A Framework for Enhancing Privacy and Anonymity in Blockchain-Enabled IoT Devices

With the increase in IoT(Internet of Things)devices comes an inherent challenge of security.In the world today,privacy is the prime concern of every individual.Preserving one’s privacy and keeping anonymity throughout the system is a desired functionality that does not come without inevitable trade-offs like scalability and increased complexity and is always exceedingly difficult to manage.The challenge is keeping confidentiality and continuing to make the person innominate throughout the system.To address this,we present our proposed architecture where we manage IoT devices using blockchain technology.Our proposed architecture works on and off blockchain integrated with the closed-circuit television(CCTV)security camera fixed at the rental property.In this framework,the CCTV security camera feed is redirected towards the owner and renter based on the smart contract conditions.One entity(owner or renter)can see the CCTV security camera feed at one time.There is no third-party dependence except for the CCTV security camera deployment phase.Our contributions include the proposition of framework architecture,a novel smart contract algorithm,and the modification to the ring signatures leveraging an existing cryptographic technique.Analyses are made based on different systems’security and key management areas.In an empirical study,our proposed algorithm performed better in key generation,proof generation,and verification times.By comparing similar existing schemes,we have shown the proposed architectures’advantages.Until now,we have developed this system for a specific area in the real world.However,this system is scalable and applicable to other areas like healthcare monitoring systems,which is part of our future work.

MLDA:a multi-level k-degree anonymity scheme on directed social network graphs

With the emergence of network-centric data,social network graph publishing is conducive to data analysts to mine the value of social networks,analyze the social behavior of individuals or groups,implement personalized recommendations,and so on.However,published social network graphs are often subject to re-identification attacks from adversaries,which results in the leakage of users’privacy.The-anonymity technology is widely used in the field of graph publishing,which is quite effective to resist re-identification attacks.However,the current researches still exist some issues to be solved:the protection of directed graphs is less concerned than that of undirected graphs;the protection of graph structure is often ignored while achieving the protection of nodes’identities;the same protection is performed for different users,which doesn’t meet the different privacy requirements of users.Therefore,to address the above issues,a multi-level-degree anonymity(MLDA)scheme on directed social network graphs is proposed in this paper.First,node sets with different importance are divided by the firefly algorithm and constrained connectedness upper approximation,and they are performed different-degree anonymity protection to meet the different privacy requirements of users.Second,a new graph anonymity method is proposed,which achieves the addition and removal of edges with the help of fake nodes.In addition,to improve the utility of the anonymized graph,a new edge cost criterion is proposed,which is used to select the most appropriate edge to be removed.Third,to protect the community structure of the original graph as much as possible,fake nodes contained in a same community are merged prior to fake nodes contained in different communities.Experimental results on real datasets show that the newly proposed MLDA scheme is effective to balance the privacy and utility of the anonymized graph.

社会网络数据中一种基于k-degree-l-diversity匿名的个性化隐私保护方法

近年来关于社会网络数据的隐私保护方法中,大部分将社会网络中的所有个体考虑为具有相同等级的隐私保护需求,没有考虑其隐私需求是多样化和个性化的,故会对某些个体存在过度保护,造成数据不必要的失真。基于此,在k-degree-l-diversity匿名方法的基础上提出了个性化-(k,l)匿名方法。实验证明,该个性化匿名方法能减少数据的损失,提高数据的可用性。

Multi-Dimensional Anonymization for Participatory Sensing Systems

Participatory sensing systems are designed to enable community people to collect, analyze, and share information for their mutual benefit in a cost-effective way. The apparently insensitive information transmitted in plaintext through the inexpensive infrastructure can be used by an eavesdrop-per to infer some sensitive information and threaten the privacy of the partic-ipating users. Participation of users cannot be ensured without assuring the privacy of the participants. Existing techniques add some uncertainty to the actual observation to achieve anonymity which, however, diminishes data quality/utility to an unacceptable extent. The subset-coding based anonymiza-tion technique, DGAS [LCN 16] provides the desired level of privacy. In this research, our objective is to overcome this limitation and design a scheme with broader applicability. We have developed a computationally efficient sub-set-coding scheme and also present a multi-dimensional anonymization tech-nique that anonymizes multiple properties of user observation, e.g. both loca-tion and product association of an observer in the context of consumer price sharing application. To the best of our knowledge, it is the first work which supports multi-dimensional anonymization in PSS. This paper also presents an in-depth analysis of adversary threats considering collusion of adversaries and different report interception patterns. Theoretical analysis, comprehensive simulation, and Android prototype based experiments are carried out to estab-lish the applicability of the proposed scheme. Also, the adversary capability is simulated to prove our scheme’s effectiveness against privacy risk.

Attacks on Anonymization-Based Privacy-Preserving: A Survey for Data Mining and Data Publishing

Data mining is the extraction of vast interesting patterns or knowledge from huge amount of data. The initial idea of privacy-preserving data mining PPDM was to extend traditional data mining techniques to work with the data modified to mask sensitive information. The key issues were how to modify the data and how to recover the data mining result from the modified data. Privacy-preserving data mining considers the problem of running data mining algorithms on confidential data that is not supposed to be revealed even to the party running the algorithm. In contrast, privacy-preserving data publishing (PPDP) may not necessarily be tied to a specific data mining task, and the data mining task may be unknown at the time of data publishing. PPDP studies how to transform raw data into a version that is immunized against privacy attacks but that still supports effective data mining tasks. Privacy-preserving for both data mining (PPDM) and data publishing (PPDP) has become increasingly popular because it allows sharing of privacy sensitive data for analysis purposes. One well studied approach is the k-anonymity model [1] which in turn led to other models such as confidence bounding, l-diversity, t-closeness, (α,k)-anonymity, etc. In particular, all known mechanisms try to minimize information loss and such an attempt provides a loophole for attacks. The aim of this paper is to present a survey for most of the common attacks techniques for anonymization-based PPDM & PPDP and explain their effects on Data Privacy.

Novel traveling quantum anonymous voting scheme via GHZ states

Based on traveling ballot mode,we propose a secure quantum anonymous voting via Greenberger–Horne–Zeilinger(GHZ)states.In this scheme,each legal voter performs unitary operation on corresponding position of particle sequence to encode his/her voting content.The voters have multiple ballot items to choose rather than just binary options“yes”or“no”.After counting votes phase,any participant who is interested in voting results can obtain the voting results.To improve the efficiency of the traveling quantum anonymous voting scheme,an optimization method based on grouping strategy is also presented.Compared with the most existing traveling quantum voting schemes,the proposed scheme is more practical because of its privacy,verifiability and non-repeatability.Furthermore,the security analysis shows that the proposed traveling quantum anonymous voting scheme can prevent various attacks and ensure high security.

Identity-Based Edge Computing Anonymous Authentication Protocol

With the development of sensor technology and wireless communication technology,edge computing has a wider range of applications.The privacy protection of edge computing is of great significance.In the edge computing system,in order to ensure the credibility of the source of terminal data,mobile edge computing(MEC)needs to verify the signature of the terminal node on the data.During the signature process,the computing power of edge devices such as wireless terminals can easily become the bottleneck of system performance.Therefore,it is very necessary to improve efficiency through computational offloading.Therefore,this paper proposes an identitybased edge computing anonymous authentication protocol.The protocol realizes mutual authentication and obtains a shared key by encrypting the mutual information.The encryption algorithm is implemented through a thresholded identity-based proxy ring signature.When a large number of terminals offload computing,MEC can set the priority of offloading tasks according to the user’s identity and permissions,thereby improving offloading efficiency.Security analysis shows that the scheme can guarantee the anonymity and unforgeability of signatures.The probability of a malicious node forging a signature is equivalent to cracking the discrete logarithm puzzle.According to the efficiency analysis,in the case of MEC offloading,the computational complexity is significantly reduced,the computing power of edge devices is liberated,and the signature efficiency is improved.

A Conditionally Anonymous Linkable Ring Signature for Blockchain Privacy Protection

In recent years,the issue of preserving the privacy of parties involved in blockchain transactions has garnered significant attention.To ensure privacy protection for both sides of the transaction,many researchers are using ring signature technology instead of the original signature technology.However,in practice,identifying the signer of an illegal blockchain transaction once it has been placed on the chain necessitates a signature technique that offers conditional anonymity.Some illegals can conduct illegal transactions and evade the lawusing ring signatures,which offer perfect anonymity.This paper firstly constructs a conditionally anonymous linkable ring signature using the Diffie-Hellman key exchange protocol and the Elliptic Curve Discrete Logarithm,which offers a non-interactive process for finding the signer of a ring signature in a specific case.Secondly,this paper’s proposed scheme is proven correct and secure under Elliptic Curve Discrete Logarithm Assumptions.Lastly,compared to previous constructions,the scheme presented in this paper provides a non-interactive,efficient,and secure confirmation process.In addition,this paper presents the implementation of the proposed scheme on a personal computer,where the confirmation process takes only 2,16,and 24ms for ring sizes of 4,24 and 48,respectively,and the confirmation process can be combined with a smart contract on the blockchain with a tested millisecond level of running efficiency.In conclusion,the proposed scheme offers a solution to the challenge of identifying the signer of an illegal blockchain transaction,making it an essential contribution to the field.

An Efficient Three-Party Authenticated Key Exchange Procedure Using Chebyshev Chaotic Maps with Client Anonymity

Internet of Things(IoT)applications can be found in various industry areas,including critical infrastructure and healthcare,and IoT is one of several technological developments.As a result,tens of billions or possibly hundreds of billions of devices will be linked together.These smart devices will be able to gather data,process it,and even come to decisions on their own.Security is the most essential thing in these situations.In IoT infrastructure,authenticated key exchange systems are crucial for preserving client and data privacy and guaranteeing the security of data-in-transit(e.g.,via client identification and provision of secure communication).It is still challenging to create secure,authenticated key exchange techniques.The majority of the early authenticated key agreement procedure depended on computationally expensive and resource-intensive pairing,hashing,or modular exponentiation processes.The focus of this paper is to propose an efficient three-party authenticated key exchange procedure(AKEP)using Chebyshev chaotic maps with client anonymity that solves all the problems mentioned above.The proposed three-party AKEP is protected from several attacks.The proposed three-party AKEP can be used in practice for mobile communications and pervasive computing applications,according to statistical experiments and low processing costs.To protect client identification when transferring data over an insecure public network,our three-party AKEP may also offer client anonymity.Finally,the presented procedure offers better security features than the procedures currently available in the literature.

RAISE:A Resilient Anonymous Information Sharing Environment

With the widespread application of cloud computing and network virtualization technologies,more and more enterprise applications are directly deployed in the cloud.However,the traditional TCP/IP network transmission model does not fully consider the information security issues caused by the uncontrollable internet environment.Network security communication solutions represented by encrypted virtual private networks(VPN)are facing multiple security threats.In fact,during the communication process,the user application needs to protect not only the content of the communication but also the behavior of the communication,such as the communication relationship,the communication protocol,and so on.Inspired by blockchain and software-defined networking technology,this paper proposes a resilient anonymous information sharing environment,RAISE.The RAISE system consists of user agents,a core switching network and a control cluster based on a consortium blockchain.User agents are responsible for segmenting,encrypting,and encapsulating user traffic.The core switching network forwards user traffic according to the rules issued by the controller,and the controller dynamically calculates the forwarding rules according to the security policy.Different from onion routing technology,RAISE adopts the controller to replace the onion routing model,which effectively overcomes the uncontrollability of nodes.The dispersed computing model is introduced to replace the TCP/IP pipeline transmission models,which overcomes the problems of anti-tracking and traffic hijacking that cannot be solved by VPNs.We propose a blockchain control plane framework,design the desired consensus algorithmand deploy a RAISE systemconsisting of 150 nodes in an internet environment.The experimental results show that the use of blockchain technology can effectively improve the reliability and security of the control plane.While maintaining high-performance network transmission,it further provides network communication security.

一种个性化位置数据发布KSPPL-Anonymity算法

【目的】位置数据中包含大量的用户隐私信息,在位置数据发布中,若直接发布原始数据会暴露用户的位置等信息,对用户的个人隐私产生巨大威胁,在连续的位置数据发布中,这一现象更为凸显。因此,提出了一种基于k-匿名和位置划分的个性化位置数据发布算法KSPPL-Anonymity。【方法】该算法通过位置划分提高了位置k-匿名的效率;针对噪声数据的插入会降低数据的可用性这一问题,该算法中提出了一种噪声数据的产生方式,提高了数据的可用性;用户敏感位置的泄露会对用户隐私造成极大的威胁,所以该算法中提出了一种获取与敏感位置关联程度最低的非敏感位置的方法,这极大保护了用户的敏感位置不被暴露;通过时间序列分析用户位置数据,避免出现因用户长时间停留在某一敏感位置,而多次用同一非敏感位置代替敏感位置造成的隐私泄露风险。【结果】相关实验证实,与以前的位置数据发布方法相比,本文算法在数据可用性、隐私保护能力和运行效率方面都有一定的提高。【结论】本文提出的算法能更好地保护用户的隐私,并满足用户的个性化隐私保护需求,同时保证数据的可用性。

Utility-Based Anonymization Using Generalization Boundaries to Protect Sensitive Attributes

Privacy preserving data mining (PPDM) has become more and more important because it allows sharing of privacy sensitive data for analytical purposes. A big number of privacy techniques were developed most of which used the k-anonymity property which have many shortcomings, so other privacy techniques were introduced (l-diversity, p-sensitive k-anonymity, (α, k)-anonymity, t-closeness, etc.). While they are different in their methods and quality of their results, they all focus first on masking the data, and then protecting the quality of the data. This paper is concerned with providing an enhanced privacy technique that combines some anonymity techniques to maintain both privacy and data utility by considering the sensitivity values of attributes in queries using sensitivity weights which determine taking in account utility-based anonymization and then only queries having sensitive attributes whose values exceed threshold are to be changed using generalization boundaries. The threshold value is calculated depending on the different weights assigned to individual attributes which take into account the utility of each attribute and those particular attributes whose total weights exceed the threshold values is changed using generalization boundaries and the other queries can be directly published. Experiment results using UT dallas anonymization toolbox on real data set adult database from the UC machine learning repository show that although the proposed technique preserves privacy, it also can maintain the utility of the publishing data.

The Effect of Perceived Anonymity on Online Transgressions:The Moderating Role of Moral Excuses

With the development of science and technology,the use of the Internet is becoming more and more widespread.However,with the popularity of the Internet,some problems have gradually surfaced.The anonymity of Internet use has become a breeding ground for many acts that are contrary to public decency,and this study is conducted against this background.This study explored the impact of perceived anonymity on online transgressions and investigated the moderating effect of moral excuses.A total of 414 subjects,210 males and 204 females,participated in this experimental survey.The SPSS data analysis concluded that perceived anonymity played a significant positive predictive role on online deviance(p<0.01),and the moderating role of moral excuses was not significant.This study will be conducive to the better implementation of the action of clearing cyberspace and to the regulation of public behaviour in cyberspace.

Novel Block Chain Technique for Data Privacy and Access Anonymity in Smart Healthcare

The Internet of Things (IoT) and Cloud computing are gaining popularity due to their numerous advantages, including the efficient utilization of internetand computing resources. In recent years, many more IoT applications have beenextensively used. For instance, Healthcare applications execute computations utilizing the user’s private data stored on cloud servers. However, the main obstaclesfaced by the extensive acceptance and usage of these emerging technologies aresecurity and privacy. Moreover, many healthcare data management system applications have emerged, offering solutions for distinct circumstances. But still, theexisting system has issues with specific security issues, privacy-preserving rate,information loss, etc. Hence, the overall system performance is reduced significantly. A unique blockchain-based technique is proposed to improve anonymityin terms of data access and data privacy to overcome the above-mentioned issues.Initially, the registration phase is done for the device and the user. After that, theGeo-Location and IP Address values collected during registration are convertedinto Hash values using Adler 32 hashing algorithm, and the private and publickeys are generated using the key generation centre. Then the authentication is performed through login. The user then submits a request to the blockchain server,which redirects the request to the associated IoT device in order to obtain thesensed IoT data. The detected data is anonymized in the device and stored inthe cloud server using the Linear Scaling based Rider Optimization algorithmwith integrated KL Anonymity (LSR-KLA) approach. After that, the Time-stamp-based Public and Private Key Schnorr Signature (TSPP-SS) mechanismis used to permit the authorized user to access the data, and the blockchain servertracks the entire transaction. The experimental findings showed that the proposedLSR-KLA and TSPP-SS technique provides better performance in terms of higherprivacy-preserving rate, lower information loss, execution time, and Central Processing Unit (CPU) usage than the existing techniques. Thus, the proposed method allows for better data privacy in the smart healthcare network.

Exploring“Enabling Behaviours”of Wives of Persons with Substance Use Disorder in Chapter 8 of the Big Book of Alcoholic Anonymous

Substance use disorder has a damaging effect on the family members of alcoholics and drug users.On the other hand,the reactions and behaviours of family members may negatively influence a person with substance use disorder.The behaviours of significant others of a person with substance use disorder that contribute to the maintenance of substance use disorder are called enabling.This study aimed to explore enabling behaviours of wives of persons with substance use disorder in Chapter 8 of Alcoholic Anonymous’Big Book by utilising qualitative content analysis.Alcoholics Anonymous(AA)is one of the most commonly used programs for recovery from alcoholism.The current study sought to help mental health professionals get a better understanding of the views and premises of the AA program in reference to enabling behaviours of wives by conducting a qualitative content analysis of the AA Big Book.The study also discusses the healthy behaviours suggested by the authors of the Big Book and the comprehensiveness of the text for the readers.

复活僵尸法条:个人信息匿名化制度的再造

《个人信息保护法》第4条第1款后段将“匿名化信息”排除在个人信息之外,可称为意在数据流通利用的“匿名化条款”。但实施以来,该条款始终存而不用,以至于沦为僵尸法条,成为数据要素市场的最大窒碍之一。既有理论尽管已经充分认识到其病因在于零风险匿名化的预设,但由于缺乏对可接受风险的精确刻画和系统性的规范指引,有解释力而无立起沉疴之力。通过将匿名化信息再利用的风险类型化为系统风险、操作风险、剩余风险,基于匿名化设计的“推定匿名”、基于匿名化条款解释的“判定匿名”、基于匿名化合规的“信任匿名”的同心圆结构渐次形成,不但分别化解了个人信息处理者、监管机构、用户的三重忧虑,而且融技术与法律、过程与结果、场景与系统、数据价值与个人权益于一炉。借此,匿名化条款得以复活,一套操作性和规范性兼备的中国匿名化制度亦由此涅槃重生。

面向车联网通勤的双阶段认证密钥协商协议

针对通勤车辆在车联网中向路边单元(RSU)获取服务的安全与效率问题,提出了一种双阶段的认证密钥协商协议。在初始认证阶段,利用车辆、RSU和可信机构(TA)间协商的3个独立会话密钥,保障2个实体间传输的隐私不被第三方实体窃取。在快速认证阶段,车辆和RSU间利用车辆旅行时间表高效地完成相互认证。协议支持车辆匿名与匿名追溯,且能防止通勤路线等隐私泄露。此外,通过随机预言机证明了协议的安全性。仿真结果表明,在典型通勤场景下,所提方案比同类方案降低了59.35%的计算开销和44.21%的通信开销。

隐私信息供需视域下央行数字货币与现金替换:模型与数值分析

本文从隐私信息供需分析出发,通过拆解CBDC与实物现金使用净效用差异阐明社会平均隐私偏好强度与CBDC使用情况的基本逻辑;将社会平均隐私偏好纳入货币搜寻框架构建含隐私因素的货币替代模型,考察社会平均隐私偏好与CBDC替代现金的关系;借助数值分析手段对强保密型、弱保密型和可控保密型CBDC技术进行情景模拟。研究发现,社会平均隐私偏好变化通过商家交易激励影响CBDC和现金的流动性,若商家(消费者)平均隐私偏好更强,CBDC相对现金的比例增加(下降);福利最大化的一种情形是CBDC-现金结构与社会平均隐私偏好强度相匹配且商品均匀分布;可控保密型CBDC在抵御强隐私偏好冲击和福利效应维度占有相对优势;引入可控保密型CBDC后中国情景的最大化社会福利水平最高,一般经济体次之,发达经济体最小。

一种分配查询的k-匿名位置隐私保护方案

针对基于位置服务中移动终端用户位置隐私保护存在时空关联和背景知识攻击的问题,提出一种分配查询的k-匿名位置隐私保护方案。基于查询概率和欧氏距离,在相邻网格区域内筛选假位置,合并真实用户位置形成k-匿名;通过兴趣点语义四叉树为假位置分配合理的查询,从时间、位置及查询3个维度提升用户被识别的不确定性,从而增强用户隐私度。安全性分析表明,提出的方案满足匿名性、不可伪造性和抵抗查询服务跟踪等安全特性。仿真实验表明,提出的方案具有较高的隐私保护度和效率以及较低的通信开销。

基于节点影响力的区块链匿名交易追踪方法

随着区块链技术的快速发展,借助虚拟货币进行非法交易的行为越来越普遍,且数量仍在快速增长。为打击该类犯罪行为,目前主要从网络分析技术和图数据挖掘等角度研究区块链交易数据,以进行区块链交易追踪。然而,现有的研究在有效性、普适性以及效率等方面存在不足,且无法对新注册地址进行有效追踪。针对上述问题,文中提出了一种基于节点影响力的账户余额模型区块链交易追踪方法NITT,旨在追踪特定目标账户模型地址的主要资金流向。相比传统方法,该方法引入时间策略,降低了图数据规模,同时采用多重权重分配策略,筛选出了更有影响力的重要账户地址。在真实数据集上进行实验,结果表明,所提方法在有效性、普适性和效率等方面具有较大的优势。