Recent Advances in Wearable Sensing Technologies

Wearable sensing technologies are having a worldwide impact on the creation of novel business opportunities and application services that are benefiting the common citizen. By using these technologies, people have transformed the way they live, interact with each other and their surroundings, their daily routines, and how they monitor their health conditions. We review recent advances in the area of wearable sensing technologies, focusing on aspects such as sensor technologies, communication infrastructures, service infrastructures, security, and privacy. We also review the use of consumer wearables during the coronavirus disease 19 (COVID-19) pandemic caused by the severe acute respiratory syndrome coronavirus 2 (SARS-CoV-2), and we discuss open challenges that must be addressed to further improve the efficacy of wearable sensing systems in the future

A Survey on Smart Agriculture: Development Modes, Technologies, and Security and Privacy Challenges

With the deep combination of both modern information technology and traditional agriculture, the era of agriculture 4.0, which takes the form of smart agriculture, has come. Smart agriculture provides solutions for agricultural intelligence and automation. However, information security issues cannot be ignored with the development of agriculture brought by modern information technology. In this paper, three typical development modes of smart agriculture (precision agriculture, facility agriculture, and order agriculture) are presented. Then, 7 key technologies and 11 key applications are derived from the above modes. Based on the above technologies and applications, 6 security and privacy countermeasures (authentication and access control, privacy-preserving, blockchain-based solutions for data integrity, cryptography and key management, physical countermeasures, and intrusion detection systems) are summarized and discussed. Moreover, the security challenges of smart agriculture are analyzed and organized into two aspects: 1) agricultural production, and 2) information technology. Most current research projects have not taken agricultural equipment as potential security threats. Therefore, we did some additional experiments based on solar insecticidal lamps Internet of Things, and the results indicate that agricultural equipment has an impact on agricultural security. Finally, more technologies (5 G communication, fog computing, Internet of Everything, renewable energy management system, software defined network, virtual reality, augmented reality, and cyber security datasets for smart agriculture) are described as the future research directions of smart agriculture

Effective Privacy-Preserving Mechanisms for Vehicle-to-Everything Services

Owing to the advancement of wireless communication technologies, drivers can rely on smart connected vehicles to communicate with each other, roadside units, pedestrians, and remote service providers to enjoy a large amount of vehicle-to-everything (V2X) services, including navigation, parking, ride hailing, and car sharing. These V2X services provide different functions for bettering travel experiences, which have a bunch of benefits. In the real world, even without smart connected vehicles, drivers as users can utilize their smartphones and mobile applications to access V2X services and connect their smartphones to vehicles through some interfaces, e.g., IOS Carplay and Android Auto. In this way, they can still enjoy V2X services through modern car infotainment systems installed on vehicles. Most of the V2X services are data-centric and data-intensive, i.e., users have to upload personal data to a remote service provider, and the service provider can continuously collect a user's data and offer personalized services. However, the data acquired from users may include users' sensitive information, which may expose user privacy and cause serious consequences. To protect user privacy, a basic privacy-preserving mechanism, i.e, anonymization, can be applied in V2X services. Nevertheless, a big obstacle arises as well: user anonymization may affect V2X services' availability. As users become anonymous, users may behave selfishly and maliciously to break the functions of a V2X service without being detected and the service may become unavailable. In short, there exist a conflict between privacy and availability, which is caused by different requirements of users and service providers. In this thesis, we have identified three major conflicts between privacy and availability for V2X services: privacy vs. linkability, privacy vs. accountability, privacy vs. reliability, and then have proposed and designed three privacy-preserving mechanisms to resolve these conflicts. Firstly, the thesis investigates the conflict between privacy and linkability in an automated valet parking (AVP) service, where users can reserve a parking slot for their vehicles such that vehicles can achieve automated valet parking. As an optional privacy-preserving measure, users can choose to anonymize their identities when booking a parking slot for their vehicles. In this way, although user privacy is protected by anonymization, malicious users can repeatedly send parking reservation requests to a parking service provider to make the system unavailable (i.e., "Double-Reservation Attack"). Aiming at this conflict, a security model is given in the thesis to clearly define necessary privacy requirements and potential attacks in an AVP system, and then a privacy-preserving reservation scheme has been proposed based on BBS+ signature and zero-knowledge proof. In the proposed scheme, users can keep anonymous since users only utilize a one-time unlinkable token generated from his/her anonymous credential to achieve parking reservations. In the meantime, by utilizing proxy re-signature, the scheme can also guarantee that one user can only have one token at a time to resist against "Double-Reservation Attack". Secondly, the thesis investigates the conflict between privacy and accountability in a car sharing service, where users can conveniently rent a shared car without human intervention. One basic demand for car sharing service is to check the user's identity to determine his/her validity and enable the user to be accountable if he/she did improper behavior. If the service provider allows users to hide their identities and achieve anonymization to protect user privacy, naturally the car sharing service is unavailable. Aiming at this conflict, a decentralized, privacy-preserving, and accountable car sharing architecture has been proposed in the thesis, where multiple dynamic validation servers are employed to build decentralized trust for users. Under this architecture, the thesis proposes a privacy-preserving identity management scheme to assist in managing users' identities in a dynamic manner based on a verifiable secret sharing/redistribution technique, i.e. the validation servers who manage users' identities are dynamically changed with the time advancing. Moreover, the scheme enables a majority of dynamic validation servers to recover the misbehaving users' identities and guarantees that honest users' identities are confidential to achieve privacy preservation and accountability at the same time. Thirdly, the thesis investigates the conflict between privacy and reliability in a road condition monitoring service, where users can report road conditions to a monitoring service provider to help construct a live map based on crowdsourcing. Usually, a reputation-based mechanism is applied in the service to measure a user's reliability. However, this mechanism cannot be easily integrated with a privacy-preserving mechanism based on user anonymization. When users are anonymous, they can upload arbitrary reports to destroy the service quality and make the service unavailable. Aiming at this conflict, a privacy-preserving crowdsourcing-based road condition monitoring scheme has been proposed in the thesis. By leveraging homomorphic commitments and PS signature, the scheme supports anonymous user reputation management without the assistance of any third-party authority. Furthermore, the thesis proposes several zero-knowledge proof protocols to ensure that a user can keep anonymous and unlinkable but a monitoring service provider can still judge the reliability of this user's report through his/her reputation score. To sum up, with more attention being paid to privacy issues, how to protect user privacy for V2X services becomes more significant. The thesis proposes three effective privacy-preserving mechanisms for V2X services, which resolve the conflict between privacy and availability and can be conveniently integrated into current V2X applications since no trusted third party authority is required. The proposed approaches should be valuable for achieving practical privacy preservation in V2X services

Actas de las VI Jornadas Nacionales (JNIC2021 LIVE)

Estas jornadas se han convertido en un foro de encuentro de los actores más relevantes en el ámbito de la ciberseguridad en España. En ellas, no sólo se presentan algunos de los trabajos científicos punteros en las diversas áreas de ciberseguridad, sino que se presta especial atención a la formación e innovación educativa en materia de ciberseguridad, y también a la conexión con la industria, a través de propuestas de transferencia de tecnología. Tanto es así que, este año se presentan en el Programa de Transferencia algunas modificaciones sobre su funcionamiento y desarrollo que han sido diseñadas con la intención de mejorarlo y hacerlo más valioso para toda la comunidad investigadora en ciberseguridad

Cloud-based Indoor Positioning Platform for Context-adaptivity in GNSS-denied Scenarios

The demand for positioning, localisation and navigation services is on the rise, largely owing to the fact that such services form an integral part of applications in areas such as human activity recognition, robotics, and eHealth. Depending on the field of application, these services must accomplish high levels of accuracy, massive device connectivity, real-time response, flexibility, and integrability. Although many current solutions have succeeded in fulfilling these requirements, numerous challenges remain in terms of providing robust and reliable indoor positioning solutions. This dissertation has a core focus on improving computing efficiency, data pre-processing, and software architecture for Indoor Positioning Systems (IPSs), without throwing out position and location accuracy. Fingerprinting is the main positioning technique used in this dissertation, as it is one of the approaches used most frequently in indoor positioning solutions. The dissertation begins by presenting a systematic review of current cloud-based indoor positioning solutions for Global Navigation Satellite System (GNSS) denied scenarios. This first contribution identifies the current challenges and trends in indoor positioning applications over the last seven years (from January 2015 to May 2022). Secondly, we focus on the study of data optimisation techniques such as data cleansing and data augmentation. This second contribution is devoted to reducing the number of outliers fingerprints in radio maps and, therefore, reducing the error in position estimation. The data cleansing algorithm relies on the correlation between fingerprints, taking into account the maximum Received Signal Strength (RSS) values, whereas the Generative Adversarial Network (GAN) network is used for data augmentation in order to generate synthetic fingerprints that are barely distinguishable from real ones. Consequently, the positioning error is reduced by more than 3.5% after applying the data cleansing. Similarly, the positioning error is reduced in 8 from 11 datasets after generating new synthetic fingerprints. The third contribution suggests two algorithms which group similar fingerprints into clusters. To that end, a new post-processing algorithm for Density-based Spatial Clustering of Applications with Noise (DBSCAN) clustering is developed to redistribute noisy fingerprints to the formed clusters, enhancing the mean positioning accuracy by more than 20% in comparison with the plain DBSCAN. A new lightweight clustering algorithm is also introduced, which joins similar fingerprints based on the maximum RSS values and Access Point (AP) identifiers. This new clustering algorithm reduces the time required to form the clusters by more than 60% compared with two traditional clustering algorithms. The fourth contribution explores the use of Machine Learning (ML) models to enhance the accuracy of position estimation. These models are based on Deep Neural Network (DNN) and Extreme Learning Machine (ELM). The first combines Convolutional Neural Network (CNN) and Long short-term memory (LSTM) to learn the complex patterns in fingerprinting radio maps and improve position accuracy. The second model uses CNN and ELM to provide a fast and accurate solution for the classification of fingerprints into buildings and floors. Both models offer better performance in terms of floor hit rate than the baseline (more than 8% on average), and also outperform some machine learning models from the literature. Finally, this dissertation summarises the key findings of the previous chapters in an open-source cloud platform for indoor positioning. This software developed in this dissertation follows the guidelines provided by current standards in positioning, mapping, and software architecture to provide a reliable and scalable system

Law in the present future : approaching the legal imaginary of smart cities with science (and) fiction

This doctoral research concerns smart cities, describing digital solutions and social issues related to their innovative technologies, adopted models, and major projects around the world. The many perspectives mentioned in it were identified by online tools used for the textual analysis of two databases that were built from relevant publications on the main subject by authors coming from media and academia. Expected legal elements emerged from the applied process, such as privacy, security, transparency, participation, accountability, and governance. A general review was produced on the information available about the public policies of Big Data in the two municipal cases of Rio de Janeiro and Montréal, and their regulation in the Brazilian and Canadian contexts. The combined approaches from science and literature were explored to reflect on the normative concerns represented by the global challenges and local risks brought by urban surveillance, climate change, and other neoliberal conditions. Cyberpunk Science Fiction reveals itself useful for engaging with the shared problems that need to be faced in the present time, all involving democracy. The results achieved reveal that this work was, in fact, about the complex network of practices and senses between (post)modern law and the imaginary of the future.Cette recherche doctorale centrée sur les villes intelligentes met en évidence les solutions numériques et les questionnements sociétaux qui ont trait aux technologies innovantes, ainsi qu’aux principaux modèles et projets développés autour d’elles à travers le monde. Des perspectives multiples en lien avec ces développements ont été identifiées à l’aide d’outils en ligne qui ont permis l’analyse textuelle de deux bases de données comprenant des publications scientifiques et des écrits médiatiques. De ce processus analytique ont émergé des éléments juridiques relatifs aux questions de vie privée, de sécurité, de transparence, de participation, d’imputabilité et de gouvernance. De plus, à partir de ces informations a été réalisée une revue des politiques publiques relatives aux mégadonnées dans les villes de Rio de Janeiro et de Montréal, ainsi que des réglementations nationales du Canada et du Brésil en lien avec ce sujet. Finalement, à travers l’exploration d’écrits scientifiques et fictionnels de la littérature, les principaux enjeux normatifs soulevés localement et mondialement par la surveillance urbaine, les changements climatiques et les politiques néolibérales ont pu être mis à jour. Le courant cyberpunk de la science-fiction s’est avéré particulièrement utile pour révéler les principaux problèmes politiques, en lien avec la préservation de la démocratie, auxquelles sont confrontées nos sociétés présentement. Les résultats de la recherche démontrent finalement la présence d’un réseau de pratiques et de significations entre le droit (post)moderne et les représentations imaginaires du futur

Jornadas Nacionales de Investigación en Ciberseguridad: actas de las VIII Jornadas Nacionales de Investigación en ciberseguridad: Vigo, 21 a 23 de junio de 2023

Jornadas Nacionales de Investigación en Ciberseguridad (8ª. 2023. Vigo)atlanTTicAMTEGA: Axencia para a modernización tecnolóxica de GaliciaINCIBE: Instituto Nacional de Cibersegurida