A P2P based usage control enforcement scheme resilient to re-injection attacks

Existing privacy controls based on access control techniques do not prevent massive dissemination of private data by unauthorized users. We suggest a usage control enforcement scheme that allows users to gain control over their data during its entire lifetime. The scheme is based on a peer-to-peer architecture whereby a different set of peers is randomly selected for data assignment. Usage control is achieved based on the assumption that at least t out of any set of n peers will not behave maliciously. Such a system would still suffer from re-injection attacks whereby attackers can gain ownership of data and the usage policy thereof by simply re-storing data after slight modification of the content. In order to cope with re-injection attacks the scheme relies on a similarity detection mechanism. The robustness of the scheme has been evaluated in an experimental setting using a variety of re-injection attacks.

[1]  Hussein Zedan,et al.  Concurrent Enforcement of Usage Control Policies , 2008, 2008 IEEE Workshop on Policies for Distributed Systems and Networks.

[2]  Michael Hafner,et al.  A usage control policy specification with Petri nets , 2009, 2009 5th International Conference on Collaborative Computing: Networking, Applications and Worksharing.

[3]  Jaehong Park,et al.  The UCONABC usage control model , 2004, TSEC.

[4]  Hussein Zedan,et al.  A note on the formalisation of UCON , 2007, SACMAT '07.

[5]  Matthias Hagen,et al.  Overview of the 1st international competition on plagiarism detection , 2009 .

[6]  Rodolfo da Silva Villaça,et al.  Hamming DHT: Taming the similarity search , 2013, 2013 IEEE 10th Consumer Communications and Networking Conference (CCNC).

[7]  Mihir Bellare,et al.  Lecture Notes on Cryptography , 2001 .

[8]  Gurmeet Singh Manku,et al.  Detecting near-duplicates for web crawling , 2007, WWW '07.

[9]  Himabindu Pucha,et al.  Exploiting Similarity for Multi-Source Downloads Using File Handprints , 2007, NSDI.

[10]  Christian Schaefer,et al.  Usage Control Enforcement with Data Flow Tracking for X11 , 2009, STM 2009.

[11]  Moses Charikar,et al.  Similarity estimation techniques from rounding algorithms , 2002, STOC '02.

[12]  Alexander Pretschner,et al.  Distributed data usage control for web applications: a social network implementation , 2011, CODASPY '11.

[13]  Ravi S. Sandhu,et al.  Towards a Times-Based Usage Control Model , 2007, DBSec.

[14]  Krishna P. Gummadi,et al.  Policy-Sealed Data: A New Abstraction for Building Trusted Cloud Services , 2012, USENIX Security Symposium.

[15]  Christian Schaefer,et al.  A Policy Language for Distributed Usage Control , 2007, ESORICS.

[16]  Guillaume Pierre,et al.  A survey of DHT security techniques , 2011, CSUR.

[17]  Monika Henzinger,et al.  Finding near-duplicate web pages: a large-scale evaluation of algorithms , 2006, SIGIR.

[18]  Alexander Pretschner,et al.  State-Based Usage Control Enforcement with Data Flow Tracking using System Call Interposition , 2009, 2009 Third International Conference on Network and System Security.