ADSS: An Available-but-Invisible Data Service Scheme for Fine-Grained Usage Control

IF 5.8 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS IEEE Transactions on Services Computing Pub Date : 2024-11-11 DOI:10.1109/TSC.2024.3495498

Hao Wang;Jun Wang;Chunpeng Ge;Yuhang Li;Lu Zhou;Zhe Liu;Weibin Wu;Mingsheng Cao

{"title":"ADSS: An Available-but-Invisible Data Service Scheme for Fine-Grained Usage Control","authors":"Hao Wang;Jun Wang;Chunpeng Ge;Yuhang Li;Lu Zhou;Zhe Liu;Weibin Wu;Mingsheng Cao","doi":"10.1109/TSC.2024.3495498","DOIUrl":null,"url":null,"abstract":"The demand for mobile terminals to participate in data services is increasingly vital. The General Data Protection Regulation (GDPR) has established several principled requirements for data services. Existing studies focusing on data service put emphasis on data privacy and accessibility. However, they face challenges in achieving data forgetability and portability on mobile devices under GDPR and lack consideration of usage control. In this article, we propose ADSS, an app-level data service scheme for mobile devices that can be <italic>available-but-invisible</i> and guarantee fine-grained usage control. ADSS addresses the challenges by executing the logic of data usage in the Trusted Execution Environment (TEE) and managing the TEE states (i.e., data usage states) in the blockchain smart contracts. It not only satisfies the requirements of GDPR, ensuring strong security and confidentiality guarantees, but also enables the functionality of “pay-per-use”. We implement a prototype of the ADSS framework based on ARM Trustzone and conduct experimental evaluations. The results demonstrate that our scheme brings high efficiency compared with other data service schemes and exhibits feasibility on mobile-grade devices.","PeriodicalId":13255,"journal":{"name":"IEEE Transactions on Services Computing","volume":"18 1","pages":"43-56"},"PeriodicalIF":5.8000,"publicationDate":"2024-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Services Computing","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10749975/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

The demand for mobile terminals to participate in data services is increasingly vital. The General Data Protection Regulation (GDPR) has established several principled requirements for data services. Existing studies focusing on data service put emphasis on data privacy and accessibility. However, they face challenges in achieving data forgetability and portability on mobile devices under GDPR and lack consideration of usage control. In this article, we propose ADSS, an app-level data service scheme for mobile devices that can be available-but-invisible and guarantee fine-grained usage control. ADSS addresses the challenges by executing the logic of data usage in the Trusted Execution Environment (TEE) and managing the TEE states (i.e., data usage states) in the blockchain smart contracts. It not only satisfies the requirements of GDPR, ensuring strong security and confidentiality guarantees, but also enables the functionality of “pay-per-use”. We implement a prototype of the ADSS framework based on ARM Trustzone and conduct experimental evaluations. The results demonstrate that our scheme brings high efficiency compared with other data service schemes and exhibits feasibility on mobile-grade devices.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

ADSS：用于细粒度使用控制的可用但不可见数据服务方案

移动终端参与数据业务的需求越来越迫切。《通用数据保护条例》（GDPR）对数据服务提出了若干原则性要求。现有的数据服务研究侧重于数据的隐私性和可访问性。然而，在GDPR下，他们在实现移动设备上的数据可遗忘性和可移植性方面面临挑战，并且缺乏对使用控制的考虑。在本文中，我们提出了一种移动设备的应用级数据服务方案ADSS，它可以可用但不可见，并保证细粒度的使用控制。ADSS通过在可信执行环境（TEE）中执行数据使用逻辑并管理区块链智能合约中的TEE状态（即数据使用状态）来解决这些挑战。它不仅满足GDPR的要求，确保了强大的安全性和保密性保证，还实现了“按使用付费”的功能。我们实现了基于ARM Trustzone的ADSS框架原型，并进行了实验评估。结果表明，与其他数据业务方案相比，该方案具有较高的效率，在移动级设备上具有可行性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

IEEE Transactions on Services Computing COMPUTER SCIENCE, INFORMATION SYSTEMS-COMPUTER SCIENCE, SOFTWARE ENGINEERING

CiteScore

11.50

自引率

6.20%

发文量

278

审稿时长

>12 weeks

期刊介绍： IEEE Transactions on Services Computing encompasses the computing and software aspects of the science and technology of services innovation research and development. It places emphasis on algorithmic, mathematical, statistical, and computational methods central to services computing. Topics covered include Service Oriented Architecture, Web Services, Business Process Integration, Solution Performance Management, and Services Operations and Management. The transactions address mathematical foundations, security, privacy, agreement, contract, discovery, negotiation, collaboration, and quality of service for web services. It also covers areas like composite web service creation, business and scientific applications, standards, utility models, business process modeling, integration, collaboration, and more in the realm of Services Computing.