Internet of Things (IoT) connects massive physical devices to capture and collect useful data, which are used to make accurate decisions by taking advantage of the machine learning techniques. However, the collected data may contain users’ sensitive information. When guaranteeing the utility of data, we need to consider privacy of users’ data. To balance the utility and the privacy of data, the existing approaches usually adopt the privacy-preserving signature technology, where the privacy-preserving data are classified by a designated converter (data processor) interacting with a semihonest verifier (data center). However, for the malicious behavior of the data center and data processor, this kind of approach is insufficient. To prevent the malicious data center/data processor while guaranteeing the utility and privacy of data, we propose blockchain-based auditable privacy-preserving data classification ( <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">PPDC</i> ) scheme for IoT. We put forth a new controllably linkable group signature ( <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">CL-GS</i> ) to balance the utility and privacy of data and take advantage of blockchain to audit the correctness of privacy-preserving data classification against malicious data processor/data center. We formalize the system model of the auditable privacy-preserving data classification in the blockchain setting and its security model. Then, we present a concrete construction and prove its security in the random oracle model. Finally, we deploy a prototype system to evaluate the performance of <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">PPDC</i> .
Read full abstract