End-to-End Privacy for Open Big Data Markets

The idea of an open data market envisions the creation of a data trading model to facilitate exchange of data between different parties in the Internet of Things (IoT) domain. The data collected by IoT products and solutions are expected to be traded in these markets. Data owners will collect data using IoT products and solutions. Data consumers who are interested will negotiate with the data owners to get access to such data. Data captured by IoT products will allow data consumers to further understand the preferences and behaviours of data owners and to generate additional business value using different techniques ranging from waste reduction to personalized service offerings. In open data markets, data consumers will be able to give back part of the additional value generated to the data owners. However, privacy becomes a significant issue when data that can be used to derive extremely personal information is being traded. This paper discusses why privacy matters in the IoT domain in general and especially in open data markets and surveys existing privacy-preserving strategies and design techniques that can be used to facilitate end to end privacy for open data markets. We also highlight some of the major research challenges that need to be address in order to make the vision of open data markets a reality through ensuring the privacy of stakeholders.Comment: Accepted to be published in IEEE Cloud Computing Magazine: Special Issue Cloud Computing and the La

Evolution of Format Preserving Encryption on IoT Devices: FF1+

The Internet of Things (IoT) is a network of interconnected low-power sensing devices designed to interact and communicate with each other. To avoid compromising user privacy, it is necessary to encrypt these channels. We introduce Format Preserving Encryption (FPE), a modern cryptosystem that allows full customization of the ciphertext, while offering comparable security to AES. To gauge the performance of FPE, we compare the NIST-approved FF1 algorithm against several symmetric and asymmetric encryption schemes on a Raspberry Pi 3. While suitable for small plaintexts, FF1 breaks down for longer character strings. We propose a modified algorithm, FF1+, that implements dynamic round selection and key scheduling. Significant performance improvements are observed in our results, thus demonstrating FF1+ as a viable cryptosystem for IoT devices

Homomorphic Encryption and the Approximate GCD Problem

With the advent of cloud computing, everyone from Fortune 500 businesses to personal consumers to the US government is storing massive amounts of sensitive data in service centers that may not be trustworthy. It is of vital importance to leverage the benefits of storing data in the cloud while simultaneously ensuring the privacy of the data. Homomorphic encryption allows one to securely delegate the processing of private data. As such, it has managed to hit the sweet spot of academic interest and industry demand. Though the concept was proposed in the 1970s, no cryptosystem realizing this goal existed until Craig Gentry published his PhD thesis in 2009. In this thesis, we conduct a study of the two main methods for construction of homomorphic encryption schemes along with functional encryption and the hard problems upon which their security is based. These hard problems include the Approximate GCD problem (A-GCD), the Learning With Errors problem (LWE), and various lattice problems. In addition, we discuss many of the proposed and in some cases implemented practical applications of these cryptosystems. Finally, we focus on the Approximate GCD problem (A-GCD). This problem forms the basis for the security of Gentry\u27s original cryptosystem but has not yet been linked to more standard cryptographic primitives. After presenting several algorithms in the literature that attempt to solve the problem, we introduce some new algorithms to attack the problem

Cloud-based Quadratic Optimization with Partially Homomorphic Encryption

The development of large-scale distributed control systems has led to the outsourcing of costly computations to cloud-computing platforms, as well as to concerns about privacy of the collected sensitive data. This paper develops a cloud-based protocol for a quadratic optimization problem involving multiple parties, each holding information it seeks to maintain private. The protocol is based on the projected gradient ascent on the Lagrange dual problem and exploits partially homomorphic encryption and secure multi-party computation techniques. Using formal cryptographic definitions of indistinguishability, the protocol is shown to achieve computational privacy, i.e., there is no computationally efficient algorithm that any involved party can employ to obtain private information beyond what can be inferred from the party's inputs and outputs only. In order to reduce the communication complexity of the proposed protocol, we introduced a variant that achieves this objective at the expense of weaker privacy guarantees. We discuss in detail the computational and communication complexity properties of both algorithms theoretically and also through implementations. We conclude the paper with a discussion on computational privacy and other notions of privacy such as the non-unique retrieval of the private information from the protocol outputs

Implementing Homomorphic Encryption Based Secure Feedback Control for Physical Systems

This paper is about an encryption based approach to the secure implementation of feedback controllers for physical systems. Specifically, Paillier's homomorphic encryption is used to digitally implement a class of linear dynamic controllers, which includes the commonplace static gain and PID type feedback control laws as special cases. The developed implementation is amenable to Field Programmable Gate Array (FPGA) realization. Experimental results, including timing analysis and resource usage characteristics for different encryption key lengths, are presented for the realization of an inverted pendulum controller; as this is an unstable plant, the control is necessarily fast

Processing Over Encrypted Query Data In Internet of Things (IoTs) : CryptDBs, MONOMI and SDB

Internet of Things (IoT) is the developing technologies that would be the biggest agents to modify the current world. Machine-to-machine communications perform with virtual, mobile and instantaneous connections. In IoT system, it consists of data-gathering sensors various other household devices. Intended for protecting IoT system, the end-to-end secure communication is a necessary measure to protect against unauthorized entities (e.g., modification attacks and eavesdropping,) and the data unprotected on the Cloud. The most important concern hereby is how to preserve the insightful information and to provide the privacy of user data. In IoT, the encrypted data computing is based on techniques appear to be promising approaches. In this paper, we discuss about the recent secure database systems, which are capable to execute SQL queries over encrypted data

How Privacy-Enhanced Technologies (Pets) are Transforming Digital Healthcare Delivery

Privacy Enhancing Technologies (PETs) are playing a crucial role in maturing digital healthcare delivery for mainstream adaption from both a social and regulatory perspective. Different PETs are improving different aspects of digital healthcare delivery, and we have chosen seven of them to observe in the context of their influence on digital healthcare and their use cases. Homomorphic encryption can provide data security when healthcare data is being collected from individuals via IoT or IoMT devices. It’s also a key facilitator for large-scale healthcare data pooling from multiple sources for analytics without compromising privacy. Secure Multi-Party Computation (SMPC) facilitates safe data transfer between patients and healthcare professionals, and other relevant entities. Generative Adversarial Networks (GANs) can be used to generate larger data sets from smaller training data sets directly obtained from the patients, to train AI and ML algorithms. Differential Privacy (DP) focuses on combining multiple data sets for collective or individual processing without compromising privacy. However, its addition of noise to obscure data has some technical limitations. Zero-Knowledge Proof (ZKP) can facilitate safe verifications/validation protocols to establish connections between healthcare devices without straining their hardware capacities. Federated learning leans quite heavily towards training AI/ML algorithms on multiple data sets without margining or compromising the privacy of the constituents of any dataset. Obfuscation can be used in different stages of healthcare delivery to obscure healthcare data.