Assessment of attribute-based credentials for privacy-preserving road traffic services in smart cities

Smart cities involve the provision of advanced services for road traffic users. Vehicular ad hoc networks (VANETs) are a promising communication technology in this regard. Preservation of privacy is crucial in these services to foster their acceptance. Previous approaches have mainly focused on PKI-based or ID-based cryptography. However, these works have not fully addressed the minimum information disclosure principle. Thus, questions such as how to prove that a driver is a neighbour of a given zone, without actually disclosing his identity or real address, remain unaddressed. A set of techniques, referred to as Attribute-Based Credentials (ABCs), have been proposed to address this need in traditional computation scenarios. In this paper, we explore the use of ABCs in the vehicular context. For this purpose, we focus on a set of use cases from European Telecommunications Standards Institute (ETSI) Basic Set of Applications, specially appropriate for the early development of smart cities. We assess which ABC techniques are suitable for this scenario, focusing on three representative ones—Idemix, U-Prove and VANET-updated Persiano systems. Our experimental results show that they are feasible in VANETs considering state-of-the-art technologies, and that Idemix is the most promising technique for most of the considered use cases.This work was supported by the MINECO grant TIN2013-46469-R (SPINY: Security and Privacy in the Internet of You); the CAM grant S2013/ICE-3095 (CIBERDINE: Cybersecurity, Data, and Risks) and by the MINECO grant TIN2016-79095-C2-2-R (SMOG-DEV - Security mechanisms for fog computing: advanced security for devices). Jose Maria de Fuentes and Lorena Gonzalez were also supported by the Programa de Ayudas para la Movilidad of Carlos III University of Madrid

Secure and Authenticated Message Dissemination in Vehicular ad hoc Networks and an Incentive-Based Architecture for Vehicular Cloud

Vehicular ad hoc Networks (VANETs) allow vehicles to form a self-organized network. VANETs are likely to be widely deployed in the future, given the interest shown by industry in self-driving cars and satisfying their customers various interests. Problems related to Mobile ad hoc Networks (MANETs) such as routing, security, etc.have been extensively studied. Even though VANETs are special type of MANETs, solutions proposed for MANETs cannot be directly applied to VANETs because all problems related to MANETs have been studied for small networks. Moreover, in MANETs, nodes can move randomly. On the other hand, movement of nodes in VANETs are constrained to roads and the number of nodes in VANETs is large and covers typically large area. The following are the contributions of the thesis. Secure, authenticated, privacy preserving message dissemination in VANETs: When vehicles in VANET observe phenomena such as accidents, icy road condition, etc., they need to disseminate this information to vehicles in appropriate areas so the drivers of those vehicles can take appropriate action. When such messages are disseminated, the authenticity of the vehicles disseminating such messages should be verified while at the same time the anonymity of the vehicles should be preserved. Moreover, to punish the vehicles spreading malicious messages, authorities should be able to trace such messages to their senders when necessary. For this, we present an efficient protocol for the dissemination of authenticated messages. Incentive-based architecture for vehicular cloud: Due to the advantages such as exibility and availability, interest in cloud computing has gained lot of attention in recent years. Allowing vehicles in VANETs to store the collected information in the cloud would facilitate other vehicles to retrieve this information when they need. In this thesis, we present a secure incentive-based architecture for vehicular cloud. Our architecture allows vehicles to collect and store information in the cloud; it also provides a mechanism for rewarding vehicles that contributing to the cloud. Privacy preserving message dissemination in VANETs: Sometimes, it is sufficient to ensure the anonymity of the vehicles disseminating messages in VANETs. We present a privacy preserving message dissemination protocol for VANETs

Privacy-preserving and fraud-resistant targeted advertising for mobile devices

Online Behavioural Advertising (OBA) enables Ad-Networks to capitalize on the popularity of digital Publishers in order to target users with contextaware promotional materials from Advertisers. OBA has been shown to be very effective at engaging consumers but at the same time presents severe privacy and security threats for both users and Advertisers. Users view OBA as intrusive and are therefore reluctant to share their private data with Ad-Networks. In many cases this results in the adoption of anti-tracking tools and ad-blockers which reduces the system's performance. Advertisers on their part are susceptible to financial fraud due to Ad-Reports that do not correspond to real consumer activity. Consequently, user privacy is further violated as Ad-Networks are provoked into collecting even more data in order to detect fictitious Ad-Reports. Researchers have mostly approached user privacy and fraud prevention as separate issues while ignoring how potential solutions to address one problem will effect the other. As a result, previously proposed privacy-preserving advertising systems are susceptible to fraud or fail to offer fine-grain targeting which makes them undesirable by Advertisers while systems that focus on fraud prevention, require the collection of private data which renders them as a threat for users. The aim of our research is to offer a comprehensive solution which addresses both problems without resulting in a conflict of interest between Advertisers and users. Our work specifically focuses on the preservation of privacy for mobile device users who represent the majority of consumers that are targeted by OBA. To accomplish the set goal, we contribute ADS+R (Advert Distribution System with Reporting) which is an innovative advertising system that supports the delivery of personalized adverts as well as the submission of verifiable Ad-Reports on mobile devices while still maintaining user privacy. Our approach adopts a decentralized architecture which connects mobile users and Advertisers over a hybrid opportunistic network without the need for an Ad-Network to operate as administrative authority. User privacy is preserved through the use of peer-to-peer connections (serving as proxy connections), Anonymous- download technologies and cryptography, while Advertiser fraud is prevented by means of a novel mechanism which we termed Behavioural Verification. Behavioural Verification combines client-side processing with a blockchaininspired construction which enables Advertisers to certify the integrity of Ad-Reports without exposing the identity of the submitting mobile users. In comparison to previously proposed systems, ADS+R provides both (1) user privacy and (2) advert fraud prevention while allowing for (3) a tunable trade-off between resource consumption and security, and (4) the statistical analysis and data mining of consumer behaviours

Collaboration in Opportunistic Networks

Motivation. With the increasing integration of wireless short-range communication technologies (Bluetooth, 802.11b WiFi) into mobile devices, novel applications for spontaneous communication, interaction and collaboration are possible. We distinguish between active and passive collaboration. The devices help users become aware of each other and stimulate face-to-face conversation (active collaboration). Also, autonomous device communication for sharing information without user interaction is possible, i.e., devices pass information to other devices in their vicinity (passive collaboration). Both, active and passive collaboration requires a user to specify what kind of information he offers and what kind of information he is interested in. Object of Research: Opportunistic Networks. Spontaneous communication of mobile devices leads to so-called opportunistic networks, a new and promising evolution in mobile ad-hoc networking. They are formed by mobile devices which communicate with each other while users are in close proximity. There are two prominent characteristics present in opportunistic networks: 1) A user provides his personal device as a network node. 2) Users are a priori unknown to each other. Objectives. Due to the fact that a user dedicates his personal device as a node to the opportunistic network and interacts with other users unknown to him, collaboration raises questions concerning two important human aspects: user privacy and incentives. The users’ privacy is at risk, since passive collaboration applications may expose personal information about a user. Furthermore, some form of incentive is needed to encourage a user to share his personal device resources with others. Both issues, user privacy and incentives, need to be taken into account in order to increase the user acceptability of opportunistic network applications. These aspects have not been addressed together with the technical tasks in prior opportunistic network research. Scientific Contribution and Evaluation. This thesis investigates opportunistic networks in their entirety, i.e., our technical design decisions are appropriate for user privacy preservation and incentive schemes. In summary, the proposed concepts comprise system components, a node architecture, a system model and a simple one-hop communication paradigm for opportunistic network applications. One focus of this work is a profile-based data dissemination mechanism. A formal model for this mechanism will be presented. On top of that, we show how to preserve the privacy of a user by avoiding static and thus linkable data and an incentive scheme that is suitable for opportunistic network applications. The evaluation of this work is twofold. We implemented two prototypes on off-the-shelf hardware to show the technical feasibility of our opportunistic network concepts. Also, the prototypes were used to carry out a number of runtime measurements. Then, we developed a novel two-step simulation method for opportunistic data dissemination. The simulation combines real world user traces with artificial user mobility models, in order to model user movements more realistically. We investigate our opportunistic data dissemination process under various settings, including different communication ranges and user behavior patterns. Our results depict, within the limits of our model and assumptions, a good performance of the data dissemination process

Security and Privacy Preservation in Mobile Advertising

Mobile advertising is emerging as a promising advertising strategy, which leverages prescriptive analytics, location-based distribution, and feedback-driven marketing to engage consumers with timely and targeted advertisements. In the current mobile advertising system, a third-party ad broker collects and manages advertisements for merchants who would like to promote their business to mobile users. Based on its large-scale database of user profiles, the ad broker can help the merchants to better reach out to customers with related interests and charges the merchants for ad dissemination services. Recently, mobile advertising technology has dominated the digital advertising industry and has become the main source of income for IT giants. However, there are many security and privacy challenges that may hinder the continuous success of the mobile advertising industry. First, there is a lack of advertising transparency in the current mobile advertising system. For example, mobile users are concerned about the reliability and trustworthiness of the ad dissemination process and advertising review system. Without proper countermeasures, mobile users can install ad-blocking software to filter out irrelevant or even misleading advertisements, which may lower the advertising investments from merchants. Second, as more strict privacy regulations (e.g. European General Data Privacy Regulations) take effect, it is critical to protect mobile users’ personal profiles from illegal sharing and exposure in the mobile advertising system. In this thesis, three security and privacy challenges for the mobile advertising system are identified and addressed with the designs, implementations, and evaluations of a blockchain-based architecture. First, we study the anonymous review system for the mobile advertising industry. When receiving advertisements from a specific merchant (e.g. a nearby restaurant), mobile users are more likely to browse the previous reviews about the merchant for quality-of-service assessments. However, current review systems are known for the lack of system transparency and are subject to many attacks, such as double reviews and deletions of negative reviews. We exploit the tamper-proof nature and the distributed consensus mechanism of the blockchain technology, to design a blockchain-based review system for mobile advertising, where review accumulations are transparent and verifiable to the public. To preserve user review privacy, we further design an anonymous review token generation scheme, where users are encouraged to leave reviews anonymously while still ensuring the review authenticity. We also explore the implementation challenges of the blockchain-based system on an Ethereum testing network and the experimental results demonstrate the application feasibility of the proposed anonymous review system. Second, we investigate the transparency issues for the targeted ad dissemination process. Specifically, we focus on a specific mobile advertising application: vehicular local advertising, where vehicular users send spatial-keyword queries to ad brokers to receive location-aware advertisements. To build a transparent advertising system, the ad brokers are required to provide mobile users with explanations on the ad dissemination process, e.g., why a specific ad is disseminated to a mobile user. However, such transparency explanations are often found incomplete and sometimes even misleading, which may lower the user trust on the advertising system if without proper countermeasures. Therefore, we design an advertising smart contract to efficiently realize a publicly verifiable spatial-keyword query scheme. Instead of directly implementing the spatial-keyword query scheme on the smart contract with prohibitive storage and computation cost, we exploit the on/off-chain computation models to trade the expensive on-chain cost for cheap off-chain cost. With two design strategies: digest-and-verify and divide-then-assemble, the on-chain cost for a single spatial keyword query is reduced to constant regardless of the scale of the spatial-keyword database. Extensive experiments are conducted to provide both on-chain and off-chain benchmarks with a verifiable computation framework. Third, we explore another critical requirement of the mobile advertising system: public accountability enforcement against advertising misconducts, if (1) mobile users receive irrelevant ads, or (2) advertising policies of merchants are not correctly computed in the ad dissemination process. This requires the design of a composite Succinct Non-interactive ARGument (SNARG) system, that can be tailored for different advertising transparency requirements and is efficient for the blockchain implementations. Moreover, pursuing public accountability should also achieve a strict privacy guarantee for the user profile. We also propose an accountability contract which can receive explanation requirements from both mobile users and merchants. To promote prompt on-chain responses, we design an incentive mechanism based on the pre-deposits of involved parties, i.e., ad brokers, mobile users, and merchants. If any advertising misconduct is identified, public accountability can be enforced by confiscating the pre-deposits of the misbehaving party. Comprehensive experiments and analyses are conducted to demonstrate the versatile functionalities and feasibility of the accountability contract. In summary, we have designed, implemented, and evaluated a blockchain-based architecture for security and privacy preservations in the mobile advertising. The designed architecture can not only enhance the transparency and accountability for the mobile advertising system, but has also achieved notably on-chain efficiency and privacy for real-world implementations. The results from the thesis may shed light on the future research and practice of a blockchain-based architecture for the privacy regulation compliance in the mobile advertising

Smart Grid Metering Networks: A Survey on Security, Privacy and Open Research Issues

Smart grid (SG) networks are newly upgraded networks of connected objects that greatly improve reliability, efficiency and sustainability of the traditional energy infrastructure. In this respect, the smart metering infrastructure (SMI) plays an important role in controlling, monitoring and managing multiple domains in the SG. Despite the salient features of SMI, security and privacy issues have been under debate because of the large number of heterogeneous devices that are anticipated to be coordinated through public communication networks. This survey paper shows a brief overview of real cyber attack incidents in traditional energy networks and those targeting the smart metering network. Specifically, we present a threat taxonomy considering: (i) threats in system-level security, (ii) threats and/or theft of services, and (iii) threats to privacy. Based on the presented threats, we derive a set of security and privacy requirements for SG metering networks. Furthermore, we discuss various schemes that have been proposed to address these threats, considering the pros and cons of each. Finally, we investigate the open research issues to shed new light on future research directions in smart grid metering networks

Facebook: Shifting Privacy, Identity, and Power Online

Due to staggering technological shifts in recent decades, the Internet has become a routine fixture in everyday life. The popularity of social networking sites, in particular, raises myriad questions regarding identity construction and social interaction. It is also unclear how these practices are related to perceptions of privacy. This dissertation examines how traditional notions of privacy compare, and apply, to privacy on the Internet and considers how issues of power are (re)created in online spaces. By focusing on identity enactment strategies and social connectivity practices, this work sheds light on the ways in which individuals define privacy and choose to engage online. This analysis also investigates how current public discourses, which emphasize users\u27 ignorance to privacy threats online and the detrimental effects of social media on interpersonal interaction, map onto user experiences. The findings stem from an online focus group with twenty Facebook users coupled with five individual interviews with researchers, legal experts, and artists whose work centers on social media. This project constructs a psychology of privacy that helps fill in existing gaps in the research on what is now happening on the social networking site, Facebook. The findings challenge familiar tendencies to pursue research agendas premised on binary frameworks, such as isolation versus connection and authentic versus inauthentic identities. Instead, the data highlight the novel forms of connectivity and identity practices that transpire online. As such, the data add to existing research that accentuates how online practices serve to enhance social connections and allow for a multiplicity of identity. Further, undermining some of the assumptions woven throughout public discourses concerning privacy invasions online, this dissertation demonstrates that users adopt innovative strategies for maintaining personal levels of comfort with respect to privacy online and reveals that perceptions of privacy are largely rooted in the ability to trust fellow users with personal information. Individual actions of marking boundaries with respect to what, and with whom, users share online provide the material with which researchers can construct new, dynamic definitions of personal privacy in virtual contexts