In the present scenario of rapid growth in cloud computing models,several companies and users started to share their data on cloud servers.However,when the model is not completely trusted,the data owners face several ...In the present scenario of rapid growth in cloud computing models,several companies and users started to share their data on cloud servers.However,when the model is not completely trusted,the data owners face several security-related problems,such as user privacy breaches,data disclosure,data corruption,and so on,during the process of data outsourcing.For addressing and handling the security-related issues on Cloud,several models were proposed.With that concern,this paper develops a Privacy-Preserved Data Security Approach(PP-DSA)to provide the data security and data integrity for the out-sourcing data in Cloud Environment.Privacy preservation is ensured in this work with the Efficient Authentication Technique(EAT)using the Group Signature method that is applied with Third-Party Auditor(TPA).The role of the auditor is to secure the data and guarantee shared data integrity.Additionally,the Cloud Service Provider(CSP)and Data User(DU)can also be the attackers that are to be handled with the EAT.Here,the major objective of the work is to enhance cloud security and thereby,increase Quality of Service(QoS).The results are evaluated based on the model effectiveness,security,and reliability and show that the proposed model provides better results than existing works.展开更多
The application of artificial intelligence technology in Internet of Vehicles(lov)has attracted great research interests with the goal of enabling smart transportation and traffic management.Meanwhile,concerns have be...The application of artificial intelligence technology in Internet of Vehicles(lov)has attracted great research interests with the goal of enabling smart transportation and traffic management.Meanwhile,concerns have been raised over the security and privacy of the tons of traffic and vehicle data.In this regard,Federated Learning(FL)with privacy protection features is considered a highly promising solution.However,in the FL process,the server side may take advantage of its dominant role in model aggregation to steal sensitive information of users,while the client side may also upload malicious data to compromise the training of the global model.Most existing privacy-preserving FL schemes in IoV fail to deal with threats from both of these two sides at the same time.In this paper,we propose a Blockchain based Privacy-preserving Federated Learning scheme named BPFL,which uses blockchain as the underlying distributed framework of FL.We improve the Multi-Krum technology and combine it with the homomorphic encryption to achieve ciphertext-level model aggregation and model filtering,which can enable the verifiability of the local models while achieving privacy-preservation.Additionally,we develop a reputation-based incentive mechanism to encourage users in IoV to actively participate in the federated learning and to practice honesty.The security analysis and performance evaluations are conducted to show that the proposed scheme can meet the security requirements and improve the performance of the FL model.展开更多
The proliferation of intelligent,connected Internet of Things(IoT)devices facilitates data collection.However,task workers may be reluctant to participate in data collection due to privacy concerns,and task requesters...The proliferation of intelligent,connected Internet of Things(IoT)devices facilitates data collection.However,task workers may be reluctant to participate in data collection due to privacy concerns,and task requesters may be concerned about the validity of the collected data.Hence,it is vital to evaluate the quality of the data collected by the task workers while protecting privacy in spatial crowdsourcing(SC)data collection tasks with IoT.To this end,this paper proposes a privacy-preserving data reliability evaluation for SC in IoT,named PARE.First,we design a data uploading format using blockchain and Paillier homomorphic cryptosystem,providing unchangeable and traceable data while overcoming privacy concerns.Secondly,based on the uploaded data,we propose a method to determine the approximate correct value region without knowing the exact value.Finally,we offer a data filtering mechanism based on the Paillier cryptosystem using this value region.The evaluation and analysis results show that PARE outperforms the existing solution in terms of performance and privacy protection.展开更多
The rapid growth of smart technologies and services has intensified the challenges surrounding identity authenti-cation techniques.Biometric credentials are increasingly being used for verification due to their advant...The rapid growth of smart technologies and services has intensified the challenges surrounding identity authenti-cation techniques.Biometric credentials are increasingly being used for verification due to their advantages over traditional methods,making it crucial to safeguard the privacy of people’s biometric data in various scenarios.This paper offers an in-depth exploration for privacy-preserving techniques and potential threats to biometric systems.It proposes a noble and thorough taxonomy survey for privacy-preserving techniques,as well as a systematic framework for categorizing the field’s existing literature.We review the state-of-the-art methods and address their advantages and limitations in the context of various biometric modalities,such as face,fingerprint,and eye detection.The survey encompasses various categories of privacy-preserving mechanisms and examines the trade-offs between security,privacy,and recognition performance,as well as the issues and future research directions.It aims to provide researchers,professionals,and decision-makers with a thorough understanding of the existing privacy-preserving solutions in biometric recognition systems and serves as the foundation of the development of more secure and privacy-preserving biometric technologies.展开更多
Nowadays,Internet of Things(IoT)is widely deployed and brings great opportunities to change people's daily life.To realize more effective human-computer interaction in the IoT applications,the Question Answering(Q...Nowadays,Internet of Things(IoT)is widely deployed and brings great opportunities to change people's daily life.To realize more effective human-computer interaction in the IoT applications,the Question Answering(QA)systems implanted in the IoT services are supposed to improve the ability to understand natural language.Therefore,the distributed representation of words,which contains more semantic or syntactic information,has been playing a more and more important role in the QA systems.However,learning high-quality distributed word vectors requires lots of storage and computing resources,hence it cannot be deployed on the resource-constrained IoT devices.It is a good choice to outsource the data and computation to the cloud servers.Nevertheless,it could cause privacy risks to directly upload private data to the untrusted cloud.Therefore,realizing the word vector learning process over untrusted cloud servers without privacy leakage is an urgent and challenging task.In this paper,we present a novel efficient word vector learning scheme over encrypted data.We first design a series of arithmetic computation protocols.Then we use two non-colluding cloud servers to implement high-quality word vectors learning over encrypted data.The proposed scheme allows us to perform training word vectors on the remote cloud servers while protecting privacy.Security analysis and experiments over real data sets demonstrate that our scheme is more secure and efficient than existing privacy-preserving word vector learning schemes.展开更多
In a cloud environment,outsourced graph data is widely used in companies,enterprises,medical institutions,and so on.Data owners and users can save costs and improve efficiency by storing large amounts of graph data on...In a cloud environment,outsourced graph data is widely used in companies,enterprises,medical institutions,and so on.Data owners and users can save costs and improve efficiency by storing large amounts of graph data on cloud servers.Servers on cloud platforms usually have some subjective or objective attacks,which make the outsourced graph data in an insecure state.The issue of privacy data protection has become an important obstacle to data sharing and usage.How to query outsourcing graph data safely and effectively has become the focus of research.Adjacency query is a basic and frequently used operation in graph,and it will effectively promote the query range and query ability if multi-keyword fuzzy search can be supported at the same time.This work proposes to protect the privacy information of outsourcing graph data by encryption,mainly studies the problem of multi-keyword fuzzy adjacency query,and puts forward a solution.In our scheme,we use the Bloom filter and encryption mechanism to build a secure index and query token,and adjacency queries are implemented through indexes and query tokens on the cloud server.Our proposed scheme is proved by formal analysis,and the performance and effectiveness of the scheme are illustrated by experimental analysis.The research results of this work will provide solid theoretical and technical support for the further popularization and application of encrypted graph data processing technology.展开更多
Advanced cloud computing technology provides cost saving and flexibility of services for users.With the explosion of multimedia data,more and more data owners would outsource their personal multimedia data on the clou...Advanced cloud computing technology provides cost saving and flexibility of services for users.With the explosion of multimedia data,more and more data owners would outsource their personal multimedia data on the cloud.In the meantime,some computationally expensive tasks are also undertaken by cloud servers.However,the outsourced multimedia data and its applications may reveal the data owner’s private information because the data owners lose the control of their data.Recently,this thought has aroused new research interest on privacy-preserving reversible data hiding over outsourced multimedia data.In this paper,two reversible data hiding schemes are proposed for encrypted image data in cloud computing:reversible data hiding by homomorphic encryption and reversible data hiding in encrypted domain.The former is that additional bits are extracted after decryption and the latter is that extracted before decryption.Meanwhile,a combined scheme is also designed.This paper proposes the privacy-preserving outsourcing scheme of reversible data hiding over encrypted image data in cloud computing,which not only ensures multimedia data security without relying on the trustworthiness of cloud servers,but also guarantees that reversible data hiding can be operated over encrypted images at the different stages.Theoretical analysis confirms the correctness of the proposed encryption model and justifies the security of the proposed scheme.The computation cost of the proposed scheme is acceptable and adjusts to different security levels.展开更多
With the development of Internet of Things(IoT),the delay caused by network transmission has led to low data processing efficiency.At the same time,the limited computing power and available energy consumption of IoT t...With the development of Internet of Things(IoT),the delay caused by network transmission has led to low data processing efficiency.At the same time,the limited computing power and available energy consumption of IoT terminal devices are also the important bottlenecks that would restrict the application of blockchain,but edge computing could solve this problem.The emergence of edge computing can effectively reduce the delay of data transmission and improve data processing capacity.However,user data in edge computing is usually stored and processed in some honest-but-curious authorized entities,which leads to the leakage of users’privacy information.In order to solve these problems,this paper proposes a location data collection method that satisfies the local differential privacy to protect users’privacy.In this paper,a Voronoi diagram constructed by the Delaunay method is used to divide the road network space and determine the Voronoi grid region where the edge nodes are located.A random disturbance mechanism that satisfies the local differential privacy is utilized to disturb the original location data in each Voronoi grid.In addition,the effectiveness of the proposed privacy-preserving mechanism is verified through comparison experiments.Compared with the existing privacy-preserving methods,the proposed privacy-preserving mechanism can not only better meet users’privacy needs,but also have higher data availability.展开更多
Numerous privacy-preserving issues have emerged along with the fast development of Internet, both in theory and in real-life applications. To settle the privacy-preserving problems, secure multi-party computation is e...Numerous privacy-preserving issues have emerged along with the fast development of Internet, both in theory and in real-life applications. To settle the privacy-preserving problems, secure multi-party computation is essential and critical. In this paper, we have solved two problems regarding to how to determine the position relation between points and curves without revealing any private information. Two protocols have been proposed in order to solve the problems in different conditions. In addition, some building blocks have been developed, such as scalar product protocol, so that we can take advantage of them to settle the privacy-preserving computational geometry problems which are a kind of special secure multi-party computation problems. Moreover, oblivious transfer and power series expansion serve as significant parts in our protocols. Analyses and proofs have also been given to argue our conclusion.展开更多
With the increasing popularity of cloud computing,privacy has become one of the key problem in cloud security.When data is outsourced to the cloud,for data owners,they need to ensure the security of their privacy;for ...With the increasing popularity of cloud computing,privacy has become one of the key problem in cloud security.When data is outsourced to the cloud,for data owners,they need to ensure the security of their privacy;for cloud service providers,they need some information of the data to provide high QoS services;and for authorized users,they need to access to the true value of data.The existing privacy-preserving methods can't meet all the needs of the three parties at the same time.To address this issue,we propose a retrievable data perturbation method and use it in the privacy-preserving in data outsourcing in cloud computing.Our scheme comes in four steps.Firstly,an improved random generator is proposed to generate an accurate "noise".Next,a perturbation algorithm is introduced to add noise to the original data.By doing this,the privacy information is hidden,but the mean and covariance of data which the service providers may need remain unchanged.Then,a retrieval algorithm is proposed to get the original data back from the perturbed data.Finally,we combine the retrievable perturbation with the access control process to ensure only the authorized users can retrieve the original data.The experiments show that our scheme perturbs date correctly,efficiently,and securely.展开更多
Wireless sensor networks(WSNs)consist of a great deal of sensor nodes with limited power,computation,storage,sensing and communication capabilities.Data aggregation is a very important technique,which is designed to s...Wireless sensor networks(WSNs)consist of a great deal of sensor nodes with limited power,computation,storage,sensing and communication capabilities.Data aggregation is a very important technique,which is designed to substantially reduce the communication overhead and energy expenditure of sensor node during the process of data collection in a WSNs.However,privacy-preservation is more challenging especially in data aggregation,where the aggregators need to perform some aggregation operations on sensing data it received.We present a state-of-the art survey of privacy-preserving data aggregation in WSNs.At first,we classify the existing privacy-preserving data aggregation schemes into different categories by the core privacy-preserving techniques used in each scheme.And then compare and contrast different algorithms on the basis of performance measures such as the privacy protection ability,communication consumption,power consumption and data accuracy etc.Furthermore,based on the existing work,we also discuss a number of open issues which may intrigue the interest of researchers for future work.展开更多
Federated learning for edge computing is a promising solution in the data booming era,which leverages the computation ability of each edge device to train local models and only shares the model gradients to the centra...Federated learning for edge computing is a promising solution in the data booming era,which leverages the computation ability of each edge device to train local models and only shares the model gradients to the central server.However,the frequently transmitted local gradients could also leak the participants’private data.To protect the privacy of local training data,lots of cryptographic-based Privacy-Preserving Federated Learning(PPFL)schemes have been proposed.However,due to the constrained resource nature of mobile devices and complex cryptographic operations,traditional PPFL schemes fail to provide efficient data confidentiality and lightweight integrity verification simultaneously.To tackle this problem,we propose a Verifiable Privacypreserving Federated Learning scheme(VPFL)for edge computing systems to prevent local gradients from leaking over the transmission stage.Firstly,we combine the Distributed Selective Stochastic Gradient Descent(DSSGD)method with Paillier homomorphic cryptosystem to achieve the distributed encryption functionality,so as to reduce the computation cost of the complex cryptosystem.Secondly,we further present an online/offline signature method to realize the lightweight gradients integrity verification,where the offline part can be securely outsourced to the edge server.Comprehensive security analysis demonstrates the proposed VPFL can achieve data confidentiality,authentication,and integrity.At last,we evaluate both communication overhead and computation cost of the proposed VPFL scheme,the experimental results have shown VPFL has low computation costs and communication overheads while maintaining high training accuracy.展开更多
The introduction of the Internet of Things(IoT)paradigm serves as pervasive resource access and sharing platform for different real-time applications.Decentralized resource availability,access,and allocation provide a...The introduction of the Internet of Things(IoT)paradigm serves as pervasive resource access and sharing platform for different real-time applications.Decentralized resource availability,access,and allocation provide a better quality of user experience regardless of the application type and scenario.However,privacy remains an open issue in this ubiquitous sharing platform due to massive and replicated data availability.In this paper,privacy-preserving decision-making for the data-sharing scheme is introduced.This scheme is responsible for improving the security in data sharing without the impact of replicated resources on communicating users.In this scheme,classification learning is used for identifying replicas and accessing granted resources independently.Based on the trust score of the available resources,this classification is recurrently performed to improve the reliability of information sharing.The user-level decisions for information sharing and access are made using the classification of the resources at the time of availability.This proposed scheme is verified using the metrics access delay,success ratio,computation complexity,and sharing loss.展开更多
As an essential component of intelligent transportation systems(ITS),electric vehicles(EVs)can store massive amounts of electric power in their batteries and send power back to a charging station(CS)at peak hours to b...As an essential component of intelligent transportation systems(ITS),electric vehicles(EVs)can store massive amounts of electric power in their batteries and send power back to a charging station(CS)at peak hours to balance the power supply and generate profits.However,when the system collects the corresponding power data,several severe security and privacy issues are encountered.The identity and private injection data may be maliciously intercepted by network attackers and be tampered with to damage the services of ITS and smart grids.Existing approaches requiring high computational overhead render them unsuitable for the resource-constrained Internet of Things(IoT)environment.To address above problems,this paper proposes a blockchain-enabled secure and privacy-preserving data aggregation scheme for fog-based ITS.First,a fog computing and blockchain co-aware aggregation framework of power injection data is designed,which provides strong support for ITS to achieve secure and efficient power injection.Second,Paillier homomorphic encryption,the batch aggregation signature mechanism and a Bloom filter are effectively integrated with efficient aggregation of power injection data with security and privacy guarantees.In addition,the fine-grained homomorphic aggregation is designed for power injection data generated by all EVs,which provides solid data support for accurate power dispatching and supply management in ITS.Experiments show that the total computational cost is significantly reduced in the proposed scheme while providing security and privacy guarantees.The proposed scheme is more suitable for ITS with latency-sensitive applications and is also adapted to deploying devices with limited resources.展开更多
The application field of the Internet of Things(IoT)involves all aspects,and its application in the fields of industry,agriculture,environment,transportation,logistics,security and other infrastructure has effectively...The application field of the Internet of Things(IoT)involves all aspects,and its application in the fields of industry,agriculture,environment,transportation,logistics,security and other infrastructure has effectively promoted the intelligent development of these aspects.Although the IoT has gradually grown in recent years,there are still many problems that need to be overcome in terms of technology,management,cost,policy,and security.We need to constantly weigh the benefits of trusting IoT products and the risk of leaking private data.To avoid the leakage and loss of various user data,this paper developed a hybrid algorithm of kernel function and random perturbation method based on the algorithm of non-negative matrix factorization,which realizes personalized recommendation and solves the problem of user privacy data protection in the process of personalized recommendation.Compared to non-negative matrix factorization privacy-preserving algorithm,the new algorithm does not need to know the detailed information of the data,only need to know the connection between each data;and the new algorithm can process the data points with negative characteristics.Experiments show that the new algorithm can produce recommendation results with certain accuracy under the premise of preserving users’personal privacy.展开更多
Clinical decision-support systems are technology-based tools that help healthcare providers enhance the quality of their services to satisfy their patients and earn their trust.These systems are used to improve physic...Clinical decision-support systems are technology-based tools that help healthcare providers enhance the quality of their services to satisfy their patients and earn their trust.These systems are used to improve physicians’diagnostic processes in terms of speed and accuracy.Using data-mining techniques,a clinical decision support system builds a classification model from hospital’s dataset for diagnosing new patients using their symptoms.In this work,we propose a privacy-preserving clinical decision-support system that uses a privacy-preserving random forest algorithm to diagnose new symptoms without disclosing patients’information and exposing them to cyber and network attacks.Solving the same problem with a different methodology,the simulation results show that the proposed algorithm outperforms previous work by removing unnecessary attributes and avoiding cryptography algorithms.Moreover,our model is validated against the privacy requirements of the hospitals’datasets and votes,and patients’diagnosed symptoms.展开更多
Medical data mining has become an essential task in healthcare sector to secure the personal and medical data of patients using privacy policy.In this background,several authentication and accessibility issues emerge ...Medical data mining has become an essential task in healthcare sector to secure the personal and medical data of patients using privacy policy.In this background,several authentication and accessibility issues emerge with an inten-tion to protect the sensitive details of the patients over getting published in open domain.To solve this problem,Multi Attribute Case based Privacy Preservation(MACPP)technique is proposed in this study to enhance the security of privacy-preserving data.Private information can be any attribute information which is categorized as sensitive logs in a patient’s records.The semantic relation between transactional patient records and access rights is estimated based on the mean average value to distinguish sensitive and non-sensitive information.In addition to this,crypto hidden policy is also applied here to encrypt the sensitive data through symmetric standard key log verification that protects the personalized sensitive information.Further,linear integrity verification provides authentication rights to verify the data,improves the performance of privacy preserving techni-que against intruders and assures high security in healthcare setting.展开更多
In a smart grid, a huge amount of data is collected for various applications, such as load monitoring and demand response. These data are used for analyzing the power state and formulating the optimal dispatching stra...In a smart grid, a huge amount of data is collected for various applications, such as load monitoring and demand response. These data are used for analyzing the power state and formulating the optimal dispatching strategy. However, these big energy data in terms of volume, velocity and variety raise concern over consumers' privacy. For instance, in order to optimize energy utilization and support demand response, numerous smart meters are installed at a consumer's home to collect energy consumption data at a fine granularity, but these fine-grained data may contain information on the appliances and thus the consumer's behaviors at home. In this paper, we propose a privacy-preserving data aggregation scheme based on secret sharing with fault tolerance in a smart grid, which ensures that the control center obtains the integrated data without compromising privacy. Meanwhile, we also consider fault tolerance and resistance to differential attack during the data aggregation. Finally, we perform a security analysis and performance evaluation of our scheme in comparison with the other similar schemes. The analysis shows that our scheme can meet the security requirement, and it also shows better performance than other popular methods.展开更多
An RFID (Radio-Frequency IDentification) system provides the mechanism to identify tags to readers and then to execute specific RFID-enabled applications. In those applications, secure protocols using lightweight cryp...An RFID (Radio-Frequency IDentification) system provides the mechanism to identify tags to readers and then to execute specific RFID-enabled applications. In those applications, secure protocols using lightweight cryptography need to be developed and the privacy of tags must be ensured. In 2010, Batina et al. proposed a privacy-preserving grouping proof protocol for RFID based on ECC (Elliptic Curve Cryptography) in public-key cryptosystem. In the next year, Lv et al. had shown that Batina et al.’s protocol was insecure against the tracking attack such that the privacy of tags did not be preserved properly. Then they proposed a revised protocol based on Batina et al.’s work. Their revised protocol was claimed to have all security properties and resisted tracking attack. But in this paper, we prove that Lv et al.’s protocol cannot work properly. Then we propose a new version protocol with some nonce to satisfy the functions of Batina et al.’s privacy-preserving grouping proof protocol. Further we try the tracing attack made by Lv et al. on our protocol and prove our protocol can resist this attack to recover the untraceability.展开更多
Healthcare centers always aim to deliver the best quality healthcare services to patients and earn their satisfaction. Technology has played a major role in achieving these goals, such as clinical decision-support sys...Healthcare centers always aim to deliver the best quality healthcare services to patients and earn their satisfaction. Technology has played a major role in achieving these goals, such as clinical decision-support systems and mobile health social networks. These systems have improved the quality of care services by speeding-up the diagnosis process with accuracy, and allowing caregivers to monitor patients remotely through the use of WBS, respectively. However, these systems’ accuracy and efficiency are dependent on patients’ health information, which must be inevitably shared over the network, thus exposing them to cyber-attacks. Therefore, privacy-preserving services are ought to be employed to protect patients’ privacy. In this work, we proposed a privacy-preserving healthcare system, which is composed of two subsystems. The first is a privacy-preserving clinical decision-support system. The second subsystem is a privacy-preserving Mobile Health Social Network (MHSN). The former was based on decision tree classifier that is used to diagnose patients with new symptoms without disclosing patients’ records. Whereas the latter would allow physicians to monitor patients’ current condition remotely through WBS;thus sending help immediately in case of a distress situation detected. The social network, which connects patients of similar symptoms together, would also provide the service of seeking help of near-by passing people while the patient is waiting for an ambulance to arrive. Our model is expected to improve healthcare services while protecting patients’ privacy.展开更多
文摘In the present scenario of rapid growth in cloud computing models,several companies and users started to share their data on cloud servers.However,when the model is not completely trusted,the data owners face several security-related problems,such as user privacy breaches,data disclosure,data corruption,and so on,during the process of data outsourcing.For addressing and handling the security-related issues on Cloud,several models were proposed.With that concern,this paper develops a Privacy-Preserved Data Security Approach(PP-DSA)to provide the data security and data integrity for the out-sourcing data in Cloud Environment.Privacy preservation is ensured in this work with the Efficient Authentication Technique(EAT)using the Group Signature method that is applied with Third-Party Auditor(TPA).The role of the auditor is to secure the data and guarantee shared data integrity.Additionally,the Cloud Service Provider(CSP)and Data User(DU)can also be the attackers that are to be handled with the EAT.Here,the major objective of the work is to enhance cloud security and thereby,increase Quality of Service(QoS).The results are evaluated based on the model effectiveness,security,and reliability and show that the proposed model provides better results than existing works.
基金supported by the National Natural Science Foundation of China under Grant 61972148.
文摘The application of artificial intelligence technology in Internet of Vehicles(lov)has attracted great research interests with the goal of enabling smart transportation and traffic management.Meanwhile,concerns have been raised over the security and privacy of the tons of traffic and vehicle data.In this regard,Federated Learning(FL)with privacy protection features is considered a highly promising solution.However,in the FL process,the server side may take advantage of its dominant role in model aggregation to steal sensitive information of users,while the client side may also upload malicious data to compromise the training of the global model.Most existing privacy-preserving FL schemes in IoV fail to deal with threats from both of these two sides at the same time.In this paper,we propose a Blockchain based Privacy-preserving Federated Learning scheme named BPFL,which uses blockchain as the underlying distributed framework of FL.We improve the Multi-Krum technology and combine it with the homomorphic encryption to achieve ciphertext-level model aggregation and model filtering,which can enable the verifiability of the local models while achieving privacy-preservation.Additionally,we develop a reputation-based incentive mechanism to encourage users in IoV to actively participate in the federated learning and to practice honesty.The security analysis and performance evaluations are conducted to show that the proposed scheme can meet the security requirements and improve the performance of the FL model.
基金This work was supported by the National Natural Science Foundation of China under Grant 62233003the National Key Research and Development Program of China under Grant 2020YFB1708602.
文摘The proliferation of intelligent,connected Internet of Things(IoT)devices facilitates data collection.However,task workers may be reluctant to participate in data collection due to privacy concerns,and task requesters may be concerned about the validity of the collected data.Hence,it is vital to evaluate the quality of the data collected by the task workers while protecting privacy in spatial crowdsourcing(SC)data collection tasks with IoT.To this end,this paper proposes a privacy-preserving data reliability evaluation for SC in IoT,named PARE.First,we design a data uploading format using blockchain and Paillier homomorphic cryptosystem,providing unchangeable and traceable data while overcoming privacy concerns.Secondly,based on the uploaded data,we propose a method to determine the approximate correct value region without knowing the exact value.Finally,we offer a data filtering mechanism based on the Paillier cryptosystem using this value region.The evaluation and analysis results show that PARE outperforms the existing solution in terms of performance and privacy protection.
基金The research is supported by Nature Science Foundation of Zhejiang Province(LQ20F020008)“Pioneer”and“Leading Goose”R&D Program of Zhejiang(Grant Nos.2023C03203,2023C01150).
文摘The rapid growth of smart technologies and services has intensified the challenges surrounding identity authenti-cation techniques.Biometric credentials are increasingly being used for verification due to their advantages over traditional methods,making it crucial to safeguard the privacy of people’s biometric data in various scenarios.This paper offers an in-depth exploration for privacy-preserving techniques and potential threats to biometric systems.It proposes a noble and thorough taxonomy survey for privacy-preserving techniques,as well as a systematic framework for categorizing the field’s existing literature.We review the state-of-the-art methods and address their advantages and limitations in the context of various biometric modalities,such as face,fingerprint,and eye detection.The survey encompasses various categories of privacy-preserving mechanisms and examines the trade-offs between security,privacy,and recognition performance,as well as the issues and future research directions.It aims to provide researchers,professionals,and decision-makers with a thorough understanding of the existing privacy-preserving solutions in biometric recognition systems and serves as the foundation of the development of more secure and privacy-preserving biometric technologies.
基金supported by the National Natural Science Foundation of China under Grant No.61672195,61872372the Open Foundation of State Key Laboratory of Cryptology No.MMKFKT201617the National University of Defense Technology Grant No.ZK19-38.
文摘Nowadays,Internet of Things(IoT)is widely deployed and brings great opportunities to change people's daily life.To realize more effective human-computer interaction in the IoT applications,the Question Answering(QA)systems implanted in the IoT services are supposed to improve the ability to understand natural language.Therefore,the distributed representation of words,which contains more semantic or syntactic information,has been playing a more and more important role in the QA systems.However,learning high-quality distributed word vectors requires lots of storage and computing resources,hence it cannot be deployed on the resource-constrained IoT devices.It is a good choice to outsource the data and computation to the cloud servers.Nevertheless,it could cause privacy risks to directly upload private data to the untrusted cloud.Therefore,realizing the word vector learning process over untrusted cloud servers without privacy leakage is an urgent and challenging task.In this paper,we present a novel efficient word vector learning scheme over encrypted data.We first design a series of arithmetic computation protocols.Then we use two non-colluding cloud servers to implement high-quality word vectors learning over encrypted data.The proposed scheme allows us to perform training word vectors on the remote cloud servers while protecting privacy.Security analysis and experiments over real data sets demonstrate that our scheme is more secure and efficient than existing privacy-preserving word vector learning schemes.
基金This research was supported in part by the Nature Science Foundation of China(Nos.62262033,61962029,61762055,62062045 and 62362042)the Jiangxi Provincial Natural Science Foundation of China(Nos.20224BAB202012,20202ACBL202005 and 20202BAB212006)+3 种基金the Science and Technology Research Project of Jiangxi Education Department(Nos.GJJ211815,GJJ2201914 and GJJ201832)the Hubei Natural Science Foundation Innovation and Development Joint Fund Project(No.2022CFD101)Xiangyang High-Tech Key Science and Technology Plan Project(No.2022ABH006848)Hubei Superior and Distinctive Discipline Group of“New Energy Vehicle and Smart Transportation”,the Project of Zhejiang Institute of Mechanical&Electrical Engineering,and the Jiangxi Provincial Social Science Foundation of China(No.23GL52D).
文摘In a cloud environment,outsourced graph data is widely used in companies,enterprises,medical institutions,and so on.Data owners and users can save costs and improve efficiency by storing large amounts of graph data on cloud servers.Servers on cloud platforms usually have some subjective or objective attacks,which make the outsourced graph data in an insecure state.The issue of privacy data protection has become an important obstacle to data sharing and usage.How to query outsourcing graph data safely and effectively has become the focus of research.Adjacency query is a basic and frequently used operation in graph,and it will effectively promote the query range and query ability if multi-keyword fuzzy search can be supported at the same time.This work proposes to protect the privacy information of outsourcing graph data by encryption,mainly studies the problem of multi-keyword fuzzy adjacency query,and puts forward a solution.In our scheme,we use the Bloom filter and encryption mechanism to build a secure index and query token,and adjacency queries are implemented through indexes and query tokens on the cloud server.Our proposed scheme is proved by formal analysis,and the performance and effectiveness of the scheme are illustrated by experimental analysis.The research results of this work will provide solid theoretical and technical support for the further popularization and application of encrypted graph data processing technology.
基金This work was supported by the National Natural Science Foundation of China(No.61702276)the Startup Foundation for Introducing Talent of Nanjing University of Information Science and Technology under Grant 2016r055 and the Priority Academic Program Development(PAPD)of Jiangsu Higher Education Institutions.The authors are grateful for the anonymous reviewers who made constructive comments and improvements.
文摘Advanced cloud computing technology provides cost saving and flexibility of services for users.With the explosion of multimedia data,more and more data owners would outsource their personal multimedia data on the cloud.In the meantime,some computationally expensive tasks are also undertaken by cloud servers.However,the outsourced multimedia data and its applications may reveal the data owner’s private information because the data owners lose the control of their data.Recently,this thought has aroused new research interest on privacy-preserving reversible data hiding over outsourced multimedia data.In this paper,two reversible data hiding schemes are proposed for encrypted image data in cloud computing:reversible data hiding by homomorphic encryption and reversible data hiding in encrypted domain.The former is that additional bits are extracted after decryption and the latter is that extracted before decryption.Meanwhile,a combined scheme is also designed.This paper proposes the privacy-preserving outsourcing scheme of reversible data hiding over encrypted image data in cloud computing,which not only ensures multimedia data security without relying on the trustworthiness of cloud servers,but also guarantees that reversible data hiding can be operated over encrypted images at the different stages.Theoretical analysis confirms the correctness of the proposed encryption model and justifies the security of the proposed scheme.The computation cost of the proposed scheme is acceptable and adjusts to different security levels.
文摘With the development of Internet of Things(IoT),the delay caused by network transmission has led to low data processing efficiency.At the same time,the limited computing power and available energy consumption of IoT terminal devices are also the important bottlenecks that would restrict the application of blockchain,but edge computing could solve this problem.The emergence of edge computing can effectively reduce the delay of data transmission and improve data processing capacity.However,user data in edge computing is usually stored and processed in some honest-but-curious authorized entities,which leads to the leakage of users’privacy information.In order to solve these problems,this paper proposes a location data collection method that satisfies the local differential privacy to protect users’privacy.In this paper,a Voronoi diagram constructed by the Delaunay method is used to divide the road network space and determine the Voronoi grid region where the edge nodes are located.A random disturbance mechanism that satisfies the local differential privacy is utilized to disturb the original location data in each Voronoi grid.In addition,the effectiveness of the proposed privacy-preserving mechanism is verified through comparison experiments.Compared with the existing privacy-preserving methods,the proposed privacy-preserving mechanism can not only better meet users’privacy needs,but also have higher data availability.
基金Supported by the National Natural Science Foundation of China (No. 61070189, 60673065)the National High Technology Development Program (No. 2008AA01Z419)
文摘Numerous privacy-preserving issues have emerged along with the fast development of Internet, both in theory and in real-life applications. To settle the privacy-preserving problems, secure multi-party computation is essential and critical. In this paper, we have solved two problems regarding to how to determine the position relation between points and curves without revealing any private information. Two protocols have been proposed in order to solve the problems in different conditions. In addition, some building blocks have been developed, such as scalar product protocol, so that we can take advantage of them to settle the privacy-preserving computational geometry problems which are a kind of special secure multi-party computation problems. Moreover, oblivious transfer and power series expansion serve as significant parts in our protocols. Analyses and proofs have also been given to argue our conclusion.
基金supported in part by NSFC under Grant No.61172090National Science and Technology Major Project under Grant 2012ZX03002001+3 种基金Research Fund for the Doctoral Program of Higher Education of China under Grant No.20120201110013Scientific and Technological Project in Shaanxi Province under Grant(No.2012K06-30, No.2014JQ8322)Basic Science Research Fund in Xi'an Jiaotong University(No. XJJ2014049,No.XKJC2014008)Shaanxi Science and Technology Innovation Project (2013SZS16-Z01/P01/K01)
文摘With the increasing popularity of cloud computing,privacy has become one of the key problem in cloud security.When data is outsourced to the cloud,for data owners,they need to ensure the security of their privacy;for cloud service providers,they need some information of the data to provide high QoS services;and for authorized users,they need to access to the true value of data.The existing privacy-preserving methods can't meet all the needs of the three parties at the same time.To address this issue,we propose a retrievable data perturbation method and use it in the privacy-preserving in data outsourcing in cloud computing.Our scheme comes in four steps.Firstly,an improved random generator is proposed to generate an accurate "noise".Next,a perturbation algorithm is introduced to add noise to the original data.By doing this,the privacy information is hidden,but the mean and covariance of data which the service providers may need remain unchanged.Then,a retrieval algorithm is proposed to get the original data back from the perturbed data.Finally,we combine the retrievable perturbation with the access control process to ensure only the authorized users can retrieve the original data.The experiments show that our scheme perturbs date correctly,efficiently,and securely.
基金supported in part by the National Natural Science Foundation of China(No.61272084,61202004)the Natural Science Foundation of Jiangsu Province(No.BK20130096)the Project of Natural Science Research of Jiangsu University(No.14KJB520031,No.11KJA520002)
文摘Wireless sensor networks(WSNs)consist of a great deal of sensor nodes with limited power,computation,storage,sensing and communication capabilities.Data aggregation is a very important technique,which is designed to substantially reduce the communication overhead and energy expenditure of sensor node during the process of data collection in a WSNs.However,privacy-preservation is more challenging especially in data aggregation,where the aggregators need to perform some aggregation operations on sensing data it received.We present a state-of-the art survey of privacy-preserving data aggregation in WSNs.At first,we classify the existing privacy-preserving data aggregation schemes into different categories by the core privacy-preserving techniques used in each scheme.And then compare and contrast different algorithms on the basis of performance measures such as the privacy protection ability,communication consumption,power consumption and data accuracy etc.Furthermore,based on the existing work,we also discuss a number of open issues which may intrigue the interest of researchers for future work.
基金supported by the National Natural Science Foundation of China(No.62206238)the Natural Science Foundation of Jiangsu Province(Grant No.BK20220562)the Natural Science Research Project of Universities in Jiangsu Province(No.22KJB520010).
文摘Federated learning for edge computing is a promising solution in the data booming era,which leverages the computation ability of each edge device to train local models and only shares the model gradients to the central server.However,the frequently transmitted local gradients could also leak the participants’private data.To protect the privacy of local training data,lots of cryptographic-based Privacy-Preserving Federated Learning(PPFL)schemes have been proposed.However,due to the constrained resource nature of mobile devices and complex cryptographic operations,traditional PPFL schemes fail to provide efficient data confidentiality and lightweight integrity verification simultaneously.To tackle this problem,we propose a Verifiable Privacypreserving Federated Learning scheme(VPFL)for edge computing systems to prevent local gradients from leaking over the transmission stage.Firstly,we combine the Distributed Selective Stochastic Gradient Descent(DSSGD)method with Paillier homomorphic cryptosystem to achieve the distributed encryption functionality,so as to reduce the computation cost of the complex cryptosystem.Secondly,we further present an online/offline signature method to realize the lightweight gradients integrity verification,where the offline part can be securely outsourced to the edge server.Comprehensive security analysis demonstrates the proposed VPFL can achieve data confidentiality,authentication,and integrity.At last,we evaluate both communication overhead and computation cost of the proposed VPFL scheme,the experimental results have shown VPFL has low computation costs and communication overheads while maintaining high training accuracy.
基金supported by the Deanship of Scientific Research(DSR),King Abdulaziz University,Jeddah,under grant No.(DF-203-611-1441)。
文摘The introduction of the Internet of Things(IoT)paradigm serves as pervasive resource access and sharing platform for different real-time applications.Decentralized resource availability,access,and allocation provide a better quality of user experience regardless of the application type and scenario.However,privacy remains an open issue in this ubiquitous sharing platform due to massive and replicated data availability.In this paper,privacy-preserving decision-making for the data-sharing scheme is introduced.This scheme is responsible for improving the security in data sharing without the impact of replicated resources on communicating users.In this scheme,classification learning is used for identifying replicas and accessing granted resources independently.Based on the trust score of the available resources,this classification is recurrently performed to improve the reliability of information sharing.The user-level decisions for information sharing and access are made using the classification of the resources at the time of availability.This proposed scheme is verified using the metrics access delay,success ratio,computation complexity,and sharing loss.
基金The authors received Funding for this study from the National Natural Science Foundation of China(No.61971235)the China Postdoctoral Science Foundation(No.2018M630590)+1 种基金the Jiangsu Planned Projects for Postdoctoral Research Funds(No.2021K501C)the 333 High-level Talents Training Project of Jiangsu Province,and the 1311 Talents Plan of NJUPT.
文摘As an essential component of intelligent transportation systems(ITS),electric vehicles(EVs)can store massive amounts of electric power in their batteries and send power back to a charging station(CS)at peak hours to balance the power supply and generate profits.However,when the system collects the corresponding power data,several severe security and privacy issues are encountered.The identity and private injection data may be maliciously intercepted by network attackers and be tampered with to damage the services of ITS and smart grids.Existing approaches requiring high computational overhead render them unsuitable for the resource-constrained Internet of Things(IoT)environment.To address above problems,this paper proposes a blockchain-enabled secure and privacy-preserving data aggregation scheme for fog-based ITS.First,a fog computing and blockchain co-aware aggregation framework of power injection data is designed,which provides strong support for ITS to achieve secure and efficient power injection.Second,Paillier homomorphic encryption,the batch aggregation signature mechanism and a Bloom filter are effectively integrated with efficient aggregation of power injection data with security and privacy guarantees.In addition,the fine-grained homomorphic aggregation is designed for power injection data generated by all EVs,which provides solid data support for accurate power dispatching and supply management in ITS.Experiments show that the total computational cost is significantly reduced in the proposed scheme while providing security and privacy guarantees.The proposed scheme is more suitable for ITS with latency-sensitive applications and is also adapted to deploying devices with limited resources.
基金the National Natural Science Foundation of Chinaunder Grant No.61772280by the China Special Fund for Meteorological Research in the Public Interestunder Grant GYHY201306070by the Jiangsu Province Innovation and Entrepreneurship TrainingProgram for College Students under Grant No.201910300122Y.
文摘The application field of the Internet of Things(IoT)involves all aspects,and its application in the fields of industry,agriculture,environment,transportation,logistics,security and other infrastructure has effectively promoted the intelligent development of these aspects.Although the IoT has gradually grown in recent years,there are still many problems that need to be overcome in terms of technology,management,cost,policy,and security.We need to constantly weigh the benefits of trusting IoT products and the risk of leaking private data.To avoid the leakage and loss of various user data,this paper developed a hybrid algorithm of kernel function and random perturbation method based on the algorithm of non-negative matrix factorization,which realizes personalized recommendation and solves the problem of user privacy data protection in the process of personalized recommendation.Compared to non-negative matrix factorization privacy-preserving algorithm,the new algorithm does not need to know the detailed information of the data,only need to know the connection between each data;and the new algorithm can process the data points with negative characteristics.Experiments show that the new algorithm can produce recommendation results with certain accuracy under the premise of preserving users’personal privacy.
文摘Clinical decision-support systems are technology-based tools that help healthcare providers enhance the quality of their services to satisfy their patients and earn their trust.These systems are used to improve physicians’diagnostic processes in terms of speed and accuracy.Using data-mining techniques,a clinical decision support system builds a classification model from hospital’s dataset for diagnosing new patients using their symptoms.In this work,we propose a privacy-preserving clinical decision-support system that uses a privacy-preserving random forest algorithm to diagnose new symptoms without disclosing patients’information and exposing them to cyber and network attacks.Solving the same problem with a different methodology,the simulation results show that the proposed algorithm outperforms previous work by removing unnecessary attributes and avoiding cryptography algorithms.Moreover,our model is validated against the privacy requirements of the hospitals’datasets and votes,and patients’diagnosed symptoms.
文摘Medical data mining has become an essential task in healthcare sector to secure the personal and medical data of patients using privacy policy.In this background,several authentication and accessibility issues emerge with an inten-tion to protect the sensitive details of the patients over getting published in open domain.To solve this problem,Multi Attribute Case based Privacy Preservation(MACPP)technique is proposed in this study to enhance the security of privacy-preserving data.Private information can be any attribute information which is categorized as sensitive logs in a patient’s records.The semantic relation between transactional patient records and access rights is estimated based on the mean average value to distinguish sensitive and non-sensitive information.In addition to this,crypto hidden policy is also applied here to encrypt the sensitive data through symmetric standard key log verification that protects the personalized sensitive information.Further,linear integrity verification provides authentication rights to verify the data,improves the performance of privacy preserving techni-que against intruders and assures high security in healthcare setting.
文摘In a smart grid, a huge amount of data is collected for various applications, such as load monitoring and demand response. These data are used for analyzing the power state and formulating the optimal dispatching strategy. However, these big energy data in terms of volume, velocity and variety raise concern over consumers' privacy. For instance, in order to optimize energy utilization and support demand response, numerous smart meters are installed at a consumer's home to collect energy consumption data at a fine granularity, but these fine-grained data may contain information on the appliances and thus the consumer's behaviors at home. In this paper, we propose a privacy-preserving data aggregation scheme based on secret sharing with fault tolerance in a smart grid, which ensures that the control center obtains the integrated data without compromising privacy. Meanwhile, we also consider fault tolerance and resistance to differential attack during the data aggregation. Finally, we perform a security analysis and performance evaluation of our scheme in comparison with the other similar schemes. The analysis shows that our scheme can meet the security requirement, and it also shows better performance than other popular methods.
文摘An RFID (Radio-Frequency IDentification) system provides the mechanism to identify tags to readers and then to execute specific RFID-enabled applications. In those applications, secure protocols using lightweight cryptography need to be developed and the privacy of tags must be ensured. In 2010, Batina et al. proposed a privacy-preserving grouping proof protocol for RFID based on ECC (Elliptic Curve Cryptography) in public-key cryptosystem. In the next year, Lv et al. had shown that Batina et al.’s protocol was insecure against the tracking attack such that the privacy of tags did not be preserved properly. Then they proposed a revised protocol based on Batina et al.’s work. Their revised protocol was claimed to have all security properties and resisted tracking attack. But in this paper, we prove that Lv et al.’s protocol cannot work properly. Then we propose a new version protocol with some nonce to satisfy the functions of Batina et al.’s privacy-preserving grouping proof protocol. Further we try the tracing attack made by Lv et al. on our protocol and prove our protocol can resist this attack to recover the untraceability.
文摘Healthcare centers always aim to deliver the best quality healthcare services to patients and earn their satisfaction. Technology has played a major role in achieving these goals, such as clinical decision-support systems and mobile health social networks. These systems have improved the quality of care services by speeding-up the diagnosis process with accuracy, and allowing caregivers to monitor patients remotely through the use of WBS, respectively. However, these systems’ accuracy and efficiency are dependent on patients’ health information, which must be inevitably shared over the network, thus exposing them to cyber-attacks. Therefore, privacy-preserving services are ought to be employed to protect patients’ privacy. In this work, we proposed a privacy-preserving healthcare system, which is composed of two subsystems. The first is a privacy-preserving clinical decision-support system. The second subsystem is a privacy-preserving Mobile Health Social Network (MHSN). The former was based on decision tree classifier that is used to diagnose patients with new symptoms without disclosing patients’ records. Whereas the latter would allow physicians to monitor patients’ current condition remotely through WBS;thus sending help immediately in case of a distress situation detected. The social network, which connects patients of similar symptoms together, would also provide the service of seeking help of near-by passing people while the patient is waiting for an ambulance to arrive. Our model is expected to improve healthcare services while protecting patients’ privacy.