UnLynx: A Decentralized System for Privacy-Conscious Data Sharing

Abstract Current solutions for privacy-preserving data sharing among multiple parties either depend on a centralized authority that must be trusted and provides only weakest-link security (e.g., the entity that manages private/secret cryptographic keys), or leverage on decentralized but impractical approaches (e.g., secure multi-party computation). When the data to be shared are of a sensitive nature and the number of data providers is high, these solutions are not appropriate. Therefore, we present UnLynx, a new decentralized system for efficient privacy-preserving data sharing. We consider m servers that constitute a collective authority whose goal is to verifiably compute on data sent from n data providers. UnLynx guarantees the confidentiality, unlinkability between data providers and their data, privacy of the end result and the correctness of computations by the servers. Furthermore, to support differentially private queries, UnLynx can collectively add noise under encryption. All of this is achieved through a combination of a set of new distributed and secure protocols that are based on homomorphic cryptography, verifiable shuffling and zero-knowledge proofs. UnLynx is highly parallelizable and modular by design as it enables multiple security/privacy vs. runtime tradeoffs. Our evaluation shows that UnLynx can execute a secure survey on 400,000 personal data records containing 5 encrypted attributes, distributed over 20 independent databases, for a total of 2,000,000 ciphertexts, in 24 minutes.

Download Full-text

Privacy-Preserving Process Mining in Healthcare

International Journal of Environmental Research and Public Health ◽

10.3390/ijerph17051612 ◽

2020 ◽

Vol 17 (5) ◽

pp. 1612 ◽

Cited By ~ 4

Author(s):

Anastasiia Pika ◽

Moe T. Wynn ◽

Stephanus Budiono ◽

Arthur H.M. ter Hofstede ◽

Wil M.P. van der Aalst ◽

...

Keyword(s):

Data Mining ◽

Data Privacy ◽

Process Mining ◽

Personal Data ◽

Data Transformation ◽

Privacy Preserving ◽

Sensitive Information ◽

Process Data ◽

Mining Community ◽

Healthcare Process

Process mining has been successfully applied in the healthcare domain and has helped to uncover various insights for improving healthcare processes. While the benefits of process mining are widely acknowledged, many people rightfully have concerns about irresponsible uses of personal data. Healthcare information systems contain highly sensitive information and healthcare regulations often require protection of data privacy. The need to comply with strict privacy requirements may result in a decreased data utility for analysis. Until recently, data privacy issues did not get much attention in the process mining community; however, several privacy-preserving data transformation techniques have been proposed in the data mining community. Many similarities between data mining and process mining exist, but there are key differences that make privacy-preserving data mining techniques unsuitable to anonymise process data (without adaptations). In this article, we analyse data privacy and utility requirements for healthcare process data and assess the suitability of privacy-preserving data transformation methods to anonymise healthcare data. We demonstrate how some of these anonymisation methods affect various process mining results using three publicly available healthcare event logs. We describe a framework for privacy-preserving process mining that can support healthcare process mining analyses. We also advocate the recording of privacy metadata to capture information about privacy-preserving transformations performed on an event log.

Download Full-text

Privacy Preserving Big Data Publishing

Research Anthology on Privatizing and Securing Data ◽

10.4018/978-1-7998-8954-0.ch060 ◽

2021 ◽

pp. 1281-1298

Author(s):

Nancy Victor ◽

Daphne Lopez

Keyword(s):

Big Data ◽

Language Processing ◽

Data Privacy ◽

Privacy Preservation ◽

Personal Data ◽

Privacy Preserving ◽

Data Publishing ◽

Time Data ◽

Digital World ◽

Distributed Framework

Data privacy plays a noteworthy part in today's digital world where information is gathered at exceptional rates from different sources. Privacy preserving data publishing refers to the process of publishing personal data without questioning the privacy of individuals in any manner. A variety of approaches have been devised to forfend consumer privacy by applying traditional anonymization mechanisms. But these mechanisms are not well suited for Big Data, as the data which is generated nowadays is not just structured in manner. The data which is generated at very high velocities from various sources includes unstructured and semi-structured information, and thus becomes very difficult to process using traditional mechanisms. This chapter focuses on the various challenges with Big Data, PPDM and PPDP techniques for Big Data and how well it can be scaled for processing both historical and real-time data together using Lambda architecture. A distributed framework for privacy preservation in Big Data by combining Natural language processing techniques is also proposed in this chapter.

Download Full-text

Automating Privacy Compliance Using Policy Integrated Blockchain

Cryptography ◽

10.3390/cryptography3010007 ◽

2019 ◽

Vol 3 (1) ◽

pp. 7 ◽

Cited By ~ 1

Author(s):

Karuna Pande Joshi ◽

Agniva Banerjee

Keyword(s):

Data Sharing ◽

Data Privacy ◽

Personal Data ◽

Data Access ◽

Information Management System ◽

Knowledge Graph ◽

Efficient System ◽

Essential Requirement ◽

Blockchain Technology ◽

Rich Data

An essential requirement of any information management system is to protect data and resources against breach or improper modifications, while at the same time ensuring data access to legitimate users. Systems handling personal data are mandated to track its flow to comply with data protection regulations. We have built a novel framework that integrates semantically rich data privacy knowledge graph with Hyperledger Fabric blockchain technology, to develop an automated access-control and audit mechanism that enforces users' data privacy policies while sharing their data with third parties. Our blockchain based data-sharing solution addresses two of the most critical challenges: transaction verification and permissioned data obfuscation. Our solution ensures accountability for data sharing in the cloud by incorporating a secure and efficient system for End-to-End provenance. In this paper, we describe this framework along with the comprehensive semantically rich knowledge graph that we have developed to capture rules embedded in data privacy policy documents. Our framework can be used by organizations to automate compliance of their Cloud datasets.

Download Full-text

Making context the central concept in privacy engineering

Research and Practice in Technology Enhanced Learning ◽

10.1186/s41039-020-00141-9 ◽

2020 ◽

Vol 15 (1) ◽

Author(s):

Tore Hoel ◽

Weiqin Chen ◽

Jan M. Pawlowski

Keyword(s):

Data Sharing ◽

Data Privacy ◽

Service Providers ◽

Design Science ◽

Personal Data ◽

Science Research ◽

Design Science Research ◽

Normative Theory ◽

Contextual Integrity ◽

Individual Privacy

Abstract There is a gap between people’s online sharing of personal data and their concerns about privacy. Till now, this gap is addressed by attempting to match individual privacy preferences with service providers’ options for data handling. This approach has ignored the role different contexts play in data sharing. This paper aims at giving privacy engineering a new direction putting context centre stage and exploiting the affordances of machine learning in handling contexts and negotiating data sharing policies. This research is explorative and conceptual, representing the first development cycle of a design science research project in privacy engineering. The paper offers a concise understanding of data privacy as a foundation for design extending the seminal contextual integrity theory of Helen Nissenbaum. This theory started out as a normative theory describing the moral appropriateness of data transfers. In our work, the contextual integrity model is extended to a socio-technical theory that could have practical impact in the era of artificial intelligence. New conceptual constructs such as ‘context trigger’, ‘data sharing policy’ and ‘data sharing smart contract’ are defined, and their application is discussed from an organisational and technical level. The constructs and design are validated through expert interviews; contributions to design science research are discussed, and the paper concludes with presenting a framework for further privacy engineering development cycles.

Download Full-text

Privacy-Preserving Pandemic Monitoring

Advances in Data Mining and Database Management - Data Science Advancements in Pandemic and Outbreak Management ◽

10.4018/978-1-7998-6736-4.ch010 ◽

2021 ◽

pp. 194-206

Author(s):

Thu Yein Win ◽

Hugo Tianfield

Keyword(s):

Public Health ◽

Data Sharing ◽

Data Privacy ◽

Privacy Preserving ◽

Patient Data ◽

Future Research ◽

Health Safety ◽

Patient Data Privacy ◽

Significant Challenge ◽

The World

The recent COVID-19 pandemic has presented a significant challenge for health organisations around the world in providing treatment and ensuring public health safety. While this has highlighted the importance of data sharing amongst them, it has also highlighted the importance of ensuring patient data privacy in doing so. This chapter explores the different techniques which facilitate this, along with their overall implementations. It first provides an overview of pandemic monitoring and the privacy implications associated with it. It then explores the different privacy-preserving approaches that have been used in existing research. It also explores the strengths as well as their limitations, along with possible areas for future research.

Download Full-text

Privacy Preserving Data Mining

10.5772/intechopen.99224 ◽

2021 ◽

Author(s):

Esma Ergüner Özkoç

Keyword(s):

Data Mining ◽

Data Privacy ◽

Personal Data ◽

Privacy Preserving ◽

Privacy Preserving Data Mining ◽

Data Mining Techniques ◽

Data Mining Algorithms ◽

Data Output ◽

The Individual ◽

Mining Algorithms

Data mining techniques provide benefits in many areas such as medicine, sports, marketing, signal processing as well as data and network security. However, although data mining techniques used in security subjects such as intrusion detection, biometric authentication, fraud and malware classification, “privacy” has become a serious problem, especially in data mining applications that involve the collection and sharing of personal data. For these reasons, the problem of protecting privacy in the context of data mining differs from traditional data privacy protection, as data mining can act as both a friend and foe. Chapter covers the previously developed privacy preserving data mining techniques in two parts: (i) techniques proposed for input data that will be subject to data mining and (ii) techniques suggested for processed data (output of the data mining algorithms). Also presents attacks against the privacy of data mining applications. The chapter conclude with a discussion of next-generation privacy-preserving data mining applications at both the individual and organizational levels.

Download Full-text

Cybersecurity and Data Privacy in the Digital Age

10.4018/978-1-7998-7712-7.ch007 ◽

2022 ◽

pp. 117-131

Author(s):

Olakunle Olayinka ◽

Thomas Win

Keyword(s):

Data Sharing ◽

Small Businesses ◽

Data Privacy ◽

New Technologies ◽

Digital Technologies ◽

Privacy Preserving ◽

Secure Multiparty Computation ◽

Multiparty Computation ◽

Creative Solutions ◽

It Knowledge

The COVID-19 pandemic has brought to the fore a number of issues regarding digital technologies, including a heightened focus on cybersecurity and data privacy. This chapter examines two aspects of this phenomenon. First, as businesses explore creative approaches to operate in the “new normal,” the security implications of the deployment of new technologies are often not considered, especially in small businesses, which often possess limited IT knowledge and resources. Second, issues relating to security and data privacy in monitoring the pandemic are examined, and different privacy-preserving data-sharing techniques, including federated learning, secure multiparty computation, and blockchain-based techniques, are assessed. A new privacy-preserving data-sharing framework, which addresses current limitations of these techniques, is then put forward and discussed. The chapter concludes that although the worst of the pandemic may soon be over, issues regarding cybersecurity will be with us for far longer and require vigilant management and the development of creative solutions.

Download Full-text

Privacy Preserving Big Data Publishing

Advances in Human and Social Aspects of Technology - HCI Challenges and Privacy Preservation in Big Data Security ◽

10.4018/978-1-5225-2863-0.ch003 ◽

2018 ◽

pp. 47-70 ◽

Cited By ~ 3

Author(s):

Nancy Victor ◽

Daphne Lopez

Keyword(s):

Big Data ◽

Language Processing ◽

Data Privacy ◽

Privacy Preservation ◽

Personal Data ◽

Privacy Preserving ◽

Data Publishing ◽

Time Data ◽

Digital World ◽

Distributed Framework

Download Full-text

Multi-Site Split Learning for Privacy-Preserving Medical Systems under Data Imbalance Constraints: A Feasibility Study with COVID-19, X-Ray, and Cholesterol Dataset

10.21203/rs.3.rs-888423/v1 ◽

2021 ◽

Author(s):

Yoo Jeong Ha ◽

Gusang Lee ◽

Minjae Yoo ◽

Soyi Jung ◽

Seehwan Yoo ◽

...

Keyword(s):

Data Sharing ◽

Learning Algorithm ◽

Personal Information ◽

Personal Data ◽

Privacy Preserving ◽

Medical Data ◽

Learning Performance ◽

Medical Systems ◽

X Ray ◽

Data Imbalance

Abstract It seems as though progressively more people are in the race to upload content, data, and information online; and hospitals haven’t neglected this trend either. Hospitals are now at the forefront for multi-site medical data sharing to provide groundbreaking advancements in the way health records are shared and patients are diagnosed. Sharing of medical data is essential in modern medical research. Yet, as with all data sharing technology, the challenge is to balance improved treatment with protecting patient’s personal information. This paper provides a novel split learning algorithm coined the term, “multi-site split learning”, which enables a secure transfer of medical data between multiple hospitals without fear of exposing personal data contained in patient records. It also explores the effects of varying the number of end-systems and the ratio of data-imbalance on the deep learning performance. A guideline for the most optimal configuration of split learning that ensures privacy of patient data whilst achieving performance is empirically given. We argue the benefits of our multi-site split learning algorithm, especially regarding the privacy preserving factor, using CT scans of COVID-19 patients, X-ray bone scans, and cholesterol level medical data.

Download Full-text

“Sharing Is Caring:” Australian Self-Trackers' Concepts and Practices of Personal Data Sharing and Privacy

Frontiers in Digital Health ◽

10.3389/fdgth.2021.649275 ◽

2021 ◽

Vol 3 ◽

Author(s):

Deborah Lupton

Keyword(s):

Data Sharing ◽

Data Privacy ◽

Personal Information ◽

Personal Data ◽

Third Parties ◽

Social Dimensions ◽

Privacy Concerns ◽

Face To Face ◽

Contextual Elements

Self-tracking technologies and practices offer ways of generating vast reams of personal details, raising questions about how these data are revealed or exposed to others. In this article, I report on findings from an interview-based study of long-term Australian self-trackers who were collecting and reviewing personal information about their bodies and other aspects of their everyday lives. The discussion focuses on the participants' understandings and practices related to sharing their personal data and to data privacy. The contextual elements of self-tracked sharing and privacy concerns were evident in the participants' accounts and were strongly related to ideas about why and how these details should be accessed by others. Sharing personal information from self-tracking was largely viewed as an intimate social experience. The value of self-tracked data to contribute to close face-to-face relationships was recognized and related aspects of social privacy were identified. However, most participants did not consider the possibilities that their personal information could be distributed well-beyond these relationships by third parties for commercial purposes (or what has been termed “institutional privacy”). These findings contribute to a more-than-digital approach to personal data sharing and privacy practices that recognizes the interplay between digital and non-digital practices and contexts. They also highlight the relational and social dimensions of self-tracking and concepts of data privacy.

Download Full-text