% % This file was created by the TYPO3 extension % bib % --- Timezone: UTC % Creation date: 2024-11-21 % Creation time: 13-13-56 % --- Number of references % 39 % @Inproceedings { 2024_lohmoeller_tee_datasharing, title = {Complementing Organizational Security in Data Ecosystems with Technical Guarantees}, year = {2024}, month = {12}, day = {19}, tags = {internet-of-production;health}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-lohmoeller-tee-data-sharing.pdf}, publisher = {IEEE}, booktitle = {Proceedings of the 1st Conference on Building a Secure and Empowered Cyberspace (BuildSEC '24), December 19-21, 2024, New Delhi, India}, event_place = {New Delhi, India}, event_name = {Building a Secure \& Empowered Cyberspace}, event_date = {December 19-21, 2024}, state = {accepted}, language = {en}, reviewed = {1}, author = {Lohm{\"o}ller, Johannes and Matzutt, Roman and Loos, Joscha and Vlad, Eduard and Pennekamp, Jan and Wehrle, Klaus} } @Article { 2024_lohmoeller_sovereignty-survey, title = {The Unresolved Need for Dependable Guarantees on Security, Sovereignty, and Trust in Data Ecosystems}, journal = {Data \& Knowledge Engineering}, year = {2024}, month = {5}, day = {1}, volume = {151}, abstract = {Data ecosystems emerged as a new paradigm to facilitate the automated and massive exchange of data from heterogeneous information sources between different stakeholders. However, the corresponding benefits come with unforeseen risks as sensitive information is potentially exposed, questioning their reliability. Consequently, data security is of utmost importance and, thus, a central requirement for successfully realizing data ecosystems. Academia has recognized this requirement, and current initiatives foster sovereign participation via a federated infrastructure where participants retain local control over what data they offer to whom. However, recent proposals place significant trust in remote infrastructure by implementing organizational security measures such as certification processes before the admission of a participant. At the same time, the data sensitivity incentivizes participants to bypass the organizational security measures to maximize their benefit. This issue significantly weakens security, sovereignty, and trust guarantees and highlights that organizational security measures are insufficient in this context. In this paper, we argue that data ecosystems must be extended with technical means to (re)establish dependable guarantees. We underpin this need with three representative use cases for data ecosystems, which cover personal, economic, and governmental data, and systematically map the lack of dependable guarantees in related work. To this end, we identify three enablers of dependable guarantees, namely trusted remote policy enforcement, verifiable data tracking, and integration of resource-constrained participants. These enablers are critical for securely implementing data ecosystems in data-sensitive contexts.}, keywords = {Data sharing; Confidentiality; Integrity protection; Data Markets; Distributed databases}, tags = {internet-of-production; coat-ers; vesitrust; health}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-lohmoeller-data-sovereignty-survey.pdf}, publisher = {Elsevier}, ISSN = {0169-023X}, DOI = {10.1016/j.datak.2024.102301}, reviewed = {1}, author = {Lohm{\"o}ller, Johannes and Pennekamp, Jan and Matzutt, Roman and Schneider, Carolin Victoria and Vlad, Eduard and Trautwein, Christian and Wehrle, Klaus} } @Incollection { 2024_pennekamp_blockchain-industry, title = {Blockchain Technology Accelerating Industry 4.0}, year = {2024}, month = {3}, day = {7}, volume = {105}, pages = {531-564}, abstract = {Competitive industrial environments impose significant requirements on data sharing as well as the accountability and verifiability of related processes. Here, blockchain technology emerges as a possible driver that satisfies demands even in settings with mutually distrustful stakeholders. We identify significant benefits achieved by blockchain technology for Industry 4.0 but also point out challenges and corresponding design options when applying blockchain technology in the industrial domain. Furthermore, we survey diverse industrial sectors to shed light on the current intersection between blockchain technology and industry, which provides the foundation for ongoing as well as upcoming research. As industrial blockchain applications are still in their infancy, we expect that new designs and concepts will develop gradually, creating both supporting tools and groundbreaking innovations.}, tags = {internet-of-production}, publisher = {Springer}, series = {Advances in Information Security}, chapter = {17}, booktitle = {Blockchains – A Handbook on Fundamentals, Platforms and Applications}, ISBN = {978-3-031-32145-0}, DOI = {10.1007/978-3-031-32146-7_17}, reviewed = {1}, author = {Pennekamp, Jan and Bader, Lennart and Wagner, Eric and Hiller, Jens and Matzutt, Roman and Wehrle, Klaus} } @Incollection { 2024_matzutt_blockchain-content, title = {Illicit Blockchain Content – Its Different Shapes, Consequences, and Remedies}, year = {2024}, month = {3}, day = {7}, volume = {105}, pages = {301-336}, abstract = {Augmenting public blockchains with arbitrary, nonfinancial content fuels novel applications that facilitate the interactions between mutually distrusting parties. However, new risks emerge at the same time when illegal content is added. This chapter thus provides a holistic overview of the risks of content insertion as well as proposed countermeasures. We first establish a simple framework for how content is added to the blockchain and subsequently distributed across the blockchain’s underlying peer-to-peer network. We then discuss technical as well as legal implications of this form of content distribution and give a systematic overview of basic methods and high-level services for inserting arbitrary blockchain content. Afterward, we assess to which extent these methods and services have been used in the past on the blockchains of Bitcoin Core, Bitcoin Cash, and Bitcoin SV, respectively. Based on this assessment of the current state of (unwanted) blockchain content, we discuss (a) countermeasures to mitigate its insertion, (b) how pruning blockchains relates to this issue, and (c) how strategically weakening the otherwise desired immutability of a blockchain allows for redacting objectionable content. We conclude this chapter by identifying future research directions in the domain of blockchain content insertion.}, keywords = {Blockchain content insertion; Illicit content; Pruning; Redaction}, publisher = {Springer}, series = {Advances in Information Security}, chapter = {10}, booktitle = {Blockchains – A Handbook on Fundamentals, Platforms and Applications}, ISBN = {978-3-031-32145-0}, DOI = {10.1007/978-3-031-32146-7_10}, reviewed = {1}, author = {Matzutt, Roman and Henze, Martin and M{\"u}llmann, Dirk and Wehrle, Klaus} } @Article { 2024_pennekamp_supply-chain-survey, title = {An Interdisciplinary Survey on Information Flows in Supply Chains}, journal = {ACM Computing Surveys}, year = {2024}, month = {2}, day = {1}, volume = {56}, number = {2}, abstract = {Supply chains form the backbone of modern economies and therefore require reliable information flows. In practice, however, supply chains face severe technical challenges, especially regarding security and privacy. In this work, we consolidate studies from supply chain management, information systems, and computer science from 2010--2021 in an interdisciplinary meta-survey to make this topic holistically accessible to interdisciplinary research. In particular, we identify a significant potential for computer scientists to remedy technical challenges and improve the robustness of information flows. We subsequently present a concise information flow-focused taxonomy for supply chains before discussing future research directions to provide possible entry points.}, keywords = {information flows; data communication; supply chain management; data security; data sharing; systematic literature review}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-pennekamp-supply-chain-survey.pdf}, publisher = {ACM}, ISSN = {0360-0300}, DOI = {10.1145/3606693}, reviewed = {1}, author = {Pennekamp, Jan and Matzutt, Roman and Klinkm{\"u}ller, Christopher and Bader, Lennart and Serror, Martin and Wagner, Eric and Malik, Sidra and Spi{\ss}, Maria and Rahn, Jessica and G{\"u}rpinar, Tan and Vlad, Eduard and Leemans, Sander J. J. and Kanhere, Salil S. and Stich, Volker and Wehrle, Klaus} } @Inproceedings { 2024-dahlmanns-fps, title = {Collectively Enhancing IoT Security: A Privacy-Aware Crowd-Sourcing Approach}, year = {2024}, volume = {14551}, abstract = {Security configurations remain challenging for trained administrators. Nowadays, due to the advent of the Internet of Things (IoT), untrained users operate numerous and heterogeneous Internet-facing services in manifold use case-specific scenarios. In this work, we close the growing gap between the complexity of IoT security configuration and the expertise of the affected users. To this end, we propose ColPSA, a platform for collective and privacy-aware security advice that allows users to optimize their configuration by exchanging information about what security can be realized given their IoT deployment and scenario.}, editor = {Mohamed Mosbah, Florence S{\`e}des, Nadia Tawbi, Toufik Ahmed, Nora Boulahia-Cuppens, Joaquin Garcia-Alfaro}, publisher = {Springer Cham}, series = {Lecture Notes in Computer Science}, booktitle = {Proceedings of the 16th International Symposium on Foundations and Practice of Security (FPS '23), December 11-13, 2023, Bordeaux, France}, event_place = {Bordeaux, France}, event_name = {International Symposium on Foundations and Practice of Security 2023 (FPS 23)}, event_date = {December 11-13, 2023}, DOI = {10.1007/978-3-031-57540-2_2}, reviewed = {1}, author = {Dahlmanns, Markus and Matzutt, Roman and Dax, Chris and Wehrle, Klaus} } @Inproceedings { 2023_matzutt_street_problems, title = {Poster: Accountable Processing of Reported Street Problems}, year = {2023}, month = {11}, day = {27}, pages = {3591-3593}, abstract = {Municipalities increasingly depend on citizens to file digital reports about issues such as potholes or illegal trash dumps to improve their response time. However, the responsible authorities may be incentivized to ignore certain reports, e.g., when addressing them inflicts high costs. In this work, we explore the applicability of blockchain technology to hold authorities accountable regarding filed reports. Our initial assessment indicates that our approach can be extended to benefit citizens and authorities in the future.}, keywords = {street problems; accountability; consortium blockchain; privacy}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-matzutt-street-problems.pdf}, publisher = {ACM}, booktitle = {Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security (CCS ’23), November 26-30, 2023, Copenhagen, Denmark}, event_place = {Copenhagen, Denmark}, event_date = {November 26-30, 2023}, ISBN = {979-8-4007-0050-7/23/11}, DOI = {10.1145/3576915.3624367}, reviewed = {1}, author = {Matzutt, Roman and Pennekamp, Jan and Wehrle, Klaus} } @Inproceedings { 2022_lohmoeller_sovereignty, title = {On the Need for Strong Sovereignty in Data Ecosystems}, year = {2022}, month = {9}, day = {5}, volume = {3306}, pages = {51-63}, abstract = {Data ecosystems are the foundation of emerging data-driven business models as they (i) enable an automated exchange between their participants and (ii) provide them with access to huge and heterogeneous data sources. However, the corresponding benefits come with unforeseen risks as also sensitive information is potentially exposed. Consequently, data security is of utmost importance and, thus, a central requirement for the successful implementation of these ecosystems. Current initiatives, such as IDS and GAIA-X, hence foster sovereign participation via a federated infrastructure where participants retain local control. However, these designs place significant trust in remote infrastructure by mostly implementing organizational security measures such as certification processes prior to admission of a participant. At the same time, due to the sensitive nature of involved data, participants are incentivized to bypass security measures to maximize their own benefit: In practice, this issue significantly weakens sovereignty guarantees. In this paper, we hence claim that data ecosystems must be extended with technical means to reestablish such guarantees. To underpin our position, we analyze promising building blocks and identify three core research directions toward stronger data sovereignty, namely trusted remote policy enforcement, verifiable data tracking, and integration of resource-constrained participants. We conclude that these directions are critical to securely implement data ecosystems in data-sensitive contexts.}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-lohmoeller-deco.pdf}, publisher = {CEUR Workshop Proceedings}, booktitle = {Proceedings of the 1st International Workshop on Data Ecosystems (DEco '22), co-located with the 48th International Conference on Very Large Databases (VLDB '22), September 5-9, 2022, Sydney, Australia,}, event_place = {Sydney, Australia}, event_name = {International Workshop on Data Ecosystems (DEco '22)}, event_date = {September 5, 2022}, ISSN = {1613-0073}, reviewed = {1}, author = {Lohm{\"o}ller, Johannes and Pennekamp, Jan and Matzutt, Roman and Wehrle, Klaus} } @Article { 2022-henze-tii-prada, title = {Complying with Data Handling Requirements in Cloud Storage Systems}, journal = {IEEE Transactions on Cloud Computing}, year = {2022}, month = {9}, volume = {10}, number = {3}, pages = {1661-1674}, abstract = {In past years, cloud storage systems saw an enormous rise in usage. However, despite their popularity and importance as underlying infrastructure for more complex cloud services, today’s cloud storage systems do not account for compliance with regulatory, organizational, or contractual data handling requirements by design. Since legislation increasingly responds to rising data protection and privacy concerns, complying with data handling requirements becomes a crucial property for cloud storage systems. We present Prada , a practical approach to account for compliance with data handling requirements in key-value based cloud storage systems. To achieve this goal, Prada introduces a transparent data handling layer, which empowers clients to request specific data handling requirements and enables operators of cloud storage systems to comply with them. We implement Prada on top of the distributed database Cassandra and show in our evaluation that complying with data handling requirements in cloud storage systems is practical in real-world cloud deployments as used for microblogging, data sharing in the Internet of Things, and distributed email storage.}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-henze-tii-prada.pdf}, misc2 = {Online}, language = {en}, ISSN = {2168-7161}, DOI = {10.1109/TCC.2020.3000336}, reviewed = {1}, author = {Henze, Martin and Matzutt, Roman and Hiller, Jens and M{\"u}hmer, Erik and Ziegeldorf, Jan Henrik and van der Giet, Johannes and Wehrle, Klaus} } @Inproceedings { 2022_wagner_ccchain, title = {Scalable and Privacy-Focused Company-Centric Supply Chain Management}, year = {2022}, month = {5}, day = {4}, abstract = {Blockchain technology promises to overcome trust and privacy concerns inherent to centralized information sharing. However, current decentralized supply chain management systems do either not meet privacy and scalability requirements or require a trustworthy consortium, which is challenging for increasingly dynamic supply chains with constantly changing participants. In this paper, we propose CCChain, a scalable and privacy-aware supply chain management system that stores all information locally to give companies complete sovereignty over who accesses their data. Still, tamper protection of all data through a permissionless blockchain enables on-demand tracking and tracing of products as well as reliable information sharing while affording the detection of data inconsistencies. Our evaluation confirms that CCChain offers superior scalability in comparison to alternatives while also enabling near real-time tracking and tracing for many, less complex products.}, keywords = {supply chain management; blockchain; permissionless; deployment; tracing and tracking; privacy}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-wagner-ccchain.pdf}, publisher = {IEEE}, booktitle = {Proceedings of the 2022 IEEE International Conference on Blockchain and Cryptocurrency (ICBC '22), May 2-5, 2022, Shanghai, China}, event_place = {Shanghai, China}, event_date = {May 2-5, 2022}, ISBN = {978-1-6654-9538-7/22}, DOI = {10.1109/ICBC54727.2022.9805503}, reviewed = {1}, author = {Wagner, Eric and Matzutt, Roman and Pennekamp, Jan and Bader, Lennart and Bajelidze, Irakli and Wehrle, Klaus and Henze, Martin} } @Inproceedings { 2022_matzutt_redactchain, title = {A Moderation Framework for the Swift and Transparent Removal of Illicit Blockchain Content}, year = {2022}, month = {5}, day = {3}, abstract = {Blockchains gained tremendous attention for their capability to provide immutable and decentralized event ledgers that can facilitate interactions between mutually distrusting parties. However, precisely this immutability and the openness of permissionless blockchains raised concerns about the consequences of illicit content being irreversibly stored on them. Related work coined the notion of redactable blockchains, which allow for removing illicit content from their history without affecting the blockchain's integrity. While honest users can safely prune identified content, current approaches either create trust issues by empowering fixed third parties to rewrite history, cannot react quickly to reported content due to using lengthy public votings, or create large per-redaction overheads. In this paper, we instead propose to outsource redactions to small and periodically exchanged juries, whose members can only jointly redact transactions using chameleon hash functions and threshold cryptography. Multiple juries are active at the same time to swiftly redact reported content. They oversee their activities via a global redaction log, which provides transparency and allows for appealing and reversing a rogue jury's decisions. Hence, our approach establishes a framework for the swift and transparent moderation of blockchain content. Our evaluation shows that our moderation scheme can be realized with feasible per-block and per-redaction overheads, i.e., the redaction capabilities do not impede the blockchain's normal operation.}, keywords = {redactable blockchain; illicit content; chameleon hash functions; threshold cryptography}, tags = {mynedata; impact-digital; digital-campus}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-matzutt-redactchain.pdf}, publisher = {IEEE}, booktitle = {Proceedings of the 2022 IEEE International Conference on Blockchain and Cryptocurrency (ICBC '22), May 2-5, 2022, Shanghai, China}, event_place = {Shanghai, China}, event_date = {May 2-5, 2022}, ISBN = {978-1-6654-9538-7/22}, DOI = {10.1109/ICBC54727.2022.9805508}, reviewed = {1}, author = {Matzutt, Roman and Ahlrichs, Vincent and Pennekamp, Jan and Karwacik, Roman and Wehrle, Klaus} } @Miscellaneous { 2021_munilla_garrido_differential_privacy, title = {Do I Get the Privacy I Need? Benchmarking Utility in Differential Privacy Libraries}, year = {2021}, month = {9}, day = {22}, abstract = {An increasing number of open-source libraries promise to bring differential privacy to practice, even for non-experts. This paper studies five libraries that offer differentially private analytics: Google DP, SmartNoise, diffprivlib, diffpriv, and Chorus. We compare these libraries qualitatively (capabilities, features, and maturity) and quantitatively (utility and scalability) across four analytics queries (count, sum, mean, and variance) executed on synthetic and real-world datasets. We conclude that these libraries provide similar utility (except in some notable scenarios). However, there are significant differences in the features provided, and we find that no single library excels in all areas. Based on our results, we provide guidance for practitioners to help in choosing a suitable library, guidance for library designers to enhance their software, and guidance for researchers on open challenges in differential privacy tools for non-experts.}, keywords = {Differential privacy,privacy-enhancing technology,scalability,recommendations}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-munilla-garrido-differential-privacy.pdf}, web_url = {https://arxiv.org/abs/2109.10789}, state = {submitted}, language = {English}, author = {Munilla Garrido, Gonzalo and Near, Joseph and Aitsam, Muhammad and He, Warren and Matzutt, Roman and Matthes, Florian} } @Article { 2021_pennekamp_accountable_manufacturing, title = {The Road to Accountable and Dependable Manufacturing}, journal = {Automation}, year = {2021}, month = {9}, day = {13}, volume = {2}, number = {3}, pages = {202-219}, abstract = {The Internet of Things provides manufacturing with rich data for increased automation. Beyond company-internal data exploitation, the sharing of product and manufacturing process data along and across supply chains enables more efficient production flows and product lifecycle management. Even more, data-based automation facilitates short-lived ad hoc collaborations, realizing highly dynamic business relationships for sustainable exploitation of production resources and capacities. However, the sharing and use of business data across manufacturers and with end customers add requirements on data accountability, verifiability, and reliability and needs to consider security and privacy demands. While research has already identified blockchain technology as a key technology to address these challenges, current solutions mainly evolve around logistics or focus on established business relationships instead of automated but highly dynamic collaborations that cannot draw upon long-term trust relationships. We identify three open research areas on the road to such a truly accountable and dependable manufacturing enabled by blockchain technology: blockchain-inherent challenges, scenario-driven challenges, and socio-economic challenges. Especially tackling the scenario-driven challenges, we discuss requirements and options for realizing a blockchain-based trustworthy information store and outline its use for automation to achieve a reliable sharing of product information, efficient and dependable collaboration, and dynamic distributed markets without requiring established long-term trust.}, keywords = {blockchain; supply chain management; Industry 4.0; manufacturing; secure industrial collaboration; scalability; Industrial Internet of Things; Internet of Production}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-pennekamp-manufacturing.pdf}, publisher = {MDPI}, ISSN = {2673-4052}, DOI = {10.3390/automation2030013}, reviewed = {1}, author = {Pennekamp, Jan and Matzutt, Roman and Kanhere, Salil S. and Hiller, Jens and Wehrle, Klaus} } @Article { 2021_matzutt_coinprune_v2, title = {CoinPrune: Shrinking Bitcoin's Blockchain Retrospectively}, journal = {IEEE Transactions on Network and Service Management}, year = {2021}, month = {9}, day = {10}, volume = {18}, number = {3}, pages = {3064-3078}, abstract = {Popular cryptocurrencies continue to face serious scalability issues due to their ever-growing blockchains. Thus, modern blockchain designs began to prune old blocks and rely on recent snapshots for their bootstrapping processes instead. Unfortunately, established systems are often considered incapable of adopting these improvements. In this work, we present CoinPrune, our block-pruning scheme with full Bitcoin compatibility, to revise this popular belief. CoinPrune bootstraps joining nodes via snapshots that are periodically created from Bitcoin's set of unspent transaction outputs (UTXO set). Our scheme establishes trust in these snapshots by relying on CoinPrune-supporting miners to mutually reaffirm a snapshot's correctness on the blockchain. This way, snapshots remain trustworthy even if adversaries attempt to tamper with them. Our scheme maintains its retrospective deployability by relying on positive feedback only, i.e., blocks containing invalid reaffirmations are not rejected, but invalid reaffirmations are outpaced by the benign ones created by an honest majority among CoinPrune-supporting miners. Already today, CoinPrune reduces the storage requirements for Bitcoin nodes by two orders of magnitude, as joining nodes need to fetch and process only 6 GiB instead of 271 GiB of data in our evaluation, reducing the synchronization time of powerful devices from currently 7 h to 51 min, with even larger potential drops for less powerful devices. CoinPrune is further aware of higher-level application data, i.e., it conserves otherwise pruned application data and allows nodes to obfuscate objectionable and potentially illegal blockchain content from their UTXO set and the snapshots they distribute.}, keywords = {blockchain; block pruning; synchronization; bootstrapping; scalability; velvet fork; Bitcoin}, tags = {mynedata; impact_digital; digital_campus}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-matzutt-coinprune-v2.pdf}, language = {English}, ISSN = {1932-4537}, DOI = {10.1109/TNSM.2021.3073270}, reviewed = {1}, author = {Matzutt, Roman and Kalde, Benedikt and Pennekamp, Jan and Drichel, Arthur and Henze, Martin and Wehrle, Klaus} } @Article { 2021_bader_privaccichain, title = {Blockchain-Based Privacy Preservation for Supply Chains Supporting Lightweight Multi-Hop Information Accountability}, journal = {Information Processing \& Management}, year = {2021}, month = {5}, day = {1}, volume = {58}, number = {3}, abstract = {The benefits of information sharing along supply chains are well known for improving productivity and reducing costs. However, with the shift towards more dynamic and flexible supply chains, privacy concerns severely challenge the required information retrieval. A lack of trust between the different involved stakeholders inhibits advanced, multi-hop information flows, as valuable information for tracking and tracing products and parts is either unavailable or only retained locally. Our extensive literature review of previous approaches shows that these needs for cross-company information retrieval are widely acknowledged, but related work currently only addresses them insufficiently. To overcome these concerns, we present PrivAccIChain, a secure, privacy-preserving architecture for improving the multi-hop information retrieval with stakeholder accountability along supply chains. To address use case-specific needs, we particularly introduce an adaptable configuration of transparency and data privacy within our design. Hence, we enable the benefits of information sharing as well as multi-hop tracking and tracing even in supply chains that include mutually distrusting stakeholders. We evaluate the performance of PrivAccIChain and demonstrate its real-world feasibility based on the information of a purchasable automobile, the e.GO Life. We further conduct an in-depth security analysis and propose tunable mitigations against common attacks. As such, we attest PrivAccIChain's practicability for information management even in complex supply chains with flexible and dynamic business relationships.}, keywords = {multi-hop collaboration; tracking and tracing; Internet of Production; e.GO; attribute-based encryption}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-bader-ipm-privaccichain.pdf}, publisher = {Elsevier}, ISSN = {0306-4573}, DOI = {10.1016/j.ipm.2021.102529}, reviewed = {1}, author = {Bader, Lennart and Pennekamp, Jan and Matzutt, Roman and Hedderich, David and Kowalski, Markus and Lücken, Volker and Wehrle, Klaus} } @Article { 2021_schomakers_insights, title = {Insights on Data Sensitivity from the Technical, Legal and the Users' Perspectives}, journal = {Computer Law Review International}, year = {2021}, month = {2}, day = {15}, volume = {22}, number = {1}, pages = {8-15}, abstract = {Social media, cloud computing, and the Internet of Things connect people around the globe, offering manifold benefits. However, the technological advances and increased user participation generate novel challenges for users' privacy. From the users' perspective, the consequences of data disclosure depend on the perceived sensitivity of that data. But in light of the new technological opportunities to process and combine data, it is questionable whether users can adequately evaluate risks of data disclosures. As mediating authority, data protection laws such as the European General Data Protection Regulation try to protect user data, granting enhanced protection to ''special categories'' of data. This article assesses the legal, technological, and users' perspectives on information sensitivity and their interplay. Technologically, all data can be referred to as ''potentially sensitive.'' The legal and users' perspective on information sensitivity deviate from this standpoint, as some data types are granted special protection by law but are not perceived as very sensitive by users and vice versa. The key findings here suggest the GDPR adequately protecting users' privacy but for small adjustments.}, tags = {Information Sensitivity, Privacy, European Data Protection Law}, ISSN = {1610-7608}, DOI = {10.9785/cri-2021-220103}, reviewed = {1}, author = {Schomakers, Eva-Maria and Lidynia, Chantal and M{\"u}llmann, Dirk and Matzutt, Roman and Wehrle, Klaus and Spiecker gen. D{\"o}hmann, Indra and Ziefle, Martina} } @Inproceedings { 2019_rut_schomakers_privacy, title = {Putting Privacy into Perspective -- Comparing Technical, Legal, and Users' View of Information Sensitivity}, year = {2021}, month = {1}, day = {27}, pages = {857-870}, abstract = {Social media, cloud computing, and the Internet of Things connect people around the globe, offering manifold benefits. However, the technological advances and increased user participation generate novel challenges for users' privacy. From the users' perspective, the consequences of data disclosure depend on the perceived sensitivity of that data. But in light of the new technological opportunities to process and combine data, it is questionable whether users can adequately evaluate risks of data disclosures. As mediating authority, data protection laws such as the European General Data Protection Regulation try to protect user data, granting enhanced protection to ''special categories'' of data. In this paper, we assess the legal, technological, and users' perspectives on information sensitivity and their interplay. Technologically, all data can be referred to as ''potentially sensitive.'' The legal and users' perspective on information sensitivity deviate from this standpoint, as some data types are granted special protection by law but are not perceived as very sensitive by users and vice versa. Our key findings still suggest the GDPR adequately protecting users' privacy but for small adjustments.}, keywords = {Information Sensitivity,Privacy,European Data Protection Law}, tags = {mynedata}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-schomakers-3perspectives.pdf}, web_url = {https://dl.gi.de/handle/20.500.12116/34788}, web_url2 = {https://arxiv.org/abs/1911.06569}, publisher = {Gesellschaft f{\"u}r Informatik}, address = {Bonn}, booktitle = {INFORMATIK 2020}, event_place = {Karlsruhe, Germany}, event_name = {INFORMATIK 2020}, event_date = {2020-09-28 to 2020-10-01}, language = {English}, DOI = {10.18420/inf2020_76}, reviewed = {1}, author = {Schomakers, Eva-Maria and Lidynia, Chantal and M{\"u}llmann, Dirk and Matzutt, Roman and Wehrle, Klaus and Spiecker gen. D{\"o}hmann, Indra and Ziefle, Martina} } @Inproceedings { 2020_matzutt_anonboot, title = {Utilizing Public Blockchains for the Sybil-Resistant Bootstrapping of Distributed Anonymity Services}, year = {2020}, month = {10}, day = {7}, pages = {531-542}, abstract = {Distributed anonymity services, such as onion routing networks or cryptocurrency tumblers, promise privacy protection without trusted third parties. While the security of these services is often well-researched, security implications of their required bootstrapping processes are usually neglected: Users either jointly conduct the anonymization themselves, or they need to rely on a set of non-colluding privacy peers. However, the typically small number of privacy peers enable single adversaries to mimic distributed services. We thus present AnonBoot, a Sybil-resistant medium to securely bootstrap distributed anonymity services via public blockchains. AnonBoot enforces that peers periodically create a small proof of work to refresh their eligibility for providing secure anonymity services. A pseudo-random, locally replicable bootstrapping process using on-chain entropy then prevents biasing the election of eligible peers. Our evaluation using Bitcoin as AnonBoot's underlying blockchain shows its feasibility to maintain a trustworthy repository of 1000 peers with only a small storage footprint while supporting arbitrarily large user bases on top of most blockchains.}, keywords = {anonymization; bootstrapping; public blockchain; Sybil attack; anonymity network; cryptocurrency tumbler; Bitcoin; Tor}, tags = {impact_digital; digital_campus}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-matzutt-anonboot.pdf}, publisher = {ACM}, booktitle = {Proceedings of the 15th ACM ASIA Conference on Computer and Communications Security (ASIACCS '20), October 5-9, 2020, Taipei, Taiwan}, event_place = {Taipei, Taiwan}, event_name = {ASIACCS 2020}, event_date = {October 5-9, 2020}, ISBN = {978-1-4503-6750-9/20/10}, DOI = {10.1145/3320269.3384729}, reviewed = {1}, author = {Matzutt, Roman and Pennekamp, Jan and Buchholz, Erik and Wehrle, Klaus} } @Inproceedings { 2020_pennekamp_supply_chain_sensing, title = {Secure End-to-End Sensing in Supply Chains}, year = {2020}, month = {7}, day = {1}, abstract = {Trust along digitalized supply chains is challenged by the aspect that monitoring equipment may not be trustworthy or unreliable as respective measurements originate from potentially untrusted parties. To allow for dynamic relationships along supply chains, we propose a blockchain-backed supply chain monitoring architecture relying on trusted hardware. Our design provides a notion of secure end-to-end sensing of interactions even when originating from untrusted surroundings. Due to attested checkpointing, we can identify misinformation early on and reliably pinpoint the origin. A blockchain enables long-term verifiability for all (now trustworthy) IoT data within our system even if issues are detected only after the fact. Our feasibility study and cost analysis further show that our design is indeed deployable in and applicable to today's supply chain settings.}, keywords = {supply chain; trusted computing; trusted execution; blockchain; Internet of Production; condition monitoring}, tags = {internet-of-production}, url = {https://comsys.rwth-aachen.de/fileadmin/papers/2020/2020-pennekamp-supply-chain-sensing.pdf}, publisher = {IEEE}, booktitle = {Proceedings of the 5th International Workshop on Cyber-Physical Systems Security (CPS-Sec '20), co-located with the 8th IEEE Conference on Communications and Network Security (CNS '20), June 29-July 1, 2020, Avignon, France}, event_place = {Avignon, France}, event_date = {June 29-July 1, 2020}, ISBN = {978-1-7281-4760-4}, DOI = {10.1109/CNS48642.2020.9162337}, reviewed = {1}, author = {Pennekamp, Jan and Alder, Fritz and Matzutt, Roman and M{\"u}hlberg, Jan Tobias and Piessens, Frank and Wehrle, Klaus} } @Inproceedings { 2020_matzutt_coinprune, title = {How to Securely Prune Bitcoin’s Blockchain}, year = {2020}, month = {6}, day = {24}, pages = {298-306}, abstract = {Bitcoin was the first successful decentralized cryptocurrency and remains the most popular of its kind to this day. Despite the benefits of its blockchain, Bitcoin still faces serious scalability issues, most importantly its ever-increasing blockchain size. While alternative designs introduced schemes to periodically create snapshots and thereafter prune older blocks, already-deployed systems such as Bitcoin are often considered incapable of adopting corresponding approaches. In this work, we revise this popular belief and present CoinPrune, a snapshot-based pruning scheme that is fully compatible with Bitcoin. CoinPrune can be deployed through an opt-in velvet fork, i.e., without impeding the established Bitcoin network. By requiring miners to publicly announce and jointly reaffirm recent snapshots on the blockchain, CoinPrune establishes trust into the snapshots' correctness even in the presence of powerful adversaries. Our evaluation shows that CoinPrune reduces the storage requirements of Bitcoin already by two orders of magnitude today, with further relative savings as the blockchain grows. In our experiments, nodes only have to fetch and process 5 GiB instead of 230 GiB of data when joining the network, reducing the synchronization time on powerful devices from currently 5 h to 46 min, with even more savings for less powerful devices.}, keywords = {blockchain; block pruning; synchronization; bootstrapping; scalability; velvet fork; Bitcoin}, tags = {mynedata; impact_digital; digital_campus}, url = {https://comsys.rwth-aachen.de/fileadmin/papers/2020/2020-matzutt-coinprune.pdf}, web_url = {https://coinprune.comsys.rwth-aachen.de}, publisher = {IEEE}, booktitle = {Proceedings of the 19th IFIP Networking 2020 Conference (NETWORKING '20), June 22-26, 2020, Paris, France}, event_place = {Paris, France}, event_name = {NETWORKING 2020}, event_date = {June 22-26, 2020}, ISBN = {978-3-903176-28-7}, reviewed = {1}, author = {Matzutt, Roman and Kalde, Benedikt and Pennekamp, Jan and Drichel, Arthur and Henze, Martin and Wehrle, Klaus} } @Inproceedings { 2020_pennekamp_supply_chain_accountability, title = {Private Multi-Hop Accountability for Supply Chains}, year = {2020}, month = {6}, day = {7}, abstract = {Today's supply chains are becoming increasingly flexible in nature. While adaptability is vastly increased, these more dynamic associations necessitate more extensive data sharing among different stakeholders while simultaneously overturning previously established levels of trust. Hence, manufacturers' demand to track goods and to investigate root causes of issues across their supply chains becomes more challenging to satisfy within these now untrusted environments. Complementarily, suppliers need to keep any data irrelevant to such routine checks secret to remain competitive. To bridge the needs of contractors and suppliers in increasingly flexible supply chains, we thus propose to establish a privacy-preserving and distributed multi-hop accountability log among the involved stakeholders based on Attribute-based Encryption and backed by a blockchain. Our large-scale feasibility study is motivated by a real-world manufacturing process, i.e., a fine blanking line, and reveals only modest costs for multi-hop tracing and tracking of goods.}, keywords = {supply chain; multi-hop tracking and tracing; blockchain; attribute-based encryption; Internet of Production}, tags = {internet-of-production}, url = {https://comsys.rwth-aachen.de/fileadmin/papers/2020/2020-pennekamp-supply-chain-privacy.pdf}, publisher = {IEEE}, booktitle = {Proceedings of the 2020 IEEE International Conference on Communications Workshops (ICC Workshops '20), 1st Workshop on Blockchain for IoT and Cyber-Physical Systems (BIoTCPS '20), June 7-11, 2020, Dublin, Ireland}, event_place = {Dublin, Ireland}, event_date = {June 7-11, 2020}, ISBN = {978-1-7281-7440-2}, ISSN = {2474-9133}, DOI = {10.1109/ICCWorkshops49005.2020.9145100}, reviewed = {1}, author = {Pennekamp, Jan and Bader, Lennart and Matzutt, Roman and Niemietz, Philipp and Trauth, Daniel and Henze, Martin and Bergs, Thomas and Wehrle, Klaus} } @Inproceedings { 2020_matzutt_coralis, title = {A Secure and Practical Decentralized Ecosystem for Shareable Education Material}, year = {2020}, month = {1}, day = {7}, pages = {529-534}, abstract = {Traditionally, the university landscape is highly federated, which hinders potentials for coordinated collaborations. While the lack of a strict hierarchy on the inter-university level is critical for ensuring free research and higher education, this concurrency limits the access to high-quality education materials. Especially regarding resources such as lecture notes or exercise tasks we observe a high susceptibility to redundant work and lacking quality assessment of material created in isolation by individual university institutes. To remedy this situation, in this paper we propose CORALIS, a decentralized marketplace for offering, acquiring, discussing, and improving education resources across university borders. Our design is based on a permissioned blockchain to (a) realize accountable access control via simple on-chain license terms, (b) trace the evolution of encrypted containers accumulating bundles of shareable education resources, and (c) record user comments and ratings for further improving the quality of offered education material.}, keywords = {blockchain platform; permissioned blockchain; education material; quality assessment; collaborative work}, tags = {impact_digital}, url = {https://comsys.rwth-aachen.de/fileadmin/papers/2020/2020-matzutt-coralis.pdf}, publisher = {IEEE}, booktitle = {Proceedings of the 34th International Conference on Information Networking (ICOIN '20), January 7-10, 2020, Barcelona, Spain}, event_place = {Barcelona, Spain}, event_date = {January 7-10, 2020}, ISBN = {978-1-7281-4199-2}, DOI = {10.1109/ICOIN48656.2020.9016478}, reviewed = {1}, author = {Matzutt, Roman and Pennekamp, Jan and Wehrle, Klaus} } @Inproceedings { 2019-dahlmanns-icnp-knowledgeSystem, title = {Privacy-Preserving Remote Knowledge System}, year = {2019}, month = {10}, day = {7}, abstract = {More and more traditional services, such as malware detectors or collaboration services in industrial scenarios, move to the cloud. However, this behavior poses a risk for the privacy of clients since these services are able to generate profiles containing very sensitive information, e.g., vulnerability information or collaboration partners. Hence, a rising need for protocols that enable clients to obtain knowledge without revealing their requests exists. To address this issue, we propose a protocol that enables clients (i) to query large cloud-based knowledge systems in a privacy-preserving manner using Private Set Intersection and (ii) to subsequently obtain individual knowledge items without leaking the client’s requests via few Oblivious Transfers. With our preliminary design, we allow clients to save a significant amount of time in comparison to performing Oblivious Transfers only.}, note = {Poster Session}, keywords = {private query protocol; knowledge system; remote knowledge; private set intersection; oblivious transfer}, tags = {kimusin; internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-dahlmanns-knowledge-system.pdf}, publisher = {IEEE}, booktitle = {Proceedings of the 27th IEEE International Conference on Network Protocols (ICNP '19), October 7-10, 2019, Chicago, IL, USA}, event_place = {Chicago, IL, USA}, event_name = {27th IEEE International Conference on Network Protocols (ICNP 2019)}, event_date = {7-10. Oct. 2019}, ISBN = {978-1-7281-2700-2}, ISSN = {2643-3303}, DOI = {10.1109/ICNP.2019.8888121}, reviewed = {1}, author = {Dahlmanns, Markus and Dax, Chris and Matzutt, Roman and Pennekamp, Jan and Hiller, Jens and Wehrle, Klaus} } @Inproceedings { 2019_wagner_dispute_resolution, title = {Dispute Resolution for Smart Contract-based Two Party Protocols}, year = {2019}, month = {5}, abstract = {Blockchain systems promise to mediate interactions of mutually distrusting parties without a trusted third party. However, protocols with full smart contract-based security are either limited in functionality or complex, with high costs for secured interactions. This observation leads to the development of protocol-specific schemes to avoid costly dispute resolution in case all participants remain honest. In this paper, we introduce SmartJudge, an extensible generalization of this trend for smart contract-based two-party protocols. SmartJudge relies on a protocol-independent mediator smart contract that moderates two-party interactions and only consults protocol-specific verifier smart contracts in case of a dispute. This way, SmartJudge avoids verification costs in absence of disputes and sustains interaction confidentiality among honest parties. We implement verifier smart contracts for cross-blockchain trades and exchanging digital goods and show that SmartJudge can reduce costs by 46-50\% and 22\% over current state of the art, respectively.}, keywords = {Ethereum,Bitcoin,smart contracts,two-party protocols,dispute resolution,cross-blockchain trades}, tags = {mynedata, impact-digital, rfc}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-wagner-dispute.pdf}, publisher = {IEEE}, booktitle = {IEEE International Conference on Blockchain and Cryptocurrency 2019 (ICBC 2019)}, event_place = {Seoul, South Korea}, event_name = {IEEE International Conference on Blockchain and Cryptocurrency 2019}, language = {English}, DOI = {10.1109/BLOC.2019.8751312}, reviewed = {1}, author = {Wagner, Eric and V{\"o}lker, Achim and Fuhrmann, Frederik and Matzutt, Roman and Wehrle, Klaus} } @Inproceedings { 2018-bader-ethereum-car-insurance, title = {Smart Contract-based Car Insurance Policies}, year = {2018}, month = {12}, day = {9}, tags = {mynedata, internet-of-production, rfc}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2018/2018-bader-ethereum-car-insurance.pdf}, web_url = {https://ieeexplore.ieee.org/document/8644136}, publisher = {IEEE}, booktitle = {2018 IEEE Globecom Workshops (GC Wkshps)}, event_place = {Abu Dhabi, United Arab Emirates}, event_name = {1st International Workshop on Blockchain in IoT, co-located with IEEE Globecom 2018}, event_date = {2018-12-09}, DOI = {10.1109/GLOCOMW.2018.8644136}, reviewed = {1}, author = {Bader, Lennart and B{\"u}rger, Jens Christoph and Matzutt, Roman and Wehrle, Klaus} } @Inproceedings { 2018-matzutt-bitcoin-content-countermeasures, title = {Thwarting Unwanted Blockchain Content Insertion}, year = {2018}, month = {4}, day = {17}, pages = {364-370}, abstract = {Since the introduction of Bitcoin in 2008, blockchain systems have seen an enormous increase in adoption. By providing a persistent, distributed, and append-only ledger, blockchains enable numerous applications such as distributed consensus, robustness against equivocation, and smart contracts. However, recent studies show that blockchain systems such as Bitcoin can be (mis)used to store arbitrary content. This has already been used to store arguably objectionable content on Bitcoin's blockchain. Already single instances of clearly objectionable or even illegal content can put the whole system at risk by making its node operators culpable. To overcome this imminent risk, we survey and discuss the design space of countermeasures against the insertion of such objectionable content. Our analysis shows a wide spectrum of potential countermeasures, which are often combinable for increased efficiency. First, we investigate special-purpose content detectors as an ad hoc mitigation. As they turn out to be easily evadable, we also investigate content-agnostic countermeasures. We find that mandatory minimum fees as well as mitigation of transaction manipulability via identifier commitments significantly raise the bar for inserting harmful content into a blockchain.}, keywords = {Bitcoin,blockchain,security,objectionable content,countermeasure}, tags = {mynedata,iop}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2018/2018-matzutt-blockchain-contents-countermeasures.pdf}, web_url = {https://ieeexplore.ieee.org/document/8360355}, publisher = {IEEE}, booktitle = {Proceedings of the First IEEE Workshop on Blockchain Technologies and Applications (BTA), co-located with the IEEE International Conference on Cloud Engineering 2018 (IC2E 2018)}, event_place = {Orlando, Florida, USA}, event_name = {First IEEE Workshop on Blockchain Technologies and Applications (BTA)}, event_date = {2018-04-17}, language = {English}, ISBN = {978-1-5386-5008-0}, DOI = {10.1109/IC2E.2018.00070}, reviewed = {1}, author = {Matzutt, Roman and Henze, Martin and Ziegeldorf, Jan Henrik and Hiller, Jens and Wehrle, Klaus} } @Article { 2016-fgcs-ziegeldorf-bitcoin, title = {Secure and anonymous decentralized Bitcoin mixing}, journal = {Future Generation Computer Systems}, year = {2018}, month = {3}, volume = {80}, pages = {448-466}, keywords = {Pseudonymity, anonymity, and untraceability}, tags = {rfc}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2018/2018-ziegeldorf-fgcs-bitcoin.pdf}, misc2 = {Online}, publisher = {Elsevier}, language = {en}, ISSN = {0167-739X}, DOI = {10.1016/j.future.2016.05.018}, reviewed = {1}, author = {Ziegeldorf, Jan Henrik and Matzutt, Roman and Henze, Martin and Grossmann, Fred and Wehrle, Klaus} } @Inproceedings { 2018-matzutt-bitcoin-content, title = {A Quantitative Analysis of the Impact of Arbitrary Blockchain Content on Bitcoin}, year = {2018}, month = {2}, day = {26}, abstract = {Blockchains primarily enable credible accounting of digital events, e.g., money transfers in cryptocurrencies. However, beyond this original purpose, blockchains also irrevocably record arbitrary data, ranging from short messages to pictures. This does not come without risk for users as each participant has to locally replicate the complete blockchain, particularly including potentially harmful content. We provide the first systematic analysis of the benefits and threats of arbitrary blockchain content. Our analysis shows that certain content, e.g., illegal pornography, can render the mere possession of a blockchain illegal. Based on these insights, we conduct a thorough quantitative and qualitative analysis of unintended content on Bitcoin's blockchain. Although most data originates from benign extensions to Bitcoin's protocol, our analysis reveals more than 1600 files on the blockchain, over 99\% of which are texts or images. Among these files there is clearly objectionable content such as links to child pornography, which is distributed to all Bitcoin participants. With our analysis, we thus highlight the importance for future blockchain designs to address the possibility of unintended data insertion and protect blockchain users accordingly.}, tags = {mynedata}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2018/2018_matzutt_bitcoin-contents_preproceedings-version.pdf}, web_url_date = {2018-01-07}, misc2 = {Online}, publisher = {Springer}, booktitle = {Proceedings of the 22nd International Conference on Financial Cryptography and Data Security (FC), Nieuwpoort, Cura\c{c}ao}, event_place = {Nieuwpoort, Cura\c{c}ao}, event_name = {Financial Cryptography and Data Security 2018}, language = {en}, DOI = {10.1007/978-3-662-58387-6_23}, reviewed = {1}, author = {Matzutt, Roman and Hiller, Jens and Henze, Martin and Ziegeldorf, Jan Henrik and M{\"u}llmann, Dirk and Hohlfeld, Oliver and Wehrle, Klaus} } @Incollection { 2017-cps-henze-network, title = {Network Security and Privacy for Cyber-Physical Systems}, year = {2017}, month = {11}, day = {13}, pages = {25-56}, tags = {sensorcloud,ipacs}, editor = {Song, Houbing and Fink, Glenn A. and Jeschke, Sabina}, publisher = {Wiley-IEEE Press}, edition = {First}, chapter = {2}, booktitle = {Security and Privacy in Cyber-Physical Systems: Foundations, Principles and Applications}, language = {en}, ISBN = {978-1-119-22604-8}, DOI = {10.1002/9781119226079.ch2}, reviewed = {1}, author = {Henze, Martin and Hiller, Jens and Hummen, Ren{\'e} and Matzutt, Roman and Wehrle, Klaus and Ziegeldorf, Jan Henrik} } @Inproceedings { 2017-henze-trustcom-dcam, title = {Distributed Configuration, Authorization and Management in the Cloud-based Internet of Things}, year = {2017}, month = {8}, day = {1}, pages = {185-192}, tags = {sscilops, ipacs}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-henze-trustcom-dcam.pdf}, misc2 = {Online}, publisher = {IEEE}, booktitle = {Proceedings of the 16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom), Sydney, NSW, Australia}, language = {en}, ISBN = {978-1-5090-4905-9}, ISSN = {2324-9013}, DOI = {10.1109/Trustcom/BigDataSE/ICESS.2017.236}, reviewed = {1}, author = {Henze, Martin and Wolters, Benedikt and Matzutt, Roman and Zimmermann, Torsten and Wehrle, Klaus} } @Article { 2017-ziegeldorf-bmcmedgenomics-bloom, title = {BLOOM: BLoom filter based Oblivious Outsourced Matchings}, journal = {BMC Medical Genomics}, year = {2017}, month = {7}, day = {26}, volume = {10}, number = {Suppl 2}, pages = {29-42}, abstract = {Whole genome sequencing has become fast, accurate, and cheap, paving the way towards the large-scale collection and processing of human genome data. Unfortunately, this dawning genome era does not only promise tremendous advances in biomedical research but also causes unprecedented privacy risks for the many. Handling storage and processing of large genome datasets through cloud services greatly aggravates these concerns. Current research efforts thus investigate the use of strong cryptographic methods and protocols to implement privacy-preserving genomic computations. We propose FHE-Bloom and PHE-Bloom, two efficient approaches for genetic disease testing using homomorphically encrypted Bloom filters. Both approaches allow the data owner to securely outsource storage and computation to an untrusted cloud. FHE-Bloom is fully secure in the semi-honest model while PHE-Bloom slightly relaxes security guarantees in a trade-off for highly improved performance. We implement and evaluate both approaches on a large dataset of up to 50 patient genomes each with up to 1000000 variations (single nucleotide polymorphisms). For both implementations, overheads scale linearly in the number of patients and variations, while PHE-Bloom is faster by at least three orders of magnitude. For example, testing disease susceptibility of 50 patients with 100000 variations requires only a total of 308.31 s (\(\sigma\)=8.73 s) with our first approach and a mere 0.07 s (\(\sigma\)=0.00 s) with the second. We additionally discuss security guarantees of both approaches and their limitations as well as possible extensions towards more complex query types, e.g., fuzzy or range queries. Both approaches handle practical problem sizes efficiently and are easily parallelized to scale with the elastic resources available in the cloud. The fully homomorphic scheme, FHE-Bloom, realizes a comprehensive outsourcing to the cloud, while the partially homomorphic scheme, PHE-Bloom, trades a slight relaxation of security guarantees against performance improvements by at least three orders of magnitude.}, note = {Proceedings of the 5th iDASH Privacy and Security Workshop 2016}, keywords = {Secure outsourcing; Homomorphic encryption; Bloom filters}, tags = {sscilops;mynedata;rfc;health}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-ziegeldorf-bmcmedgenomics-bloom.pdf}, misc2 = {Online}, publisher = {BioMed Central}, event_place = {Chicago, IL, USA}, event_date = {November 11, 2016}, language = {en}, ISSN = {1755-8794}, DOI = {10.1186/s12920-017-0277-y}, reviewed = {1}, author = {Ziegeldorf, Jan Henrik and Pennekamp, Jan and Hellmanns, David and Schwinger, Felix and Kunze, Ike and Henze, Martin and Hiller, Jens and Matzutt, Roman and Wehrle, Klaus} } @Inproceedings { 2017-henze-ic2e-prada, title = {Practical Data Compliance for Cloud Storage}, year = {2017}, month = {4}, day = {4}, pages = {252-258}, tags = {ssiclops, ipacs}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-henze-ic2e-prada.pdf}, misc2 = {Online}, publisher = {IEEE}, booktitle = {Proceedings of the 2017 IEEE International Conference on Cloud Engineering (IC2E 2017), Vancouver, BC, Canada}, language = {en}, ISBN = {978-1-5090-5817-4}, DOI = {10.1109/IC2E.2017.32}, reviewed = {1}, author = {Henze, Martin and Matzutt, Roman and Hiller, Jens and M{\"u}hmer, Erik and Ziegeldorf, Jan Henrik and van der Giet, Johannes and Wehrle, Klaus} } @Inproceedings { 2017-matzutt-mynedata, title = {myneData: Towards a Trusted and User-controlled Ecosystem for Sharing Personal Data}, year = {2017}, pages = {1073-1084}, abstract = {Personal user data is collected and processed at large scale by a handful of big providers of Internet services. This is detrimental to users, who often do not understand the privacy implications of this data collection, as well as to small parties interested in gaining insights from this data pool, e.g., research groups or small and middle-sized enterprises. To remedy this situation, we propose a transparent and user-controlled data market in which users can directly and consensually share their personal data with interested parties for monetary compensation. We define a simple model for such an ecosystem and identify pressing challenges arising within this model with respect to the user and data processor demands, legal obligations, and technological limits. We propose myneData as a conceptual architecture for a trusted online platform to overcome these challenges. Our work provides an initial investigation of the resulting myneData ecosystem as a foundation to subsequently realize our envisioned data market via the myneData platform.}, note = {Presentation slides are in German}, keywords = {Personal User Data, Personal Information Management, Data Protection Laws, Privacy Enhancing Technologies, Platform Design, Profiling}, tags = {mynedata_show}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-matzutt-informatik-mynedata.pdf}, web_url = {https://www.comsys.rwth-aachen.de/fileadmin/misc/mynedata/talks/2017-matzutt-informatik-mynedata-presentation.pdf}, web_url_date = {Presentation slides}, editor = {Eibl, Maximilian and Gaedke, Martin}, publisher = {Gesellschaft f{\"u}r Informatik, Bonn}, booktitle = {INFORMATIK 2017}, event_place = {Chemnitz}, event_name = {INFORMATIK 2017}, event_date = {2017-09-28}, language = {English}, ISBN = {978-3-88579-669-5}, ISSN = {1617-5468}, DOI = {10.18420/in2017_109}, reviewed = {1}, author = {Matzutt, Roman and M{\"u}llmann, Dirk and Zeissig, Eva-Maria and Horst, Christiane and Kasugai, Kai and Lidynia, Sean and Wieninger, Simon and Ziegeldorf, Jan Henrik and Gudergan, Gerhard and Spiecker gen. D{\"o}hmann, Indra and Wehrle, Klaus and Ziefle, Martina} } @Inproceedings { 2016-matzutt-ccs-bitcoin, title = {POSTER: I Don't Want That Content! On the Risks of Exploiting Bitcoin's Blockchain as a Content Store}, year = {2016}, month = {10}, day = {24}, pages = {1769-1771}, tags = {mynedata}, url = {/fileadmin/papers/2016/2016-matzutt-ccs-blockchaincontent.pdf}, misc2 = {Online}, publisher = {ACM}, booktitle = {Proceedings of the 23rd ACM Conference on Computer and Communications Security (CCS), Vienna, Austria}, language = {en}, ISBN = {978-1-4503-4139-4}, DOI = {10.1145/2976749.2989059}, reviewed = {1}, author = {Matzutt, Roman and Hohlfeld, Oliver and Henze, Martin and Rawiel, Robin and Ziegeldorf, Jan Henrik and Wehrle, Klaus} } @Techreport { 2016-henze-aib-sensorcloud, title = {The SensorCloud Protocol: Securely Outsourcing Sensor Data to the Cloud}, year = {2016}, month = {7}, day = {11}, number = {AIB-2016-06}, number2 = {arXiv:1607.03239 [cs.NI]}, pages = {1--24}, tags = {sensorcloud}, url = {fileadmin/papers/2016/2016-henze-aib-sensorcloud.pdf}, misc2 = {Online}, publisher = {Department of Computer Science, RWTH Aachen University}, address = {Ahornstr. 55, 52074 Aachen, Germany}, institution = {Department of Computer Science, RWTH Aachen University}, type = {Technical Report}, language = {en}, ISSN = {0935-3232}, author = {Henze, Martin and Hummen, Ren{\'e} and Matzutt, Roman and Wehrle, Klaus} } @Mastersthesis { 2015-master-thesis-matzutt, title = {Design and Implementation of Secure Decentralized Bitcoin Mixing}, year = {2015}, month = {5}, day = {26}, note = {Advised by Henrik Ziegeldorf, Klaus Wehrle}, tags = {ziegeldorf}, address = {Germany}, school = {Communication and Distributed Systems, RWTH Aachen University}, type = {Master Thesis}, author = {Matzutt, Roman} } @Incollection { 2014-tcc-henze-trustpoint, title = {A Trust Point-based Security Architecture for Sensor Data in the Cloud}, year = {2014}, month = {12}, day = {14}, pages = {77-106}, tags = {sensorcloud}, misc2 = {Online}, editor = {Krcmar, Helmut and Reussner, Ralf and Rumpe, Bernhard}, publisher = {Springer}, booktitle = {Trusted Cloud Computing}, ISBN = {978-3-319-12717-0}, DOI = {10.1007/978-3-319-12718-7_6}, reviewed = {1}, author = {Henze, Martin and Hummen, Ren{\'e} and Matzutt, Roman and Wehrle, Klaus} } @Article { 2013-ijghpc-henze-sensorcloud, title = {Maintaining User Control While Storing and Processing Sensor Data in the Cloud}, journal = {International Journal of Grid and High Performance Computing (IJGHPC)}, year = {2013}, month = {12}, volume = {5}, number = {4}, pages = {97-112}, tags = {sensorcloud}, url = {fileadmin/papers/2013/2013-ijghpc-henze-sensorcloud.pdf}, misc2 = {Online}, publisher = {IGI Global}, language = {en}, ISSN = {1938-0259}, DOI = {10.4018/ijghpc.2013100107}, reviewed = {1}, author = {Henze, Martin and Hummen, Ren{\'e} and Matzutt, Roman and Catrein, Daniel and Wehrle, Klaus} } @Mastersthesis { 2013-bachelor-thesis-matzutt, title = {User-controlled Utilization of Sensor Data for Cloud Computing}, year = {2013}, month = {3}, day = {30}, note = {Advised by Ren{\'e} Hummen, Martin Henze, Klaus Wehrle}, tags = {hummen,henze}, address = {Germany}, school = {Communication and Distributed Systems, RWTH Aachen University}, type = {Bachelor Thesis}, language = {en}, author = {Matzutt, Roman} }