Data Protection and Data Sharing in Telematics

Automotive telematics may be defined as the information-intensive applications enabled for vehicles by a combination of telecommunications and computing technology. Telematics by its nature requires the capture, storage, and exchange of sensor data to obtain remote services. Such data likely include personal, sensitive information, which require proper handling to protect the driver's privacy. Some existing approaches focus on protecting privacy through anonymous interactions or by stopping information flow altogether. We complement these by concentrating instead on giving different stakeholders control over data sharing and use. In this paper, we identify several data protection challenges specifically related to the automotive telematics domain, and propose a general data protection framework to address some of those challenges. The framework enables data aggregation before data is released to service providers, which minimizes the disclosure of privacy sensitive information. We have implemented the core component, the privacy engine, to help users manage their privacy policies and to authorize data requests based on policy matching. The policy manager provides a flexible privacy policy model that allows data subjects to express rich constraint-based policies, including event-based, and spatio-temporal constraints. Thus, the policy engine can decide on a large number of requests without user assistance and causes no interruptions while driving. A performance study indicates that the overhead is stable with an increasing number of data subjects.     

Energy aware cloud-edge service placement approaches in the Internet of Things communications

In recent years, applying Internet of Things (IoT) applications has significantly increased to facilitate and improve quality of human life activities in various fields such as healthcare, education, industry, economics, etc. The energy aware cloud-edge computing paradigm has developed as a hybrid computing solution to provide IoT applications using available cloud service providers and fog nodes for the smart devices and mobile applications. Since the IoT applications are developed in the form of several IoT services with various quality of service (QoS) metrics which can deploy on the cloud-edge providers with different resource capabilities, finding an efficient placement solution as one of challenging topics to be measured for IoT applications. The service placement issue arranges IoT applications on the cloud-edge providers with various capabilities of atomic services though sufficient different QoS factors to support service level agreement (SLA) contracts. This paper presents a technical analysis on the cloud-edge service placement approaches in IoT systems. The key point of this technical analysis is to identify substantial studies in the service placement approaches which need additional consideration to progress more efficient and effective placement strategies in IoT environments. In addition, a side-by-side taxonomy is proposed to categorize the relevant studies on cloud-edge service placement approaches and algorithms. A statistical and technical analysis of reviewed existing approaches is provided, and evaluation factors and attributes are discussed. Finally, open issues and forthcoming challenges of service placement approaches are presented.     

A survey on addressing privacy together with quality of context for context management in the Internet of Things

Making the Internet of Things (IoT) a reality will contribute to extend the context-aware ability of numerous sensitive applications. We can foresee that the context of users will include not only their own spatio-temporal conditions but also those of the things situated in their ambient environment and at the same time, thanks to the IoT, those that are located in other remote spaces. Consequently, next-generation context managers have to interact with the IoT underlying technologies and must, even more than before, address both privacy and quality of context (QoC) requirements. In this article, we show that the notions of privacy and QoC are intimately related and sometimes contradictory and survey the recent works addressing them. Current solutions usually consider only one notion, and very few of them started to bridge privacy and QoC. We identify some of the remaining challenges that next-generation context managers have to deal with to favour users’ acceptability by providing both the optimal QoC level and the appropriate privacy protection.     

User location privacy protection mechanism for location-based services

With the rapid development of the Internet of Things (IoT), Location-Based Services (LBS) are becoming more and more popular. However, for the users being served, how to protect their location privacy has become a growing concern. This has led to great difficulty in establishing trust between the users and the service providers, hindering the development of LBS for more comprehensive functions. In this paper, we first establish a strong identity verification mechanism to ensure the authentication security of the system and then design a new location privacy protection mechanism based on the privacy proximity test problem. This mechanism not only guarantees the confidentiality of the user’s information during the subsequent information interaction and dynamic data transmission, but also meets the service provider’s requirements for related data.     

基于混合隐私的区块链高效模型协同训练共享方案

针对海量数据下,基于区块链的联邦学习数据共享平台面临的效率低下和隐私泄露问题,该文提出基于混合隐私的区块链高效模型协同训练共享方案。在该方案中,首先根据欧氏距离设计了一种基于相似度的训练成员选择算法来选择训练成员,组成联邦社区,即通过选取少量的高匹配训练节点来提高训练的效率和效果。然后,结合阈值同态加密和差分隐私,设计一种基于混合隐私技术的模型协同训练共享方案来保证训练和共享过程中的隐私性。实验结果和系统实现表明,所提方案可以在保证训练结果准确率的情况下,实现高效训练和隐私保护下的数据共享。     

基于物联网的网络信息安全体系

物联网是计算机、互联网与移动通信网等相关技术的演进和延伸,其核心共性技术、网络与信息安全技术以及关键应用是物联网的主要研究内容。物联网感知节点大都部署在无人监控环境,并且由于物联网是在现有的网络基础上扩展了感知网络和应用平台,传统网络安全措施不足以提供可靠的安全保障。物联网安全研究将主要集中在物联网安全体系、物联网个体隐私保护模式、终端安全功能、物联网安全相关法律的制订等方面。     

A classification-based privacy-preserving decision-making for secure data sharing in Internet of Things assisted applications

The introduction of the Internet of Things (IoT) paradigm serves as pervasive resource access and sharing platform for different real-time applications. Decentralized resource availability, access, and allocation provide a better quality of user experience regardless of the application type and scenario. However, privacy remains an open issue in this ubiquitous sharing platform due to massive and replicated data availability. In this paper, privacy-preserving decision-making for the data-sharing scheme is introduced. This scheme is responsible for improving the security in data sharing without the impact of replicated resources on communicating users. In this scheme, classification learning is used for identifying replicas and accessing granted resources independently. Based on the trust score of the available resources, this classification is recurrently performed to improve the reliability of information sharing. The user-level decisions for information sharing and access are made using the classification of the resources at the time of availability. This proposed scheme is verified using the metrics access delay, success ratio, computation complexity, and sharing loss.     

基于商密SM9算法的物联网安全平台设计与应用

物联网普遍存在遭受网络攻击类型多样化、没有安全保护标准、数据极易被截获或破解等安全风险,核心问题在于缺乏设备、服务提供者、应用、数据、交易等物的安全认证机制。因此,有必要建立一种提供认证鉴权和数据保护的方案体系,建立物与物、物与人之间的信任。密码技术是解决核心安全问题的基础理论和技术,而传统的证书体系并不适应于物联网环境,基于商密SM9的算法才是目前物联网安全认证的最佳选择。物联网安全平台依赖商密SM9算法的优势,有效克服了传统算法中密钥分发安全性弱等问题,深入物联网行业终端与应用层面,建立了面向物联网业务的端到端安全。     

Security and privacy issues of physical objects in the IoT: Challenges and opportunities

In the Internet of Things (IoT), security and privacy issues of physical objects are crucial to the related applications. In order to clarify the complicated security and privacy issues, the life cycle of a physical object is divided into three stages of pre-working, in-working, and post-working. On this basis, a physical object-based security architecture for the IoT is put forward. According to the security architecture, security and privacy requirements and related protecting technologies for physical objects in different working stages are analyzed in detail. Considering the development of IoT technologies, potential security and privacy challenges that IoT objects may face in the pervasive computing environment are summarized. At the same time, possible directions for dealing with these challenges are also pointed out.     

Home IoT resistance: Extended privacy and vulnerability perspective

Home Internet of Things (IoT) services are expected to augment the efficiency and comfort of users’ daily lives; however, this expectation is eclipsed by concerns regarding privacy and vulnerability. While these concerns critically impact the acceptance of IoT services for the home, they have been discussed primarily from a traditional point of view; academic discussions of privacy and vulnerability in the current environment are lacking. This study extends existing privacy and vulnerability theories to demonstrate the importance of physical privacy and user vulnerability protections in home IoT environments. To validate the proposed research model, an empirical analysis was conducted on 265 samples with a partial least squares structural equation modeling technique. The differences in vulnerability factors, along with privacy concerns and resistance to home IoT services, were also compared by gender, experience, and type of housing. Results show that user vulnerability has the strongest impact on home IoT privacy concerns and resistance to home IoT environments. Additionally, this study found that personal factors appear differently across vulnerabilities, privacy concerns, and home IoT resistance. This study extends the traditional concepts of privacy and vulnerability to the home IoT environment.     

基于KCAC和CP-ABE的隐私保护方案研究

在商业化应用中,用户在信息共享中不能制定细粒度的访问控制,并且可能造成隐私泄露。为了解决此问题,提出了将KACA和CP-ABE算法相结合的方法来构造信息共享的隐私保护方案,实现以用户为中心的避免敏感信息泄露及可控的信息共享方案,并对方案进行了验证分析,证明了方案的可行性。     

Integration of Internet of Things and blockchain technology in healthcare domain: A systematic literature review

Healthcare is a vitally important field in the industry and evolving day by day in the aspect of technology, services, computing, and management. Its potential significance can be increased by incorporating Internet of Things (IoT) technology to make it smart in the aspect of automating activities, which is then further reformed in the healthcare domain with the help of blockchain technology. Blockchain technology provides many features to IoT-based healthcare domain applications such as restructuring by securing traditional practices, data management, data sharing, patient remote monitoring, and drug analysis. In this study, a systematic literature review has been carried out in which a total of 52 studies were selected to conduct systematic literature review from databases PubMed, IEEE Access, and Scopus; the study includes IoT technology and blockchain integration in healthcare domain-related application areas. This study also includes taxonomy that mentions the aspects and areas in healthcare domain incorporating the traditional system with the integration of IoT and blockchain to provide transparency, security, privacy, and immutability. This study also includes the incorporation of related sensors, platforms of blockchain, the objective focus of selected studies, and future directions by incorporating IoT and blockchain in healthcare domain. This study will help researchers who want to work with IoT and blockchain technology integration in healthcare domain.     

MCDP:基于神经网络的多集群分布式差分隐私数据发布方法

大数据应用能够为人们的生活和工作方式提供便捷,但包含消费记录、社交关系、地理位置等个人隐私信息的数据在发布过程中可能被服务提供商收集,用户隐私面临巨大威胁.本文首次提出了一个基于神经网络的多集群分布式差分隐私数据发布方法,能够显著缓解单服务器的数据处理压力.同时,利用神经网络算法进行隐私参数预测明显提高了预测精度和预测效率,并且集群之间不同的隐私参数也保证了方案的灵活性.此外,由于中心服务器存储的是经过差分隐私处理后的统计数据,即使中心服务器由于遭受攻击导致存储的数据泄露,也能确保用户数据隐私.实验对比分析表明,我们的方法在隐私处理效率、隐私保护强度、预测精度和预测效率等方面都有明显优势.     

Media Gateway: bringing privacy to private multimedia cloud connections

The growing interest in media sharing combined with the explosion of social applications have opened an opportunity window for cloud based applications for media management as Media Cloud, described in this article, that has brought the concept of Cloud Computing to home environments. Media Cloud provides a comprehensive and efficient solution for managing content among federated home environments. As part of the purpose of empowering the user role as well as to improve user experience, we placed significant efforts on interoperability and privacy protection when it comes to accessing cloud resources from other networks. This article describes a solution that enables limited devices to access contents located in private clouds, as Media Cloud, with the cooperation of network providers,     

基于差分隐私模型的位置轨迹发布技术研究

位置轨迹大数据的安全分享、发布需求离不开位置轨迹隐私保护技术支持。在差分隐私出现之前,K-匿名及其衍生模型为位置轨迹隐私保护提供了一种量化评估的手段,但其安全性严重依赖于攻击者所掌握的背景知识,当有新的攻击出现时模型无法提供完善的隐私保护。差分隐私技术的出现有效地弥补了上述问题,越来越多地应用于轨迹数据隐私发布领域中。该文对基于差分隐私理论的轨迹隐私保护技术进行了研究与分析,重点介绍了差分隐私模型下位置直方图、轨迹直方图等空间统计数据发布方法,差分隐私模型下轨迹数据集发布方法,以及连续轨迹实时发布隐私保护模型。与此同时,在对现有方法对比分析的基础上,提出了未来的重点发展方向。     

Privacy Preservation in Cloud Computing Using Randomized Encoding

In this era of Internet, the exchange of data between the users and service providers has grown tremendously. Organizations in health, banking, social network, criminal and government sectors have been collecting and processing the individuals’ information for their gainful purpose. However, collecting and sharing of the individuals’ information which could be sensitive and confidential, for data mining may cause a breach in data privacy. In many applications, selective data collection of confidential and sensitive information of the users’ needs to be modified for preserving it from unauthorized access and disclosure. Many data mining techniques that include statistical, k-anonymity, cryptographic, perturbation and randomization methods, etc. have been evolved for protecting and preserving data privacy. These techniques have their own limitations, it may be the case that the privacy protection is adequate or computations complexities are high and expensive. To address the limitations of the above-mentioned techniques, a methodology comprising of encoding and randomization, is proposed to preserve privacy. This technique called as Randomized Encoding (RE) technique, in which encoding is performed with addition of random noise from a known distribution to the original data for perturbing the data before its release to the public domain. The core component of this technique is a novel primitive of using Randomized Encoding (RE) which is quite similar to the spirit of other cryptographic algorithms. The reconstruction of an approximation to the original data distribution is done from the perturbed data and used for data mining purposes. There is always a trade-off between information loss and privacy preservation. To achieve balance between privacy and data utility, the dataset attributes are first classified into sensitive and quasi-identifiers. The pre-classified confidential and sensitive data attributes are perturbed using Base 64 encoding with addition of a randomly generated noise for preserving privacy. In this variable dynamic proposed approach, the result analysis of the experiment conducted suggests that the proposed technique performs computationally efficient and preserves privacy while adequately maintaining data utility in comparison with other privacy preserving techniques such as anonymization approach.

     

Security and Privacy in IoT: A Survey

The Internet of Things (IoT) is a network of globally connected physical objects, which are associated with each other via Internet. The IoT foresees the interconnection of few trillions of intelligent objects around us, uniquely and addressable every day, these objects have the ability to accumulate process and communicate data about themselves and their surrounding environment. The best examples of IoT systems are health care, building smart city with advance construction management system, public and defense surveillance and data acquisition. Recent advancement in the technology has developed smart and intelligent sensor nodes and RFIDs lead to a large number of wireless networks with smart and intelligent devices (object, or things) connected to the Internet continuously transmit the data. So to provide security and privacy to this data in IoT is a very challenging task, which is to be concerned at highest priority for several current and future applications of IoT. Devices such as smart phone, WSNs and RFIDs etc., are the major components of IoT network which are basically resource constrained devices. Design and development of security and privacy management schemes for these devices is guided by factors like good performance, low power consumption, robustness to attacks, tampering of the data and end to end security. Security schemes in IoT provide unauthorized access to information or other objects by protecting against alterations or destruction. Privacy schemes maintain the right to control about the collected information for its usage and purpose. In this paper, we have surveyed major challenges such as Confidentiality, Integrity, Authentication, and Availability for IoT in a brief manner.

     

Performance Analysis of Privacy Protection System During Data Transfer in MANETs

The openness of a Mobile Adhoc network (MANET) makes it vulnerable to various attacks that can breach privacy, and this demands a privacy protection system. In this paper, we propose a privacy protection system with flexible and adaptable policies to protect privacy during data transfer based on application and context attributes. We also provide the performance analysis model to test the suitability of policies for maintaining privacy, which is essential for the real-time implementation of this system in a resource-limited MANET. Finally, the proposed privacy protection system is compared with previous works using simulations, and the results obtained show the effectiveness of the proposed privacy protection system.     

Splitting and placement of data-intensive applications with machine learning for power system in cloud computing

Aiming to meet the growing demand for observation and analysis in power systems that based on Internet of Things (IoT), machine learning technology has been adopted to deal with the data-intensive power electronics applications in IoT. By feeding previous power electronic data into the learning model, accurate information is drawn, and the quality of IoT-based power services is improved. Generally, the data-intensive electronic applications with machine learning are split into numerous data/control constrained tasks by workflow technology. The efficient execution of this data-intensive Power Workflow (PW) needs massive computing resources, which are available in the cloud infrastructure. Nevertheless, the execution efficiency of PW decreases due to inappropriate sub-task and data placement. In addition, the power consumption explodes due to massive data acquisition. To address these challenges, a PW placement method named PWP is devised. Specifically, the Non-dominated Sorting Differential Evolution (NSDE) is used to generate placement strategies. The simulation experiments show that PWP achieves the best trade-off among data acquisition time, power consumption, load distribution and privacy preservation, confirming that PWP is effective for the placement problem.     

Privacy preservation in permissionless blockchain: A survey

Permissionless blockchain, as a kind of distributed ledger, has gained considerable attention because of its openness, transparency, decentralization, and immutability. Currently, permissionless blockchain has shown a good application prospect in many fields, from the initial cryptocurrency to the Internet of Things (IoT) and Vehicular Ad-Hoc Networking (VANET), which is considered as the beginning of rewriting our digital infrastructure. However, blockchain confronts some privacy risks that hinder its practical applications. Though numerous surveys reviewed the privacy preservation in blockchain, they failed to reveal the latest advances, nor have they been able to conduct a unified standard comprehensive classification of the privacy protection of permissionless blockchain. Therefore, in this paper, we analyze the specific characteristics of permissionless blockchain, summarize the potential privacy threats, and investigate the unique privacy requirements of blockchain. Existing privacy preservation technologies are carefully surveyed and evaluated based on our proposed evaluation criteria. We finally figure out open research issues as well as future research directions from the perspective of privacy issues.