Privacy Of Sensitive Data Research Articles

AESM2 Attribute-Based Encrypted Search for Multi-Owner and Multi-User Distributed Systems

With the rapid development of cloud computing, it is popular for data owners to outsource massive data to the cloud server for data sharing. To protect the privacy of sensitive data, many searchable encryption schemes are proposed. However, most of the existing studies focus on the single-owner model. In practice, users need to query data from distributed owners one by one, which inevitably brings great communication and computation overheads. Moreover, it lacks a secure scheme that realizes the access control requirements of individual owners. In this article, we propose AESM <inline-formula><tex-math notation="LaTeX">$^{2}$</tex-math></inline-formula> , a new attribute-based encrypted search with ownership enhancement scheme for multi-owner and multi-user distributed systems. Our design enables users to search data from authorized owners with only one trapdoor. Owners can enforce owner level permission on users and encrypt their data individually with fine-grained attribute level permission. For practical consideration, we further devise an efficient revocation method of the owner level permission for users, where ciphertexts do not need to be updated. We formally define and prove the security of our design. Moreover, we implement a system prototype and analyze the performance from theoretical and experimental aspects. The evaluation results demonstrate that our scheme is effective and efficient.

Distributed Timestamp Mechanism Based on Verifiable Delay Functions

In the data communication system, the real-time information interaction of communication device increases the risk of privacy sensitive data being tampered with. Therefore, maintaining data security is one of the most important issues in network data communication. Because the timestamp is the most important way to authenticate data in information interaction, it is very necessary to provide timestamp service in the data communication system. However, the existing centralized timestamp mechanism is difficult to provide credible timestamp service, and users can conspire with timestamping servers to forge timestamps. Therefore, this paper designs a distributed timestamp mechanism based on continuous verifiable delay functions. It utilizes multiple independent timestamp servers to provide timestamp services in a distributed model and appends the timestamp to the data once the data is generated. Thus, it can prove that the data already exists at a certain time and ensure the accuracy of the timestamp. Moreover, a digital blind signature based on elliptic curve cryptography is utilized to solve the problem of timestamp forgery in timestamp service. Finally, the security analysis of the scheme ensures the data security of data communication system and the concurrency rate of timestamp. The experimental results also show that the scheme greatly improves the efficiency of digital signatures.

Designated-Verifier Aggregate Signature Scheme With Sensitive Data Privacy Protection for Permissioned Blockchain-Assisted IIoT

Designated-Verifier Aggregate Signature Scheme With Sensitive Data Privacy Protection for Permissioned Blockchain-Assisted IIoT

Developing an eMental health monitoring module for older mourners using fuzzy cognitive maps.

Effective internet interventions often combine online self-help with regular professional guidance. In the absence of regularly scheduled contact with a professional, the internet intervention should refer users to professional human care if their condition deteriorates. The current article presents a monitoring module to recommend proactively seeking offline support in an eMental health service to aid older mourners. The module consists of two components: a user profile that collects relevant information about the user from the application, enabling the second component, a fuzzy cognitive map (FCM) decision-making algorithm that detects risk situations and to recommend the user to seek offline support, whenever advisable. In this article, we show how we configured the FCM with the help of eight clinical psychologists and we investigate the utility of the resulting decision tool using four fictitious scenarios. The current FCM algorithm succeeds in detecting unambiguous risk situations, as well as unambiguously safe situations, but it has more difficulty classifying borderline cases correctly. Based on recommendations from the participants and an analysis of the algorithm's erroneous classifications, we propose how the current FCM algorithm can be further improved. The configuration of FCMs does not necessarily demand large amounts of privacy-sensitive data and their decisions are scrutable. Thus, they hold great potential for automatic decision-making algorithms in mental eHealth. Nevertheless, we conclude that there is a need for clear guidelines and best practices for developing FCMs, specifically for eMental health.

Communicational and Computational Efficient Federated Domain Adaptation

The emerging paradigm of Federated Learning enables mobile users to collaboratively train a model without disclosing their privacy-sensitive data. Nevertheless, data collected from different mobile users may not be independent and identically distributed. Thus directly applying the trained model to a new mobile user usually leads to performance degradation due to the so-called domain shift. Unsupervised Domain Adaptation is an effective technique to mitigate domain shift and transfer knowledge from labeled source domains to the unlabeled target domain. In this article, we design a Federated Domain Adaptation framework that extends Domain Adaptation with the constraints of Federated Learning to train a model for the target domain and preserve the data privacy of all the source and target domains. As mobile devices usually have limited computation and communication capabilities, we design a set of optimization methods that significantly enhance our framework’s computation and communication efficiency, making it more friendly to resource-constrained edge devices. Evaluation results on three datasets show that our framework has comparable performance with the standard centralized training approach, and the optimization methods can reduce the computation and communication overheads by up to two orders of magnitude.

Granular data representation under privacy protection: Tradeoff between data utility and privacy via information granularity

Information granules describe available experimental evidence at a more abstract level and facilitate the concise characterization of the structure of the numeric data. The utilization of unreliable data collectors poses a key challenge with respect to the privacy of the participants. In order to guarantee data confidentiality, we propose a granular data publishing method under differential privacy. In this study, a two-stage design of information granules considering the requirement of data privacy is proposed. The main idea is to protect individual sensitive pieces of data information against inference attacks and optimize the representation capabilities of information granules in a multi-dimensional data space. In the first stage, a clustering algorithm based on differential privacy is proposed to find some numeric prototypes in a numeric space, which considers sensitive data privacy protection. Second, this paper constructs spherical information granules involving the requirement of differential privacy. Their multi-dimensional and fuzzy granularity characteristics are considered. An improvement of the principle of justifiable granularity is utilized to optimize the bounds of information granules, and a new objective function is established to optimize the information granules. Our work is devoted to tradeoff data privacy and utility by constructing reasonable information granules. Unlike numerical data publishing, the publishing of interval information granules improves data utility in data protection. Experimental results demonstrate the superiority of the proposed granular description method based on differential privacy.

FGAC: A Fine-Grained Access Control Framework for Supply Chain Data Sharing

With the rapid development of digital economics, a large number of data have been accumulated in the supply chain system, and data islands have appeared. Data sharing is an imperative way to unlock the data value of a supply chain system. A safe and effective access control mechanism for privacy-sensitive data is key in data sharing. At present, traditional access control mechanisms are static, single-factor control, and prone to a single point of failure. For dealing with these, a fine-grained access control (FGAC) framework for supply chain data sharing is proposed, based on the blockchain Hyperledger Fabric. It augments role-based access control (RBAC) by giving different attribute keywords to different types of users. This framework is implemented in smart contract Chaincodes and quantitatively verified by using the model-checking tool UPPAAL. The experiment results show that the FGAC framework enhances the efficiency and safety in the process of data sharing for the supply chain system, compared with the existing works.

Federated Multitask Learning for HyperFace

Multitask learning (MTL) is a promising field in machine learning owing to its capability to improve the generalization performance of all tasks by sharing knowledge among the related tasks. MTL has attracted a large amount of attention in the multitask-related community. In recent years, with the rapid development of distributed machine learning, MTL in a distributed environment becomes a hot research topic. Although MTL can reap great fruit in a distributed environment, the sensitive information, such as photos and voice recordings of the owner, in distributed data may be leaked during training. Consequently, in the distributed settings, one prominent challenge of MTL is to prevent the disclosure of sensitive private data. In this article, we propose a novel approach, federated multitask learning (FMTL), which applies federated learning to MTL in a distributed environment in order to protect the MTL model from being leaked and to better optimize the utility of the MTL model. In FMTL, all the participants independently train their local models on their own dataset in parallel and only transmit their model updates to the central server for aggregation at every epoch. As a result, their learning accuracy is enhanced beyond what is achieved only on their own training data. In this manner, it can achieve the best tradeoff between the utility and privacy: participants not only preserve the privacy of their own data, but also benefit from the models of other participants. The experimental results on annotated facial landmarks in the wild (AFLW) and annotated faces in the wild (AFW) benchmark datasets verify the effectiveness of our framework.

Add noise to remove noise: Local differential privacy for feature selection

Feature selection has become significantly important for data analysis. It selects the most informative features describing the data to filter out the noise, complexity, and over-fitting caused by less relevant features. Accordingly, feature selection improves the predictors’ accuracy, enables them to be trained faster and more cost-effectively, and provides a better understanding of the underlying data. While plenty of practical solutions have been proposed in the literature to identify the most discriminating features describing a dataset, an understanding of feature selection over privacy-sensitive data in the absence of a trusted party is still missing. The design of such a framework is specifically important in our modern society, where each individual through accessing the Internet can play simultaneously the role of a data provider and a data-analysis beneficiary. In this study, we propose a novel feature selection framework based on Local Differential Privacy (LDP), named LDP-FS, which estimates the importance of features over securely protected data while protects the confidentiality of each individual data before leaving the user’s device. The performance of LDP-FS in terms of scoring and ordering the features is assessed by investigating the impact of datasets properties, privacy mechanism, privacy levels, and feature selection techniques on this framework. The accuracy of classifiers trained on the selected subset of features by LDP-FS is also presented. Our experimental results demonstrate the effectiveness and efficiency of the proposed framework.

Efficient and HRA Secure Universal Conditional Proxy Re-Encryption for Cloud-Based Data Sharing

Cloud computing has become popular in data sharing mainly because it has huge storage capacity and computing power. Securing the privacy of sensitive data for cloud-based data sharing is vital. Currently, there are various conditional proxy re-encryption (UPRE) schemes that have been proposed to resolve the privacy issue. Nevertheless, the existing UPRE schemes cannot allow the proxy (e.g., the cloud server) to transfer the outsourced encrypted data under the data owner’s public key of any homomorphic encryption scheme into the encrypted data under the data user’s public key of a homomorphic encryption scheme (possibly different from the data owner). The transformation of outsourced encrypted data between homomorphic encryption schemes is more suitable for the real data sharing in clouds. Consequently, we present the notion of universal conditional proxy re-encryption (UCPRE) to solve the issue of flexible transformation of outsourced encrypted data between homomorphic encryption schemes in cloud-based data sharing. UCPRE is lightweight in the sense that it only requires the re-encrypted key generation and re-encryption algorithms. We give the definition of UCPRE and prove that it is HRA secure without random oracle. Finally, we show that our UCPRE is efficient and rational compared to other existing CPRE schemes by instantiating our UCPRE.

Blockchain-enabled efficient distributed attribute-based access control framework with privacy-preserving in IoV

Aiming at solving the challenges of the Internet of Vehicles (IoV), such as privacy sensitive data exposing, data being vulnerable to unauthorized access and tampered with and the single point of failure of the cloud server, this paper introduces a blockchain-enabled data access method based on attribute-based encryption. To enhance the privacy protection, the attributes are hidden and all generated transactions are recorded on the blockchain for auditing. Even if it is untrusted to a third party, it can guarantee the user’s control over his own data. To reduce the computation cost, decentralized edge nodes jointly maintain the blockchain and assist users with limited resources to complete most of the calculations. Meanwhile, the use of smart contracts not only reduces the verification workload, but also evaluates multiple factors such as the communication range, communication time, and calculation overhead of the roadside unit (RSU) to ensure that the vehicle can receive messages in a timely manner. In addition, timely updating the attributes can reduce the user’s computational burden and increase the flexibility of the system. Numeral experiments to show the proposed scheme has many advantages of over others such as the storage cost, the whole time consume of the proposed algorithms and the proxy computation cost.

Horizontal Federated Learning of Takagi–Sugeno Fuzzy Rule-Based Models

In this article, we elaborate on a design and realization of fuzzy rule-based model in the horizontal federated learning framework. Traditional machine learning in distributed environment often involves sharing sensitive information with other sites or transferring data to a central server on which a global model is trained. These situations increase the communication overhead and pose serious threats to the privacy of sensitive data. Federated learning opens up the possibility for collaboratively training a global model on a basis of distributed on-site data without sacrificing data privacy. While fuzzy rule-based models have been used in system modeling due to their substantial modeling abilities and good interpretability, the implementation of fuzzy rule-based models in a distributed environment without compromising data privacy still requires careful consideration. This article proposes a two-step federated learning approach to train a global model on a basis of private data located across different sites without their centralization. The first step concerns the determination of the structure of the data through federated collaborative clustering. Subsequently, a shared global model is trained jointly by all the participating clients. An advantage of the proposed method is that it achieves high accuracy without violating data privacy. A series of experimental studies are conducted to gain a detailed insight into the realization steps and demonstrate the effectiveness of the proposed method.

Automated privacy negotiations with preference uncertainty

Many service providers require permissions to access privacy-sensitive data that are not necessary for their core functionality. To support users’ privacy management, we propose a novel agent-based negotiation framework to negotiate privacy permissions between users and service providers using a new multi-issue alternating-offer protocol based on exchanges of partial and complete offers. Additionally, we introduce a novel approach to learning users’ preferences in negotiation and present two variants of this approach: one variant personalised to each individual user, and one personalised depending on the user’s privacy type. To evaluate them, we perform a user study with participants, using an experimental tool installed on the participants’ mobile devices. We compare the take-it-or-leave-it approach, in which users are required to accept all permissions requested by a service, to negotiation, which respects their preferences. Our results show that users share personal data 2.5 times more often when they are able to negotiate while maintaining the same level of decision regret. Moreover, negotiation can be less mentally demanding than the take-it-or-leave-it approach and it allows users to align their privacy choices with their preferences. Finally, our findings provide insight into users’ data sharing strategies to guide the future of automated and negotiable privacy management mechanisms.

Privacy-preserving bidirectional keyword search over encrypted data for cloud-assisted IIoT

Cloud-assisted industrial Internet of Things (IIoT) technology is increasingly used by related enterprises. To preserve the privacy of sensitive data, IIoT devices must encrypt data before sending them to a cloud server. Public-key encryption with keyword search (PEKS) provides an important search function over cloud-assisted IIoT, allowing users to search for encrypted data without decryption. To increase practical functionality, Zhang et al. recently proposed the concept of public-key encryption with bidirectional keyword search, which supports both sender and receiver searches. However, their scheme provides insufficient security because it cannot resist keyword guessing attacks (KGA). Additionally, their scheme requires time-consuming bilinear pairing operations, resulting in high computational costs. In this study, a novel concept called public-key authenticated encryption with bidirectional keyword search was devised for multi-user settings. The system definition and security requirements are formally defined to ensure that no adversary can overcome the indistinguishability against chosen-keyword attacks or KGA. Furthermore, we propose a pairing-free semi-generic construction, combining a multiparty non-interactive protocol and authenticated functionality, which has proven to be secure under the standard model. The experimental results reveal that, compared with other state-of-the-art schemes, the proposed scheme is more practical, secure, and suitable for use with cloud-assisted IIoT systems.

A Blockchain-Enabled Privacy-Preserving Verifiable Query Framework for Securing Cloud-Assisted Industrial Internet of Things Systems

Advanced Industrial Internet-of-Things (IIoT), such as smart grids, 5G-enabled unmanned aerial vehicles (UAV), and supply chain 4.o, can be used to facilitate smart management. Nevertheless, IIoT systems generate huge amounts of data that need to be outsourced to the cloud for storing and providing real-time search facilities to end-users. Outsourcing IIoT data to a third-party cloud service provider (CSP) introduces several data privacy and integrity issues related to verifying the reliability of users’ queries and aggregated outcomes. In this article, we propose a blockchain-based framework for provisioning a privacy-preserving and verifiable query facility to end-users in IIoT systems. The framework uses blockchain to store IoT data as on-chain data and the cloud to store extensive data (e.g., image) as off-chain data and provisioning search services to users by executing a query in both on-chain and off-chain data and generating an aggregated result. Besides, it introduces a new privacy-preserving query mechanism for ensuring sensitive data privacy during query execution. A data owner encrypts both on-chain and off-chain data in the privacy-preserving query mechanism before sending it to the blockchain and cloud. A CSP can perform search operations on the encrypted on-chain and off-chain data to ensure sensitive data privacy. A multisignature-powered query verification model is also built for the blockchain. The query verification model allows each blockchain node to endorse the query result individually and a user to verify the endorsement of the query result before use. The experiments revealed the high efficiency and scalability of the proposed framework.

Federated Learning for Privacy-Aware Human Mobility Modeling.

Human mobility modeling is a complex yet essential subject of study related to modeling important spatiotemporal events, including traffic, disease spreading, and customized directions and recommendations. While spatiotemporal data can be collected easily via smartphones, current state-of-the-art deep learning methods require vast amounts of such privacy-sensitive data to generate useful models. This work investigates the creation of spatiotemporal models using a Federated Learning (FL) approach—a machine learning technique that avoids sharing personal data with centralized servers. More specifically, we examine three centralized models for next-place prediction: a simple Gated Recurrent Unit (GRU) model, as well as two state-of-the-art centralized approaches, Flashback and DeepMove. Flashback is a Recurrent Neural Network (RNN) that utilizes historical hidden states with similar context as the current spatiotemporal context to improve performance. DeepMove is an attentional RNN that aims to capture human mobility's regularity while coping with data sparsity. We then implemented models based on FL for the two best-performing centralized models. We compared the performance of all models using two large public datasets: Foursquare (9,450 million check-ins, February 2009 to October 2010) and Gowalla (3,300 million check-ins, April 2012 to January 2014). We first replicated the performance of both Flashback and DeepMove, as reported in the original studies, and compared them to the simple GRU model. Flashback and GRU proved to be the best performing centralized models, so we further explored both in FL scenarios, including several parameters such as the number of clients, rounds, and epochs. Our results indicated that the training process of the federated models was less stable, i.e., the FL versions of both Flashback and GRU tended to have higher variability in the loss curves. The higher variability led to a slower convergence and thus a poorer performance when compared to the corresponding centralized models. Model performance was also highly influenced by the number of federated clients and the sparsity of the evaluation dataset. We additionally provide insights into the technical challenges of applying FL to state-of-the-art deep learning methods for human mobility.

Federated Learning in Healthcare: A Privacy Preserving Approach.

A need to enhance healthcare sector amidst pandemic arises. Many technological developments in Artificial Intelligence (AI) are being constantly leveraged in different fields of healthcare. One such advancement, Federated Learning(FL) has acquired recognition primarily due to its decentralized, collaborative nature of building AI models. The most significant feature in FL is that, raw data remain with the data sources throughout the training process and thus preventing its exposure. Hence, FL is more suitable and inevitable in healthcare domain as it deals with private sensitive data which needs to be protected. However, privacy threats still exist in FL, necessitating a requirement for further improvement in privacy protection This paper discusses about the concepts and applications of FL in healthcare and presents a novel approach for enhancing privacy preservation in Federated Learning.

MID-Crypt: A Cryptographic Algorithm for Advanced Medical Images Protection

Privacy-preserving of medical information (such as medical records and images) is an essential right for patients to ensure security against undesired access parties. This right is typically protected by law through firm regulations set by healthcare authorities. However, sensitive-private data usually requires the application of further security and privacy mechanisms such as encipherment (encryption) techniques. ’Medical images’ is one such example of highly demanding security and privacy standards. This is due to the quality and nature of the information carried among these images, which are usually sensitive-private information with few features and tonal variety. Hence, several state-of-the-art encryption mechanisms for medical images have been proposed and developed; however, only a few were efficient and promising. This paper presents a hybrid crypto-algorithm, MID-Crypt, to secure the medical image communicated between medical laboratories and doctors’ accounts. MID-Crypt is designed to efficiently hide medical image features and provide high-security standards. Specifically, MID-Crypt uses a mix of Elliptic-curve Diffie–Hellman (ECDH) for image masking and Advanced Encryption Standard (AES) with updatable keys for image encryption. Besides, a key management module is used to organize the public and private keys, the patient’s digital signature provides authenticity, and integrity is guaranteed by using the Merkle tree. Also, we evaluated our proposed algorithm in terms of several performance indicators including, peak signal-to-noise ratio (PSNR) analysis, correlation analysis, entropy analysis, histogram analysis, and timing analysis. Consequently, our empirical results revealed the superiority of MID-Crypt scoring the best performance values for PSNR, correlation, entropy, and encryption overhead. Finally, we compared the security measures for the MID-Crypt algorithm with other studies, the comparison revealed the distinguishable security against several common attacks such as side-channel attacks (SCA), differential attacks, man-in-the-middle attacks (MITM), and algebraic attacks.

Ibn Sina: A patient privacy‐preserving authentication protocol in medical internet of things

The prosperous advancement in Medical Internet of Things (MIoT) technologies has hastened the development of healthcare systems. MIoT improves the traditional medical facilities through periodically monitor of patient’s health records. Electronic Medical Records (EMRs) are sensitive private data and needs efficient secure and private schemes that interchange these EMRs between healthcare providers and patients. Most of the current privacy preserving schemes do not provide the desired privacy level and suffer from computation and communication overheads.The length of an IDentity-based Strong Designated Verifier Signature (IDSDVS) is short. IDSDVS has low communication and computational costs. Moreover, it gives the signer (the patient) a control over whom can verify his signature. This feature allows patients to choose the verifier and keep the privacy of their Electronic Medical Records (EMR). This paper presents a new privacy-preserving authentication protocol in Medical Internet of Things (MIOT) that achieves patient privacy in MIoT. Precisely, we propose two new IDSDVS schemes. Utilizing the random oracle model, we show that these two schemes satisfy the security conditions. Furthermore, we evaluate the proposed IDSDVS schemes by comparing them to related schemes in the literature. The proposed schemes achieve lower costs of communication and computation than related schemes.

A Cooperative Hierarchical Multi-Agent System for EV Charging Scheduling in Presence of Multiple Charging Stations

The increasing penetration of plug-in electric vehicles (EVs) to the electrical grid raises concerns over secure and economic operation of the system. A coordination mechanism between system operator and EV aggregators is necessary to ensure that the system is operated within the security limits, and to reduce the charging costs while satisfying EV users’ energy needs. In this work, we present a cooperative hierarchical multi-agent system and propose an EV charging scheduling strategy in order to minimize the demand and energy charges while meeting the EV users’ energy requirements and satisfying the system security constraints. Within the designed framework, the higher-level agents calculate a set of proposed control signals by solving the designated optimization problems, and send them to the lower-level agents to facilitate an optimal scheduling in line with the aforementioned objectives. Through this hierarchically distributed approach, it is possible to effectively coordinate multiple EV charging stations without the need of direct communication or any prior information related to EV arrivals. The computational complexity of the problem is reduced by distributing the work among agents, and the privacy of sensitive data, such as system topology, load profiles, and EV parameters, is preserved. Moreover, unlike the traditional distributed solution methods that converge iteratively, the proposed approach calculates the optimal charging schedule after a single round of communication. The efficacy of the proposed methodology is demonstrated by a series of case studies on 33-bus and 118-bus distribution test feeders.