Threshold privacy preserving keyword searches

We consider the following problem: users of an organization wish to outsource the storage of sensitive data to a large database server. It is assumed that the server storing the data is untrusted so the data stored have to be encrypted. We further suppose that the manager of the organization has the right to access all data, but a member of the organization can not access any data alone. The member must collaborate with other members to search for the desired data. In this paper, we investigate the notion of threshold privacy preserving keyword search (TPPKS) and define its security requirements. We construct a TPPKS scheme and show the proof of security under the assumptions of intractability of discrete logarithm, decisional Diffie-Hellman and computational Diffie-Hellman problems.

A privacy preserving e-payment scheme

Secure electronic payment is an integral part of e-commerce. The e-payment systems in current use require the revealing of the purchaser’s payment information to the seller, while purchasers are not always happy to subject the details of their payment information to possible misuse by sellers. As a result, the uptake of e-commerce is hampered from reaching its full potential. In this paper, we propose an online payment scheme which uses the traditional e-payment infrastructure but which reveals no payment information to the seller. This is done with only an incremental increase in computational power.

A privacy preserving service broker architecture for data sharing

The problem addressed in this paper is how to ensure data privacy concerns when data is shared between multiple organisations. In domains such as healthcare, there is a need to share privacy-sensitive data among autonomous but cooperating organisations. However, security concerns and compliance to privacy regulations requiring confidentiality of the data renders unrestricted access to organisational data by others undesirable. The challenge is how to guarantee privacy preservations for the owners of the information that are willing to share information with other organisations while keeping some other information secret. Therefore, there is a need for privacy preserving database operations for querying data residing at different parties. To address this challenge, we propose a new computationally efficient framework that enables organisations to share privacy-sensitive data. The proposed framework is able to answer queries without revealing any useful information to the data sources or to the third parties.

Attack vector analysis and privacy-preserving social network data publishing

This paper addresses the problem of privacy-preserving data publishing for social network. Research on protecting the privacy of individuals and the confidentiality of data in social network has recently been receiving increasing attention. Privacy is an important issue when one wants to make use of data that involves individuals' sensitive information, especially in a time when data collection is becoming easier and sophisticated data mining techniques are becoming more efficient. In this paper, we discuss various privacy attack vectors on social networks. We present algorithms that sanitize data to make it safe for release while preserving useful information, and discuss ways of analyzing the sanitized data. This study provides a summary of the current state-of-the-art, based on which we expect to see advances in social networks data publishing for years to come.

A framework for the design of privacy preserving pervasive healthcare

Privacy is an important aspect of pervasive and ubiquitous computing systems, and, in particular, pervasive healthcare. With reference to previous approaches on developing privacy sensitive pervasive healthcare applications, we detail a framework for the design of such systems that aims to minimise the impact of privacy on such systems. In reviewing previous approaches, we extract and combine common elements in order to unify the approaches and create a more formal methodology for designing privacy mechanisms in pervasive healthcare applications. In doing so we also consider the manner in which ubiquitous technologies impact on privacy and methods for reducing this impact. We demonstrate how the framework can be applied by using examples from the previous approaches. In addressing privacy issues, the framework aims to remove a large obstacle to deployment of pervasive healthcare systems, acceptance of the technology.

An efficient solution for privacy-preserving, secure remote access to sensitive data

Sharing data that contains personally identifiable or sensitive information, such as medical records, always has privacy and security implications. The issues can become rather complex when the methods of access can vary, and accurate individual data needs to be provided whilst mass data release for specific purposes (for example for medical research) also has to be catered for. Although various solutions have been proposed to address the different aspects individually, a comprehensive approach is highly desirable. This paper presents a solution for maintaining the privacy of data released en masse in a controlled manner, and for providing secure access to the original data for authorized users. The results show that the solution is provably secure and maintains privacy in a more efficient manner than previous solutions.

Towards designing privacy-preserving signature-based IDS as a service : a study and practice

With the advent of Cloud Computing, IDS as a service (IDSaaS) has been proposed as an alternative to protect a network (e.g., financial organization) from a wide range of network attacks by offloading the expensive operations such as the process of signature matching to the cloud. The IDSaaS can be roughly classified into two types: signature-based detection and anomaly-based detection. During the packet inspection, no party wants to disclose their own data especially sensitive information to others, even to the cloud provider, for privacy concerns. However, current solutions of IDSaaS have not much discussed this issue. In this work, focus on the signature-based IDSaaS, we begin by designing a promising privacy-preserving intrusion detection mechanism, the main feature of which is that the process of signature matching does not reveal any specific content of network packets by means of a fingerprint-based comparison. We further conduct a study to evaluate this mechanism under a cloud scenario and identify several open problems and issues for designing such a privacy-preserving mechanism for IDSaaS in a practical environment.

Privacy preserving for tagging recommender systems

Tagging recommender systems allow Internet users to annotate resources with personalized tags. The connection among users, resources and these annotations, often called afolksonomy, permits users the freedom to explore tags, and to obtain recommendations. Releasing these tagging datasets accelerates both commercial and research work on recommender systems. However, adversaries may re-identify a user and her/his sensitivity information from the tagging dataset using a little background information. Recently, several private techniques have been proposed to address the problem, but most of them lack a strict privacy notion, and can hardly resist the number of possible attacks. This paper proposes an private releasing algorithm to perturb users' profile in a strict privacy notion, differential privacy, with the goal of preserving a user's identity in a tagging dataset. The algorithm includes three privacy preserving operations: Private Tag Clustering is used to shrink the randomized domain and Private Tag Selection is then applied to find the most suitable replacement tags for the original tags. To hide the numbers of tags, the third operation, Weight Perturbation, finally adds Lap lace noise to the weight of tags We present extensive experimental results on two real world datasets, Delicious and Bibsonomy. While the personalization algorithmis successful in both cases.

Generating repudiable, memorizable and privacy preserving security questions using the Propp Theory of Narrative

 Security questions are often based on personal information that is limited in variety, available in the public record and very difficult to change if compromised. A personalized folktale shared only by the communicating parties provides memorizable basis for individualized security questions that can be readily replaced in the event of a security breach. We utilize the Propp theory of narrative to provide a basis of abstraction for story generation systems. We develop a proof-of-concept system based on placeholder replacement to demonstrate the generation of repudiate and memorizable questions and answers suitable for online security questions. A 3-component protocol is presented that demonstrates the use of this process to derive a shared secret key through privacy amplification. This combination of story generation and communication security provides the basis for improvements in current security question practice.

PPFSCADA: Privacy preserving framework for SCADA data publishing

Supervisory Control and Data Acquisition (SCADA) systems control and monitor industrial and critical infrastructure functions, such as electricity, gas, water, waste, railway, and traffic. Recent attacks on SCADA systems highlight the need for stronger SCADA security. Thus, sharing SCADA traffic data has become a vital requirement in SCADA systems to analyze security risks and develop appropriate security solutions. However, inappropriate sharing and usage of SCADA data could threaten the privacy of companies and prevent sharing of data. In this paper, we present a privacy preserving strategy-based permutation technique called PPFSCADA framework, in which data privacy, statistical properties and data mining utilities can be controlled at the same time. In particular, our proposed approach involves: (i) vertically partitioning the original data set to improve the performance of perturbation; (ii) developing a framework to deal with various types of network traffic data including numerical, categorical and hierarchical attributes; (iii) grouping the portioned sets into a number of clusters based on the proposed framework; and (iv) the perturbation process is accomplished by the alteration of the original attribute value by a new value (clusters centroid). The effectiveness of the proposed PPFSCADA framework is shown through several experiments on simulated SCADA, intrusion detection and network traffic data sets. Through experimental analysis, we show that PPFSCADA effectively deals with multivariate traffic attributes, producing compatible results as the original data, and also substantially improving the performance of the five supervised approaches and provides high level of privacy protection. © 2014 Published by Elsevier B.V. All rights reserved.

Privacy preserving in location data release: A differential privacy approach

Communication devices with GPS chips allow people to generate large volumes of location data. However, location datasets have been confronted with serious privacy concerns. Recently, several privacy techniques have been proposed but most of them lack a strict privacy notion, and can hardly resist the number of possible attacks. This paper proposes a private release algorithm to randomize location datasets in a strict privacy notion, differential privacy. This algorithm includes three privacy-preserving operations: Private Location Clustering shrinks the randomized domain and Cluster Weight Perturbation hides the weights of locations, while Private Location Selection hides the exact locations of a user. Theoretical analysis on utility confirms an improved trade-off between the privacy and utility of released location data. The experimental results further suggest this private release algorithm can successfully retain the utility of the datasets while preserving users’ privacy.