Search Me If You Can: Privacy-preserving Location Query Service

Location-Based Service (LBS) becomes increasingly popular with the dramatic growth of smartphones and social network services (SNS), and its context-rich functionalities attract considerable users. Many LBS providers use users' location information to offer them convenience and useful functions. However, the LBS could greatly breach personal privacy because location itself contains much information. Hence, preserving location privacy while achieving utility from it is still an challenging question now. This paper tackles this non-trivial challenge by designing a suite of novel fine-grained Privacy-preserving Location Query Protocol (PLQP). Our protocol allows different levels of location query on encrypted location information for different users, and it is efficient enough to be applied in mobile platforms.Comment: 9 pages, 1 figure, 2 tables, IEEE INFOCOM 201

A Middleware for the Internet of Things

The Internet of Things (IoT) connects everyday objects including a vast array of sensors, actuators, and smart devices, referred to as things to the Internet, in an intelligent and pervasive fashion. This connectivity gives rise to the possibility of using the tracking capabilities of things to impinge on the location privacy of users. Most of the existing management and location privacy protection solutions do not consider the low-cost and low-power requirements of things, or, they do not account for the heterogeneity, scalability, or autonomy of communications supported in the IoT. Moreover, these traditional solutions do not consider the case where a user wishes to control the granularity of the disclosed information based on the context of their use (e.g. based on the time or the current location of the user). To fill this gap, a middleware, referred to as the Internet of Things Management Platform (IoT-MP) is proposed in this paper.Comment: 20 pages, International Journal of Computer Networks & Communications (IJCNC) Vol.8, No.2, March 201

A Cloud-based Mobile Privacy Protection System with Efficient Cache Mechanism

People increasingly rely on their mobile devices and use them to store a lot of data. Some of the data are personal and private, whose leakage leads to users\u27 privacy harm. Meanwhile, mobile apps and services over-collect users\u27 data due to the coarse-grained access control approach utilized by the mobile operating system. We propose a cloud-based approach to provide fine-grained access control toward data requests. We add privacy level, as a new metadata, to data and manage the storage using different policies correspondingly. However, the proposed approach leads to performance decreases because of the extra communication cost. We also introduce a novel cache mechanism to eliminate the extra cost by storing non-private and popular data on the mobile device. As part of our cache mechanism, we design a user-preference-based ordering method along with the principle of locality to determine how popular some data are. We also design a configurable refresh policy to improve the overall performance. Finally, we evaluate our approach using a real phone in a simulated environment. The results show that our approach can keep the response time of all data requests within a reasonable range and the cache mechanism can further improve the performance

A Survey of Access Control Models in Wireless Sensor Networks

Copyright 2014 by the authors; licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution license (http://creativecommons.org/licenses/by/3.0/)Wireless sensor networks (WSNs) have attracted considerable interest in the research community, because of their wide range of applications. However, due to the distributed nature of WSNs and their deployment in remote areas, these networks are vulnerable to numerous security threats that can adversely affect their proper functioning. Resource constraints in sensor nodes mean that security mechanisms with a large overhead of computation and communication are impractical to use in WSNs; security in sensor networks is, therefore, a challenge. Access control is a critical security service that offers the appropriate access privileges to legitimate users and prevents illegitimate users from unauthorized access. However, access control has not received much attention in the context of WSNs. This paper provides an overview of security threats and attacks, outlines the security requirements and presents a state-of-the-art survey on access control models, including a comparison and evaluation based on their characteristics in WSNs. Potential challenging issues for access control schemes in WSNs are also discussed.Peer reviewe

Systematic Review on Security and Privacy Requirements in Edge Computing: State of the Art and Future Research Opportunities

Edge computing is a promising paradigm that enhances the capabilities of cloud computing. In order to continue patronizing the computing services, it is essential to conserve a good atmosphere free from all kinds of security and privacy breaches. The security and privacy issues associated with the edge computing environment have narrowed the overall acceptance of the technology as a reliable paradigm. Many researchers have reviewed security and privacy issues in edge computing, but not all have fully investigated the security and privacy requirements. Security and privacy requirements are the objectives that indicate the capabilities as well as functions a system performs in eliminating certain security and privacy vulnerabilities. The paper aims to substantially review the security and privacy requirements of the edge computing and the various technological methods employed by the techniques used in curbing the threats, with the aim of helping future researchers in identifying research opportunities. This paper investigate the current studies and highlights the following: (1) the classification of security and privacy requirements in edge computing, (2) the state of the art techniques deployed in curbing the security and privacy threats, (3) the trends of technological methods employed by the techniques, (4) the metrics used for evaluating the performance of the techniques, (5) the taxonomy of attacks affecting the edge network, and the corresponding technological trend employed in mitigating the attacks, and, (6) research opportunities for future researchers in the area of edge computing security and privacy