Papers
Topics
Authors
Recent
Search
2000 character limit reached

Implementation and Privacy Guarantees for Scalable Keyword Search on SOLID-based Decentralized Data with Granular Visibility Constraints

Published 23 Apr 2026 in cs.DB and cs.IR | (2604.22100v1)

Abstract: In decentralized personal data ecosystems grounded in architectures such as Solid, users retain sovereignty over their data via personal online data stores (pods), hosted on Solid-compliant server infrastructures. In such environments, data remains under the control of pod owners, which complicates search due to distribution across numerous pods and user-specific access constraints. ESPRESSO is a decentralized framework for scalable keyword-based search across distributed Solid pods under user-defined visibility policies. It addresses key challenges of decentralized search by constructing WebID-scoped indexes within pods and employing privacy-aware metadata to enable efficient source selection and ranking across servers. This paper further introduces a formal threat model for ESPRESSO, analysing the security and privacy risks associated with the generation, aggregation, and use of indexes and metadata. These risks include unintended metadata leakage and the potential for adversaries to infer sensitive information about data that resides within personal data stores. The analysis identifies key design principles that limit metadata exposure while mitigating unauthorized inference. The proposed threat model provides a foundation for evaluating privacy-preserving decentralized search and informs the design of systems with stronger privacy guarantees.

Summary

  • The paper introduces ESPRESSO, a framework that scales keyword search on decentralized SOLID data while enforcing granular visibility constraints.
  • It employs per-WebID indexing and probabilistic metadata obfuscation to ensure privacy and prevent unauthorized statistical inference.
  • The framework’s design and threat analysis validate strong privacy guarantees and efficient federated query processing for applications like clinical trial recruitment.

Scalable Privacy-Preserving Keyword Search on Solid-Based Decentralized Data: The ESPRESSO Framework

Introduction

The proliferation of decentralized personal data ecosystems, exemplified by platforms such as Solid, challenges traditional paradigms of information retrieval. The stringent requirements of user sovereignty, fine-grained access control, and non-centralization impede the operation of standard keyword search mechanisms. "Implementation and Privacy Guarantees for Scalable Keyword Search on SOLID-based Decentralized Data with Granular Visibility Constraints" (2604.22100) systematically addresses these technical challenges. The ESPRESSO framework is introduced as a robust solution for secure, decentralized keyword search that scales efficiently across distributed Solid pods while enforcing user-defined visibility and privacy boundaries.

Motivating Scenario and Design Rationale

The core motivation is framed through a concrete healthcare use case involving the search of distributed patient-held data for clinical trial recruitment. Figure 1

Figure 1: An NHS-inspired decentralized search scenario where medical researchers discover clinical trial participants by searching Solid pods with fine-grained consent.

This scenario encapsulates the requirements for:

  • Maintaining stringent access controls linked to user authentication (WebID),
  • Enabling keyword-based search without disclosing underlying data or metadata to unauthorized entities,
  • Scaling search efficiency as the number of data pods increases,
  • Preventing privacy leakage through both direct results and indirect inference on metadata.

These requirements motivate ESPRESSO's architectural emphasis on index isolation, source selection metadata compartmentalization, and privacy-aware federated query processing.

ESPRESSO: System Architecture and Data Model

The ESPRESSO architecture is specifically tailored for decentralized information retrieval within the Solid ecosystem. Figure 2

Figure 2: High-level system architecture highlighting decentralized indexing, the overlay network, and the partitioned metadata flow.

Data Stores and Visibility Constraints

Every Solid pod is associated with a data owner and contains resources protected by Web Access Control (WAC), mapping explicit read rights to authenticated WebIDs. The set of resources visible to a search party is defined by the intersection of pod-specific access policies and the party's WebID, forming a strict visibility boundary.

Decentralized Indexing and Metadata Structures

A distinguishing design aspect is the construction of per-search-party, per-pod inverted indexes. No global index is maintained; instead, indexes are strictly scoped both in storage and access—every WebID gains access only to indexes of resources it is authorized to see.

The server and overlay levels are augmented with metadata structures to accelerate source selection and distributed ranking: Figure 3

Figure 3: Partitioned, WebID-scoped metadata at the server and overlay layers supporting efficient source selection.

These metadata structures are:

  • System-Level Metadata: Maps keywords and WebIDs to Solid servers and aggregate statistics,
  • Server-Level Metadata: Maps keywords and WebIDs to authorized pod URLs and intra-server statistics.

To further obfuscate index mappings, ESPRESSO optionally supports the deployment of probabilistic data structures (e.g., Bloom filters) scoped by WebID, making reverse engineering of keyword-to-pod mappings intractable for unauthorized parties.

Operational Workflow

Indexing and Registration

Pod owners deploy the Indexing App to create and maintain the index and metadata profile for their pods. Figure 4

Figure 4: Sequence diagram for initial pod data indexing and metadata profile creation within the decentralized architecture.

Participants register their pods via a controlled flow, ensuring only explicitly authorized metadata participates in network searches. Figure 5

Figure 5: Secure registration flow for integrating a pod into the ESPRESSO search federation.

Decentralized Search Execution

The search pipeline is initiated by a search party authenticated via their WebID:

  • The Overlay Network (e.g., via GaianDB) returns either relevant pod locations or pre-aggregated results based on federated metadata.
  • The Search App navigates the metadata hierarchy, contacting only servers and pods strictly within the search party's authorization envelope. Figure 6

    Figure 6: Path of a search request through the ESPRESSO overlay when returning relevant pod candidates.

    Figure 7

    Figure 7: Alternative search flow where the overlay network directly aggregates and returns final results.

This architectural design ensures both horizontal scalability (as pod and server numbers increase) and strict privacy enforcement, with decentralized query evaluation and no raw data egress beyond explicit consent boundaries.

Threat Model and Privacy Guarantees

Central to the paper is the comprehensive adversarial and privacy analysis leveraging a subset of the STRIDE model—specifically, Information Disclosure and Spoofing.

Adversarial Profiles and Attack Surface

  • Malicious adversaries are modeled primarily for Spoofing threats (WebID impersonation).
  • Honest-but-curious adversaries are modeled for Information Disclosure, focusing on inferential attacks through metadata inspection, result analysis, and correlation.

Attack scenarios include direct membership inference, access pattern inference, keyword frequency estimation, index reconstruction, and re-identification via auxiliary data.

Privacy Mechanisms and Formal Guarantees

The ESPRESSO privacy analysis formalizes four privacy guarantees (PG1–PG4):

  1. Visibility/Access Scope Isolation: Search result sets and exposed metadata are strictly limited to the querying party's authorized scope.
  2. WebID-Scoped Decentralized Indexing: Indexes are partitioned per WebID, effectively compartmentalizing resource visibility and precluding cross-user statistical inference.
  3. Probabilistic Source Selection Metadata: Bloom filter application further obfuscates the presence or absence of keywords and resources, introducing controlled false positives.
  4. Source-Selection Metadata Conservativity and Separability: All metadata structures are conservative (no additional information beyond authorized query results) and separable (partitioned by WebID), preventing cross-user amplification of information.

The efficacy of these mechanisms in blocking the enumerated adversarial goals is methodically summarized, with explicit mapping between attack classes and mitigations provided.

Limitations and Future Directions

Several non-goals and open problems are highlighted:

  • No differential privacy or cryptographic query processing (e.g., secure multiparty computation) is incorporated; metadata and indexes are plaintext.
  • Correctness is predicated on partially trusted servers and the non-collusion of adversaries; comprehensively malicious or colluding environments are out of scope.
  • No mechanisms are provided for traffic analysis resistance or query obfuscation beyond structural index partitioning.
  • Authentication attack surfaces (e.g., delegated agent misuse, session replay) are delegated to Solid's underlying trust infrastructure.

Potential future extensions include deployment of differential privacy, cryptographic protocols for oblivious search, and deeper integration of automated agent authentication analysis.

Conclusion

This work provides a formalized, scalable approach to privacy-preserving search in Solid-based decentralized environments. By combining per-WebID index isolation, conservative source selection metadata, and probabilistic obfuscation, ESPRESSO enforces strict access boundaries while enabling practical keyword search across a federated data ecosystem. The formal threat-model analysis clarifies the spectrum of risks and mitigation strategies, balancing realistic deployability concerns with strong privacy guarantees. The architectural decisions and analytical rigor set a foundation for future enhancements pursuing cryptographic privacy and robust resilience under more aggressive adversarial models.

Paper to Video (Beta)

No one has generated a video about this paper yet.

Whiteboard

No one has generated a whiteboard explanation for this paper yet.

Open Problems

We haven't generated a list of open problems mentioned in this paper yet.

Collections

Sign up for free to add this paper to one or more collections.