1,234 research outputs found
Security and Privacy Issues of Big Data
This chapter revises the most important aspects in how computing
infrastructures should be configured and intelligently managed to fulfill the
most notably security aspects required by Big Data applications. One of them is
privacy. It is a pertinent aspect to be addressed because users share more and
more personal data and content through their devices and computers to social
networks and public clouds. So, a secure framework to social networks is a very
hot topic research. This last topic is addressed in one of the two sections of
the current chapter with case studies. In addition, the traditional mechanisms
to support security such as firewalls and demilitarized zones are not suitable
to be applied in computing systems to support Big Data. SDN is an emergent
management solution that could become a convenient mechanism to implement
security in Big Data systems, as we show through a second case study at the end
of the chapter. This also discusses current relevant work and identifies open
issues.Comment: In book Handbook of Research on Trends and Future Directions in Big
Data and Web Intelligence, IGI Global, 201
End-to-End Privacy for Open Big Data Markets
The idea of an open data market envisions the creation of a data trading
model to facilitate exchange of data between different parties in the Internet
of Things (IoT) domain. The data collected by IoT products and solutions are
expected to be traded in these markets. Data owners will collect data using IoT
products and solutions. Data consumers who are interested will negotiate with
the data owners to get access to such data. Data captured by IoT products will
allow data consumers to further understand the preferences and behaviours of
data owners and to generate additional business value using different
techniques ranging from waste reduction to personalized service offerings. In
open data markets, data consumers will be able to give back part of the
additional value generated to the data owners. However, privacy becomes a
significant issue when data that can be used to derive extremely personal
information is being traded. This paper discusses why privacy matters in the
IoT domain in general and especially in open data markets and surveys existing
privacy-preserving strategies and design techniques that can be used to
facilitate end to end privacy for open data markets. We also highlight some of
the major research challenges that need to be address in order to make the
vision of open data markets a reality through ensuring the privacy of
stakeholders.Comment: Accepted to be published in IEEE Cloud Computing Magazine: Special
Issue Cloud Computing and the La
Secure Federated Learning with a Homomorphic Encryption Model
Federated learning (FL) offers collaborative machine learning across decentralized devices while safeguarding data privacy. However, data security and privacy remain key concerns. This paper introduces "Secure Federated Learning with a Homomorphic Encryption Model," addressing these challenges by integrating homomorphic encryption into FL. The model starts by initializing a global machine learning model and generating a homomorphic encryption key pair, with the public key shared among FL participants. Using this public key, participants then collect, preprocess, and encrypt their local data. During FL Training Rounds, participants decrypt the global model, compute local updates on encrypted data, encrypt these updates, and securely send them to the aggregator. The aggregator homomorphic ally combines updates without revealing participant data, forwarding the encrypted aggregated update to the global model owner. The Global Model Update ensures the owner decrypts the aggregated update using the private key, updates the global model, encrypts it with the public key, and shares the encrypted global model with FL participants. With optional model evaluation, training can iterate for several rounds or until convergence. This model offers a robust solution to Florida data privacy and security issues, with versatile applications across domains. This paper presents core model components, advantages, and potential domain-specific implementations while making significant strides in addressing FL's data privacy concerns
HealthBlock: A Blockchain-IoT Fusion for Secure Healthcare Data Exchange
Managing healthcare data while ensuring its security and privacy is critical to providing quality care to patients. However, traditional approaches to healthcare data sharing have limitations, including the risk of data breaches and the lack of privacy-preserving mechanisms. This research paper proposes a novel hybrid blockchain-IoT approach for privacy-preserving healthcare data sharing that addresses these challenges. Our system incorporates a private blockchain for protected and tamper-proof data sharing, with privacy-preserving techniques such as differential privacy and homomorphic encryption to protect patient data. IoT devices are utilized to collect and transmit real-time data, equipped with privacy-preserving mechanisms such as data anonymization and secure transmission protocols. Our approach achieved an accuracy rate of 98% for access control and a 99.6% success rate for data privacy protection. Furthermore, our proposed system demonstrated improved data storage and retrieval performance, with a data storage overhead reduction of up to 86% and a data retrieval time reduction of up to 81%. These results indicate the potential of our approach to enhance the security, privacy, and efficiency of healthcare data management, contributing to improved patient care outcomes
A HYBRIDIZED ENCRYPTION SCHEME BASED ON ELLIPTIC CURVE CRYPTOGRAPHY FOR SECURING DATA IN SMART HEALTHCARE
Recent developments in smart healthcare have brought us a great deal of convenience. Connecting common objects to the Internet is made possible by the Internet of Things (IoT). These connected gadgets have sensors and actuators for data collection and transfer. However, if users' private health information is compromised or exposed, it will seriously harm their privacy and may endanger their lives. In order to encrypt data and establish perfectly alright access control for such sensitive information, attribute-based encryption (ABE) has typically been used. Traditional ABE, however, has a high processing overhead. As a result, an effective security system algorithm based on ABE and Fully Homomorphic Encryption (FHE) is developed to protect health-related data. ABE is a workable option for one-to-many communication and perfectly alright access management of encrypting data in a cloud environment. Without needing to decode the encrypted data, cloud servers can use the FHE algorithm to take valid actions on it. Because of its potential to provide excellent security with a tiny key size, elliptic curve cryptography (ECC) algorithm is also used. As a result, when compared to related existing methods in the literature, the suggested hybridized algorithm (ABE-FHE-ECC) has reduced computation and storage overheads. A comprehensive safety evidence clearly shows that the suggested method is protected by the Decisional Bilinear Diffie-Hellman postulate. The experimental results demonstrate that this system is more effective for devices with limited resources than the conventional ABE when the system’s performance is assessed by utilizing standard model
Privacy-Preserving Data in IoT-based Cloud Systems: A Comprehensive Survey with AI Integration
As the integration of Internet of Things devices with cloud computing
proliferates, the paramount importance of privacy preservation comes to the
forefront. This survey paper meticulously explores the landscape of privacy
issues in the dynamic intersection of IoT and cloud systems. The comprehensive
literature review synthesizes existing research, illuminating key challenges
and discerning emerging trends in privacy preserving techniques. The
categorization of diverse approaches unveils a nuanced understanding of
encryption techniques, anonymization strategies, access control mechanisms, and
the burgeoning integration of artificial intelligence. Notable trends include
the infusion of machine learning for dynamic anonymization, homomorphic
encryption for secure computation, and AI-driven access control systems. The
culmination of this survey contributes a holistic view, laying the groundwork
for understanding the multifaceted strategies employed in securing sensitive
data within IoT-based cloud environments. The insights garnered from this
survey provide a valuable resource for researchers, practitioners, and
policymakers navigating the complex terrain of privacy preservation in the
evolving landscape of IoT and cloud computingComment: 33 page
Securing IoT with Trusted Authority Validation in Homomorphic Encryption Technique with ABE
Existing security system includes levels of encryption. IoT access is very important aspect. Failure of IoT security can cause more risks of physical and logical damage. IoT contain both functionalities including physical or computational process. In proposed approach, levels of encryption are enhanced by increasing levels of security. User can access IoT through central trusted authority only. Instead of actual data like user credentials or I/O functionality of Internet of things, encrypted data is delivered. Trusted authorities are been involved in secured IoT access structure by considering their credentials. Trusted authority is selected randomly, based on randomized selection algorithm. Based on secured logic, decryption key will be delivered to the IoT through separate channel by trusted authority. Session management has been added by considering initial and waiting time after which all encryption or decryption data will be expired. Homomorphism is applied in encryption process where proposed logic is applied on considered data after which again RSA algorithm is applied. Overall, proposed logical approach, homomorphism, session management, secured access structure and trusted authority involvement improves the security level in IoT access process
Two sides of data protection: Examining the complex and political nature to the personal data transfers between the European Union and the United States
This thesis investigates the complexity and the political aspects of the data protection. This thesis is viewed from the perspective of international transfers of personal data between the European Union and the United States. These two parties were chosen because of the special role each one has - the US in the cloud storages and the EU in the privacy regulation sphere. The thesis follows legal dogmatic methodology based on legal and doctrinal research materials with a focus on the importance of well- functioning data protection legislation by placing an interest towards technology-based approach rather than political. The thesis contains in-depth analysis on the history of EU’s data protection legislation and to events that have influenced it trying to answer the question what is wrong and why. Furthermore, the thesis attempts to resolve underlying problems with the current data protection legislation and analyse whether technological innovations could be used to our benefit. The thesis reaches the result that the possibility of having political sway in the data protection legislation has an impact and does not resolve the underlying problem of trust. Furthermore, technological innovations such as Fully Homomorphic Encryption could be used to resolve, at least partially, the problems faced in data protection. I reached the conclusion that if the EU chooses not to go with technology based problem-solving methods, adequacy decisions should be approved by the European Data Protection instead of the European Commission
- …