A Flexible Privacy-preserving Framework for Singular Value Decomposition under Internet of Things Environment

The singular value decomposition (SVD) is a widely used matrix factorization tool which underlies plenty of useful applications, e.g. recommendation system, abnormal detection and data compression. Under the environment of emerging Internet of Things (IoT), there would be an increasing demand for data analysis to better human's lives and create new economic growth points. Moreover, due to the large scope of IoT, most of the data analysis work should be done in the network edge, i.e. handled by fog computing. However, the devices which provide fog computing may not be trustable while the data privacy is often the significant concern of the IoT application users. Thus, when performing SVD for data analysis purpose, the privacy of user data should be preserved. Based on the above reasons, in this paper, we propose a privacy-preserving fog computing framework for SVD computation. The security and performance analysis shows the practicability of the proposed framework. Furthermore, since different applications may utilize the result of SVD operation in different ways, three applications with different objectives are introduced to show how the framework could flexibly achieve the purposes of different applications, which indicates the flexibility of the design.Comment: 24 pages, 4 figure

Collusion in Peer-to-Peer Systems

Peer-to-peer systems have reached a widespread use, ranging from academic and industrial applications to home entertainment. The key advantage of this paradigm lies in its scalability and flexibility, consequences of the participants sharing their resources for the common welfare. Security in such systems is a desirable goal. For example, when mission-critical operations or bank transactions are involved, their effectiveness strongly depends on the perception that users have about the system dependability and trustworthiness. A major threat to the security of these systems is the phenomenon of collusion. Peers can be selfish colluders, when they try to fool the system to gain unfair advantages over other peers, or malicious, when their purpose is to subvert the system or disturb other users. The problem, however, has received so far only a marginal attention by the research community. While several solutions exist to counter attacks in peer-to-peer systems, very few of them are meant to directly counter colluders and their attacks. Reputation, micro-payments, and concepts of game theory are currently used as the main means to obtain fairness in the usage of the resources. Our goal is to provide an overview of the topic by examining the key issues involved. We measure the relevance of the problem in the current literature and the effectiveness of existing philosophies against it, to suggest fruitful directions in the further development of the field

Efficiency and Nash Equilibria in a Scrip System for P2P Networks

A model of providing service in a P2P network is analyzed. It is shown that by adding a scrip system, a mechanism that admits a reasonable Nash equilibrium that reduces free riding can be obtained. The effect of varying the total amount of money (scrip) in the system on efficiency (i.e., social welfare) is analyzed, and it is shown that by maintaining the appropriate ratio between the total amount of money and the number of agents, efficiency is maximized. The work has implications for many online systems, not only P2P networks but also a wide variety of online forums for which scrip systems are popular, but formal analyses have been lacking

Evaluated reputation-based trust for WSN security

During the last years, Wireless Sensor Networks (WSNs) and its applications have obtained considerable momentum. However, security and power limits of WSNs are still important matters. Many existing approaches at most concentrate on cryptography to improve data authentication and integrity but this addresses only a part of the security problem without consideration for high energy consumption. Monitoring behavior of node neighbors using reputation and trust models improves the security of WSNs and maximizes the lifetime for it. However, a few of previous studies take into consideration security threats and energy consumption at the same time. Under these issues Modified Reputation-Based Trust model proposed and optimized for security strength. During evaluation of the model with well-known models two security threats (oscillating and collusion) were applied in order to measure the accuracy, scalability, trustworthiness and energy consumption. As a result, the effects of collusion and oscillating on proposed model are minimized and energy consumption for dynamic networks reduced. Also, simulation results show that MRT has better average accuracy and less average path length than other mechanisms, due to the security and energy aware. Keywords: Wireless Sensor Networks (WSNs), Collusion, Oscillating, Power Consumption, Trust and Reputation Model

SocialLink: a Social Network Based Trust System for P2P File Sharing Systems

In peer-to-peer (P2P) file sharing systems, many autonomous peers without preexisting trust relationships share files with each other. Due to their open environment and distributed structure, these systems are vulnerable to the significant impact from selfish and misbehaving nodes. Free-riding, whitewash, collusion and Sybil attacks are common and serious threats, which severely harm non-malicious users and degrade the system performance. Many trust systems were proposed for P2P file sharing systems to encourage cooperative behaviors and punish non-cooperative behaviors. However, querying reputation values usually generates latency and overhead for every user. To address this problem, a social network based trust system (i.e., SocialTrust) was proposed that enables nodes to first request files from friends without reputation value querying since social friends are trustable, and then use trust systems upon friend querying failure when a node\u27s friends do not have its queried file. However, trust systems and SocialTrust cannot effectively deal with free-riding, whitewash, collusion and Sybil attacks. To handle these problems, in this thesis, we introduce a novel trust system, called SocialLink, for P2P file sharing systems. By enabling nodes to maintain personal social network with trustworthy friends, SocialLink encourages nodes to directly share files between friends without querying reputations and hence reduces reputation querying cost. To guarantee the quality of service (QoS) of file provisions from non-friends, SocialLink establishes directionally weighted links from the server to the client with successful file transaction history to constitute a weighted transaction network , in which the link weight is the size of the transferred file. In this way, SocialLink prevents potential fraudulent transactions (i.e., low-QoS file provision) and encourages nodes to contribute files to non-friends. By constraining the connections between malicious nodes and non-malicious nodes in the weighted transaction network, SocialLink mitigates the adverse effect from whitewash, collusion and Sybil attacks. By simulating experiments, we demonstrate that SocialLink efficiently saves querying cost, reduces free-riding, and prevents damage from whitewash, collusion and Sybil attacks

Location attestation and access control for mobile devices using GeoXACML

Access control has been applied in various scenarios in the past for negotiating the best policy. Solutions with XACML for access control has been very well explored by research and have resulted in significant contributions to various sectors including healthcare. In controlling access to the sensitive data such as medical records, it is important to guarantee that the data is accessed by the right person for the right reason. Location of access requestor can be a good indication for his/her eligibility and reasons for accessing the data. To reason with geospatial information for access control, Geospatial XACML (eXtensible Access Control Markup Language) is proposed as a standard. However, there is no available implementation and architecture for reasoning with Geospatial XACML policies. This paper proposes to extend XACML with geohashing to implement geospatial policies. It also proposes an architecture for checking reliability of the geospatial information provided by clients. With a case study, we demonstrate how our framework can be used to control the privacy and data access of health service data in handheld devices

Peer-Assisted Social Media Streaming With Social Reciprocity

published_or_final_versio

Framework for privacy-aware content distribution in peer-to- peer networks with copyright protection

The use of peer-to-peer (P2P) networks for multimedia distribution has spread out globally in recent years. This mass popularity is primarily driven by the efficient distribution of content, also giving rise to piracy and copyright infringement as well as privacy concerns. An end user (buyer) of a P2P content distribution system does not want to reveal his/her identity during a transaction with a content owner (merchant), whereas the merchant does not want the buyer to further redistribute the content illegally. Therefore, there is a strong need for content distribution mechanisms over P2P networks that do not pose security and privacy threats to copyright holders and end users, respectively. However, the current systems being developed to provide copyright and privacy protection to merchants and end users employ cryptographic mechanisms, which incur high computational and communication costs, making these systems impractical for the distribution of big files, such as music albums or movies.El uso de soluciones de igual a igual (peer-to-peer, P2P) para la distribución multimedia se ha extendido mundialmente en los últimos años. La amplia popularidad de este paradigma se debe, principalmente, a la distribución eficiente de los contenidos, pero también da lugar a la piratería, a la violación del copyright y a problemas de privacidad. Un usuario final (comprador) de un sistema de distribución de contenidos P2P no quiere revelar su identidad durante una transacción con un propietario de contenidos (comerciante), mientras que el comerciante no quiere que el comprador pueda redistribuir ilegalmente el contenido más adelante. Por lo tanto, existe una fuerte necesidad de mecanismos de distribución de contenidos por medio de redes P2P que no supongan un riesgo de seguridad y privacidad a los titulares de derechos y los usuarios finales, respectivamente. Sin embargo, los sistemas actuales que se desarrollan con el propósito de proteger el copyright y la privacidad de los comerciantes y los usuarios finales emplean mecanismos de cifrado que implican unas cargas computacionales y de comunicaciones muy elevadas que convierten a estos sistemas en poco prácticos para distribuir archivos de gran tamaño, tales como álbumes de música o películas.L'ús de solucions d'igual a igual (peer-to-peer, P2P) per a la distribució multimèdia s'ha estès mundialment els darrers anys. L'àmplia popularitat d'aquest paradigma es deu, principalment, a la distribució eficient dels continguts, però també dóna lloc a la pirateria, a la violació del copyright i a problemes de privadesa. Un usuari final (comprador) d'un sistema de distribució de continguts P2P no vol revelar la seva identitat durant una transacció amb un propietari de continguts (comerciant), mentre que el comerciant no vol que el comprador pugui redistribuir il·legalment el contingut més endavant. Per tant, hi ha una gran necessitat de mecanismes de distribució de continguts per mitjà de xarxes P2P que no comportin un risc de seguretat i privadesa als titulars de drets i els usuaris finals, respectivament. Tanmateix, els sistemes actuals que es desenvolupen amb el propòsit de protegir el copyright i la privadesa dels comerciants i els usuaris finals fan servir mecanismes d'encriptació que impliquen unes càrregues computacionals i de comunicacions molt elevades que fan aquests sistemes poc pràctics per a distribuir arxius de grans dimensions, com ara àlbums de música o pel·lícules