Authors:
Bernd Prünster
1
;
Florian Reimair
2
and
Andreas Reiter
2
Affiliations:
1
Secure Information Technology Center -- Austria (A-SIT), Austria
;
2
Graz University of Technology, Austria
Keyword(s):
Decentralisation, Serverless Services, P2P Networks, Personal Mesh Network, Distributed Services.
Related
Ontology
Subjects/Areas/Topics:
Data and Application Security and Privacy
;
Data Protection
;
Information and Systems Security
;
Personal Data Protection for Information Systems
;
Privacy
;
Security and Privacy in the Cloud
Abstract:
Traditional desktop computers have been outranked in terms of usage numbers by mobile devices. Still, many
popular mobile-first services rely on workflows designed decades ago for a different environment. When
relying on cloud-based services, privacy and data protection issues need to be considered. Mostly, however,
one can choose between either well-supported legacy applications or innovative niche solutions. In this paper,
we introduce the Net Rat, a framework enabling a seamless transition from existing centralised setups to
decentralised state-of-the-art services, increasing security while maintaining backwards compatibility to well-established
legacy services. We demonstrate the feasibility of our approach with a case study focusing on the
decentralisation of the e-mail service—until now, this failed due to missing backward compatibility. A security
analysis demonstrates how our approach reaches its goal of protecting user data through decentralisation. The
Net Rat is b
uilt on a solid foundation as result of a security-first design. The results of this work clearly show
the feasibility of decentralising existing services and highlight how well-established services can be improved.
Our approach also presents opportunities to develop new services based on a solid foundation.
(More)