D-GATE: Decentralized Geolocation and Time Enforcement for Usage Control
In the context of cloud environments, data providers entrust their data to data consumers in order to allow further computing on their own IT infrastructure. Usage control measures allow the data provider to restrict the usage of its data even on the data consumer’s system. Two of these restrictions can be the geographic location and time limitations. Current solutions that could be used to enforce such constraints can be easily manipulated. These include solutions based on the system time, organizational agreements, GPS-based techniques or simple delay measurements to derive the distance to known reference servers. With D-GATE, we propose a reliable solution that uses trusted execution environments and relies on a decentralized mesh of reference nodes, so-called GeoClients. Here, participants periodically measure the lowest network delay to each other to geolocate themselves. For data providers, it is thus possible to technically attest usage control with time and geolocation constraints without depending on centralized reference systems.
D-GATE: Decentralized Geolocation and Time Enforcement for Usage Control
2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)
| Authors: | Hendrik Meyer Zum Felde, Jean-Luc Reding, and Michael Lux |
| Year/month: | 2023/7 |
| Booktitle: | 2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) |
| Fulltext: | click here |
Abstract |
|
| In the context of cloud environments, data providers entrust their data to data consumers in order to allow further computing on their own IT infrastructure. Usage control measures allow the data provider to restrict the usage of its data even on the data consumer’s system. Two of these restrictions can be the geographic location and time limitations. Current solutions that could be used to enforce such constraints can be easily manipulated. These include solutions based on the system time, organizational agreements, GPS-based techniques or simple delay measurements to derive the distance to known reference servers. With D-GATE, we propose a reliable solution that uses trusted execution environments and relies on a decentralized mesh of reference nodes, so-called GeoClients. Here, participants periodically measure the lowest network delay to each other to geolocate themselves. For data providers, it is thus possible to technically attest usage control with time and geolocation constraints without depending on centralized reference systems. | |
Bibtex:
@inproceedings {author = { Hendrik Meyer Zum Felde and Jean-Luc Reding and Michael Lux},
title = { D-GATE: Decentralized Geolocation and Time Enforcement for Usage Control },
year = { 2023 },
month = { July },
booktitle = { 2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) },
url = { https://doi.org/10.1109/EuroSPW59978.2023.00049 },
}