Stay organized with collections
Save and categorize content based on your preferences.
Data sharing between Aggregation Service and Coordinators
Key Generation and Distribution Service
An essential part of how Coordinators operate, the role of Key Hosting Service is to house keys created from the Key Generation Service, whose role is to create Data Encryption Keys (DEK), and to provide them either for public-facing or private use. Public Key Hosting Service uses a Content Delivery Network (CDN) to provide such keys for encryption of user-data on the Chrome or Android clients for Aggregation Service and B&A Service. Private Key Hosting Service uses secured APIs that provide private keys that can only be accessed from within a TEE instance for decryption purposes. In the case of Aggregation Service, this would be to decrypt the raw aggregatable reports given from Attribution Reporting API or Private Aggregation API.
Aggregatable Report Accounting
The Aggregatable Reporting Account Service is used for accounting to ensure reports are not processed more than once. To do this, it uses the shared ID and the reporting origin received from Aggregation Service. When the aggregation service calls Aggregatable Reporting Account Service for budget consumption, it sends the shared ID and the reporting origin to Aggregatable Reporting Account Service. This service uses the origin for authorization and both the origin and the shared ID to keep track of budget consumption.
If the budget has not already been consumed for the specified shared ID, Aggregatable Reporting Account Service consumes the budget, keeps track of the consumption for the shared ID in a ledger, and returns a success code to Aggregation Service. The Aggregation service then generates a summary report and releases it to the ad tech. If consumption fails, an error is returned to the Aggregation Service and the aggregation job fails. Aggregation service in turn returns this error code to the ad tech.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2024-10-22 UTC."],[[["The Key Generation and Distribution Service creates and securely stores encryption keys, providing public keys via CDN for client-side encryption and private keys via secure APIs for decryption within a TEE."],["The Aggregatable Report Accounting Service prevents duplicate report processing by tracking budget consumption using shared IDs and reporting origins, ensuring reports are processed only once."],["The Aggregation Service interacts with the Key Hosting Service to decrypt aggregatable reports and the Aggregatable Report Accounting Service to manage report processing and budget consumption."]]],["Key Hosting Service creates and distributes Data Encryption Keys (DEK) via public CDNs for user-data encryption or secure APIs for private decryption within TEE instances. Aggregatable Report Accounting Service ensures reports are processed only once by receiving a shared ID and reporting origin from Aggregation Service. It verifies budget availability, records consumption in a ledger, and returns a success or error code, determining the aggregation job's success. This ensures no double processing of the report.\n"]]
