-
An Interdisciplinary Survey on Information Flows in Supply Chains
Authors:
Jan Pennekamp,
Roman Matzutt,
Christopher Klinkmüller,
Lennart Bader,
Martin Serror,
Eric Wagner,
Sidra Malik,
Maria Spiß,
Jessica Rahn,
Tan Gürpinar,
Eduard Vlad,
Sander J. J. Leemans,
Salil S. Kanhere,
Volker Stich,
Klaus Wehrle
Abstract:
Supply chains form the backbone of modern economies and therefore require reliable information flows. In practice, however, supply chains face severe technical challenges, especially regarding security and privacy. In this work, we consolidate studies from supply chain management, information systems, and computer science from 2010-2021 in an interdisciplinary meta-survey to make this topic holist…
▽ More
Supply chains form the backbone of modern economies and therefore require reliable information flows. In practice, however, supply chains face severe technical challenges, especially regarding security and privacy. In this work, we consolidate studies from supply chain management, information systems, and computer science from 2010-2021 in an interdisciplinary meta-survey to make this topic holistically accessible to interdisciplinary research. In particular, we identify a significant potential for computer scientists to remedy technical challenges and improve the robustness of information flows. We subsequently present a concise information flow-focused taxonomy for supply chains before discussing future research directions to provide possible entry points.
△ Less
Submitted 28 September, 2023;
originally announced January 2024.
-
Poster: Accountable Processing of Reported Street Problems
Authors:
Roman Matzutt,
Jan Pennekamp,
Klaus Wehrle
Abstract:
Municipalities increasingly depend on citizens to file digital reports about issues such as potholes or illegal trash dumps to improve their response time. However, the responsible authorities may be incentivized to ignore certain reports, e.g., when addressing them inflicts high costs. In this work, we explore the applicability of blockchain technology to hold authorities accountable regarding fi…
▽ More
Municipalities increasingly depend on citizens to file digital reports about issues such as potholes or illegal trash dumps to improve their response time. However, the responsible authorities may be incentivized to ignore certain reports, e.g., when addressing them inflicts high costs. In this work, we explore the applicability of blockchain technology to hold authorities accountable regarding filed reports. Our initial assessment indicates that our approach can be extended to benefit citizens and authorities in the future.
△ Less
Submitted 24 September, 2023; v1 submitted 20 September, 2023;
originally announced September 2023.
-
Scalable and Privacy-Focused Company-Centric Supply Chain Management
Authors:
Eric Wagner,
Roman Matzutt,
Jan Pennekamp,
Lennart Bader,
Irakli Bajelidze,
Klaus Wehrle,
Martin Henze
Abstract:
Blockchain technology promises to overcome trust and privacy concerns inherent to centralized information sharing. However, current decentralized supply chain management systems do either not meet privacy and scalability requirements or require a trustworthy consortium, which is challenging for increasingly dynamic supply chains with constantly changing participants. In this paper, we propose CCCh…
▽ More
Blockchain technology promises to overcome trust and privacy concerns inherent to centralized information sharing. However, current decentralized supply chain management systems do either not meet privacy and scalability requirements or require a trustworthy consortium, which is challenging for increasingly dynamic supply chains with constantly changing participants. In this paper, we propose CCChain, a scalable and privacy-aware supply chain management system that stores all information locally to give companies complete sovereignty over who accesses their data. Still, tamper protection of all data through a permissionless blockchain enables on-demand tracking and tracing of products as well as reliable information sharing while affording the detection of data inconsistencies. Our evaluation confirms that CCChain offers superior scalability in comparison to alternatives while also enabling near real-time tracking and tracing for many, less complex products.
△ Less
Submitted 22 May, 2022;
originally announced May 2022.
-
CoinPrune: Shrinking Bitcoin's Blockchain Retrospectively
Authors:
Roman Matzutt,
Benedikt Kalde,
Jan Pennekamp,
Arthur Drichel,
Martin Henze,
Klaus Wehrle
Abstract:
Popular cryptocurrencies continue to face serious scalability issues due to their ever-growing blockchains. Thus, modern blockchain designs began to prune old blocks and rely on recent snapshots for their bootstrap** processes instead. Unfortunately, established systems are often considered incapable of adopting these improvements. In this work, we present CoinPrune, our block-pruning scheme wit…
▽ More
Popular cryptocurrencies continue to face serious scalability issues due to their ever-growing blockchains. Thus, modern blockchain designs began to prune old blocks and rely on recent snapshots for their bootstrap** processes instead. Unfortunately, established systems are often considered incapable of adopting these improvements. In this work, we present CoinPrune, our block-pruning scheme with full Bitcoin compatibility, to revise this popular belief. CoinPrune bootstraps joining nodes via snapshots that are periodically created from Bitcoin's set of unspent transaction outputs (UTXO set). Our scheme establishes trust in these snapshots by relying on CoinPrune-supporting miners to mutually reaffirm a snapshot's correctness on the blockchain. This way, snapshots remain trustworthy even if adversaries attempt to tamper with them. Our scheme maintains its retrospective deployability by relying on positive feedback only, i.e., blocks containing invalid reaffirmations are not rejected, but invalid reaffirmations are outpaced by the benign ones created by an honest majority among CoinPrune-supporting miners. Already today, CoinPrune reduces the storage requirements for Bitcoin nodes by two orders of magnitude, as joining nodes need to fetch and process only 6 GiB instead of 271 GiB of data in our evaluation, reducing the synchronization time of powerful devices from currently 7 h to 51 min, with even larger potential drops for less powerful devices. CoinPrune is further aware of higher-level application data, i.e., it conserves otherwise pruned application data and allows nodes to obfuscate objectionable and potentially illegal blockchain content from their UTXO set and the snapshots they distribute.
△ Less
Submitted 26 November, 2021;
originally announced November 2021.
-
Do I Get the Privacy I Need? Benchmarking Utility in Differential Privacy Libraries
Authors:
Gonzalo Munilla Garrido,
Joseph Near,
Aitsam Muhammad,
Warren He,
Roman Matzutt,
Florian Matthes
Abstract:
An increasing number of open-source libraries promise to bring differential privacy to practice, even for non-experts. This paper studies five libraries that offer differentially private analytics: Google DP, SmartNoise, diffprivlib, diffpriv, and Chorus. We compare these libraries qualitatively (capabilities, features, and maturity) and quantitatively (utility and scalability) across four analyti…
▽ More
An increasing number of open-source libraries promise to bring differential privacy to practice, even for non-experts. This paper studies five libraries that offer differentially private analytics: Google DP, SmartNoise, diffprivlib, diffpriv, and Chorus. We compare these libraries qualitatively (capabilities, features, and maturity) and quantitatively (utility and scalability) across four analytics queries (count, sum, mean, and variance) executed on synthetic and real-world datasets. We conclude that these libraries provide similar utility (except in some notable scenarios). However, there are significant differences in the features provided, and we find that no single library excels in all areas. Based on our results, we provide guidance for practitioners to help in choosing a suitable library, guidance for library designers to enhance their software, and guidance for researchers on open challenges in differential privacy tools for non-experts.
△ Less
Submitted 22 September, 2021;
originally announced September 2021.
-
How to Securely Prune Bitcoin's Blockchain
Authors:
Roman Matzutt,
Benedikt Kalde,
Jan Pennekamp,
Arthur Drichel,
Martin Henze,
Klaus Wehrle
Abstract:
Bitcoin was the first successful decentralized cryptocurrency and remains the most popular of its kind to this day. Despite the benefits of its blockchain, Bitcoin still faces serious scalability issues, most importantly its ever-increasing blockchain size. While alternative designs introduced schemes to periodically create snapshots and thereafter prune older blocks, already-deployed systems such…
▽ More
Bitcoin was the first successful decentralized cryptocurrency and remains the most popular of its kind to this day. Despite the benefits of its blockchain, Bitcoin still faces serious scalability issues, most importantly its ever-increasing blockchain size. While alternative designs introduced schemes to periodically create snapshots and thereafter prune older blocks, already-deployed systems such as Bitcoin are often considered incapable of adopting corresponding approaches. In this work, we revise this popular belief and present CoinPrune, a snapshot-based pruning scheme that is fully compatible with Bitcoin. CoinPrune can be deployed through an opt-in velvet fork, i.e., without impeding the established Bitcoin network. By requiring miners to publicly announce and jointly reaffirm recent snapshots on the blockchain, CoinPrune establishes trust into the snapshots' correctness even in the presence of powerful adversaries. Our evaluation shows that CoinPrune reduces the storage requirements of Bitcoin already by two orders of magnitude today, with further relative savings as the blockchain grows. In our experiments, nodes only have to fetch and process 5 GiB instead of 230 GiB of data when joining the network, reducing the synchronization time on powerful devices from currently 5 h to 46 min, with even more savings for less powerful devices.
△ Less
Submitted 15 April, 2020;
originally announced April 2020.
-
Utilizing Public Blockchains for the Sybil-Resistant Bootstrap** of Distributed Anonymity Services
Authors:
Roman Matzutt,
Jan Pennekamp,
Erik Buchholz,
Klaus Wehrle
Abstract:
Distributed anonymity services, such as onion routing networks or cryptocurrency tumblers, promise privacy protection without trusted third parties. While the security of these services is often well-researched, security implications of their required bootstrap** processes are usually neglected: Users either jointly conduct the anonymization themselves, or they need to rely on a set of non-collu…
▽ More
Distributed anonymity services, such as onion routing networks or cryptocurrency tumblers, promise privacy protection without trusted third parties. While the security of these services is often well-researched, security implications of their required bootstrap** processes are usually neglected: Users either jointly conduct the anonymization themselves, or they need to rely on a set of non-colluding privacy peers. However, the typically small number of privacy peers enable single adversaries to mimic distributed services. We thus present AnonBoot, a Sybil-resistant medium to securely bootstrap distributed anonymity services via public blockchains. AnonBoot enforces that peers periodically create a small proof of work to refresh their eligibility for providing secure anonymity services. A pseudo-random, locally replicable bootstrap** process using on-chain entropy then prevents biasing the election of eligible peers. Our evaluation using Bitcoin as AnonBoot's underlying blockchain shows its feasibility to maintain a trustworthy repository of 1000 peers with only a small storage footprint while supporting arbitrarily large user bases on top of most blockchains.
△ Less
Submitted 21 April, 2020; v1 submitted 14 April, 2020;
originally announced April 2020.
-
Putting Privacy into Perspective -- Comparing Technical, Legal, and Users' View of Data Sensitivity
Authors:
Eva-Maria Schomakers,
Chantal Lidynia,
Dirk Müllmann,
Roman Matzutt,
Klaus Wehrle,
Indra Spiecker gen. Döhmann,
Martina Ziefle
Abstract:
Web 2.0, social media, cloud computing, and IoT easily connect people around the globe, overcoming time and space barriers, and offering manifold benefits. However, the technological advances and increased user participation generate novel challenges for protecting users' privacy. From the user perspective, data disclosure depends, in part, on the perceived sensitivity of that data, and thus on a…
▽ More
Web 2.0, social media, cloud computing, and IoT easily connect people around the globe, overcoming time and space barriers, and offering manifold benefits. However, the technological advances and increased user participation generate novel challenges for protecting users' privacy. From the user perspective, data disclosure depends, in part, on the perceived sensitivity of that data, and thus on a risk assessment of data disclosure. But in light of the new technological opportunities to process and combine data, it is questionable whether users are able to adequately evaluate the risks of data disclosures. As mediating authority, data protection laws try to protect user data, granting enhanced protection to 'special categories' of data. In this publication, the legal, technological, and user perspectives on data sensitivity are presented and compared. From a technological perspective, all data can be referred to as 'potentially sensitive.' The legal and user perspective on data sensitivity deviate as some data types are granted special protection by the law but are not perceived as very sensitive by the users, and vice versa. Merging the three perspectives, the implications for informational self-determination are discussed.
△ Less
Submitted 15 November, 2019;
originally announced November 2019.
-
Complying with Data Handling Requirements in Cloud Storage Systems
Authors:
Martin Henze,
Roman Matzutt,
Jens Hiller,
Erik Mühmer,
Jan Henrik Ziegeldorf,
Johannes van der Giet,
Klaus Wehrle
Abstract:
In past years, cloud storage systems saw an enormous rise in usage. However, despite their popularity and importance as underlying infrastructure for more complex cloud services, today's cloud storage systems do not account for compliance with regulatory, organizational, or contractual data handling requirements by design. Since legislation increasingly responds to rising data protection and priva…
▽ More
In past years, cloud storage systems saw an enormous rise in usage. However, despite their popularity and importance as underlying infrastructure for more complex cloud services, today's cloud storage systems do not account for compliance with regulatory, organizational, or contractual data handling requirements by design. Since legislation increasingly responds to rising data protection and privacy concerns, complying with data handling requirements becomes a crucial property for cloud storage systems. We present PRADA, a practical approach to account for compliance with data handling requirements in key-value based cloud storage systems. To achieve this goal, PRADA introduces a transparent data handling layer, which empowers clients to request specific data handling requirements and enables operators of cloud storage systems to comply with them. We implement PRADA on top of the distributed database Cassandra and show in our evaluation that complying with data handling requirements in cloud storage systems is practical in real-world cloud deployments as used for microblogging, data sharing in the Internet of Things, and distributed email storage.
△ Less
Submitted 7 June, 2020; v1 submitted 29 June, 2018;
originally announced June 2018.
-
The SensorCloud Protocol: Securely Outsourcing Sensor Data to the Cloud
Authors:
Martin Henze,
René Hummen,
Roman Matzutt,
Klaus Wehrle
Abstract:
The increasing deployment of sensor networks, ranging from home networks to industrial automation, leads to a similarly growing demand for storing and processing the collected sensor data. To satisfy this demand, the most promising approach to date is the utilization of the dynamically scalable, on-demand resources made available via the cloud computing paradigm. However, prevalent security and pr…
▽ More
The increasing deployment of sensor networks, ranging from home networks to industrial automation, leads to a similarly growing demand for storing and processing the collected sensor data. To satisfy this demand, the most promising approach to date is the utilization of the dynamically scalable, on-demand resources made available via the cloud computing paradigm. However, prevalent security and privacy concerns are a huge obstacle for the outsourcing of sensor data to the cloud. Hence, sensor data needs to be secured properly before it can be outsourced to the cloud. When securing the outsourcing of sensor data to the cloud, one important challenge lies in the representation of sensor data and the choice of security measures applied to it. In this paper, we present the SensorCloud protocol, which enables the representation of sensor data and actuator commands using JSON as well as the encoding of the object security mechanisms applied to a given sensor data item. Notably, we solely utilize mechanisms that have been or currently are in the process of being standardized at the IETF to aid the wide applicability of our approach.
△ Less
Submitted 12 July, 2016;
originally announced July 2016.