Top PDF Privacy Preserving Content Protection

Privacy Preserving Content Protection

Privacy Preserving Content Protection

used in the EU Member States. It aims was to build on expertise and initiatives in the EU Member States to progress towards a coherent approach in electronic identity management in eGovernment in the European Union. The study addresses interoperability issues in cross-context IDM in eGovernment, without ignoring differences in legal and cultural practices within the EU framework for data protection. GUIDE [15] was also an EU funded project aiming the creation of an architecture that will enable open and interoperable eGovernment electronic identity services in the EU. Its objective concerns interoperability across national systems and structures within broader transnational, policy, legislative, and socio- economic boundaries. The PRIME [28] project looked at the applicability issues of using the federated identity management system Idemix open source initiative and digital credentials in detail. The main contribution of this European research project is a broader understanding of the dependencies between the different components in such a system. These dependencies are reflected by both an identity management architecture and an integrated prototype. The PrimeLife [249] project builds upon and expands the foundation of the PRIME [28] project that has shown privacy technologies can enable citizens to execute their legal rights to control personal information in on-line transactions. PrimeLife resolves the core privacy and trust issues pertaining to two new privacy challenges: A first technical challenge is how to protect privacy in emerging Internet applications such as collaborative scenarios and virtual communities. A second challenge is how to maintain life-long privacy. To resolve these issues, PrimeLife aims substantially advance the state of the art in the areas of human computer interfaces, configurable policy languages, web service federations, infrastructures and privacy-enhancing cryptography. FIDIS [32] was a EU-sponsored Network of Excellence targeting various aspects of digital identity and privacy. FIDIS areas of interest includes new forms of ID cards, usage of identifiers in information systems, technologies used for citizen’s identification and profiling. Research projects in Belgium, such as Identity Management for eGovernment [25], focus on the identity management aspects that are relevant in an heterogeneous eGovernment context and compare the different governments in Flanders, Brussels, and Wallonia that have to interoperate with the Federal services. The European TAS3 [279] Project aims to provide an integrated and context independent trusted services network that advances the current state of the art of isolated and context-dependent solutions, such as for developing service user-centric tools and programs related to e-Health. The goal is to provide a transparent framework in which process-based services can securely process and depend on personal information, regardless from the context in which this information was collected.
Show more

284 Read more

Privacy-preserving comparison of variable-length data with application to biometric template protection

Privacy-preserving comparison of variable-length data with application to biometric template protection

One example of the aforementioned applications is biomet- ric recognition, which has emerged over the last decades as a reliable alternative to traditional authentication systems based on something that we know (i.e., PINs or passwords) or some- thing that we have (i.e., IDs or tokens) [12]. This is partly due to the fact that biometric characteristics (e.g., signature, face or iris) cannot be lost or forgotten. On the down side, bio- metric information is very sensitive and some concerns have been raised regarding the privacy of the subjects and the secu- rity of the systems - it has already been proved that samples can be recovered from unprotected templates [13]–[16] and be subsequently used to impersonate genuine subjects [17]. As a consequence, any information leakage resulting from an inappropriate storage of the derived templates can lead to severe privacy and security issues. In fact, biometric data is considered sensitive data in European Union (EU) General Data Protection Regulation 2016/679 [18], which means that the use of these data is subjected to the right of privacy preservation. Biometric templates must be hence protected in order to prevent any potential leakage of the underlying information. Among other approaches to biometric template protection, HE allows to meet the privacy requirements estab- lished within the ISO/IEC 24745 international standard on biometric information protection [19] while preserving veri- fication accuracy [20]–[22].
Show more

14 Read more

Privacy Protection in Interactive Content based Image Retrieval with Copy Deterrence

Privacy Protection in Interactive Content based Image Retrieval with Copy Deterrence

This work propose a privacy-enhancing method for large-scale content-based image retrieval. A new Private Relevance Feedback-CBIR (PRF-CBIR) scheme is proposed to protect the user’s search intention and leverage the performance gain of relevance feedback. PRF-CBIR consists of three stage: private query, private feedback and local retrieval. PRF-CBIR can deal with query attack, result attack and feedback attack existing in Relevance Feedback-CBIR. This scheme can effectively control privacy leakage and significantly reduce the attack success probability. An elaborate watermark-based protocol in the encryption domain is designed for copy-deterrence . Different from common watermarking techniques, the proposed protocol needs to embed the watermark directly into the encrypted images. After receiving the encrypted and watermarked images, the query user needs to decrypt the images directly. And the decryption should not affect the watermark in the images.
Show more

10 Read more

Privacy Preserving Content Based Publisher/Subscriber System With Auditing and Event based Encryption

Privacy Preserving Content Based Publisher/Subscriber System With Auditing and Event based Encryption

In this paper an efficient approach to provide authentication, confidentiality and integrity in a broker-less content- based pub/sub system is defined. This approach is highly scalable in terms of number of subscribers and publishers in the system and the number of keys maintained by them. Here a mechanism is developed to pass the messages between publishers and subscribers according to their subscriptions and advertisements. Private keys assigned to publishers and subscribers, and the cipher texts are labelled with credentials. Identity-based encryption is used to ensure that a particular subscriber can decrypt an event only if there is a match between the credentials associated with the event and its private keys and to allow subscribers to verify the authenticity of received events. Through all these concepts a scalable system can be created. Though there are lots of advantages in the proposed system still there is a scope to provide more efficient event routing mechanism as currently there is lots of research is going on in this area.
Show more

9 Read more

Protection of Sensitive Data for Multi-Level Trust Privacy Preserving Data Mining

Protection of Sensitive Data for Multi-Level Trust Privacy Preserving Data Mining

The Perturbed copy means number of changes is made in the original data, means adding the noise into original data. The new approach is multilevel trust in privacy-preserving data mining (MLT-PPDM) extended features for PPDM in previous approach only one perturbed copy is send to the trusted third party. But now there is multiple numbers of perturbed copies of the same data are send to the different trust level to data miners. If there is large number of trusted stages then the less number of perturbed copies can access. The main goal of MLT-PPDM is to prevent the diversity attack.
Show more

6 Read more

Survey on Preserving User Privacy and Preventing Server Content in Location Based Service

Survey on Preserving User Privacy and Preventing Server Content in Location Based Service

In the existing system, all the researchers, developers and authors characterize the issues in existing methodology that does not deal with security of the client furthermore neglected to ensure the area server content. Questioning about the area subtle elements, the server can't keep their points of interest from the client and the client can't protect their security from server [6].

5 Read more

Discovering the Optimal Meeting Place for the Protection of Privacy of Mobile Device Users Using Privacy Preserving Algorithm

Discovering the Optimal Meeting Place for the Protection of Privacy of Mobile Device Users Using Privacy Preserving Algorithm

In Secure Multiparty Computation (SMC) domain, several authors have presented privacy issues which are related to the computation of distance of two points [23] or routes [24]. There are also many results on research based on privacy preserving location problems. However, all the research results attempt to solve the mentioned problem in unique and different ways. Jaiswal and Nandi [25] proposed a platform of privacy preserving known as Trust No One, for locations which are located privately nearby points of interest.
Show more

7 Read more

Privacy-preserving Record Linkage

Privacy-preserving Record Linkage

The standard scenario in settings like these is shown in fig 2. Here, a federal agency (FA) will set all required parameters for a linkage operation and send them to the data holding organizations, for example hospitals. The hospitals split their databases in two sets: { IDs, data } and { IDs, quasi-identifiers } . They send the datasets to a federal data warehouse (DW ). The hospitals encrypt the identifiers according to the parameters specified by the federal agency FA. The resulting encrypted identifiers (here denoted as bf ) and the corresponding IDs are send to a linkage unit which acts as a trustee. The trustee links all records by using the bf alone. The list of all linked pairs of IDs is send to the data warehouse which merges all data sets according to the list of matching IDs. In such setting, the agency FA does not receive any data, therefore it can not gain knowledge on any sensitive data. The database holders have their own data and do not receive anything new. Therefore, they don’t learn anything by the execution of such pro- tocols. The data warehouse DW has access to all non-sensitive data but to no identifiers at all. Nevertheless, in such settings the non-sensitive data could be linked to external information containing identifiers. Since this kind of attack is always possible if micro- data is available, such attacks can only be limited by statistical disclosure protection measures (Hundepool et al. 2012).
Show more

37 Read more

Preserving Privacy in Data Outsourcing

Preserving Privacy in Data Outsourcing

users while minimizing the adoption of encryption. Data collections often contain personally identifiable information that needs to be protected both at storage and when disseminated to other parties. As an example, medical data cannot be stored or published along with the identity of the patients they refer to. To guarantee privacy protection and to limit the use of encryption, in this thesis we first propose a solution for modeling in a simple while powerful way privacy requirements through confidentiality constraints, which are defined as sets of data whose joint visibility must be prevented. We then propose a mechanism for the enforcement of confidentiality constraints based on the combined use of fragmentation and encryption techniques: associations broken by fragmentation will be visible only to those users who are authorized to know the associations themselves. The third requirement is safe data integration to limit the ability of authorized users to exchange data for distributed query evaluation. As a matter of fact, often different sources storing the personal information of users need to collaborate to achieve a common goal. However, such data integration and sharing may be subject to confidentiality constraints, since different parties may be allowed to access different portions of the data. We therefore propose both a model for conveniently representing data exchange constraints and a mechanism for their enforcement during the distributed query evaluation process.
Show more

190 Read more

Preserving Privacy in Outsourced Database

Preserving Privacy in Outsourced Database

The approach for data fragmentation does not affect the system operation time. It will not cause the database burden. It is a good way for distributing sensitive data in different areas. The main problem for data fragmentation is determining the granularity of data blocks. Sensitive data may still be placed together if the granularity is too big. It has information leak crisis. On the contrary, it will reduce system efficiency using query if granularity is too small. When a user queries the database, front-end needs more time to combine the different block, and accurate back to the user. The response time after user do action of query should be real time. Hence, query processing is this approach need be face challenge. Usually we wish to design optimal data fragmentation, minimal fragmentation. But when each granularity of fragment is different to others, it is a knapsack problem, NP-hard. We are really difficult to find an optimal data fragmentation algorithm. Additionally, since data are stored in different areas. We also need to build an index table to record location for data. We can find storage location based on index table when a user quires the database. Also we can merge the correct data back to the user. How to efficiently query to this approach is a challenge. Further, although this approach can resist external attacks. When there is a legitimate user but is a malicious attacker. Front-end protection is quite important. Because storage location and query methods are built on the front-end. When the front-end crushed by attacker, an attacker can obtain sensitive data. In addition, approaches of data fragmentation will face the problem of incremental data in the future. In some environment, such as bank, data transaction is a daily work. To keep data has high assurance, availability, performance, and scalability, relating algorithm of dynamic allocation, has been proposed [15]. We should consider location for new data and existing data, and dynamic allocate file to corresponding area, and keep performance efficiently. Section summarily, data granularity determine, efficiency query, protection for front-end, and distributed algorithm for file allocation are challenges for this approaches.
Show more

6 Read more

Privacy-preserving distributed clustering

Privacy-preserving distributed clustering

will be less likely. A second aspect to consider is the active participation of all users in the system. It is our conclusion that without introducing (semi) trusted third parties, users’ data cannot be processed without their par- ticipation. Fortunately, due to our construction, only the helper user needs to be on-line during the clustering pro- cedure. Once the encrypted data are sent to the service provider, users can go off-line for the rest of the com- putation. If the same helper users are to be used, other users can stay off-line not only during that iteration but during the whole clustering; however, this would lead to minor changes in the protocol such as the encrypted dis- tances should be computed by the service provider. Note that using the same helper users will lead to a similar setting to [10] with dedicated key holders. However, it is our motivation to distribute trust among multiple ran- dom helper users in each iteration for privacy protection, which requires helper users to be on-line during each iteration.
Show more

15 Read more

Privacy Preserving : Charging for eMobility

Privacy Preserving : Charging for eMobility

The privacy-invasions summarized in the ISO/IEC 15118 PIA have been reduced. There are no longer any privacy invasions of type 2. A PIT 1 occurs when the EV shows its identity in the charging bill. This is unavoidable for the use of a charging contract. The mobility operator has to be informed which EV customer to inform and charge. Dispute resolution results in a PIT 3 and 4. The dispute resolver learns the EV identity together with the mobility operator (PIT 3) and the energy provider identity (PIT 4). For accountability and abuse protection this cannot be prevented. Here it is important that the dispute resolver is a trusted party that does not collude with any of the other stakeholders, e.g., an energy provider. It is possible to avoid the PIT 4, by requiring the energy provider to submit the dispute anonymously. Then the dispute resolver only learns that the vehicle is a customer of some mobility operator. However, using this approach means that the dispute resolver is not able to detect abuse of the dispute resolution feature, e.g., an energy provider that request dispute resolution for every charging session. While this form of abuse does not offer any benefits to the energy provider, it can be considered a form of a denial-of-service attack on the dispute resolver. Further, the payment intermediary learns about mobility operator to energy provider links, however without any EV identifier. Hence, this does not result in any privacy-invasion. Nevertheless, the payment intermediary has to be a trusted party that will handle the payment correctly. Further, the roaming status (included in the service detail record) reveals information about whether the vehicle used a charging station operated by another energy provider or one of the mobility operator’s charging stations. However, the mobility operator cannot link the charging commits to the service detail record. Hence, the mobility operator does not learn which exact charging station has been used. Unless the mobility operators are willing to abolish roaming fees, including the roaming status cannot be avoided.
Show more

99 Read more

Preserving Privacy in Mobile Environments

Preserving Privacy in Mobile Environments

have shown a case study that examines user’s concern for privacy in relation to location- based services and compared people’s perceived usefulness of the two types of services. The work concludes that the concerns are more when third parties are tracking a user’s location. Location based services with privacy as the main concern has been described in [12], [13], [103], [5], [6], [104] and [105]. In [12], authors have refined the mix zone model, describing a quantifiable metric of location privacy from the point of view of the attacker. In [106], the authors discuss the issues in the location-aware mobile devices in context by addressing the basic technology issues involved. They also discuss issues that are possible and not possible in the future. Further they outline privacy issues that arise from the conjunction of technical feasibility and government/marketplace activities that might use location information. In this work a representative sample of important issues is enumerated and discussed. Regulation is then discussed as a broader term covering the various entities and agencies that might structure and regulate the use of location in- formation and provide the appropriate levels of privacy protection to constituents while promoting appropriate advances in new products and services. Other challenges such as user privacy are also important in ubiquitous environments. Privacy related efforts have been made in the past [3]. Research has been carried out around privacy awareness systems that allow certain privileges to data collectors [7]. Karyda and Gritzalis [4] listed some of the challenges in this area and the future research directions.
Show more

164 Read more

Privacy-Preserving Passive DNS

Privacy-Preserving Passive DNS

or at a TLD (Top-Level Domain) server, each query contains the IPs of the end-users and can be linked back to them. Both the GDPR and NIST consider IP addresses as personal data when a correlation of the queries and the identity of the end-user can be made [ 6 , 7 ]. When it comes to public DNS servers, end-users can benefit from better (than the DNS servers of their ISP) stability, availability and protection against certain DNS attacks, but they expose their personal data to companies such as Google [ 8 ], Cloudflare [ 9 ], and OpenDNS [ 10 ] that could profit from commercially exploiting these data [ 11 ]. It follows that there is a clear need to appropriately protect data collected, stored, and processed to identify malicious domain names through the use of passive DNS data analysis methods. The majority of existing solutions for passive DNS data analysis provide APIs for queries of the related data. However, the collection of passive DNS data is being questioned [ 12 ], since the privacy of the end-users that contributed their passive DNS collections may be compromised [ 13 ].
Show more

16 Read more

Privacy-preserving data mining

Privacy-preserving data mining

We now make a few remarks on the relationship between our privacy measure and the security models (e.g., statistically indistinguishable) commonly used in cryptography. The major difference is that while the commonly used security models measure whether the private information is absolutely secure against privacy intrusion, we intend to use a continuous value to measure the privacy protection level when absolute security cannot be achieved. As we will show in the latter portion of the chapter, when the adversary behavior is unrestricted, absolute security can only be achieved with expensive computational cost (for weakly malicious adversaries) or cannot be achieved at all (for strongly malicious adversaries). Thus, in order to design practical solutions to defend against such adversaries, we need to measure the amount of privacy disclosure by a continuous value.
Show more

145 Read more

Privacy Preserving in Data Mining

Privacy Preserving in Data Mining

Data perturbation is a data security technique that adds ‘noise’ to databases allowing individual record confidentiality. In Data Perturbation technique Organizations store large amounts of data, and most may be considered confidential. Thus, security and protection of the data is a concern. This concern applies not just to those who are trying to access the data illegally, but to those who should have legitimate access to the data. Our interest in this area relates to restricting access of confidential database attributes to legitimate organizational users(i.e., data protection).Data perturbation techniques are statistically based methods that seek to protect confidential data by adding random noise to data, there by protecting the original data. Note that these techniques are not encryption techniques, where the, data is first modified, then (typically) transmitted, and then received,‘decrypted’ back to the original data. Techniques that seek to accomplish masking of individual confidential data elements while maintaining underlying aggregate relationships of the database are called data perturbation techniques. These techniques modify actual data values to ‘hide’ specific confidential individual record information.
Show more

8 Read more

Privacy-Preserving Schema Reuse

Privacy-Preserving Schema Reuse

Abstract. As the number of schema repositories grows rapidly and several web- based platforms exist to support publishing schemas, schema reuse becomes a new trend. Schema reuse is a methodology that allows users to create new schemas by copying and adapting existing ones. This methodology supports to reduce not only the effort of designing new schemas but also the heterogeneity between them. One of the biggest barriers of schema reuse is about privacy concerns that discourage schema owners from contributing their schemas. Addressing this problem, we develop a framework that enables privacy-preserving schema reuse. Our framework supports the contributors to define their own protection policies in the form of privacy constraints. Instead of showing original schemas, the framework returns an anonymized schema with maximal utility while satisfying these privacy constraints. To validate our approach, we empirically show the efficiency of different heuristics, the correctness of the proposed utility function, the computation time, as well as the trade-off between utility and privacy.
Show more

15 Read more

Discovering the Optimal Meeting Location for the Protection of Privacy of Mobile Device Users Using Privacy Preserving Algorithm

Discovering the Optimal Meeting Location for the Protection of Privacy of Mobile Device Users Using Privacy Preserving Algorithm

The privacy preserving fair rendez-vous location has less or no attention in previous work. Authors Santos and Vaughn [21] discussed and presented a survey regarding meeting location algorithms and presented all related solutions for such problems. By considering aspects of user preference locations and constraints, the surveyed papers have not presented any privacy or security issues. Similarly, the proposed work of Berger et al. [22] presented meeting-location algorithm which is efficient and considers the time of two consecutive meetings.

6 Read more

Privacy-preserving content-based recommender system

Privacy-preserving content-based recommender system

tween privacy and accuracy [24]. McSherry and Mironov proposed a method using differential privacy, which has a similar trade-off between accuracy and privacy [18]. Ciss´ee and Albayrak present an agent system where trusted soft- ware and secure environment are required [7]. Atallah et al. proposed a privacy-preserving collaborative forecasting and benchmarking to increase the reliability of local fore- casts and data correlations using cryptographic techniques [3]. Canny also presents cryptographic protocols to gener- ate recommendations based on matrix projection and factor analyses, both of which suffer from a heavy computational and communication overhead [5, 6]. Erkin et al. propose more efficient protocols based on cryptographic techniques like homomorphic encryption and secure multi-party com- putation for recommender systems based on collaborative filtering [9, 11, 10]. However, in their proposals, the users are actively involved in the computations, which makes the overall construction more vulnerable to timeouts and laten- cies in the users’ connections. In [12], Erkin et al. propose a cryptographic protocol that does not require active par- ticipation of the users, however the involvement of a semi- trusted third party in the protocol is necessary.
Show more

7 Read more

Privacy And Content Protection Using Centroid Localization Algorithm

Privacy And Content Protection Using Centroid Localization Algorithm

In this paper we present a solution to one of the location-based query problems. This problem is defined as follows: (i) a user wants to query a database of location data, known as Points Of Interest (POIs), and does not want to reveal his/her location to the server due to privacy concerns; (ii) the owner of the location data, that is, the location server, does not want to simply distribute its data to all users. The location server desires to have some control over its data, since the data is its asset. We propose a major enhancement upon previous solutions by introducing a two stage approach, where the first step is based on Oblivious Transfer and the second step is based on Private Information Retrieval, to achieve a secure solution for both parties. The solution we present is efficient and practical in many scenarios. We implement our solution on a desktop machine and a mobile device to assess the efficiency of our protocol. We also introduce a security model and analyse the security in the context of our protocol. Finally, we highlight a security weakness of our previous work and present a solution to overcome it.
Show more

8 Read more

Show all 10000 documents...