36,363 research outputs found
Time Distortion Anonymization for the Publication of Mobility Data with High Utility
An increasing amount of mobility data is being collected every day by
different means, such as mobile applications or crowd-sensing campaigns. This
data is sometimes published after the application of simple anonymization
techniques (e.g., putting an identifier instead of the users' names), which
might lead to severe threats to the privacy of the participating users.
Literature contains more sophisticated anonymization techniques, often based on
adding noise to the spatial data. However, these techniques either compromise
the privacy if the added noise is too little or the utility of the data if the
added noise is too strong. We investigate in this paper an alternative
solution, which builds on time distortion instead of spatial distortion.
Specifically, our contribution lies in (1) the introduction of the concept of
time distortion to anonymize mobility datasets (2) Promesse, a protection
mechanism implementing this concept (3) a practical study of Promesse compared
to two representative spatial distortion mechanisms, namely Wait For Me, which
enforces k-anonymity, and Geo-Indistinguishability, which enforces differential
privacy. We evaluate our mechanism practically using three real-life datasets.
Our results show that time distortion reduces the number of points of interest
that can be retrieved by an adversary to under 3 %, while the introduced
spatial error is almost null and the distortion introduced on the results of
range queries is kept under 13 % on average.Comment: in 14th IEEE International Conference on Trust, Security and Privacy
in Computing and Communications, Aug 2015, Helsinki, Finlan
Emerging privacy challenges and approaches in CAV systems
The growth of Internet-connected devices, Internet-enabled services and Internet of Things systems continues at a rapid pace, and their application to transport systems is heralded as game-changing. Numerous developing CAV (Connected and Autonomous Vehicle) functions, such as traffic planning, optimisation, management, safety-critical and cooperative autonomous driving applications, rely on data from various sources. The efficacy of these functions is highly dependent on the dimensionality, amount and accuracy of the data being shared. It holds, in general, that the greater the amount of data available, the greater the efficacy of the function. However, much of this data is privacy-sensitive, including personal, commercial and research data. Location data and its correlation with identity and temporal data can help infer other personal information, such as home/work locations, age, job, behavioural features, habits, social relationships. This work categorises the emerging privacy challenges and solutions for CAV systems and identifies the knowledge gap for future research, which will minimise and mitigate privacy concerns without hampering the efficacy of the functions
SECMACE: Scalable and Robust Identity and Credential Management Infrastructure in Vehicular Communication Systems
Several years of academic and industrial research efforts have converged to a
common understanding on fundamental security building blocks for the upcoming
Vehicular Communication (VC) systems. There is a growing consensus towards
deploying a special-purpose identity and credential management infrastructure,
i.e., a Vehicular Public-Key Infrastructure (VPKI), enabling pseudonymous
authentication, with standardization efforts towards that direction. In spite
of the progress made by standardization bodies (IEEE 1609.2 and ETSI) and
harmonization efforts (Car2Car Communication Consortium (C2C-CC)), significant
questions remain unanswered towards deploying a VPKI. Deep understanding of the
VPKI, a central building block of secure and privacy-preserving VC systems, is
still lacking. This paper contributes to the closing of this gap. We present
SECMACE, a VPKI system, which is compatible with the IEEE 1609.2 and ETSI
standards specifications. We provide a detailed description of our
state-of-the-art VPKI that improves upon existing proposals in terms of
security and privacy protection, and efficiency. SECMACE facilitates
multi-domain operations in the VC systems and enhances user privacy, notably
preventing linking pseudonyms based on timing information and offering
increased protection even against honest-but-curious VPKI entities. We propose
multiple policies for the vehicle-VPKI interactions, based on which and two
large-scale mobility trace datasets, we evaluate the full-blown implementation
of SECMACE. With very little attention on the VPKI performance thus far, our
results reveal that modest computing resources can support a large area of
vehicles with very low delays and the most promising policy in terms of privacy
protection can be supported with moderate overhead.Comment: 14 pages, 9 figures, 10 tables, IEEE Transactions on Intelligent
Transportation System
Authentication and authorisation in entrusted unions
This paper reports on the status of a project whose aim is to implement and demonstrate in a real-life environment an integrated eAuthentication and eAuthorisation framework to enable trusted collaborations and delivery of services across different organisational/governmental jurisdictions. This aim will be achieved by designing a framework with assurance of claims, trust indicators, policy enforcement mechanisms and processing under encryption to address the security and confidentiality requirements of large distributed infrastructures. The framework supports collaborative secure distributed storage, secure data processing and management in both the cloud and offline scenarios and is intended to be deployed and tested in two pilot studies in two different domains, viz, Bio-security incident management and Ambient Assisted Living (eHealth). Interim results in terms of security requirements, privacy preserving authentication, and authorisation are reported
- …