Smart Wallet

A physical wallet can contain many important items such as funding instruments and/or identification cards. Examples of physical funding instruments can include cash, checks, credit cards, debit cards, coupons, gift certificates, gift cards, and the like. Examples of identification cards can include driver’s licenses, social security cards, passports, and the like. However, if such physical funding instruments and/or identification cards are lost or stolen or if the physical wallet is lost or stolen, it is difficult to find them and it is time-consuming to get a substitute. Thus, techniques for preventing loss of a physical wallet and/or items stored therein are needed

Smart Playing Cards

Technology can be used to enhance the experience of existing games including card games. One way this can be accomplished is through the use of near field communications to detect the state of playing cards and use the detected state of the cards to perform experience enhancing actions associated with their respective state. For example, the gameplay experience while playing cards can be enhanced in a variety of ways including keeping score of a game (e.g., a player’s cribbage score), providing special effects (e.g., visual effects or sound effects associated with a card game), and preventing cheating

Cooperative Privacy-Preserving Data Collection Protocol Based on Delocalized-Record Chains

This paper aims to advance the field of data anonymization within the context of Internet of Things (IoT), an environment where data collected may contain sensitive information about users. Specifically, we propose a privacy-preserving data publishing alternative that extends the privacy requirement to the data collection phase. Because our proposal offers privacy-preserving conditions in both the data collecting and publishing, it is suitable for scenarios where a central node collects personal data supplied by a set of devices, typically associated with individuals, without these having to assume trust in the collector. In particular, to limit the risk of individuals' re-identification, the probabilistic k-anonymity property is satisfied during the data collection process and the k-anonymity property is satisfied by the data set derived from the anonymization process. To carry out the anonymous sending of personal data during the collection process, we introduce the delocalized-record chain, a new mechanism of anonymous communication aimed at multi-user environments to collaboratively protect information, which by not requiring third-party intermediaries makes it especially suitable for private IoT networks (besides public IoT networks)

A survey of machine and deep learning methods for privacy protection in the Internet of things

Recent advances in hardware and information technology have accelerated the proliferation of smart and interconnected devices facilitating the rapid development of the Internet of Things (IoT). IoT applications and services are widely adopted in environments such as smart cities, smart industry, autonomous vehicles, and eHealth. As such, IoT devices are ubiquitously connected, transferring sensitive and personal data without requiring human interaction. Consequently, it is crucial to preserve data privacy. This paper presents a comprehensive survey of recent Machine Learning (ML)- and Deep Learning (DL)-based solutions for privacy in IoT. First, we present an in depth analysis of current privacy threats and attacks. Then, for each ML architecture proposed, we present the implementations, details, and the published results. Finally, we identify the most effective solutions for the different threats and attacks.This work is partially supported by the Generalitat de Catalunya under grant 2017 SGR 962 and the HORIZON-GPHOENIX (101070586) and HORIZON-EUVITAMIN-V (101093062) projects.Peer ReviewedPostprint (published version

Freedom to Hack

Swaths of personal and nonpersonal information collected online about internet users are increasingly being used in sophisticated ways to manipulate them based on that information. This represents a new trend in the exploitation of data, where instead of pursuing direct financial gain based on the face value of the data, actors are seeking to engage in data analytics using advanced artificial intelligence technologies that would allow them to more easily access individuals’ cognition and future behavior. Although in recent years the concept of online manipulation has received some academic and policy attention, the desirable relationship between the data-breach law and online manipulation is not yet well-appreciated. In other words, regulators and courts are yet to realize the power of existing legal mechanisms pertaining to data breaches in mitigating the harm of online manipulation. This Article provides an account of this relationship, by looking at online manipulation achieved through psychographic profiling. It submits that the volume, efficacy, and sophistication of present online manipulation techniques pose a considerable and immediate danger to autonomy, privacy, and democracy. Internet actors, political entities, and foreign adversaries fastidiously study the personality traits and vulnerabilities of potential voters and, increasingly, target each such voter with an individually tailored stream of information or misinformation with the intent of exploiting the weaknesses of these individuals. While new norms and regulations will have to be enacted at a certain point to address the problem of manipulation, data-breach law could provide a much-needed backdrop for the challenges presented by online manipulation, while alleviating the sense of lawlessness engulfing current misuses of personal and nonpersonal data. At the heart of this Article is the inquiry of data-breach law’s ability to recognize the full breadth of potential misuse of breached personal information, which today includes manipulation for political purposes. At present, data-breach jurisprudence does very little to recognize its evolving role in regulating misuses of personal information by unauthorized parties. It is a jurisprudence that is partially based on a narrow approach that seeks to remedy materialized harm in the context of identity theft or fraud. This approach contravenes the purpose of data-breach law – to protect individuals from the externalities of certain cyber risks by bridging informational asymmetries between corporations and consumers. This Article develops the theoretical connection between data-breach law and online manipulation, providing for a meaningful regulatory solution that is not currently used to its full extent