Attribute Based Cryptographic Enforcements for Security and Privacy in E-health Environments

publishedVersio

Is Blockchain for Internet of Medical Things a Panacea for COVID-19 Pandemic?

The outbreak of the COVID-19 pandemic has deeply influenced the lifestyle of the general public and the healthcare system of the society. As a promising approach to address the emerging challenges caused by the epidemic of infectious diseases like COVID-19, Internet of Medical Things (IoMT) deployed in hospitals, clinics, and healthcare centers can save the diagnosis time and improve the efficiency of medical resources though privacy and security concerns of IoMT stall the wide adoption. In order to tackle the privacy, security, and interoperability issues of IoMT, we propose a framework of blockchain-enabled IoMT by introducing blockchain to incumbent IoMT systems. In this paper, we review the benefits of this architecture and illustrate the opportunities brought by blockchain-enabled IoMT. We also provide use cases of blockchain-enabled IoMT on fighting against the COVID-19 pandemic, including the prevention of infectious diseases, location sharing and contact tracing, and the supply chain of injectable medicines. We also outline future work in this area.Comment: 15 pages, 8 figure

Blockchain Driven Access Control Mechanisms, Models and Frameworks: A Systematic Literature Review

Access control or authorization is referred to as the confinement of specific actions of an entity, thereby allowing them to be performed as per certain rules. Blockchain-driven access control mechanisms gained considerable attention directly after applications beyond the premise of cryptocurrency were found. However, there are no systematic efforts to analyze existing empirical evidence. To this end, we aim to synthesize litera- ture to understand the state-of-the-art blockchain driven access control mechanisms with respect to underlying platforms, utilized blockchain properties, nature of the mod- els and associated testbeds and tools. We conducted the review in a systematic way. Meta analysis and thematic synthesis were performed on the findings from relevant primary studies, in order to answer the framed research questions in perspective. We identified 76 relevant primary studies that passed the quality assessment.  The problems targeted by relevant studies were single point of failure, security, and privacy, etc. The meta-analysis of the primary studies suggests the use of different blockchain platforms along with several application domains where different blockchain proprieties were utilized. In this paper, we present a systematic literature review of blockchain driven access control systems. In hindsight, we present a taxonomy of blockchain-driven access control systems to better understand the immense implications of this field spanning various application domain

Attribute-based Anonymous Credential: Optimization for Single-Use and Multi-Use

User attributes can be authenticated by an attribute-based anonymous credential while keeping the anonymity of the user. Most attribute-based anonymous credential schemes are designed specifically for either multi-use or single-use. In this paper, we propose a unified attribute-based anonymous credential system, in which users always obtain the same format of credential from the issuer. The user can choose to use it for an efficient multi-use or single-use show proof. It is a more user-centric approach than the existing schemes. Technically, we propose an interactive approach to the credential issuance protocol using a two-party computation with an additive homomorphic encryption. At the same time, it keeps the security property of impersonation resilience, anonymity, and unlinkability. Apart from the interactive protocol, we further design the show proofs for efficient single-use credentials which maintain the user anonymity

Analyzing the Prospects of Blockchain in Healthcare Industry

Deployment of a secured healthcare information is a major challenge in a web based environment. Ehealth services are subjected to same security threats as other services. The purpose of blockchain is to provide a structure and security to the organization data. Healthcare data deals with confidential information. The medical records can be well organized and empower their propagation in a secured manner through the usage of blockchain technology. The study throws light on providing security of health services through blockchain technology. The authors have analysed the various aspects of role of blockchain in healthcare through an extensive literature review. The application of blockchain in covid-19 has also been analysed and discussed in the study. Further application of blockchain in Indian healthcare has been highlighted in the paper. The study provides suggestions for strengthening the healthcare system by blending machine learning, artificial intelligence, big data, IoT with blockchain

RobotChain: Artificial Intelligence on a Blockchain using Tezos Technology

Blockchain technology is not only growing everyday at a fast-passed rhythm, but it is also a disruptive technology that has changed how we look at financial transactions. By providing a way to trust an unknown network and by allowing us to conduct transactions without the need for a central authority, blockchain has grown exponentially. Moreover, blockchain also provides decentralization of the data, immutability, accessibility, non-repudiation and irreversibility properties that makes this technology a must in many industries. But, even thought blockchain provides interesting properties, it has not been extensively used outside the financial scope. Similarly, robots have been increasingly used in factories to automate tasks that range from picking objects, to transporting them and also to work collaboratively with humans to perform complex tasks. It is important to enforce that robots act between legal and moral boundaries and that their events and data are securely stored and auditable. This rarely happens, as robots are programmed to do a specific task without certainty that that task will always be performed correctly and their data is either locally stored, without security measures, or disregarded. This means that the data, especially logs, can be altered, which means that robots and manufacturers can be accused of problems that they did not cause. Henceforth, in this work, we sought to integrate blockchain with robotics with the goal to provide enhanced security to robots, to the data and to leverage artificial intelligence algorithms. By doing an extensive overview of the methods that integrate blockchain and artificial intelligence or robotics, we found that this is a growing field but there is a lack of proposals that try to improve robotic systems by using blockchain. It was also clear that most of the existing proposals that integrate artificial intelligence and blockchain, are focused on building marketplaces and only use the latter to storage transactions. So, in this document, we proposed three different methods that use blockchain to solve different problems associated with robots. The first one is a method to securely store robot logs in a blockchain by using smart-contracts as storage and automatically detect when anomalies occur in a robot by using the data contained in the blockchain and a smart-contract. By using smart-contracts, it is assured that the data is secure and immutable as long as the blockchain has enough peers to participate in the consensus process. The second method goes beyond registering events to also register information about external sensors, like a camera, and by using smart-contracts to allow Oracles to interact with the blockchain, it was possible to leverage image analysis algorithms that can detect the presence of material to be picked. This information is then inserted into a smart-contract that automatically defines the movement that a robot should have, regarding the number of materials present to be picked. The third proposal is a method that uses blockchain to store information about the robots and the images derived from a Kinect. This information is then used by Oracles that check if there is any person located inside a robot workspace. If there is any, this information is stored and different Oracles try to identify the person. Then, a smart-contract acts appropriately by changing or even stopping the robot depending on the identity of the person and if the person is located inside the warning or the critical zone surrounding the robot. With this work, we show how blockchain can be used in robotic environments and how it can beneficial in contexts where multi-party cooperation, security, and decentralization of the data is essential. We also show how Oracles can interact with the blockchain and distributively cooperate to leverage artificial intelligence algorithms to perform analysis in the data that allow us to detect robotic anomalies, material in images and the presence of people. We also show that smart-contracts can be used to perform more tasks than just serve the purpose of automatically do monetary transactions. The proposed architectures are modular and can be used in multiple contexts such as in manufacturing, network control, robot control, and others since they are easy to integrate, adapt, maintain and extend to new domains. We expect that the intersection of blockchain and robotics will shape part of the future of robotics once blockchain is more widely used and easy to integrate. This integration will be very prominent in tasks where robots need to behave under certain constraints, in swarm robotics due to the fact that blockchain offers global information and in factories because the actions undertaken by a robot can easily be extended to the rest of the robots by using smart-contracts.Hoje em dia é possível ver que a blockchain não está apenas a crescer a um ritmo exponencial, mas que é também uma tecnologia disruptiva que mudou a forma como trabalhamos com transações financeiras. Ao fornecer uma maneira eficiente de confiar numa rede desconhecida e de permitir realizar transações sem a necessidade de uma autoridade central, a blockchain cresceu rapidamente. Além disso, a blockchain fornece também descentralização de dados, imutabilidade, acessibilidade, não-repúdio e irreversibilidade, o que torna esta tecnologia indispensável em muitos setores. Mas, mesmo fornecendo propriedades interessantes, a blockchain não tem sido amplamente utilizada fora do âmbito financeiro. Da mesma forma, os robôs têm sido cada vez mais utilizados em fábricas para automatizar tarefas que vão desde pegar objetos, transportá-los e colaborar com humanos para realizar tarefas complexas. Porém, é importante impor que os robôs atuem entre certos limites legais e morais e que seus eventos e dados são armazenados com segurança e que estes possam ser auditáveis. O problema é que isso raramente acontece. Os robôs são programados para executar uma tarefa específica sem se ter total certeza de que essa tarefa irá ser executada sempre de maneira correta, e os seus dados são armazenados localmente, desconsiderando a segurança dos dados. Sendo que em muitas ocasiões, não existe qualquer segurança. Isso significa que os dados, especialmente os logs, podem ser alterados, o que pode resultar em que os robôs e, pela mesma linha de pensamento, os fabricantes, possam ser acusados de problemas que não causaram. Tendo isto em consideração, neste trabalho, procuramos integrar a blockchain com a robótica, com o objetivo de proporcionar maior segurança aos robôs e aos dados que geram e potenciar ainda a utilização de algoritmos de inteligência artificial. Fazendo uma visão abrangente dos métodos que propõem integrar a blockchain e inteligência artificial ou robótica, descobrimos que este é um campo em crescimento, mas que há uma falta de propostas que tentem melhorar os sistemas robóticos utilizando a blockchain. Ficou também claro que a maioria das propostas existentes que integram inteligência artificial e blockchain estão focadas na construção de marketplaces e só utilizam a blockchain para armazenar a informação sobre as transações que foram executadas. Assim, neste documento, propomos três métodos que utilizam a blockchain para resolver diferentes problemas associados a robôs. O primeiro é um método para armazenar, com segurança, logs de robôs dentro de uma blockchain, utilizando para isso smart-contracts como armazenamento. Neste método foi também proposta uma maneira de detetar anomalias em robôs automaticamente, utilizando para isso os dados contidos na blockchain e smart-contracts para definir a lógica do algoritmo. Ao utilizar smart-contracts, é garantido que os dados são seguros e imutáveis, desde que a blockchain contenha nós suficientes a participar no algoritmo de consenso. O segundo método vai além de registar eventos, para registar também informações sobre sensores externos, como uma câmara, e utilizando smart-contracts para permitir que Óraculos interajam com a blockchain, foi possível utilizar algoritmos de análise de imagens, que podem detetar a presença de material para ser recolhido. Esta informação é então inserida num smart-contract que define automaticamente o movimento que um robô deve ter, tendo em consideração a quantidade de material à espera para ser recolhida. A terceira proposta é um método que utiliza a blockchain para armazenar informações sobre robôs, e imagens provenientes de uma Kinect. Esta informação é então utilizada por Óraculos que verificam se existe alguma pessoa dentro do um espaço de trabalho de um robô. Se existir alguém, essa informação é armazenada e diferentes Óraculos tentam identificar a pessoa. No fim, um smart-contract age apropriadamente, mudando ou até mesmo parando o robô, dependendo da identidade da Com este trabalho, mostramos como a blockchain pode ser utilizada em ambientes onde existam robôs e como esta pode ser benéfica em contextos onde a cooperação entre várias entidades, a segurança e a descentralização dos dados são essenciais. Mostramos também como Óraculos podem interagir com a blockchain e cooperar de forma distribuída, para alavancar algoritmos de inteligência artificial de forma a realizar análises nos dados, o que nos permite detetar anomalias robóticas, material para ser recolhido e a presença de pessoas em imagens. Mostramos também que os smart-contracts podem ser utilizados para executar mais tarefas do que servir o propósito de fazer transações monetárias de forma automática. As arquiteturas propostas neste trabalho são modulares e podem ser utilizadas em vários contextos, como no fabrico de peças, controle de robô e outras. Devido ao facto de que as arquiteturas propostas, são fáceis de integrar, adaptar, manter e estender a novos domínios. A nossa opinião é que a interseção entre a blockchain e a robótica irá moldar parte do futuro da robótica moderna assim que a blockchain seja mais utilizada e fácil de integrar em sistemas robóticos. Esta integração será muito proeminente em tarefas onde os robôs precisam de se comportar sob certas restrições, em enxames de robôs, devido ao fato de que a blockchain fornece informação global sobre o estado da rede, e também em fábricas, porque as ações realizadas por um robô podem ser facilmente estendidas ao resto dos robôs, e porque fornece um mecanismo extra de segurança aos dados e a todas as ações que são efetuadas com ajuda de smart-contracts

Privacy Enhancing Technologies for solving the privacy-personalization paradox : taxonomy and survey

Personal data are often collected and processed in a decentralized fashion, within different contexts. For instance, with the emergence of distributed applications, several providers are usually correlating their records, and providing personalized services to their clients. Collected data include geographical and indoor positions of users, their movement patterns as well as sensor-acquired data that may reveal users’ physical conditions, habits and interests. Consequently, this may lead to undesired consequences such as unsolicited advertisement and even to discrimination and stalking. To mitigate privacy threats, several techniques emerged, referred to as Privacy Enhancing Technologies, PETs for short. On one hand, the increasing pressure on service providers to protect users’ privacy resulted in PETs being adopted. One the other hand, service providers have built their business model on personalized services, e.g. targeted ads and news. The objective of the paper is then to identify which of the PETs have the potential to satisfy both usually divergent - economical and ethical - purposes. This paper identifies a taxonomy classifying eight categories of PETs into three groups, and for better clarity, it considers three categories of personalized services. After defining and presenting the main features of PETs with illustrative examples, the paper points out which PETs best fit each personalized service category. Then, it discusses some of the inter-disciplinary privacy challenges that may slow down the adoption of these techniques, namely: technical, social, legal and economic concerns. Finally, it provides recommendations and highlights several research directions

Security and Privacy Preservation in Mobile Advertising

Mobile advertising is emerging as a promising advertising strategy, which leverages prescriptive analytics, location-based distribution, and feedback-driven marketing to engage consumers with timely and targeted advertisements. In the current mobile advertising system, a third-party ad broker collects and manages advertisements for merchants who would like to promote their business to mobile users. Based on its large-scale database of user profiles, the ad broker can help the merchants to better reach out to customers with related interests and charges the merchants for ad dissemination services. Recently, mobile advertising technology has dominated the digital advertising industry and has become the main source of income for IT giants. However, there are many security and privacy challenges that may hinder the continuous success of the mobile advertising industry. First, there is a lack of advertising transparency in the current mobile advertising system. For example, mobile users are concerned about the reliability and trustworthiness of the ad dissemination process and advertising review system. Without proper countermeasures, mobile users can install ad-blocking software to filter out irrelevant or even misleading advertisements, which may lower the advertising investments from merchants. Second, as more strict privacy regulations (e.g. European General Data Privacy Regulations) take effect, it is critical to protect mobile users’ personal profiles from illegal sharing and exposure in the mobile advertising system. In this thesis, three security and privacy challenges for the mobile advertising system are identified and addressed with the designs, implementations, and evaluations of a blockchain-based architecture. First, we study the anonymous review system for the mobile advertising industry. When receiving advertisements from a specific merchant (e.g. a nearby restaurant), mobile users are more likely to browse the previous reviews about the merchant for quality-of-service assessments. However, current review systems are known for the lack of system transparency and are subject to many attacks, such as double reviews and deletions of negative reviews. We exploit the tamper-proof nature and the distributed consensus mechanism of the blockchain technology, to design a blockchain-based review system for mobile advertising, where review accumulations are transparent and verifiable to the public. To preserve user review privacy, we further design an anonymous review token generation scheme, where users are encouraged to leave reviews anonymously while still ensuring the review authenticity. We also explore the implementation challenges of the blockchain-based system on an Ethereum testing network and the experimental results demonstrate the application feasibility of the proposed anonymous review system. Second, we investigate the transparency issues for the targeted ad dissemination process. Specifically, we focus on a specific mobile advertising application: vehicular local advertising, where vehicular users send spatial-keyword queries to ad brokers to receive location-aware advertisements. To build a transparent advertising system, the ad brokers are required to provide mobile users with explanations on the ad dissemination process, e.g., why a specific ad is disseminated to a mobile user. However, such transparency explanations are often found incomplete and sometimes even misleading, which may lower the user trust on the advertising system if without proper countermeasures. Therefore, we design an advertising smart contract to efficiently realize a publicly verifiable spatial-keyword query scheme. Instead of directly implementing the spatial-keyword query scheme on the smart contract with prohibitive storage and computation cost, we exploit the on/off-chain computation models to trade the expensive on-chain cost for cheap off-chain cost. With two design strategies: digest-and-verify and divide-then-assemble, the on-chain cost for a single spatial keyword query is reduced to constant regardless of the scale of the spatial-keyword database. Extensive experiments are conducted to provide both on-chain and off-chain benchmarks with a verifiable computation framework. Third, we explore another critical requirement of the mobile advertising system: public accountability enforcement against advertising misconducts, if (1) mobile users receive irrelevant ads, or (2) advertising policies of merchants are not correctly computed in the ad dissemination process. This requires the design of a composite Succinct Non-interactive ARGument (SNARG) system, that can be tailored for different advertising transparency requirements and is efficient for the blockchain implementations. Moreover, pursuing public accountability should also achieve a strict privacy guarantee for the user profile. We also propose an accountability contract which can receive explanation requirements from both mobile users and merchants. To promote prompt on-chain responses, we design an incentive mechanism based on the pre-deposits of involved parties, i.e., ad brokers, mobile users, and merchants. If any advertising misconduct is identified, public accountability can be enforced by confiscating the pre-deposits of the misbehaving party. Comprehensive experiments and analyses are conducted to demonstrate the versatile functionalities and feasibility of the accountability contract. In summary, we have designed, implemented, and evaluated a blockchain-based architecture for security and privacy preservations in the mobile advertising. The designed architecture can not only enhance the transparency and accountability for the mobile advertising system, but has also achieved notably on-chain efficiency and privacy for real-world implementations. The results from the thesis may shed light on the future research and practice of a blockchain-based architecture for the privacy regulation compliance in the mobile advertising

Identity and identification in an information society: Augmenting formal systems of identification with technological artefacts

Information and Communication Technology (ICT) are transforming society’s information flows. These new interactive environments decouple agents, information and actions from their original contexts and this introduces challenges when evaluating trustworthiness and intelligently placing trust.This thesis develops methods that can extend institutional trust into digitally enhanced interactive settings. By applying privacy-preserving cryptographic protocols within a technical architecture, this thesis demonstrates how existing human systems of identification that support institutional trust can be augmented with ICT in ways that distribute trust, respect privacy and limit the potential for abuse. Importantly, identification systems are located within a sociologically informed framework of interaction where identity is more than a collection of static attributes.A synthesis of the evolution and systematisation of cryptographic knowledge is presented and this is juxtaposed against the ideas developed within the digital identity community. The credential mechanism, first conceptualised by David Chaum, has matured into a number of well specified mathematical protocols. This thesis focuses on CL-RSA and BBS+, which are both signature schemes with efficient protocols that can instantiate a credential mechanism with strong privacy-preserving properties.The processes of managing the identification of healthcare professionals as they navigate their careers within the Scottish Healthcare Ecosystem provide a concrete case study for this work. The proposed architecture mediates the exchange of verifiable, integrity-assured evidence that has been cryptographically signed by relevant healthcare institutions, but is stored, managed and presented by the healthcare professionals to whom the evidence pertains.An evaluation of the integrity-assured transaction data produced by this architecture demonstrates how it could be integrated into digitally augmented identification processes, increasing the assurance that can be placed in these processes. The technical architecture is shown to be practical through a series of experiments run under realistic production-like settings.This work demonstrates that designing decentralised, standards-based, privacy-preserving identification systems for trusted professionals within highly assured social contexts can distribute institutionalised trust to trustworthy individuals and empower these individuals to interface with society’s increasingly socio-technical systems