Conventional private data publication mechanisms aim to retain as much data utility as possible while ensuring sufficient privacy protection on sensitive data.Such data publication schemes implicitly assume that all d...Conventional private data publication mechanisms aim to retain as much data utility as possible while ensuring sufficient privacy protection on sensitive data.Such data publication schemes implicitly assume that all data analysts and users have the same data access privilege levels.However,it is not applicable for the scenario that data users often have different levels of access to the same data,or different requirements of data utility.The multi-level privacy requirements for different authorization levels pose new challenges for private data publication.Traditional PPDP mechanisms only publish one perturbed and private data copy satisfying some privacy guarantee to provide relatively accurate analysis results.To find a good tradeoffbetween privacy preservation level and data utility itself is a hard problem,let alone achieving multi-level data utility on this basis.In this paper,we address this challenge in proposing a novel framework of data publication with compressive sensing supporting multi-level utility-privacy tradeoffs,which provides differential privacy.Specifically,we resort to compressive sensing(CS)method to project a n-dimensional vector representation of users’data to a lower m-dimensional space,and then add deliberately designed noise to satisfy differential privacy.Then,we selectively obfuscate the measurement vector under compressive sensing by adding linearly encoded noise,and provide different data reconstruction algorithms for users with different authorization levels.Extensive experimental results demonstrate that ML-DPCS yields multi-level of data utility for specific users at different authorization levels.展开更多
Since its launch in 2014,Amazon Echo family of devices has seen a considerable increase in adaptation in consumer homes and offices.With a market worth millions of dollars,Echo is used for diverse tasks such as access...Since its launch in 2014,Amazon Echo family of devices has seen a considerable increase in adaptation in consumer homes and offices.With a market worth millions of dollars,Echo is used for diverse tasks such as accessing online information,making phone calls,purchasing items,and controlling the smart home.Echo offers user-friendly voice interaction to automate everyday tasks making it a massive success.Though many people view Amazon Echo as a helpful assistant at home or office,few know its underlying security and privacy implications.In this paper,we present the findings of our research on Amazon Echo’s security and privacy concerns.The findings are divided into different categories by vulnerability or attacks.The proposed mitigation(s)to the vulnerabilities are also presented in the paper.We conclude that though numerous privacy concerns and security vulnerabilities associated with the device are mitigated,many vulnerabilities still need to be addressed.展开更多
基金supported by the US National Science Foun-dation under grant CNS-1704397.
文摘Conventional private data publication mechanisms aim to retain as much data utility as possible while ensuring sufficient privacy protection on sensitive data.Such data publication schemes implicitly assume that all data analysts and users have the same data access privilege levels.However,it is not applicable for the scenario that data users often have different levels of access to the same data,or different requirements of data utility.The multi-level privacy requirements for different authorization levels pose new challenges for private data publication.Traditional PPDP mechanisms only publish one perturbed and private data copy satisfying some privacy guarantee to provide relatively accurate analysis results.To find a good tradeoffbetween privacy preservation level and data utility itself is a hard problem,let alone achieving multi-level data utility on this basis.In this paper,we address this challenge in proposing a novel framework of data publication with compressive sensing supporting multi-level utility-privacy tradeoffs,which provides differential privacy.Specifically,we resort to compressive sensing(CS)method to project a n-dimensional vector representation of users’data to a lower m-dimensional space,and then add deliberately designed noise to satisfy differential privacy.Then,we selectively obfuscate the measurement vector under compressive sensing by adding linearly encoded noise,and provide different data reconstruction algorithms for users with different authorization levels.Extensive experimental results demonstrate that ML-DPCS yields multi-level of data utility for specific users at different authorization levels.
文摘Since its launch in 2014,Amazon Echo family of devices has seen a considerable increase in adaptation in consumer homes and offices.With a market worth millions of dollars,Echo is used for diverse tasks such as accessing online information,making phone calls,purchasing items,and controlling the smart home.Echo offers user-friendly voice interaction to automate everyday tasks making it a massive success.Though many people view Amazon Echo as a helpful assistant at home or office,few know its underlying security and privacy implications.In this paper,we present the findings of our research on Amazon Echo’s security and privacy concerns.The findings are divided into different categories by vulnerability or attacks.The proposed mitigation(s)to the vulnerabilities are also presented in the paper.We conclude that though numerous privacy concerns and security vulnerabilities associated with the device are mitigated,many vulnerabilities still need to be addressed.