Secure Mobile Subscription of Sensor-encrypted Data

Singapore A*Sta

PEPSI: Privacy-Enhanced Participatory Sensing Infrastructure.

Participatory Sensing combines the ubiquity of mobile phones with sensing capabilities of Wireless Sensor Networks. It targets pervasive collection of information, e.g., temperature, traffic conditions, or health-related data. As users produce measurements from their mobile devices, voluntary participation becomes essential. However, a number of privacy concerns -- due to the personal information conveyed by data reports -- hinder large-scale deployment of participatory sensing applications. Prior work on privacy protection, for participatory sensing, has often relayed on unrealistic assumptions and with no provably-secure guarantees. The goal of this project is to introduce PEPSI: a Privacy-Enhanced Participatory Sensing Infrastructure. We explore realistic architectural assumptions and a minimal set of (formal) privacy requirements, aiming at protecting privacy of both data producers and consumers. We design a solution that attains privacy guarantees with provable security at very low additional computational cost and almost no extra communication overhead

Securing Cyber-Physical Social Interactions on Wrist-worn Devices

Since ancient Greece, handshaking has been commonly practiced between two people as a friendly gesture to express trust and respect, or form a mutual agreement. In this article, we show that such physical contact can be used to bootstrap secure cyber contact between the smart devices worn by users. The key observation is that during handshaking, although belonged to two different users, the two hands involved in the shaking events are often rigidly connected, and therefore exhibit very similar motion patterns. We propose a novel key generation system, which harvests motion data during user handshaking from the wrist-worn smart devices such as smartwatches or fitness bands, and exploits the matching motion patterns to generate symmetric keys on both parties. The generated keys can be then used to establish a secure communication channel for exchanging data between devices. This provides a much more natural and user-friendly alternative for many applications, e.g., exchanging/sharing contact details, friending on social networks, or even making payments, since it doesn’t involve extra bespoke hardware, nor require the users to perform pre-defined gestures. We implement the proposed key generation system on off-the-shelf smartwatches, and extensive evaluation shows that it can reliably generate 128-bit symmetric keys just after around 1s of handshaking (with success rate >99%), and is resilient to different types of attacks including impersonate mimicking attacks, impersonate passive attacks, or eavesdropping attacks. Specifically, for real-time impersonate mimicking attacks, in our experiments, the Equal Error Rate (EER) is only 1.6% on average. We also show that the proposed key generation system can be extremely lightweight and is able to run in-situ on the resource-constrained smartwatches without incurring excessive resource consumption

Confidentiality-Preserving Publish/Subscribe: A Survey

Publish/subscribe (pub/sub) is an attractive communication paradigm for large-scale distributed applications running across multiple administrative domains. Pub/sub allows event-based information dissemination based on constraints on the nature of the data rather than on pre-established communication channels. It is a natural fit for deployment in untrusted environments such as public clouds linking applications across multiple sites. However, pub/sub in untrusted environments lead to major confidentiality concerns stemming from the content-centric nature of the communications. This survey classifies and analyzes different approaches to confidentiality preservation for pub/sub, from applications of trust and access control models to novel encryption techniques. It provides an overview of the current challenges posed by confidentiality concerns and points to future research directions in this promising field

A Privacy-Preserving Social P2P Infrastructure for People-Centric Sensing

The rapid miniaturization and integration of sensor technologies into mobile Internet devices combined with Online Social Networks allows for enhanced sensor information querying, subscription, and task placement within People-Centric Sensing networks. However, PCS systems which exploit knowledge about OSN user profiles and context information for enhanced service provision might cause an unsolicited application and dissemination of highly personal and sensitive data. In this paper, we propose a protocol extension to our OSN design Vegas which enables secure, privacy-preserving, and trustful P2P communication between PCS participants. By securing knowledge about social links with standard public key cryptography, we achieve a degree of anonymity at a trust level which is almost good as that provided by a centralized trusted third party

Domain Computing: The Next Generation of Computing

Computers are indispensable in our daily lives. The first generation of computing started the era of human automation computing. These machine’s computational resources, however, were completely centralized in local machines. With the appearance of networks, the second generation of computing significantly improved data availability and portability so that computing resources could be efficiently shared among the networks. The service-oriented third generation of computing provided functionality by breaking down applications into services, on-demand computing through utility and cloud infrastructures, as well as ubiquitous accesses from wide-spread geographical networks. Services as primary computing resources are far spread from lo- cal to worldwide. These services loosely couple applications and servers, which allows services to scale up easily with higher availability. The complexity of locating, utilizing and optimizing computational resources becomes even more challenging as these resources become more available, fault-tolerant, scalable, better per- forming, and spatially distributed. The critical question becomes how do applications dynamically utilize and optimize unique/duplicate/competitive resources at runtime in the most efficient and effective way without code changes, as well as providing high available, scalable, secured and easy development services. Domain computing proposes a new way to manage computational resources and applications. Domain computing dy- namically manages resources within logic entities, domains, and without being bound to physical machines so that application functionality can be extended at runtime. Moreover, domain computing introduces domains as a replacement of a traditional computer in order to run applications and link different computational resources that are distributed over networks into domains so that a user can greatly improve and optimize the resource utilization at a global level. By negotiating with different layers, domain computing dynamically links different resources, shares resources and cooperates with domains at runtime so applications can more quickly adapt to dynamically changing environments and gain better performance. Also, domain computing presents a new way to develop applications which are resource stateless based. In this work, a prototype sys- tem was built and the performance of its various aspects has been examined, including network throughput, response time, variance, resource publishing and subscription, and secured communications