1 / 35

Achieving the Privacy Protection for Internet of Things Applications

This paper discusses the importance of privacy in IoT applications and explores various privacy protection mechanisms and strategies. It also analyzes the challenges and risks associated with privacy in IoT systems.

lonniep
Download Presentation

Achieving the Privacy Protection for Internet of Things Applications

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Achieving the Privacy Protection for Internet of Things Applications Bo Cheng (鄭伯炤) Department of Communications Engineering National Chung Cheng University Chia-Yi, Taiwan 62145 Email: bcheng@ccu.edu.tw

  2. 改寫職場的8個關鍵字

  3. Privacy, Privacy, Privacy

  4. Security- Three Attributes • Confidentiality: A set of rules or a promise that limits access or places restrictions on certain types of information. • Integrity: Maintaining and assuring the accuracy and consistency of data over its entire life-cycle • Availability: The degree to which a system, subsystem or equipment is in a specified operable and committable state at the start of a mission,

  5. Privacy vs. Security Security ≠ Privacy • Linkability of entity refers to an attacker can sufficiently distinguish whether two or more entities are related or not within the system. Traceability is the ability to verify the history, location, or application of an item by means of documented recorded identification. • Identifiability of entity refers to an attacker can sufficiently identify the entities within the system. L I T Mina Deng, KimWuyts, Riccardo Scandariato, Bart Preneel, Wouter Joosen A privacy threat analysis framework: supporting the elicitation and fulfillment of privacy requirements

  6. What Privacy? Source: http://www.rogerclarke.com/DV/Intro.html

  7. Internet of Things (IoT) The network of physical objects or "things" embedded with electronics, software, sensors and connectivity to enable it to achieve greater value and service by exchanging data with the manufacturer, operator and/or other connected devices. Source: Wiki

  8. IoT Applications

  9. Three IoT Applications Smart Grid Smart Health Connected Car

  10. What Privacy? Source: http://www.rogerclarke.com/DV/Intro.html

  11. K-Anonymity

  12. De-Identification with Re-ID Risk ☆ Indirectly identifying variables (quasi-identifiers): probabilistically identify an individual, e.g., sex, date of birth or age, geo-codes, first language, ethnic origin, aboriginal identity, total years of schooling, marital status, criminal history, total income, visible minority status, profession, health event dates, health-related codes, country of birth and birth weight. High Aggregate data De-identified data Privacy Potentially De-identified data ☆ Directly identifying variables: uniquely identify an individual, e.g., name, phone number, email address, health insurance card number, credit card number and social insurance number. Identifiable data Low Data Type

  13. Suppression • Suppress data information by removing or modifying data value

  14. Generalization • Modify data value to reduce data informative information based hierarchical attributes

  15. Perturbation • Add noise or change data value • Add new record into database as a ‘noise’ • Randomize change data value

  16. Pseudonymisation • Using pseudonyms instead of real direct identifier • Single Coding • Double Coding • Example • Original Data: ‘telephone number’ + ‘Age’ + ‘Zip code’ • Replacing Data by a pseud-Id ‘1a2b3C4D’

  17. Single Coding

  18. Double Coding

  19. What Is IOV(Internet of Vehicle) • Refers to the vehicles to vehicles, vehicles to roads, vehicles to people, vehicles to sensing equipment interaction, implement dynamic mobile communication system of the vehicles with the public network. • Example Projects • Europe: Cooperative Vehicle-Infrastructure Systems (CVIS) • US: Intelligent Vehicle-Highway Systems (IVHS) • Japan: SmartWay

  20. The Connected Cars War

  21. Why IoV • Facilitates active participations by drivers • Enables new products, services, and markets • Provides safety driving • Optimizes intelligent transportation system Application/Platform Service Provider Manufacture/ Dealer/ Insurance/

  22. Applications and Use Cases • Active road safety applications • Traffic efficiency and management applications • Infotainment applications G. Karagiannis, O. Altintas, E. Ekici, G.J., Heijenk, B. Jarupan, K. Lin, T. Weil, (2011) “Vehicular networking: A survey and tutorial on requirements, architectures, challenges, standards and solutions”,  IEEE Communications Surveys & Tutorials, 13 (4). pp. 584-616. ISSN 1553-877X, 2011

  23. A Killer Application !?Real-Time Traffic Information • Four-year-old • Free application currently available on the iPhone and Google Android devices • Incorporates real-time GPS data from its nearly 50 million users to deliver highly accurate and useful traffic and navigation information. • Edit maps with details like gas prices, speed traps, road construction and traffic accidents. 

  24. ITS Station Reference Architecture (ISO 21217) Real-Time Applications Sensor Manipulation Sybil Attack Facilities Key extraction PAIC Security Management Privacy Attack Networking & Transport DoS Framing Attack Access Technologies Software Manipulation GPS Blue Tooth WiFi 2G/3G/… Ethernet Scalability 250 million vehicles

  25. ITS Related Security Standard • ISO/TR 11766:2010, Intelligent transport systems - Communications access for land mobiles (CALM) - Security considerations for lawful interception • "IEEE Trial-Use Standard for Wireless Access in Vehicular Environments - Security Services for Applications and Management Messages," IEEE Std 1609.2-2006 • ISO/TR 11769:2010, Intelligent transport systems - Communications access for land mobiles (CALM) - Data retention for law enforcement • ISO/TR 12859:2009, Intelligent transport systems -- System architecture -- Privacy aspects in ITS standards and systems 

  26. ITS Station Reference Architecture (ISO 21217) Real-Time Applications Sensor Manipulation Sybil Attack Facilities Key extraction PAIC Security Management Privacy Attack Networking & Transport DoS Framing Attack Access Technologies Software Manipulation GPS Blue Tooth WiFi 2G/3G/… Ethernet Scalability 250 million vehicles

  27. Privacy Information • VID revealing • Time • Location • Technical description • Trip details

  28. Performance Requirement • Certificate Cache Lookup Effectiveness (CLE) • Packet Signature Generations per Second (SGPS) • Packet Signature Verifications per Second (SVPS) • Signature Generation Delay (SGD) • Signature Verification Delay (SVD) • Pseudonym Change Delay (PCD) PRESERVE: Security Requirements of Vehicle Security Architecture

  29. Privacy • Two terms • Untraceability: vehicle’s action should not be traced • Unlinkability: vehicle’s identity should not be identified • Weak Anonymity: vehicles should not be identified from the messages they send • Strong Anonymity: no message are linkable vehicles • Location Privacy • Location of a vehicle over time should remian private

  30. Privacy Risks for LBS • Two types • Real time (where the vehicle is presently located) or • Historic (where the vehicle was at a certain time on a certain day). • Locate and track specific vehicles. • Location unique vehicle identifier (or series of identifiers) an individual (a registered owner).

  31. Pseudonym • Not allow for message sender to be identified • Difficult to link two or more messages to a specific node. • If pseudonyms do not changed at appropriate time and location, messages signed under different pseudonyms • Easy to be linked by an adversary. P. Papadimitratos, L. Buttyan, J-P. Hubaux, F. Kargl, A. Kung, and M. Raya, "Architecture for secure and private vehicular communications," 7th International Conference on ITS Telecommunications, Sophia Antipolis, France, June 200

  32. Challenges for Pseudonyms • If only one vehicle changes its pseudonym in a region • trivially track vehicles because only one pseudonym changed. The vehicles by changing pseudonyms will mix with each other. P. Papadimitratos, L. Buttyan, T. Holczer, E. Schoch, J. Freudiger, M. Raya, M. Zhendong, F. Kargl, A. Kung, J-P Hubaux, “Secure vehicular communication system : Design and Architecture Communications” IEEE Magazine, November 2008,vol. 46, pp. 100-109.

  33. Non Intrusive Load Monitors (NILM) • Two disaggregation algorithms • Combinatorial Optimization (CO) • Factorial Hidden Markov Model(FHMM) NILM Behavioral Privacy Which When How Much

  34. Utilize Battery to Preserve Privacy Source: G. Kalogridis, C. Efthymiou, S.Z. Denic, T.A. Lewis, R. Cepeda, “Privacy for Smart Meters: Towards Undetectable Appliance Load Signatures,” Proc. IEEE International Conference on Smart Grid Communications, Gaithersburg, Maryland, October 2010.

  35. ConclusionIoT (Imagination of Try) Imagination is more important than knowledge. Try not to become a man of success, but rather try to become a man of value Albert Einstein

More Related