The attribute-based approach simplifies the realization of data access control systems, which then can be even stored on an untrusted server. The data access control is completely realized by the encryption and all the data must be encrypted only once for all the customers.
In this area, our research focus is on the development of efficient and flexible attribute-based encryption schemes. The policies of the existing schemes are restricted to several classes of functions and are quite inefficient. On the one hand, we are interested in the development of schemes which can be applied to general function classes. On the other hand, we are looking for more efficient methods when realizing restricted function classes. Other modifications of the schemes will be also necessary when considering further questions arising from privacy protection and further legal requirements.
A second goal is to develop anonymous reputation systems. To provide trustworthy, reliable, and honest ratings there is a need for anonymous reputation systems that also guarantee that customers rate products only once. To further increase trust in the system, everyone – even outsiders – should be able to verify the validity of ratings. Some of these properties have been studied in the context of group signatures. However, the concept of group signatures does not meet all the requirements for reputation systems. In particular, reputation systems do not consist of a single group of users. Rather one can think of reputation systems as a family of group signature schemes – one for each product. Moreover, we may have providers with several products. Hence, when looking at security and anonymity group signature schemes for different products can not be considered in isolation. Finally, known constructions of group signatures do not provide all properties that we need for a secure and anonymous reputation system and do not provide them simultaneously.
The research focus in the area of reputation systems is the development of new security models and efficient, flexible and secure schemes which meet all our requirements. Here we mainly consider group signatures, but also attribute-based signatures and anonymous credential systems will be taken into account.
Privacy-Preserving DRM for the OTF-Computing
Our Vision of Software Provision and Execution in the OTF-Computing
In our vision of the On-The-Fly Computing, the traditional way of software distribution and execution changes dramatically. Software will be provided by specialized software providers to users, and users will be able to freely choose the computing centers where the software should be executed, such as in computing centers with available resources and which provide their computing resources at a discount. Thus, the bonding between software provision and execution, which is predominant in many cloud computing services nowadays, becomes less important. Users may ask for new price models when buying or renting software from software providers. For example, licenses that allow the software to be executed for at most n times are imaginable. In order to enforce license checking in the OTF-Computing and restrict users to execute software in computing centers without having the proper rights available, a digital rights management (DRM) solution needs to be in place.
The introduction of a DRM system can involve some severe privacy challenges. If an online license check with the software provider is performed during each software execution by the computing center, the software provider is able to build software usage profiles of its users. A solution to this problem that takes only user anonymity into account, for example, by introducing an anonymous payment scheme to pay for the software, is not enough. Such a solution may be prone to profile building under pseudonym, meaning that the software provider does not know the identity of its users but it is able to relate individual software executions to each other - based on a pseudonym. In many cases, it may suffice to link some background information to such a usage profile under pseudonym to still reveal the user's identity.
Our Goals and Research Focus
Our goal is to develop a DRM system for the OTF-Computing that preserves the users' privacy. We are especially interested in the question of how licenses can be checked before each software execution, for example, to be able to provide an execution at most n times-like price models, but without relating the license check to a certain user, which means to protect the software provider from profile building - even under pseudonym. We even go a step further by requiring that a computing center must not be able to recognize a user that has executed a certain software before. This is a challenging task and an interesting research question, as this requirement rules out a composition of "standard" cryptographic primitives to build a DRM system.
Our Approach to Privacy Protection
We have already developed solutions for a privacy-preserving DRM scheme for the OTF-Computing based on secret sharing and homomorphic encryption, as well as on proxy re-encryption. See the publication page for more details. At the moment we are working on a solution based on trusted computing. We are investigating how attribute-based encryption schemes can be used in our scenarios as well.