9,850 research outputs found

    Privacy Preserving Cryptographic Protocols for Secure Heterogeneous Networks

    Get PDF
    DisertačnĂ­ prĂĄce se zabĂœvĂĄ kryptografickĂœmi protokoly poskytujĂ­cĂ­ ochranu soukromĂ­, kterĂ© jsou určeny pro zabezpečenĂ­ komunikačnĂ­ch a informačnĂ­ch systĂ©mĆŻ tvoƙícĂ­ch heterogennĂ­ sĂ­tě. PrĂĄce se zaměƙuje pƙedevĆĄĂ­m na moĆŸnosti vyuĆŸitĂ­ nekonvenčnĂ­ch kryptografickĂœch prostƙedkĆŻ, kterĂ© poskytujĂ­ rozơíƙenĂ© bezpečnostnĂ­ poĆŸadavky, jako je napƙíklad ochrana soukromĂ­ uĆŸivatelĆŻ komunikačnĂ­ho systĂ©mu. V prĂĄci je stanovena vĂœpočetnĂ­ nĂĄročnost kryptografickĂœch a matematickĂœch primitiv na rĆŻznĂœch zaƙízenĂ­ch, kterĂ© se podĂ­lĂ­ na zabezpečenĂ­ heterogennĂ­ sĂ­tě. HlavnĂ­ cĂ­le prĂĄce se zaměƙujĂ­ na nĂĄvrh pokročilĂœch kryptografickĂœch protokolĆŻ poskytujĂ­cĂ­ch ochranu soukromĂ­. V prĂĄci jsou navrĆŸeny celkově tƙi protokoly, kterĂ© vyuĆŸĂ­vajĂ­ skupinovĂœch podpisĆŻ zaloĆŸenĂœch na bilineĂĄrnĂ­m pĂĄrovĂĄnĂ­ pro zajiĆĄtěnĂ­ ochrany soukromĂ­ uĆŸivatelĆŻ. Tyto navrĆŸenĂ© protokoly zajiĆĄĆ„ujĂ­ ochranu soukromĂ­ a nepopiratelnost po celou dobu datovĂ© komunikace spolu s autentizacĂ­ a integritou pƙenĂĄĆĄenĂœch zprĂĄv. Pro navĂœĆĄenĂ­ vĂœkonnosti navrĆŸenĂœch protokolĆŻ je vyuĆŸito optimalizačnĂ­ch technik, napƙ. dĂĄvkovĂ©ho ověƙovĂĄnĂ­, tak aby protokoly byly praktickĂ© i pro heterogennĂ­ sĂ­tě.The dissertation thesis deals with privacy-preserving cryptographic protocols for secure communication and information systems forming heterogeneous networks. The thesis focuses on the possibilities of using non-conventional cryptographic primitives that provide enhanced security features, such as the protection of user privacy in communication systems. In the dissertation, the performance of cryptographic and mathematic primitives on various devices that participate in the security of heterogeneous networks is evaluated. The main objectives of the thesis focus on the design of advanced privacy-preserving cryptographic protocols. There are three designed protocols which use pairing-based group signatures to ensure user privacy. These proposals ensure the protection of user privacy together with the authentication, integrity and non-repudiation of transmitted messages during communication. The protocols employ the optimization techniques such as batch verification to increase their performance and become more practical in heterogeneous networks.

    Privacy-preserving scoring of tree ensembles : a novel framework for AI in healthcare

    Get PDF
    Machine Learning (ML) techniques now impact a wide variety of domains. Highly regulated industries such as healthcare and finance have stringent compliance and data governance policies around data sharing. Advances in secure multiparty computation (SMC) for privacy-preserving machine learning (PPML) can help transform these regulated industries by allowing ML computations over encrypted data with personally identifiable information (PII). Yet very little of SMC-based PPML has been put into practice so far. In this paper we present the very first framework for privacy-preserving classification of tree ensembles with application in healthcare. We first describe the underlying cryptographic protocols that enable a healthcare organization to send encrypted data securely to a ML scoring service and obtain encrypted class labels without the scoring service actually seeing that input in the clear. We then describe the deployment challenges we solved to integrate these protocols in a cloud based scalable risk-prediction platform with multiple ML models for healthcare AI. Included are system internals, and evaluations of our deployment for supporting physicians to drive better clinical outcomes in an accurate, scalable, and provably secure manner. To the best of our knowledge, this is the first such applied framework with SMC-based privacy-preserving machine learning for healthcare

    Privacy-Aware Processing of Biometric Templates by Means of Secure Two-Party Computation

    Get PDF
    The use of biometric data for person identification and access control is gaining more and more popularity. Handling biometric data, however, requires particular care, since biometric data is indissolubly tied to the identity of the owner hence raising important security and privacy issues. This chapter focuses on the latter, presenting an innovative approach that, by relying on tools borrowed from Secure Two Party Computation (STPC) theory, permits to process the biometric data in encrypted form, thus eliminating any risk that private biometric information is leaked during an identification process. The basic concepts behind STPC are reviewed together with the basic cryptographic primitives needed to achieve privacy-aware processing of biometric data in a STPC context. The two main approaches proposed so far, namely homomorphic encryption and garbled circuits, are discussed and the way such techniques can be used to develop a full biometric matching protocol described. Some general guidelines to be used in the design of a privacy-aware biometric system are given, so as to allow the reader to choose the most appropriate tools depending on the application at hand

    Protecting privacy of users in brain-computer interface applications

    Get PDF
    Machine learning (ML) is revolutionizing research and industry. Many ML applications rely on the use of large amounts of personal data for training and inference. Among the most intimate exploited data sources is electroencephalogram (EEG) data, a kind of data that is so rich with information that application developers can easily gain knowledge beyond the professed scope from unprotected EEG signals, including passwords, ATM PINs, and other intimate data. The challenge we address is how to engage in meaningful ML with EEG data while protecting the privacy of users. Hence, we propose cryptographic protocols based on secure multiparty computation (SMC) to perform linear regression over EEG signals from many users in a fully privacy-preserving(PP) fashion, i.e., such that each individual's EEG signals are not revealed to anyone else. To illustrate the potential of our secure framework, we show how it allows estimating the drowsiness of drivers from their EEG signals as would be possible in the unencrypted case, and at a very reasonable computational cost. Our solution is the first application of commodity-based SMC to EEG data, as well as the largest documented experiment of secret sharing-based SMC in general, namely, with 15 players involved in all the computations

    VirtualIdentity : privacy preserving user profiling

    Get PDF
    User profiling from user generated content (UGC) is a common practice that supports the business models of many social media companies. Existing systems require that the UGC is fully exposed to the module that constructs the user profiles. In this paper we show that it is possible to build user profiles without ever accessing the user's original data, and without exposing the trained machine learning models for user profiling - which are the intellectual property of the company - to the users of the social media site. We present VirtualIdentity, an application that uses secure multi-party cryptographic protocols to detect the age, gender and personality traits of users by classifying their user-generated text and personal pictures with trained support vector machine models in a privacy preserving manner

    Privacy in the Genomic Era

    Get PDF
    Genome sequencing technology has advanced at a rapid pace and it is now possible to generate highly-detailed genotypes inexpensively. The collection and analysis of such data has the potential to support various applications, including personalized medical services. While the benefits of the genomics revolution are trumpeted by the biomedical community, the increased availability of such data has major implications for personal privacy; notably because the genome has certain essential features, which include (but are not limited to) (i) an association with traits and certain diseases, (ii) identification capability (e.g., forensics), and (iii) revelation of family relationships. Moreover, direct-to-consumer DNA testing increases the likelihood that genome data will be made available in less regulated environments, such as the Internet and for-profit companies. The problem of genome data privacy thus resides at the crossroads of computer science, medicine, and public policy. While the computer scientists have addressed data privacy for various data types, there has been less attention dedicated to genomic data. Thus, the goal of this paper is to provide a systematization of knowledge for the computer science community. In doing so, we address some of the (sometimes erroneous) beliefs of this field and we report on a survey we conducted about genome data privacy with biomedical specialists. Then, after characterizing the genome privacy problem, we review the state-of-the-art regarding privacy attacks on genomic data and strategies for mitigating such attacks, as well as contextualizing these attacks from the perspective of medicine and public policy. This paper concludes with an enumeration of the challenges for genome data privacy and presents a framework to systematize the analysis of threats and the design of countermeasures as the field moves forward
    • 

    corecore