Trust-driven, Decentralized Data Access Control for Open Network of Autonomous Data Providers

The observation of current trends in data access, especially in the field of scientific computations, shows that global data access that crosses federation boundaries is highly desirable. However, administrative constraints require that data centers remain autonomous, which effectively eliminates the possibility of cooperation. To overcome this, we plan to establish an open network of cooperating data providers. In this paper, we address the issue of data access control for such network. Our proposition is to use a synergy of hybrid peer-to-peer architecture, decentralized identity and access management, metadata synchronization protocol and trust driven authorization flow. The proposed solution is discussed using real-life use-cases concerning cross-federation data access.

[1]  Robin Cohen,et al.  Validating trust models against realworld data sets , 2014, 2014 Twelfth Annual International Conference on Privacy, Security and Trust.

[2]  Dick Hardt,et al.  The OAuth 2.0 Authorization Framework , 2012, RFC.

[3]  Laura Ricci,et al.  Blockchain Based Access Control , 2017, DAIS.

[4]  Md. Moniruzzaman,et al.  Delegation of access rights in a privacy preserving access control model , 2011, 2011 Ninth Annual International Conference on Privacy, Security and Trust.

[5]  Slim Trabelsi,et al.  Sticky policies for data control in the cloud , 2012, 2012 Tenth Annual International Conference on Privacy, Security and Trust.

[6]  Jaehong Park,et al.  A provenance-based access control model , 2012, 2012 Tenth Annual International Conference on Privacy, Security and Trust.

[7]  Liang Chen,et al.  TRAAC: Trust and risk aware access control , 2014, 2014 Twelfth Annual International Conference on Privacy, Security and Trust.

[8]  Andrew P. Martin,et al.  Provenance as a Security Control , 2012, TaPP.

[9]  Chandan Mazumdar,et al.  A Survey of Trust Models for Enterprise Information Systems , 2016 .

[10]  Haiyang Wang,et al.  On the measurement of P2P file synchronization: Resilio Sync as a case study , 2017, 2017 IEEE/ACM 25th International Symposium on Quality of Service (IWQoS).

[11]  Jacek Kitowski,et al.  Kademlia with Consistency Checks as a Foundation of Borderless Collaboration in Open Science Services , 2016 .

[12]  Hugo Krawczyk,et al.  Keying Hash Functions for Message Authentication , 1996, CRYPTO.

[13]  Arafatur Rahman,et al.  Blockchain Security Hole: Issues and Solutions , 2017 .

[14]  Ragib Hasan,et al.  A trust based Information sharing model (TRUISM) in MANET in the presence of uncertainty , 2014, 2014 Twelfth Annual International Conference on Privacy, Security and Trust.

[15]  Denise Demirel,et al.  AS 3 : Adaptive Social Secret Sharing for Distributed Storage Systems. , 2017 .

[16]  Arnar Birgisson,et al.  Macaroons: Cookies with Contextual Caveats for Decentralized Authorization in the Cloud , 2014, NDSS.

[17]  Raymond K. Wong,et al.  Decentralized Trust Driven Access Control for Mobile Content Sharing , 2013, 2013 IEEE International Congress on Big Data.

[18]  Michal Wrzeszcz,et al.  Effective and Scalable Data Access Control in Onedata Large Scale Distributed Virtual File System , 2017, ICCS.

[19]  Angelos D. Keromytis,et al.  Decentralized access control in distributed file systems , 2008, CSUR.

[20]  Anas Abou El Kalam,et al.  FairAccess: a new Blockchain-based access control framework for the Internet of Things , 2016, Secur. Commun. Networks.

[21]  Steven Tuecke,et al.  X.509 Proxy Certificates for Dynamic Delegation , 2004 .

[22]  Oshani Seneviratne,et al.  Enabling privacy through transparency , 2014, 2014 Twelfth Annual International Conference on Privacy, Security and Trust.

[23]  Ralf Steinmetz,et al.  The eDonkey File-Sharing Network , 2004, GI Jahrestagung.

[24]  S. Jagannatha,et al.  Analysis of Blockchain technology: pros, cons and SWOT , 2018, Cluster Computing.

[25]  Joan Feigenbaum,et al.  Decentralized trust management , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[26]  Roy H. Campbell,et al.  Decentralized User-Centric Access Control using PubSub over Blockchain , 2017, ArXiv.

[27]  Michal Wrzeszcz,et al.  Metadata Organization and Management for Globalization of Data Access with Onedata , 2015, PPAM.

[28]  Germano Caronni,et al.  Walking the Web of trust , 2000, Proceedings IEEE 9th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE 2000).

[29]  Athanasios V. Vasilakos,et al.  Flexible Data Access Control Based on Trust and Reputation in Cloud Computing , 2017, IEEE Transactions on Cloud Computing.

[30]  Christian Damsgaard Jensen,et al.  The Importance of Trust in Computer Security , 2014, IFIPTM.

[31]  Guillaume Pierre,et al.  A survey of DHT security techniques , 2011, CSUR.

[32]  L. Javier García-Villalba,et al.  GTrust: Group Extension for Trust Models in Distributed Systems , 2014, Int. J. Distributed Sens. Networks.

[33]  Michal Wrzeszcz,et al.  Consistency Models for Global Scalable Data Access Services , 2017, PPAM.

[34]  Paola Grosso,et al.  Collaborative Research Using eScience Infrastructure and High Speed Networks , 2015, Future Gener. Comput. Syst..