Privacy Enhancing Research Articles

Privacy enhancement using selective encryption scheme in data outsourcing

In this article, we introduce a practical scheme that dynamically secures and outsources data on demand as well as propose a corresponding architecture to securely process data in database service provider. We also adopt the application of bring your own device in this scheme as an enhanced security solution. After studying over 1300 database models, we expect this scheme can be applied in production with justifiable result.

An Improvement of the eID Online Authentication Scheme for Privacy Enhancement

전자신분증에 대한 연구는 지금까지 여러 국가에서 시도되어 왔으며, 특히 EU에서는 전자신분증의 도입을 적극적으로 추진하고 있다. eID 기술은 이용자에게 편리성을 가져다주지만 개인정보보호에 대한 대책이 없다면 활성화를 기대할 수 없다. 본 논문에서는 eID 카드에서 발생할 수 있는 부채널 공격을 통해 중요 정보의 노출이 발생할 수 있다고 가정하고, eID의 개인정보를 보호하는 방법을 제안하였다. 제안한 방법은 비밀분산 기법을 활용하여 eID 카드 내에 어떠한 개인정보도 남기지 않는 것이 특징이며, eID 카드 자체만으로는 어떠한 비밀정보도 복원할 수 없으므로 카드를 분실한 경우에도 안전을 보장받을 수 있다. 또한, 인증 절차상에서 공격을 시도할 경우에도 비밀정보를 알아내기는 매우 어렵다.

Building Privacy into the Infrastructure: Towards a New Identity Management Architecture

We are at risk of becoming digitally transparent to both government and the private sector. As it is increasingly obvious that US law is not going to prevent the destruction of personal privacy, we urgently need better privacy tools, baked into the way we do transactions. A partial, but significant, privacy enhancement would be a new Identity Management Architecture (IMA) enabling multiple privacy-protective transaction-empowered digital personae per user. Each persona (or ‘nym if you prefer) would have the ability to communicate, and at least a limited ability to transact, in a manner that would not be linkable, or least very difficult to link, to the real identity of the user. By using a variety of personae for online transactions, reading, and communication, users would defeat — or at least vastly reduce the effectiveness — of commercial and perhaps also governmental profiling.The problem is that an IMA that enables privacy enhanced personae is most unlikely to reach wide acceptance unless it is designed in a manner that makes it easy to use. It will not receive US governmental acceptance unless it also reduces the extent to which the personae can be used to break laws and evade contractual obligations. This paper thus discusses the legal and political considerations that might inform a requirements document for such an IMA with special reference to US law and likely US government reaction. It includes a survey of laws that parties engaging in or enabling anonymous or pseudonymous transactions should consider, and concludes with discussion of several critical design decisions including transnational credentials, the possibility of identity escrow for transactional personae, and speculation as to how personae might fare in the marketplace.The timeliness of this proposal is demonstrated by David Chaum’s recent announcement of new privacy protocol, PrivaTegrity, that contains most of the features needed to engineer a privacy-enhanced IMA that might be acceptable to law enforcement. The need for some action, whether based on PrivaTegrity or otherwise, is very great — so critical that it may time to accept the previously unthinkable, and accept some form of identity escrow as part of the IMA.

SPE: Security and Privacy Enhancement Framework for Mobile Devices

In this paper, we present a security and privacy enhancement (SPE) framework for unmodified mobile operating systems. SPE introduces a new layer between the application and the operating system and does not require a device be jailbroken or utilize a custom operating system. We utilize an existing ontology designed for enforcing security and privacy policies on mobile devices to build a policy that is customizable. Based on this policy, SPE provides enhancements to native controls that currently exist on the platform for privacy and security sensitive components. SPE allows access to these components in a way that allows the framework to ensure the application is truthful in its declared intent and ensure that the user’s policy is enforced. In our evaluation we verify the correctness of the framework and the computing impact on the device. Additionally, we discovered security and privacy issues in several open source applications by utilizing the SPE Framework. From our findings, if SPE is adopted by mobile operating systems producers, it would provide consumers and businesses the additional privacy and security controls they demand and allow users to be more aware of security and privacy issues with applications on their devices.

Secure Mix-Zones for Privacy Protection of Road Network Location Based Services Users

Privacy has been found to be the major impediment and hence the area to be worked out for the provision of Location Based Services in the wide sense. With the emergence of smart, easily portable, communicating devices, information acquisition is achieving new domains. The work presented here is an extension of the ongoing work towards achieving privacy for the present day emerging communication techniques. This work emphasizes one of the most effective real-time privacy enhancement techniques called Mix-Zones. In this paper, we have presented a model of a secure road network with Mix-Zones getting activated on the basis of spatial as well as temporal factors. The temporal factors are ascertained by the amount of traffic and its flow. The paper also discusses the importance of the number of Mix-Zones a user traverses and their mixing effectiveness. We have also shown here using our simulations which are required for the real-time treatment of the problem that the proposed transient Mix-Zones are part of a viable and robust solution towards the road network privacy protection of the communicating moving objects of the present scenario.

MixGroup: Accumulative Pseudonym Exchanging for Location Privacy Enhancement in Vehicular Social Networks

Vehicular social network (VSN) is envisioned to serve as an essential data sensing, exchanging and processing platform for the future Intelligent Transportation Systems. In this paper, we aim to address the location privacy issue in VSNs. In traditional pseudonym-based solutions, the privacy-preserving strength is mainly dependent on the number of vehicles meeting at the same occasion. We notice that an individual vehicle actually has many chances to meet several other vehicles. In most meeting occasions, there are only few vehicles appearing concurrently. Motivated by these observations, we propose a new privacy-preserving scheme, called MixGroup, which is capable of efficiently exploiting the sparse meeting opportunities for pseudonym changing. By integrating the group signature mechanism, MixGroup constructs extended pseudonym-changing regions, in which vehicles are allowed to successively exchange their pseudonyms. As a consequence, for the tracking adversary, the uncertainty of pseudonym mixture is accumulatively enlarged, and therefore location privacy preservation is considerably improved. We carry out simulations to verify the performance of MixGroup. Results indicate that MixGroup significantly outperforms the existing schemes. In addition, MixGroup is able to achieve favorable performance even in low traffic conditions.

The onion router: Understanding a privacy enhancing technology community

ABSTRACTInternet technologies have made mass surveillance prevalent and much easier to carry out, while at the same time making personal privacy more difficult to protect. The ubiquity of personal data processing has raised public awareness about the infringement of information privacy. To protect users' information privacy, several initiatives have been developed to provide Privacy Enhancing Technologies (PETs). One of the most well‐known PETs is the Onion Router (Tor) network, which provides users with online anonymity. The Tor network is supported by a group of volunteers who contribute their resources to sustain the availability and quality of the service. However, Tor Volunteers may find themselves in a tough spot at times because Tor network is often monitored by law enforcement, which makes this PET community different from any other open‐source initiatives. To explore this volunteer community's motivation for providing their services despite the risks, we conducted an online survey. Our study results reveal that one of the main motivations for these volunteers is to advocate and provide privacy for online users. In addition, Tor‐relay operators report on their views about anonymous networks, the challenges they face, and how their belief in providing an opportunity for everyone to access information without interference or censorship is a key component of their volunteer participation.

Privacy Enhancement of Node in Opportunistic Network by Using Virtual-Id

Privacy Enhancement of Node in Opportunistic Network by Using Virtual-Id

Privacy Enhancement of Node in Opportunistic Network by Using Virtual-Id

Privacy Enhancement of Node in Opportunistic Network by Using Virtual-Id

Efficiency and Privacy Enhancement for a Track and Trace System of RFID-Based Supply Chains

One of the major applications of Radio Frequency Identification (RFID) technology is in supply chain management as it promises to provide real-time visibility based on the function of track and trace. However, such an RFID-based track and trace system raises new security and privacy challenges due to the restricted resource of tags. In this paper, we refine three privacy related models (i.e., the privacy, path unlinkability, and tag unlinkability) of RFID-based track and trace systems, and clarify the relations among these privacy models. Specifically, we have proven that privacy is equivalent to path unlinkability and tag unlinkability implies privacy. Our results simplify the privacy concept and protocol design for RFID-based track and trace systems. Furthermore, we propose an efficient track and trace scheme, Tracker+, which allows for authentic and private identification of RFID-tagged objects in supply chains. In the Tracker+, no computational ability is required for tags, but only a few bytes of storage (such as EPC Class 1 Gen 2 tags) are needed to store the tag state. Indeed, Tracker+ reduces the memory requirements for each tag by one group element compared to the Tracker presented in other literature. Moreover, Tracker+ provides privacy against supply chain inside attacks.

A novel hybrid P2P and cloud storage system for retrievability and privacy enhancement

This paper presents a novel fountain code-based hybrid P2P and cloud storage system. While most cloud storage systems guarantees data retrievability of high level, they may be vulnerable to data privacy since the stored data may be exposed to others by accident or design. On the other hand, P2P storage system keeps any peer from accessing the whole data by dividing the data into small pieces and distributing them to multiple participating peers, but may degrade data retrievability due to unstable peers. The proposed hybrid storage system attempts to enhance data retrievability and privacy by effectively distributing fountain encoded symbols to cloud server system and participating peers. It is demonstrated that the proposed hybrid storage system achieves the desired level of data retrievability with a short upload time, and enhance privacy by preventing others from reading the contents.

Privacy enhancement in anonymous network channels using multimodality injection

AbstractThe increase of the capacity of processing units and the growth of distributed computing make easy to collect and process information of Internet traffic flows. This information, however, can be used to perform attacks in anonymous communications that could compromise privacy. With the aim of preventing these attacks, we propose a scheme that implements a multimodal behavior using the random walk theory and crypto‐types. The random walk mechanism is responsible for generating network patterns, and the cryptotype performs the micro‐encryption tasks using series of quantum‐resistant cryptography methods through the anonymous channel. The result shows that using this technique, we can prevent network analysis attacks by means of the generation of a different pattern in each execution for the same set of data. Namely, the experiments we have developed indicate that the average rate of true detections of application behaviors made by intruders does not exceed 24%. Thus, this multimodal pattern gives a high level of immunity against data analysis attacks because the intruders could consider the generated patterns as the typical patterns. Copyright © 2015 John Wiley & Sons, Ltd.

Big Data Security Issues Based on Quantum Cryptography and Privacy with Authentication for Mobile Data Center

Abstract Enhancement of security and privacy in mobile data centers is challengeable with efficient security key management. In order to solve this problem, data centers need efficient quantum cryptography using Grover's algorithm and authentication technique which are appropriate approaches to enhance the security and privacy with less complexity. In this research, quantum cryptography with the PairHand protocol seems to be a better approach. In future, light which has same quantum properties will be the best approach because people can see only the light not the data. So, light based on quantum cryptography and PairHand protocols will be the best for this research.

PRIVACY PRESERVING AND OBSCURE DELICATE DATA WITH COLLABORATIVE TAGGING

Tagging system is one of the most diffused and popular services available online. This system allows users to add free text labels generally referred as tags to the Internet resources for example web pages, images, video, music and even blogs. Web metadata have a potential to improve search, retrieval and to protect end user from possible harmful content. The Organization updates their Company portal with public sharing data along with Sensitive data. The query is processed based on the User Profile Analysis. In actual system provide taxonomy of tagging system and system web technologies help to specify labels and rate for that labels which assess the trustworthiness of resources to enforce web access personalization. To enhance the efficiency of tag suppression the privacy ensured skim with Support Vector Machine along with Privacy Enhancing Technology is implemented. SVM is used for extraction of data and obscure delicate data. PET is achieved by using the technique Tag Suppression which has the role of providing the privacy for information. Web user will search using a keyword. The keyword may be the location, feedback or cost to analyze the data. The authentication of the portal is done by the management. Management classified as two roles they are Department Head Role and Admin. Department Head Role is to update their part of portal and retrieve only the corresponding data. Final authentication and approval is done by the admin. Through the analysis efficiency guarantees of proposed scheme is achieved.

Allocative and strategic effects of privacy enhancement in smart grids

Local energy markets are a promising approach for automatic and efficient matching of renewable energy with household demand in smart grids. Therefore, such markets can help to improve power system reliability and at the same reduce emissions. However, to participate in such markets, customers need to disclose private consumption data. A number of studies show that such data records may reveal a broad range of personal, sensitive information on the inhabitants. Privacy-enhancement mechanisms can be applied to preserve the privacy of individuals to modify the data reported to the market. Yet, these mechanisms can lower allocative efficiency and alter theoretical properties of the market mechanism.In this paper, we characterize both theoretically and numerically the effect of privacy mechanisms applied in a local energy market scenario. Our model considers demand side flexibility as well as energy storage systems. Furthermore, we allow for a free specification of the desired privacy enhancement level. We show that under certain natural assumptions market mechanisms retain in-expectation incentive compatibility despite the presence of privacy enhancement. Our numerical analysis based on real-world data shows that the welfare impact of privacy enhancement mechanisms is limited. Furthermore, energy storage can mitigate this efficiency loss to a large extent.

A Privacy-Preserving Framework for Large-Scale Content-Based Information Retrieval

We propose a privacy protection framework for large-scale content-based information retrieval. It offers two layers of protection. First, robust hash values are used as queries to prevent revealing original content or features. Second, the client can choose to omit certain bits in a hash value to further increase the ambiguity for the server. Due to the reduced information, it is computationally difficult for the server to know the client’s interest. The server has to return the hash values of all possible candidates to the client. The client performs a search within the candidate list to find the best match. Since only hash values are exchanged between the client and the server, the privacy of both parties is protected. We introduce the concept oftunable privacy, where the privacy protection level can be adjusted according to a policy. It is realized through hash-based piecewise inverted indexing. The idea is to divide a feature vector into pieces and index each piece with a subhash value. Each subhash value is associated with an inverted index list. The framework has been extensively tested using a large image database. We have evaluated both retrieval performance and privacy-preserving performance for a particular content identification application. Two different constructions of robust hash algorithms are used. One is based on random projections; the other is based on the discrete wavelet transform. Both algorithms exhibit satisfactory performance in comparison with state-of-the-art retrieval schemes. The results show that the privacy enhancement slightly improves the retrieval performance. We consider the majority voting attack for estimating the query category and identification. Experiment results show that this attack is a threat when there are near-duplicates, but the success rate decreases with the number of omitted bits and the number of distinct items.

Privacy Preservation in Web Browsers through Privacy Enhancing Tools

The Internet has revolutionized the way the world and everything around works. People today find it hard to imagine a world without electronic-mails and search engines where every piece of information is just a few clicks away. The use of social media, online banking services, emails and so on allow for many differernt details concerning our personal life to be stored and used online. Similarly misuse of our data by some unknown organisations is also not in our control. While accessible information about us is growing on the Internet, the potential ways to misuse or exploit them is likewise increasing. This has created privacy concerns and a need for better privacy control for users. It can be concluded from the literature survey, that more research in this area is restricted to conceptualization of privacy than a technological solution. The browsers act as an interface between the users and the Internet, hence more features need to be incorporated into them that can empower the users when interacting with the Internet. This paper emphasizes on the need for designing more privacy enhancing tools using a novel approach called Value Sensitive Design (VSD) which provides methods for creating and assessing a design outcome by taking human ethics into consideration.

Privacy Enhanced Pervasive Computing Model with Dynamic Trust and Security

The objective of the research work is to propose a policy aware privacy enhancement model using dynamic trust and security management techniques. The different polices of the stakeholders incorporating device manufacturer, service provider, Mobile agents and mobile users are considered to achieve an enhanced privacy for on-demand request. The entities involving direct and indirect trust establishment with all forms of uncertainties like DDoS attacks are considered along with multiple layers of security management operations across varying trusted entities. The focus is to enhance the existing privacy through an efficient, preventive, detective, response mechanisms for those attacks, which will address the problem of DDoS before, during and after an actual attack. The session time and access time are controlled by the privileges and rights for disclosure of information in pervasive environment.

Data Security and Data Privacy in Cloud Computing

Cloud computing has led to the development of IT to more sophisticated levels by improving the capacity and flexibility of data storage and by providing a scalable computation and processing power which matches the dynamic data requirements. Cloud computing has many benefits which has led to the transfer of many enterprise applications and data to public and hybrid clouds. However, many organizations refer to the protection of privacy and the security of data as the major issues which prevent them from adopting cloud computing. The only way successful implementation of clouds can be achieved is through effective enhancement and management of data security and privacy in clouds. This research paper analyzes the privacy and protection of data in cloud computing through all data lifecycle stages providing an overall perspective of cloud computing while highlighting key security issues and concerns which should be addressed. It also discusses several current solutions and further proposes more solutions which can enhance the privacy and security of data in clouds. Finally, the research paper describes future research work on the protection of data privacy and security in clouds.

Optimal Forgery and Suppression of Ratings for Privacy Enhancement in Recommendation Systems

Recommendation systems are information-filtering systems that tailor information to users on the basis of knowledge about their preferences. The ability of these systems to profile users is what enables such intelligent functionality, but at the same time, it is the source of serious privacy concerns. In this paper we investigate a privacy-enhancing technology that aims at hindering an attacker in its efforts to accurately profile users based on the items they rate. Our approach capitalizes on the combination of two perturbative mechanisms---the forgery and the suppression of ratings. While this technique enhances user privacy to a certain extent, it inevitably comes at the cost of a loss in data utility, namely a degradation of the recommendation's accuracy. In short, it poses a trade-off between privacy and utility. The theoretical analysis of said trade-off is the object of this work. We measure privacy as the Kullback-Leibler divergence between the user's and the population's item distributions, and quantify utility as the proportion of ratings users consent to forge and eliminate. Equipped with these quantitative measures, we find a closed-form solution to the problem of optimal forgery and suppression of ratings, and characterize the trade-off among privacy, forgery rate and suppression rate. Experimental results on a popular recommendation system show how our approach may contribute to privacy enhancement.