Auditable Computations on (Un)Encrypted Graph-Structured Data

Servio Ernesto Palacios Interiano (8635641)

29 July 2020

<div>Graph-structured data is pervasive. Modeling large-scale network-structured datasets require graph processing and management systems such as graph databases. Further, the analysis of graph-structured data often necessitates bulk downloads/uploads from/to the cloud or edge nodes. Unfortunately, experience has shown that malicious actors can compromise the confidentiality of highly-sensitive data stored in the cloud or shared nodes, even in an encrypted form. For particular use cases —multi-modal knowledge graphs, electronic health records, finance— network-structured datasets can be highly sensitive and require auditability, authentication, integrity protection, and privacy-preserving computation in a controlled and trusted environment, i.e., the traditional cloud computation is not suitable for these use cases. Similarly, many modern applications utilize a "shared, replicated database" approach to provide accountability and traceability. Those applications often suffer from significant privacy issues because every node in the network can access a copy of relevant contract code and data to guarantee the integrity of transactions and reach consensus, even in the presence of malicious actors.</div><div><br></div><div>This dissertation proposes breaking from the traditional cloud computation model, and instead ship certified pre-approved trusted code closer to the data to protect graph-structured data confidentiality. Further, our technique runs in a controlled environment in a trusted data owner node and provides proof of correct code execution. This computation can be audited in the future and provides the building block to automate a variety of real use cases that require preserving data ownership. This project utilizes trusted execution environments (TEEs) but does not rely solely on TEE's architecture to provide privacy for data and code. We thoughtfully examine the drawbacks of using trusted execution environments in cloud environments. Similarly, we analyze the privacy challenges exposed by the use of blockchain technologies to provide accountability and traceability.</div><div><br></div><div>First, we propose AGAPECert, an Auditable, Generalized, Automated, Privacy-Enabling, Certification framework capable of performing auditable computation on private graph-structured data and reporting real-time aggregate certification status without disclosing underlying private graph-structured data. AGAPECert utilizes a novel mix of trusted execution environments, blockchain technologies, and a real-time graph-based API standard to provide automated, oblivious, and auditable certification. This dissertation includes the invention of two core concepts that provide accountability, data provenance, and automation for the certification process: Oblivious Smart Contracts and Private Automated Certifications. Second, we contribute an auditable and integrity-preserving graph processing model called AuditGraph.io. AuditGraph.io utilizes a unique block-based layout and a multi-modal knowledge graph, potentially improving access locality, encryption, and integrity of highly-sensitive graph-structured data. Third, we contribute a unique data store and compute engine that facilitates the analysis and presentation of graph-structured data, i.e., TruenoDB. TruenoDB offers better throughput than the state-of-the-art. Finally, this dissertation proposes integrity-preserving streaming frameworks at the edge of the network with a personalized graph-based object lookup.</div>

Applied Computer Science

Distributed Computing

Computer System Security

Open Software

Data Encryption

Database Management

Oblivious Smart Contract

Private Automated Certification

supply chain processes

graph structured data

authentication scheme

data ownership

graph analysis applications

Auditable Computation

encrypted graph-structured data

auditable graph analysis

graph data science

AuditGraph.io

TruenoDB

Graph database

supply chain

auditable graph computation

Blockchain

Cash is [no longer] king: is an e-krona the answer? : - a de lege ferenda investigation of the Swedish Riksbank's issuing mandate and other legal callenges in relation to economic effects on the payment market

Imamovic, Arnela

January 2019

For the past decades, the Swedish public’s payment habits have changed, where the majority of the public has abandoned the old way of making payments, using cash, and instead opted for more modern payment solutions, digital money. The difference between cash and digital money is that cash is physical and only issued by the Riksbank, whereas digital money is created by and stored on accounts at commercial banks. The question of what role the state should have on the payment market is an important point of discussion. But it is not categorically a new question; the Swedish government is tackling essentially the same problem today as it has been doing many times before. Today’s problem is to some extent however manifested in a different way. During the 20th century, discussions were held whether or not the Riksbank should have the exclusive right to issue banknotes. It was considered unnecessary, inappropriate and dangerous. The idea that the Riksbank could cover the entire economy’s need for banknotes was, according to the commercial banks, unreasonable. Nonetheless, in 1904 the exclusive right became fait accompli; the government intervened and gave the Riksbank the banknote monopoly. We are now finding ourselves facing a similar situation, where there is a difference of opinion regarding the Riksbank’s role on the payment market. It is therefore nothing new, but rather an expected task for the government, and thus the central bank, to analyze major changes and draw conclusions from them. The problem is essentially about cash being phased out by digital means of payment. In order to therefore solve the problem, the Riksbank has started a project to investigate whether or not the Riksbank should issue digital cash to the Swedish public, what the Riksbank calls an e-krona. To introduce an e-krona would be a major step, but for the public to not have access to a government alternative, seeing as cash usage is declining, is also a major step. No decision has been made yet regarding whether the e-krona will be introduced on the market or not. A decision that however has been made, is that the Riksbank is now working on building an e-krona to develop and assess the technique. Nonetheless, an introduction would undoubtedly have consequences for both the Riksbank and the commercial banks, which ultimately means it would have effects on the economy as a whole. What about regulatory aspects; is the Riksbank even allowed to issue an e-krona under current legislation? The answer is affirmative, to a certain extent. There are furthermore many other uncertainties regarding how an e-krona would affect the economy; the Riksbank does not fully answer many of the system issues in its project reports. The question of whether or not it even is up to the Riksbank to make a decision on the matter of an introduction is also questioned by the author in the thesis.

E-crown

e-crown project

central bank digital currency

money

cash

banknotes and coins

physical money

tangibles

currency

legal tender

the Swedish Riksbank Act

commercial bank money

digital money

the Swedish Riksbank

central bank

commercial bank

bank

banking law

law

jurisprudence

monetary policy

safe and efficient payment system

cash-provision

economy

the payment system

digitalization

development of society

fractional reserve banking

bank run

zero lower bound

E-krona

e-kronaprojekt

digital centralbankspeng

pengar

kontanter

sedlar och mynt

fysiska pengar

valuta

lagliga betalningsmedel

affärsbankspengar

digitala pengar

Riksbanken

centralbank

affärsbank

bank

bankrätt

juridik

Lag (1988:1385) om Sveriges riksbank

penningpolitik

säkert och effektivt betalningsväsende

kontantförsörjning

ekonomi

betalningssystemet

digitalisering

samhällsutveckling

fractional reserve banking

bankrusning

zero lower bound

Law and Society

Juridik och samhälle