Biblio

Budding technologies like IoT requires minimum latency for performing real-time applications. The IoT devices collect a huge amount of big data and stores in the cloud environment, because of its on-demand services and scalability. But processing the needed information of the IoT devices from the cloud computing environment is found to be time-sensitive one. To eradicate this issue fog computing environment was created which acts an intermediate between the IoT devices and cloud computing environment. The fog computing performs intermediate computation and storage which is needed by IoT devices and it eliminates the drawbacks of latency and bandwidth limitation faced by directly using cloud computing for storage and accessing. The fog computing even though more advantageous it is more exposed to security issues by its architecture. This paper concentrates more on the security issues met by fog computing and the present methods used by the researchers to secure fog with their pros and cons.

Substantial portions of attacks on the security of enterprises are perpetrated by Insiders having authorized privileges. Thus insider threat and attack detection is an important aspect of Security management. In the published literature, efforts are on to model the insider threats based on the behavioral traits of employees. The psycho-social behaviors are hard to encode in the software systems. Also, in some cases, there are privacy issues involved. In this paper, the human and non-human agents in a system are described in a novel unified model. The enterprise is described as an automaton and its states are classified secure, safe, unsafe and compromised. The insider agents and threats are modeled on the basis of the automaton and the model is validated using a case study.

An image forgery method called Deepfakes can cause security and privacy issues by changing the identity of a person in a photo through the replacement of his/her face with a computer-generated image or another person's face. Therefore, a new challenge of detecting Deepfakes arises to protect individuals from potential misuses. Many researchers have proposed various binary-classification based detection approaches to detect deepfakes. However, binary-classification based methods generally require a large amount of both real and fake face images for training, and it is challenging to collect sufficient fake images data in advance. Besides, when new deepfakes generation methods are introduced, little deepfakes data will be available, and the detection performance may be mediocre. To overcome these data scarcity limitations, we formulate deepfakes detection as a one-class anomaly detection problem. We propose OC-FakeDect, which uses a one-class Variational Autoencoder (VAE) to train only on real face images and detects non-real images such as deepfakes by treating them as anomalies. Our preliminary result shows that our one class-based approach can be promising when detecting Deepfakes, achieving a 97.5% accuracy on the NeuralTextures data of the well-known FaceForensics++ benchmark dataset without using any fake images for the training process.

Over the past few years, we have experienced great technological advancements in the information and communication field, which has significantly contributed to reshaping the Intelligent Transportation System (ITS) concept. Evolving from the platform of a collection of sensors aiming to collect data, the data exchanged paradigm among vehicles is shifted from the local network to the cloud. With the introduction of cloud and edge computing along with ubiquitous 5G mobile network, it is expected to see the role of Artificial Intelligence (AI) in data processing and smart decision imminent. So as to fully understand the future automobile scenario in this verge of industrial revolution 4.0, it is necessary first of all to get a clear understanding of the cutting-edge technologies that going to take place in the automotive ecosystem so that the cyber-physical impact on transportation system can be measured. CIoV, which is abbreviated from Cognitive Internet of Vehicle, is one of the recently proposed architectures of the technological evolution in transportation, and it has amassed great attention. It introduces cloud-based artificial intelligence and machine learning into transportation system. What are the future expectations of CIoV? To fully contemplate this architecture's future potentials, and milestones set to achieve, it is crucial to understand all the technologies that leaned into it. Also, the security issues to meet the security requirements of its practical implementation. Aiming to that, this paper presents the evolution of CIoV along with the layer abstractions to outline the distinctive functional parts of the proposed architecture. It also gives an investigation of the prime security and privacy issues associated with technological evolution to take measures.

The growing demand for safety in urban environments is supported by monitoring using video surveillance. The need to analyze multiple video-flows from different cameras deployed around the city by heterogeneous owners introduces vulnerabilities and privacy issues. Video frames, timestamps, and camera settings can be digitally manipulated by malicious users; the positions of cameras, their orientation and their mechanical settings can be physically manipulated. Digital and physical manipulations may have several effects, including the change of the observed scene and the potential violation of neighbors' privacy. To face these risks, we introduce BlockSee, a blockchain-based video surveillance system that jointly provides validation and immutability to camera settings and surveillance videos, making them readily available to authorized users in case of events. The encouraging results obtained with BlockSee pave the way to new distributed city-wide monitoring systems.

When employing biometric recognition systems, we have to take into account that biometric data are considered sensitive data. This has raised some privacy issues, and therefore secure systems providing template protection are required. Using homomorphic encryption, permanent protection can be ensured, since templates are stored and compared in the encrypted domain. In addition, the unprotected system's accuracy is preserved. To solve the problem of the computational overload linked to the encryption scheme, we present an early decision making strategy for iris-codes. In order to improve the recognition accuracy, the most consistent bits of the iris-code are moved to the beginning of the template. This allows an accurate block-wise comparison, thereby reducing the execution time. Hence, the resulting system grants template protection in a computationally efficient way. More specifically, in the experimental evaluation in identification mode, the block-wise comparison achieves a 92% speed-up on the IITD database with 300 enrolled templates.

Different tools and sources are used to collect big data, which may create privacy issues. k-anonymity, l-diversity, t-closeness etc. privacy preserving data publishing approaches are used data de-identification, but as multiple sources is used to collect the data, chance of re-identification is very high. Anonymization large data is not a trivial task, hence, privacy preserving approaches scalability has become a challenging research area. Researchers explore it by proposing algorithms for scalable anonymization. We further found that in some scenarios efficient anonymization is not enough, timely anonymization is also required. Hence, to incorporate the velocity of data with Scalable k-Anonymization (SKA) approach, we propose a novel approach, Scalable ( α, k)-Anonymization (SAKA). Our proposed approach outperforms in terms of information loss and running time as compared to existing approaches. With best of our knowledge, this is the first proposed scalable anonymization approach for the velocity of data.

We aim at creating a society where we can resolve various social challenges by incorporating the innovations of the fourth industrial revolution (e.g. IoT, big data, AI, robot, and the sharing economy) into every industry and social life. By doing so the society of the future will be one in which new values and services are created continuously, making people's lives more conformable and sustainable. This is Society 5.0, a super-smart society. Security and privacy are key issues to be addressed to realize Society 5.0. Privacy-preserving data analytics will play an important role. In this talk we show our recent works on privacy-preserving data analytics such as privacy-preserving logistic regression and privacy-preserving deep learning. Finally, we show our ongoing research project under JST CREST “AI”. In this project we are developing privacy-preserving financial data analytics systems that can detect fraud with high security and accuracy. To validate the systems, we will perform demonstration tests with several financial institutions and solve the problems necessary for their implementation in the real world.

With the prevalence of Internet of Things (IoT) devices and systems, touching almost every single aspect of our modern life, one core factor that will determine whether this technology will succeed, and gain people trust, or fail is security. This technology aimed to facilitate and improve the quality of our life; however, it is hysterical and fast growth makes it an attractive and prime target for a whole variety of hackers posing a significant risk to our technology and IT infrastructures at both enterprise and individual levels. This paper discusses and identifies some critical aspects from software security perspective that need to be addressed and considered when designing IoT applications. This paper mainly concerned with potential security issues of the applications running on IoT devices including insecure interfaces, insecure software, constrained application protocol and middleware security. This effort is part of a funded research project that investigates internet of things (IoT) security and privacy issues related to architecture, connectivity and data collection.

The exponential usage of messaging services for communication raises many questions in privacy fields. Privacy issues in such services strongly depend on the graph-theoretical properties of users' interactions representing the real friendships between users. One of the most important issues of privacy is that users may disclose information of other users beyond the scope of the interaction, without realizing that such information could be aggregated to reveal sensitive information. Determining vulnerable interactions from non-vulnerable ones is difficult due to the lack of awareness mechanisms. To address this problem, we analyze the topological relationships with the level of trust between users to notify each of them about their vulnerable social interactions. Particularly, we analyze the impact of trusting vulnerable friends in infecting other users' privacy concerns by modeling a new vulnerability contagion process. Simulation results show that over-trusting vulnerable users speeds the vulnerability diffusion process through the network. Furthermore, vulnerable users with high reputation level lead to a high convergence level of infection, this means that the vulnerability contagion process infects the biggest number of users when vulnerable users get a high level of trust from their interlocutors. This work contributes to the development of privacy awareness framework that can alert users of the potential private information leakages in their communications.

Internet of Things (IoT) as per estimated will connect 50 billion devices by 2020. Since its evolution, IoT technology provides lots of flexibility to develop and implement any application. Most of the application improves the human living standard and also makes life easy to access and monitoring the things in real time. Though there exist some security and privacy issues in IoT system like authentication, computation, data modification, trust among users. In this paper, we have identified the IoT application like insurance, supply chain system, smart city and smart car where trust among associated users is an major issue. The current centralized system does not provide enough trust between users. Using Blockchain technology we have shown that trust issue among users can be managed in a decentralized way so that information can be traceable and identify/verify any time. Blockchain has properties like distributed, digitally share and immutable which enhance security. For Blockchain implementation, Ethereum platform is used.

The transmission of medical image data in an open network environment is subject to privacy issues including patient privacy and data leakage. In the past, image encryption and information-hiding technology have been used to solve such security problems. But these methodologies, in general, suffered from difficulties in retrieving original images. We present in this paper an algorithm to protect key regions in medical images. First, coefficient of variation is used to locate the key regions, a.k.a. the lesion areas, of an image; other areas are then processed in blocks and analyzed for texture complexity. Next, our reversible data-hiding algorithm is used to embed the contents from the lesion areas into a high-texture area, and the Arnold transformation is performed to protect the original lesion information. In addition to this, we use the ciphertext of the basic information about the image and the decryption parameter to generate the Quick Response (QR) Code to replace the original key regions. Consequently, only authorized customers can obtain the encryption key to extract information from encrypted images. Experimental results show that our algorithm can not only restore the original image without information loss, but also safely transfer the medical image copyright and patient-sensitive information.

The paper considers data security and privacy issues in intelligent transportation systems which involve data streams coming out from individual vehicles to road side units. In this environment, there are issues in regards to the scalability of key management and computation limitations at the edge of the network. To address these issues, we suggest the formation of groups in the vehicular layer, where a group leader is assigned to communicate with group members and the road side unit. We propose a lightweight permutation mechanism for preserving the confidentiality and privacy of sensory data.

The virtual world does not observe national borders, has no uniform legal system, and does not have a common perception of security and privacy issues. It is however, relatively homogenous in terms of technology.A cyberattack on an energy delivery system can have significant impacts on the availability of a system to perform critical functions as well as the integrity of the system and the confidentiality of sensitive information.

The growth in Internet usage has increased the use of electronic services requiring users to register their identity on each service they subscribe to. This has resulted in the prevalence of redundant users data on different services. To protect and regulate access by users to these services identity management systems (IdMs)are put in place. IdMs uses frameworks and standards e.g SAML, OAuth and Shibboleth to manage digital identities of users for identification and authentication process for a service provider. However, current IdMs have not been able to address privacy issues (unauthorised and fine-grained access)that relate to protecting users identity and private data on web services. Many implementations of these frameworks are only concerned with the identification and authentication process of users but not authorisation. They mostly give full control of users digital identities and data to identity and service providers with less or no users participation. This results in a less privacy enhanced solutions that manage users available data in the electronic space. This article proposes a user-centred mandate representation system that empowers resource owners to take full of their digital data; determine and delegate access rights using their mobile phone. Thereby giving users autonomous powers on their resources to grant access to authenticated entities at their will. Our solution is based on the OpenID Connect framework for authorisation service. To evaluate the proposal, we've compared it with some related works and the privacy requirements yardstick outlined in GDPR regulation [1] and [2]. Compared to other systems that use OAuth 2.0 or SAML our solution uses an additional layer of security, where data owner assumes full control over the disclosure of their identity data through an assertion issued from their mobile phones to authorisation server (AS), which in turn issues an access token. This would enable data owners to assert the authenticity of a request, while service providers and requestors also benefit from the correctness and freshness of identity data disclosed to them.

Since the term “Fog Computing” has been coined by Cisco Systems in 2012, security and privacy issues of this promising paradigm are still open challenges. Among various security challenges, Access Control is a crucial concern for all cloud computing-like systems (e.g. Fog computing, Mobile edge computing) in the IoT era. Therefore, assigning the precise level of access in such an inherently scalable, heterogeneous and dynamic environment is not easy to perform. This work defines the uncertainty challenge for authentication phase of the access control in fog computing because on one hand fog has a number of characteristics that amplify uncertainty in authentication and on the other hand applying traditional access control models does not result in a flexible and resilient solution. Therefore, we have proposed a novel prediction model based on the extension of Attribute Based Access Control (ABAC) model. Our data-driven model is able to handle uncertainty in authentication. It is also able to consider the mobility of mobile edge devices in order to handle authentication. In doing so, we have built our model using and comparing four supervised classification algorithms namely as Decision Tree, Naïve Bayes, Logistic Regression and Support Vector Machine. Our model can achieve authentication performance with 88.14% accuracy using Logistic Regression.

The prevalent use of mobile applications using location information to improve the quality of their service has arisen privacy issues, particularly regarding the extraction of user's points on interest. Many studies in the literature focus on presenting algorithms that allow to protect the user of such applications. However, these solutions often require a high level of expertise to be understood and tuned properly. In this paper, the first control-based approach of this problem is presented. The protection algorithm is considered as the ``physical'' plant and its parameters as control signals that enable to guarantee privacy despite user's mobility pattern. The following of the paper presents the first control formulation of POI-related privacy measure, as well as dynamic modeling and a simple yet efficient PI control strategy. The evaluation using simulated mobility records shows the relevance and efficiency of the presented approach.

With the widespread of cloud computing, the delegation of storage and computing is becoming a popular trend. Concerns on data integrity, security, user privacy as well as the correctness of execution are highlighted due to the untrusted remote data manipulation. Most of existing proposals solve the integrity checking and verifiable computation problems by challenge-response model, but are lack of scalability and reusability. Via blockchain, we achieve efficient and transparent public verifiable delegation for both storage and computing. Meanwhile, the smart contract provides API for request handling and secure data query. The security and privacy issues of data opening are settled by applying cryptographic algorithms all through the delegations. Additionally, any access to the outsourced data requires the owner's authentication, so that the dat transference and utilization are under control.

In the past decade, the revolution in miniaturization (microprocessors, batteries, cameras etc.) and manufacturing of new type of sensors resulted in a new regime of applications based on smart objects called IoT. Majority of such applications or services are to ease human life and/or to setup efficient processes in automated environments. However, this convenience is coming up with new challenges related to data security and human privacy. The objects in IoT are resource constrained devices and cannot implement a fool-proof security framework. These end devices work like eyes and ears to interact with the physical world and collect data for analytics to make expedient decisions. The storage and analysis of the collected data is done remotely using cloud computing. The transfer of data from IoT to the computing clouds can introduce privacy issues and network delays. Some applications need a real-time decision and cannot tolerate the delays and jitters in the network. Here, edge computing or fog computing plays its role to settle down the mentioned issues by providing cloud-like facilities near the end devices. In this paper, we discuss IoT, fog computing, the relationship between IoT and fog computing, their security issues and solutions by different researchers. We summarize attack surface related to each layer of this paradigm which will help to propose new security solutions to escalate it acceptability among end users. We also propose a risk-based trust management model for smart healthcare environment to cope with security and privacy-related issues in this highly un-predictable heterogeneous ecosystem.

Data Deduplication provides lots of benefits to security and privacy issues which can arise as user's sensitive data at risk of within and out of doors attacks. Traditional secret writing that provides knowledge confidentiality is incompatible with knowledge deduplication. Ancient secret writing wants completely different users to encode their knowledge with their own keys. Thus, identical knowledge copies of completely different various users can result in different ciphertexts that makes Deduplication not possible. Convergent secret writing has been planned to enforce knowledge confidentiality whereas creating Deduplication possible. It encrypts/decrypts a knowledge copy with a confluent key, that is obtained by computing the cryptographical hash price of the content of the information copy. Once generation of key and encryption, the user can retain the keys and send ciphertext to cloud.

This research in progress paper describes the role of cyber security measures undertaken in an ICT system for integrating electric storage technologies into the grid. To do so, it defines security requirements for a communications gateway and gives detailed information and hands-on configuration advice on node and communication line security, data storage, coping with backend M2M communications protocols and examines privacy issues. The presented research paves the road for developing secure smart energy communications devices that allow enhancing energy efficiency. The described measures are implemented in an actual gateway device within the HORIZON 2020 project STORY, which aims at developing new ways to use storage and demonstrating these on six different demonstration sites.

Security and privacy issues of the Internet of Things (IoT in short, hereafter) attracts the hot topic of researches through these years. As the relationship between user and server become more complicated than before, the existing security solutions might not provide exhaustive securities in IoT environment and novel solutions become new research challenges, e.g., the solutions based on symmetric cryptosystems are unsuited to handle with the occasion that decryption is only allowed in specific time range. In this paper, a new scalable one-time file encryption scheme combines reliable cryptographic techniques, which is named OTFEP, is proposed to satisfy specialized security requirements. One of OTFEP's key features is that it offers a mechanism to protect files in the database from arbitrary visiting from system manager or third-party auditors. OTFEP uses two different approaches to deal with relatively small file and stream file. Moreover, OTFEP supports good node scalability and secure key distribution mechanism. Based on its practical security and performance, OTFEP can be considered in specific IoT devices where one-time file encryption is necessary.

Identity verification plays an important role in creating trust in the economic system. It can, and should, be done in a way that doesn't decrease individual privacy.

For the first time in the history of humanity, more them half of the population is now living in big cities. This scenario has raised concerns related systems that provide basic services to citizens. Even more, those systems has now the responsibility to empower the citizen with information and values that may aid people on daily decisions, such as related to education, transport, healthy and others. This environment creates a set of services that, interconnected, can develop a brand new range of solutions that refers to a term often called System of Systems. In this matter, focusing in a smart city, new challenges related to information security raises, those concerns may go beyond the concept of privacy issues exploring situations where the entire environment could be affected by issues different them only break the confidentiality of a data. This paper intends to discuss and propose 9 security issues that can be part of a smart city environment, and that explores more them just citizens privacy violations.