Secure Multi-Party Data Management

Abstract

As data and information is stored, combined and accessed almost everywhere, in-formation security and privacy becomes increasingly important to companies that offer access to data. In comparison to network and hardware security that often focus on the protection of network or hardware from attackers from the outside, information security involves protection of certain information from users that have at least some access rights "inside" an information system. One key challenge in information secu-rity and privacy is to meet two contrary goals at the same time, i.e. to allow users to run applications which access the data that they need, but to prevent the same users from being able to infer sensitive information from the results returned by the appli-cation. While cryptography may be used as a supporting technology, the focus of our re-search at the University of Paderborn is to solve problems of information security and privacy. Our research involves different aspects of information security and privacy, e.g. access control, policies, key management, role management, inference control, detection of privacy leaks, sovereign information sharing and anonymous union com-putation. Although there are many great contributions to these problems by other groups in the community, within this paper, we focus on the research contributions by our group in Paderborn.