SLIM : Scalable Linkage of Mobility Data

We present a scalable solution to link entities across mobility datasets using their spatio-temporal information. This is a fundamental problem in many applications such as linking user identities for security, understanding privacy limitations of location based services, or producing a unified dataset from multiple sources for urban planning. Such integrated datasets are also essential for service providers to optimise their services and improve business intelligence. In this paper, we first propose a mobility based representation and similarity computation for entities. An efficient matching process is then developed to identify the final linked pairs, with an automated mechanism to decide when to stop the linkage. We scale the process with a locality-sensitive hashing (LSH) based approach that significantly reduces candidate pairs for matching. To realize the effectiveness and efficiency of our techniques in practice, we introduce an algorithm called SLIM. In the experimental evaluation, SLIM outperforms the two existing state-of-the-art approaches in terms of precision and recall. Moreover, the LSH-based approach brings two to four orders of magnitude speedup

Revealing the trajectories of KLAIM tuples, statically

Klaim (Kernel Language for Agents Interaction and Mobility) has been devised to design distributed applications composed by many components deployed over the nodes of a distributed infrastructure and to offer programmers primitive constructs for communicating, distributing and retrieving data. Data could be sensitive and some nodes could not be secure. As a consequence it is important to track data in their traversal of the network. To this aim, we propose a Control Flow Analysis that over-approximates the behaviour of Klaim processes and tracks how tuple data can move in the network

A trust-driven privacy architecture for vehicular ad-hoc networks

Vehicular Ad-Hoc NETworks (VANETs) are an emerging technology which aims to improve road safety by preventing and reducing traffic accidents. While VANETs offer a great variety of promising applications, such as, safety-related and infotainment applications, they remain a number of security and privacy related research challenges that must be addressed. A common approach to security issues widely adopted in VANETs is the use of Public Key Infrastructures (PKI) and digital certificates in order to enable authentication, authorization and confidentiality. These approaches usually rely on a large set of regional Certification Authorities (CAs). Despite the advantages of PKI-based approaches, there are two main problems that arise, i) the secure interoperability among the different and usually unknown- issuing CAs, and ii) the sole use of PKI in a VANET environment cannot prevent privacy related attacks, such as, linking a vehicle with an identifier, tracking vehicles ¿big brother scenario" and user profiling. Additionally, since vehicles in VANETs will be able to store great amounts of information including private information, unauthorized access to such information should be carefully considered. This thesis addresses authentication and interoperability issues in vehicular communications, considering an inter-regional scenario where mutual authentication between nodes is needed. To provide interoperability between vehicles and services among different domains, an Inter-domain Authentication System (AS) is proposed. The AS supplies vehicles with a trusted set of authentication credentials by implementing a near real-time certificate status service. The proposed AS also implements a mechanism to quantitatively evaluate the trust level of a CA, in order to decide on-the-y if an interoperability relationship can be created. This research work also contributes with a Privacy Enhancing Model (PEM) to deal with important privacy issues in VANETs. The PEM consists of two PKI-based privacy protocols: i) the Attribute-Based Privacy (ABP) protocol, and ii) the Anonymous Information Retrieval (AIR) protocol. The ABP introduces Attribute-Based Credentials (ABC) to provide conditional anonymity and minimal information disclosure, which overcome with the privacy issues related to linkability (linking a vehicle with an identifier) and vehicle tracking (big brother scenario). The AIR protocol addresses user profiling when querying Service Providers (SPs), by relying in a user collaboration privacy protocol based on query forgery and permutation; and assuming that neither participant nodes nor SPs could be completely trusted. Finally, the Trust Validation Model (TVM) is proposed. The TVM supports decision making by evaluating entities trust based on context information, in order to provide i) access control to driver and vehicle's private information, and ii) public information trust validation

Envirosuite: An Environmentally-Immersive Programming Framework for Wireless Sensor Networks

Networked, embedded sensors allow for an instrumentation of the physical world at unprecedented granularities and from unimagined perspectives. The advent of a ubiquitous sensing era is evident. Yet, sensor network techniques are still far from entering mainstream adoption due to multiple unresolved research challenges, especially due to the high development cost of sensor network applications. Therefore, in this dissertation, we propose to design, implement, and evaluate an environmentally-immersive programming framework, called EnviroSuite, to reduce sensor network software development cost. The goal of our research is to create reusable sensor network development support for the community and reduce the adoption barriers for a broader category of users, ultimately leading to a transition of sensor networks from a research concept to a general-purpose technology available for use for a wide variety of research, government, industry, and everyday purposes. Current sensor network programming practice remains very cumbersome and inefficient for several reasons. First, most existing programming abstractions for sensor networks are either too low-level (thus too tedious and error-prone) or too high-level (unable to support the diversity of sensor network applications). Second, there is no clear separation between application-level programming and system-level programming. A significant concern is the lack of a general middleware library to isolate application developers from low-level details. Finally, testing sensor network systems is particularly challenging. Sensor systems interact heavily with a (non-repeatable) physical environment, making lab experiments not representative and on-site experiments very costly. This dissertation is targeted for a comprehensive solution that addresses all the above-mentioned problems. The EnviroSuite framework consists of (i) a new programming paradigm that exports environment-based abstractions, (ii) critical middleware services that support the abstractions and separate application programmers from tedious, low-level details, and (iii) testing tools geared for in-situ experimenting, debugging, and troubleshooting. First, we introduce a new programming paradigm, called environmentally-immersive programming (EIP), to capture the common characteristics of sensor network applications, the rich, distributed interactions with the physical environment. EIP refers to an object-based programming model in which individual objects represent physical elements in the external environment. It allows the programmer to think directly in terms of physical objects or events of interest. We provide language primitives for programmers to easily implement their environmental tracking and monitoring applications in EIP. A preprocessor translates such EIP code transparently into a library of support middleware services, central to which are object management algorithms, responsible for maintaining a unique mapping between physical and logical objects. The major outcome of sensor networks is observations of the instrumented environment, in other words, sensory data. Implementing an application mainly involves encoding how to generate, store, and collect such data. EIP object abstractions provide simple means for programmers to define how observations of the environment should be made via distributed coordination among multiple nodes, thus simplifying data generation. Yet, the next steps, namely, data storage and collection, remain complicated and fastidious. To isolate programmers from such concerns, we also include in the support library a set of data management services, comprising both network protocols and storage systems to allow data to be collected either in real-time or in a delay-tolerant manner. The final phase in sensor network software development life-cycle is testing, typically performed in-field, where the effects of environmental realities can be studied. However, physical events from the dynamic environment are normally asynchronous and non-repeatable. This lack of repeatability makes the last phase particularly difficult and costly. Hence, it is essential to have the capability to capture and replay sensing events, providing a basis not only for software testing, but also for realistic protocol comparison and parameter tuning. To achieve that, EnviroSuite also provides testing and debugging facilities that enable controllable and repeatable in-field experiments. Finally, to demonstrate the benefits of our framework, we build multiple representative applications upon EnviroSuite, drawn from both tracking systems such as military surveillance, and monitoring systems such as environmental acoustic monitoring. We install these applications into off-the-shelf hardware platforms and physically deploy the hardware into realistic environments. Empirical results collected from such deployments demonstrate the efficacy of EnviroSuite