User's Privacy in Recommendation Systems Applying Online Social Network Data, A Survey and Taxonomy

Recommender systems have become an integral part of many social networks and extract knowledge from a user's personal and sensitive data both explicitly, with the user's knowledge, and implicitly. This trend has created major privacy concerns as users are mostly unaware of what data and how much data is being used and how securely it is used. In this context, several works have been done to address privacy concerns for usage in online social network data and by recommender systems. This paper surveys the main privacy concerns, measurements and privacy-preserving techniques used in large-scale online social networks and recommender systems. It is based on historical works on security, privacy-preserving, statistical modeling, and datasets to provide an overview of the technical difficulties and problems associated with privacy preserving in online social networks.Comment: 26 pages, IET book chapter on big data recommender system

Exploring personalized life cycle policies

Ambient Intelligence imposes many challenges in protecting people's privacy. Storing privacy-sensitive data permanently will inevitably result in privacy violations. Limited retention techniques might prove useful in order to limit the risks of unwanted and irreversible disclosure of privacy-sensitive data. To overcome the rigidness of simple limited retention policies, Life-Cycle policies more precisely describe when and how data could be first degraded and finally be destroyed. This allows users themselves to determine an adequate compromise between privacy and data retention. However, implementing and enforcing these policies is a difficult problem. Traditional databases are not designed or optimized for deleting data. In this report, we recall the formerly introduced life cycle policy model and the already developed techniques for handling a single collective policy for all data in a relational database management system. We identify the problems raised by loosening this single policy constraint and propose preliminary techniques for concurrently handling multiple policies in one data store. The main technical consequence for the storage structure is, that when allowing multiple policies, the degradation order of tuples will not always be equal to the insert order anymore. Apart from the technical aspects, we show that personalizing the policies introduces some inference breaches which have to be further investigated. To make such an investigation possible, we introduce a metric for privacy, which enables the possibility to compare the provided amount of privacy with the amount of privacy required by the policy

Privacy-preserving targeted advertising scheme for IPTV using the cloud

In this paper, we present a privacy-preserving scheme for targeted advertising via the Internet Protocol TV (IPTV). The scheme uses a communication model involving a collection of viewers/subscribers, a content provider (IPTV), an advertiser, and a cloud server. To provide high quality directed advertising service, the advertiser can utilize not only demographic information of subscribers, but also their watching habits. The latter includes watching history, preferences for IPTV content and watching rate, which are published on the cloud server periodically (e.g. weekly) along with anonymized demographics. Since the published data may leak sensitive information about subscribers, it is safeguarded using cryptographic techniques in addition to the anonymization of demographics. The techniques used by the advertiser, which can be manifested in its queries to the cloud, are considered (trade) secrets and therefore are protected as well. The cloud is oblivious to the published data, the queries of the advertiser as well as its own responses to these queries. Only a legitimate advertiser, endorsed with a so-called {\em trapdoor} by the IPTV, can query the cloud and utilize the query results. The performance of the proposed scheme is evaluated with experiments, which show that the scheme is suitable for practical usage

A Survey on Secure Block Storage and Access Control Using Big Data Environment

Over past few years, the amount of data being collected continuous to grow more and more companies are building Big Data repositories to store , aggregate and extract meaning from this data and securing Big Data comes main challenge. This paper presents the comparison of different encryption based algorithms i.e. Key Management for Access Control , Attribute-Based Access Control, Attribute-Based Encryption (ABE), Key Policy Attribute-Based Encryption (KP-ABE), Cipher text -Policy Attribute-Based Encryption (CP-ABE) and cryptography for security and access control, its real time applications. This comparison results cannot provide flexibility and efficiency for data analysis. The future scope of this survey on big data can be discussed by using access control algorithm

BMSQABSE: Design of a Bioinspired Model to Improve Security & QoS Performance for Blockchain-Powered Attribute-based Searchable Encryption Applications

Attribute-based searchable encryption (ABSE) is a sub-field of security models that allow intensive searching capabilities for cloud-based shared storage applications. ABSE Models require higher computational power, which limits their application to high-performance computing devices. Moreover, ABSE uses linear secret sharing scheme (LSSS), which requires larger storage when compared with traditional encryption models. To reduce computational complexity, and optimize storage cost, various researchers have proposed use of Machine Learning Models (MLMs), that assist in identification & removal of storage & computational redundancies. But most of these models use static reconfiguration, thus cannot be applied to large-scale deployments. To overcome this limitation, a novel combination of Grey Wolf Optimization (GWO) with Particle Swarm Optimization (PSO) model to improve Security & QoS performance for Blockchain-powered Attribute-based Searchable Encryption deployments is proposed in this text. The proposed model augments ABSE parameters to reduce its complexity and improve QoS performance under different real-time user request scenarios. It intelligently selects cyclic source groups with prime order & generator values to create bilinear maps that are used for ABSE operations. The PSO Model assists in generation of initial cyclic population, and verifies its security levels, QoS levels, and deployment costs under multiple real-time cloud scenarios. Based on this initial analysis, the GWO Model continuously tunes ABSE parameters in order to achieve better QoS & security performance levels via stochastic operations. The proposed BMSQABSE model was tested under different cloud configurations, and its performance was evaluated for healthcare deployments. Based on this evaluation, it was observed that the proposed model achieved 8.3% lower delay, with 4.9% lower energy consumption, 14.5% lower storage requirements when compared with standard ABSE models. It was able to mitigate Distributed Denial of Service (DDoS), Masquerading, Finney, and Sybil attacks, which assists in deploying the proposed model for QoS-aware highly secure deployments

Systematizing Genome Privacy Research: A Privacy-Enhancing Technologies Perspective

Rapid advances in human genomics are enabling researchers to gain a better understanding of the role of the genome in our health and well-being, stimulating hope for more effective and cost efficient healthcare. However, this also prompts a number of security and privacy concerns stemming from the distinctive characteristics of genomic data. To address them, a new research community has emerged and produced a large number of publications and initiatives. In this paper, we rely on a structured methodology to contextualize and provide a critical analysis of the current knowledge on privacy-enhancing technologies used for testing, storing, and sharing genomic data, using a representative sample of the work published in the past decade. We identify and discuss limitations, technical challenges, and issues faced by the community, focusing in particular on those that are inherently tied to the nature of the problem and are harder for the community alone to address. Finally, we report on the importance and difficulty of the identified challenges based on an online survey of genome data privacy expertsComment: To appear in the Proceedings on Privacy Enhancing Technologies (PoPETs), Vol. 2019, Issue