A Privacy-Preserving Social P2P Infrastructure for People-Centric Sensing

The rapid miniaturization and integration of sensor technologies into mobile Internet devices combined with Online Social Networks allows for enhanced sensor information querying, subscription, and task placement within People-Centric Sensing networks. However, PCS systems which exploit knowledge about OSN user profiles and context information for enhanced service provision might cause an unsolicited application and dissemination of highly personal and sensitive data. In this paper, we propose a protocol extension to our OSN design Vegas which enables secure, privacy-preserving, and trustful P2P communication between PCS participants. By securing knowledge about social links with standard public key cryptography, we achieve a degree of anonymity at a trust level which is almost good as that provided by a centralized trusted third party

Location Privacy in Spatial Crowdsourcing

Spatial crowdsourcing (SC) is a new platform that engages individuals in collecting and analyzing environmental, social and other spatiotemporal information. With SC, requesters outsource their spatiotemporal tasks to a set of workers, who will perform the tasks by physically traveling to the tasks' locations. This chapter identifies privacy threats toward both workers and requesters during the two main phases of spatial crowdsourcing, tasking and reporting. Tasking is the process of identifying which tasks should be assigned to which workers. This process is handled by a spatial crowdsourcing server (SC-server). The latter phase is reporting, in which workers travel to the tasks' locations, complete the tasks and upload their reports to the SC-server. The challenge is to enable effective and efficient tasking as well as reporting in SC without disclosing the actual locations of workers (at least until they agree to perform a task) and the tasks themselves (at least to workers who are not assigned to those tasks). This chapter aims to provide an overview of the state-of-the-art in protecting users' location privacy in spatial crowdsourcing. We provide a comparative study of a diverse set of solutions in terms of task publishing modes (push vs. pull), problem focuses (tasking and reporting), threats (server, requester and worker), and underlying technical approaches (from pseudonymity, cloaking, and perturbation to exchange-based and encryption-based techniques). The strengths and drawbacks of the techniques are highlighted, leading to a discussion of open problems and future work

User-centric privacy preservation in Internet of Things Networks

Recent trends show how the Internet of Things (IoT) and its services are becoming more omnipresent and popular. The end-to-end IoT services that are extensively used include everything from neighborhood discovery to smart home security systems, wearable health monitors, and connected appliances and vehicles. IoT leverages different kinds of networks like Location-based social networks, Mobile edge systems, Digital Twin Networks, and many more to realize these services. Many of these services rely on a constant feed of user information. Depending on the network being used, how this data is processed can vary significantly. The key thing to note is that so much data is collected, and users have little to no control over how extensively their data is used and what information is being used. This causes many privacy concerns, especially for a na ̈ıve user who does not know the implications and consequences of severe privacy breaches. When designing privacy policies, we need to understand the different user data types used in these networks. This includes user profile information, information from their queries used to get services (communication privacy), and location information which is much needed in many on-the-go services. Based on the context of the application, and the service being provided, the user data at risk and the risks themselves vary. First, we dive deep into the networks and understand the different aspects of privacy for user data and the issues faced in each such aspect. We then propose different privacy policies for these networks and focus on two main aspects of designing privacy mechanisms: The quality of service the user expects and the private information from the user’s perspective. The novel contribution here is to focus on what the user thinks and needs instead of fixating on designing privacy policies that only satisfy the third-party applications’ requirement of quality of service

Balancing privacy needs with location sharing in mobile computing

Mobile phones are increasingly becoming tools for social interaction. As more phones come equipped with location tracking capabilities, capable of collecting and distributing personal information (including location) of their users, user control of location information and privacy for that matter, has become an important research issue. This research first explores various techniques of user control of location in location-based systems, and proposes the re-conceptualisation of deception (defined here as the deliberate withholding of location information) from information systems security to the field of location privacy. Previous work in this area considers techniques such as anonymisation, encryption, cloaking and blurring, among others. Since mobile devices have become social tools, this thesis takes a different approach by empirically investigating first the likelihood of the use of the proposed technique (deception) in protecting location privacy. We present empirical results (based on an online study) that show that people are willing to deliberately withhold their location information to protect their location privacy. However, our study shows that people feel uneasy in engaging in this type of deception if they believe this will be detected by their intended recipients. The results also suggest that the technique is popular in situations where it is very difficult to detect that there has been a deliberate withholding of location information during a location disclosure. Our findings are then presented in the form of initial design guidelines for the design of deception to control location privacy. Based on these initial guidelines, we propose and build a deception-based privacy control model. Two different evaluation approaches are employed in investigating the suitability of the model. These include; a field-based study of the techniques employed in the model and a laboratory-based usability study of the Mobile Client application upon which the DPC model is based, using HCI (Human Computer Interaction) professionals. Finally, we present guidelines for the design of deception in location disclosure, and lessons learned from the two evaluation approaches. We also propose a unified privacy preference framework implemented on the application layer of the mobile platform as a future direction of this thesis

Trust aware system for social networks: A comprehensive survey

Social networks are the platform for the users to get connected with other social network users based on their interest and life styles. Existing social networks have millions of users and the data generated by them are huge and it is difficult to differentiate the real users and the fake users. Hence a trust worthy system is recommended for differentiating the real and fake users. Social networking enables users to send friend requests, upload photos and tag their friends and even suggest them the web links based on the interest of the users. The friends recommended, the photos tagged and web links suggested may be a malware or an untrusted activity. Users on social networks are authorised by providing the personal data. This personal raw data is available to all other users online and there is no protection or methods to secure this data from unknown users. Hence to provide a trustworthy system and to enable real users activities a review on different methods to achieve trustworthy social networking systems are examined in this paper