Multi-Party Computation in the GDPR

Helminger, Lukas; Rechberger, Christian

doi:10.1007/978-3-031-09901-4_2

Cited by 9 publications

(2 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Another open problem, from a legal point of view, is classifying the result of the computation [49]. It is unclear whether the result of the computation is personal data at all.…”

Section: Further Discussion and Future Workmentioning

confidence: 99%

Secure Key Management for Multi-Party Computation in MOZAIK

Marquet,

Moeyersons,

Pohle

et al. 2023

2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)

View full text Add to dashboard Cite

The immense growth of data from the proliferation of Internet of Things (IoT) devices presents opportunities and challenges for privacy engineering. On the one hand, this data can be harnessed for personalized services, cost savings, and environmental benefits. On the other hand, (new) legislation must be complied with and privacy risks arise from collecting and processing of such data. Distributed privacy-preserving analytics offers a promising solution, providing insights while also protecting privacy. However, this approach has new challenges and risks, such as key management and confidentiality. When designing a data marketplace which offers distributed privacy-preserving analytics, the key management comes with different threats, which require a solution adapted to the distributed architecture.In this context, the paper presents a comprehensive, endto-end secure system called MOZAIK for privacy-preserving data collection, analysis, and sharing. The article focuses on the key management aspect of the secure multi-party computation (MPC) component in a distributed privacypreserving analytics architecture and the specific challenges created by introducing MPC. The proposed solution involves temporary storage of (symmetric) key shares and publickey encryption schemes to ensure secure key management for privacy-preserving computation. Our solution has the potential to be applied in other MPC-based setups, making it a valuable addition to the field of privacy engineering. By addressing key management challenges and risks, MOZAIK enhances data protection while enabling valuable insights from IoT data.

show abstract

“…Another open problem, from a legal point of view, is classifying the result of the computation [49]. It is unclear whether the result of the computation is personal data at all.…”

Section: Further Discussion and Future Workmentioning

confidence: 99%

Secure Key Management for Multi-Party Computation in MOZAIK

Marquet,

Moeyersons,

Pohle

et al. 2023

2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)

View full text Add to dashboard Cite

show abstract

“…The proposed architecture addresses several key legal issues a secure and privacy-friendly IoT-data collection and analytics systems encounter such as risk management, appropriate security against threats and flexibility. The introduction of carefully selected PETs such as MPC [8], Obelisk, RBAC, network slicing ensures that data subjects are sufficiently protected against linkability and identifiability through inference.…”

Section: Legalmentioning

confidence: 99%

MOZAIK: An End-to-End Secure Data Sharing Platform

Abidin,

Marquet,

Moeyersons

et al. 2023

Proceedings of the Second ACM Data Economy Workshop

View full text Add to dashboard Cite

The proliferation of Internet of Things (IoT) devices has led to exponential data growth that can be harnessed for personalized services, cost savings, and environmental benefits. However, collecting and sharing this data comes with significant risks, including hacking attacks, breaches of sensitive data, and non-compliance with privacy regulations. This paper proposes a comprehensive, end-to-end secure system, MOZAIK, for privacy-preserving data collection, analysis, and sharing to address these challenges. We perform a requirements analysis from the perspectives of security, privacy, legal, and functionality, highlighting the various mechanisms employed to safeguard sensitive data throughout the entire data cycle. This includes the use of lightweight encryption, distributed computation, and anonymous communication mechanisms to reduce security and privacy risks and to protect against single points of failure. MOZAIK provides a trusted and secure platform for data sharing and processing that can enable the creation of a data market and data economy.

show abstract

Anonymisation (Part I)

Martínez Martínez

2023

GDPR Requirements for Biobanking Activities Across Europe

View full text Add to dashboard Cite

Multi-Party Computation in the GDPR

Cited by 9 publications

References 19 publications

Secure Key Management for Multi-Party Computation in MOZAIK

Secure Key Management for Multi-Party Computation in MOZAIK

MOZAIK: An End-to-End Secure Data Sharing Platform

Anonymisation (Part I)

Contact Info

Product

Resources

About