Attribute Based Cryptographic Enforcements for Security and Privacy in E-health Environments

publishedVersio

Attribute-based Anonymous Credential: Optimization for Single-Use and Multi-Use

User attributes can be authenticated by an attribute-based anonymous credential while keeping the anonymity of the user. Most attribute-based anonymous credential schemes are designed specifically for either multi-use or single-use. In this paper, we propose a unified attribute-based anonymous credential system, in which users always obtain the same format of credential from the issuer. The user can choose to use it for an efficient multi-use or single-use show proof. It is a more user-centric approach than the existing schemes. Technically, we propose an interactive approach to the credential issuance protocol using a two-party computation with an additive homomorphic encryption. At the same time, it keeps the security property of impersonation resilience, anonymity, and unlinkability. Apart from the interactive protocol, we further design the show proofs for efficient single-use credentials which maintain the user anonymity

Hierarchical Group and Attribute-Based Access Control: Incorporating Hierarchical Groups and Delegation into Attribute-Based Access Control

Attribute-Based Access Control (ABAC) is a promising alternative to traditional models of access control (i.e. Discretionary Access Control (DAC), Mandatory Access Control (MAC) and Role-Based Access control (RBAC)) that has drawn attention in both recent academic literature and industry application. However, formalization of a foundational model of ABAC and large-scale adoption is still in its infancy. The relatively recent popularity of ABAC still leaves a number of problems unexplored. Issues like delegation, administration, auditability, scalability, hierarchical representations, etc. have been largely ignored or left to future work. This thesis seeks to aid in the adoption of ABAC by filling in several of these gaps. The core contribution of this work is the Hierarchical Group and Attribute-Based Access Control (HGABAC) model, a novel formal model of ABAC which introduces the concept of hierarchical user and object attribute groups to ABAC. It is shown that HGABAC is capable of representing the traditional models of access control (MAC, DAC and RBAC) using this group hierarchy and that in many cases it’s use simplifies both attribute and policy administration. HGABAC serves as the basis upon which extensions are built to incorporate delegation into ABAC. Several potential strategies for introducing delegation into ABAC are proposed, categorized into families and the trade-offs of each are examined. One such strategy is formalized into a new User-to-User Attribute Delegation model, built as an extension to the HGABAC model. Attribute Delegation enables users to delegate a subset of their attributes to other users in an off-line manner (not requiring connecting to a third party). Finally, a supporting architecture for HGABAC is detailed including descriptions of services, high-level communication protocols and a new low-level attribute certificate format for exchanging user and connection attributes between independent services. Particular emphasis is placed on ensuring support for federated and distributed systems. Critical components of the architecture are implemented and evaluated with promising preliminary results. It is hoped that the contributions in this research will further the acceptance of ABAC in both academia and industry by solving the problem of delegation as well as simplifying administration and policy authoring through the introduction of hierarchical user groups

Privacy Enhancing Technologies for solving the privacy-personalization paradox : taxonomy and survey

Personal data are often collected and processed in a decentralized fashion, within different contexts. For instance, with the emergence of distributed applications, several providers are usually correlating their records, and providing personalized services to their clients. Collected data include geographical and indoor positions of users, their movement patterns as well as sensor-acquired data that may reveal users’ physical conditions, habits and interests. Consequently, this may lead to undesired consequences such as unsolicited advertisement and even to discrimination and stalking. To mitigate privacy threats, several techniques emerged, referred to as Privacy Enhancing Technologies, PETs for short. On one hand, the increasing pressure on service providers to protect users’ privacy resulted in PETs being adopted. One the other hand, service providers have built their business model on personalized services, e.g. targeted ads and news. The objective of the paper is then to identify which of the PETs have the potential to satisfy both usually divergent - economical and ethical - purposes. This paper identifies a taxonomy classifying eight categories of PETs into three groups, and for better clarity, it considers three categories of personalized services. After defining and presenting the main features of PETs with illustrative examples, the paper points out which PETs best fit each personalized service category. Then, it discusses some of the inter-disciplinary privacy challenges that may slow down the adoption of these techniques, namely: technical, social, legal and economic concerns. Finally, it provides recommendations and highlights several research directions

Contributions to the privacy provisioning for federated identity management platforms

Identity information, personal data and user’s profiles are key assets for organizations and companies by becoming the use of identity management (IdM) infrastructures a prerequisite for most companies, since IdM systems allow them to perform their business transactions by sharing information and customizing services for several purposes in more efficient and effective ways. Due to the importance of the identity management paradigm, a lot of work has been done so far resulting in a set of standards and specifications. According to them, under the umbrella of the IdM paradigm a person’s digital identity can be shared, linked and reused across different domains by allowing users simple session management, etc. In this way, users’ information is widely collected and distributed to offer new added value services and to enhance availability. Whereas these new services have a positive impact on users’ life, they also bring privacy problems. To manage users’ personal data, while protecting their privacy, IdM systems are the ideal target where to deploy privacy solutions, since they handle users’ attribute exchange. Nevertheless, current IdM models and specifications do not sufficiently address comprehensive privacy mechanisms or guidelines, which enable users to better control over the use, divulging and revocation of their online identities. These are essential aspects, specially in sensitive environments where incorrect and unsecured management of user’s data may lead to attacks, privacy breaches, identity misuse or frauds. Nowadays there are several approaches to IdM that have benefits and shortcomings, from the privacy perspective. In this thesis, the main goal is contributing to the privacy provisioning for federated identity management platforms. And for this purpose, we propose a generic architecture that extends current federation IdM systems. We have mainly focused our contributions on health care environments, given their particularly sensitive nature. The two main pillars of the proposed architecture, are the introduction of a selective privacy-enhanced user profile management model and flexibility in revocation consent by incorporating an event-based hybrid IdM approach, which enables to replace time constraints and explicit revocation by activating and deactivating authorization rights according to events. The combination of both models enables to deal with both online and offline scenarios, as well as to empower the user role, by letting her to bring together identity information from different sources. Regarding user’s consent revocation, we propose an implicit revocation consent mechanism based on events, that empowers a new concept, the sleepyhead credentials, which is issued only once and would be used any time. Moreover, we integrate this concept in IdM systems supporting a delegation protocol and we contribute with the definition of mathematical model to determine event arrivals to the IdM system and how they are managed to the corresponding entities, as well as its integration with the most widely deployed specification, i.e., Security Assertion Markup Language (SAML). In regard to user profile management, we define a privacy-awareness user profile management model to provide efficient selective information disclosure. With this contribution a service provider would be able to accesses the specific personal information without being able to inspect any other details and keeping user control of her data by controlling who can access. The structure that we consider for the user profile storage is based on extensions of Merkle trees allowing for hash combining that would minimize the need of individual verification of elements along a path. An algorithm for sorting the tree as we envision frequently accessed attributes to be closer to the root (minimizing the access’ time) is also provided. Formal validation of the above mentioned ideas has been carried out through simulations and the development of prototypes. Besides, dissemination activities were performed in projects, journals and conferences.Programa Oficial de Doctorado en Ingeniería TelemáticaPresidente: María Celeste Campo Vázquez.- Secretario: María Francisca Hinarejos Campos.- Vocal: Óscar Esparza Martí

Identity and identification in an information society: Augmenting formal systems of identification with technological artefacts

Information and Communication Technology (ICT) are transforming society’s information flows. These new interactive environments decouple agents, information and actions from their original contexts and this introduces challenges when evaluating trustworthiness and intelligently placing trust.This thesis develops methods that can extend institutional trust into digitally enhanced interactive settings. By applying privacy-preserving cryptographic protocols within a technical architecture, this thesis demonstrates how existing human systems of identification that support institutional trust can be augmented with ICT in ways that distribute trust, respect privacy and limit the potential for abuse. Importantly, identification systems are located within a sociologically informed framework of interaction where identity is more than a collection of static attributes.A synthesis of the evolution and systematisation of cryptographic knowledge is presented and this is juxtaposed against the ideas developed within the digital identity community. The credential mechanism, first conceptualised by David Chaum, has matured into a number of well specified mathematical protocols. This thesis focuses on CL-RSA and BBS+, which are both signature schemes with efficient protocols that can instantiate a credential mechanism with strong privacy-preserving properties.The processes of managing the identification of healthcare professionals as they navigate their careers within the Scottish Healthcare Ecosystem provide a concrete case study for this work. The proposed architecture mediates the exchange of verifiable, integrity-assured evidence that has been cryptographically signed by relevant healthcare institutions, but is stored, managed and presented by the healthcare professionals to whom the evidence pertains.An evaluation of the integrity-assured transaction data produced by this architecture demonstrates how it could be integrated into digitally augmented identification processes, increasing the assurance that can be placed in these processes. The technical architecture is shown to be practical through a series of experiments run under realistic production-like settings.This work demonstrates that designing decentralised, standards-based, privacy-preserving identification systems for trusted professionals within highly assured social contexts can distribute institutionalised trust to trustworthy individuals and empower these individuals to interface with society’s increasingly socio-technical systems

Outsourced decentralized multi-authority attribute based signature and its application in IoT

IoT devices often collect data and store the data in the cloud for sharing and further processing. A natural solution for secure access is directly using the device owner?s identity as the private key to generate a signature for data authentication. However this will simultaneously expose this identity. Attribute based signature (ABS), which takes the signer?s attributes instead of his/her identity as the private key, can realize data authentication while preserving the signer?s identity privacy. In ABS, there are multiple authorities that issue different private keys for signers based on their various attributes, and a central authority is usually established to manage all these attribute authorities. However, one security concern is that if the central authority is compromised, the whole system will be broken. In this paper, we present an outsourced decentralized multi-authority attribute based signature (ODMA-ABS) scheme. The proposed ODMAABS achieves attribute privacy and stronger authority-corruption resistance than existing multi-authority attribute based signature schemes. In addition, the overhead to generate a signature is further reduced by outsourcing expensive computation to a signing cloud server. We provide extensive security analysis and experimental simulation of the proposed scheme. We also propose an access control scheme that is based on ODMA-ABS

Security and Privacy Preservation in Mobile Advertising

Mobile advertising is emerging as a promising advertising strategy, which leverages prescriptive analytics, location-based distribution, and feedback-driven marketing to engage consumers with timely and targeted advertisements. In the current mobile advertising system, a third-party ad broker collects and manages advertisements for merchants who would like to promote their business to mobile users. Based on its large-scale database of user profiles, the ad broker can help the merchants to better reach out to customers with related interests and charges the merchants for ad dissemination services. Recently, mobile advertising technology has dominated the digital advertising industry and has become the main source of income for IT giants. However, there are many security and privacy challenges that may hinder the continuous success of the mobile advertising industry. First, there is a lack of advertising transparency in the current mobile advertising system. For example, mobile users are concerned about the reliability and trustworthiness of the ad dissemination process and advertising review system. Without proper countermeasures, mobile users can install ad-blocking software to filter out irrelevant or even misleading advertisements, which may lower the advertising investments from merchants. Second, as more strict privacy regulations (e.g. European General Data Privacy Regulations) take effect, it is critical to protect mobile users’ personal profiles from illegal sharing and exposure in the mobile advertising system. In this thesis, three security and privacy challenges for the mobile advertising system are identified and addressed with the designs, implementations, and evaluations of a blockchain-based architecture. First, we study the anonymous review system for the mobile advertising industry. When receiving advertisements from a specific merchant (e.g. a nearby restaurant), mobile users are more likely to browse the previous reviews about the merchant for quality-of-service assessments. However, current review systems are known for the lack of system transparency and are subject to many attacks, such as double reviews and deletions of negative reviews. We exploit the tamper-proof nature and the distributed consensus mechanism of the blockchain technology, to design a blockchain-based review system for mobile advertising, where review accumulations are transparent and verifiable to the public. To preserve user review privacy, we further design an anonymous review token generation scheme, where users are encouraged to leave reviews anonymously while still ensuring the review authenticity. We also explore the implementation challenges of the blockchain-based system on an Ethereum testing network and the experimental results demonstrate the application feasibility of the proposed anonymous review system. Second, we investigate the transparency issues for the targeted ad dissemination process. Specifically, we focus on a specific mobile advertising application: vehicular local advertising, where vehicular users send spatial-keyword queries to ad brokers to receive location-aware advertisements. To build a transparent advertising system, the ad brokers are required to provide mobile users with explanations on the ad dissemination process, e.g., why a specific ad is disseminated to a mobile user. However, such transparency explanations are often found incomplete and sometimes even misleading, which may lower the user trust on the advertising system if without proper countermeasures. Therefore, we design an advertising smart contract to efficiently realize a publicly verifiable spatial-keyword query scheme. Instead of directly implementing the spatial-keyword query scheme on the smart contract with prohibitive storage and computation cost, we exploit the on/off-chain computation models to trade the expensive on-chain cost for cheap off-chain cost. With two design strategies: digest-and-verify and divide-then-assemble, the on-chain cost for a single spatial keyword query is reduced to constant regardless of the scale of the spatial-keyword database. Extensive experiments are conducted to provide both on-chain and off-chain benchmarks with a verifiable computation framework. Third, we explore another critical requirement of the mobile advertising system: public accountability enforcement against advertising misconducts, if (1) mobile users receive irrelevant ads, or (2) advertising policies of merchants are not correctly computed in the ad dissemination process. This requires the design of a composite Succinct Non-interactive ARGument (SNARG) system, that can be tailored for different advertising transparency requirements and is efficient for the blockchain implementations. Moreover, pursuing public accountability should also achieve a strict privacy guarantee for the user profile. We also propose an accountability contract which can receive explanation requirements from both mobile users and merchants. To promote prompt on-chain responses, we design an incentive mechanism based on the pre-deposits of involved parties, i.e., ad brokers, mobile users, and merchants. If any advertising misconduct is identified, public accountability can be enforced by confiscating the pre-deposits of the misbehaving party. Comprehensive experiments and analyses are conducted to demonstrate the versatile functionalities and feasibility of the accountability contract. In summary, we have designed, implemented, and evaluated a blockchain-based architecture for security and privacy preservations in the mobile advertising. The designed architecture can not only enhance the transparency and accountability for the mobile advertising system, but has also achieved notably on-chain efficiency and privacy for real-world implementations. The results from the thesis may shed light on the future research and practice of a blockchain-based architecture for the privacy regulation compliance in the mobile advertising

Secure Computation in Heterogeneous Environments: How to Bring Multiparty Computation Closer to Practice?

Many services that people use daily require computation that depends on the private data of multiple parties. While the utility of the final result of such interactions outweighs the privacy concerns related to output release, the inputs for such computations are much more sensitive and need to be protected. Secure multiparty computation (MPC) considers the question of constructing computation protocols that reveal nothing more about their inputs than what is inherently leaked by the output. There have been strong theoretical results that demonstrate that every functionality can be computed securely. However, these protocols remain unused in practical solutions since they introduce efficiency overhead prohibitive for most applications. Generic multiparty computation techniques address homogeneous setups with respect to the resources available to the participants and the adversarial model. On the other hand, realistic scenarios present a wide diversity of heterogeneous environments where different participants have different available resources and different incentives to misbehave and collude. In this thesis we introduce techniques for multiparty computation that focus on heterogeneous settings. We present solutions tailored to address different types of asymmetric constraints and improve the efficiency of existing approaches in these scenarios. We tackle the question from three main directions: New Computational Models for MPC - We explore different computational models that enable us to overcome inherent inefficiencies of generic MPC solutions using circuit representation for the evaluated functionality. First, we show how we can use random access machines to construct MPC protocols that add only polylogarithmic overhead to the running time of the insecure version of the underlying functionality. This allows to achieve MPC constructions with computational complexity sublinear in the size for their inputs, which is very important for computations that use large databases. We also consider multivariate polynomials which yield more succinct representations for the functionalities they implement than circuits, and at the same time a large collection of problems are naturally and efficiently expressed as multivariate polynomials. We construct an MPC protocol for multivariate polynomials, which improves the communication complexity of corresponding circuit solutions, and provides currently the most efficient solution for multiparty set intersection in the fully malicious case. Outsourcing Computation - The goal in this setting is to utilize the resources of a single powerful service provider for the work that computationally weak clients need to perform on their data. We present a new paradigm for constructing verifiable computation (VC) schemes, which enables a computationally limited client to verify efficiently the result of a large computation. Our construction is based on attribute-based encryption and avoids expensive primitives such as fully homomorphic encryption andprobabilistically checkable proofs underlying existing VC schemes. Additionally our solution enjoys two new useful properties: public delegation and verification. We further introduce the model of server-aided computation where we utilize the computational power of an outsourcing party to assist the execution and improve the efficiency of MPC protocols. For this purpose we define a new adversarial model of non-collusion, which provides room for more efficient constructions that rely almost completely only on symmetric key operations, and at the same time captures realistic settings for adversarial behavior. In this model we propose protocols for generic secure computation that offload the work of most of the parties to the computation server. We also construct a specialized server-aided two party set intersection protocol that achieves better efficiencies for the two participants than existing solutions. Outsourcing in many cases concerns only data storage and while outsourcing the data of a single party is useful, providing a way for data sharing among different clients of the service is the more interesting and useful setup. However, this scenario brings new challenges for access control since the access control rules and data accesses become private data for the clients with respect to the service provide. We propose an approach that offers trade-offs between the privacy provided for the clients and the communication overhead incurred for each data access. Efficient Private Search in Practice - We consider the question of private search from a different perspective compared to traditional settings for MPC. We start with strict efficiency requirements motivated by speeds of available hardware and what is considered acceptable overhead from practical point of view. Then we adopt relaxed definitions of privacy, which still provide meaningful security guarantees while allowing us to meet the efficiency requirements. In this setting we design a security architecture and implement a system for data sharing based on encrypted search, which achieves only 30% overhead compared to non-secure solutions on realistic workloads