query privacy in sensing as a service platforms
play

Query Privacy in Sensing-as-a-Service Platforms Ruben Rios David Nu - PowerPoint PPT Presentation

Sep 28, 2022 •154 likes •415 views

Query Privacy in Sensing-as-a-Service Platforms Ruben Rios David Nu nez Javier Lopez Network, Information and Computer Security Lab Department of Computer Science University of Malaga {ruben,dnunez,jlm}@lcc.uma.es IFIP SEC 2017 May 29,

  1. Query Privacy in Sensing-as-a-Service Platforms Ruben Rios David Nu˜ nez Javier Lopez Network, Information and Computer Security Lab Department of Computer Science University of Malaga {ruben,dnunez,jlm}@lcc.uma.es IFIP SEC 2017 May 29, 2017. Rome (Italy)

  2. Introduction Sensing-as-a-Service Platforms S 2 aaS platforms allow querying for data from sensing devices via a sensing server � Sensing devices may belong to companies, administrations or citizens � Sensing servers act as communication gateways � The user issues queries and waits for the response Query Privacy in S 2 aaS Platforms R. Rios, D. Nu˜ nez and J. Lopez IFIP SEC 2017 2 / 20

  3. Introduction How does it work? Query Privacy in S 2 aaS Platforms R. Rios, D. Nu˜ nez and J. Lopez IFIP SEC 2017 3 / 20

  4. Introduction How does it work? Query Privacy in S 2 aaS Platforms R. Rios, D. Nu˜ nez and J. Lopez IFIP SEC 2017 4 / 20

  5. Introduction Problem Statement Honest-but-curious Sensing Server Sensing servers may access to the contents of the queries as well as contextual information to route the queries I User privacy is at stake! Query Privacy in S 2 aaS Platforms R. Rios, D. Nu˜ nez and J. Lopez IFIP SEC 2017 5 / 20

  6. Introduction Problem Statement Why Not Encrypt Traffic? Traditional end-to-end encryption has several drawbacks: 1. The user needs to know the key of every single sensing device 2. The user has to check the status of the keys 3. Multi-/Broadcast queries demands multiple transmissions Query Privacy in S 2 aaS Platforms R. Rios, D. Nu˜ nez and J. Lopez IFIP SEC 2017 6 / 20

  7. Introduction Problem Statement Our Solution We propose the QPSP ( Q uery P rivacy for S ensing P latforms) protocol QPSP is built on techniques inspired by proxy re-encryption and k -anonymity to provide � Query confidentiality: hide the query and response contents � Query privacy: hide the communication end points Query Privacy in S 2 aaS Platforms R. Rios, D. Nu˜ nez and J. Lopez IFIP SEC 2017 7 / 20

  8. Introduction Problem Statement System Model We assume a number of sensing devices organized into clusters There are several cluster heads and they must be able to communicate with one another and with the sensing server The readings of the sensing devices are publicly available to anyone requesting them � Example: Smart City scenario The sensing server and the sensing devices are assummed not to collude against the user Query Privacy in S 2 aaS Platforms R. Rios, D. Nu˜ nez and J. Lopez IFIP SEC 2017 8 / 20

  9. Introduction Problem Statement Adversarial Model The sensing server is semi-honest (a.k.a. honest-but-curious) � Wants to learn the interests of a particular user based on his/her queries We assume it has the following capabilities: � Content analysis: it can observe packet payloads and headers � Statistical analysis: it can analyze features of the communication flow But... we consider it may also � Collude with external entities located in the vicinity of the sensing devices � Try to cheat by slightly modifying its behaviour as long as it does not deviate from the protocol specification Query Privacy in S 2 aaS Platforms R. Rios, D. Nu˜ nez and J. Lopez IFIP SEC 2017 9 / 20

  10. QPSP Protocol Outline 1. Introduction Problem Statement 2. QPSP Protocol Preliminaries Protocol Phases 3. Evaluation 4. Conclusion Query Privacy in S 2 aaS Platforms R. Rios, D. Nu˜ nez and J. Lopez IFIP SEC 2017 10 / 20

  11. QPSP Protocol Preliminaries Cryptographic Notions Proxy Re-encryption Proxy re-encryption is a type of PK encryption that enables a proxy to transform ciphertexts under Alice’s public key ( P A ) into ciphertexts decryptable by Bob’s secret key ( S B ). To that end, the proxy is given a re-encryption key ( rk A ! B ), generated by Alice. Most of these schemes are based on pairing-based cryptography Query Privacy in S 2 aaS Platforms R. Rios, D. Nu˜ nez and J. Lopez IFIP SEC 2017 11 / 20

  12. QPSP Protocol Protocol Phases Overview The QPSP protocol consists of three phases: 1. Initialization : a global public key ( pk P ) is generated by the cluster heads 1 . Re-encryption keys are also generated in this phase. 2. Query : The user encrypts the query using pk P , which is transformed by the sensing server using the re-encryption key ( rk P ! i ) of an arbitrary cluster head. The cluster head decrypts the query and forwards it to the appropriate sensing device. 3. Response : the confidentiality of the response is secured from the user end by incorporating a fresh key into the query. Some traffic obfuscation mechanisms are introduced to prevent leaking information. 1 No single entity controls the corresponding decryption key Query Privacy in S 2 aaS Platforms R. Rios, D. Nu˜ nez and J. Lopez IFIP SEC 2017 12 / 20

  13. QPSP Protocol Protocol Phases Phase1: Initialization Each cluster head CH i generates a key pair ( pk i , sk i ) = ( h x i , x i ) and shares the pk i with the other cluster heads Next, each CH i generates a temporal secret value p i and computes u i = Z p i v ij = ( pk j ) p i = h x j p i The sensing server receives ( u i , { v ij } ) from all cluster heads and computes the global public key and the re-encryption keys: N N Y Y Z p i = Z p 1 + ... + p N = Z p pk P = u i = i = 1 i = 1 N N Y Y h x i p j = h x i ( p 1 + ... + p N ) = h x i p rk P ! i = v ji = j = 1 j = 1 Query Privacy in S 2 aaS Platforms R. Rios, D. Nu˜ nez and J. Lopez IFIP SEC 2017 13 / 20

  14. QPSP Protocol Protocol Phases Phase2: Query Message 1: Encryption The user encrypts m = Q k K , using the global public key pk P Enc P ( m ) = ( g r , m · ( pk P ) r ) = ( g r , m · Z p · r ) = M 1 Message 2: Re-encryption The sensing server sends M 2 to an arbitrary CH i ReEnc i ( M 1 ) = ( e ( g r , rk P ! i ) , m · Z p · r ) = ( Z p · r · x i , m · Z p · r ) = M 2 Decryption The cluster head CH i uses its secret key sk i to decrypt M 2 Dec i ( M 2 ) = CT 2 · ( CT 1 ) � 1 / sk i = m · Z p · r · ( Z p · r · x i ) � 1 / x i = m Query Privacy in S 2 aaS Platforms R. Rios, D. Nu˜ nez and J. Lopez IFIP SEC 2017 14 / 20

  15. QPSP Protocol Protocol Phases Phase3: Response The query Q is delivered to the actual destination using a k-anonymous transmission protocol � For any given identifier, k destinations are chosen using a deterministic function � Destinations may receive the actual or bogus queries All k destinations must behave in the same way to cover the actual query recipient. They all respond to the query and the cluster head filters out cover messages. The true response R is encrypted by the CH using key K and finally sent to the sensing server, which forwards it to the user Query Privacy in S 2 aaS Platforms R. Rios, D. Nu˜ nez and J. Lopez IFIP SEC 2017 15 / 20

  16. Evaluation Outline 1. Introduction Problem Statement 2. QPSP Protocol Preliminaries Protocol Phases 3. Evaluation 4. Conclusion Query Privacy in S 2 aaS Platforms R. Rios, D. Nu˜ nez and J. Lopez IFIP SEC 2017 16 / 20

  17. Evaluation Experimental Evaluation Proof of concept in C using the Apache Milagro Crypto Library We needed an elliptic curve that supports a Type-3 pairing I 256-bit Barreto-Naehrig (BN) curve The following table shows the average value after 100 experiments Entity Platform Operation Cost (ms) Laptop † User Encryption 7.58 Laptop † Sensing server Re-Encryption 11.55 RPi 1 B § Cluster head Decryption 46.20 Intel Galileo 1 ⇤ Cluster head Decryption 122.20 † Core2Duo@2.66GHz, 8GB § SoC@700MHz, 512MB ⇤ SoC@400MHz, 256MB Query Privacy in S 2 aaS Platforms R. Rios, D. Nu˜ nez and J. Lopez IFIP SEC 2017 17 / 20

  18. Conclusion Outline 1. Introduction Problem Statement 2. QPSP Protocol Preliminaries Protocol Phases 3. Evaluation 4. Conclusion Query Privacy in S 2 aaS Platforms R. Rios, D. Nu˜ nez and J. Lopez IFIP SEC 2017 18 / 20

  19. Conclusion Conclusion and Future Work We have presented the QPSP protocol as a mechanism to prevent user profiling in semi-trusted S 2 aaS platforms The solution is built on proxy re-encryption primitives and traffic obfuscation at the sensing network As future work we are considering � Scenarios where users need to be authorized to query for data � Issues related to node revokation and the addition of new cluster heads � Dealing with a portion of compromised sensing devices Query Privacy in S 2 aaS Platforms R. Rios, D. Nu˜ nez and J. Lopez IFIP SEC 2017 19 / 20

  20. Thank you for your Attention! Any questions? Ruben Rios ruben@lcc.uma.es

  21. Extra Slides Cryptographic Notions Bilinear Pairing Let G 1 , G 2 and G T be cyclic groups of prime order q . A bilinear pairing is a map e : G 1 ⇥ G 2 ! G T satisfying the properties of bilinearity, non-degeneracy, and computability 2 ) = e ( g 1 , g 2 ) ab = e ( g b 1. Bilinearity: e ( g a 1 , g b 1 , g a 2 ) 2. Non-degeneracy: e ( g 1 , g 2 ) , 1 3. Computability: There is an efficient algorithm that computes e Bilinear pairings for cryptography are usually constructed over elliptic curves Query Privacy in S 2 aaS Platforms R. Rios, D. Nu˜ nez and J. Lopez IFIP SEC 2017 19 / 20

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Presentation Outline Introduction Related Work System Architecture Privacy

Presentation Outline Introduction Related Work System Architecture Privacy

Privacy Protected Query Processing Privacy Protected Query Processing Privacy Protected Query Processing on Spatial Networks on Spatial Networks on Spatial Networks Wei-Shinn Ku Roger Zimmermann Wen-Chih Peng Sushama Shroff Third

557 views • 12 slides
Statistical Databases Query Auditing Li Xiong CS573 Data Privacy and Anonymity Partial

Statistical Databases Query Auditing Li Xiong CS573 Data Privacy and Anonymity Partial

Statistical Databases Query Auditing Li Xiong CS573 Data Privacy and Anonymity Partial slides credit: Vitaly Shmatikov, Univ Texas at Austin Query Audit Problem Maintaining privacy of data Auditor Q 1 Q 2 Q n Database

305 views • 27 slides
Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security

Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security

Motivation Two-Cloud Setting PP k NN Classification Conclusion and Future Research Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security Yousef M. Elmehdwi Department of Mathematics and Computer

919 views • 19 slides
Differential Privacy (Part III) Approximate (or ( , ))-differential privacy

Differential Privacy (Part III) Approximate (or ( , ))-differential privacy

Differential Privacy (Part III) Approximate (or ( , ))-differential privacy Generalized definition of differential privacy allowing for a (supposedly small) additive factor Used in a variety of applications A query mechanism M is (

1.27k views • 43 slides
Collaborative and privacy-aware sensing for Gon calves, Rui Jos e, Carlos Baquero

Collaborative and privacy-aware sensing for Gon calves, Rui Jos e, Carlos Baquero

Collaborative and privacy-aware sensing for observing urban movement patterns Nelson Collaborative and privacy-aware sensing for Gon calves, Rui Jos e, Carlos Baquero observing urban movement patterns Universidade do Minho and

643 views • 16 slides
xBook: Redesigning Privacy Control in Social xBook: Redesigning Privacy Control in Social

xBook: Redesigning Privacy Control in Social xBook: Redesigning Privacy Control in Social

xBook: Redesigning Privacy Control in Social xBook: Redesigning Privacy Control in Social Networking Platforms Networking Platforms Kapil Singh, Sumeer Bhola and Wenke Lee Social networking is growing 2 Privacy concerns are growing

779 views • 54 slides
Consumer Privacy Protection Principles: Privacy Principles for Vehicle Technologies and Service

Consumer Privacy Protection Principles: Privacy Principles for Vehicle Technologies and Service

Consumer Privacy Protection Principles: Privacy Principles for Vehicle Technologies and Service Automotive Industry Privacy Principles Nov. 12, 2014 Auto Alliance and Global Automakers come together to create a set of privacy principles

419 views • 20 slides
Privacy laws and pervasive sensing / big data: forever incommensurate? Trusted Personal Data

Privacy laws and pervasive sensing / big data: forever incommensurate? Trusted Personal Data

Privacy laws and pervasive sensing / big data: forever incommensurate? Trusted Personal Data Management Panel, TdW Conference Max Mhlhuser Technische Universitt Darmstadt Information Self-Determination EU Charter of fundamental rights:

251 views • 7 slides
Adaptive security and privacy for mHealth sensing Shrirang Mare 1 , Jacob Sorber 1 , Minho Shin 2

Adaptive security and privacy for mHealth sensing Shrirang Mare 1 , Jacob Sorber 1 , Minho Shin 2

Adaptive security and privacy for mHealth sensing Shrirang Mare 1 , Jacob Sorber 1 , Minho Shin 2 , Cory Cornelius 1 , and David Kotz 1 1 Dartmouth College, USA 2 Myongi University, South Korea Source: Javanov et. al., Stress Monitoring Using a

395 views • 36 slides
WILL YOU EAT OR BE EATEN ? Platforms are as old as trains 2 Sometimes platforms go wrong 3

WILL YOU EAT OR BE EATEN ? Platforms are as old as trains 2 Sometimes platforms go wrong 3

PLATFORMS ARE EATING WORLD. WILL YOU EAT OR BE EATEN ? Platforms are as old as trains 2 Sometimes platforms go wrong 3 Some platforms hide very well Others think they are a platform but really are not Hans se seria ial pla

832 views • 56 slides
Improve Query Performance with the Query Log Analyzer Kees Vegter Field Engineer Query Log

Improve Query Performance with the Query Log Analyzer Kees Vegter Field Engineer Query Log

Improve Query Performance with the Query Log Analyzer Kees Vegter Field Engineer Query Log Analyzer kees@neo4j.com Query Log dbms.logs.query.enabled=true # If the execution of query takes more time than this threshold, # the query is

1.12k views • 27 slides
Query Processing Relevance feedback; query expansion; Web Search 1 Overview Indexes Query

Query Processing Relevance feedback; query expansion; Web Search 1 Overview Indexes Query

Query Processing Relevance feedback; query expansion; Web Search 1 Overview Indexes Query Indexi xing Ranki king Applica cation Results Documents User Information Query y Query analys ysis proce cess ssing Multimedia

740 views • 32 slides
Privacy as a Service Raymond Cheng Build practical cloud services that protect user privacy from

Privacy as a Service Raymond Cheng Build practical cloud services that protect user privacy from

Privacy as a Service Raymond Cheng Build practical cloud services that protect user privacy from powerful threats 2 3 Powerful Threats to User Privacy Organized Crime Nation-State Actors 4 Powerful Threats to User Privacy Gather

1.56k views • 104 slides
Query Op)miza)on 1 Query op)miza)on Given an SQL query,

Query Op)miza)on 1 Query op)miza)on Given an SQL query,

Query Op)miza)on 1 Query op)miza)on Given an SQL query, the query op)mizer tries to figure out the order of opera)ons that will make the

550 views • 23 slides
Session 5b Privacy, Data Security and Legal Considerations in Software as a Service and Cloud

Session 5b Privacy, Data Security and Legal Considerations in Software as a Service and Cloud

Session 5b Privacy, Data Security and Legal Considerations in Software as a Service and Cloud Computing Services for Educational Institutions Presented by: Cristina Blanton Erin Fonte Associate Systemwide Compliance and Member, Privacy

310 views • 28 slides
Private Location-based Query Processing Using PIR Layla Pournajaf Guest Lecture Data Privacy and

Private Location-based Query Processing Using PIR Layla Pournajaf Guest Lecture Data Privacy and

Private Location-based Query Processing Using PIR Layla Pournajaf Guest Lecture Data Privacy and Security Nov. 2016 1 Computer Science Department Emory University Motivation I want the list of nearest restaurants 2 Computer Science

537 views • 29 slides
Distance Bounding for RFID Prof. Gildas Avoine Universit e catholique de Louvain, Belgium

Distance Bounding for RFID Prof. Gildas Avoine Universit e catholique de Louvain, Belgium

Distance Bounding for RFID Prof. Gildas Avoine Universit e catholique de Louvain, Belgium Information Security Group SUMMARY Relay Attacks Distance Bounding Protocols Discussion RELAY ATTACKS Relay Attacks Distance Bounding Protocols

330 views • 28 slides
How cryptographic benchmarking goes wrong Daniel J. Bernstein Thanks to NIST 60NANB12D261 for

How cryptographic benchmarking goes wrong Daniel J. Bernstein Thanks to NIST 60NANB12D261 for

1 How cryptographic benchmarking goes wrong Daniel J. Bernstein Thanks to NIST 60NANB12D261 for funding this work, and for not reviewing these slides in advance. PRESERVE, ending 2015.06.30, was a European project Preparing Secure

491 views • 32 slides
Zooms for Effects Dominique Duval Udine, September 11., 2009 IFIP W.G.1.3. meeting Outline

Zooms for Effects Dominique Duval Udine, September 11., 2009 IFIP W.G.1.3. meeting Outline

Zooms for Effects Dominique Duval Udine, September 11., 2009 IFIP W.G.1.3. meeting Outline Introduction Diagrammatic logics Parameterization Sequential product Conclusion Motivations Wanted. A framework for the semantics of effects.

599 views • 30 slides
Towards a formally verified obfuscating compiler Sandrine Blazy joint work with Roberto Giacobazzi

Towards a formally verified obfuscating compiler Sandrine Blazy joint work with Roberto Giacobazzi

Towards a formally verified obfuscating compiler Sandrine Blazy joint work with Roberto Giacobazzi and Alix Trieu IFIP WG 1.9/2.15, 2015-07-16 1 Background: verifying a compiler Compiler + proof that the compiler does not introduce bugs

553 views • 24 slides
Approximate Graph Embeddings in the Cloud 2 5 3 AC B 2 2 2 2 D 0 3 1 Highlights of

Approximate Graph Embeddings in the Cloud 2 5 3 AC B 2 2 2 2 D 0 3 1 Highlights of

Approximate Graph Embeddings in the Cloud 2 5 3 AC B 2 2 2 2 D 0 3 1 Highlights of Algorithms 2018 Matthias Rost Technische Universitt Berlin, Internet Network Architectures Stefan Schmid Universitt Wien, Communication

329 views • 22 slides
Better Lemmas with Lambda Extraction Mathias Preiner, Aina Niemetz and Armin Biere Institute for

Better Lemmas with Lambda Extraction Mathias Preiner, Aina Niemetz and Armin Biere Institute for

Better Lemmas with Lambda Extraction Mathias Preiner, Aina Niemetz and Armin Biere Institute for Formal Models and Verification (FMV) Johannes Kepler University, Linz, Austria http://fmv.jku.at/ FMCAD 2015 September 27-30, 2015 Austin, Texas,

787 views • 22 slides
CNSM 2013: Awards, Future, Closing CNSM 2013: The 9th Conference on Network and Service

CNSM 2013: Awards, Future, Closing CNSM 2013: The 9th Conference on Network and Service

CNSM 2013: Awards, Future, Closing CNSM 2013: The 9th Conference on Network and Service Management October 14-18, 2013, Zrich, Switzerland CNSM 2013 Pictures Take a look at: http://www.cnsm-conf.org/2013/pics Directly linked

311 views • 12 slides
the real-time Internet routing observatory Pietro G. Giardina Enrico Gregori Alessandro

the real-time Internet routing observatory Pietro G. Giardina Enrico Gregori Alessandro

the real-time Internet routing observatory Pietro G. Giardina Enrico Gregori Alessandro Improta Luciano Lenzini Alessandro Pischedda Lorenzo Rossi Luca Sani Internet Everyone knows the role of the Internet in our society, but

402 views • 22 slides

More recommend