Achieving Incentive, Security, and Scalable Privacy Protection in Mobile Crowdsensing Services

Mobile crowdsensing as a novel service schema of the Internet of Things (IoT) provides an innovative way to implement ubiquitous social sensing. How to establish an effective mechanism to improve the participation of sensing users and the authenticity of sensing data, protect the users’ data privacy, and prevent malicious users from providing false data are among the urgent problems in mobile crowdsensing services in IoT. These issues raise a gargantuan challenge hindering the further development of mobile crowdsensing. In order to tackle the above issues, in this paper, we propose a reliable hybrid incentive mechanism for enhancing crowdsensing participations by encouraging and stimulating sensing users with both reputation and service returns in mobile crowdsensing tasks. Moreover, we propose a privacy preserving data aggregation scheme, where the mediator and/or sensing users may not be fully trusted. In this scheme, differential privacy mechanism is utilized through allowing different sensing users to add noise data, then employing homomorphic encryption for protecting the sensing data, and finally uploading ciphertext to the mediator, who is able to obtain the collection of ciphertext of the sensing data without actual decryption. Even in the case of partial sensing data leakage, differential privacy mechanism can still ensure the security of the sensing user’s privacy. Finally, we introduce a novel secure multiparty auction mechanism based on the auction game theory and secure multiparty computation, which effectively solves the problem of prisoners’ dilemma incurred in the sensing data transaction between the service provider and mediator. Security analysis and performance evaluation demonstrate that the proposed scheme is secure and efficient.

Download Full-text

Homomorphic Encryption and Network Coding in IoT Architectures: Advantages and Future Challenges

Electronics ◽

10.3390/electronics8080827 ◽

2019 ◽

Vol 8 (8) ◽

pp. 827 ◽

Cited By ~ 1

Author(s):

Goiuri Peralta ◽

Raul G. Cid-Fuentes ◽

Josu Bilbao ◽

Pedro M. Crespo

Keyword(s):

Network Coding ◽

Data Privacy ◽

Homomorphic Encryption ◽

Big Data Analytics ◽

The Internet ◽

Research Directions ◽

Bidirectional Communication ◽

Future Challenges ◽

Massive Number ◽

The Internet Of Things

The introduction of the Internet of Things (IoT) is creating manifold new services and opportunities. This new technological trend enables the connection of a massive number of devices among them and with the Internet. The integration of IoT with cloud platforms also provides large storage and computing capabilities, enabling Big Data analytics and bidirectional communication between devices and users. Novel research directions are showing that Network Coding (NC) can increase the robustness and throughput of wireless networks, as well as that Homomorphic Encryption (HE) can be used to perform computations in the cloud while maintaining data privacy.

Download Full-text

Verifiable Location-Encrypted Spatial Aggregation Computing for Mobile Crowd Sensing

Security and Communication Networks ◽

10.1155/2021/6654539 ◽

2021 ◽

Vol 2021 ◽

pp. 1-11

Author(s):

Kun Niu ◽

Changgen Peng ◽

Weijie Tan ◽

Zhou Zhou ◽

Yi Xu

Keyword(s):

Privacy Protection ◽

Spatial Information ◽

Homomorphic Encryption ◽

Security Analysis ◽

Spatial Aggregation ◽

Mobile Crowd Sensing ◽

Sensitive Data ◽

Sensing Data ◽

Crowd Sensing ◽

Mobile Crowd

Benefiting from the development of smart urban computing, the mobile crowd sensing (MCS) network has emerged as momentous communication technology to sense and collect data. The users upload data for specific sensing tasks, and the server completes the aggregation analysis and submits to the sensing platform. However, users’ privacy may be disclosed, and aggregate results may be unreliable. Those are challenges in the trust computation and privacy protection, especially for sensitive data aggregation with spatial information. To address these problems, a verifiable location-encrypted spatial aggregation computing (LeSAC) scheme is proposed for MCS privacy protection. In order to solve the spatial domain distributed user ciphertext computing, firstly, we propose an enhanced-distance-based interpolation calculation scheme, which participates in delegate evaluator based on Paillier homomorphic encryption. Then, we use aggregation signature of the sensing data to ensure the integrity and security of the data. In addition, security analysis indicates that the LeSAC can achieve the IND-CPA indistinguishability semantic security. The efficiency analysis and simulation results demonstrate the communication and computation overhead of the LeSAC. Meanwhile, we use the real environment sensing data sets to verify availability of proposed scheme, and the loss of accuracy (global RMSE) is only less than 5%, which can meet the application requirements.

Download Full-text

Clouded data: Privacy and the promise of encryption

Big Data & Society ◽

10.1177/2053951719848781 ◽

2019 ◽

Vol 6 (1) ◽

pp. 205395171984878

Author(s):

Luke Munn ◽

Tsvetelina Hristova ◽

Liam Magee

Keyword(s):

Data Privacy ◽

Differential Privacy ◽

Homomorphic Encryption ◽

Personal Data ◽

Individual Identification ◽

Student Survey ◽

Public And Private ◽

The Public ◽

Synthetic Datasets ◽

Computational Resources

Personal data is highly vulnerable to security exploits, spurring moves to lock it down through encryption, to cryptographically ‘cloud’ it. But personal data is also highly valuable to corporations and states, triggering moves to unlock its insights by relocating it in the cloud. We characterise this twinned condition as ‘clouded data’. Clouded data constructs a political and technological notion of privacy that operates through the intersection of corporate power, computational resources and the ability to obfuscate, gain insights from and valorise a dependency between public and private. First, we survey prominent clouded data approaches (blockchain, multiparty computation, differential privacy, and homomorphic encryption), suggesting their particular affordances produce distinctive versions of privacy. Next, we perform two notional code-based experiments using synthetic datasets. In the field of health, we submit a patient’s blood pressure to a notional cloud-based diagnostics service; in education, we construct a student survey that enables aggregate reporting without individual identification. We argue that these technical affordances legitimate new political claims to capture and commodify personal data. The final section broadens the discussion to consider the political force of clouded data and its reconstitution of traditional notions such as the public and the private.

Download Full-text

Secure Multi-Subinterval Data Aggregation Scheme with Interval Privacy Preservation for Vehicle Sensing Systems

Journal of Circuits System and Computers ◽

10.1142/s0218126621502868 ◽

2021 ◽

pp. 2150286

Author(s):

Peng Hu ◽

Yongli Wang ◽

Ahmadreza Vajdi ◽

Bei Gong ◽

Yongjian Wang

Keyword(s):

Data Aggregation ◽

Privacy Preservation ◽

Homomorphic Encryption ◽

Security Analysis ◽

Security And Privacy ◽

Communication Overhead ◽

Network Resources ◽

Sensing Systems ◽

Aggregation Scheme ◽

And Performance

Road side units (RSUs) can act as fog nodes to perform data aggregation at the edge of network, which can reduce communication overhead and improve the utilization of network resources. However, because the RSU is public infrastructure, this feature may bring data security and privacy risks in data aggregation. In this paper, we propose a secure multi-subinterval data aggregation scheme, named SMDA, with interval privacy preservation for vehicle sensing systems. Specifically, our scheme combines the [Formula: see text] encoding theory and proxy re-encryption to protect interval privacy, this can ensure that the interval information is only known by the data center, and the RSU can classify the encrypted data without knowing the plaintext of the data and interval information. Meanwhile, our scheme employs the Paillier homomorphic encryption to accomplish data aggregation at the RSU, and the Identity-based batch authentication technology to solve authentication and data integrity. Finally, the security analysis and performance evaluations illustrate the safety and efficiency of our scheme.

Download Full-text

Achieve Efficient and Privacy-Preserving Compound Substring Query over Cloud

Security and Communication Networks ◽

10.1155/2021/7941233 ◽

2021 ◽

Vol 2021 ◽

pp. 1-13

Author(s):

Fan Yin ◽

Rongxing Lu ◽

Yandong Zheng ◽

Xiaohu Tang

Keyword(s):

Data Privacy ◽

Homomorphic Encryption ◽

Security Analysis ◽

Privacy Preserving ◽

Computing Technique ◽

Searchable Symmetric Encryption ◽

Single Attribute ◽

Multiple Attributes ◽

Pseudorandom Function ◽

Extensive Performance

The cloud computing technique, which was initially used to mitigate the explosive growth of data, has been required to take both data privacy and users’ query functionality into consideration. Searchable symmetric encryption (SSE) is a popular solution that can support efficient attribute queries over encrypted datasets in the cloud. In particular, some SSE schemes focus on the substring query, which deals with the situation that the user only remembers the substring of the queried attribute. However, all of them just consider substring queries on a single attribute, which cannot be used to achieve compound substring queries on multiple attributes. This paper aims to address this issue by proposing an efficient and privacy-preserving SSE scheme supporting compound substring queries. In specific, we first employ the position heap technique to design a novel tree-based index to support substring queries on a single attribute and employ pseudorandom function (PRF) and fully homomorphic encryption (FHE) techniques to protect its privacy. Then, based on the homomorphism of FHE, we design a filter algorithm to calculate the intersection of search results for different attributes, which can be used to support compound substring queries on multiple attributes. Detailed security analysis shows that our proposed scheme is privacy-preserving. In addition, extensive performance evaluations are also conducted, and the results demonstrate the efficiency of our proposed scheme.

Download Full-text

Study on the Technical Evaluation of De-Identification Procedures for Personal Data in the Automotive Sector

10.21248/gups.63413 ◽

2021 ◽

Author(s):

Kai Rannenberg ◽

Sebastian Pape ◽

Frédéric Tronnier ◽

Sascha Löbner

Keyword(s):

Data Privacy ◽

Differential Privacy ◽

Homomorphic Encryption ◽

Personal Data ◽

Legal Aspects ◽

Use Cases ◽

Use Case ◽

User Privacy ◽

External Data ◽

Identification Techniques

The aim of this study was to identify and evaluate different de-identification techniques that may be used in several mobility-related use cases. To do so, four use cases have been defined in accordance with a project partner that focused on the legal aspects of this project, as well as with the VDA/FAT working group. Each use case aims to create different legal and technical issues with regards to the data and information that are to be gathered, used and transferred in the specific scenario. Use cases should therefore differ in the type and frequency of data that is gathered as well as the level of privacy and the speed of computation that is needed for the data. Upon identifying use cases, a systematic literature review has been performed to identify suitable de-identification techniques to provide data privacy. Additionally, external databases have been considered as data that is expected to be anonymous might be reidentified through the combination of existing data with such external data. For each case, requirements and possible attack scenarios were created to illustrate where exactly privacy-related issues could occur and how exactly such issues could impact data subjects, data processors or data controllers. Suitable de-identification techniques should be able to withstand these attack scenarios. Based on a series of additional criteria, de-identification techniques are then analyzed for each use case. Possible solutions are then discussed individually in chapters 6.1 - 6.2. It is evident that no one-size-fits-all approach to protect privacy in the mobility domain exists. While all techniques that are analyzed in detail in this report, e.g., homomorphic encryption, differential privacy, secure multiparty computation and federated learning, are able to successfully protect user privacy in certain instances, their overall effectiveness differs depending on the specifics of each use case.

Download Full-text

A Privacy Protection Scheme for IoT Big Data Based on Time and Frequency Limitation

Wireless Communications and Mobile Computing ◽

10.1155/2021/5545648 ◽

2021 ◽

Vol 2021 ◽

pp. 1-10

Author(s):

Lei Zhang ◽

Yu Huo ◽

Qiang Ge ◽

Yuxiang Ma ◽

Qiqi Liu ◽

...

Keyword(s):

Big Data ◽

Internet Of Things ◽

Privacy Protection ◽

Social Life ◽

Data Privacy ◽

Homomorphic Encryption ◽

The Internet ◽

Protection Scheme ◽

The Internet Of Things ◽

Frequency Limitation

Various applications of the Internet of Things assisted by deep learning such as autonomous driving and smart furniture have gradually penetrated people’s social life. These applications not only provide people with great convenience but also promote the progress and development of society. However, how to ensure that the important personal privacy information in the big data of the Internet of Things will not be leaked when it is stored and shared on the cloud is a challenging issue. The main challenges include (1) the changes in access rights caused by the flow of manufacturers or company personnel while sharing and (2) the lack of limitation on time and frequency. We propose a data privacy protection scheme based on time and decryption frequency limitation that can be applied in the Internet of Things. Legitimate users can obtain the original data, while users without a homomorphic encryption key can perform operation training on the homomorphic ciphertext. On the one hand, this scheme does not affect the training of the neural network model, on the other hand, it improves the confidentiality of data. Besides that, this scheme introduces a secure two-party agreement to improve security while generating keys. While revoking, each attribute is specified for the validity period in advance. Once the validity period expires, the attribute will be revoked. By using storage lists and setting tokens to limit the number of user accesses, it effectively solves the problem of data leakage that may be caused by multiple accesses in a long time. The theoretical analysis demonstrates that the proposed scheme can not only ensure safety but also improve efficiency.

Download Full-text

Object Authentication in the Context of the Internet of Things: A Survey

Journal of Cyber Security and Mobility ◽

10.13052/jcsm2245-1439.932 ◽

2020 ◽

Author(s):

Maha Saadeh ◽

Azzam Sleit ◽

Khair Eddin Sabri ◽

Wesam Almobaideen

Keyword(s):

Internet Of Things ◽

Security Analysis ◽

Future Research ◽

The Internet ◽

Key Generation ◽

Process Characteristics ◽

Comprehensive Survey ◽

Future Research Directions ◽

And Performance ◽

The Internet Of Things

Internet of Things (IoT) is considered as the future of the Internet that connects billions of objects all together. Trusted communication between these objects is a crucial requirement for the wide deployment of IoT services. Consequently, effective authentication procedures should be applied between the communicating objects. This paper provides a comprehensive survey of object authentication in the IoT. The survey aims to direct future researchers in the field of IoT object authentication by delving into the details of authentication schemes and going through different comparisons. Comparisons are based on various criteria which include authentication process characteristics, the underlying architecture, key generation and distribution techniques, supporting IoT challenges, security analysis, and performance evaluation. Additionally, this survey highlights the main issues and challenges of IoT objects authentication and recommends future research directions.

Download Full-text

Decentralized Data Aggregation: A New Secure Framework Based on Lightweight Cryptographic Algorithms

Wireless Communications and Mobile Computing ◽

10.1155/2021/5565663 ◽

2021 ◽

Vol 2021 ◽

pp. 1-12

Author(s):

Xin Xie ◽

Yu-Chi Chen

Keyword(s):

Data Aggregation ◽

Data Privacy ◽

Differential Privacy ◽

Security Requirements ◽

Cryptographic Primitives ◽

Privacy And Security ◽

System A ◽

Iot Devices ◽

Access Data ◽

The Internet Of Things

Blockchain has become very popular and suitable to the Internet of Things (IoT) field due to its nontamperability and decentralization properties. The number of IoT devices and leaders (who own IoT devices) is increased exponentially, and thus, data privacy and security are undoubtedly significant concerns. In this paper, we summarize some issues for the BeeKeeper system, a blockchain-based IoT system, proposed by Zhou et al., and then aim for presenting an improved solution for decentralized data aggregation (DDA) on IoT. Firstly, we formally state the security requirements of DDA. Secondly, we propose our basic DDA system by using secret sharing to improve its efficiency and smart contracts as the computing processors. Moreover, the proposed full-fledged system achieves data sharing (e.g., a leader to access data of others’ devices), which is realized by using local differential privacy and cryptographic primitives such as token-based encryption. Finally, to show the feasibility, we provide some implementations and experiments for the DDA systems.

Download Full-text

PMDP: A Framework for Preserving Multiparty Data Privacy in Cloud Computing

Security and Communication Networks ◽

10.1155/2017/6097253 ◽

2017 ◽

Vol 2017 ◽

pp. 1-14 ◽

Cited By ~ 1

Author(s):

Ji Li ◽

Jianghong Wei ◽

Wenfen Liu ◽

Xuexian Hu

Keyword(s):

Cloud Computing ◽

Data Privacy ◽

Differential Privacy ◽

Security Analysis ◽

Cost Effective ◽

Original Data ◽

User Privacy ◽

Practical Applications ◽

Cloud Servers ◽

Privacy Issues

The amount of Internet data is significantly increasing due to the development of network technology, inducing the appearance of big data. Experiments have shown that deep mining and analysis on large datasets would introduce great benefits. Although cloud computing supports data analysis in an outsourced and cost-effective way, it brings serious privacy issues when sending the original data to cloud servers. Meanwhile, the returned analysis result suffers from malicious inference attacks and also discloses user privacy. In this paper, to conquer the above privacy issues, we propose a general framework for Preserving Multiparty Data Privacy (PMDP for short) in cloud computing. The PMDP framework can protect numeric data computing and publishing with the assistance of untrusted cloud servers and achieve delegation of storage simultaneously. Our framework is built upon several cryptography primitives (e.g., secure multiparty computation) and differential privacy mechanism, which guarantees its security against semihonest participants without collusion. We further instantiate PMDP with specific algorithms and demonstrate its security, efficiency, and advantages by presenting security analysis and performance discussion. Moreover, we propose a security enhanced framework sPMDP to resist malicious inside participants and outside adversaries. We illustrate that both PMDP and sPMDP are reliable and scale well and thus are desirable for practical applications.

Download Full-text