Energy efficient security and privacy management in sensor clouds

Sensor Cloud is a new model of computing for Wireless Sensor Networks, which facilitates resource sharing and enables large scale sensor networks. A multi-user distributed system, however, where resources are shared, has inherent challenges in security and privacy. The data being generated by the wireless sensors in a sensor cloud need to be protected against adversaries, which may be outsiders as well as insiders. Similarly the code which is disseminated to the sensors by the sensor cloud needs to be protected against inside and outside adversaries. Moreover, since the wireless sensors cannot support complex, energy intensive measures, the security and privacy of the data and the code have to be attained by way of lightweight algorithms. In this work, we first present two data aggregation algorithms, one based on an Elliptic Curve Cryptosystem (ECC) and the other based on symmetric key system, which provide confidentiality and integrity of data against an outside adversary and privacy against an in network adversary. A fine grained access control scheme which works on the securely aggregated data is presented next. This scheme uses Attribute Based Encryption (ABE) to achieve this objective. Finally, to securely and efficiently disseminate code in the sensor cloud, we present a code dissemination algorithm which first reduces the amount of code to be transmitted from the base station. It then uses Symmetric Proxy Re-encryption along with Bloom filters and HMACs to protect the code against eavesdropping and false code injection attacks. --Abstract, page iv

DEP2SA: A Decentralized Efficient Privacy-Preserving and Selective Aggregation Scheme in Advanced Metering Infrastructure

This paper proposes a novel solution, called a decentralized, efficient, privacy-preserving, and selective aggregation (DEP2SA) scheme, designed to support secure and user privacy-preserving data collection in the advanced metering infrastructure. DEP2SA is more efficient and applicable in real-life deployment, as compared with the state of the art, by adopting and adapting a number of key technologies: 1) it uses a multi-recipient system model, making it more applicable to a liberalized electricity market; 2) it uses the homomorphic Paillier encryption and selective aggregation methods to protect users' consumption data against both external and internal attacks, thus making it more secure; 3) it aggregates data at the gateways that are closest to the data originator, thus saving bandwidth and reducing the risk of creating a performance bottleneck in the system; and 4) it uses short signature and batch signature verification methods to further reduce computational and communication overheads imposed on aggregating nodes. The scheme has been analyzed in terms of security, computational, and communication overheads, and the results show that it is more secure, efficient, and scalable than related schemes

Game Theory Based Privacy Protection for Context-Aware Services

In the era of context-aware services, users are enjoying remarkable services based on data collected from a multitude of users. To receive services, they are at risk of leaking private information from adversaries possibly eavesdropping on the data and/or the un--trusted service platform selling off its data. Malicious adversaries may use leaked information to violate users\u27 privacy in unpredictable ways. To protect users\u27 privacy, many algorithms are proposed to protect users\u27 sensitive information by adding noise, thus causing context-aware service quality loss. Game theory has been utilized as a powerful tool to balance the tradeoff between privacy protection level and service quality. However, most of the existing schemes fail to depict the mutual relationship between any two parties involved: user, platform, and adversary. There is also an oversight to formulate the interaction occurring between multiple users, as well as the interaction between any two attributes. To solve these issues, this dissertation firstly proposes a three-party game framework to formulate the mutual interaction between three parties and study the optimal privacy protection level for context-aware services, thus optimize the service quality. Next, this dissertation extends the framework to a multi-user scenario and proposes a two-layer three-party game framework. This makes the proposed framework more realistic by further exploring the interaction, not only between different parties, but also between users. Finally, we focus on analyzing the impact of long-term time-serial data and the active actions of the platform and adversary. To achieve this objective, we design a three-party Stackelberg game model to help the user to decide whether to update information and the granularity of updated information

Leveraging the Channel as a Sensor: Real-time Vehicle Classification Using Multidimensional Radio-fingerprinting

Upcoming Intelligent Transportation Systems (ITSs) will transform roads from static resources to dynamic Cyber Physical Systems (CPSs) in order to satisfy the requirements of future vehicular traffic in smart city environments. Up-to-date information serves as the basis for changing street directions as well as guiding individual vehicles to a fitting parking slot. In this context, not only abstract indicators like traffic flow and density are required, but also data about mobility parameters and class information of individual vehicles. Consequently, accurate and reliable systems that are capable of providing these kinds of information in real-time are highly demanded. In this paper, we present a system for classifying vehicles based on their radio-fingerprints which applies cutting-edge machine learning models and can be non-intrusively installed into the existing road infrastructure in an ad-hoc manner. In contrast to other approaches, it is able to provide accurate classification results without causing privacy-violations or being vulnerable to challenging weather conditions. Moreover, it is a promising candidate for large-scale city deployments due to its cost-efficient installation and maintenance properties. The proposed system is evaluated in a comprehensive field evaluation campaign within an experimental live deployment on a German highway, where it is able to achieve a binary classification success ratio of more than 99% and an overall accuracy of 89.15% for a fine-grained classification task with nine different classes