Trajectory as an Identity: Privacy-Preserving and Sybil-Resistant Authentication for Internet of Vehicles

With the advancement of the 5G network, the Internet of Vehicles (IoV) is becoming more and more attractive for academic researchers and industrial. A main challenge of IoV is to guarantee the authenticity of messages and protect drivers’ privacy simultaneously. The majority of privacy-preserving authentication schemes for IoV adopt pseudonyms or group signatures to achieve a balance between security and privacy. However, defending the Sybil attacks in these schemes is challenging. In this work, we propose a novel privacy-preserving authentication scheme for announcement messages, which utilizes the trajectories of vehicles as their identities. When an authenticated message is verified, the verifier is convinced that the message is generated by a vehicle that has a unique masked trajectory. Meanwhile, the real trajectories of vehicles are kept private. In particular, our scheme achieves Sybil attack resistance without the limitation of trajectory length even when the attacker is allowed to use cloud services.

Privacy-Protection Scheme of a Credit-Investigation System Based on Blockchain

In response to the rapid growth of credit-investigation data, data redundancy among credit-investigation agencies, privacy leakages of credit-investigation data subjects, and data security risks have been reported. This study proposes a privacy-protection scheme for a credit-investigation system based on blockchain technology, which realizes the secure sharing of credit-investigation data among multiple entities such as credit-investigation users, credit-investigation agencies, and cloud service providers. This scheme is based on blockchain technology to solve the problem of islanding of credit-investigation data and is based on zero-knowledge-proof technology, which works by submitting a proof to the smart contract to achieve anonymous identity authentication, ensuring that the identity privacy of credit-investigation users is not disclosed; this scheme is also based on searchable-symmetric-encryption technology to realize the retrieval of the ciphertext of the credit-investigation data. A security analysis showed that this scheme guarantees the confidentiality, the availability, the tamper-proofability, and the ciphertext searchability of credit-investigation data, as well as the fairness and anonymity of identity authentication in the credit-investigation data query. An efficiency analysis showed that, compared with similar identity-authentication schemes, the proof key of this scheme is smaller, and the verification time is shorter. Compared with similar ciphertext-retrieval schemes, the time for this scheme to generate indexes and trapdoors and return search results is significantly shorter.

Understanding the Barriers and Facilitators to Sharing Patient-Generated Health Data Using Digital Technology for People Living With Long-Term Health Conditions: A Narrative Review

Using digital technology to share patient-generated health data has the potential to improve the self-management of multiple long-term health conditions. Sharing these data can allow patients to receive additional support from healthcare professionals and peer communities, as well as enhance their understanding of their own health. A deeper understanding of the concerns raised by those living with long-term health conditions when considering whether to share health data via digital technology may help to facilitate effective data sharing practices in the future. The aim of this review is to identify whether trust, identity, privacy and security concerns present barriers to the successful sharing of patient-generated data using digital technology by those living with long-term health conditions. We also address the impact of stigma on concerns surrounding sharing health data with others. Searches of CINAHL, PsychInfo and Web of Knowledge were conducted in December 2019 and again in October 2020 producing 2,581 results. An iterative review process resulted in a final dataset of 23 peer-reviewed articles. A thorough analysis of the selected articles found that issues surrounding trust, identity, privacy and security clearly present barriers to the sharing of patient-generated data across multiple sharing contexts. The presence of enacted stigma also acts as a barrier to sharing across multiple settings. We found that the majority of literature focuses on clinical settings with relatively little attention being given to sharing with third parties. Finally, we suggest the need for more solution-based research to overcome the discussed barriers to sharing.

FX Job Recruitment

In this project present a secure and privacy-preserving access control to users, which guarantee any member in a group to anonymously utilize the cloud resource. Moreover, the real identities of data owners can be revealed by the group manager when disputes occur. In this project provide rigorous security analysis, and perform extensive simulations to demonstrate the efficiency of our scheme in terms of storage and computation overhead. Cloud computing provides an economical and efficient solution for sharing group resource among cloud users. Unfortunately, sharing data in a multi-job portal manner while preserving data and identity privacy from an un trusted cloud is still a challenging issue, due to the frequent change of the membership . The major aims of this method a secure multi-owner data sharing scheme. It implies that any user in the group can securely share data with others by the un trusted cloud. This scheme is able to support dynamic groups. Efficiently, specifically, new granted users can directly decrypt data files uploaded before their participation without contacting with data owners. User revocation can be easily achieved through a novel revocation list without updating the secret Keys of the remaining users. The size and computation overhead of encryption are constant and Independent with the number of revoked users. Job portal is developed for creating an interactive job vacancy for candidates. This web application is to be conceived in its current form as a dynamic site-requiring constant updates both from the seekers as well as the companies. On the whole the objective of the project is to enable jobseekers to place their resumes and companies to publish their vacancies.

Location-sharing protocol for privacy protection in mobile online social networks

Location-based services are becoming more and more popular in mobile online social networks (mOSNs) for smart cities, but users’ privacy also has aroused widespread concern, such as locations, friend sets and other private information. At present, many protocols have been proposed, but these protocols are inefficient and ignore some security risks. In the paper, we present a new location-sharing protocol, which solves two issues by using symmetric/asymmetric encryption properly. We adopt the following methods to reduce the communication and computation costs: only setting up one location server; connecting social network server and location server directly instead of through cellular towers; avoiding broadcast encryption. We introduce dummy identities to protect users’ identity privacy, and prevent location server from inferring users’ activity tracks by updating dummy identities in time. The details of security and performance analysis with related protocols show that our protocol enjoys two advantages: (1) it’s more efficient than related protocols, which greatly reduces the computation and communication costs; (2) it satisfies all security goals; however, most previous protocols only meet some security goals.

Group signature with time-bound keys and unforgeability of expiry time for smart cities

Internet of Things (IoT) lays the foundation for the various applications in smart cities, yet resource-constrained IoT devices are prone to suffer from devastating cyberattacks and privacy leak threats, thus are inevitability supposed as the weakest link of the systems in smart cities. Mitigating the security risks of data and the computing limitation of edge devices, especially identity authentication and key validity management of group devices are essential for IoT system security. In order to tackle the issues of anonymity, traceability, unforgeability of expiry time as well as efficient membership revocation for life-cycle management of devices in IoT setting, we presented a dynamic time-bound group signature with unforgeability of expiry time. Unforgeability of expiry time disables a revoked signer to create a valid signature by means of associating the signing key with an expiry time. The anonymity and traceability of the proposed scheme contribute to the identity privacy of the entities and supervision for authority agency. Moreover, our proposal is feasible in the resource-constrained setting for efficient computational cost of signing and verification algorithms.