848 research outputs found
Privacy preserving in indoor fingerprint localization and radio map expansion
People spend most of their life time in indoor environments and in all of these environments, Location Service Providers (LSPs) improve users’ navigation. Preserving privacy in Location Based Services (LBSs) is vital for indoor LBSs and fingerprinting based indoor localization method is an emerging technique in indoor localization. In such systems, LSP may be curious and untrusted. Therefore, it is preferred that user estimates its location by using a Partial Radio Map (PRM) which is achieved by LSP, anonymously. In this paper, a privacy preserving method that uses Bloom filter for preserving anonymity and creating PRM during localization process, is proposed. In this method, LSP cannot recognize user identity, which is anonymized by the anonymizer. The proposed method has lower computational complexity compared with methods that use encryption or clustering concepts. The proposed method also has higher accuracy in localization compared with those that use Bloom filter with one random selected AP. Then, in order to decrease the complexity and to increase the accuracy at the same time, we introduce a method that expands the radio map by authenticated users, without compromising their privacy. We also enhance the performance of this method, using Hilbert curve for preserving the ambiguity of users’ location. After verifying the user’s data, LSP sends a certificate to the authenticated users. This certificate can increase the priority of users in LBS requests. Simulation results and measurements show that the proposed method on average improves the localization accuracy up to 16% compared with existing location privacy methods
Spatial Bloom Filters: Enabling Privacy in Location-Aware Applications
The wide availability of inexpensive positioning systems made it possible to embed them into smartphones and other personal devices. This marked the beginning of location-aware applications, where users request personalized services based on their geographic position. The location of a user is, however, highly sensitive information: the user's privacy can be preserved if only the minimum amount of information needed to provide the service is disclosed at any time. While some applications, such as navigation systems, are based on the users' movements and therefore require constant tracking, others only require knowledge of the user's position in relation to a set of points or areas of interest. In this paper we focus on the latter kind of services, where location information is essentially used to determine membership in one or more geographic sets. We address this problem using Bloom Filters (BF), a compact data structure for representing sets. In particular, we present an extension of the original Bloom filter idea: the Spatial Bloom Filter (SBF). SBF's are designed to manage spatial and geographical information in a space efficient way, and are well-suited for enabling privacy in location-aware applications. We show this by providing two multi-party protocols for privacy-preserving computation of location information, based on the known homomorphic properties of public key encryption schemes. The protocols keep the user's exact position private, but allow the provider of the service to learn when the user is close to specific points of interest, or inside predefined areas. At the same time, the points and areas of interest remain oblivious to the user
New Secure IoT Architectures, Communication Protocols and User Interaction Technologies for Home Automation, Industrial and Smart Environments
Programa Oficial de Doutoramento en TecnoloxÃas da Información e das Comunicacións en Redes Móbiles. 5029V01Tese por compendio de publicacións[Abstract]
The Internet of Things (IoT) presents a communication network where heterogeneous
physical devices such as vehicles, homes, urban infrastructures or industrial machinery
are interconnected and share data. For these communications to be successful, it is
necessary to integrate and embed electronic devices that allow for obtaining environmental
information (sensors), for performing physical actuations (actuators) as well as
for sending and receiving data (network interfaces).
This integration of embedded systems poses several challenges. It is needed for these
devices to present very low power consumption. In many cases IoT nodes are powered by
batteries or constrained power supplies. Moreover, the great amount of devices needed in
an IoT network makes power e ciency one of the major concerns of these deployments,
due to the cost and environmental impact of the energy consumption. This need for low
energy consumption is demanded by resource constrained devices, con
icting with the
second major concern of IoT: security and data privacy. There are critical urban and
industrial systems, such as tra c management, water supply, maritime control, railway
control or high risk industrial manufacturing systems such as oil re neries that will
obtain great bene ts from IoT deployments, for which non-authorized access can posse
severe risks for public safety. On the other hand, both these public systems and the
ones deployed on private environments (homes, working places, malls) present a risk for
the privacy and security of their users. These IoT deployments need advanced security
mechanisms, both to prevent access to the devices and to protect the data exchanged
by them.
As a consequence, it is needed to improve two main aspects: energy e ciency of IoT
devices and the use of lightweight security mechanisms that can be implemented by
these resource constrained devices but at the same time guarantee a fair degree of
security.
The huge amount of data transmitted by this type of networks also presents another
challenge. There are big data systems capable of processing large amounts of data,
but with IoT the granularity and dispersion of the generated information presents a
new scenario very di erent from the one existing nowadays. Forecasts anticipate that there will be a growth from the 15 billion installed devices in 2015 to more than 75
billion devices in 2025. Moreover, there will be much more services exploiting the data
produced by these networks, meaning the resulting tra c will be even higher. The
information must not only be processed in real time, but data mining processes will
have to be performed to historical data.
The main goal of this Ph.D. thesis is to analyze each one of the previously described
challenges and to provide solutions that allow for an adequate adoption of IoT in
Industrial, domestic and, in general, any scenario that can obtain any bene t from the
interconnection and
exibility that IoT brings.[Resumen]
La internet de las cosas (IoT o Internet of Things) representa una red de intercomunicaciones
en la que participan dispositivos fÃsicos de toda Ãndole, como vehÃculos,
viviendas, electrodomésticos, infraestructuras urbanas o maquinaria y dispositivos industriales.
Para que esta comunicación se pueda llevar a cabo es necesario integrar
elementos electr onicos que permitan obtener informaci on del entorno (sensores), realizar
acciones f sicas (actuadores) y enviar y recibir la informaci on necesaria (interfaces de
comunicaciones de red).
La integración y uso de estos sistemas electrónicos embebidos supone varios retos. Es
necesario que dichos dispositivos presenten un consumo reducido. En muchos casos
deberÃan ser alimentados por baterÃas o fuentes de alimentación limitadas. Además,
la gran cantidad de dispositivos que involucra la IoT hace necesario que la e ciencia
energética de los mismos sea una de las principales preocupaciones, por el coste e
implicaciones medioambientales que supone el consumo de electricidad de los mismos.
Esta necesidad de limitar el consumo provoca que dichos dispositivos tengan unas
prestaciones muy limitadas, lo que entra en conflicto con la segunda mayor preocupación
de la IoT: la seguridad y privacidad de los datos. Por un lado existen sistemas crÃticos
urbanos e industriales, como puede ser la regulación del tráfi co, el control del suministro
de agua, el control marÃtimo, el control ferroviario o los sistemas de producción industrial
de alto riesgo, como refi nerÃas, que son claros candidatos a benefi ciarse de la IoT, pero
cuyo acceso no autorizado supone graves problemas de seguridad ciudadana. Por otro
lado, tanto estos sistemas de naturaleza publica, como los que se desplieguen en entornos
privados (viviendas, entornos de trabajo o centros comerciales, entre otros) suponen
un riesgo para la privacidad y también para la seguridad de los usuarios. Todo esto
hace que sean necesarios mecanismos de seguridad avanzados, tanto de acceso a los
dispositivos como de protección de los datos que estos intercambian.
En consecuencia, es necesario avanzar en dos aspectos principales: la e ciencia energética de los dispositivos y el uso de mecanismos de seguridad e ficientes, tanto
computacional como energéticamente, que permitan la implantación de la IoT sin
comprometer la seguridad y la privacidad de los usuarios. Por otro lado, la ingente cantidad de información que estos sistemas puede llegar
a producir presenta otros dos retos que deben ser afrontados. En primer lugar, el
tratamiento y análisis de datos toma una nueva dimensión. Existen sistemas de big
data capaces de procesar cantidades enormes de información, pero con la internet de
las cosas la granularidad y dispersión de los datos plantean un escenario muy distinto
al actual. La previsión es pasar de 15.000.000.000 de dispositivos instalados en 2015
a más de 75.000.000.000 en 2025. Además existirán multitud de servicios que harán
un uso intensivo de estos dispositivos y de los datos que estos intercambian, por lo
que el volumen de tráfico será todavÃa mayor. Asimismo, la información debe ser
procesada tanto en tiempo real como a posteriori sobre históricos, lo que permite
obtener información estadÃstica muy relevante en diferentes entornos.
El principal objetivo de la presente tesis doctoral es analizar cada uno de estos retos
(e ciencia energética, seguridad, procesamiento de datos e interacción con el usuario)
y plantear soluciones que permitan una correcta adopción de la internet de las cosas
en ámbitos industriales, domésticos y en general en cualquier escenario que se pueda
bene ciar de la interconexión y
flexibilidad de acceso que proporciona el IoT.[Resumo]
O internet das cousas (IoT ou Internet of Things) representa unha rede de intercomunicaci
óns na que participan dispositivos fÃsicos moi diversos, coma vehÃculos, vivendas,
electrodomésticos, infraestruturas urbanas ou maquinaria e dispositivos industriais.
Para que estas comunicacións se poidan levar a cabo é necesario integrar elementos
electrónicos que permitan obter información da contorna (sensores), realizar accións
fÃsicas (actuadores) e enviar e recibir a información necesaria (interfaces de comunicacións
de rede).
A integración e uso destes sistemas electrónicos integrados supón varios retos. En
primeiro lugar, é necesario que estes dispositivos teñan un consumo reducido. En
moitos casos deberÃan ser alimentados por baterÃas ou fontes de alimentación limitadas.
Ademais, a gran cantidade de dispositivos que se empregan na IoT fai necesario que a
e ciencia enerxética dos mesmos sexa unha das principais preocupacións, polo custo e
implicacións medioambientais que supón o consumo de electricidade dos mesmos. Esta
necesidade de limitar o consumo provoca que estes dispositivos teñan unhas prestacións
moi limitadas, o que entra en con
ito coa segunda maior preocupación da IoT: a
seguridade e privacidade dos datos. Por un lado existen sistemas crÃticos urbanos e
industriais, como pode ser a regulación do tráfi co, o control de augas, o control marÃtimo,
o control ferroviario ou os sistemas de produción industrial de alto risco, como refinerÃas,
que son claros candidatos a obter benefi cios da IoT, pero cuxo acceso non autorizado
supón graves problemas de seguridade cidadá. Por outra parte tanto estes sistemas de
natureza pública como os que se despreguen en contornas privadas (vivendas, contornas
de traballo ou centros comerciais entre outros) supoñen un risco para a privacidade e
tamén para a seguridade dos usuarios. Todo isto fai que sexan necesarios mecanismos
de seguridade avanzados, tanto de acceso aos dispositivos como de protección dos datos
que estes intercambian.
En consecuencia, é necesario avanzar en dous aspectos principais: a e ciencia enerxética
dos dispositivos e o uso de mecanismos de seguridade re cientes, tanto computacional
como enerxéticamente, que permitan o despregue da IoT sen comprometer a seguridade
e a privacidade dos usuarios.
Por outro lado, a inxente cantidade de información que estes sistemas poden chegar
a xerar presenta outros retos que deben ser tratados. O tratamento e a análise de
datos toma unha nova dimensión. Existen sistemas de big data capaces de procesar
cantidades enormes de información, pero coa internet das cousas a granularidade e
dispersión dos datos supón un escenario moi distinto ao actual. A previsión e pasar
de 15.000.000.000 de dispositivos instalados no ano 2015 a m ais de 75.000.000.000 de
dispositivos no ano 2025. Ademais existirÃan multitude de servizos que farÃan un uso
intensivo destes dispositivos e dos datos que intercambian, polo que o volume de tráfico
serÃa aÃnda maior. Do mesmo xeito a información debe ser procesada tanto en tempo
real como posteriormente sobre históricos, o que permite obter información estatÃstica
moi relevante en diferentes contornas.
O principal obxectivo da presente tese doutoral é analizar cada un destes retos
(e ciencia enerxética, seguridade, procesamento de datos e interacción co usuario) e
propor solucións que permitan unha correcta adopción da internet das cousas en ámbitos
industriais, domésticos e en xeral en todo aquel escenario que se poda bene ciar da
interconexión e
flexibilidade de acceso que proporciona a IoT
Robust decentralised proof-of-position algorithms for smart city applications
We present a decentralised class of algorithms called Tree-Proof-of-Position
(T-PoP). T-PoP algorithms rely on the web of interconnected devices in a smart
city to establish how likely it is that an agent is in the position they claim
to be. T-PoP operates under adversarial assumptions, by which some agents are
incentivised to be dishonest. We present a theoretical formulation for T-PoP
and its security properties, and we validate this model through a large number
of Monte-Carlo simulations. We specifically focus on two instances of T-PoP and
analyse their security and reliability properties under a range of adversarial
conditions. Use-cases and applications are discussed towards the end of this
paper
The Future of Connection : Serendipity and Control in Interpersonal Communication Tools
This foresight project explored the contemporary trends and tensions inherent in people's experiences with and using interpersonal communication tools. A standard foresight process was overlaid with an experiential lens in order to provide technology designers with useful insights. The outcomes of this project include four tools intended for designers of interpersonal communication applications. These tools include a map of experiential tensions, a landscape of contemporary behaviour, a set of four future scenarios and implications of each, and finally a set of ten reflection questions intended to provoke critical thought about the choices designers make about the balance between serendipity and control in interpersonal communication tools
Pay as You Go: A Generic Crypto Tolling Architecture
The imminent pervasive adoption of vehicular communication, based on
dedicated short-range technology (ETSI ITS G5 or IEEE WAVE), 5G, or both, will
foster a richer service ecosystem for vehicular applications. The appearance of
new cryptography based solutions envisaging digital identity and currency
exchange are set to stem new approaches for existing and future challenges.
This paper presents a novel tolling architecture that harnesses the
availability of 5G C-V2X connectivity for open road tolling using smartphones,
IOTA as the digital currency and Hyperledger Indy for identity validation. An
experimental feasibility analysis is used to validate the proposed architecture
for secure, private and convenient electronic toll payment
Location privacy without mutual trust: The spatial Bloom filter
Location-aware applications are one of the biggest innovations brought by the smartphone era, and are effectively changing our everyday lives. But we are only starting to grasp the privacy risks associated with constant tracking of our whereabouts. In order to continue using location-based services in the future without compromising our privacy and security, we need new, privacy-friendly applications and protocols. In this paper, we propose a new compact data structure based on Bloom filters, designed to store location information. The spatial Bloom filter (SBF), as we call it, is designed with privacy in mind, and we prove it by presenting two private positioning protocols based on the new primitive. The protocols keep the user's exact position private, but allow the provider of the service to learn when the user is close to specific points of interest, or inside predefined areas. At the same time, the points and areas of interest remain oblivious to the user. The two proposed protocols are aimed at different scenarios: a two-party setting, in which communication happens directly between the user and the service provider, and a three-party setting, in which the service provider outsources to a third party the communication with the user. A detailed evaluation of the efficiency and security of our solution shows that privacy can be achieved with minimal computational and communication overhead. The potential of spatial Bloom filters in terms of generality, security and compactness makes them ready for deployment, and may open the way for privacy preserving location-aware applications
- …