A private and anonymous data repository service
Trevathan, Jarrod, and Read, Wayne (2010) A private and anonymous data repository service. In: Proceedings of 7th International Conference on Information Technology - New Generations, pp. 442-447. From: 7th International Conference on Information Technology - New Generations, 12 - 14 April 2010, Las Vegas, NV, United States.
PDF (Published Version)
- Accepted Version
Restricted to Repository staff only
This paper describes a security problem involving an online data repository which acts as a proxy for multiple companies allowing their customers to perform online services (e.g., pay invoices). The repository’s host is trusted to honestly fulfil its duties in maintaining the data in a manner consistent with each companies’ required services. However, the information stored by the repository remains private in that the repository’s host cannot openly read any companies’ operational data, nor does it learn the identities of any companies’ customers. We contrast several approaches describing their viability for web deployment using existing technologies. This is a fundamentally new security problem with no established literature or clearly defined cryptographic solution. The project originated from a commercial attempt to design a secure online data archive that allows a customer to pay and view invoices online.
|Item Type:||Conference Item (Refereed Research Paper - E1)|
|Keywords:||authentication; encryption; eCommerce|
|Date Deposited:||05 Oct 2010 04:09|
|FoR Codes:||08 INFORMATION AND COMPUTING SCIENCES > 0806 Information Systems > 080699 Information Systems not elsewhere classified @ 100%|
|SEO Codes:||89 INFORMATION AND COMMUNICATION SERVICES > 8902 Computer Software and Services > 890206 Internet Hosting Services (incl. Application Hosting Services) @ 100%|
|Citation Count from Scopus||