PADS: Privacy-preserving Auction Design forAllocating Dynamically Priced Cloud Resources

With the rapid growth of Cloud Computing technologies, enterprises are increasingly deploying their services in the Cloud. Dynamically priced cloud resources such as the Amazon EC2 Spot Instance provides an efficient mechanism for cloud service providers to trade resources with potential buyers using an auction mechanism. With the dynamically priced cloud resource markets, cloud consumers can buy resources at a significantly lower cost than statically priced cloud resources such as the on-demand instances in Amazon EC2. While dynamically priced cloud resources enable to maximize datacenter resource utilization and minimize cost for the consumers, unfortunately, such auction mechanisms achieve these benefits only at a cost significant of private information leakage. In an auction-based mechanism, the private information includes information on the demands of the consumers that can lead an attacker to understand the current computing requirements of the consumers and perhaps even allow the inference of the workload patterns of the consumers. In this paper, we propose PADS, a strategy-proof differentially private auction mechanism that allows cloud providers to privately trade resources with cloud consumers in such a way that individual bidding information of the cloud consumers is not exposed by the auction mechanism. We demonstrate that PADS achieves differential privacy and approximate truthfulness guarantees while maintaining good performance in terms of revenue gains and allocation efficiency. We evaluate PADS through extensive simulation experiments that demonstrate that in comparison to traditional auction mechanisms, PADS achieves relatively high revenues for cloud providers while guaranteeing the privacy of the participating consumers

Differential Privacy-Based Online Allocations towards Integrating Blockchain and Edge Computing

In recent years, the blockchain-based Internet of Things (IoT) has been researched and applied widely, where each IoT device can act as a node in the blockchain. However, these lightweight nodes usually do not have enough computing power to complete the consensus or other computing-required tasks. Edge computing network gives a platform to provide computing power to IoT devices. A fundamental problem is how to allocate limited edge servers to IoT devices in a highly untrustworthy environment. In a fair competition environment, the allocation mechanism should be online, truthful, and privacy safe. To address these three challenges, we propose an online multi-item double auction (MIDA) mechanism, where IoT devices are buyers and edge servers are sellers. In order to achieve the truthfulness, the participants' private information is at risk of being exposed by inference attack, which may lead to malicious manipulation of the market by adversaries. Then, we improve our MIDA mechanism based on differential privacy to protect sensitive information from being leaked. It interferes with the auction results slightly but guarantees privacy protection with high confidence. Besides, we upgrade our privacy-preserving MIDA mechanism such that adapting to more complex and realistic scenarios. In the end, the effectiveness and correctness of algorithms are evaluated and verified by theoretical analysis and numerical simulations

Incentive mechanism design for mobile crowd sensing systems

The recent proliferation of increasingly capable and affordable mobile devices with a plethora of on-board and portable sensors that pervade every corner of the world has given rise to the fast development and wide deployment of mobile crowd sensing (MCS) systems. Nowadays, applications of MCS systems have covered almost every aspect of people's everyday living and working, such as ambient environment monitoring, healthcare, floor plan reconstruction, smart transportation, indoor localization, and many others. Despite their tremendous benefits, MCS systems pose great new research challenges, of which, this thesis targets one important facet, that is, to effectively incentivize (crowd) workers to achieve maximum participation in MCS systems. Participating in crowd sensing tasks is usually a costly procedure for individual workers. On one hand, it consumes workers' resources, such as computing power, battery, and so forth. On the other hand, a considerable portion of sensing tasks require the submission of workers' sensitive and private information, which causes privacy leakage for participants. Clearly, the power of crowd sensing could not be fully unleashed, unless workers are properly incentivized to participate via satisfactory rewards that effectively compensate their participation costs. Targeting the above challenge, in this thesis, I present a series of novel incentive mechanisms, which can be utilized to effectively incentivize worker participation in MCS systems. The proposed mechanisms not only incorporate workers' quality of information in order to selectively recruit relatively more reliable workers for sensing, but also preserve workers' privacy so as to prevent workers from being disincentivized by excessive privacy leakage. I demonstrate through rigorous theoretical analyses and extensive simulations that the proposed incentive mechanisms bear many desirable properties theoretically, and have great potential to be practically applied

Revealing the Landscape of Privacy-Enhancing Technologies in the Context of Data Markets for the IoT: A Systematic Literature Review

IoT data markets in public and private institutions have become increasingly relevant in recent years because of their potential to improve data availability and unlock new business models. However, exchanging data in markets bears considerable challenges related to disclosing sensitive information. Despite considerable research focused on different aspects of privacy-enhancing data markets for the IoT, none of the solutions proposed so far seems to find a practical adoption. Thus, this study aims to organize the state-of-the-art solutions, analyze and scope the technologies that have been suggested in this context, and structure the remaining challenges to determine areas where future research is required. To accomplish this goal, we conducted a systematic literature review on privacy enhancement in data markets for the IoT, covering 50 publications dated up to July 2020, and provided updates with 24 publications dated up to May 2022. Our results indicate that most research in this area has emerged only recently, and no IoT data market architecture has established itself as canonical. Existing solutions frequently lack the required combination of anonymization and secure computation technologies. Furthermore, there is no consensus on the appropriate use of blockchain technology for IoT data markets and a low degree of leveraging existing libraries or reusing generic data market architectures. We also identified significant challenges remaining, such as the copy problem and the recursive enforcement problem that-while solutions have been suggested to some extent-are often not sufficiently addressed in proposed designs. We conclude that privacy-enhancing technologies need further improvements to positively impact data markets so that, ultimately, the value of data is preserved through data scarcity and users' privacy and businesses-critical information are protected.Comment: 49 pages, 17 figures, 11 table