Trust and Privacy in Development of Publish/Subscribe Systems

Publish/subscribe (pub/sub) is a widely deployed paradigm for information dissemination in a variety of distributed applications such as financial platforms, e-health frameworks and the Internet-of-Things. In essence, the pub/sub model considers one or more publishers generating feeds of information and a set of subscribers, the clients of the system. A pub/sub service is in charge of delivering the published information to interested clients. With the advent of cloud computing, we observe a growing tendency to externalize applications using pub/sub services to public clouds. This trend, despite its advantages, opens up multiple important data privacy and trust issues. Although multiple solutions for data protection have been proposed by the academic community, there is no unified view or framework describing how to deploy secure pub/sub systems on public clouds. To remediate this, we advocate towards a trust model which we believe can serve as basis for such deployments

Prochlo: Strong Privacy for Analytics in the Crowd

The large-scale monitoring of computer users' software activities has become commonplace, e.g., for application telemetry, error reporting, or demographic profiling. This paper describes a principled systems architecture---Encode, Shuffle, Analyze (ESA)---for performing such monitoring with high utility while also protecting user privacy. The ESA design, and its Prochlo implementation, are informed by our practical experiences with an existing, large deployment of privacy-preserving software monitoring. (cont.; see the paper

Offline Model Guard: Secure and Private ML on Mobile Devices

Performing machine learning tasks in mobile applications yields a challenging conflict of interest: highly sensitive client information (e.g., speech data) should remain private while also the intellectual property of service providers (e.g., model parameters) must be protected. Cryptographic techniques offer secure solutions for this, but have an unacceptable overhead and moreover require frequent network interaction. In this work, we design a practically efficient hardware-based solution. Specifically, we build Offline Model Guard (OMG) to enable privacy-preserving machine learning on the predominant mobile computing platform ARM - even in offline scenarios. By leveraging a trusted execution environment for strict hardware-enforced isolation from other system components, OMG guarantees privacy of client data, secrecy of provided models, and integrity of processing algorithms. Our prototype implementation on an ARM HiKey 960 development board performs privacy-preserving keyword recognition using TensorFlow Lite for Microcontrollers in real time.Comment: Original Publication (in the same form): DATE 202

ENABLING IOT AUTHENTICATION, PRIVACY AND SECURITY VIA BLOCKCHAIN

Although low-power and Internet-connected gadgets and sensors are increasingly integrated into our lives, the optimal design of these systems remains an issue. In particular, authentication, privacy, security, and performance are critical success factors. Furthermore, with emerging research areas such as autonomous cars, advanced manufacturing, smart cities, and building, usage of the Internet of Things (IoT) devices is expected to skyrocket. A single compromised node can be turned into a malicious one that brings down whole systems or causes disasters in safety-critical applications. This dissertation addresses the critical problems of (i) device management, (ii) data management, and (iii) service management in IoT systems. In particular, we propose an integrated platform solution for IoT device authentication, data privacy, and service security via blockchain-based smart contracts. We ensure IoT device authentication by blockchain-based IC traceability system, from its fabrication to its end-of-life, allowing both the supplier and a potential customer to verify an IC’s provenance. Results show that our proposed consortium blockchain framework implementation in Hyperledger Fabric for IC traceability achieves a throughput of 35 transactions per second (tps). To corroborate the blockchain information, we authenticate the IC securely and uniquely with an embedded Physically Unclonable Function (PUF). For reliable Weak PUF-based authentication, our proposed accelerated aging technique reduces the cumulative burn-in cost by ∼ 56%. We also propose a blockchain-based solution to integrate the privacy of data generated from the IoT devices by giving users control of their privacy. The smart contract controlled trust-base ensures that the users have private access to their IoT devices and data. We then propose a remote configuration of IC features via smart contracts, where an IC can be programmed repeatedly and securely. This programmability will enable users to upgrade IC features or rent upgraded IC features for a fixed period after users have purchased the IC. We tailor the hardware to meet the blockchain performance. Our on-die hardware module design enforces the hardware configuration’s secure execution and uses only 2,844 slices in the Xilinx Zedboard Zynq Evaluation board. The blockchain framework facilitates decentralized IoT, where interacting devices are empowered to execute digital contracts autonomously

Rise of big data – issues and challenges

The recent rapid rise in the availability of big data due to Internet-based technologies such as social media platforms and mobile devices has left many market leaders unprepared for handling very large, random and high velocity data. Conventionally, technologies are initially developed and tested in labs and appear to the public through media such as press releases and advertisements. These technologies are then adopted by the general public. In the case of big data technology, fast development and ready acceptance of big data by the user community has left little time to be scrutinized by the academic community. Although many books and electronic media articles are published by professionals and authors for their work on big data, there is still a lack of fundamental work in academic literature. Through survey methods, this paper discusses challenges in different aspects of big data, such as data sources, content format, data staging, data processing, and prevalent data stores. Issues and challenges related to big data, specifically privacy attacks and counter-techniques such as k-anonymity, t-closeness, l-diversity and differential privacy are discussed. Tools and techniques adopted by various organizations to store different types of big data are also highlighted. This study identifies different research areas to address such as a lack of anonymization techniques for unstructured big data, data traffic pattern determination for developing scalable data storage solutions and controlling mechanisms for high velocity data