It Takes Two to #MeToo - Using Enclaves to Build Autonomous Trusted Systems release_eb56ph6fyjhk7pvuca52uqbbyq

by Danny Harnik and Paula Ta-Shma and Eliad Tsfadia

Released as a article .

2018  

Abstract

We provide enhanced security against insider attacks in services that manage extremely sensitive data. One example is a #MeToo use case where sexual harassment complaints are reported but only revealed when another complaint is filed against the same perpetrator. Such a service places tremendous trust on service operators which our work aims to relieve. To this end we introduce a new autonomous data management concept which transfers responsibility for the sensitive data from administrators to secure and verifiable hardware. The main idea is to manage all data access via a cluster of autonomous computation agents running inside Intel SGX enclaves. These EConfidante agents share a secret data key which is unknown to any external entity, including the data service administrators, thus eliminating many opportunities for data exposure. In this paper we describe a detailed design of the EConfidante system, its flow and how it is managed and implemented. Our #MeToo design also uses an immutable distributed ledger which is built using components from a Blockchain framework. We implemented a proof of concept of our system for the #MeToo use case and analyze its security properties and implementation details.
In text/plain format

Archived Files and Locations

application/pdf  1.3 MB
file_frla6vycxnga5fv6ljtlc2k6zu
arxiv.org (repository)
web.archive.org (webarchive)
Read Archived PDF
Preserved and Accessible
Type  article
Stage   submitted
Date   2018-08-08
Version   v1
Language   en ?
arXiv  1808.02708v1
Work Entity
access all versions, variants, and formats of this works (eg, pre-prints)
Catalog Record
Revision: 18aaac8a-9ee1-4b19-b816-8a96b91b1fdc
API URL: JSON