Design of PriServ, A Privacy Service for DHTs

International audienceBy decentralizing control, P2P systems provide efficient, scalable data sharing. However, when sharing data for different purposes (e.g., billing, purchase, shipping, etc.), data privacy can be easily violated by untrustworthy peers wich may use data for other purposes (e.g., marketing, fraudulence, profiling, etc.). A basic principle of data privacy is purpose specification which states that data providers should be able to specify the purpose for which their data will be collected and used. In the context of P2P systems, decentralized control makes it hard to enforce purpose-based privacy. And the major problem of data disclosure is not addressed. Hippocratic databases provide mechanisms for enforcing purpose-based disclosure control within a corporation datastore. In this paper, we apply the Hippocratic database principles to P2P systems to enforce purpose-based privacy. We focus on Distributed Hash Tables (DHTs), because they provide strong guarantees in terms of access performance. We propose PriServ, a privacy service which prevents privacy violation by prohibiting malicious data access. The performance evaluation of our approach through simulation shows that the overhead introduced by PriServ is small

Privacy Support for Sensitive Data Sharing in P2P Systems

Demonstration.National audienceLes applications partageant des données sensibles peuvent bénéficier des avantages des systèmes P2P (Peer-to-Peer) mais uniquement si la confidentialité est préservée. Dans nos travaux antérieurs, nous avons proposé PriMod, un modèle de confidentialité pour partage de données P2P qui combine le contrôle d'accès basé sur les objectifs, la confiance et le chiffrement. Nous avons également proposé PriServ, un service basé sur PriMod, implémenté sur une table de hachage distribuée (DHT). Cette démonstration montre le prototype PriServ et souligne les bénéfices de notre approche en terme de préservation de la confidentialité de données au travers d'une application médicale de partage de données. Le scénario utilisé expose des aspects critiques comme la gestion de politiques de confidentialité, la publication de données, la recherche de données et la recherche de droits d'accès personnels

Data sharing in DHT based P2P systems

International audienceThe evolution of peer-to-peer (P2P) systems triggered the building of large scale distributed applications. The main application domain is data sharing across a very large number of highly autonomous participants. Building such data sharing systems is particularly challenging because of the "extreme" characteristics of P2P infrastructures: massive distribution, high churn rate, no global control, potentially untrusted participants... This article focuses on declarative querying support, query optimization and data privacy on a major class of P2P systems, that based on Distributed Hash Table (P2P DHT). The usual approaches and the algorithms used by classic distributed systems and databases forproviding data privacy and querying services are not well suited to P2P DHT systems. A considerable amount of work was required to adapt them for the new challenges such systems present. This paper describes the most important solutions found. It also identies important future research trends in data management in P2P DHT systems

Protecting Data Privacy in Structured P2P Networks

International audienceP2P systems are increasingly used for efficient, scalable data sharing. Popular applications focus on massive file sharing. However, advanced applications such as online communities (e.g., medical or research communities) need to share private or sensitive data. Currently, in P2P systems, untrusted peers can easily violate data privacy by using data for malicious purposes (e.g., fraudulence, profiling). To prevent such behavior, the well accepted Hippocratic database principle states that data owners should specify the purpose for which their data will be collected. In this paper, we apply such principles as well as reputation techniques to support purpose and trust in structured P2P systems. Hippocratic databases enforce purpose-based privacy while reputation techniques guarantee trust. We propose a P2P data privacy model which combines the Hippocratic principles and the trust notions. We also present the algorithms of PriServ, a DHT-based P2P privacy service which supports this model and prevents data privacy violation. We show, in a performance evaluation, that PriServ introduces a small overhead

A Data Privacy Service for Structured P2P Systems

International audienceOnline peer-to-peer (P2P) communities such as professional ones (e.g., medical or research) are becoming popular due to increasing needs on data sharing. P2P environments offer valuable characteristics but limited guarantees when sharing sensitive or confidential data. They can be considered as hostile because data can be accessed by everyone (by potentially untrustworthy peers) and used for everything (e.g., for marketing or for activities against the owner's preferences or ethics). In this paper we propose PriServ, a privacy service located on top of distributed hash table (DHT) based P2P systems which prevents data privacy violations. Based on data owner privacy preferences, PriServ uses Hippocratic database principles, takes into account which operations will be realized on shared data (e.g., read, write, disclosure) and uses reputation techniques to increase trust on peers. Several simulation results encourage our ideas and a prototype of PriServ is under development

Towards defining semantic foundations for purpose-based privacy policies

We define a semantic model for purpose, based on which purpose-based privacy policies can be meaningfully expressed and enforced in a business system. The model is based on the intuition that the purpose of an action is determined by its situation among other inter-related actions. Actions and their relationships can be modeled in the form of an action graph which is based on the business processes in a system. Accordingly, a modal logic and the corresponding model checking algorithm are developed for formal expression of purpose-based policies and verifying whether a particular system complies with them. It is also shown through various examples, how various typical purpose-based policies as well as some new policy types can be expressed and checked using our model