% % This file was created by the TYPO3 extension % bib % --- Timezone: CEST % Creation date: 2024-07-04 % Creation time: 05-27-33 % --- Number of references % 4 % @Inproceedings { 2022_lohmoeller_sovereignty, title = {On the Need for Strong Sovereignty in Data Ecosystems}, year = {2022}, month = {9}, day = {5}, volume = {3306}, pages = {51-63}, abstract = {Data ecosystems are the foundation of emerging data-driven business models as they (i) enable an automated exchange between their participants and (ii) provide them with access to huge and heterogeneous data sources. However, the corresponding benefits come with unforeseen risks as also sensitive information is potentially exposed. Consequently, data security is of utmost importance and, thus, a central requirement for the successful implementation of these ecosystems. Current initiatives, such as IDS and GAIA-X, hence foster sovereign participation via a federated infrastructure where participants retain local control. However, these designs place significant trust in remote infrastructure by mostly implementing organizational security measures such as certification processes prior to admission of a participant. At the same time, due to the sensitive nature of involved data, participants are incentivized to bypass security measures to maximize their own benefit: In practice, this issue significantly weakens sovereignty guarantees. In this paper, we hence claim that data ecosystems must be extended with technical means to reestablish such guarantees. To underpin our position, we analyze promising building blocks and identify three core research directions toward stronger data sovereignty, namely trusted remote policy enforcement, verifiable data tracking, and integration of resource-constrained participants. We conclude that these directions are critical to securely implement data ecosystems in data-sensitive contexts.}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-lohmoeller-deco.pdf}, publisher = {CEUR Workshop Proceedings}, booktitle = {Proceedings of the 1st International Workshop on Data Ecosystems (DEco '22), co-located with the 48th International Conference on Very Large Databases (VLDB '22), September 5-9, 2022, Sydney, Australia,}, event_place = {Sydney, Australia}, event_name = {International Workshop on Data Ecosystems (DEco '22)}, event_date = {September 5, 2022}, ISSN = {1613-0073}, reviewed = {1}, author = {Lohm{\"o}ller, Johannes and Pennekamp, Jan and Matzutt, Roman and Wehrle, Klaus} } @Article { 2022-henze-tii-prada, title = {Complying with Data Handling Requirements in Cloud Storage Systems}, journal = {IEEE Transactions on Cloud Computing}, year = {2022}, month = {9}, volume = {10}, number = {3}, pages = {1661-1674}, abstract = {In past years, cloud storage systems saw an enormous rise in usage. However, despite their popularity and importance as underlying infrastructure for more complex cloud services, today’s cloud storage systems do not account for compliance with regulatory, organizational, or contractual data handling requirements by design. Since legislation increasingly responds to rising data protection and privacy concerns, complying with data handling requirements becomes a crucial property for cloud storage systems. We present Prada , a practical approach to account for compliance with data handling requirements in key-value based cloud storage systems. To achieve this goal, Prada introduces a transparent data handling layer, which empowers clients to request specific data handling requirements and enables operators of cloud storage systems to comply with them. We implement Prada on top of the distributed database Cassandra and show in our evaluation that complying with data handling requirements in cloud storage systems is practical in real-world cloud deployments as used for microblogging, data sharing in the Internet of Things, and distributed email storage.}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-henze-tii-prada.pdf}, misc2 = {Online}, language = {en}, ISSN = {2168-7161}, DOI = {10.1109/TCC.2020.3000336}, reviewed = {1}, author = {Henze, Martin and Matzutt, Roman and Hiller, Jens and M{\"u}hmer, Erik and Ziegeldorf, Jan Henrik and van der Giet, Johannes and Wehrle, Klaus} } @Inproceedings { 2022_wagner_ccchain, title = {Scalable and Privacy-Focused Company-Centric Supply Chain Management}, year = {2022}, month = {5}, day = {4}, abstract = {Blockchain technology promises to overcome trust and privacy concerns inherent to centralized information sharing. However, current decentralized supply chain management systems do either not meet privacy and scalability requirements or require a trustworthy consortium, which is challenging for increasingly dynamic supply chains with constantly changing participants. In this paper, we propose CCChain, a scalable and privacy-aware supply chain management system that stores all information locally to give companies complete sovereignty over who accesses their data. Still, tamper protection of all data through a permissionless blockchain enables on-demand tracking and tracing of products as well as reliable information sharing while affording the detection of data inconsistencies. Our evaluation confirms that CCChain offers superior scalability in comparison to alternatives while also enabling near real-time tracking and tracing for many, less complex products.}, keywords = {supply chain management; blockchain; permissionless; deployment; tracing and tracking; privacy}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-wagner-ccchain.pdf}, publisher = {IEEE}, booktitle = {Proceedings of the 2022 IEEE International Conference on Blockchain and Cryptocurrency (ICBC '22), May 2-5, 2022, Shanghai, China}, event_place = {Shanghai, China}, event_date = {May 2-5, 2022}, ISBN = {978-1-6654-9538-7/22}, DOI = {10.1109/ICBC54727.2022.9805503}, reviewed = {1}, author = {Wagner, Eric and Matzutt, Roman and Pennekamp, Jan and Bader, Lennart and Bajelidze, Irakli and Wehrle, Klaus and Henze, Martin} } @Inproceedings { 2022_matzutt_redactchain, title = {A Moderation Framework for the Swift and Transparent Removal of Illicit Blockchain Content}, year = {2022}, month = {5}, day = {3}, abstract = {Blockchains gained tremendous attention for their capability to provide immutable and decentralized event ledgers that can facilitate interactions between mutually distrusting parties. However, precisely this immutability and the openness of permissionless blockchains raised concerns about the consequences of illicit content being irreversibly stored on them. Related work coined the notion of redactable blockchains, which allow for removing illicit content from their history without affecting the blockchain's integrity. While honest users can safely prune identified content, current approaches either create trust issues by empowering fixed third parties to rewrite history, cannot react quickly to reported content due to using lengthy public votings, or create large per-redaction overheads. In this paper, we instead propose to outsource redactions to small and periodically exchanged juries, whose members can only jointly redact transactions using chameleon hash functions and threshold cryptography. Multiple juries are active at the same time to swiftly redact reported content. They oversee their activities via a global redaction log, which provides transparency and allows for appealing and reversing a rogue jury's decisions. Hence, our approach establishes a framework for the swift and transparent moderation of blockchain content. Our evaluation shows that our moderation scheme can be realized with feasible per-block and per-redaction overheads, i.e., the redaction capabilities do not impede the blockchain's normal operation.}, keywords = {redactable blockchain; illicit content; chameleon hash functions; threshold cryptography}, tags = {mynedata; impact-digital; digital-campus}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-matzutt-redactchain.pdf}, publisher = {IEEE}, booktitle = {Proceedings of the 2022 IEEE International Conference on Blockchain and Cryptocurrency (ICBC '22), May 2-5, 2022, Shanghai, China}, event_place = {Shanghai, China}, event_date = {May 2-5, 2022}, ISBN = {978-1-6654-9538-7/22}, DOI = {10.1109/ICBC54727.2022.9805508}, reviewed = {1}, author = {Matzutt, Roman and Ahlrichs, Vincent and Pennekamp, Jan and Karwacik, Roman and Wehrle, Klaus} }