17,079 research outputs found
"If You Can't Beat them, Join them": A Usability Approach to Interdependent Privacy in Cloud Apps
Cloud storage services, like Dropbox and Google Drive, have growing
ecosystems of 3rd party apps that are designed to work with users' cloud files.
Such apps often request full access to users' files, including files shared
with collaborators. Hence, whenever a user grants access to a new vendor, she
is inflicting a privacy loss on herself and on her collaborators too. Based on
analyzing a real dataset of 183 Google Drive users and 131 third party apps, we
discover that collaborators inflict a privacy loss which is at least 39% higher
than what users themselves cause. We take a step toward minimizing this loss by
introducing the concept of History-based decisions. Simply put, users are
informed at decision time about the vendors which have been previously granted
access to their data. Thus, they can reduce their privacy loss by not
installing apps from new vendors whenever possible. Next, we realize this
concept by introducing a new privacy indicator, which can be integrated within
the cloud apps' authorization interface. Via a web experiment with 141
participants recruited from CrowdFlower, we show that our privacy indicator can
significantly increase the user's likelihood of choosing the app that minimizes
her privacy loss. Finally, we explore the network effect of History-based
decisions via a simulation on top of large collaboration networks. We
demonstrate that adopting such a decision-making process is capable of reducing
the growth of users' privacy loss by 70% in a Google Drive-based network and by
40% in an author collaboration network. This is despite the fact that we
neither assume that users cooperate nor that they exhibit altruistic behavior.
To our knowledge, our work is the first to provide quantifiable evidence of the
privacy risk that collaborators pose in cloud apps. We are also the first to
mitigate this problem via a usable privacy approach.Comment: Authors' extended version of the paper published at CODASPY 201
Blockchain-based Cloud Data Deduplication Scheme with Fair Incentives
With the rapid development of cloud computing, vast amounts of duplicated
data are being uploaded to the cloud, wasting storage resources. Deduplication
(dedup) is an efficient solution to save storage costs of cloud storage
providers (CSPs) by storing only one copy of the uploaded data. However, cloud
users do not benefit directly from dedup and may be reluctant to dedup their
data. To motivate the cloud users towards dedup, CSPs offer incentives on
storage fees. The problems with the existing dedup schemes are that they do not
consider: (1) correctness - the incentive offered to a cloud user should be
computed correctly without any prejudice. (2) fairness - the cloud user
receives the file link and access rights of the uploaded data if and only if
the CSP receives the storage fee. Meeting these requirements without a trusted
party is non-trivial, and most of the existing dedup schemes do not apply.
Another drawback is that most of the existing schemes emphasize incentives to
cloud users but failed to provide a reliable incentive mechanism.
As public Blockchain networks emulate the properties of trusted parties, in
this paper, we propose a new Blockchain-based dedup scheme to meet the above
requirements. In our scheme, a smart contract computes the incentives on
storage fee, and the fairness rules are encoded into the smart contract for
facilitating fair payments between the CSPs and cloud users. We prove the
correctness and fairness of the proposed scheme. We also design a new incentive
mechanism and show that the scheme is individually rational and incentive
compatible. Furthermore, we conduct experiments by implementing the designed
smart contract on Ethereum local Blockchain network and list the transactional
and financial costs of interacting with the designed smart contract
When Mobile Blockchain Meets Edge Computing
Blockchain, as the backbone technology of the current popular Bitcoin digital
currency, has become a promising decentralized data management framework.
Although blockchain has been widely adopted in many applications, e.g.,
finance, healthcare, and logistics, its application in mobile services is still
limited. This is due to the fact that blockchain users need to solve preset
proof-of-work puzzles to add new data, i.e., a block, to the blockchain.
Solving the proof-of-work, however, consumes substantial resources in terms of
CPU time and energy, which is not suitable for resource-limited mobile devices.
To facilitate blockchain applications in future mobile Internet of Things
systems, multiple access mobile edge computing appears to be an auspicious
solution to solve the proof-of-work puzzles for mobile users. We first
introduce a novel concept of edge computing for mobile blockchain. Then, we
introduce an economic approach for edge computing resource management.
Moreover, a prototype of mobile edge computing enabled blockchain systems is
presented with experimental results to justify the proposed concept.Comment: Accepted by IEEE Communications Magazin
- …