Effective Privacy-Preserving Mechanisms for Vehicle-to-Everything Services

Owing to the advancement of wireless communication technologies, drivers can rely on smart connected vehicles to communicate with each other, roadside units, pedestrians, and remote service providers to enjoy a large amount of vehicle-to-everything (V2X) services, including navigation, parking, ride hailing, and car sharing. These V2X services provide different functions for bettering travel experiences, which have a bunch of benefits. In the real world, even without smart connected vehicles, drivers as users can utilize their smartphones and mobile applications to access V2X services and connect their smartphones to vehicles through some interfaces, e.g., IOS Carplay and Android Auto. In this way, they can still enjoy V2X services through modern car infotainment systems installed on vehicles. Most of the V2X services are data-centric and data-intensive, i.e., users have to upload personal data to a remote service provider, and the service provider can continuously collect a user's data and offer personalized services. However, the data acquired from users may include users' sensitive information, which may expose user privacy and cause serious consequences. To protect user privacy, a basic privacy-preserving mechanism, i.e, anonymization, can be applied in V2X services. Nevertheless, a big obstacle arises as well: user anonymization may affect V2X services' availability. As users become anonymous, users may behave selfishly and maliciously to break the functions of a V2X service without being detected and the service may become unavailable. In short, there exist a conflict between privacy and availability, which is caused by different requirements of users and service providers. In this thesis, we have identified three major conflicts between privacy and availability for V2X services: privacy vs. linkability, privacy vs. accountability, privacy vs. reliability, and then have proposed and designed three privacy-preserving mechanisms to resolve these conflicts. Firstly, the thesis investigates the conflict between privacy and linkability in an automated valet parking (AVP) service, where users can reserve a parking slot for their vehicles such that vehicles can achieve automated valet parking. As an optional privacy-preserving measure, users can choose to anonymize their identities when booking a parking slot for their vehicles. In this way, although user privacy is protected by anonymization, malicious users can repeatedly send parking reservation requests to a parking service provider to make the system unavailable (i.e., "Double-Reservation Attack"). Aiming at this conflict, a security model is given in the thesis to clearly define necessary privacy requirements and potential attacks in an AVP system, and then a privacy-preserving reservation scheme has been proposed based on BBS+ signature and zero-knowledge proof. In the proposed scheme, users can keep anonymous since users only utilize a one-time unlinkable token generated from his/her anonymous credential to achieve parking reservations. In the meantime, by utilizing proxy re-signature, the scheme can also guarantee that one user can only have one token at a time to resist against "Double-Reservation Attack". Secondly, the thesis investigates the conflict between privacy and accountability in a car sharing service, where users can conveniently rent a shared car without human intervention. One basic demand for car sharing service is to check the user's identity to determine his/her validity and enable the user to be accountable if he/she did improper behavior. If the service provider allows users to hide their identities and achieve anonymization to protect user privacy, naturally the car sharing service is unavailable. Aiming at this conflict, a decentralized, privacy-preserving, and accountable car sharing architecture has been proposed in the thesis, where multiple dynamic validation servers are employed to build decentralized trust for users. Under this architecture, the thesis proposes a privacy-preserving identity management scheme to assist in managing users' identities in a dynamic manner based on a verifiable secret sharing/redistribution technique, i.e. the validation servers who manage users' identities are dynamically changed with the time advancing. Moreover, the scheme enables a majority of dynamic validation servers to recover the misbehaving users' identities and guarantees that honest users' identities are confidential to achieve privacy preservation and accountability at the same time. Thirdly, the thesis investigates the conflict between privacy and reliability in a road condition monitoring service, where users can report road conditions to a monitoring service provider to help construct a live map based on crowdsourcing. Usually, a reputation-based mechanism is applied in the service to measure a user's reliability. However, this mechanism cannot be easily integrated with a privacy-preserving mechanism based on user anonymization. When users are anonymous, they can upload arbitrary reports to destroy the service quality and make the service unavailable. Aiming at this conflict, a privacy-preserving crowdsourcing-based road condition monitoring scheme has been proposed in the thesis. By leveraging homomorphic commitments and PS signature, the scheme supports anonymous user reputation management without the assistance of any third-party authority. Furthermore, the thesis proposes several zero-knowledge proof protocols to ensure that a user can keep anonymous and unlinkable but a monitoring service provider can still judge the reliability of this user's report through his/her reputation score. To sum up, with more attention being paid to privacy issues, how to protect user privacy for V2X services becomes more significant. The thesis proposes three effective privacy-preserving mechanisms for V2X services, which resolve the conflict between privacy and availability and can be conveniently integrated into current V2X applications since no trusted third party authority is required. The proposed approaches should be valuable for achieving practical privacy preservation in V2X services

Mobile Edge Computing

This is an open access book. It offers comprehensive, self-contained knowledge on Mobile Edge Computing (MEC), which is a very promising technology for achieving intelligence in the next-generation wireless communications and computing networks. The book starts with the basic concepts, key techniques and network architectures of MEC. Then, we present the wide applications of MEC, including edge caching, 6G networks, Internet of Vehicles, and UAVs. In the last part, we present new opportunities when MEC meets blockchain, Artificial Intelligence, and distributed machine learning (e.g., federated learning). We also identify the emerging applications of MEC in pandemic, industrial Internet of Things and disaster management. The book allows an easy cross-reference owing to the broad coverage on both the principle and applications of MEC. The book is written for people interested in communications and computer networks at all levels. The primary audience includes senior undergraduates, postgraduates, educators, scientists, researchers, developers, engineers, innovators and research strategists

Location Privacy in VANETs: Improved Chaff-Based CMIX and Privacy-Preserving End-to-End Communication

VANETs communication systems are technologies and defined policies that can be formed to enable ITS applications to provide road traffic efficacy, warning about such issues as environmental dangers, journey circumstances, and in the provision of infotainment that considerably enhance transportation safety and quality. The entities in VANETs, generally vehicles, form part of a massive network known as the Internet of Vehicles (IoV). The deployment of large-scale VANETs systems is impossible without ensuring that such systems are themselves are safe and secure, protecting the privacy of their users. There is a risk that cars might be hacked, or their sensors become defective, causing inaccurate information to be sent across the network. Consequently, the activities and credentials of participating vehicles should be held responsible and quickly broadcast throughout a vast VANETs, considering the accountability in the system. The openness of wireless communication means that an observer can eavesdrop on vehicular communication and gain access or otherwise deduce users' sensitive information, and perhaps profile vehicles based on numerous factors such as tracing their travels and the identification of their home/work locations. In order to protect the system from malicious or compromised entities, as well as to preserve user privacy, the goal is to achieve communication security, i.e., keep users' identities hidden from both the outside world and the security infrastructure and service providers. Being held accountable while still maintaining one's privacy is a difficult balancing act. This thesis explores novel solution paths to the above challenges by investigating the impact of low-density messaging to improve the security of vehicle communications and accomplish unlinkability in VANETs. This is achieved by proposing an improved chaff-based CMIX protocol that uses fake messages to increase density to mitigate tracking in this scenario. Recently, Christian \etall \cite{vaas2018nowhere} proposed a Chaff-based CMIX scheme that sends fake messages under the presumption low-density conditions to enhance vehicle privacy and confuse attackers. To accomplish full unlinkability, we first show the following security and privacy vulnerabilities in the Christian \etall scheme: linkability attacks outside the CMIX may occur due to deterministic data-sharing during the authentication phase (e.g., duplicate certificates for each communication). Adversaries may inject fake certificates, which breaks Cuckoo Filters' (CFs) updates authenticity, and the injection may be deniable. CMIX symmetric key leakage outside the coverage may occur. We propose a VPKI-based protocol to mitigate these issues. First, we use a modified version of Wang \etall's \cite{wang2019practical} scheme to provide mutual authentication without revealing the real identity. To this end, a vehicle's messages are signed with a different pseudo-identity “certificate”. Furthermore, the density is increased via the sending of fake messages during low traffic periods to provide unlinkability outside the mix-zone. Second, unlike Christian \etall's scheme, we use the Adaptive Cuckoo Filter (ACF) instead of CF to overcome the effects of false positives on the whole filter. Moreover, to prevent any alteration of the ACFs, only RUSs distribute the updates, and they sign the new fingerprints. Third, mutual authentication prevents any leakage from the mix zones' symmetric keys by generating a fresh one for each communication through a Diffie–Hellman key exchange. As a second main contribution of this thesis, we focus on the V2V communication without the interference of a Trusted Third Party (TTP)s in case this has been corrupted, destroyed, or is out of range. This thesis presents a new and efficient end-to-end anonymous key exchange protocol based on Yang \etall's \cite{yang2015self} self-blindable signatures. In our protocol, vehicles first privately blind their own private certificates for each communication outside the mix-zone and then compute an anonymous shared key based on zero-knowledge proof of knowledge (PoK). The efficiency comes from the fact that once the signatures are verified, the ephemeral values in the PoK are also used to compute a shared key through an authenticated Diffie-Hellman key exchange protocol. Therefore, the protocol does not require any further external information to generate a shared key. Our protocol also does not require interfacing with the Roadside Units or Certificate Authorities, and hence can be securely run outside the mixed-zones. We demonstrate the security of our protocol in ideal/real simulation paradigms. Hence, our protocol achieves secure authentication, forward unlinkability, and accountability. Furthermore, the performance analysis shows that our protocol is more efficient in terms of computational and communications overheads compared to existing schemes.Kuwait Cultural Offic

Blockchain-enabled cybersecurity provision for scalable heterogeneous network: A comprehensive survey

Blockchain-enabled cybersecurity system to ensure and strengthen decentralized digital transaction is gradually gaining popularity in the digital era for various areas like finance, transportation, healthcare, education, and supply chain management. Blockchain interactions in the heterogeneous network have fascinated more attention due to the authentication of their digital application exchanges. However, the exponential development of storage space capabilities across the blockchain-based heterogeneous network has become an important issue in preventing blockchain distribution and the extension of blockchain nodes. There is the biggest challenge of data integrity and scalability, including significant computing complexity and inapplicable latency on regional network diversity, operating system diversity, bandwidth diversity, node diversity, etc., for decision-making of data transactions across blockchain-based heterogeneous networks. Data security and privacy have also become the main concerns across the heterogeneous network to build smart IoT ecosystems. To address these issues, today’s researchers have explored the potential solutions of the capability of heterogeneous network devices to perform data transactions where the system stimulates their integration reliably and securely with blockchain. The key goal of this paper is to conduct a state-of-the-art and comprehensive survey on cybersecurity enhancement using blockchain in the heterogeneous network. This paper proposes a full-fledged taxonomy to identify the main obstacles, research gaps, future research directions, effective solutions, and most relevant blockchain-enabled cybersecurity systems. In addition, Blockchain based heterogeneous network framework with cybersecurity is proposed in this paper to meet the goal of maintaining optimal performance data transactions among organizations. Overall, this paper provides an in-depth description based on the critical analysis to overcome the existing work gaps for future research where it presents a potential cybersecurity design with key requirements of blockchain across a heterogeneous network

Security and Privacy Preservation in Mobile Social Networks

Social networking extending the social circle of people has already become an important integral part of our daily lives. As reported by ComScore, social networking sites such as Facebook and Twitter have reached 82 percent of the world's online population, representing 1.2 billion users around the world. In the meantime, fueled by the dramatic advancements of smartphones and the ubiquitous connections of Bluetooth/WiFi/3G/LTE networks, social networking further becomes available for mobile users and keeps them posted on the up-to-date worldwide news and messages from their friends and families anytime anywhere. The convergence of social networking, advanced smartphones, and stable network infrastructures brings us a pervasive and omnipotent communication platform, named mobile social network (MSN), helping us stay connected better than ever. In the MSN, multiple communication techniques help users to launch a variety of applications in multiple communication domains including single-user domain, two-user domain, user-chain domain, and user-star domain. Within different communication domains, promising mobile applications are fostered. For example, nearby friend search application can be launched in the two-user or user-chain domains to help a user find other physically-close peers who have similar interests and preferences; local service providers disseminate advertising information to nearby users in the user-star domain; and health monitoring enables users to check the physiological signals in the single-user domain. Despite the tremendous benefits brought by the MSN, it still faces many technique challenges among of which security and privacy protections are the most important ones as smartphones are vulnerable to security attacks, users easily neglect their privacy preservation, and mutual trust relationships are difficult to be established in the MSN. In this thesis, we explore the unique characteristics and study typical research issues of the MSN. We conduct our research with a focus on security and privacy preservation while considering human factors. Specifically, we consider the profile matching application in the two-user domain, the cooperative data forwarding in the user-chain domain, the trustworthy service evaluation application in the user-star domain, and the healthcare monitoring application in the single-user domain. The main contributions are, i) considering the human comparison behavior and privacy requirements, we first propose a novel family of comparison-based privacy-preserving profile matching (PPM) protocols. The proposed protocols enable two users to obtain comparison results of attribute values in their profiles, while the attribute values are not disclosed. Taking user anonymity requirement as an evaluation metric, we analyze the anonymity protection of the proposed protocols. From the analysis, we found that the more comparison results are disclosed, the less anonymity protection is achieved by the protocol. Further, we explore the pseudonym strategy and an anonymity enhancing technique where users could be self-aware of the anonymity risk level and take appropriate actions when needed; ii) considering the inherent MSN nature --- opportunistic networking, we propose a cooperative privacy-preserving data forwarding (PDF) protocol to help users forward data to other users. We indicate that privacy and effective data forwarding are two conflicting goals: the cooperative data forwarding could be severely interrupted or even disabled when the privacy preservation of users is applied, because without sharing personal information users become unrecognizable to each other and the social interactions are no longer traceable. We explore the morality model of users from classic social theory, and use game-theoretic approach to obtain the optimal data forwarding strategy. Through simulation results, we show that the proposed cooperative data strategy can achieve both the privacy preservation and the forwarding efficiency; iii) to establish the trust relationship in a distributed MSN is a challenging task. We propose a trustworthy service evaluation (TSE) system, to help users exchange their service reviews toward local vendors. However, vendors and users could be the potential attackers aiming to disrupt the TSE system. We then consider the review attacks, i.e., vendors rejecting and modifying the authentic reviews of users, and the Sybil attacks, i.e., users abusing their pseudonyms to generate fake reviews. To prevent these attacks, we explore the token technique, the aggregate signature, and the secret sharing techniques. Simulation results show the security and the effectiveness of the TSE system can be guaranteed; iv) to improve the efficiency and reliability of communications in the single-user domain, we propose a prediction-based secure and reliable routing framework (PSR). It can be integrated with any specific routing protocol to improve the latter's reliability and prevent data injection attacks during data communication. We show that the regularity of body gesture can be learned and applied by body sensors such that the route with the highest predicted link quality can always be chose for data forwarding. The security analysis and simulation results show that the PSR significantly increases routing efficiency and reliability with or without the data injection attacks

Internet of Things Applications - From Research and Innovation to Market Deployment

The book aims to provide a broad overview of various topics of Internet of Things from the research, innovation and development priorities to enabling technologies, nanoelectronics, cyber physical systems, architecture, interoperability and industrial applications. It is intended to be a standalone book in a series that covers the Internet of Things activities of the IERC – Internet of Things European Research Cluster from technology to international cooperation and the global "state of play".The book builds on the ideas put forward by the European research Cluster on the Internet of Things Strategic Research Agenda and presents global views and state of the art results on the challenges facing the research, development and deployment of IoT at the global level. Internet of Things is creating a revolutionary new paradigm, with opportunities in every industry from Health Care, Pharmaceuticals, Food and Beverage, Agriculture, Computer, Electronics Telecommunications, Automotive, Aeronautics, Transportation Energy and Retail to apply the massive potential of the IoT to achieving real-world solutions. The beneficiaries will include as well semiconductor companies, device and product companies, infrastructure software companies, application software companies, consulting companies, telecommunication and cloud service providers. IoT will create new revenues annually for these stakeholders, and potentially create substantial market share shakeups due to increased technology competition. The IoT will fuel technology innovation by creating the means for machines to communicate many different types of information with one another while contributing in the increased value of information created by the number of interconnections among things and the transformation of the processed information into knowledge shared into the Internet of Everything. The success of IoT depends strongly on enabling technology development, market acceptance and standardization, which provides interoperability, compatibility, reliability, and effective operations on a global scale. The connected devices are part of ecosystems connecting people, processes, data, and things which are communicating in the cloud using the increased storage and computing power and pushing for standardization of communication and metadata. In this context security, privacy, safety, trust have to be address by the product manufacturers through the life cycle of their products from design to the support processes. The IoT developments address the whole IoT spectrum - from devices at the edge to cloud and datacentres on the backend and everything in between, through ecosystems are created by industry, research and application stakeholders that enable real-world use cases to accelerate the Internet of Things and establish open interoperability standards and common architectures for IoT solutions. Enabling technologies such as nanoelectronics, sensors/actuators, cyber-physical systems, intelligent device management, smart gateways, telematics, smart network infrastructure, cloud computing and software technologies will create new products, new services, new interfaces by creating smart environments and smart spaces with applications ranging from Smart Cities, smart transport, buildings, energy, grid, to smart health and life. Technical topics discussed in the book include: • Introduction• Internet of Things Strategic Research and Innovation Agenda• Internet of Things in the industrial context: Time for deployment.• Integration of heterogeneous smart objects, applications and services• Evolution from device to semantic and business interoperability• Software define and virtualization of network resources• Innovation through interoperability and standardisation when everything is connected anytime at anyplace• Dynamic context-aware scalable and trust-based IoT Security, Privacy framework• Federated Cloud service management and the Internet of Things• Internet of Things Application

Telecommunications Networks

This book guides readers through the basics of rapidly emerging networks to more advanced concepts and future expectations of Telecommunications Networks. It identifies and examines the most pressing research issues in Telecommunications and it contains chapters written by leading researchers, academics and industry professionals. Telecommunications Networks - Current Status and Future Trends covers surveys of recent publications that investigate key areas of interest such as: IMS, eTOM, 3G/4G, optimization problems, modeling, simulation, quality of service, etc. This book, that is suitable for both PhD and master students, is organized into six sections: New Generation Networks, Quality of Services, Sensor Networks, Telecommunications, Traffic Engineering and Routing

Privacy protection of user profiles in personalized information systems

In recent times we are witnessing the emergence of a wide variety of information systems that tailor the information-exchange functionality to meet the specific interests of their users. Most of these personalized information systems capitalize on, or lend themselves to, the construction of profiles, either directly declared by a user, or inferred from past activity. The ability of these systems to profile users is therefore what enables such intelligent functionality, but at the same time, it is the source of serious privacy concerns. Although there exists a broad range of privacy-enhancing technologies aimed to mitigate many of those concerns, the fact is that their use is far from being widespread. The main reason is that there is a certain ambiguity about these technologies and their effectiveness in terms of privacy protection. Besides, since these technologies normally come at the expense of system functionality and utility, it is challenging to assess whether the gain in privacy compensates for the costs in utility. Assessing the privacy provided by a privacy-enhancing technology is thus crucial to determine its overall benefit, to compare its effectiveness with other technologies, and ultimately to optimize it in terms of the privacy-utility trade-off posed. Considerable effort has consequently been devoted to investigating both privacy and utility metrics. However, most of these metrics are specific to concrete systems and adversary models, and hence are difficult to generalize or translate to other contexts. Moreover, in applications involving user profiles, there are a few proposals for the evaluation of privacy, and those existing are not appropriately justified or fail to justify the choice. The first part of this thesis approaches the fundamental problem of quantifying user privacy. Firstly, we present a theoretical framework for privacy-preserving systems, endowed with a unifying view of privacy in terms of the estimation error incurred by an attacker who aims to disclose the private information that the system is designed to conceal. Our theoretical analysis shows that numerous privacy metrics emerging from a broad spectrum of applications are bijectively related to this estimation error, which permits interpreting and comparing these metrics under a common perspective. Secondly, we tackle the issue of measuring privacy in the enthralling application of personalized information systems. Specifically, we propose two information-theoretic quantities as measures of the privacy of user profiles, and justify these metrics by building on Jaynes' rationale behind entropy-maximization methods and fundamental results from the method of types and hypothesis testing. Equipped with quantifiable measures of privacy and utility, the second part of this thesis investigates privacy-enhancing, data-perturbative mechanisms and architectures for two important classes of personalized information systems. In particular, we study the elimination of tags in semantic-Web applications, and the combination of the forgery and the suppression of ratings in personalized recommendation systems. We design such mechanisms to achieve the optimal privacy-utility trade-off, in the sense of maximizing privacy for a desired utility, or vice versa. We proceed in a systematic fashion by drawing upon the methodology of multiobjective optimization. Our theoretical analysis finds a closed-form solution to the problem of optimal tag suppression, and to the problem of optimal forgery and suppression of ratings. In addition, we provide an extensive theoretical characterization of the trade-off between the contrasting aspects of privacy and utility. Experimental results in real-world applications show the effectiveness of our mechanisms in terms of privacy protection, system functionality and data utility