Private content over IPFS

Hello guys!
I am attending an hackathon, where we showcased our solution to some problems exposed.
OFC the main point of the public was: how do we secure the data, so that we have control to who can read it when we publish it?

The idea/answer that I was providing to the questions was related to private IPFS networks, combined with a PKI to encrypt the content, but this is not enough for corporates.

What are the current mechanisms used by you guys?
I am not just focusing just about basic privacy, but more a broad discussion

OffTopic: we used IPLD to publish some cool structured data :smile:

1 Like

You can run a private IPFS network, look at ipfs-cluster.

At the moment, encryption + private networks. We’d really like an access control system but that will take quite a bit of design work.

1 Like

yes, that is what I have provided

Do you know what is the plan for this feature? or an OTA?
Is one of the feature planned to be implemented with the Filecoin money?

The Zot protocol of Red/Hubzilla might be interesting to you to allow access control in a decentralized manner.

Do you know what is the plan for this feature? or an OTA?

Nobody’s currently working on this feature at the moment.

Is one of the feature planned to be implemented with the Filecoin money?

The current proposal as described by the whitepaper relies entirely on encryption. I can’t give any promises on what may or may not exist in the initial release of Filecoin but we’d like to have a fully-functional smart-contract system and could conceivably implement some form of flexible authentication system using it. Even better than a simple authentication system, smart contracts can be used to flexibly rate-limit data access to make exfiltration hard.

Such a system is a bit at odds with the self-healing aspect of Filecoin but it that’s not a deal-breaker. As described in the whitepaper, arbitrary miners can, at least temporarily, take over abandoned contracts without interacting with owner of the contract to ensure that data isn’t lost. However, contracts could specify the precisely how and when this can happen (e.g., which miners are acceptable backups) so this isn’t a big issue, just a bit of a wrinkle.

1 Like

https://github.com/ipfs/research/blob/master/OPEN_PROBLEMS/PRESERVE_USER_PRIVACY.md packs some more information, historical context, description of previous attempts and where we still want to get at

I seem to be reading a lot of threads late and that file has moved to