当前位置:
X-MOL 学术
›
Data Knowl. Eng.
›
论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
The unresolved need for dependable guarantees on security, sovereignty, and trust in data ecosystems
Data & Knowledge Engineering ( IF 2.5 ) Pub Date : 2024-03-19 , DOI: 10.1016/j.datak.2024.102301 Johannes Lohmöller , Jan Pennekamp , Roman Matzutt , Carolin Victoria Schneider , Eduard Vlad , Christian Trautwein , Klaus Wehrle
Data & Knowledge Engineering ( IF 2.5 ) Pub Date : 2024-03-19 , DOI: 10.1016/j.datak.2024.102301 Johannes Lohmöller , Jan Pennekamp , Roman Matzutt , Carolin Victoria Schneider , Eduard Vlad , Christian Trautwein , Klaus Wehrle
|
Data ecosystems emerged as a new paradigm to facilitate the automated and massive exchange of data from heterogeneous information sources between different stakeholders. However, the corresponding benefits come with unforeseen risks as sensitive information is potentially exposed, questioning data ecosystem reliability. Consequently, data security is of utmost importance and, thus, a central requirement for successfully realizing data ecosystems. Academia has recognized this requirement, and current initiatives foster sovereign participation via a federated infrastructure where participants retain local control over what data they offer to whom. However, recent proposals place significant trust in remote infrastructure by implementing organizational security measures such as certification processes before the admission of a participant. At the same time, the data sensitivity incentivizes participants to bypass the organizational security measures to maximize their benefit. This issue significantly weakens security, sovereignty, and trust guarantees and highlights that organizational security measures are insufficient in this context. In this paper, we argue that data ecosystems must be extended with technical means to (re)establish dependable guarantees. We underpin this need with three representative use cases for data ecosystems, which cover personal, economic, and governmental data, and systematically map the lack of dependable guarantees in related work. To this end, we identify three enablers of dependable guarantees, namely trusted remote policy enforcement, verifiable data tracking, and integration of resource-constrained participants. These enablers are critical for securely implementing data ecosystems in data-sensitive contexts.
中文翻译:
对数据生态系统的安全、主权和信任的可靠保证的需求尚未解决
数据生态系统作为一种新范式出现,促进不同利益相关者之间异构信息源数据的自动化和大规模交换。然而,相应的好处也伴随着不可预见的风险,因为敏感信息可能会暴露,从而质疑数据生态系统的可靠性。因此,数据安全至关重要,也是成功实现数据生态系统的核心要求。学术界已经认识到这一要求,当前的举措通过联合基础设施促进主权参与,参与者保留对其向谁提供哪些数据的本地控制权。然而,最近的提案通过在参与者准入之前实施认证流程等组织安全措施,对远程基础设施给予了极大的信任。同时,数据敏感性会激励参与者绕过组织安全措施以最大化其利益。这一问题严重削弱了安全、主权和信任保障,并凸显了组织安全措施在这方面的不足。在本文中,我们认为必须通过技术手段扩展数据生态系统,以(重新)建立可靠的保证。我们通过数据生态系统的三个代表性用例来支撑这一需求,涵盖个人、经济和政府数据,并系统地映射相关工作中缺乏可靠保障的情况。为此,我们确定了可靠保证的三个推动因素,即可信的远程策略执行、可验证的数据跟踪以及资源受限的参与者的集成。这些推动因素对于在数据敏感环境中安全地实施数据生态系统至关重要。
更新日期:2024-03-19
中文翻译:
对数据生态系统的安全、主权和信任的可靠保证的需求尚未解决
数据生态系统作为一种新范式出现,促进不同利益相关者之间异构信息源数据的自动化和大规模交换。然而,相应的好处也伴随着不可预见的风险,因为敏感信息可能会暴露,从而质疑数据生态系统的可靠性。因此,数据安全至关重要,也是成功实现数据生态系统的核心要求。学术界已经认识到这一要求,当前的举措通过联合基础设施促进主权参与,参与者保留对其向谁提供哪些数据的本地控制权。然而,最近的提案通过在参与者准入之前实施认证流程等组织安全措施,对远程基础设施给予了极大的信任。同时,数据敏感性会激励参与者绕过组织安全措施以最大化其利益。这一问题严重削弱了安全、主权和信任保障,并凸显了组织安全措施在这方面的不足。在本文中,我们认为必须通过技术手段扩展数据生态系统,以(重新)建立可靠的保证。我们通过数据生态系统的三个代表性用例来支撑这一需求,涵盖个人、经济和政府数据,并系统地映射相关工作中缺乏可靠保障的情况。为此,我们确定了可靠保证的三个推动因素,即可信的远程策略执行、可验证的数据跟踪以及资源受限的参与者的集成。这些推动因素对于在数据敏感环境中安全地实施数据生态系统至关重要。
京公网安备 11010802027423号