A privacy-preserving approach to grid balancing using scheduled electric vehicle charging

The introduction of renewable energy generation (e.g. solar and wind) in the energy distribution infrastructure makes balancing the total energy load and production in the grid more challenging due to the weather-dependent nature of these energy sources. One approach to mitigate the issue is to use weather forecasts to predict the production and then offer incentives to electric vehicle users (EVUs) to charge their vehicles during the times of energy surplus. However, doing this without leaking sensitive information about the EVUs location and identity presents challenges to the system design. This thesis proposes a privacy-preserving architecture that allows the grid operator to offer incentives for contributing to the grid stability, and to reliably and automatically quantify the extent of each contribution while still maintaining the privacy of the EVUs. Furthermore, the architecture enables decentralised privacy-preserving dispute resolution without leaking any personally identifiable information (PII). The architecture fulfils the goal by utilising self-sovereign identity technologies, such as decentralised identifiers (DIDs), and privacy-preserving digital credentials solutions, such as verifiable credentials (VCs). They allow the solution to utilise ephemeral identifiers and to compartmentalise the information into three different knowledge domains to ensure that only the minimum amount of information needed crosses any domain border. An analysis of the solution indicates that the architecture ensures relatively strong privacy guarantees to the EVUs and solves the grid balancing problem while reducing the number of assumptions to the minimum. This makes the architecture applicable to a wide set of use cases in the EV charging field. Future work includes a detailed performance analysis of a proof-of-concept (PoC), although the information available from related research already indicates relatively low latency and a good level of deployability even on resource-constrained Internet-of-things (IoT) devices

Bringing data minimization to digital wallets at scale with general-purpose zero-knowledge proofs

Today, digital identity management for individuals is either inconvenient and error-prone or creates undesirable lock-in effects and violates privacy and security expectations. These shortcomings inhibit the digital transformation in general and seem particularly concerning in the context of novel applications such as access control for decentralized autonomous organizations and identification in the Metaverse. Decentralized or self-sovereign identity (SSI) aims to offer a solution to this dilemma by empowering individuals to manage their digital identity through machine-verifiable attestations stored in a "digital wallet" application on their edge devices. However, when presented to a relying party, these attestations typically reveal more attributes than required and allow tracking end users' activities. Several academic works and practical solutions exist to reduce or avoid such excessive information disclosure, from simple selective disclosure to data-minimizing anonymous credentials based on zero-knowledge proofs (ZKPs). We first demonstrate that the SSI solutions that are currently built with anonymous credentials still lack essential features such as scalable revocation, certificate chaining, and integration with secure elements. We then argue that general-purpose ZKPs in the form of zk-SNARKs can appropriately address these pressing challenges. We describe our implementation and conduct performance tests on different edge devices to illustrate that the performance of zk-SNARK-based anonymous credentials is already practical. We also discuss further advantages that general-purpose ZKPs can easily provide for digital wallets, for instance, to create "designated verifier presentations" that facilitate new design options for digital identity infrastructures that previously were not accessible because of the threat of man-in-the-middle attacks

Assessment of attribute-based credentials for privacy-preserving road traffic services in smart cities

Smart cities involve the provision of advanced services for road traffic users. Vehicular ad hoc networks (VANETs) are a promising communication technology in this regard. Preservation of privacy is crucial in these services to foster their acceptance. Previous approaches have mainly focused on PKI-based or ID-based cryptography. However, these works have not fully addressed the minimum information disclosure principle. Thus, questions such as how to prove that a driver is a neighbour of a given zone, without actually disclosing his identity or real address, remain unaddressed. A set of techniques, referred to as Attribute-Based Credentials (ABCs), have been proposed to address this need in traditional computation scenarios. In this paper, we explore the use of ABCs in the vehicular context. For this purpose, we focus on a set of use cases from European Telecommunications Standards Institute (ETSI) Basic Set of Applications, specially appropriate for the early development of smart cities. We assess which ABC techniques are suitable for this scenario, focusing on three representative ones—Idemix, U-Prove and VANET-updated Persiano systems. Our experimental results show that they are feasible in VANETs considering state-of-the-art technologies, and that Idemix is the most promising technique for most of the considered use cases.This work was supported by the MINECO grant TIN2013-46469-R (SPINY: Security and Privacy in the Internet of You); the CAM grant S2013/ICE-3095 (CIBERDINE: Cybersecurity, Data, and Risks) and by the MINECO grant TIN2016-79095-C2-2-R (SMOG-DEV - Security mechanisms for fog computing: advanced security for devices). Jose Maria de Fuentes and Lorena Gonzalez were also supported by the Programa de Ayudas para la Movilidad of Carlos III University of Madrid

Decentralized Identities for Self-sovereign End-users (DISSENS)

This paper describes a comprehensive architecture and reference implementation for privacy-preserving identity management that bucks the trend towards centralization present in contemporary proposals. DISSENS integrates a technology stack which combines privacy-friendly online payments with self-sovereign personal data management using a decentralized directory service. This enables users to be in complete control of their digital identity and personal information while at the same time being able to selectively share information necessary to easily use commercial services. Our pilot demonstrates the viability of a sustainable, user-centric, standards-compliant and accessible use case for public service employees and students in the domain of retail e-commerce. We leverage innovative technologies including self-sovereign identity, privacy credentials, and privacy-friendly digital payments in combination with established standards to provide easy-to-adapt templates for the integration of various scenarios and use cases

Utilizing a Restricted Access e-Learning Platform for Reform, Equity, and Self-development in Correctional Facilities

Objectives: The goal of this paper is to address the issues that arose because of the exclusion of law offenders in the Greek Correctional Institutions from second chance education during the COVID-19 pandemic. During this period, the offenders were deprived of their right to equal access to second-chance education since the pandemics blocked mobility and close contact with teaching personnel. Methods/Analysis: In this paper, we propose a framework based on the Technology Acceptance Model (TAM) that will be deployed to evaluate the acceptance of the CILMS by the learners in Correctional Institutions. We describe a methodology and a set of hypotheses that can reveal the intention of learners to use the system based on several factors, such as trust, perception of privacy, perception of usefulness, and perception of self-efficacy. Findings: We suggest that eLearning and limited Internet access should be added to the list of fundamental human rights for CI detainees as well, in order to counteract their separation from physical society. Inmates are still individuals. In fact, they should be placed in solitary confinement as prescribed by the law. Novelty/Improvement:This viewpoint has been demonstrated with the development and evaluation of acceptance by inmates through the TAM technology acceptance methodology, as well as the proposal of a generic privacy-preserving Web information and services access model for CIs that can, at the same time, provide sufficient information access freedom while respecting the restrictions that should be imposed on such an access for CI inmates. Doi: 10.28991/ESJ-2022-SIED-017 Full Text: PD

A privacy-preserving design for sharing demand-driven patient datasets over permissioned blockchains and P2P secure transfer

Sharing patient datasets curated by health institutions is critical for the advance of monitoring, surveillance and research. However, patient data is sensitive data and it can only be released under certain conditions and with previous explicit consent. Privacy preserving data sharing provides techniques to distribute datasets minimizing the risk of identification of patients. However, the sharing of datasets is typically done without considering the needs or requests of data consumers. Blockchain technologies provide an opportunity to gather those requests and share and assemble datasets using privacy-preserving methods as data and requirements on anonymity match. The architecture and design of such a solution is described, assuming an underlying permissioned blockchain network where providers such as healthcare institutions deal with consent, patient preferences and anonymity guarantees, playing a mediator role to a network of organizations

Fast IDentity Online with Anonymous Credentials (FIDO-AC)

Web authentication is a critical component of today's Internet and the digital world we interact with. The FIDO2 protocol enables users to leverage common devices to easily authenticate to online services in both mobile and desktop environments following the passwordless authentication approach based on cryptography and biometric verification. However, there is little to no connection between the authentication process and users' attributes. More specifically, the FIDO protocol does not specify methods that could be used to combine trusted attributes with the FIDO authentication process generically and allows users to disclose them to the relying party arbitrarily. In essence, applications requiring attributes verification (e.g. age or expiry date of a driver's license, etc.) still rely on ad-hoc approaches, not satisfying the data minimization principle and not allowing the user to vet the disclosed data. A primary recent example is the data breach on Singtel Optus, one of the major telecommunications providers in Australia, where very personal and sensitive data (e.g. passport numbers) were leaked. This paper introduces FIDO-AC, a novel framework that combines the FIDO2 authentication process with the user's digital and non-shareable identity. We show how to instantiate this framework using off-the-shelf FIDO tokens and any electronic identity document, e.g., the ICAO biometric passport (ePassport). We demonstrate the practicality of our approach by evaluating a prototype implementation of the FIDO-AC system.Comment: to be published in the 32nd USENIX Security Symposium(USENIX 2023

Privacy-Preserving, Taxable Bank Accounts

Current banking systems do not aim to protect user privacy. Purchases made from a single bank account can be linked to each other by many parties. This could be addressed in a straight-forward way by generating unlinkable credentials from a single master credential using Camenisch and Lysyanskaya's algorithm; however, if bank accounts are taxable, some report must be made to the tax authority about each account. Using unlinkable credentials, digital cash, and zero knowledge proofs of knowledge, we present a solution that prevents anyone, even the tax authority, from knowing which accounts belong to which users, or from being able to link any account to another or to purchases or deposits