In the context of cloud environments, data providers entrust their data to data consumers in order to allow further computing on their own IT infrastructure. Usage control measures allow the data provider to restrict the usage of its data even on the data consumer's system. Two of these restrictions can be the geographic location and time limitations. Current solutions that could be used to enforce such constraints can be easily manipulated. These include solutions based on the system time, organizational agreements, GPS-based techniques or simple delay measurements to derive the distance to known reference servers. With D-GATE, we propose a reliable solution that uses trusted execution environments and relies on a decentralized mesh of reference nodes, so-called GeoClients. Here, participants periodically measure the lowest network delay to each other to geolocate themselves. For data providers, it is thus possible to technically attest usage control with time and geolocation constraints without depending on centralized reference systems.

翻译：在云环境背景下，数据提供者将其数据委托给数据消费者，以允许在其自有IT基础设施上进行进一步计算。使用控制措施允许数据提供者即使在数据消费者的系统上也能限制其数据的使用。其中两项限制可以是地理位置和时间约束。当前可用于实施此类约束的解决方案容易被操纵。这些方案包括基于系统时间、组织协议、基于全球定位系统（GPS）的技术或通过简单延迟测量来推算与已知参考服务器距离的方法。通过D-GATE，我们提出了一种可靠方案，该方案利用可信执行环境，并依赖于一个去中心化的参考节点网格（称为GeoClient）。在此方案中，参与者周期性地测量彼此之间的最低网络延迟以进行地理定位。因此，数据提供者能够在不依赖中心化参考系统的情况下，从技术层面对具有时间和地理位置约束的使用控制进行验证。