scholarly journals PrivCrowd: A Secure Blockchain-Based Crowdsourcing Framework with Fine-Grained Worker Selection

2021 ◽  
Vol 2021 ◽  
pp. 1-17
Author(s):  
Qiliang Yang ◽  
Tao Wang ◽  
Wenbo Zhang ◽  
Bo Yang ◽  
Yong Yu ◽  
...  
Keyword(s):  
Data Collection ◽  
Data Privacy ◽  
Single Point ◽  
Sensitive Information ◽  
Smart Contracts ◽  
Encryption Scheme ◽  
Functional Encryption ◽  
Privacy And Security ◽  
Fine Grained ◽  
Worker Selection

Blockchain-based crowdsourcing systems can mitigate some known limitations of the centralized crowdsourcing platform, such as single point of failure and Sybil attacks. However, blockchain-based crowdsourcing systems still endure the issues of privacy and security. Participants’ sensitive information (e.g., identity, address, and expertise) have the risk of privacy disclosure. Sensitive crowdsourcing tasks such as location-based data collection and labeling images including faces also need privacy-preserving. Moreover, current work fails to balance the anonymity and public auditing of workers. In this paper, we present a secure blockchain-based crowdsourcing framework with fine-grained worker selection, named PrivCrowd which exploits a functional encryption scheme to protect the data privacy of tasks and to select workers by matching the attributes. In PrivCrowd, requesters and workers can achieve both exchange and evaluation fairness by calling smart contracts. Solutions collection also can be done in a secure, sound, and noninteractive way. Experiment results show the feasibility, usability, and efficiency of PrivCrowd.

scholarly journals Device-Based Security to Improve User Privacy in the Internet of Things †

Sensors ◽  
2018 ◽  
Vol 18 (8) ◽  
pp. 2664 ◽  
Author(s):  
Luis Belem Pacheco ◽  
Eduardo Pelinson Alchieri ◽  
Priscila Mendez Barreto
Keyword(s):  
Cloud Computing ◽  
Internet Of Things ◽  
Single Point ◽  
Data Access ◽  
Cloud Services ◽  
Sensitive Information ◽  
User Privacy ◽  
Privacy And Security ◽  
Iot Devices ◽  
And Control

The use of Internet of Things (IoT) is rapidly growing and a huge amount of data is being generated by IoT devices. Cloud computing is a natural candidate to handle this data since it has enough power and capacity to process, store and control data access. Moreover, this approach brings several benefits to the IoT, such as the aggregation of all IoT data in a common place and the use of cloud services to consume this data and provide useful applications. However, enforcing user privacy when sending sensitive information to the cloud is a challenge. This work presents and evaluates an architecture to provide privacy in the integration of IoT and cloud computing. The proposed architecture, called PROTeCt—Privacy aRquitecture for integratiOn of internet of Things and Cloud computing, improves user privacy by implementing privacy enforcement at the IoT devices instead of at the gateway, as is usually done. Consequently, the proposed approach improves both system security and fault tolerance, since it removes the single point of failure (gateway). The proposed architecture is evaluated through an analytical analysis and simulations with severely constrained devices, where delay and energy consumption are evaluated and compared to other architectures. The obtained results show the practical feasibility of the proposed solutions and demonstrate that the overheads introduced in the IoT devices are worthwhile considering the increased level of privacy and security.

scholarly journals Flexible Access Control Mechanism for Cloud stored EHR using Consortium Blockchain

2021 ◽  
Author(s):  
Eben Exceline C ◽  
Sivakumar Nagarajan
Keyword(s):  
Cloud Computing ◽  
Access Control ◽  
Electronic Health Records ◽  
Data Privacy ◽  
Data Science ◽  
Data Integrity ◽  
Smart Contracts ◽  
Health Records ◽  
Fine Grained ◽  
Electronic Health

Abstract The persevering pursuit of security has proved historically limiting the implementation of significant design improvements for Electronic Health Records (EHR). Such a vital requirement for these kinds of technical development is revamped now. This is because the patients are motivated by personalization and data science to participate in the health information sharing. The implementation of cloud computing has already shown substantial benefits for both clinical organizations and patients in managing electronic health records. The prime security issue of cloud-based electronic health records is that the patient is physically unable to own a medical record whereas a clinical organization can maintain one for them. The latter may collude with centralized cloud servers. So, there is a vulnerability of such records being tampered with in order to hide the medical malpractices. So, maintaining data integrity and data privacy becomes a significant challenge when deploying cloud computing. Therefore, in this paper, a consortium blockchain-based cloud-stored electronic health record is proposed which provides data integrity, data privacy, storage scalability, and fine-grained access control. Each process in outsourcing electronic health records to the cloud is incorporated as a transaction in a consortium ethereum blockchain through smart contracts. Through smart contracts, an attribute-based contract key is generated for the users that can decrypt the encrypted data stored in the cloud. The attribute-based contract key allows only users who are authorized to access the information ensuring data privacy and fine-grained access control. Moreover, the proposed scheme is proved to provide tamper-proof although the medical records are controlled by a group of clinical organizations.

scholarly journals Future Spaces: Reinventing the Home Network for Better Security and Automation in the IoT Era

Sensors ◽  
2018 ◽  
Vol 18 (9) ◽  
pp. 2986 ◽  
Author(s):  
Mathieu Boussard ◽  
Dinh Thai Bui ◽  
Richard Douville ◽  
Pascal Justen ◽  
Nicolas Le Sauze ◽  
...  
Keyword(s):  
Data Privacy ◽  
Smart Homes ◽  
Home Network ◽  
Home Networks ◽  
Privacy And Security ◽  
Fine Grained ◽  
Definition Of ◽  
Multiple Domains ◽  
Networking Security ◽  
The Internet Of Things

Cyber-Physical Systems (CPSs) are complex systems comprising computation, physical, and networking assets. Used in various domains such as manufacturing, agriculture, vehicles, etc., they blend the control of the virtual and physical worlds. Smart homes are a peculiar type of CPS where the local networking fundamentals have seen little evolution in the past decades, while the context in which home networks operate has drastically evolved. With the advent of the Internet of Things (IoT), the number and diversity of devices connected to our home networks are exploding. Some of those devices are poorly secured and put users’ data privacy and security at risk. At the same time, administrating a home network has remained a tedious chore, requiring skills from un-savvy users. We present Future Spaces, an end-to-end hardware-software prototype providing fine-grained control over IoT connectivity to enable easy and secure management of smart homes. Relying on Software-Defined Networking-enabled home gateways and the virtualization of network functions in the cloud, we achieve advanced networking security and automation through the definition of isolated, usage-oriented slices. This disrupts how users discover, control and share their connected assets across multiple domains, smoothly adapting to various usage contexts.

scholarly journals BACombo—Bandwidth-Aware Decentralized Federated Learning

Electronics ◽  
2020 ◽  
Vol 9 (3) ◽  
pp. 440 ◽  
Author(s):  
Jingyan Jiang ◽  
Liang Hu ◽  
Chenghao Hu ◽  
Jiate Liu ◽  
Zhi Wang
Keyword(s):  
Data Privacy ◽  
Original Data ◽  
Privacy And Security ◽  
Training Time ◽  
Distributed Training ◽  
Communication Time ◽  
Worker Selection ◽  
Learning Scenarios ◽  
Server Design ◽  
Model Segment

The emerging concern about data privacy and security has motivated the proposal of federated learning. Federated learning allows computing nodes to only synchronize the locally- trained models instead of their original data in distributed training. Conventional federated learning architecture, inherited from the parameter server design, relies on highly centralized typologies and large nodes-to-server bandwidths. However, in real-world federated learning scenarios, the network capacities between nodes are highly uniformly distributed and smaller than that in data centers. As a result, how to efficiently utilize network capacities between computing nodes is crucial for conventional federated learning. In this paper, we propose Bandwidth Aware Combo (BACombo), a model segment level decentralized federated learning, to tackle this problem. In BACombo, we propose a segmented gossip aggregation mechanism that makes full use of node-to-node bandwidth for speeding up the communication time. Besides, a bandwidth-aware worker selection model further reduces the transmission delay by greedily choosing the bandwidth-sufficient worker. The convergence guarantees are provided for BACombo. The experimental results on various datasets demonstrate that the training time is reduced by up to 18 times that of baselines without accuracy degrade.

scholarly journals Privacy-Preserving Methods for Feature Engineering Using Blockchain: Review, Evaluation, and Proof of Concept (Preprint)

2019 ◽  
Author(s):  
Michael Jones ◽  
Matthew Johnson ◽  
Mark Shervey ◽  
Joel T Dudley ◽  
Noah Zimmerman
Keyword(s):  
Data Collection ◽  
Data Privacy ◽  
Hybrid Approach ◽  
Privacy Preserving ◽  
Third Party ◽  
Feature Engineering ◽  
Smart Contracts ◽  
Trusted Third Party ◽  
Secure Hardware ◽  
Cryptographic Techniques

BACKGROUND The protection of private data is a key responsibility for research studies that collect identifiable information from study participants. Limiting the scope of data collection and preventing secondary use of the data are effective strategies for managing these risks. An ideal framework for data collection would incorporate feature engineering, a process where secondary features are derived from sensitive raw data in a secure environment without a trusted third party. OBJECTIVE This study aimed to compare current approaches based on how they maintain data privacy and the practicality of their implementations. These approaches include traditional approaches that rely on trusted third parties, and cryptographic, secure hardware, and blockchain-based techniques. METHODS A set of properties were defined for evaluating each approach. A qualitative comparison was presented based on these properties. The evaluation of each approach was framed with a use case of sharing geolocation data for biomedical research. RESULTS We found that approaches that rely on a trusted third party for preserving participant privacy do not provide sufficiently strong guarantees that sensitive data will not be exposed in modern data ecosystems. Cryptographic techniques incorporate strong privacy-preserving paradigms but are appropriate only for select use cases or are currently limited because of computational complexity. Blockchain smart contracts alone are insufficient to provide data privacy because transactional data are public. Trusted execution environments (TEEs) may have hardware vulnerabilities and lack visibility into how data are processed. Hybrid approaches combining blockchain and cryptographic techniques or blockchain and TEEs provide promising frameworks for privacy preservation. For reference, we provide a software implementation where users can privately share features of their geolocation data using the hybrid approach combining blockchain with TEEs as a supplement. CONCLUSIONS Blockchain technology and smart contracts enable the development of new privacy-preserving feature engineering methods by obviating dependence on trusted parties and providing immutable, auditable data processing workflows. The overlap between blockchain and cryptographic techniques or blockchain and secure hardware technologies are promising fields for addressing important data privacy needs. Hybrid blockchain and TEE frameworks currently provide practical tools for implementing experimental privacy-preserving applications.

scholarly journals Privacy-Preserving Methods for Feature Engineering Using Blockchain: Review, Evaluation, and Proof of Concept

10.2196/13600 ◽  
2019 ◽  
Vol 21 (8) ◽  
pp. e13600 ◽  
Author(s):  
Michael Jones ◽  
Matthew Johnson ◽  
Mark Shervey ◽  
Joel T Dudley ◽  
Noah Zimmerman
Keyword(s):  
Data Collection ◽  
Data Privacy ◽  
Hybrid Approach ◽  
Privacy Preserving ◽  
Third Party ◽  
Feature Engineering ◽  
Smart Contracts ◽  
Trusted Third Party ◽  
Secure Hardware ◽  
Cryptographic Techniques

Background The protection of private data is a key responsibility for research studies that collect identifiable information from study participants. Limiting the scope of data collection and preventing secondary use of the data are effective strategies for managing these risks. An ideal framework for data collection would incorporate feature engineering, a process where secondary features are derived from sensitive raw data in a secure environment without a trusted third party. Objective This study aimed to compare current approaches based on how they maintain data privacy and the practicality of their implementations. These approaches include traditional approaches that rely on trusted third parties, and cryptographic, secure hardware, and blockchain-based techniques. Methods A set of properties were defined for evaluating each approach. A qualitative comparison was presented based on these properties. The evaluation of each approach was framed with a use case of sharing geolocation data for biomedical research. Results We found that approaches that rely on a trusted third party for preserving participant privacy do not provide sufficiently strong guarantees that sensitive data will not be exposed in modern data ecosystems. Cryptographic techniques incorporate strong privacy-preserving paradigms but are appropriate only for select use cases or are currently limited because of computational complexity. Blockchain smart contracts alone are insufficient to provide data privacy because transactional data are public. Trusted execution environments (TEEs) may have hardware vulnerabilities and lack visibility into how data are processed. Hybrid approaches combining blockchain and cryptographic techniques or blockchain and TEEs provide promising frameworks for privacy preservation. For reference, we provide a software implementation where users can privately share features of their geolocation data using the hybrid approach combining blockchain with TEEs as a supplement. Conclusions Blockchain technology and smart contracts enable the development of new privacy-preserving feature engineering methods by obviating dependence on trusted parties and providing immutable, auditable data processing workflows. The overlap between blockchain and cryptographic techniques or blockchain and secure hardware technologies are promising fields for addressing important data privacy needs. Hybrid blockchain and TEE frameworks currently provide practical tools for implementing experimental privacy-preserving applications.

scholarly journals Convergence between Blockchain and the Internet of Things

2021 ◽  
Vol 1 (1) ◽  
pp. 34-53
Author(s):  
Alma Cruz
Keyword(s):  
Data Privacy ◽  
Hybrid Approach ◽  
Multiple Regression Model ◽  
The Internet ◽  
Smart Contracts ◽  
Consensus Protocol ◽  
Privacy And Security ◽  
Iot Devices ◽  
Convergence Model ◽  
The Internet Of Things

The objective of this study was to determine the effectiveness of a particular convergencemodel for IoT and blockchain. Multiple regression model was selected to determine the effectiveof a specific convergence model. Three convergence models were selected for this study, includingthe hybrid approach, the IoT-blockchain approach, and the IoT-IoT approach. The findingsindicated that there are issues with convergence between two different technologies. The otherfinding was that the hybrid model provided the best convergence platform for integrating IoT withblockchain. Regarding the IoT and blockchain, convergence challenges included the limitedcapacity of IoT devices to handle the nature of distributed ledgers. The recommendation is that theaspects of traditional blockchain should be redesigned because of new requirements of IoT,including smart contracts, consensus protocol, data privacy, and security.

scholarly journals Designing and Implementing an IT Architecture for a Digital Multicenter Dementia Registry: digiDEM Bayern

2021 ◽  
Vol 12 (03) ◽  
pp. 551-563
Author(s):  
Michael Reichold ◽  
Nikolas Dietzel ◽  
Christina Chmelirsch ◽  
Peter L. Kolominsky-Rabas ◽  
Elmar Graessel ◽  
...  
Keyword(s):  
Data Collection ◽  
Data Privacy ◽  
Pilot Phase ◽  
Electronic Data ◽  
Privacy And Security ◽  
It Architecture ◽  
People With Dementia ◽  
Electronic Data Capture System ◽  
Dementia Registry

Abstract Background Registries are an essential research tool to investigate the long-term course of diseases and their impact on the affected. The project digiDEM Bayern will set up a prospective dementia registry to collect long-term data of people with dementia and their caregivers in Bavaria (Germany) supported by more than 300 research partners. Objective The objective of this article is to outline an information technology (IT) architecture for the integration of a registry and comprehensive participant management in a dementia study. Measures to ensure high data quality, study governance, along with data privacy, and security are to be included in the architecture. Methods The architecture was developed based on an iterative, stakeholder-oriented process. The development was inspired by the Twin Peaks Model that focuses on the codevelopment of requirements and architecture. We gradually moved from a general to a detailed understanding of both the requirements and design through a series of iterations. The experience learned from the pilot phase was integrated into a further iterative process of continuous improvement of the architecture. Results The infrastructure provides a standardized workflow to support the electronic data collection and trace each participant's study process. Therefore, the implementation consists of three systems: (1) electronic data capture system for Web-based or offline app-based data collection; (2) participant management system for the administration of the identity data of participants and research partners as well as of the overall study governance process; and (3) videoconferencing software for conducting interviews online. First experiences in the pilot phase have proven the feasibility of the framework. Conclusion This article outlines an IT architecture to integrate a registry and participant management in a dementia research project. The framework was discussed and developed with the involvement of numerous stakeholders. Due to its adaptability of used software systems, a transfer to other projects should be easily possible.

scholarly journals Inner product encryption from ring learning with errors

Cybersecurity ◽  
2020 ◽  
Vol 3 (1) ◽  
Author(s):  
Shisen Fang ◽  
Shaojun Yang ◽  
Yuexin Zhang
Keyword(s):  
Inner Product ◽  
Encryption Scheme ◽  
Functional Encryption ◽  
Fine Grained ◽  
Learning With Errors

Abstract The functional encryption scheme designed using the lattice can realize fine-grained encryption and it can resist quantum attacks. Unfortunately, the sizes of the keys and ciphertexts in cryptographic applications based on learning with errors are large, which makes the algorithm inefficient. Therefore, we construct a functional encryption for inner product predicates scheme by improving the learning with errors scheme of Agrawal et al. [Asiacrypt 2011], and its security relies on the difficulty assumption of ring learning with errors. Our construction can reduce the sizes of the keys and ciphertexts compared with the learning with errors scheme.

Sign in / Sign up

Export Citation Format

Share Document