Marcel von Maltitz

Marcel von Maltitz, Dominik Bitzer, Georg Carle

In the Internet of Things and smart environments data, collected from distributed sensors, is typically stored and processed by a central middleware. This allows applications to query the data they need for providing further services. However, centralization of data causes several privacy threats: The middleware becomes a third party which has to be trusted, linkage and correlation of data from different context becomes possible and data subject lose control over their data. Hence, other approaches than centralized processing should be considered. Here, Secure Multiparty Computation is a promising candidate for secure and privacy-preserving computation happening close to the sources of the data. In order to make SMC fit for application in these contexts, we extend SMC to act as a service: We provide elements which allow third parties to query computed data from a group of peers performing SMC. Furthermore, we establish fine-granular access control on the level of individual data queries, yielding data protection of the computed results. By adding measures to inform data sources about requests and the usage of their data, we show how a fully privacy-preserving service can be built on the foundation of SMC.

Marcel von Maltitz, Georg Carle

Centralized systems in the Internet of Things---be it local middleware or cloud-based services---fail to fundamentally address privacy of the collected data. We propose an architecture featuring secure multiparty computation at its core in order to realize data processing systems which already incorporate support for privacy protection in the architecture.

Marcel von Maltitz, Stefan Smarzly, Holger Kinkelin et al.

Secure multiparty computation (SMC) is a promising technology for privacy-preserving collaborative computation. In the last years several feasibility studies have shown its practical applicability in different fields. However, it is recognized that administration and management overhead of SMC solutions are still a problem. A vital next step is the incorporation of SMC in the emerging fields of the Internet of Things and (smart) dynamic environments. In these settings, the properties of these contexts make utilization of SMC even more challenging since some of its vital premises regarding environmental stability and preliminary configuration are not initially fulfilled. We bridge this gap by providing FlexSMC, a management and orchestration framework for SMC which supports the discovery of nodes, supports a trust establishment between them and realizes robustness of SMC session by handling nodes failures and communication interruptions. The practical evaluation of FlexSMC shows that it enables the application of SMC in dynamic environments with reasonable performance penalties and computation durations allowing soft real-time and interactive use cases.

Marcel von Maltitz, Georg Carle

In recent years, secure multiparty computation (SMC) advanced from a theoretical technique to a practically applicable technology. Several frameworks were proposed of which some are still actively developed. We perform a first comprehensive study of performance characteristics of SMC protocols using a promising implementation based on secret sharing, a common and state-of-the-art foundation. Therefor, we analyze its scalability with respect to environmental parameters as the number of peers, network properties -- namely transmission rate, packet loss, network latency -- and parallelization of computations as parameters and execution time, CPU cycles, memory consumption and amount of transmitted data as variables. Our insights on the resource consumption show that such a solution is practically applicable in intranet environments and -- with limitations -- in Internet settings.

Marcel von Maltitz, Cornelius Diekmann, Georg Carle

Privacy analysis is critical but also a time-consuming and tedious task. We present a formalization which eases designing and auditing high-level privacy properties of software architectures. It is incorporated into a larger policy analysis and verification framework and enables the assessment of commonly accepted data protection goals of privacy. The formalization is based on static taint analysis and makes flow and processing of privacy-critical data explicit, globally as well as on the level of individual data subjects. Formally, we show equivalence to traditional label-based information flow security and prove overall soundness of our tool with Isabelle/HOL. We demonstrate applicability in two real-world case studies, thereby uncovering previously unknown violations of privacy constraints in the analyzed software architectures.