iRide: A Privacy-Preserving Architecture for Self-Driving Cabs Service

Despite the popularity Ride Hailing Services (RHSs) have gained recently, they pose significant privacy risks. In particular, a user wishing to benefit from a RHS is required to disclose her precise spatio-temporal data to the RHS provider. The provider is, thus, able to infer and harvest further sensitive information about the user, including, e.g., her social behavior. Previous work on protecting privacy in such a context assumes service provider to not collude with drivers. This assumption does not hold in the scenario of self-driving cabs, as driverless vehicles replace drivers and, thus, the service provider has to control and collude with her fleet. In this paper, we tackle the open issue of service provider colluding with her fleet by analyzing the scenario of self-driving cab services. We present iRide, a privacy-preserving architecture for self-driving cab service that relies on Intel SGX to provide strong privacy guarantees. iRide maintains the convenience of the functionality while offering strong privacy guarantees, that is, we do not introduce or rely on trade-offs between functionality and privacy. The introduced overhead in iRide design is relatively small and rather acceptable under practical aspects. To our best knowledge, this is the first work that tackles privacy protection in self-driving cab services.

[1]  Vitaly Shmatikov,et al.  Robust De-anonymization of Large Sparse Datasets , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[2]  Kapil Vaswani,et al.  EnclaveDB: A Secure Database Using SGX , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[3]  Christos Gkantsidis,et al.  VC3: Trustworthy Data Analytics in the Cloud Using SGX , 2015, 2015 IEEE Symposium on Security and Privacy.

[4]  Gorka Irazoqui Apecechea,et al.  CacheZoom: How SGX Amplifies The Power of Cache Attacks , 2017, CHES.

[5]  Sebastian Nowozin,et al.  Oblivious Multi-Party Machine Learning on Trusted Processors , 2016, USENIX Security Symposium.

[6]  Carlos V. Rozas,et al.  Intel® Software Guard Extensions: EPID Provisioning and Attestation Services , 2016 .

[7]  Juliana Freire,et al.  Anonymizing NYC Taxi Data: Does It Matter? , 2016, 2016 IEEE International Conference on Data Science and Advanced Analytics (DSAA).

[8]  Stefan Mangard,et al.  Malware Guard Extension: Using SGX to Conceal Cache Attacks , 2017, DIMVA.

[9]  Galen C. Hunt,et al.  Shielding Applications from an Untrusted Cloud with Haven , 2014, OSDI.

[10]  Frank Stajano,et al.  Location Privacy in Pervasive Computing , 2003, IEEE Pervasive Comput..

[11]  Lars Kulik,et al.  A Formal Model of Obfuscation and Negotiation for Location Privacy , 2005, Pervasive.

[12]  David Wright,et al.  PRIPARE: Integrating Privacy Best Practices into a Privacy Engineering Methodology , 2015, 2015 IEEE Security and Privacy Workshops.

[13]  Sébastien Gambs,et al.  De-anonymization attack on geolocated data , 2014, J. Comput. Syst. Sci..

[14]  Massimo Barbaro,et al.  A Face Is Exposed for AOL Searcher No , 2006 .

[15]  Bryan Parno,et al.  Bootstrapping Trust in a "Trusted" Platform , 2008, HotSec.

[16]  Joan Feigenbaum,et al.  Using Intel Software Guard Extensions for Efficient Two-Party Secure Function Evaluation , 2016, Financial Cryptography Workshops.

[17]  Johannes Götzfried,et al.  Cache Attacks on Intel SGX , 2017, EUROSEC.

[18]  Amos Fiat,et al.  Untraceable Electronic Cash , 1990, CRYPTO.

[19]  Hui Xiong,et al.  Preserving privacy in gps traces via uncertainty-aware path cloaking , 2007, CCS '07.

[20]  Wouter Joosen,et al.  A privacy threat analysis framework: supporting the elicitation and fulfillment of privacy requirements , 2011, Requirements Engineering.

[21]  Jean-Pierre Hubaux,et al.  PrivateRide: A Privacy-Enhanced Ride-Hailing Service , 2017, Proc. Priv. Enhancing Technol..

[22]  Jean-Pierre Hubaux,et al.  ORide: A Privacy-Preserving yet Accountable Ride-Hailing Service , 2017, USENIX Security Symposium.

[23]  Marie-José Huguet,et al.  SRide: A Privacy-Preserving Ridesharing System , 2018, WISEC.

[24]  Ittai Anati,et al.  Innovative Technology for CPU Based Attestation and Sealing , 2013 .

[25]  Ricardo Neisse,et al.  Privacy-preserving attribute-based credentials in cooperative intelligent transport systems , 2017, 2017 IEEE Vehicular Networking Conference (VNC).

[26]  Dan Boneh,et al.  IRON: Functional Encryption using Intel SGX , 2017, CCS.

[27]  Hovav Shacham,et al.  Short Group Signatures , 2004, CRYPTO.

[28]  Anna Lysyanskaya,et al.  Anonymous credentials light , 2013, IACR Cryptol. ePrint Arch..