TY - GEN
T1 - Secure and Privacy-Preserving Secondary Data Use
T2 - 2025 Annual Computer Security Applications Conference Workshops, ACSACW 2025
AU - Papatsaroucha, Dimitra
AU - Regueiro, Cristina
AU - Escalante, Marisa
AU - Martignano, Maurizio
AU - Hillman, Velislava
AU - Markakis, Evangelos K.
N1 - Publisher Copyright:
© 2025 IEEE.
PY - 2025
Y1 - 2025
N2 - Secondary use of data has become increasingly relevant over the past years, referring to the repurposing of data for cross-domain applications to extract multidisciplinary insights that would otherwise remain hidden. When it comes to secondary use of sensitive data, like health data, such efforts are frequently hampered by ethical, legal, and privacy constraints. As a result, recent efforts stress the need for infrastructures that support privacy-aware data federation. Privacy Enhancing Technologies have emerged as a tool to preserve privacy throughout the entire data sharing and computation life-cycle, while ensuring adherence to regulations, such as the General Data Protection Regulation (GDPR). Contributing to this notion, this paper presents a privacy-aware data federation framework leveraging Fully Homomorphic Encryption to enable secure cross-domain computations in the encrypted domain, avoiding centralized data storage and ensuring Data Providers retain total control over their data. Three real-world application scenarios are investigated in this work, leveraging health data to inform insights in the education domain while performance tests showcase the viability of the approach towards lawful, privacy-aware secondary use of sensitive data.
AB - Secondary use of data has become increasingly relevant over the past years, referring to the repurposing of data for cross-domain applications to extract multidisciplinary insights that would otherwise remain hidden. When it comes to secondary use of sensitive data, like health data, such efforts are frequently hampered by ethical, legal, and privacy constraints. As a result, recent efforts stress the need for infrastructures that support privacy-aware data federation. Privacy Enhancing Technologies have emerged as a tool to preserve privacy throughout the entire data sharing and computation life-cycle, while ensuring adherence to regulations, such as the General Data Protection Regulation (GDPR). Contributing to this notion, this paper presents a privacy-aware data federation framework leveraging Fully Homomorphic Encryption to enable secure cross-domain computations in the encrypted domain, avoiding centralized data storage and ensuring Data Providers retain total control over their data. Three real-world application scenarios are investigated in this work, leveraging health data to inform insights in the education domain while performance tests showcase the viability of the approach towards lawful, privacy-aware secondary use of sensitive data.
KW - fully homomorphic encryption
KW - healthcare
KW - privacy-preserving
KW - secondary use of data
UR - https://www.scopus.com/pages/publications/105036003916
U2 - 10.1109/ACSACW69556.2025.00027
DO - 10.1109/ACSACW69556.2025.00027
M3 - Conference contribution
AN - SCOPUS:105036003916
T3 - Proceedings - 2025 Annual Computer Security Applications Conference Workshops, ACSACW 2025
SP - 212
EP - 221
BT - Proceedings - 2025 Annual Computer Security Applications Conference Workshops, ACSACW 2025
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 8 December 2025 through 12 December 2025
ER -