Private aggregation for presence streams |
| |
| Affiliation: | 1. FX Palo Alto Laboratory, United States;2. University of Pittsburgh, United States;1. Department of Mechanical Engineering, The University of Hong Kong, Pokfulam Road, Hong Kong;2. Institute of Intelligence Science and Engineering, Shenzhen Polytechnic, Shenzhen 518055, China;1. FEMTO-ST Institute, Université de Bourgogne Franche-Comté CNRS/UFC/ENSMM, Besançon, France;2. Université de Toulouse, Institut de Recherche en Informatique de Toulouse (IRIT), Toulouse, France;3. FEMTO-ST Institute, Université de Bourgogne Franche-Comté FCLAB/CNRS/UTBM, Belfort, France;1. College of Information Science and Engineering, Northeastern University, Shenyang, Liaoning 110819, China;2. State Key Laboratory of Synthetical Automation of Process Industries, Northeastern University, Shenyang, Liaoning 110819, China;1. ICES, Toronto, ON, Canada;2. Public Health Ontario, Toronto, ON, Canada;3. Dalla Lana School of Public Health, University of Toronto, Toronto, ON, Canada;4. Department of Family & Community Medicine, University of Toronto, Toronto, ON, Canada;5. University Health Network, Toronto, ON, Canada;6. Department of Laboratory Medicine and Pathobiology, University of Toronto, Toronto, ON, Canada;7. Kaiser Permanente Washington Health Research Institute, Seattle, WA, United States;8. Children’s Hospital of Eastern Ontario, Ottawa, ON, Canada;9. Department of Pathology and Laboratory Medicine, University of Ottawa, Ottawa, ON, Canada;10. North York General Hospital, Toronto, ON, Canada;11. Sinai Health System, Toronto, ON, Canada;12. William Osler Health System, Brampton, ON, Canada;13. Hospital for Sick Children, Toronto, ON, Canada;14. Sunnybrook Health Sciences Centre, Toronto, ON, Canada;15. McMaster University, Hamilton, ON, Canada;p. London Health Sciences Centre, London, ON, Canada;q. Newfoundland & Labrador Public Health Laboratory, St. John’s, NF&L, Canada |
| |
| Abstract: | Collaboration technologies must support information sharing between collaborators, but must also take care not to share too much information or share information too widely. Systems that share information without requiring an explicit action by a user to initiate the sharing must be particularly cautious in this respect. Presence systems are an emerging class of applications that support collaboration. Through the use of pervasive sensors, these systems estimate user location, activities, and available communication channels. Because such presence data are sensitive, to achieve wide-spread adoption, sharing models must reflect the privacy and sharing preferences of their users. This paper looks at the role that privacy-preserving aggregation can play in addressing certain user sharing and privacy concerns with respect to presence data.We define conditions to achieve CollaPSE (Collaboration Presence Sharing Encryption) security, in which (i) an individual has full access to her own data, (ii) a third party performs computation on the data without learning anything about the data values, and (iii) people with special privileges called “analysts” can learn statistical information about groups of individuals, but nothing about the individual values contributing to the statistic other than what can be deduced from the statistic. More specifically, analysts can decrypt aggregates without being able to decrypt the individual values contributing to the aggregate. Based in part on studies we carried out that illustrate the need for the conditions encapsulated by CollaPSE security, we designed and implemented a family of CollaPSE protocols. We analyze their security, discuss efficiency tradeoffs, describe extensions, and review more recent privacy-preserving aggregation work. |
| |
| Keywords: | Privacy Presence systems Awareness Access control Cloud computing Homomorphic encryption |
| 本文献已被 ScienceDirect 等数据库收录! |
|
