Framework to Avoid Similarity Attack in Big Streaming Dat

The existing methods for privacy preservation are available in variety of fields like social media, stock market, sentiment analysis, electronic health applications. The electronic health dynamic stream data is available in large quantity. Such large volume stream data is processed using delay free anonymization framework. Scalable privacy preserving techniques are required to satisfy the needs of processing large dynamic stream data. In this paper privacy preserving technique which can avoid similarity attack in big streaming data is proposed in distributed environment. It can process the data in parallel to reduce the anonymization delay.  In this paper the replacement technique is used for avoiding similarity attack. Late validation technique is used to reduce information loss. The application of this method is in medical diagnosis, e-health applications, health data processing at third party

Blockchain-based privacy-preserving healthcare architecture

Since the introduction of Internet of Things (IoT), e-health has become one of the main research topics.Due to the sensitivity of patient data,preserving the privacy of patientsappears to be challenging. In healthcare applications, patient data are usually stored in the cloud, which makes it difficult for the users to have enough control over their data. However, due to the General Data Protection Regulation (GDPR), it is the data subject’s right to know where and how hisdata has been stored, who can access hisdata and to what extent. In this paper, we propose a blockchain-based architecture for e-health applications whichprovides an efficient privacy-preserving access control mechanism. We take advantage of Blockchain(BC)special features, i.e., immutability and anonymity of users,whilemodifyingthe classic blockchain structure in order to overcome its challenges in IoT applications(i.e., low throughput, high overhead and latency). To this end, we cluster the miners of BC, store and process data at the nearest clusterto the patient. While our proposal is a work in progress, we provide a security analysis of our proposed architecture

Using Blockchain to Achieve Decentralized Privacy In IoT Healthcare

With the advent of the Internet of Things (IoT), e-health has become one of the main topics of research. Due to the sensitivity of patient information, patient privacy seems challenging. Nowadays, patient data is usually stored in the cloud in healthcare programs, making it difficult for users to have enough control over their data. The recent increment in announced cases of security and surveillance breaches compromising patients' privacy call into question the conventional model, in which third-parties gather and control immense amounts of patients' Healthcare data. In this work, we try to resolve the issues mentioned above by using blockchain technology. We propose a blockchain-based protocol suitable for e-health applications that does not require trust in a third party and provides an efficient privacy-preserving access control mechanism. Transactions in our proposed system, unlike Bitcoin, are not entirely financial, and we do not use conventional methods for consensus operations in blockchain like Proof of Work (PoW). It is not suitable for IoT applications because IoT devices have resources-constraints. Usage of appropriate consensus method helps us to increase network security and efficiency, as well as reducing network cost, i.e., bandwidth and processor usage. Finally, we provide security and privacy analysis of our proposed protocol.Comment: 6 page

Physical Layer Anonymous Precoding Design: From the Perspective of Anonymity Entropy

In the era of e-Health, privacy protection has become imperative in applications that carry personal and sensitive data. Departing from the data-perturbation based privacy-preserving techniques that reduce the fidelity of the disclosed data, in this paper we investigate anonymous communications, which mask the identity of the data sender while providing high data reliability. Focusing on the physical (PHY) layer, we first explore the break of privacy through a statistical attribute based sender detection (SD) from the receiver. Compared to the existing literature, this enables a much enhanced SD performance, especially when the users are equipped with different numbers of antennas. To counteract the advanced SD approach above, we formulate explicit anonymity constraints for the design of the anonymous precoder, which mask the sender’s PHY attributes that can be exploited by SD, while at the same time preserving the reliability of the data. Then, anonymity entropy-oriented precoders are proposed for different antenna configurations at the users, which adaptively construct a maximum number of aliases while obeying users’ signal-to-noise-ratio requirements for data accuracy. Simulation results demonstrate that the proposed anonymous precoders provide the highest level of anonymity entropy over the benchmarks, while achieving reasonable symbol error rate for the communication signal

PrivySharing: A Blockchain-based framework for integrity and privacy-preserving data sharing in Smart Cities

Copyright © 2019 by SCITEPRESS – Science and Technology Publications, Lda. All rights reserved The ubiquitous use of Internet of Things (IoT) ranges from industrial control systems to e-Health, e-commerce, smart cities, supply chain management, smart cars, cyber-physical systems and a lot more. However, the data collected and processed by IoT systems especially the ones with centralized control are vulnerable to availability, integrity, and privacy threats. Hence, we present “PrivySharing,” a blockchain-based innovative framework for integrity and privacy-preserving IoT data sharing in a smart city environment. The proposed scheme is distinct from existing technologies on many aspects. The data privacy is preserved by dividing the blockchain network into various channels, where every channel processes a specific type of data such as health, smart car, smart energy or financial data. Moreover, access to user data within a channel is controlled by embedding access control rules in the smart contracts. In addition, users' data within a channel is further isolated and secured by using private data collection. Likewise, the REST API that enables clients to interact with the blockchain network has dual security in the form of an API Key and OAuth 2.0. The proposed solution also conforms to some of the significant requirements outlined in the European Union General Data Protection Regulation. Lastly, we present a system of reward in the form of a digital token “PrivyCoin” for the users for sharing their data with the stakeholders/third parties

Privacy protection for e-health systems by means of dynamic authentication and three-factor key agreement

During the past decade, the electronic healthcare (e-health) system has been evolved into a more patient-oriented service with smaller and smarter wireless devices. However, these convenient smart devices have limited computing capacity and memory size, which makes it harder to protect the user’s massive private data in the e-health system. Although some works have established a secure session key between the user and the medical server, the weaknesses still exist in preserving the anonymity with low energy consumption. Moreover, the misuse of biometric information in key agreement process may lead to privacy disclosure, which is irreparable. In this study, we design a dynamic privacy protection mechanism offering the biometric authentication at the server side whereas the exact value of the biometric template remains unknown to the server. And the user anonymity can be fully preserved during the authentication and key negotiation process because the messages transmitted with the proposed scheme are untraceable. Furthermore, the proposed scheme is proved to be semantic secure under the Real-or-Random Model. The performance analysis shows that the proposed scheme suits the e-health environment at the aspect of security and resource occupation

A Secure Cloud-based Platform to Host Healthcare Applications

Digital technologies, such as Big Data analytics, artificial intelligence, cloud and high-performance computing are presenting new opportunities to transform healthcare systems, increase connectivity of hospitals and other providers, and therefore potentially and significantly improve patient care. However, such networked computing infrastructures also raise significant cybersecurity risks, especially in the healthcare domain, where protecting sensitive personal information is of paramount importance. Project ASCLEPIOS aims at strengthening the trust of users in cloud-based healthcare services by utilizing trusted execution environment and several modern cryptographic approaches such as attribute based encryption, searchable encryption, functional encryption to build a cloud-based e-health framework that protects users’ privacy, prevents both internal and external attacks, verifies the integrity of medical devices before application, and runs privacy-preserving data analytics on encrypted data. The project investigates modern encryption techniques and their combination in order to provide increased security of e-health applications that are then presented towards end-users utilizing a cloud-based platform. Although some topics such as security and privacy are already investigated through block-chain related technologies, it has been decided that the selected approaches would be more suitable for these particular challenges. In order to prototype its security services, ASCLEPIOS develops and deploys three large-scale healthcare demonstrators, provided by three leading hospitals from Europe. These demonstrators are rooted in the practice-based problems and applications provided by the project’s healthcare partners. The Amsterdam University Centers, University of Amsterdam, plans to improve stroke hyper-acute care through secure information sharing on a cloud computing platform to improve patient management. Additionally, they are also building prediction models to enable earlier discharge of patients from hospitals with lower risk factors. Charité Berlin plans to improve inpatient and outpatient sleep medication by remotely controlling the quality of the collected data and transferring it on-line for further analysis. Finally, the Norwegian Centre for e-health Research, University Hospital of North Norway is developing a system for privacy-preserving monitoring and benchmarking of antibiotics prescription of general practitioners. The common characteristics of these three scenarios are the increased demand for high levels of security in data transfer, storage and privacy preserving analytics on cloud infrastructures. In order deploy, operate and further develop these applications to increase their security with the ASCLEPIOS framework, a cloud computing testbed is being setup. The testbed uses state-of-the-art technologies for cloud application deployment and run-time orchestration in order to ensure the optimized deployment and execution of the demonstrator applications. As the data sources do not require the local execution (albeit in one case data may remain on the data source) of processing, there is no need for fog or edge computing, but the testbed is based on private OpenStack cloud computing infrastructures and utilizes the MiCADO framework which is compatible with different containers such as Docker and Kubernetes. The project started only recently, and currently it is in the early stages of systems design and specification. This presentation will provide a short introduction to the ASCLEPIOS project and its demonstrators and will present early results of the currently ongoing requirements specification and platform design processes

Informed e-Consent Framework for Privacy Preservation in South African Health Information Systems

The South African Constitution advocates the protection of personal information. Everyone has the right to privacy. This includes the protection of special information that relates to an individual’s biometrics, health, religion, or sex life, to name a few. This special information may be processed if it is necessary in law; if it is being processed for historical purposes; or if it has already been disseminated in public by the data subject If the aforementioned conditions are not met, the processing of special information is prohibited, unless the data subject has provided consent. Given that health information is regarded as special information, consent must be obtained from the data subject before it is processed. If the special information is accessed by unauthorised parties it may influence decisions about the data subject’s employment, access to credit, and education, and may even cause reputational or personal harm. This research proposes an e-consent management approach which preserves the privacy of health information. The utilisation of privacy laws and guidelines such as, but not limited to, the Protection of Personal Information Act and the General Data Protection Regulation are used to develop a privacy preserving e-consent model, architectural design and prototype.Dissertation (MSc (Computer Science))--University of Pretoria, 2020.Council for Scientific and Industrial Research (CSIR)Computer ScienceMSc (Computer Science)Unrestricte

Preserving Differential Privacy in Convolutional Deep Belief Networks

The remarkable development of deep learning in medicine and healthcare domain presents obvious privacy issues, when deep neural networks are built on users' personal and highly sensitive data, e.g., clinical records, user profiles, biomedical images, etc. However, only a few scientific studies on preserving privacy in deep learning have been conducted. In this paper, we focus on developing a private convolutional deep belief network (pCDBN), which essentially is a convolutional deep belief network (CDBN) under differential privacy. Our main idea of enforcing epsilon-differential privacy is to leverage the functional mechanism to perturb the energy-based objective functions of traditional CDBNs, rather than their results. One key contribution of this work is that we propose the use of Chebyshev expansion to derive the approximate polynomial representation of objective functions. Our theoretical analysis shows that we can further derive the sensitivity and error bounds of the approximate polynomial representation. As a result, preserving differential privacy in CDBNs is feasible. We applied our model in a health social network, i.e., YesiWell data, and in a handwriting digit dataset, i.e., MNIST data, for human behavior prediction, human behavior classification, and handwriting digit recognition tasks. Theoretical analysis and rigorous experimental evaluations show that the pCDBN is highly effective. It significantly outperforms existing solutions