Extended Capabilities for a Privacy-Enhanced Participatory Sensing Infrastructure (PEPSI)

Participatory sensing is emerging as an innovative computing paradigm that targets the ubiquity of always-connected mobile phones and their sensing capabilities. In this paper, a multitude of pioneering applications increasingly carry out pervasive collection and dissemination of information and environmental data, such as traffic conditions, pollution, temperature, and so on. Participants collect and report measurements from their mobile devices and entrust them to the cloud to be made available to applications and users. Naturally, due to the personal information associated to the reports (e.g., location, movements, etc.), a number of privacy concerns need to be considered prior to a large-scale deployment of these applications. Motivated by the need for privacy protection in participatory sensing, this paper presents a privacy-enhanced participatory sensing infrastructure. We explore realistic architectural assumptions and a minimal set of formal requirements aiming at protecting privacy of both data producers and consumers. We propose two instantiations that attain privacy guarantees with provable security at very low additional computational cost and almost no extra communication overhead.

[1]  Minho Shin,et al.  Anonysense: privacy-aware people-centric sensing , 2008, MobiSys '08.

[2]  Xiaomin Liu,et al.  Fast Secure Computation of Set Intersection , 2010, SCN.

[3]  Benny Pinkas,et al.  Keyword Search and Oblivious Pseudorandom Functions , 2005, TCC.

[4]  Apu Kapadia,et al.  Opportunistic sensing: Security challenges for the new paradigm , 2009, 2009 First International Communication Systems and Networks and Workshops.

[5]  Moni Naor,et al.  Number-theoretic constructions of efficient pseudo-random functions , 2004, JACM.

[6]  Ben Riva,et al.  Salus: a system for server-aided secure function evaluation , 2012, CCS.

[7]  M. Hansen,et al.  Participatory Sensing , 2019, Internet of Things.

[8]  Vincent Rijmen,et al.  Rijndael/AES , 2005, Encyclopedia of Cryptography and Security.

[9]  Levente Buttyán,et al.  Security and Cooperation in Wireless Networks: Thwarting Malicious and Selfish Behavior in the Age of Ubiquitous Computing , 2007 .

[10]  Cynthia Dwork,et al.  Differential Privacy , 2006, ICALP.

[11]  Pierangela Samarati,et al.  Location privacy in pervasive computing , 2008 .

[12]  Mark Manulis,et al.  Security and Privacy Objectives for Sensing Applications in Wireless Community Networks , 2010, 2010 Proceedings of 19th International Conference on Computer Communications and Networks.

[13]  Rui Zhang,et al.  PriSense: Privacy-Preserving Data Aggregation in People-Centric Urban Sensing Systems , 2010, 2010 Proceedings IEEE INFOCOM.

[14]  Salil S. Kanhere,et al.  Automatic Collection of Fuel Prices from a Network of Mobile Cameras , 2008, DCOSS.

[15]  Audun Jøsang,et al.  A survey of trust and reputation systems for online service provision , 2007, Decis. Support Syst..

[16]  Chanathip Namprempre,et al.  The One-More-RSA-Inversion Problems and the Security of Chaum's Blind Signature Scheme , 2003, Journal of Cryptology.

[17]  Ramón Cáceres,et al.  Virtual individual servers as privacy-preserving proxies for mobile devices , 2009, MobiHeld '09.

[18]  Matthew Green,et al.  Blind Identity-Based Encryption and Simulatable Oblivious Transfer , 2007, ASIACRYPT.

[19]  ASHWIN MACHANAVAJJHALA,et al.  L-diversity: privacy beyond k-anonymity , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[20]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[21]  Minho Shin,et al.  AnonySense: A system for anonymous opportunistic sensing , 2011, Pervasive Mob. Comput..

[22]  Brent Waters,et al.  Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys , 2005, CRYPTO.

[23]  Meikang Qiu,et al.  Security protection and checking for embedded system integration against buffer overflow attacks via hardware/software , 2006, IEEE Transactions on Computers.

[24]  Ramachandran Ramjee,et al.  PRISM: platform for remote sensing using smartphones , 2010, MobiSys '10.

[25]  Wen Hu,et al.  Towards trustworthy participatory sensing , 2009 .

[26]  Katie Shilton,et al.  Four billion little brothers? , 2009, Commun. ACM.

[27]  Salil S. Kanhere,et al.  A survey on privacy in mobile participatory sensing applications , 2011, J. Syst. Softw..

[28]  Cong Wang,et al.  Privacy-preserving multi-keyword ranked search over encrypted cloud data , 2011, 2011 Proceedings IEEE INFOCOM.

[29]  Alec Wolman,et al.  I am a sensor, and I approve this message , 2010, HotMobile '10.

[30]  Hovav Shacham,et al.  The Phantom Tollbooth: Privacy-Preserving Electronic Toll Collection in the Presence of Driver Collusion , 2011, USENIX Security Symposium.

[31]  E. Paulos,et al.  Sensing Atmosphere , 2007 .

[32]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[33]  Marco Gruteser,et al.  ParkNet: drive-by sensing of road-side parking statistics , 2010, MobiSys '10.

[34]  John Krumm,et al.  A survey of computational location privacy , 2009, Personal and Ubiquitous Computing.

[35]  Deborah Estrin,et al.  Biketastic: sensing and mapping for better biking , 2010, CHI.

[36]  Deborah Estrin,et al.  Recruitment Framework for Participatory Sensing Data Collections , 2010, Pervasive.

[37]  Wen Hu,et al.  Preserving privacy in participatory sensing systems , 2010, Comput. Commun..

[38]  Tal Malkin,et al.  Secure anonymous database search , 2009, CCSW '09.

[39]  Meikang Qiu,et al.  Static Security Optimization for Real-Time Systems , 2009, IEEE Transactions on Industrial Informatics.

[40]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[41]  Kang Yen,et al.  Sensor network security: a survey , 2009, IEEE Communications Surveys & Tutorials.

[42]  Jean-Pierre Hubaux,et al.  Security and Cooperation in Wireless Networks , 2007, ESAS.

[43]  Wei Cheng,et al.  ARTSense: Anonymous reputation and trust in participatory sensing , 2013, 2013 Proceedings IEEE INFOCOM.

[44]  Meikang Qiu,et al.  Security-aware optimization for ubiquitous computing systems with SEAT graph approach , 2013, J. Comput. Syst. Sci..

[45]  Tarek F. Abdelzaher,et al.  PoolView: stream privacy for grassroots participatory sensing , 2008, SenSys '08.

[46]  David Wetherall,et al.  Toward trustworthy mobile sensing , 2010, HotMobile '10.

[47]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[48]  Wen Hu,et al.  Are you contributing trustworthy data?: the case for a reputation system in participatory sensing , 2010, MSWIM '10.