644 research outputs found
Location Privacy in Spatial Crowdsourcing
Spatial crowdsourcing (SC) is a new platform that engages individuals in
collecting and analyzing environmental, social and other spatiotemporal
information. With SC, requesters outsource their spatiotemporal tasks to a set
of workers, who will perform the tasks by physically traveling to the tasks'
locations. This chapter identifies privacy threats toward both workers and
requesters during the two main phases of spatial crowdsourcing, tasking and
reporting. Tasking is the process of identifying which tasks should be assigned
to which workers. This process is handled by a spatial crowdsourcing server
(SC-server). The latter phase is reporting, in which workers travel to the
tasks' locations, complete the tasks and upload their reports to the SC-server.
The challenge is to enable effective and efficient tasking as well as reporting
in SC without disclosing the actual locations of workers (at least until they
agree to perform a task) and the tasks themselves (at least to workers who are
not assigned to those tasks). This chapter aims to provide an overview of the
state-of-the-art in protecting users' location privacy in spatial
crowdsourcing. We provide a comparative study of a diverse set of solutions in
terms of task publishing modes (push vs. pull), problem focuses (tasking and
reporting), threats (server, requester and worker), and underlying technical
approaches (from pseudonymity, cloaking, and perturbation to exchange-based and
encryption-based techniques). The strengths and drawbacks of the techniques are
highlighted, leading to a discussion of open problems and future work
Semi-autonomous, context-aware, agent using behaviour modelling and reputation systems to authorize data operation in the Internet of Things
In this paper we address the issue of gathering the "informed consent" of an
end user in the Internet of Things. We start by evaluating the legal importance
and some of the problems linked with this notion of informed consent in the
specific context of the Internet of Things. From this assessment we propose an
approach based on a semi-autonomous, rule based agent that centralize all
authorization decisions on the personal data of a user and that is able to take
decision on his behalf. We complete this initial agent by integrating
context-awareness, behavior modeling and community based reputation system in
the algorithm of the agent. The resulting system is a "smart" application, the
"privacy butler" that can handle data operations on behalf of the end-user
while keeping the user in control. We finally discuss some of the potential
problems and improvements of the system.Comment: This work is currently supported by the BUTLER Project co-financed
under the 7th framework program of the European Commission. published in
Internet of Things (WF-IoT), 2014 IEEE World Forum, 6-8 March 2014, Seoul,
P411-416, DOI: 10.1109/WF-IoT.2014.6803201, INSPEC: 1425565
Segurança e privacidade em terminologia de rede
Security and Privacy are now at the forefront of modern concerns, and drive
a significant part of the debate on digital society. One particular aspect that
holds significant bearing in these two topics is the naming of resources in the
network, because it directly impacts how networks work, but also affects how
security mechanisms are implemented and what are the privacy implications
of metadata disclosure. This issue is further exacerbated by interoperability
mechanisms that imply this information is increasingly available regardless of
the intended scope.
This work focuses on the implications of naming with regards to security and
privacy in namespaces used in network protocols. In particular on the imple-
mentation of solutions that provide additional security through naming policies
or increase privacy. To achieve this, different techniques are used to either
embed security information in existing namespaces or to minimise privacy ex-
posure. The former allows bootstraping secure transport protocols on top of
insecure discovery protocols, while the later introduces privacy policies as part
of name assignment and resolution.
The main vehicle for implementation of these solutions are general purpose
protocols and services, however there is a strong parallel with ongoing re-
search topics that leverage name resolution systems for interoperability such
as the Internet of Things (IoT) and Information Centric Networks (ICN), where
these approaches are also applicable.Segurança e Privacidade são dois topicos que marcam a agenda na discus-
sĂŁo sobre a sociedade digital. Um aspecto particularmente subtil nesta dis-
cussĂŁo Ă© a forma como atribuĂmos nomes a recursos na rede, uma escolha
com consequĂȘncias prĂĄticas no funcionamento dos diferentes protocols de
rede, na forma como se implementam diferentes mecanismos de segurança
e na privacidade das vĂĄrias partes envolvidas. Este problema torna-se ainda
mais significativo quando se considera que, para promover a interoperabili-
dade entre diferentes redes, mecanismos autónomos tornam esta informação
acessĂvel em contextos que vĂŁo para lĂĄ do que era pretendido.
Esta tese foca-se nas consequĂȘncias de diferentes polĂticas de atribuição de
nomes no contexto de diferentes protocols de rede, para efeitos de segurança
e privacidade. Com base no estudo deste problema, são propostas soluçÔes
que, atravĂ©s de diferentes polĂticas de atribuição de nomes, permitem introdu-
zir mecanismos de segurança adicionais ou mitigar problemas de privacidade
em diferentes protocolos. Isto resulta na implementação de mecanismos de
segurança sobre protocolos de descoberta inseguros, assim como na intro-
dução de mecanismos de atribuiçao e resolução de nomes que se focam na
protecçao da privacidade.
O principal veĂculo para a implementação destas soluçÔes Ă© atravĂ©s de ser-
viços e protocolos de rede de uso geral. No entanto, a aplicabilidade destas
soluçÔes extende-se também a outros tópicos de investigação que recorrem
a mecanismos de resolução de nomes para implementar soluçÔes de intero-
perabilidade, nomedamente a Internet das Coisas (IoT) e redes centradas na
informação (ICN).Programa Doutoral em Informåtic
Privacy models in wireless sensor networks: a survey
Wireless Sensor Networks (WSNs) are attracting attention from the research community. One of the key issues is to provide them with privacy protection. In recent years, a huge amount of contributions has been focused on this area. Surveys and literature reviews have also been produced to give a systematic view of the different approaches taken. However, no previous work has focused on privacy models, that is, the set of assumptions made to build the approach. In particular, this paper focuses on this matter by studying 41 papers of the last 5 years. We highlight the great differences appearing among related papers that could make them incompatible to be applied simultaneously. We propose a set of guidelines to build comprehensive privacy models so as to foster their comparability and suitability analysis for different scenarios.This work was supported by the MINECO Grant TIN2013-46469-R (Security and Privacy in the Internet of You (SPINY)) and the CAM Grant S2013/ICE-3095 (Cybersecurity,Data, and Risks (CIBERDINE)), which is cofunded by EuropeanFunds (FEDER). Furthermore, J.M. de Fuentes and L. GonzĂĄlez-Manzano were also partially supported by the Programa de Ayudas a la Movilidad of Carlos III University of Madrid
- âŠ