Enhancing privacy through unlinkable data sharing with User-in-the-Loop access control

Publikationstyp
Conference Paper
Date Issued
2025
Sprache
English
Author(s)
Röbert, Kevin  
Kaaser, Dominik 
Data Engineering E-19  
Fischer, Mathias  
TORE-URI
https://hdl.handle.net/11420/58962
Citation
13th Annual IEEE Conference on Communications and Network Security, CNS 2025
Contribution to Conference
13th Annual IEEE Conference on Communications and Network Security, CNS 2025  
Publisher DOI
10.1109/CNS66487.2025.11195013
Scopus ID
2-s2.0-105020934472
Publisher
IEEE
ISBN
979-833153856-9
In our information-driven society, the volume of data generated by individuals has grown significantly. Protecting the privacy of individuals is becoming more challenging, as this data can reveal detailed insights into personal preferences and behavior. To address this challenge, we introduce a user-centric, privacy-preserving data-sharing solution that leverages a central data storage service, hereafter referred to as the data intermediary. By integrating local differential privacy with user-in-the-Ioop access control, our system enables data providers to securely and unlinkably store their data at the intermediary. Data consumers can localize and request data via the intermediary. The data providers are included in access decisions without disclosing their identity nor by enabling the linking of their data. We evaluated our approach using theoretical analysis and simulations. Our findings indicate that our system achieves c-privacy and safeguards data providers against external and internal attackers, malicious data consumers, and an honest-but-curious intermediary. Moreover, our method reduces the message overhead for data discovery in our system by more than half compared to existing approaches.
Subjects
differential privacy
privacy-preserving data sharing
randomized response
unlinkable data sharing
DDC Class
600: Technology
005: Computer Programming, Programs, Data and Security