Misty clouds - A layered cloud platform for online user anonymity in Social Internet of Things

Abstract Online services typically collect data that are explicitly provided by users and metadata that are implicitly inferred from users’ activity patterns. The proclaimed goal of metadata collection is to support the quality of service, thus enhancing the Social Internet of Things (SIoT). To most users, it is not obvious that metadata express people’s lives to a large degree. Traditionally, security has focused on protecting communication content rather than the metadata associated with it. This provides a thin layer of privacy protection. Thus, a demand exists for privacy-preserving technologies that prevent metadata collection and aggregation. This paper focuses on a service’s ability to observe communication metadata that can be exploited to learn users’ identities and behavior patterns. Thus, a novel system, Misty Clouds, is proposed as a platform for creating anonymous Internet connections to address both security and performance issues. The performance evaluation shows that the desired level of anonymity can be achieved with tolerable performance overheads. Through a comparison analysis, it is shown that the new algorithm outperforms an existing algorithm, Tor. Additionally, the features that can facilitate the growth of Misty Clouds into a holistic privacy-preserving platform are discussed. Furthermore, a user survey was conducted to study users’ perceptions and attitudes.

[1]  Yaping Lin,et al.  Anonymizing popularity in online social networks with full utility , 2017, Future Gener. Comput. Syst..

[2]  Zhen Ling,et al.  TorWard: Discovery of malicious traffic over Tor , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[3]  Mauro Conti,et al.  Anonymous end-to-end communications in adversarial mobile clouds , 2017, Pervasive Mob. Comput..

[4]  Arvind Narayanan,et al.  The Web Never Forgets: Persistent Tracking Mechanisms in the Wild , 2014, CCS.

[5]  Joseph K. Liu,et al.  A secure and efficient Ciphertext-Policy Attribute-Based Proxy Re-Encryption for cloud data sharing , 2015, Future Gener. Comput. Syst..

[6]  Kevin W. Hamlen,et al.  AnonymousCloud: A Data Ownership Privacy Provider Framework in Cloud Computing , 2012, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications.

[7]  Susan Schuppli Dusting for fingerprints and tracking digital footprints , 2013 .

[8]  Haider Abbas,et al.  Cloud-Assisted IoT-Based SCADA Systems Security: A Review of the State of the Art and Future Challenges , 2016, IEEE Access.

[9]  Derek Gordon Murray,et al.  Using Dust Clouds to Enhance Anonymous Communication , 2010, Security Protocols Workshop.

[10]  Roy H. Campbell,et al.  Routing through the mist: privacy preserving communication in ubiquitous computing environments , 2002, Proceedings 22nd International Conference on Distributed Computing Systems.

[11]  Mehmet A. Orgun,et al.  Design and deployment challenges in immersive and wearable technologies , 2017, Behav. Inf. Technol..

[12]  Paul F. Syverson,et al.  Hiding Routing Information , 1996, Information Hiding.

[13]  Jin Li,et al.  Privacy-preserving data utilization in hybrid clouds , 2014, Future Gener. Comput. Syst..

[14]  Paul F. Syverson,et al.  Anonymous connections and onion routing , 1998, IEEE J. Sel. Areas Commun..

[15]  Hao Wang,et al.  Position based cryptography with location privacy: A step for Fog Computing , 2018, Future Gener. Comput. Syst..

[16]  Mehmet A. Orgun,et al.  Cybersecurity and privacy issues for socially integrated mobile healthcare applications operating in a multi-cloud environment , 2019, Health Informatics J..

[17]  Mehmet A. Orgun,et al.  Privacy Preservation in e-Healthcare Environments: State of the Art and Future Directions , 2018, IEEE Access.

[18]  Joel J. P. C. Rodrigues,et al.  A Systematic Review of Security Mechanisms for Big Data in Health and New Alternatives for Hospitals , 2017, Wirel. Commun. Mob. Comput..

[19]  Miss Laiha Mat Kiah,et al.  Enhanced dynamic credential generation scheme for protection of user identity in mobile-cloud computing , 2013, The Journal of Supercomputing.

[20]  Jinjun Chen,et al.  A trust‐based noise injection strategy for privacy protection in cloud , 2012, Softw. Pract. Exp..

[21]  Tommy Tranvik,et al.  IP Addresses - Just a Number? , 2011, Int. J. Law Inf. Technol..

[22]  Kashif Saleem,et al.  An empirical study on acceptance of secure healthcare service in Malaysia, Pakistan, and Saudi Arabia: a mobile cloud computing perspective , 2016, Annals of Telecommunications.

[23]  Dirk Grunwald,et al.  Shining Light in Dark Places: Understanding the Tor Network , 2008, Privacy Enhancing Technologies.

[24]  Xiaohui Liang,et al.  Exploiting Geo-Distributed Clouds for a E-Health Monitoring System With Minimum Service Delay and Privacy Preservation , 2014, IEEE Journal of Biomedical and Health Informatics.

[25]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[26]  Feng Bao,et al.  Evolving privacy: From sensors to the Internet of Things , 2017, Future Gener. Comput. Syst..

[27]  Jin Li,et al.  Ensuring attribute privacy protection and fast decryption for outsourced data security in mobile cloud computing , 2017, Inf. Sci..

[28]  Gang Sun,et al.  L2P2: A location-label based approach for privacy preserving in LBS , 2017, Future Gener. Comput. Syst..

[29]  Mauro Conti,et al.  Preserving Smartphone Users' Anonymity in Cloudy Days , 2013, 2013 22nd International Conference on Computer Communication and Networks (ICCCN).

[30]  Hongyang Yan,et al.  Server-aided anonymous attribute-based authentication in cloud computing , 2015, Future Gener. Comput. Syst..

[31]  David Chaum,et al.  Security without identification: transaction systems to make big brother obsolete , 1985, CACM.