-world experiment results demonstrate that the proposed Trust-Control is secure and the performance overhead of introducing our prototype system is very low.展开更多
1 Introduction Identity privacy concerns hinder data sharing by casting doubt on the safeguarding of personal information,eroding trust,and impeding the willingness of individuals and organizations to exchange their d...1 Introduction Identity privacy concerns hinder data sharing by casting doubt on the safeguarding of personal information,eroding trust,and impeding the willingness of individuals and organizations to exchange their data[1,2].The traceable ring signatures(TRSs)addresses the contradiction between identity privacy and regulation[3],no scheme has been developed thus far that is based on SM2,the Chinese cryptographic public key algorithm standard,without relying on centralized trust.展开更多
基金This work was supported by the National Key R&D Program of China(No.2021YFB2700601)Research Project of Hainan University(No.HD-KYH-2021240)+2 种基金Finance Science and Technology Project of Hainan Province(No.ZDKJ2020009 and ZDKJ2020012)National Natural Science Foundation of China(No.62163011,62162022 and 62162024)Key Projects in Hainan Province(No.ZDYF2021GXJS003 and ZDYF2020040).
文摘The past decade has seen the rapid development of data in many areas.Data has enormous commercial potential as a new strategic resource that may efficiently boost technical growth and service innovation.However,individuals are becoming increasingly concerned about data misuse and leaks.To address these issues,in this paper,we propose TrustControl,a trusted data usage control system to control,process,and protect data usage without revealing privacy.A trusted execution environment(TEE)is exploited to process confidential user data.First of all,we design a secure and reliable remote attestation mechanism for ARM TrustZone,which can verify the security of the TEE platform and function code,thus guaranteeing data processing security.Secondly,to address the security problem that the raw data may be misused,we design a remote dynamic code injection method to regulate that data can only be processed for the expected purpose.Our solution focuses on protecting the sensitive data of the data owner and the function code of the data user to prevent data misuse and leakage.Furthermore,we implement the prototype system of TrustControl on TrustZone-enabled hardware.Real-world experiment results demonstrate that the proposed Trust-Control is secure and the performance overhead of introducing our prototype system is very low.
基金supported in part by the National Key R&D Program of China (No.2021YFB2700600)the Finance Science and Technology Project of Hainan Province (No.ZDKJ2020009)+5 种基金the Hainan Province Science and Technology Special Fund (No.GHYF2022010)the National Natural Science Foundation of China (Grant Nos.62163011,62072092,62072093 and U1708262)the Fundamental Research Funds for the Central Universities (No.N2023020)the Natural Science Foundation of Hebei Province (No.F2020501013)the China Postdoctoral Science Foundation (No.2019M653568)the Key Research and Development Project of Hebei Province (No.20310702D).
文摘1 Introduction Identity privacy concerns hinder data sharing by casting doubt on the safeguarding of personal information,eroding trust,and impeding the willingness of individuals and organizations to exchange their data[1,2].The traceable ring signatures(TRSs)addresses the contradiction between identity privacy and regulation[3],no scheme has been developed thus far that is based on SM2,the Chinese cryptographic public key algorithm standard,without relying on centralized trust.
