Mandatory Enforcement of Privacy Policies using Trusted Computing Principles

Modern communication systems and information technology create significant new threats to information privacy. In this paper, we discuss the need for proper privacy protection in cooperative intelligent transportation systems (cITS), one instance of such systems. We outline general principles for data protection and their legal basis and argue why pure legal protection is insufficient. Strong privacy-enhancing technologies need to be deployed in cITS to protect user data while it is generated and processed. As data minimization cannot always prevent the need for disclosing relevant personal information, we introduce the new concept of mandatory enforcement of privacy policies. This concept empowers users and data subjects to tightly couple their data with privacy policies and rely on the system to impose such policies onto any data processors. We also describe the PRECIOSA Privacy-enforcing Runtime Architecture that exemplifies our approach. Moreover, we show how an application can utilize this architecture by applying it to a pay as you drive (PAYD) car insurance scenario

On the Potential of Generic Modeling for VANET Data Aggregation Protocols

In-network data aggregation is a promising communication mechanism to reduce bandwidth requirements of applications in vehicular ad-hoc networks (VANETs). Many aggregation schemes have been proposed, often with varying features. Most aggregation schemes are tailored to specific application scenarios and for specific aggregation operations. Comparative evaluation of different aggregation schemes is therefore difficult. An application centric view of aggregation does also not tap into the potential of cross application aggregation. Generic modeling may help to unlock this potential. We outline a generic modeling approach to enable improved comparability of aggregation schemes and facilitate joint optimization for different applications of aggregation schemes for VANETs. This work outlines the requirements and general concept of a generic modeling approach and identifies open challenges

Privacy in Inter-Vehicular Networks: Why simple pseudonym change is not enough

Inter-vehicle communication (IVC) systems disclose rich location information about vehicles. State-of-the-art security architectures are aware of the problem and provide privacy enhancing mechanisms, notably pseudonymous authentication. However, the granularity and the amount of location information IVC protocols divulge, enable an adversary that eavesdrops all traffic throughout an area, to reconstruct long traces of the whereabouts of the majority of vehicles within the same area. Our analysis in this paper confirms the existence of this kind of threat. As a result, it is questionable if strong location privacy is achievable in IVC systems against a powerful adversary.\u

Conditioned Medium from Dysfunctional Endothelial Cells Negatively Regulates Satellite Cell Expansion and Differentiation

Dysfunction of the endothelial lining of the cardiovascular system is a hallmark symptom of both cardiovascular disease (CVD) and type II diabetes mellitus (T2DM). The dysfunctional endothelial cell phenotype is characterized by an increase in production and release of inflammatory cytokines and reactive oxygen species (ROS) and a decrease in nitric oxide (NO) and growth factor secretion. Evidence has emerged showing a close relationship between endothelial cells and skeletal muscle satellite/progenitor cells. Skeletal muscle cell growth and differentiation are impaired in oxidative environments and many endothelial dysfunction-related diseases. The purpose of the current study is to determine the impact that high glucose induced endothelial cell dysfunction has on the growth and differentiation of skeletal muscle satellite cells (SkMSC). Human Umbilical Vein Endothelial Cells (HUVEC) were grown in normoglycemic, 5 mM glucose (CON) media or hyperglycemic, 30 mM glucose (DYS) media for 48 hours to induce dysfunction, after which the media was collected to be used as conditioned media (CM). Primary human SkMSCs were isolated from the vastus lateralis of eight lean subjects and subsequently treated with CON or DYS CM for 2, 4, or 6 days. Satellite cells not collected at day 6 were directed toward differentiation in CON or DYS CM. SkMSC growth, ROS production and differentiation were analyzed via cell counting, MTT assay, DHE assay, qPCR, immune blotting, and immunocytochemistry. After 6 days of treatment, SkMSC counts and the number of viable cells were decreased in DYS CM treatment. SkMSC cyclin D1 was downregulated and caspase-9 was upregulated in the DYS treatment group. Myogenesis and myotube fusion were impaired in DYS CM treated SkMSC. Abnormal inhibition of p38 phosphorylation and a non-significant increase in NF-κB activity occurred in late stage DYS CM treated satellite cells. This study provides evidence that dysfunctional endothelial cells impair skeletal muscle satellite cell expansion through possible dysregulation of apoptotic and proliferative pathways. CM from DYS ECs also clearly inhibited muscle satellite cell differentiation and myotube fusion via abnormal intracellular signaling. Future studies should focus on expanding current knowledge on the relationship between endothelial cells and muscle satellite cells in endothelial dysfunction-related pathologies

Analyzing Attacks on Cooperative Adaptive Cruise Control (CACC)

Cooperative Adaptive Cruise Control (CACC) is one of the driving applications of vehicular ad-hoc networks (VANETs) and promises to bring more efficient and faster transportation through cooperative behavior between vehicles. In CACC, vehicles exchange information, which is relied on to partially automate driving; however, this reliance on cooperation requires resilience against attacks and other forms of misbehavior. In this paper, we propose a rigorous attacker model and an evaluation framework for this resilience by quantifying the attack impact, providing the necessary tools to compare controller resilience and attack effectiveness simultaneously. Although there are significant differences between the resilience of the three analyzed controllers, we show that each can be attacked effectively and easily through either jamming or data injection. Our results suggest a combination of misbehavior detection and resilient control algorithms with graceful degradation are necessary ingredients for secure and safe platoons.Comment: 8 pages (author version), 5 Figures, Accepted at 2017 IEEE Vehicular Networking Conference (VNC

A Flexible Network Approach to Privacy of Blockchain Transactions

For preserving privacy, blockchains can be equipped with dedicated mechanisms to anonymize participants. However, these mechanism often take only the abstraction layer of blockchains into account whereas observations of the underlying network traffic can reveal the originator of a transaction request. Previous solutions either provide topological privacy that can be broken by attackers controlling a large number of nodes, or offer strong and cryptographic privacy but are inefficient up to practical unusability. Further, there is no flexible way to trade privacy against efficiency to adjust to practical needs. We propose a novel approach that combines existing mechanisms to have quantifiable and adjustable cryptographic privacy which is further improved by augmented statistical measures that prevent frequent attacks with lower resources. This approach achieves flexibility for privacy and efficency requirements of different blockchain use cases.Comment: 6 pages, 2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS