Zenith seminar: Nicolas Anciaux “Personal Data Management Systems using Trusted Execution Environments” 21 nov. 2018

Abstract : Thanks to smart disclosure initiatives and new regulations like GDPR, Personal Data Management Systems (PDMS) emerges. The PDMS paradigm empowers each individual with his complete digital environment. On the bright side, this opens the way to novel value-added services when crossing multiple sources of data of a given person or crossing the data of multiple people. Yet this paradigm shift towards user empowerment raises fundamental questions with regards to the appropriateness of the functionalities and the data management and protection techniques which are offered by existing solutions to laymen users. This presentation (1) compares PDMS alternatives in terms of functionalities and threat models, (2) derives a general set of functionality and security requirements that any PDMS should consider, (3) proposes a preliminary design building upon Trusted Execution Environments for an extensive and secure PDMS reference architecture, and (4) identifies a set of challenges of implementing such a PDMS.