Visible to the public Biblio

Filters: Keyword is user privacy  [Clear All Filters]
2017-05-17
Fremantle, Paul.  2016.  Privacy-enhancing Federated Middleware for the Internet of Things. Proceedings of the Doctoral Symposium of the 17th International Middleware Conference. :4:1–4:4.

The Internet of Things (IoT) offers new opportunities, but alongside those come many challenges for security and privacy. Most IoT devices offer no choice to users of where data is published, which data is made available and what identities are used for both devices and users. The aim of this work is to explore new middleware models and techniques that can provide users with more choice as well as enhance privacy and security. This paper outlines a new model and a prototype of a middleware system that implements this model.

2017-02-23
S. Patil, S. Ramayane, M. Jadhav, P. Pachorkar.  2015.  "Hiding User Privacy in Location Base Services through Mobile Collaboration". 2015 International Conference on Computational Intelligence and Communication Networks (CICN). :1105-1107.

User uses smartphones for web surfing and browsing data. Many smartphones are embedded with inbuilt location aware system called GPS [Global Positioning System]. Using GPS user have to register and share his all private information to the LBS server. LBS is nothing but Location Based Service. Simply user sends the query to the LBS server. Then what is happening the LBS server gives a private information regarding particular user location. There will be a possibility to misuse this information so using mobile crowd method hides user location from LBS server and avoid sharing of privacy information with server. Our solution does not required to change the LBS server architecture.

2015-05-06
Skarmeta, A.F., Hernández-Ramos, J.L., Moreno, M.V..  2014.  A decentralized approach for security and privacy challenges in the Internet of Things. Internet of Things (WF-IoT), 2014 IEEE World Forum on. :67-72.

The strong development of the Internet of Things (IoT) is dramatically changing traditional perceptions of the current Internet towards an integrated vision of smart objects interacting with each other. While in recent years many technological challenges have already been solved through the extension and adaptation of wireless technologies, security and privacy still remain as the main barriers for the IoT deployment on a broad scale. In this emerging paradigm, typical scenarios manage particularly sensitive data, and any leakage of information could severely damage the privacy of users. This paper provides a concise description of some of the major challenges related to these areas that still need to be overcome in the coming years for a full acceptance of all IoT stakeholders involved. In addition, we propose a distributed capability-based access control mechanism which is built on public key cryptography in order to cope with some of these challenges. Specifically, our solution is based on the design of a lightweight token used for access to CoAP Resources, and an optimized implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) inside the smart object. The results obtained from our experiments demonstrate the feasibility of the proposal and show promising in order to cover more complex scenarios in the future, as well as its application in specific IoT use cases.

2015-05-04
Vijayan, A., Thomas, T..  2014.  Anonymity, unlinkability and unobservability in mobile ad hoc networks. Communications and Signal Processing (ICCSP), 2014 International Conference on. :1880-1884.

Mobile ad hoc networks have the features of open medium, dynamic topology, cooperative algorithms, lack of centralized monitoring etc. Due to these, mobile ad hoc networks are much vulnerable to security attacks when compared to wired networks. There are various routing protocols that have been developed to cope up with the limitations imposed by the ad hoc networks. But none of these routing schemes provide complete unlinkability and unobservability. In this paper we have done a survey about anonymous routing and secure communications in mobile ad hoc networks. Different routing protocols are analyzed based on public/private key pairs and cryptosystems, within that USOR can well protect user privacy against both inside and outside attackers. It is a combination of group signature scheme and ID based encryption scheme. These are run during the route discovery process. We implement USOR on ns2, and then its performance is compared with AODV.

Jagdale, B.N., Bakal, J.W..  2014.  Synergetic cloaking technique in wireless network for location privacy. Industrial and Information Systems (ICIIS), 2014 9th International Conference on. :1-6.

Mobile users access location services from a location based server. While doing so, the user's privacy is at risk. The server has access to all details about the user. Example the recently visited places, the type of information he accesses. We have presented synergetic technique to safeguard location privacy of users accessing location-based services via mobile devices. Mobile devices have a capability to form ad-hoc networks to hide a user's identity and position. The user who requires the service is the query originator and who requests the service on behalf of query originator is the query sender. The query originator selects the query sender with equal probability which leads to anonymity in the network. The location revealed to the location service provider is a rectangle instead of exact co-ordinate. In this paper we have simulated the mobile network and shown the results for cloaking area sizes and performance against the variation in the density of users.

Shao Shuai, Dong Guowei, Guo Tao, Yang Tianchang, Shi Chenjie.  2014.  Analysis on Password Protection in Android Applications. P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC), 2014 Ninth International Conference on. :504-507.

Although there has been much research on the leakage of sensitive data in Android applications, most of the existing research focus on how to detect the malware or adware that are intentionally collecting user privacy. There are not much research on analyzing the vulnerabilities of apps that may cause the leakage of privacy. In this paper, we present a vulnerability analyzing method which combines taint analysis and cryptography misuse detection. The four steps of this method are decompile, taint analysis, API call record, cryptography misuse analysis, all of which steps except taint analysis can be executed by the existing tools. We develop a prototype tool PW Exam to analysis how the passwords are handled and if the app is vulnerable to password leakage. Our experiment shows that a third of apps are vulnerable to leak the users' passwords.

Azfar, A., Choo, K.-K.R., Lin Liu.  2014.  A Study of Ten Popular Android Mobile VoIP Applications: Are the Communications Encrypted? System Sciences (HICSS), 2014 47th Hawaii International Conference on. :4858-4867.

Mobile Voice over Internet Protocol (mVoIP) applications have gained increasing popularity in the last few years, with millions of users communicating using such applications (e.g. Skype). Similar to other forms of Internet and telecommunications, mVoIP communications are vulnerable to both lawful and unauthorized interceptions. Encryption is a common way of ensuring the privacy of mVoIP users. To the best of our knowledge, there has been no academic study to determine whether mVoIP applications provide encrypted communications. In this paper, we examine Skype and nine other popular mVoIP applications for Android mobile devices, and analyze the intercepted communications to determine whether the captured voice and text communications are encrypted (or not). The results indicate that most of the applications encrypt text communications. However, voice communications may not be encrypted in six of the ten applications examined.