Privacy-Preserving Observation in Public Spaces

One method of privacy-preserving accounting or billing in cyber-physical systems, such as electronic toll collection or public transportation ticketing, is to have the user present an encrypted record of transactions and perform the accounting or billing computation securely on them. Honesty of the user is ensured by spot checking the record for some selected surveyed transactions. But how much privacy does that give the user, i.e. how many transactions need to be surveyed? It turns out that due to collusion in mass surveillance all transactions need to be observed, i.e. this method of spot checking provides no privacy at all. In this paper we present a cryptographic solution to the spot checking problem in cyber-physical systems. Users carry an authentication device that authenticates only based on fair random coins. The probability can be set high enough to allow for spot checking, but in all other cases privacy is perfectly preserved. We analyze our protocol for computational efficiency and show that it can be efficiently implemented even on plat- forms with limited computing resources, such as smart cards and smart phones

On the tradeoff between privacy and efficiency: A bidding mechanism for scheduling non-commercial services

Services providers, such as public healthcare systems and government agencies, are under tremendous pressure to reduce costs and improve service quality. Scheduling is an important managerial component which has considerable impact on both the costs and quality of services. Service providers need customers’ availability information to improve resource utilization. On the other hand, customers may be of “two minds” about communicating their private information. While communicating certain amount of availability might be necessary in order to obtain preferred schedules, too much communication place a potential cost due to privacy loss. In this paper, we present a bidding-based mechanism which aims at generating high quality schedules and, at the same time, protecting customers’ privacy. We show that, under the proposed bidding procedure, myopic bidding is the dominant strategy for customers. We also evaluate the privacy and efficiency performance of the proposed mechanism through a computational study

Security and Privacy Enhancing Multi-Cloud Architectures

Security challenges are still among the biggest obstacles when considering the adoption of cloud services. This triggered a lot of research activities, resulting in a quantity of proposals targeting the various cloud security threats. Alongside with these security issues, the cloud paradigm comes with a new set of unique features, which open the path toward novel security approaches, techniques, and architectures. This paper provides a survey on the achievable security merits by making use of multiple distinct clouds simultaneously. Various distinct architectures are introduced and discussed according to their security and privacy capabilities and prospects

Oblivious and Fair Server-Aided Two-Party Computation

We show efficient, practical (server-aided) secure two-party computation protocols ensuring privacy, correctness and fairness in the presence of malicious (Byzantine) faults. Our requirements from the server are modest: to ensure privacy and correctness, we only assume offline set-up prior to protocol execution; and to also ensure fairness, we further assume a trusted-decryption service, providing decryption service using known public key. The fairness-ensuring protocol is optimistic, i.e., the decryption service is invoked only in case of faults. Both assumptions are feasible in practice and formally presented in the hybrid model. The resulting protocols may be sufficiently efficient, to allow deployment, in particular for financial applications

Exploring Current Trends and Challenges in Cybersecurity: A Comprehensive Survey

Cyber security is the process of preventing unauthorized access, theft, damage, and interruption to computers, servers, networks, and data. It entails putting policies into place to guarantee the availability, confidentiality, and integrity of information and information systems. Cyber security seeks to protect against a variety of dangers, including as hacking, data breaches, malware infections, and other nefarious actions.  Cyber security has grown to be a major worry as a result of the quick development of digital technology and the growing interconnection of our contemporary society. In order to gain insight into the constantly changing world of digital threats and the countermeasures put in place to address them, this survey seeks to study current trends and issues in the area of cyber security. The study includes responses from end users, business executives, IT administrators, and experts across a wide variety of businesses and sectors. The survey gives insight on important problems such the sorts of cyber threats encountered, the efficacy of current security solutions, future technology influencing cyber security, and the human elements leading to vulnerabilities via a thorough analysis of the replies. The most important conclusions include an evaluation of the most common cyber dangers, such as malware, phishing scams, ransom ware, and data breaches, as well as an investigation of the methods and tools used to counter these threats. The survey explores the significance of staff education and awareness in bolstering cyber security defenses and pinpoints opportunities for development in this area. The survey also sheds insight on how cutting-edge technologies like cloud computing, artificial intelligence, and the Internet of Things (IoT) are affecting cyber security practices. It analyses the advantages and disadvantages of using these technologies while taking into account issues like data privacy, infrastructure security, and the need for specialized skills. The survey also looks at the compliance environment, assessing how industry norms and regulatory frameworks affect cyber security procedures. The survey studies the obstacles organizations encounter in attaining compliance and assesses the degree of knowledge and commitment to these requirements. The results of this cyber security survey help to better understand the current status of cyber security and provide organizations and individual’s useful information for creating effective policies to protect digital assets. This study seeks to promote a proactive approach to cyber security, allowing stakeholders to stay ahead of threats and build a safe digital environment by identifying relevant trends and concerns

The Elements of Big Data Value

This open access book presents the foundations of the Big Data research and innovation ecosystem and the associated enablers that facilitate delivering value from data for business and society. It provides insights into the key elements for research and innovation, technical architectures, business models, skills, and best practices to support the creation of data-driven solutions and organizations. The book is a compilation of selected high-quality chapters covering best practices, technologies, experiences, and practical recommendations on research and innovation for big data. The contributions are grouped into four parts: · Part I: Ecosystem Elements of Big Data Value focuses on establishing the big data value ecosystem using a holistic approach to make it attractive and valuable to all stakeholders. · Part II: Research and Innovation Elements of Big Data Value details the key technical and capability challenges to be addressed for delivering big data value. · Part III: Business, Policy, and Societal Elements of Big Data Value investigates the need to make more efficient use of big data and understanding that data is an asset that has significant potential for the economy and society. · Part IV: Emerging Elements of Big Data Value explores the critical elements to maximizing the future potential of big data value. Overall, readers are provided with insights which can support them in creating data-driven solutions, organizations, and productive data ecosystems. The material represents the results of a collective effort undertaken by the European data community as part of the Big Data Value Public-Private Partnership (PPP) between the European Commission and the Big Data Value Association (BDVA) to boost data-driven digital transformation

#Blockchain4EU: Blockchain for Industrial Transformations

The project #Blockchain4EU is a forward looking exploration of existing, emerging and potential applications based on Blockchain and other DLTs for industrial / non-financial sectors. It combined Science and Technology Studies with a transdisciplinary policy lab toolbox filled with frameworks from Foresight and Horizon Scanning, Behavioural Insights, or Participatory, Critical and Speculative Design. Amid unfolding and uncertain developments of the Blockchain space, our research signals a number of crucial opportunities and challenges around a technology that could record, secure and transfer any digitised transaction or process, and thus potentially affect large parts of current industrial landscapes. This report offers key insights for its implementation and uptake by industry, businesses and SMEs, together with science for policy strategic recommendations.JRC.I.2-Foresight, Behavioural Insights and Design for Polic

Outsourcing Multi-Party Computation

We initiate the study of secure multi-party computation (MPC) in a server-aided setting, where the parties have access to a single server that (1) does not have any input to the computation; (2) does not receive any output from the computation; but (3) has a vast (but bounded) amount of computational resources. In this setting, we are concerned with designing protocols that minimize the computation of the parties at the expense of the server. We develop new definitions of security for this server-aided setting, that generalize the standard simulation-based definitions for MPC, and allow us to formally capture the existence of dishonest but non-colluding participants. This requires us to introduce a formal characterization of non-colluding adversaries that may be of independent interest. We then design general and special-purpose server-aided MPC protocols that are more efficient (in terms of computation and communication) for the parties than the alternative of running a standard MPC protocol (i.e., without the server). Our main general-purpose protocol provides security when there is at least one honest party with input. We also construct a new and efficient server-aided protocol for private set intersection and give a general transformation from any secure delegated computation scheme to a server-aided two-party protocol