Your search keyword '"identity privacy"' showing total 78 results

1. Privacy preserving spatio-temporal attribute-based encryption for cloud applications.

Author

Routray, Kasturi and Bera, Padmalochan

Abstract

Cloud computing offers scalable implementation of applications by sharing internet-based storage and computing resources. However, its ubiquitous nature introduces the security and privacy risks to sensitive data. Existing encryption techniques often rely on access control mechanisms to allow selective sharing of encrypted data. However, they don’t efficiently support secure integration of space and time constraints in the authorization mechanism, rendering them unsuitable for dynamic cloud environments. In this paper, we propose a privacy-preserving spatio-temporal attribute-based access control technique for cloud-based applications. Our approach utilizes ciphertext policy attribute-based encryption (CP-ABE) with distributed key generation, geohashes for proximity detection, and fog server-based verification. The proposed cryptosystem generates decryption keys based only on the user’s static attributes eliminating the need to manage user revocation due to frequent contextual changes. Time and location constraints are enforced through spatio-temporal locks in the access policy. Geohash enables defining authorized geographic areas while preserving user location privacy. Additionally, our system supports multiple attribute authorities for key generation, enhancing security by limiting user identity leakages and preventing key escrow attacks. Most of the decryption-related computations are outsourced to fog servers, thus, making the decryption independent of the number of attributes in the policies. The analysis of security and performance demonstrates the effectiveness of our scheme in practical cloud-based applications, enabling precise control over real-time data access while satisfying user privacy. [ABSTRACT FROM AUTHOR]

Published

2025

2. On Identity, Transaction, and Smart Contract Privacy on Permissioned and Permissionless Blockchain: A Comprehensive Survey.

Author

Liang, Wei, Liu, Yaqin, Yang, Ce, Xie, Songyou, Li, Kuanching, and Susilo, Willy

Subjects

*DATA protection, *GRAPH neural networks, *DEEP reinforcement learning, *REINFORCEMENT learning, *DATA privacy, *BLOCKCHAINS

Published

2024

3. CIM: CP-ABE-based identity management framework for collaborative edge storage.

Author

Li, Chunjiao, Wang, Liangmin, Li, Jiayi, and Fei, Yue

Subjects

SECURITY classification (Government documents), DATA warehousing, STORAGE, TRUST, INFORMATION sharing, PUBLIC key cryptography, BLOCKCHAINS

Abstract

Collaborative edge storage (CES) can provide high-quality data sharing for end users through the collaborative use of edge storage resources. However, due to the lack of trust between different edge storage servers, satisfying data authenticity, storage reliability, and identity privacy protection simultaneously become the main research challenge in the field of CES. While the emerging blockchain-based collaborative storage solutions (BBCES) can solve the problems of data authenticity and storage reliability, the transparency of blockchain makes privacy become the main issue. In this paper, we propose a CP-ABE-based identity management framework (CIM), which can effectively protect the identity information of edge entities in the BBCES. On CIM, we design a CP-ABE scheme to protect the identity privacy of edge entities by encrypting classified identity information. The encrypted identity information of a new joining entity will be recorded in the blockchain. When edge entities participate in CES, the identification number of their encrypted identity information will be recorded in the blockchain. Besides, via the tracing algorithm, the system entity can get the authorized identity information of these edge entities participating in a specific CES, which can realize identity traceability while protecting identity privacy. Further, theoretical analysis and extensive experiments have demonstrated the effectiveness and performance of this scheme in the identity privacy protection of CES. [ABSTRACT FROM AUTHOR]

Published

2024

4. Strongly Secure Identity-Based Authenticated Key Agreement Protocol With Identity Concealment for Secure Communication in 5G Network

Author

Huanhuan Lian, Burong Kang, and Libao Yang

Subjects

Identity-based cryptography, key agreement, identity privacy, non-full key escrow, 5G network, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

With the rocketing progress of the fifth generation (5G) mobile communication technology, identity-based authenticated key agreement (ID-AKA) protocol performs an increasingly significant part in secure communication. The majority of current efficient and secure ID-AKA protocols need to transmit each participant’s identity and public key information in the clear. Moreover, the long-term secret keys of participants are fully handled by the key generate center, which may give rise to new security concerns. To protect the privacy of user’s identity and ensure the security of the private keys, we propose a strongly secure identity-based authenticated key agreement scheme with identity concealment for 5G environment. The proposed scheme provides the property of non-full key escrow and eliminates the need of pairing operations. Furthermore, we show a modified security model for our protocol, and demonstrate the security analysis based on the hardness assumptions of the gap Diffie-Hellman problem and authentication encryption security. Finally, with the help of experiments and performance analysis, the detailed comparative results show that our scheme makes improvements in both efficiency and security while compared with recently proposed ID-AKA schemes.

Published

2024

5. An Overview of Privacy Dimensions on the Industrial Internet of Things (IIoT).

Author

Demertzi, Vasiliki, Demertzis, Stavros, and Demertzis, Konstantinos

Subjects

*INTERNET of things, *DIGITAL technology, *PRIVACY, *ARTIFICIAL intelligence, *DATA privacy, *INTERNET privacy

Abstract

The rapid advancements in technology have given rise to groundbreaking solutions and practical applications in the field of the Industrial Internet of Things (IIoT). These advancements have had a profound impact on the structures of numerous industrial organizations. The IIoT, a seamless integration of the physical and digital realms with minimal human intervention, has ushered in radical changes in the economy and modern business practices. At the heart of the IIoT lies its ability to gather and analyze vast volumes of data, which is then harnessed by artificial intelligence systems to perform intelligent tasks such as optimizing networked units' performance, identifying and correcting errors, and implementing proactive maintenance measures. However, implementing IIoT systems is fraught with difficulties, notably in terms of security and privacy. IIoT implementations are susceptible to sophisticated security attacks at various levels of networking and communication architecture. The complex and often heterogeneous nature of these systems makes it difficult to ensure availability, confidentiality, and integrity, raising concerns about mistrust in network operations, privacy breaches, and potential loss of critical, personal, and sensitive information of the network's end-users. To address these issues, this study aims to investigate the privacy requirements of an IIoT ecosystem as outlined by industry standards. It provides a comprehensive overview of the IIoT, its advantages, disadvantages, challenges, and the imperative need for industrial privacy. The research methodology encompasses a thorough literature review to gather existing knowledge and insights on the subject. Additionally, it explores how the IIoT is transforming the manufacturing industry and enhancing industrial processes, incorporating case studies and real-world examples to illustrate its practical applications and impact. Also, the research endeavors to offer actionable recommendations on implementing privacy-enhancing measures and establishing a secure IIoT ecosystem. [ABSTRACT FROM AUTHOR]

Published

2023

6. Research on identity authentication system of Internet of Things based on blockchain technology

Author

Liu Yanhui, Zhang Jianbiao, Muhammad Salman Pathan, Yuan Yijian, Zhang Puzhe, Sarah Maroc, and Avishek Nag

Subjects

Internet of Things, Identity Privacy, Hyperledger Fabric, Ring Signature, Aggregate Signature, Electronic computers. Computer science, QA75.5-76.95

Abstract

With the development of the Internet of Things (IoT) and its applications, a large amount of data is generated regularly. If this information is used by malicious attackers, it will be a great disaster for the relevant users. In this regard, this article focuses on the user’s identity privacy issues involved in the IoT. By protecting the user’s identity privacy, the attacker cannot associate the obtained data with the user’s real identity, and so achieve the purpose of protecting the user. This article uses the features of blockchain that cannot be tampered with nor forged to strengthen the reliability of the system. The proposed scheme saves the transaction information of user information through the Hyperledger and uses the ring signature method to obscure the real identity. A key generator is used to generate system public parameters and ring membership information required for signature. Users can use this information to hide their identity in a ring group of n users so that other users can only guess the true identity of the user with a probability of 1/n. Additionally, the method of aggregated signature is used to shorten the time and space required for k signature verification to 1/k, which greatly improves the efficiency. Finally, this article also uses an accountability mechanism to punish some attackers who attempt to waste system resources by revealing the real identity of the attacker and refusing to serve him. In this paper, GO language is used to write chain code to realize the proposed algorithm, and a prototype system is built through HyperLeger Fabric blockchain network, and the prototype system is verified by experiment. The correctness and efficiency of the above scheme are also proved through theoretical analysis and experiments.

Published

2022

7. Privacy-Aware Access Protocols for MEC Applications in 5G

Author

Gizem Akman, Philip Ginzboorg, and Valtteri Niemi

Subjects

MEC, 5G, IoT, identity privacy, data unlinkability, data confidentiality, Computer engineering. Computer hardware, TK7885-7895, Electronic computers. Computer science, QA75.5-76.95

Abstract

Multi-access edge computing (MEC) is one of the emerging key technologies in fifth generation (5G) mobile networks, providing reduced end-to-end latency for applications and reduced load in the transport network. This paper proposes mechanisms to enhance user privacy in MEC within 5G. We consider a basic MEC usage scenario, where the user accesses an application hosted in the MEC platform via the radio access network of the mobile network operator (MNO). First, we create a system model based on this scenario. Second, we define the adversary model and give the list of privacy requirements for this system model. We also analyze the impact on user privacy when some of the parties in our model share information that is not strictly needed for providing the service. Third, we introduce a privacy-aware access protocol for the system model and analyze this protocol against the privacy requirements.

Published

2022

8. A remote attestation mechanism using group signature for the perception layer in centralized networking

Author

Jing Huang, Hui-Juan Zhang, Shen He, Jia Chen, and Zhe-Yuan Sun

Subjects

Perception nodes, Credibility, Identity privacy, A remote attestation mechanism, Group signature, Telecommunication, TK5101-6720, Electronics, TK7800-8360

Abstract

Abstract As the important transmission approach of the perception data, the security and privacy of the perception layer nodes have been paid more and more attention. To evaluate the credibility of the perception nodes and protect autologous identity privacy, a remote attestation mechanism using group signature (GS-RAM) for the perception layer of centralized networking is proposed in this paper. First, a RAM, based on the computational Diffie–Hellman (CDH) problem and GS, is established for the data source of the perception nodes. Second, the specific construction of the proposed GS-RAM is given to identify the trusted state of data sources without exposing the privacy of the perception nodes. Then, a strict security certification was carried out to verify the correctness, unforgeability, anonymity, traceability, unrelatedness, non-framing, anti-joint aggression and forward security of the proposed GS-RAM. Finally, simulation experiments are carried out to verify that the proposed scheme has better security and dynamic adaptability.

Published

2022

9. Research on identity authentication system of Internet of Things based on blockchain technology.

Author

Yanhui, Liu, Jianbiao, Zhang, Salman Pathan, Muhammad, Yijian, Yuan, Puzhe, Zhang, Maroc, Sarah, and Nag, Avishek

Subjects

INTERNET of things, BLOCKCHAINS, K-spaces, GROUP identity, RELIABILITY in engineering, GROUP rings

Abstract

With the development of the Internet of Things (IoT) and its applications, a large amount of data is generated regularly. If this information is used by malicious attackers, it will be a great disaster for the relevant users. In this regard, this article focuses on the user's identity privacy issues involved in the IoT. By protecting the user's identity privacy, the attacker cannot associate the obtained data with the user's real identity, and so achieve the purpose of protecting the user. This article uses the features of blockchain that cannot be tampered with nor forged to strengthen the reliability of the system. The proposed scheme saves the transaction information of user information through the Hyperledger and uses the ring signature method to obscure the real identity. A key generator is used to generate system public parameters and ring membership information required for signature. Users can use this information to hide their identity in a ring group of n users so that other users can only guess the true identity of the user with a probability of 1/n. Additionally, the method of aggregated signature is used to shorten the time and space required for k signature verification to 1/k, which greatly improves the efficiency. Finally, this article also uses an accountability mechanism to punish some attackers who attempt to waste system resources by revealing the real identity of the attacker and refusing to serve him. In this paper, GO language is used to write chain code to realize the proposed algorithm, and a prototype system is built through HyperLeger Fabric blockchain network, and the prototype system is verified by experiment. The correctness and efficiency of the above scheme are also proved through theoretical analysis and experiments. [ABSTRACT FROM AUTHOR]

Published

2022

10. Best of two worlds: Efficient, usable and auditable biometric ABC on the blockchain.

Author

Sarier, Neyire Deniz

Subjects

*SIM cards, *SMARTPHONES, *COST analysis, *BIOMETRY, *GENERAL Data Protection Regulation, 2016, *HUMAN facial recognition software

Abstract

In García-Rodríguez et al. 2024, two generic constructions for biometric-based non-transferable Attribute Based Credentials (biometric ABC) are presented, which offer different trade-offs between efficiency and trust assumptions. In this paper, we focus on the second scheme denoted as BioABC-ZK that tries to remove the strong (and unrealistic) trust assumption on the Reader R, and we show that BioABC-ZK has a security flaw for a colluding R and Verifier V. Besides, BioABC-ZK lacks GDPR-compliance, which requires secure processing of biometrics, for instance in form of Fuzzy Extractors, as opposed to (i) storing the reference biometric template a B i o in the user's mobile phone and (i i) processing of biometrics using an external untrusted R, whose foreign manufacturers are unlikely to adjust their products according to GDPR. The contributions of this paper are threefold. First, we review efficient biometric ABC schemes to identify the privacy-by-design criteria for them. In view of these principles, we propose a new architecture for biometric ABC of Sarier 2021 by adapting the recently introduced core/helper setting. Briefly, a user in our modified setting is composed of a constrained core device (a SIM card) inside a helper device (a smart phone with dual SIM and face recognition feature), which – as opposed to García-Rodríguez et al. 2024 – does not need to store a B i o. This way, the new design provides Identity Privacy without the need for an external R and/or a dedicated hardware per user such as a biometric smart card reader or a tamper proof smart card as in current hardware-bound credential systems. Besides, the new system maintains minimal hardware requirements on the SIM card – only responsible for storing ABC and helper data –, which results in easy adoption and usability without loosing efficiency, if deep face fuzzy vault and our modified ABC scheme are employed together. As a result, a total overhead of 500 ms to a showing of a comparable non-biometric ABC is obtained instead of the 2.1 s in García-Rodríguez et al. 2024 apart from the removal of computationally expensive pairings. Finally, as different from García-Rodríguez et al. 2024, auditing is achieved via Blockchain instead of proving in zero-knowledge the actual biometric matching by the user to reveal malicious behavior of R and V. • Review on biometric-based non-transferable Attribute Based Credential (biometric ABC) • Insecurity/inefficiency of BioABC-ZK for Know-Your-Customer (KYC) attributes • Privacy-by-design principles of biometric ABC considering KYC attributes • Adapting ABC of Sarier (2021) via core/helper setting for biometric ABC on Blockchain • Security – including Identity Privacy – and Cost Analysis of biometric ABC [ABSTRACT FROM AUTHOR]

Published

2025

11. Multi-Fogs-Based Traceable Privacy-Preserving Scheme for Vehicular Identity in Internet of Vehicles.

Author

Gu, Ke, Wang, Keming, Li, Xiong, and Jia, Weijia

Abstract

Internet of Vehicles (IoV) is a variant of Vehicular Ad-Hoc Network (VANET), it is being developed as an important communication way between vehicles. However, when some traffic messages are collected in IoV, these messages are usually linked to specific identifiable information. Therefore, there exists the privacy-preserving problem of vehicular identities in IoV. On the other hand, if the private information of vehicles is fully protected in IoV, then the true vehicular identities cannot be determined because the transferred messages are not related with the specific information of vehicles. Then it will also lead to more security problems in IoV. Additionally, fog computing seamlessly integrates heterogeneous computing resources widely distributed in edge networks and then provides stronger computing services for users. Therefore, in this paper we propose a decentralized traceable privacy-preserving scheme for vehicular identity in fog computing-based IoV, where our scheme uses multiple fog servers to trace the specific identity and most likely trajectory of a vehicle by the collected data under certain conditions. In our scheme, the true identity of a vehicle is hidden to some related parameters generated by the certificate authority; further the secret sharing scheme is used to hide and trace the true identity of a vehicle. We construct a voting mechanism to generate the most reliable fog server, which is able to calculate the true identity and corresponding trajectory of a vehicle by reconstructing the polynomial based on the secret sharing scheme. Additionally, we analyze that our scheme can satisfy the security requirements, and formally prove that the data collection procedure is secure under the real-or-random model. Also, the experimental results show our scheme is efficient in IoV. [ABSTRACT FROM AUTHOR]

Published

2022

12. IPSadas: Identity‐privacy‐aware secure and anonymous data aggregation scheme.

Author

Ren, Pei, Li, Fengyin, Wang, Ying, Zhou, Huiyu, and Liu, Peiyu

Subjects

KEY agreement protocols (Computer network protocols), WIRELESS sensor networks, TELECOMMUNICATION systems, AD hoc computer networks

Abstract

Intelligent systems are technologically advanced machines that can sense and respond to the surrounding environment. They have been widely used in medicine, military, transportation, automation, and other fields. However, when these systems deal with their environments, problems such as leakage of identities may occur. The adversary can damage the system communication and attack important nodes. To handle resource‐constrained wireless sensor network environments, we propose a secure and anonymous data aggregation scheme. First, based on the bilinear mapping operation and onion routing concepts, we propose a key negotiation and secure information transmission scheme, which conducts confidential transmission and anonymous forwarding of messages in data aggregation. Second, an aggregation routing scheme based on link direction and residual energy is proposed to pledge messages that can arrive the base station without passing through many nodes, which saves network resources to a certain extent. Third, on the basis of the first two contributions, we propose an identity‐privacy‐aware secure and anonymous data aggregation scheme that protects the identity's privacy. This scheme can conceal the real identity of important nodes and protect the anonymity of messages and link relationships. In addition, an anonymous identity update and synchronization scheme is also proposed to ensure the reliability and security of communication. Meanwhile, our performance evaluations and simulations show that the proposed framework is more effective than several standard schemes with respect to the ability against various attacks, security, and overhead. [ABSTRACT FROM AUTHOR]

Published

2022

13. Enhancing the Elliptic Curve Integrated Encryption Scheme in 5G mobile network for home network identity privacy.

Abstract

In mobile network, ensuring privacy to the subscriber is an obligation of the mobile operator. It is the responsibility of the operator to ensure that the private information about the subscriber like his/her identity does not get compromised. While adopting technologies with regards to issues like this, operators mostly follow specifications standardized by the third Generation Partnership Project (3GPP). In a recent technical specification published by 3GPP for 5G mobile network, an Elliptic Curve Integrated Encryption Scheme (ECIES) is adopted for identity privacy. However, this scheme does not emphasize on protecting the identity of the home network with which the subscriber is registered. This may make the subscriber vulnerable to tracking by an adversary in a visited network through his/her home network identity. In this paper, we propose an enhanced scheme called scheme for home network identity privacy. Through a formal and an informal security analysis, the proposed scheme is found to be secured. Through a performance analysis, it is found that the scheme achieves its objective of securing the home network identity of the subscriber at the expense of 47% additional computation at the UE in comparison with the execution time that is incurred by ECIES. [ABSTRACT FROM AUTHOR]

Published

2022

14. A Privacy Protection Scheme for Cross-Chain Transactions Based on Group Signature and Relay Chain.

Author

Liang, Xiubo, Zhao, Yu, Wu, Junhan, and Yin, Keting

Abstract

Recently, with the rapid development of blockchain technology, the information interaction and value transfer problems between different blockchains have become the focus of research. The cross-chain technology is to solve the cross-chain operation problems of assets and data between different chains. However, the existing cross-chain technology has the problem of identity privacy leakage. Therefore, this article proposes a cross-chain privacy protection scheme for consortium blockchains based on group signature, certificate authority, and relay chain. The scheme is divided into three cross-chain service layers, called the management layer, the transaction layer, and the group layer. The management layer is responsible for the forwarding of cross-chain transactions, the transaction layer includes the blockchains that actually participate in cross-chain transactions, and the group layer is responsible for group signature related work. Through this scheme, the identity privacy of both parties to the transaction can be protected during the cross-chain transaction process. [ABSTRACT FROM AUTHOR]

Published

2022

15. Privacy-Aware Access Protocols for MEC Applications in 5G †.

Author

Akman, Gizem, Ginzboorg, Philip, and Niemi, Valtteri

Subjects

EDGE computing, 5G networks, RADIO access networks, INTERNET of things, DATA security

Abstract

Multi-access edge computing (MEC) is one of the emerging key technologies in fifth generation (5G) mobile networks, providing reduced end-to-end latency for applications and reduced load in the transport network. This paper proposes mechanisms to enhance user privacy in MEC within 5G. We consider a basic MEC usage scenario, where the user accesses an application hosted in the MEC platform via the radio access network of the mobile network operator (MNO). First, we create a system model based on this scenario. Second, we define the adversary model and give the list of privacy requirements for this system model. We also analyze the impact on user privacy when some of the parties in our model share information that is not strictly needed for providing the service. Third, we introduce a privacy-aware access protocol for the system model and analyze this protocol against the privacy requirements. [ABSTRACT FROM AUTHOR]

Published

2022

16. Cryptanalysis on an organization-friendly blockchain system.

Author

Zhang Ying and Jiang Rui

Subjects

CRYPTOGRAPHY, BLOCKCHAINS, FORGERY, COLLUSION, DISTRIBUTED computing

Abstract

To verify that an organization-friendly blockchain system may suffer from forgery and collusion attacks, forgery and collusion attacks were theoretically carried out according to the phase sequence of an organization-friendly blockchain system. Then, the organization-friendly blockchain system was improved and based on the phase sequence forgery and collusion attacks were conducted. The results show that the attacker can obtain illegal transaction data from forgery and collusion attacks on the organization-friendly blockchain system. However, for the improved organization-friendly blockchain, the attacker's forgery and collusion attacks cannot be completed. Therefore, the organization-friendly blockchain system may be subject to forgery and collusion attacks, but the improved organization-friendly blockchain system can prevent such attacks. [ABSTRACT FROM AUTHOR]

Published

2022

17. A remote attestation mechanism using group signature for the perception layer in centralized networking.

Author

Huang, Jing, Zhang, Hui-Juan, He, Shen, Chen, Jia, and Sun, Zhe-Yuan

Subjects

PRIVACY, ANONYMITY, CERTIFICATION

Abstract

As the important transmission approach of the perception data, the security and privacy of the perception layer nodes have been paid more and more attention. To evaluate the credibility of the perception nodes and protect autologous identity privacy, a remote attestation mechanism using group signature (GS-RAM) for the perception layer of centralized networking is proposed in this paper. First, a RAM, based on the computational Diffie–Hellman (CDH) problem and GS, is established for the data source of the perception nodes. Second, the specific construction of the proposed GS-RAM is given to identify the trusted state of data sources without exposing the privacy of the perception nodes. Then, a strict security certification was carried out to verify the correctness, unforgeability, anonymity, traceability, unrelatedness, non-framing, anti-joint aggression and forward security of the proposed GS-RAM. Finally, simulation experiments are carried out to verify that the proposed scheme has better security and dynamic adaptability. [ABSTRACT FROM AUTHOR]

Published

2022

18. A Lightweight Auditing Service for Shared Data with Secure User Revocation in Cloud Storage.

Author

Rabaninejad, Reyhaneh, Attari, Mahmoud Ahmadian, Asaar, Maryam Rajabzadeh, and Aref, Mohammad Reza

Abstract

As data sharing has become one of the most popular services offered by cloud storage, designing public auditing mechanisms for integrity of shared data becomes more important. Two problems which arise in shared data auditing include preserving users identity and collusion resistant revocation of users. When data stored at the cloud is shared among a group of users, different users may modify and sign different data blocks which leaks signer identities to the public verifier. Also, when a user is revoked from the group, signatures generated by this user should be re-signed by the cloud server using re-signature keys. In addition, collusion of cloud server and the revoked user should leak no information about the private key of other users. In this paper, by employing a new proxy re-signature scheme, we propose a public shared data auditing mechanism that provides identity privacy and collusion resistant user revocation, simultaneously. The proposed protocol requires only lightweight computations at the user side for signing data blocks in real-time online phase. Moreover, our protocol supports large dynamic group of users, batch auditing and dynamic data operations. Experimental results demonstrate excellent efficiency of our scheme in comparison to the state of the art. [ABSTRACT FROM AUTHOR]

Published

2022

19. Designated Server Certificateless Deniably Authenticated Encryption With Keyword Search

Author

Yulei Zhang, Long Wen, Yongjie Zhang, and Caifen Wang

Subjects

Certificateless, designated tester, deniably authenticated, identity privacy, searchable encryption, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

In email system, the cryptography technology has been used to defend email secrets, so it is important to search specific encrypted emails on cloud sever without local decryption. The Public key encryption with keyword search (PEKS) might is a suitable way to perform the email ciphertext search. However, most existing PEKS schemes cannot protect the identity privacy of data sender. Deniably authenticated encryption (DAE) technique allows the data sender to deny his/her involvement after the communication. Moreover, the receiver can verify the authenticity of ciphertext in DAE, which assures the identity privacy of data sender. In this paper, so as to solve the above shortages in existing PEKS schemes, we introduce an original scheme called designated server certificateless deniably authenticated encryption with keyword search (dCLDAEKS), where leverages the techniques of DAE and designated server. In dCLDAEKS, data sender authenticates the messages and simultaneously encrypt them. Meanwhile, only designated server has ability to execute search ciphertext operation for receivers. So there is no adversary including the server can launch inside or outside offline KGA. Therefore dCLDAEKS scheme can better protect the identity privacy of data sender. In addition, compared the related schemes in the literature, dCLDAEKS scheme perform less efficient in some procedure, but it can against inside KGA and better protect the sender's identity privacy.

Published

2019

20. IMSI-based Routing and Identity Privacy in 5G

Author

Mohsin Khan, Valtteri Niemi, and Philip Ginzboorg

Subjects

Cellular Networks, 5G, Identity Privacy, Cryptography, Identity Based Encryption, Telecommunication, TK5101-6720

Abstract

In 5G, identity privacy of a user is proposed to be protected by concealing the identifier of the user. In order to route the concealed identifier to the appropriate destination, certain information about the international mobile subscriber identity (IMSI) - country code and network code, need to be revealed. But, as was recently pointed out, the routing of requests for authentication information between visited and home network and also within the home network, needs more information about the IMSI to be revealed. It was also recently pointed out that there are restrictions on user identity privacy due to lawful interception in the serving network. In this new context, we reexamine published alternative solutions of identity privacy. We find the previously promising solutions e.g., solution based on public key of home network become less promising. We find the solution based on identity based encryption becomes more promising than it was before.

Published

2018

21. Deniably authenticated searchable encryption scheme based on Blockchain for medical image data sharing.

Author

Zhang, Yu-lei, Wen, Long, Zhang, Yong-jie, and Wang, Cai-fen

Subjects

IMAGE encryption, BLOCKCHAINS, DIAGNOSTIC imaging, DATA security failures, CLOUD computing

Abstract

In the cloud applications of medical data based on blockchain, doctors and managers usually want to obtain image data shared by other healthcare institutions. To ensure the privacy and workability of the image data, it is necessary to encrypt plain image data, retrieve cypher data and verify the authenticity of the data. Public key authenticated searchable encryption (PAEKS) is an effective mechanism to realize the privacy and workability properties of data. However, the existing PAEKS schemes are unable to realize the identity privacy protection of the data owner, and the traditional blockchain system (such as the Bitcoin) cannot achieve these goals directly. To overcome the above drawback, we first present a deniably authenticated searchable encryption scheme for medical image data sharing (DASES) that is based on blockchain and deniably authenticated encryption technology. The DASES takes advantage of blockchain technology to ensure the non-tampered, unforgettable and traceability of the image data, and it also avoids the limitation of the blockchain's own storage and computing power. The DASES can not only withstand inside keyword guessing attack (IKGA) but also provide effective privacy protection and verify the authenticity of medical image data. Hence, it can better protect the privacy of data senders and provide stronger security. Next, we prove that the DASES satisfies the indistinguishability of the ciphertext and trapdoor. It is regrettable that the DASES is less efficient than related schemes in the literature, but its greatest strength is its ability to provide better identity privacy protection and stronger security. [ABSTRACT FROM AUTHOR]

Published

2020

22. Two-Stage Privacy-Preserving Mechanism for a Crowdsensing-Based VSN

Author

Hui Li, Dan Liao, Gang Sun, Ming Zhang, Du Xu, and Zuijiao Han

Subjects

VSN, crowdsensing, identity privacy, location privacy, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Vehicular social networks (VSNs) are moving from infancy to maturity. However, the characteristics of wireless channel availability and the high mobility of vehicles in the VSNs create new challenges for privacy preservation; the corresponding solutions require a combination of technologies. A common theme in this paper is the combination of crowdsensing (CS) and the VSNs. We first design a three-layer CS-based VSN architecture that includes a CS layer, mobile management layer, and core control layer. Then, we propose a two-stage privacy-preserving (TSPP) algorithm to protect identity and location privacy for the CS-based VSN. In TSPP algorithm, to protect identity privacy, we design a way of identity management. Simultaneously, by correlation analysis, we design a suppression strategy to satisfy ε-privacy with no information loss for location privacy protection. The simulation results show that our proposed TSPP algorithm better protects identity and location privacy than current algorithms. The results are based on four metrics: average processing time, identity privacy, location privacy, and information loss.

Published

2018

23. Privacy protection in mobile crowd sensing: a survey.

Author

Wang, Yongfeng, Yan, Zheng, Feng, Wei, and Liu, Shushu

Subjects

*DATA privacy, *PRIVACY, *DISCLOSURE, *PERSONALLY identifiable information, *PUBLIC safety, *CROWDS, *CROWDSENSING

Abstract

The unprecedented proliferation of mobile smart devices has propelled a promising computing paradigm, Mobile Crowd Sensing (MCS), where people share surrounding insight or personal data with others. As a fast, easy, and cost-effective way to address large-scale societal problems, MCS is widely applied into many fields, e.g., environment monitoring, map construction, public safety, etc. Despite the popularity, the risk of sensitive information disclosure in MCS poses a serious threat to the participants and limits its further development in privacy-sensitive fields. Thus, the research on privacy protection in MCS becomes important and urgent. This paper targets the privacy issues of MCS and conducts a comprehensive literature research on it by providing a thorough survey. We first introduce a typical system structure of MCS, summarize its characteristics, propose essential requirements on privacy on the basis of a threat model. Then, we survey existing solutions on privacy protection and evaluate their performances by employing the proposed requirements. In essence, we classify the privacy protection schemes into four categories with regard to identity privacy, data privacy, attribute privacy, and task privacy. Besides, we review the achievements on privacy-preserving incentives in MCS from four viewpoints of incentive measures: credit incentive, auction incentive, currency incentive, and reputation incentive. Finally, we point out some open issues and propose future research directions based on the findings from our survey. [ABSTRACT FROM AUTHOR]

Published

2020

24. Blockchain Meets VANET: An Architecture for Identity and Location Privacy Protection in VANET.

Author

Li, Hui, Pei, Lishuang, Liao, Dan, Sun, Gang, and Xu, Du

Subjects

ARCHITECTURE, PRIVACY, INTERNET of things

Abstract

With the breakthroughs in sensor technology and internet of things, Vehicular Ad Hoc Network (VANET) is developing into a new generation. The technical challenges of current VANET are decentralized architecture deployment and privacy protection. Since the blockchain owns the characteristics of being decentralized, distributed, collective maintenance and non-tampering, this paper designs a novel decentralized architecture using blockchain technology, which is called blockchain-based VANET. The blockchain-based VANET involves four major stages: blockchain set-up, registration of vehicles, SBMs upload, and blockchain record. It can effectively address the problems of centralization and mutual distrust between entities in current VANET. For protecting identity and location privacy, we propose UGG, IPP and LPP algorithms with the way of dynamic threshold encryption and k-anonymity unity in the stage of SBMs upload of blockchain-based VANET. To quantify the availability of k-anonymity unity, we propose two indicators: connectivity and average distance. Extensive simulations have been conducted to validate the effectiveness of blockchain-based VANET. We analyze the simulation results from four aspects: system time, average distance, connectivity, and privacy leakage. The simulation results show that our proposed architecture performs better in terms of processing time than current architectures. Furthermore, our proposed architecture shows its superior in the aspect of protecting identity and location privacy. [ABSTRACT FROM AUTHOR]

Published

2019

25. Threshold privacy-preserving cloud auditing with multiple uploaders.

Author

Wu, Ge, Mu, Yi, Susilo, Willy, Guo, Fuchun, and Zhang, Futai

Subjects

*CLOUD computing, *DATA integrity, *CLOUD storage, *DATA security, *INFORMATION technology security

Abstract

Data integrity is a critical security issue in cloud storage. The data integrity checking schemes by a third-party auditor (TPA) have attracted a lot of attention. Sharing data among multiple users (uploaders) is an attractive feature of cloud storage. Considering the scenario of multiple uploaders, privacy-preserving cloud auditing makes it possible for the TPA to publicly verify the data integrity while guarantees that it cannot learn the identity of the data uploader. In this paper, we propose a (t, n)-threshold privacy-preserving auditing scheme. Every user could generate a tag piece of a message from the tag generation algorithm individually. To respond a challenge from the TPA, the server needs at least t tag pieces from different users among all n users. Our scheme does not resort to ring signature or group signature techniques. The tag of a message consists of only one element, which is independent of the number of the users within the group. Therefore, the efficiency of tag generation and auditing of our scheme is compatible with an efficient construction (Wu et al., in: International conference on information security practice and experience ISPEC 2016, Springer, New York, 2016). We use the pairing-based cryptography library (PBC library-0.5.14) to implement the scheme and compare both the computation and transmission cost of our scheme with some existing schemes. [ABSTRACT FROM AUTHOR]

Published

2019

26. An Efficient Anonymous Authentication Scheme with Secure Communication in Intelligent Vehicular Ad-hoc Networks.

Author

Xiaojun Zhang, Liming Mu, Jie Zhao, and Chunxiang Xu

Subjects

INTELLIGENT transportation systems, PUBLIC key cryptography, SMART cards, TRAFFIC safety, DATA transmission systems, VEHICULAR ad hoc networks

Abstract

Vehicular ad-hoc networks (VANETs) have become increasingly significant in intelligent transportation systems, they play a great role in improving traffic safety and efficiency. In the deployment of intelligent VANETs, intelligent vehicles can efficiently exchange important or urgent traffic information and make driving decisions. Meanwhile, secure data communication and vehicle's identity privacy have been highlighted. To cope with these security issues, in this paper, we construct an efficient anonymous authentication scheme with secure communication in intelligent VANETs. Combing the ElGamal encryption technique with a modified Schnorr signature technique, the proposed scheme provides secure anonymous authentication process for encrypted message in the vehicle-to-infrastructure communication model, and achieves identity privacy, forward security, and reply attack resistance simultaneously. Moreover, except the trusted authority (TA), any outside entity cannot trace the real identity of an intelligent vehicle. The proposed scheme is designed on an identity-based system, which can remove the costs of establishing public key infrastructure (PKI) and certificates management. Compared with existing authentication schemes, the proposed scheme is much more practical in intelligent VANETs. [ABSTRACT FROM AUTHOR]

Published

2019

27. Cooperative Query Answer Authentication Scheme Over Anonymous Sensing Data

Author

Liangmin Wang, Qingqing Xie, and Hong Zhong

Subjects

Cooperation, query answer authentication, identity privacy, non-repudiation protocol, crowd-sensing data, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

In cloud service over crowd-sensing data, the data owner (DO) publishes the sensing data through the cloud server, so that the user can obtain the information of interest on demand. But the cloud service providers (CSP) are often untrustworthy. The privacy and security concerns emerge over the authenticity of the query answer and the leakage of the DO identity. To solve these issues, many researchers study the query answer authentication scheme for cloud service system. The traditional technique is providing DO's signature for the published data. But the signature would always reveal DO's identity. To deal with this disadvantage, this paper proposes a cooperative query answer authentication scheme, based on the ring signature, the Merkle hash tree (MHT) and the non-repudiable service protocol. Through the cooperation among the entities in cloud service system, the proposed scheme could not only verify the query answer, but also protect the DO's identity. First, it picks up the internal nodes of MHT to sign, as well as the root node. Thus, the verification computation complexity could be significantly reduced from O(log2N) to O(log2N0.5) in the best case. Then, it improves an existing ring signature to sign the selected nodes. Furthermore, the proposed scheme employs the non-repudiation protocol during the transmission of query answer and verification object to protect trading behavior between the CSP and users. The security and performance analysis prove the security and feasibility of the proposed scheme. Extensive experimental results demonstrate its superiority of verification efficiency and communication overhead.

Published

2017

28. Privacy Aware Incentivization for Participatory Sensing

Author

Martin Connolly, Ivana Dusparic, Georgios Iosifidis, and Mélanie Bouroche

Subjects

participatory sensing, identity privacy, privacy preserving, incentive mechanism, incentivization, incentive compatibility, data truthfulness, Chemical technology, TP1-1185

Abstract

Participatory sensing is a process whereby mobile device users (or participants) collect environmental data on behalf of a service provider who can then build a service based upon these data. To attract submissions of such data, the service provider will often need to incentivize potential participants by offering a reward. However, for the privacy conscious, the attractiveness of such rewards may be offset by the fact that the receipt of a reward requires users to either divulge their real identity or provide a traceable pseudonym. An incentivization mechanism must therefore facilitate data submission and rewarding in a way that does not violate participant privacy. This paper presents Privacy-Aware Incentivization (PAI), a decentralized peer-to-peer exchange platform that enables the following: (i) Anonymous, unlinkable and protected data submission; (ii) Adaptive, tunable and incentive-compatible reward computation; (iii) Anonymous and untraceable reward allocation and spending. PAI makes rewards allocated to a participant untraceable and unlinkable and incorporates an adaptive and tunable incentivization mechanism which ensures that real-time rewards reflect current environmental conditions and the importance of the data being sought. The allocation of rewards to data submissions only if they are truthful (i.e., incentive compatibility) is also facilitated in a privacy-preserving manner. The approach is evaluated using proofs and experiments.

Published

2019

29. Location-sharing protocol for privacy protection in mobile online social networks

Author

Yuanyuan Zhang, Ou Ruan, and Lixiao Zhang

Subjects

TK7800-8360, Computer Networks and Communications, Computer science, 02 engineering and technology, TK5101-6720, Computer security, computer.software_genre, Location sharing, Public-key cryptography, 0202 electrical engineering, electronic engineering, information engineering, Protocol (object-oriented programming), Private information retrieval, Location privacy, Social network, business.industry, Privacy protection, 020206 networking & telecommunications, 020207 software engineering, Identity privacy, Computer Science Applications, Signal Processing, Mobile online social networks, Telecommunication, Electronics, business, computer, Broadcast encryption, Smart cities

Abstract

Location-based services are becoming more and more popular in mobile online so-cial networks(mOSNs) for smart cities, but users' privacy also has aroused wide concern, such as locations, friend sets and other private information. At present, many location sharing protocols in mOSNs have been proposed, but these pro-tocols are inecient and ignore some security risks. In this paper, we propose a new location sharing protocol, which solves these two issues by using symmetric encryption and asymmetric encryption properly. We adopt the following methods to reduce the communication and computation costs: only setting up one loca-tion server; connecting social network server and location server directly instead of through celluar towers; avoiding broadcast encryption. We introduce dummy iden-tities to protect users' identity privacy, and prevent location server from inferring users' activity tracks by updating dummy identities in time. The details of security and performance analysis with the related protocols show that our protocol enjoys two advantages: (1) it's more ecient than the related protocols, which greatly re-duces the computation and communication costs; (2) it satises all security goals, however, most previous protocols only meet some security goals.

Published

2021

30. Enabling blockchain-assisted certificateless public integrity checking for industrial cloud storage systems.

Author

Liu, Qing, Zhang, Xiaojun, Xue, Jingting, Zhou, Rang, Wang, Xin, and Tang, Wei

Subjects

*CLOUD storage, *BLOCKCHAINS, *CLOUD computing, *FACTORS of production, *INTERNET of things, *MANUFACTURING processes, *ELECTRONIC data processing

Abstract

Due to the sharp increase in industrial data, cloud computing has been integrated into intelligent Industrial Internet of Things systems to store and process massive data. Since core data are key factors in the industrial production process, any intercepted or altered data may cause severe consequences, and the integrity and confidentiality of outsourced industrial data have become extremely concerning security issues. In this paper, we focus on devising an enhanced blockchain-assisted certificateless public integrity checking (BA-CPIC) mechanism for industrial cloud storage systems. BA-CPIC contributes to checking outsourced industrial encrypted data, and exploits the smart contract in the Ethereum blockchain to provide assistance to users for checking malicious behaviors of auditors (e.g., colluding with industrial cloud servers or lazing checking). Besides, BA-CPIC preserves the identity privacy of users enjoying outsourced storage and blockchain-assisted integrity checking services. By contrast, some misbehaved users in industrial cloud storage systems could also be traced and revoked in due course. BA-CPIC avoids both inherent drawbacks of key escrow and complex certificate management, it is provided corresponding security analysis under the certificateless security model. The performance evaluation demonstrates the feasibility of BA-CPIC in the deployment of industrial cloud storage systems. [ABSTRACT FROM AUTHOR]

Published

2023

31. Efficient chameleon hashing-based privacy-preserving auditing in cloud storage.

Author

Zhang, Jianhong and Zhao, Xubing

Subjects

*CLOUD storage, *RESEARCH in information science, *DATA integrity, *COMPUTER security, *COMPUTER security software

Abstract

Cloud storage is an important application service in cloud computing, it allows data users to store and access their files anytime, from anywhere and with any device. To ensure the security of the outsourced data, data user needs to periodically check data integrity. In some cases, the identity privacy of data user must be protected. However, in the existing preserving identity privacy protocols, data tag generation is mainly based on complex ring signature or group signature. It brings a heavy burden to data user. To ensure identity privacy of data user, in this paper we propose a novel identity privacy-preserving public auditing protocol by utilizing chameleon hash function. It can achieve the following properties: (1) the identity privacy of data user is preserved for cloud server; (2) the validity of the outsourced data is verified; (3) data privacy can be preserved for the auditor in auditing process; (4) computation cost to produce data tag is very low. Finally, we also show that our scheme is provably secure in the random oracle model, the security of the proposed scheme is related to the computational Diffie-Hellman problem and hash function problem. [ABSTRACT FROM AUTHOR]

Published

2016

32. Recent Advances and Challenges in Security and Privacy for V2X Communications

Author

Yi Qian, Rose Qingyang Hu, Dongfeng Fang, and Jiaqi Huang

Subjects

Vehicular ad hoc network, TA1001-1280, Point (typography), Computer science, business.industry, Cryptography, Computer security, computer.software_genre, privacy, Identity privacy, Dedicated short-range communications, LTE, Transportation engineering, Automotive Engineering, Cellular network, Security, V2X, Wireless, vehicular networks, business, trust management, computer, Transportation and communications, Information exchange, HE1-9990

Abstract

In recent studies, vehicular networks have been considered as a promising solution to achieve better traffic management and to improve the driving experience of drivers. In vehicular networks, vehicle-to-everything (V2X) services, e.g. on-road traffic information exchange and location-based services, are provided to facilitate road safety for vehicles and traffic management for the relevant authorities. Dedicated Short Range Communications is specifically designed for V2X communications, and recently the cellular network has shown great potential to support V2X with better performance and more applications. Due to the wireless nature of V2X communications, how to secure V2X communications and guarantee the privacy of users are great challenges that have hampered the implementation of vehicular services. Many solutions have been proposed by researchers in last two decades. In this paper, we present a comprehensive survey on the state-of-the-art solutions concerning security and privacy for V2X communications. For security, detailed discussions on cryptography based schemes and trust based schemes are provided. For privacy, we summarize and compare general solutions in preserving identity privacy and location privacy. Cellular based V2X communications have shown many advantages over DSRC, and the oncoming fifth-generation cellular technology is going to provide more possibilities to V2X. Thus, security architectures and solutions for cellular based communications are also illustrated and discussed. Finally, we summarize the remaining challenges and point out future research directions.

Published

2020

33. Efficient Mutual Authentication for Multi-domain RFID Systems Using Distributed Signatures.

Author

Braun, Michael, Meyer, Ulrike, and Wetzel, Susanne

Abstract

The use of RFID technology in complex and distributed environments often leads to a multi-domain RFID system in which security issues such as authentication of tags and readers, granting access to data, and revocation of readers turn into an administrative challenge. In this paper, we propose a new public-key-based mutual authentication protocol that addresses the reader revocation problem while maintaining efficiency and identity privacy. In addition, our new protocol integrates fine-grained access control and key establishment with mutual authentication. The core of our solution is the use of the concepts of key-splitting and distributed signatures to solve the validation and revocation problem. We show that our protocols can be implemented on RFID tags using lightweight implementations of elliptic curve cryptography. [ABSTRACT FROM AUTHOR]

Published

2010

34. A New Approach for Biometric Template Storage and Remote Authentication.

Author

Sarier, Neyire Deniz

Abstract

In this paper, we propose a new remote biometric based authentication scheme, which is designed for distributed systems with a central database for the storage of the biometric data. For our scheme, we consider the recently introduced security notions of Identity and Transaction privacy and present a different storage mechanism for biometrics resulting in a reduced database storage cost. Besides, the components of the system do not need to store any biometric template in cleartext or in encrypted form, which affects the social acceptance of the system positively. Finally, we compare our results with existing schemes satisfying the current security notions and achieve improved computational complexity. [ABSTRACT FROM AUTHOR]

Published

2009

35. Privacy Preserving Biometric Authentication on the blockchain for smart healthcare.

Author

Sarier, Neyire Deniz

Subjects

BIOMETRIC identification, CRYPTOCURRENCIES, BLOCKCHAINS, PUNISHMENT, PRIVACY, PUBLIC key cryptography, EUCLIDEAN distance, TRANSPLANTATION of organs, tissues, etc.

Abstract

Privacy Preserving Biometric Authentication (PPBA) schemes are designed for anonymous authentication of patients to protect patient's privacy in accessing healthcare services. Recently, blockchain technology in healthcare has emerged as a new research area to provide tamper-resistance and non-repudiation in e-health systems. One aspect of this research could lead to blockchain-based secure biometric identification for smart healthcare, which may face the paradox of anonymous biometric authentication on public blockchains. In this paper, we describe an efficient, fully anonymous and GDPR-compliant PPBA protocol built into the blockchain of any privacy coin such as Monero. The new protocol provides encrypted offline storage and processing in the encrypted domain. The infrastructure necessary for the online authentication is outsourced to the public blockchain that provides integrity of its data. In addition to auditing capabilities for misbehaving entities, the new system reduces the number of transactions necessary for authentication and enables revocation of biometric identities. We provide new PPBA schemes both for set difference/overlap and Euclidean distance metrics without using bilinear pairings, where the former leads to an efficient solution to the compatibility for organ transplant. We limit the generation of encrypted templates for public testing even if biometric/health data is of low min-entropy. Due to the anonymity of the cryptocurrency, we break the link between the stealth address of an authenticating user and its biometrics. We describe the user and identity privacy notions independent of the underlying privacy coin and guarantee the security of our proposal in the framework of those generic notions. Finally, we simulate the new proposal on Monero blockchain and analyze the transaction fees required for hill climbing attacks. The results show that our design leads to a natural hindrance against these attacks that could be successful even if the templates are stored as encrypted. To the best of our knowledge, this is the first efficient blockchain-based PPBA scheme that exhibits a punishment against hill climbing attacks through transaction fees. • PPBA on the blockchain solving the secure identification problem in e-health • Security against hill climbing attacks via transaction fees • Two new schemes without pairings providing an efficient solution for organ matching • Limiting generation of encrypted templates even if biometrics have low min-entropy • Revocation of biometrics and reduced number of transactions for authentication [ABSTRACT FROM AUTHOR]

Published

2022

36. Preserving identity privacy on multi-owner cloud data during public verification.

Author

Wang, Boyang, Li, Hui, Liu, Xuefeng, Li, Xiaoqing, and Li, Fenghua

Subjects

CLOUD computing security measures, VERIFICATION of computer systems, DATA integrity, CONFIDENTIAL communications, PRIVACY, COMPUTER software correctness

Abstract

ABSTRACT The low prices on cloud data storage and sharing services incentive users to outsource their data to the cloud. Because data stored in the cloud may be lost or corrupted, users are suggested to verify data integrity before the utilization of cloud data. A series of schemes have been proposed to enable a public verifier to efficiently check the correctness of cloud data without downloading the whole data from the cloud server. Unfortunately, few of them have considered about public verification on multi-owner cloud data while still preserving identity privacy of owners from public verifiers, where each block in these cloud data should be signed by multiple owners. In this paper, we design a novel public verification scheme to audit the integrity of multi-owner data stored in the cloud. With our scheme, a public verifier is able to efficiently check the integrity of multi-owner data with a very small communication cost compared with the size of the entire data. Meanwhile, the private identities of these owners are protected and not revealed to any public verifier. In addition, our scheme can also efficiently support group dynamics for multiple owners and enable batch verification. Security analyses and experimental results indicate our scheme is correct, secure and efficient. Copyright © 2013 John Wiley & Sons, Ltd. [ABSTRACT FROM AUTHOR]

Published

2014

37. Identity privacy-based reliable routing method in VANETs.

Author

Wu, Di, Wang, Xiaojing, Sun, Limin, Ling, Yan, and Zhang, Dongxia

Subjects

VEHICULAR ad hoc networks, AUTOMOBILE transmission, VEHICLES, RIGHT of privacy, MESSAGE theory (Communication), NETWORK analysis (Communication)

Abstract

In vehicular ad hoc networks (VANETs), reliable transmission and privacy of vehicles are two important issues. When vehicles are in the fast-moving environment, this paper proposes a Dynamic ID scheme which can protect the privacy of vehicles' identity. In this paper, we divide the message transferring model into the uploading process and the downloading process. The uploading process has four stages, including the Connection establishment, the game, the detecting process and the messages sending process. In the four stages, this paper uses the Dynamic ID scheme, realizing the identity privacy. In the communication of ensuring the privacy, this paper builds a game model which is based on the reliability and the frequency of contacts, accomplishing the reliable transmission. Finally, the results of the simulation demonstrate that the presented method, the Identity Privacy-based Reliable Routing method (IPRR), cannot only increase the delivery ratio, but also reduce the end to end delay and the overhead ratio of the Network. [ABSTRACT FROM AUTHOR]

Published

2014

38. An Efficient User Revocation and Encryption Methods for Secure Multi-Owner Data Sharing to Dynamic Groups in the Cloud.

Author

Narayanan, Gokul Geetha, Ranganathan, S. Raja, and Karthik, S.

Subjects

DATA encryption, DATA security, IDENTITY theft prevention, CLOUD computing, INFORMATION sharing, COMPUTER network security

Abstract

Cloud computing is well known proficient paradigm which provides an economical solution for sharing group resource among cloud users. But, in cloud environment, security of cloud data in a multi-owner model from an untrusted member is a challenging issue. Due to this issue, multi owner data sharing model has become an active research area for dynamic groups. The major goals of this work are to maintain the user access control for group manager with user privacy. To deal with the problems of dynamic group manager stage, this work proposed a delta revocation process in dynamic manner and performed a leveraging group signature with dynamic broadcast Advanced Metrics Encryption (AME). The storage overhead and an advanced Delta-Revocation List (DRL) scheme that ensures an optimized overall performance with lesser communication overhead and lesser computation cost since the proposed approach is independent with the number of revoked users and storage, as justified by the extensive analysis. [ABSTRACT FROM AUTHOR]

Published

2014

39. Trust, Identity, Privacy, and Security Considerations For Designing a Peer Data Sharing Platform Between People Living With HIV

Author

Jo Gibbs, Shema Tariq, Jon Bird, Karen C. Lloyd, Adrian Bussone, Abigail Durrant, Simone Stumpf, and Bakita Kasadha

Subjects

QA75, Computer Networks and Communications, business.industry, media_common.quotation_subject, Lived experience, Internet privacy, Human immunodeficiency virus (HIV), Identity (social science), HN, medicine.disease_cause, Identity privacy, Digital identity, Health data, Human-Computer Interaction, Data sharing, HV, RA0421, Personal identity, medicine, Psychology, business, Social Sciences (miscellaneous), media_common

Abstract

Resulting from treatment advances, the Human Immunodeficiency Virus (HIV) is now a long-term condition, and digital solutions are being developed to support people living with HIV in self-management. Sharing their health data with their peers may support self-management, but the trust, identity, privacy and security (TIPS) considerations of people living with HIV remain underexplored. Working with a peer researcher who is expert in the lived experience of HIV, we interviewed 26 people living with HIV in the United Kingdom (UK) to investigate how to design a peer data sharing platform. We also conducted rating activities with participants to capture their attitudes towards sharing personal data. Our mixed methods study showed that participants were highly sophisticated in their understanding of trust and in their requirements for robust privacy and security. They indicated willingness to share digital identity attributes, including gender, age, medical history, health and well-being data, but not details that could reveal their personal identity. Participants called for TIPS measures to foster and to sustain responsible data sharing within their community. These findings can inform the development of trustworthy and secure digital platforms that enable people living with HIV to share data with their peers and provide insights for researchers who wish to facilitate data sharing in other communities with stigmatised health conditions.

Published

2020

40. Russian Internet Research Agency Disinformation Activities on Tumblr: Identity, Privacy, and Ambivalence

Author

Indira Neill Hoch

Subjects

Cultural Studies, Government, Internet research, Communication, 05 social sciences, Media studies, 050801 communication & media studies, 02 engineering and technology, Ambivalence, Identity privacy, lcsh:P87-96, Computer Science Applications, lcsh:Communication. Mass media, 0508 media and communications, 020204 information systems, Political science, Agency (sociology), 0202 electrical engineering, electronic engineering, information engineering, Disinformation, Social media

Abstract

On 24 March 2018, Tumblr terminated 84 user accounts identified as being “linked to Internet Research Agency or IRA (a group closely tied to the Russian government) posing as members of the Tumblr community.” In response, Tumblr deleted the blogs and accounts of these 84 users but allowed reblogs of their posts to continue to circulate openly on the platform. Through a case study of posts originating with one IRA account, Lagonegirl, and qualitative interviews with 13 Tumblr users, this article considers the platform conventions and social norms that were utilized by the Lagonegirl account to facilitate its distribution of disinformation. Posing as a Black woman concerned with social justice but also sharing humorous posts that resonated with Millennials, Lagonegirl’s performance shows overlap with existing work on “Left Troll” IRA Twitter accounts while demonstrating platform specificity in the construction of posts.

Published

2020

41. IMSI-based Routing and Identity Privacy in 5G

Author

Khan, Mohsin, Niemi, Valtteri, Ginzboorg, Philip, Department of Computer Science, and Helsinki Institute for Information Technology

Subjects

Identity Privacy, lcsh:TK5101-6720, Cellular Networks, Cryptography, 113 Computer and information sciences, Identity Based Encryption, 5G, lcsh:Telecommunication

Abstract

Work-in-Progress paper In 5G, identity privacy of a user is proposed to be protected by concealing the identifier of the user. In order to route the concealed identifier to the appropriate destination, certain information about the international mobile subscriber identity (IMSI) – country code and network code, need to be revealed. But, as was recently pointed out, the routing of requests for authentication information between visited and home network and also within the home network, needs more information about the IMSI to be revealed. It was also recently pointed out that there are restrictions on user identity privacy due to lawful interception in the serving network. In this new context, we reexamine published alternative solutions of identity privacy. We find the previously promising solutions e.g., solution based on public key of home network become less promising. We find the solution based on identity based encryption becomes more promising than it was before. Non

Published

2018

42. Two-Stage Privacy-Preserving Mechanism for a Crowdsensing-Based VSN

Author

Zuijiao Han, Dan Liao, Hui Li, Gang Sun, Du Xu, and Ming Zhang

Subjects

Information privacy, General Computer Science, crowdsensing, business.industry, Computer science, location privacy, General Engineering, 020206 networking & telecommunications, 02 engineering and technology, VSN, Identity management, identity privacy, Core (game theory), Crowdsensing, Server, 0202 electrical engineering, electronic engineering, information engineering, Identity (object-oriented programming), Wireless, 020201 artificial intelligence & image processing, General Materials Science, lcsh:Electrical engineering. Electronics. Nuclear engineering, Layer (object-oriented design), business, lcsh:TK1-9971, Computer network

Abstract

Vehicular social networks (VSNs) are moving from infancy to maturity. However, the characteristics of wireless channel availability and the high mobility of vehicles in the VSNs create new challenges for privacy preservation; the corresponding solutions require a combination of technologies. A common theme in this paper is the combination of crowdsensing (CS) and the VSNs. We first design a three-layer CS-based VSN architecture that includes a CS layer, mobile management layer, and core control layer. Then, we propose a two-stage privacy-preserving (TSPP) algorithm to protect identity and location privacy for the CS-based VSN. In TSPP algorithm, to protect identity privacy, we design a way of identity management. Simultaneously, by correlation analysis, we design a suppression strategy to satisfy $\varepsilon $ -privacy with no information loss for location privacy protection. The simulation results show that our proposed TSPP algorithm better protects identity and location privacy than current algorithms. The results are based on four metrics: average processing time, identity privacy, location privacy, and information loss.

Published

2018

43. Enhancing Data Privacy in the Internet of Things (IoT) using Edge Computing

Author

Rahim Rahmani, Kazi Masum Sadique, and Paul Johannesson

Subjects

Information privacy, Computer science, Human life, Cloud computing, IoT Data Privacy, 02 engineering and technology, Computer security, computer.software_genre, Datorteknik, Identity Privacy, 0202 electrical engineering, electronic engineering, information engineering, Edge Computing, Computer Engineering, Edge computing, business.industry, 020206 networking & telecommunications, Cloud Computing, Internet of Things (IoT), Work (electrical), Software deployment, 020201 artificial intelligence & image processing, The Internet, Location Privacy, Internet of Things, business, computer

Abstract

The vast deployment of the Internet of Things (IoT) is improving human life standards every day. These IoT applications are producing a massive amount of data from the environment where it is deployed. The collected data are mostly including end-user private data or industrial data, which are transmitted over the internet to the cloud devices for storing, processing, and sharing with the connected applications. Recent IoT data privacy-related researches are mostly focused on data privacy within a particular location of the network or at a specific device, but as per our knowledge, none has pointed and listed all the places where the end-user or industrial data privacy risks exist. In this work, we have addressed both technical and management aspects to enhance the privacy of IoT data. We have identified and listed the places where IoT data privacy risks exist, followed by our proposed model for data privacy enhancement in the internet of things (IoT). A list of ten suggestions for avoiding data privacy leakage to enhance IoT data privacy enhancement is presented. The results of this work should be useful for both academic researchers and stakeholders from the industry while designing and implementing new IoT solutions for the enhancement of human society.

Published

2020

44. Privacy protection in mobile crowd sensing: a survey

Author

Shushu Liu, Wei Feng, Yongfeng Wang, Zheng Yan, Xidian University, Network Security and Trust, Department of Communications and Networking, Aalto-yliopisto, and Aalto University

Subjects

Information privacy, Computer Networks and Communications, Computer science, media_common.quotation_subject, Internet privacy, 0211 other engineering and technologies, 02 engineering and technology, task privacy, Task (project management), identity privacy, 0202 electrical engineering, electronic engineering, information engineering, attribute privacy, media_common, 021110 strategic, defence & security studies, data privacy, Mobile crowd sensing, business.industry, 020206 networking & telecommunications, Information sensitivity, Incentive, Hardware and Architecture, Threat model, incentive mechanism, business, Software, Reputation

Abstract

The unprecedented proliferation of mobile smart devices has propelled a promising computing paradigm, Mobile Crowd Sensing (MCS), where people share surrounding insight or personal data with others. As a fast, easy, and cost-effective way to address large-scale societal problems, MCS is widely applied into many fields, e.g., environment monitoring, map construction, public safety, etc. Despite the popularity, the risk of sensitive information disclosure in MCS poses a serious threat to the participants and limits its further development in privacy-sensitive fields. Thus, the research on privacy protection in MCS becomes important and urgent. This paper targets the privacy issues of MCS and conducts a comprehensive literature research on it by providing a thorough survey. We first introduce a typical system structure of MCS, summarize its characteristics, propose essential requirements on privacy on the basis of a threat model. Then, we survey existing solutions on privacy protection and evaluate their performances by employing the proposed requirements. In essence, we classify the privacy protection schemes into four categories with regard to identity privacy, data privacy, attribute privacy, and task privacy. Besides, we review the achievements on privacy-preserving incentives in MCS from four viewpoints of incentive measures: credit incentive, auction incentive, currency incentive, and reputation incentive. Finally, we point out some open issues and propose future research directions based on the findings from our survey.

Published

2019

45. Defeating the Downgrade Attack on Identity Privacy in 5G

Author

Kimmo Järvinen, Valtteri Niemi, Philip Ginzboorg, Mohsin Khan, Cremers, Cas, Lehmann, Anja, Department of Computer Science, Doctoral Programme in Computer Science, Helsinki Institute for Information Technology, University of Helsinki, Department of Communications and Networking, Aalto-yliopisto, and Aalto University

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Computer science, education, 0211 other engineering and technologies, 02 engineering and technology, Pseudonym, Identity privacy, Computer security, computer.software_genre, Public-key cryptography, 020204 information systems, Synchronization (computer science), 0202 electrical engineering, electronic engineering, information engineering, 3GPP, IMSI catchers, 021110 strategic, defence & security studies, business.industry, 113 Computer and information sciences, Downgrade attack, User equipment, Lawful interception, Identity (object-oriented programming), business, Cryptography and Security (cs.CR), computer, 5G, conference

Abstract

3GPP Release 15, the first 5G standard, includes protection of user identity privacy against IMSI catchers. These protection mechanisms are based on public key encryption. Despite this protection, IMSI catching is still possible in LTE networks which opens the possibility of a downgrade attack on user identity privacy, where a fake LTE base station obtains the identity of a 5G user equipment. We propose (i) to use an existing pseudonym-based solution to protect user identity privacy of 5G user equipment against IMSI catchers in LTE and (ii) to include a mechanism for updating LTE pseudonyms in the public key encryption based 5G identity privacy procedure. The latter helps to recover from a loss of synchronization of LTE pseudonyms. Using this mechanism, pseudonyms in the user equipment and home network are automatically synchronized when the user equipment connects to 5G. Our mechanisms utilize existing LTE and 3GPP Release 15 messages and require modifications only in the user equipment and home network in order to provide identity privacy. Additionally, lawful interception requires minor patching in the serving network.

Published

2018

46. ConGradetect: Blockchain-based detection of code and identity privacy vulnerabilities in crowdsourcing.

Author

Wang, Jitao, Sun, Guozi, Gu, Yu, and Liu, Kun

Subjects

*CROWDSOURCING, *PRIVACY, *BLOCK codes, *GRANULATION, *DATA privacy

Abstract

At present, various types of code vulnerabilities lead to a huge workload of detection. Although multi-party cooperation detection methods can be applied to improve efficiency, common crowdsourcing models are difficult to guarantee the privacy of code and identity. We design a code and identity privacy vulnerability crowdsourcing detection system ConGradetect. The system is built on a blockchain and solves code privacy issues, identity privacy issues, and reward preemption issues during the crowdsourcing detection process of vulnerabilities. In ConGradetect, users have a dynamic fake identity, which ensures that the identity of the user is not exposed, thereby avoiding the problem of information exposure caused by data accumulation. In the meantime, ConGradetect uses a local code granulation tool to perform off-line code cutting for task publishers, and uses proxy re-encryption to allocate task code blocks to ensure that the complete original code is only known to the code owner. When the task is received, a trusted key conversion is performed using smart contract. Further, we propose a method for anonymous verification of the binding relationship between task and user to prevent reward preemption and ensure that task performers can obtain corresponding legal benefits. Finally, we run the system on the Ethereum blockchain and test its performance. After testing, the feasibility of ConGradetect is proved. [ABSTRACT FROM AUTHOR]

Published

2021

47. Defeating the downgrade attack on identity privacy in 5G

Subjects

ta213, Pseudonym, 3GPP, Identity privacy, 5G, IMSI catchers

Published

2018

48. TripSense: a trust-based vehicular platoon crowdsensing scheme with privacy preservation in VANETs

Author

Hao Hu, Cheng Huang, Zonghua Zhang, Rongxing Lu, School of Electrical and Electronic Engineering (EEE), Nanyang Technological University [Singapour], Services répartis, Architectures, MOdélisation, Validation, Administration des Réseaux (SAMOVAR), Institut Mines-Télécom [Paris] (IMT)-Télécom SudParis (TSP), Ecole nationale supérieure Mines-Télécom Lille Douai (IMT Lille Douai), Institut Mines-Télécom [Paris] (IMT), and School of Electrical and Electronic Engineering

Subjects

Scheme (programming language), Security analysis, Engineering, Correctness, Crowdsensing, 02 engineering and technology, Vehicular Ad Hoc Networks, Computer security, computer.software_genre, lcsh:Chemical technology, Trust, Biochemistry, Article, Analytical Chemistry, Upload, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], 0203 mechanical engineering, 0202 electrical engineering, electronic engineering, information engineering, lcsh:TP1-1185, Electrical and Electronic Engineering, Instrumentation, computer.programming_language, Vehicular ad hoc network, business.industry, 020206 networking & telecommunications, 020302 automobile design & engineering, Platoon, Identity privacy, Atomic and Molecular Physics, and Optics, Vehicular ad hoc networks (VANET), Privacy, trust, privacy, platoon, crowdsensing, Engineering::Electrical and electronic engineering [DRNTU], business, computer, Computer network

Abstract

International audience; In this paper, we propose a trust-based vehicular platoon crowdsensing scheme, named TripSense, in VANET. The proposed TripSense scheme introduces a trust-based system to evaluate vehicles' sensing abilities and then selects the more capable vehicles in order to improve sensing results accuracy. In addition, the sensing tasks are accomplished by platoon member vehicles and preprocessed by platoon head vehicles before the data are uploaded to server. Hence, it is less time-consuming and more efficient compared with the way where the data are submitted by individual platoon member vehicles. Hence it is more suitable in ephemeral networks like VANET. Moreover, our proposed TripSense scheme integrates unlinkable pseudo-ID techniques to achieve PM vehicle identity privacy, and employs a privacy-preserving sensing vehicle selection scheme without involving the PM vehicle's trust score to keep its location privacy. Detailed security analysis shows that our proposed TripSense scheme not only achieves desirable privacy requirements but also resists against attacks launched by adversaries. In addition, extensive simulations are conducted to show the correctness and effectiveness of our proposed scheme

Published

2016

49. Privacy Aware Incentivization for Participatory Sensing.

Author

Connolly, Martin, Dusparic, Ivana, Iosifidis, Georgios, and Bouroche, Mélanie

Subjects

PRIVACY, BUILDING operation management

Abstract

Participatory sensing is a process whereby mobile device users (or participants) collect environmental data on behalf of a service provider who can then build a service based upon these data. To attract submissions of such data, the service provider will often need to incentivize potential participants by offering a reward. However, for the privacy conscious, the attractiveness of such rewards may be offset by the fact that the receipt of a reward requires users to either divulge their real identity or provide a traceable pseudonym. An incentivization mechanism must therefore facilitate data submission and rewarding in a way that does not violate participant privacy. This paper presents Privacy-Aware Incentivization (PAI), a decentralized peer-to-peer exchange platform that enables the following: (i) Anonymous, unlinkable and protected data submission; (ii) Adaptive, tunable and incentive-compatible reward computation; (iii) Anonymous and untraceable reward allocation and spending. PAI makes rewards allocated to a participant untraceable and unlinkable and incorporates an adaptive and tunable incentivization mechanism which ensures that real-time rewards reflect current environmental conditions and the importance of the data being sought. The allocation of rewards to data submissions only if they are truthful (i.e., incentive compatibility) is also facilitated in a privacy-preserving manner. The approach is evaluated using proofs and experiments. [ABSTRACT FROM AUTHOR]

Published

2019

50. Women with Dementia and their handbags: Negotiating identity, privacy and 'home' through material culture

Author

Julia Twigg and Christina Buse

Subjects

Male, Care homes, media_common.quotation_subject, Identity (social science), HM, Care setting, Memory, mental disorders, medicine, Humans, Dementia, Women, Aged, media_common, Aged, 80 and over, Social Identification, Health Policy, Gender studies, General Medicine, medicine.disease, Identity privacy, Self Concept, United Kingdom, Issues, ethics and legal aspects, Ambivalent relationship, Negotiation, H1, Anxiety, Female, medicine.symptom, Psychology, Social psychology

Abstract

The article analyses the role of handbags in the everyday lives of women with dementia. Drawing on findings from an ESRC funded U.K. study 'Dementia and Dress', it shows how handbags are significant to supporting the identities of women with dementia as 'biographical' and 'memory' objects, both in terms of the bags themselves, and the objects they contain. This is particularly so during the transition to care homes, where previous aspects of identity and social roles may be lost. Handbags are also significant to making personal or private space within care settings. However, dementia can heighten women's ambivalent relationship to their handbags, which can become a source of anxiety as 'lost objects', or may be viewed as problematic or 'unruly'. Handbags may also be adapted or discarded due to changing bodies, lifestyles and the progression of dementia.

Published

2014