280 research outputs found
Privacy-preserving Publication of Mobility Data with High Utility
An increasing amount of mobility data is being collected every day by
different means, e.g., by mobile phone operators. This data is sometimes
published after the application of simple anonymization techniques, which might
lead to severe privacy threats. We propose in this paper a new solution whose
novelty is twofold. Firstly, we introduce an algorithm designed to hide places
where a user stops during her journey (namely points of interest), by enforcing
a constant speed along her trajectory. Secondly, we leverage places where users
meet to take a chance to swap their trajectories and therefore confuse an
attacker.Comment: 2015 35th IEEE International Conference on Distributed Computed
System
Time Distortion Anonymization for the Publication of Mobility Data with High Utility
An increasing amount of mobility data is being collected every day by
different means, such as mobile applications or crowd-sensing campaigns. This
data is sometimes published after the application of simple anonymization
techniques (e.g., putting an identifier instead of the users' names), which
might lead to severe threats to the privacy of the participating users.
Literature contains more sophisticated anonymization techniques, often based on
adding noise to the spatial data. However, these techniques either compromise
the privacy if the added noise is too little or the utility of the data if the
added noise is too strong. We investigate in this paper an alternative
solution, which builds on time distortion instead of spatial distortion.
Specifically, our contribution lies in (1) the introduction of the concept of
time distortion to anonymize mobility datasets (2) Promesse, a protection
mechanism implementing this concept (3) a practical study of Promesse compared
to two representative spatial distortion mechanisms, namely Wait For Me, which
enforces k-anonymity, and Geo-Indistinguishability, which enforces differential
privacy. We evaluate our mechanism practically using three real-life datasets.
Our results show that time distortion reduces the number of points of interest
that can be retrieved by an adversary to under 3 %, while the introduced
spatial error is almost null and the distortion introduced on the results of
range queries is kept under 13 % on average.Comment: in 14th IEEE International Conference on Trust, Security and Privacy
in Computing and Communications, Aug 2015, Helsinki, Finlan
Parallel Evaluation of Relational Queries on a Network of Workstations
In this paper we propose an innovative approach to handle ``read-most'' data bases. This approach is based on a parallel extension, called parallel relational query evaluator, working over a network of workstations, in a coupled mode with a sequential Database Management System (DBMS). We present a detailed architecture of the parallel query evaluator and focus on the management of data during executions and transmissions, especially through macro-pipelining. We then present Enkidu, the prototype that as been build according to our concepts. We finally expose a set of measurements, conducted over Enkidu, highlighting both the specific performances of macro-pipelining and the global ones of Enkidu.Ce document propose une approche innovante de gestion des bases de connées "majoritairement en lecture", c'est-à -dire pour lesquelles l'accès en lecture est nettement dominante vis à vis de l'accès en écriture. l'approche proposée se fonde sur l'usage d'une extension parallèle, appelée évaluateur relationnel parallèle, fonctionnant sur un réseau de stations, en couplage avec un Système de Gestion de Bases de Données (SGBD) séquentiel. Nous présentions ici l'architecture détaillée de cet évaluateur parallèle. Nous insistons particulièrement sur la gestion des données durant les transferts et les interrogations, en étudiant notamment l'utilisation du macro-pipelining. Nous introduisons ensuite notre implémentation de l'évaluateur parallèle, le prototype Enkidu. Nous présentons enfin divers tests et mesures réalisés sur le prototype Enkidu et mettant en avant, non seulement les performances globales du prototype, maïs également celles plus spécifiques liées au macro-pipleinin
T2D: A Peer to Peer trust management system based on Disposition to Trust
International audienceWhile the trust paradigm is essential to broadly extend the communication between the environment's actors, the evaluation of trust becomes a challenge when confronted with initializing the trust relationship and validating the transi- tive propriety of trust. Whether between users or between organizations, existing solutions work to create for peer to peer networks, flexible and decentralized security mecha- nisms with trust approach. However, we have noticed that the trust management systems do not make the most of the subjectivity, more specifically, the notion of Disposition to Trust although this aspect of subjectivity has a strong influence on how to assess direct and a transitive trust. For this reason in our study, we tackle this problem by introducing a new distributed trust model called T2D (Trust to Distrust) which is designed to incorporate the follow- ing contributions : (i) A behavior model which represents the Disposition to Trust ; (ii) Initialization of trust relation- ship (direct and transitive) according to the defined behavior model
Differentially Private Location Privacy in Practice
With the wide adoption of handheld devices (e.g. smartphones, tablets) a
large number of location-based services (also called LBSs) have flourished
providing mobile users with real-time and contextual information on the move.
Accounting for the amount of location information they are given by users,
these services are able to track users wherever they go and to learn sensitive
information about them (e.g. their points of interest including home, work,
religious or political places regularly visited). A number of solutions have
been proposed in the past few years to protect users location information while
still allowing them to enjoy geo-located services. Among the most robust
solutions are those that apply the popular notion of differential privacy to
location privacy (e.g. Geo-Indistinguishability), promising strong theoretical
privacy guarantees with a bounded accuracy loss. While these theoretical
guarantees are attracting, it might be difficult for end users or practitioners
to assess their effectiveness in the wild. In this paper, we carry on a
practical study using real mobility traces coming from two different datasets,
to assess the ability of Geo-Indistinguishability to protect users' points of
interest (POIs). We show that a curious LBS collecting obfuscated location
information sent by mobile users is still able to infer most of the users POIs
with a reasonable both geographic and semantic precision. This precision
depends on the degree of obfuscation applied by Geo-Indistinguishability.
Nevertheless, the latter also has an impact on the overhead incurred on mobile
devices resulting in a privacy versus overhead trade-off. Finally, we show in
our study that POIs constitute a quasi-identifier for mobile users and that
obfuscating them using Geo-Indistinguishability is not sufficient as an
attacker is able to re-identify at least 63% of them despite a high degree of
obfuscation.Comment: In Proceedings of the Third Workshop on Mobile Security Technologies
(MoST) 2014 (http://arxiv.org/abs/1410.6674
Medical Image Content-Based Queries using the Grid
International audienceComputation and data grids have encountered a large success among the scientific computing community in the past few years. The medical imaging community is increasingly aware of the potential benefit of these technologies in facing today medical image analysis challenges. In this paper, we report on a first experiment in deploying a medical application on a large scale grid testbed. Our pilot application is a hybrid metadata and image content-based query system that manipulates a large data set and for which image analysis computation can be easily parallelized on several grid nodes. We analyze the performances of this algorithm and the benefit brought by the grid. We further discuss possible improvements and future trends in porting medical applications to grid infrastructures
A Decentralized Anonymity-Preserving Reputation System with Constant-time Score Retrieval
Reputation systems are a major feature of every modern e-commerce website, helping buyers carefully choose their service providers and products. However, most websites use centralized reputation systems, where the security of the system rests entirely upon a single Trusted Third Party. Moreover, they often disclose the identities of the raters, which may discourage honest users from posting
frank reviews due to the fear of retaliation from the ratees. We present a reputation system that is decentralized yet secure and efficient, and could therefore be applied in a practical context. In fact, users are able to retrieve the reputation score of a service provider directly from it in constant time, with assurance regarding the correctness of the information obtained. Additionally, the reputation system is anonymity-preserving, which ensures that users can submit feedback without their identities being associated to it. Despite this anonymity, the system still offers robustness against attacks such as ballot-stuffing and Sybil attacks
ACCIO: How to Make Location Privacy Experimentation Open and Easy
International audienceThe advent of mobile applications collecting and exploiting the location of users opens a number of privacy threats. To mitigate these privacy issues, several protection mechanisms have been proposed this last decade to protect users' location privacy. However, these protection mechanisms are usually implemented and evaluated in monolithic way, with heterogeneous tools and languages. Moreover, they are evaluated using different methodologies, metrics and datasets. This lack of standard makes the task of evaluating and comparing protection mechanisms particularly hard. In this paper, we present ACCIO, a unified framework to ease the design and evaluation of protection mechanisms. Thanks to its Domain Specific Language, ACCIO allows researchers and practitioners to define and deploy experiments in an intuitive way, as well as to easily collect and analyse the results. ACCIO already comes with several state-of-the-art protection mechanisms and a toolbox to manipulate mobility data. Finally, ACCIO is open and easily extensible with new evaluation metrics and protection mechanisms. This openness, combined with a description of experiments through a user-friendly DSL, makes ACCIO an appealing tool to reproduce and disseminate research results easier. In this paper, we present ACCIO's motivation and architecture, and demonstrate its capabilities through several use cases involving multiples metrics, state-of-the-art protection mechanisms, and two real-life mobility datasets collected in Beijing and in the San Francisco area
- …