Enforcing secure and privacy-preserving information brokering in distributed information sharing

Fengjun Li, Bo Luo, Peng Liu, Dongwon Lee, Chao Hsien Chu

Research output: Contribution to journalArticle

8 Scopus citations

Abstract

Today's organizations raise an increasing need for information sharing via on-demand access. Information brokering systems (IBSs) have been proposed to connect large-scale loosely federated data sources via a brokering overlay, in which the brokers make routing decisions to direct client queries to the requested data servers. Many existing IBSs assume that brokers are trusted and thus only adopt server-side access control for data confidentiality. However, privacy of data location and data consumer can still be inferred from metadata (such as query and access control rules) exchanged within the IBS, but little attention has been put on its protection. In this paper, we propose a novel approach to preserve privacy of multiple stakeholders involved in the information brokering process. We are among the first to formally define two privacy attacks, namely attribute-correlation attack and inference attack, and propose two countermeasure schemes automaton segmentation and query segment encryption to securely share the routing decision-making responsibility among a selected set of brokering servers. With comprehensive security analysis and experimental results, we show that our approach seamlessly integrates security enforcement with query routing to provide system-wide security with insignificant overhead.

Original languageEnglish (US)
Article number6461937
Pages (from-to)888-890
Number of pages3
JournalIEEE Transactions on Information Forensics and Security
Volume8
Issue number6
DOIs
StatePublished - Jun 3 2013

    Fingerprint

All Science Journal Classification (ASJC) codes

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications

Cite this