Issue No.06 - November/December (2004 vol.8)
Kenneth Goldman , IBM T.J. Watson Research Center
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MIC.2004.68
Homeland security requires that organizations share sensitive data, but both suppliers and users must typically restrict data access for security, legal, or business reasons. Matchbox database servers provide highly secure, fine-grained access control using digitally cosigned contracts to enforce sharing restrictions. To handle security operations, Matchbox uses the tamper-responding, programmable IBM 4758 cryptographic coprocessor. Matchbox servers can be distributed on a network for high availability, and parties can communicate with Matchbox over public networks — including hostile environments with untrusted hardware, software, and administrators.
Network-level security and protection, Infrastructure protection, Security and privacy protection, Access controls, Authentication, Cryptographic controls, Data encryption, Public key cryptosystems, Database management, Database security, Data mining
Kenneth Goldman, "Matchbox: Secure Data Sharing", IEEE Internet Computing, vol.8, no. 6, pp. 18-24, November/December 2004, doi:10.1109/MIC.2004.68