Secure Information Brokering In Distributed Information System

Abstract

To facilitate extensive collaborations, today’s organizations raise increasing needs for information sharing via on-demand information access. Information Brokering System (IBS) atop a peer-to-peer overlay has been proposed to support information sharing among loosely federated data sources. It consists of diverse data servers and brokering components, which help client queries to locate the data servers. However, many existing IBSs adopt server side access control deployment and honest assumptions on brokers, and shed little attention on privacy of data and metadata stored and exchanged within the IBS. The necessity for the information sharing increases day to day as many organizations use shared data sources to improve their data communication by improving the interoperability among them. To implement the Information sharing, there needs a Broker who acts as the intermediate between the organizations and transfer data between them. In this article, we study the problem of privacy protection in information brokering process. We first give a formal presentation of the threat models with a focus on two attacks: attribute-correlation attack and inference attack. Then, we propose a broker-coordinator overlay, a well as two schemes, automaton segmentation scheme and query segment encryption scheme, to share the secure query routing function among a set of brokering servers. With comprehensive analysis on privacy, end-to-end performance, and scalability, we show that the proposed system can integrate security enforcement and query routing while preserving system-wide privacy with reasonable overhead.
Key Words: information sharing, privacy, access control, and information brokering system