Top!
Hello
This article reports on the research activities completed last year by let's dev as part of the "Data Sovereignty Manager" (DASOMAN) funding project. The project duration was two years and was funded by the German Federal Ministry of Education and Research as part of the KMU-innovativ funding initiative in the technology field of information and communication technologies.
Since its launch in 2007, the KMU-innovativ funding initiative has met with an exceptionally positive response. The funding approved to date amounts to over 1,266 million euros for more than 1,700 individual and collaborative projects involving around 2,900 small and medium-sized enterprises. This means that the KMU-innovativ funding initiative represents around a quarter of the SME funding provided by the Federal Ministry of Education and Research.
The consortium of the DASOMAN funding project, led by let's dev, consisted of the following partners:
Big Data is changing the corporate world and society. The amount of available and generated data is constantly increasing; worldwide, the available storage capacity rose to approximately 7235 exabytes in 2017. This is accompanied by new, technological possibilities to manage this flood of data: High-performance computing, deep learning, "analytics at your fingertips" are no longer just technological visions, but are increasingly being applied in all areas of business and society.
At the same time, concerns are growing on the part of consumers: Is my data secure? Who is using this data? What data is being collected? Will this data be shared? DASOMAN aimed to create an end-to-end system approach for transparent, privacy-preserving and secure analytics.
Data protection and data-based business models are compatible. Modern analytics are based on anonymized information and scale through sovereign user data management. This results in the following core aspects:
The aim of the funding project is to provide end users of apps or web applications with greater transparency and decision-making options regarding the use of their data. At the same time, data processors are to be enabled to handle user data in a legally compliant manner. To this end, the Data Sovereignty Manager (DASOMAN) is placed between the end user and the data processor. The service, which consists of various components, manages the end user's data and authorizations, informs the end user if the data transmission allows conclusions to be drawn about his or her identity, and enables the end user to change user settings accordingly. On the other hand, the data processor benefits from the use of the DASOMAN service because the data collected by DASOMAN is transmitted anonymously in compliance with the law and at the same time the information value of the data is retained.
The DASOMAN application supports users in the individual and sovereign configuration of data releases for applications. In the DASOMAN funding project, methods were researched and developed that allow personal anonymity to be individually assessed before data is uploaded in encrypted form. The applications each receive separate encrypted access to the data released by the end user.
The information stream for the Showcase Movie App is shown in the figure below. There are the roles DASOMAN, end user and data user. In this example, the data user is the provider of movie reviews and is interested in transmitting personalized movie recommendations to the end user. These are assigned various attributes, which can be used for categorization, filtering and sorting. The end user can store his interests via the DASOMAN SDK integrated in the data processor's app and share them with the data processor. The data is transmitted to the DASOMAN backend in encrypted form using the encryption technology used in DASOMAN and, when released, is re-encrypted and transmitted to the data recycler. The data processor can then decrypt and utilize the data with its own key.
The app developed for the use case communicates with the 3rd party service of the data processor and receives a list of movie recommendations through it. In the first step, these are not personalized. Through the integrated DASOMAN SDK, the end user can view the data to be collected in the settings, set or change values himself and release each data type individually. This gives the end user sovereignty over his data and allows him to determine which data should be transmitted and released for the data processor. If the end user's data is released in our use case, the user data can be processed by the 3rd party service. With the help of a recommender, personalized movie recommendations are provided for the end user in the app based on the collected user data.
With DASOMAN, we provide the end user with transparency about the data that the data processor wants to collect. To ensure this, the data processor creates an app via the DASOMAN middleware and records the data attributes to be collected. In our use case, these are attributes such as genre, actor, location, etc. The DASOMAN middleware has a convenient user interface and then generates the necessary configuration files for the DASOMAN SDK. Signature procedures ensure authenticity and prevent subsequent modification of the data attributes to be collected. The DASOMAN SDK then securely transfers the data to the DASOMAN backend. If data is released by the end user, the 3rd party service of the data recycler can receive, decrypt and process this data. In our use case, personalized recommendations of movies are then transmitted to the end user via the app on the basis of the user data.
