scholarly journals Privacy-Preserving Fingerprint Authentication Using D-H Key Exchange and Secret Sharing

2021 ◽  
Vol 2021 ◽  
pp. 1-12
Author(s):  
Huiyong Wang ◽  
Mingjun Luo ◽  
Yong Ding
Keyword(s):  
Secret Sharing ◽  
Private Information ◽  
Data Privacy ◽  
Security Analysis ◽  
Privacy Preserving ◽  
Key Exchange ◽  
Security And Privacy ◽  
Sensitive Information ◽  
Biometric Data ◽  
Diffie Hellman

Biometric based remote authentication has been widely deployed. However, there exist security and privacy issues to be addressed since biometric data includes sensitive information. To alleviate these concerns, we design a privacy-preserving fingerprint authentication technique based on Diffie-Hellman (D-H) key exchange and secret sharing. We employ secret sharing scheme to securely distribute fragments of critical private information around a distributed network or group, which softens the burden of the template storage center (TSC) and the users. To ensure the security of template data, the user’s original fingerprint template is stored in ciphertext format in TSC. Furthermore, the D-H key exchange protocol allows TSC and the user to encrypt the fingerprint template in each query using a random one-time key, so as to protect the user’s data privacy. Security analysis indicates that our scheme enjoys indistinguishability against chosen-plaintext attacks and user anonymity. Through experimental analysis, we demonstrate that our scheme can provide secure and accurate remote fingerprint authentication.

scholarly journals To Find Your Location: Secure and Practical Point Location Scheme

2020 ◽  
Author(s):  
Jingjing Guo ◽  
Jiacong Sun
Keyword(s):  
Private Information ◽  
Data Privacy ◽  
High Efficiency ◽  
Security Analysis ◽  
Sensitive Information ◽  
Query Point ◽  
Point Location ◽  
Query Process ◽  
High Efficient ◽  
System Point

Abstract With the ubiquitous mobile devices and the advanced wireless communication, location-based service (LBS) helps people to enjoy a convenient lifestyle and has attracted numerous research interests. As a basic query process in LBS system, point location requires to find a region containing the query point. Since location belongs to sensitive information and also leads other private information leaked, it is urgent to design a secure and efficient point location scheme. In this paper, we propose a point location scheme named SecPL to protect sensitive information while supporting high efficient location query. Specifically, we introduce a LineTest scheme from asymmetric scalar-product-preserving encryption (ASPE) to facilitate the checking of whether a point lies above or below a line. Furthermore, the SecPL scheme is designed by leveraging LineTest and order-preserving encryption (OPE) scheme. Through detailed security analysis, we demonstrate that SecPL scheme achieves data privacy and query privacy at the same time. Finally, the performance evaluation demonstrates the high efficiency of the proposed SecPL scheme.

scholarly journals A New Design for Alignment-Free Chaffed Cancelable Iris Key Binding Scheme

Symmetry ◽  
2019 ◽  
Vol 11 (2) ◽  
pp. 164
Author(s):  
Tong-Yuen Chai ◽  
Bok-Min Goi ◽  
Yong-Haur Tay ◽  
and Zhe Jin
Keyword(s):  
Data Privacy ◽  
Iris Recognition ◽  
Large Scale ◽  
Security Analysis ◽  
Security And Privacy ◽  
Biometric Data ◽  
Alignment Free ◽  
Biometric Template ◽  
Significant Performance ◽  
Template Protection

Iris has been found to be unique and consistent over time despite its random nature. Unprotected biometric (iris) template raises concerns in security and privacy, as numerous large-scale iris recognition projects have been deployed worldwide—for instance, susceptibility to attacks, cumbersome renewability, and cross-matching. Template protection schemes from biometric cryptosystems and cancelable biometrics are expected to restore the confidence in biometrics regarding data privacy, given the great advancement in recent years. However, a majority of the biometric template protection schemes have uncertainties in guaranteeing criteria such as unlinkability, irreversibility, and revocability, while maintaining significant performance. Fuzzy commitment, a theoretically secure biometric key binding scheme, is vulnerable due to the inherent dependency of the biometric features and its reliance on error correction code (ECC). In this paper, an alignment-free and cancelable iris key binding scheme without ECC is proposed. The proposed system protects the binary biometric data, i.e., IrisCodes, from security and privacy attacks through a strong and size varying non-invertible cancelable transform. The proposed scheme provides flexibility in system storage and authentication speed via controllable hashed code length. We also proposed a fast key regeneration without either re-enrollment or constant storage of seeds. The experimental results and security analysis show the validity of the proposed scheme.

scholarly journals PAS: An Efficient Privacy-Preserving Multidimensional Aggregation Scheme for Smart Grid

2015 ◽  
Vol 2015 ◽  
pp. 1-12 ◽  
Author(s):  
Hui Zhu ◽  
Fen Liu ◽  
Rong Yan ◽  
Hui Li
Keyword(s):  
Smart Grid ◽  
Power Consumption ◽  
Privacy Preservation ◽  
Security Analysis ◽  
Privacy Preserving ◽  
Security And Privacy ◽  
Communication Overhead ◽  
Sensitive Information ◽  
Aggregation Scheme ◽  
Operation Center

As a convergence of traditional power system engineering and information technology, smart grid, which can provide convenient environment of operation and management for the power provider, has attracted considerable interest recently. However, the flourish of smart grid is still facing many challenges in data security and privacy preservation. In this paper, we propose an efficient privacy-preserving multidimensional aggregation scheme for smart grid, called PAS. Without disclosing the privacy-sensitive information (e.g., identity and power consumption) of users, the operation center can obtain the number of users and power consumption at each step in different dimensions. Based on an improved Paillier cryptosystem, the operation center can acquire more valid information to regulate the generated energy, and an efficient anonymous authentication scheme is employed to protect the privacy of user’s identity from the regional center. Detailed security analysis shows the security and privacy-preserving ability of PAS. In addition, performance evaluations via extensive simulations demonstrate that PAS is implemented with great efficiency for smart grid in terms of computation and communication overhead.

scholarly journals Security and privacy concerned association rule mining technique for the accurate frequent pattern identification

2017 ◽  
Vol 7 (1.1) ◽  
pp. 19
Author(s):  
T. Nusrat Jabeen ◽  
M. Chidambaram ◽  
G. Suseendran
Keyword(s):  
Association Rule ◽  
Association Rule Mining ◽  
Frequent Pattern ◽  
Security And Privacy ◽  
Sensitive Information ◽  
Simulation Environment ◽  
Rule Mining ◽  
Mining Technique ◽  
Diffie Hellman

Security and privacy has emerged to be a serious concern in which the business professional don’t desire to share their classified transaction data. In the earlier work, secured sharing of transaction databases are carried out. The performance of those methods is enhanced further by bringing in Security and Privacy aware Large Database Association Rule Mining (SPLD-ARM) framework. Now the Improved Secured Association Rule Mining (ISARM) is introduced for the horizontal and vertical segmentation of huge database. Then k-Anonymization methods referred to as suppression and generalization based Anonymization method is employed for privacy guarantee. At last, Diffie-Hellman encryption algorithm is presented in order to safeguard the sensitive information and for the storage service provider to work on encrypted information. The Diffie-Hellman algorithm is utilized for increasing the quality of the system on the overall by the generation of the secured keys and thus the actual data is protected more efficiently. Realization of the newly introduced technique is conducted in the java simulation environment that reveals that the newly introduced technique accomplishes privacy in addition to security.

scholarly journals Privacy-Preserving Sorting Algorithms Based on Logistic Map for Clouds

2018 ◽  
Vol 2018 ◽  
pp. 1-10
Author(s):  
Hua Dai ◽  
Hui Ren ◽  
Zhiye Chen ◽  
Geng Yang ◽  
Xun Yi
Keyword(s):  
Data Privacy ◽  
Logistic Map ◽  
Security Analysis ◽  
Privacy Preserving ◽  
Service Recommendation ◽  
Sensitive Data ◽  
Encrypted Data ◽  
Sorting Algorithms ◽  
Common Operation ◽  
Cloud Servers

Outsourcing data in clouds is adopted by more and more companies and individuals due to the profits from data sharing and parallel, elastic, and on-demand computing. However, it forces data owners to lose control of their own data, which causes privacy-preserving problems on sensitive data. Sorting is a common operation in many areas, such as machine learning, service recommendation, and data query. It is a challenge to implement privacy-preserving sorting over encrypted data without leaking privacy of sensitive data. In this paper, we propose privacy-preserving sorting algorithms which are on the basis of the logistic map. Secure comparable codes are constructed by logistic map functions, which can be utilized to compare the corresponding encrypted data items even without knowing their plaintext values. Data owners firstly encrypt their data and generate the corresponding comparable codes and then outsource them to clouds. Cloud servers are capable of sorting the outsourced encrypted data in accordance with their corresponding comparable codes by the proposed privacy-preserving sorting algorithms. Security analysis and experimental results show that the proposed algorithms can protect data privacy, while providing efficient sorting on encrypted data.

scholarly journals An Efficient and Privacy-Preserving Biometric Identification Scheme Based on the FITing-Tree

2021 ◽  
Vol 2021 ◽  
pp. 1-15
Author(s):  
Xiaopeng Yang ◽  
Hui Zhu ◽  
Songnian Zhang ◽  
Rongxing Lu ◽  
Xuesong Gao
Keyword(s):  
Homomorphic Encryption ◽  
Security Analysis ◽  
Privacy Preserving ◽  
Biometric Identification ◽  
Large Dataset ◽  
Biometric Data ◽  
Communication Costs ◽  
Identification Scheme ◽  
Biometric Template ◽  
Cloud Servers

Biometric identification services have been applied to almost all aspects of life. However, how to securely and efficiently identify an individual in a huge biometric dataset is still very challenging. For one thing, biometric data is very sensitive and should be kept secure during the process of biometric identification. On the other hand, searching a biometric template in a large dataset can be very time-consuming, especially when some privacy-preserving measures are adopted. To address this problem, we propose an efficient and privacy-preserving biometric identification scheme based on the FITing-tree, iDistance, and a symmetric homomorphic encryption (SHE) scheme with two cloud servers. With our proposed scheme, the privacy of the user’s identification request and service provider’s dataset is guaranteed, while the computational costs of the cloud servers in searching the biometric dataset can be kept at an acceptable level. Detailed security analysis shows that the privacy of both the biometric dataset and biometric identification request is well protected during the identification service. In addition, we implement our proposed scheme and compare it to a previously reported M-Tree based privacy-preserving identification scheme in terms of computational and communication costs. Experimental results demonstrate that our proposed scheme is indeed efficient in terms of computational and communication costs while identifying a biometric template in a large dataset.

Toward Responsible AI: An Overview of Federated Learning for User-centered Privacy-preserving Computing

2021 ◽  
Vol 11 (3-4) ◽  
pp. 1-22
Author(s):  
Qiang Yang
Keyword(s):  
Private Information ◽  
High Performance ◽  
Privacy Preserving ◽  
Security And Privacy ◽  
Brute Force ◽  
New Paradigm ◽  
User Privacy ◽  
Data Governance ◽  
Incentive Mechanisms ◽  
Rule Out

With the rapid advances of Artificial Intelligence (AI) technologies and applications, an increasing concern is on the development and application of responsible AI technologies. Building AI technologies or machine-learning models often requires massive amounts of data, which may include sensitive, user private information to be collected from different sites or countries. Privacy, security, and data governance constraints rule out a brute force process in the acquisition and integration of these data. It is thus a serious challenge to protect user privacy while achieving high-performance models. This article reviews recent progress of federated learning in addressing this challenge in the context of privacy-preserving computing. Federated learning allows global AI models to be trained and used among multiple decentralized data sources with high security and privacy guarantees, as well as sound incentive mechanisms. This article presents the background, motivations, definitions, architectures, and applications of federated learning as a new paradigm for building privacy-preserving, responsible AI ecosystems.

A Generic Privacy Breach Preventing Methodology for Cloud Based Web Service

2015 ◽  
pp. 426-458 ◽  
Author(s):  
S. R. Murugaiyan ◽  
D. Chandramohan ◽  
T. Vengattaraman ◽  
P. Dhavachelvan
Keyword(s):  
Private Information ◽  
Data Privacy ◽  
Privacy Preserving ◽  
Digital Data ◽  
Cloud Data ◽  
Privacy Breach ◽  
Cloud Data Storage ◽  
User Data ◽  
Information Technology Development ◽  
User Data Privacy

The present focuses on the Cloud storage services are having a critical issue in handling the user's private information and its confidentiality. The User data privacy preserving is a vital facet of online storage in cloud computing. The information in cloud data storage is underneath, staid molests of baffling addict endeavor, and it may leads to user clandestine in a roar privacy breach. Moreover, privacy preservation is an indeed research pasture in contemporary information technology development. Preserving User Data in Cloud Service (PUDCS) happens due to the data privacy breach results to a rhythmic way of intruding high confidential digital storage area and barter those information into business by embezzle others information. This paper focuses on preventing (hush-hush) digital data using the proposed privacy preserving framework. It also describes the prevention of stored data and de-identifying unauthorized user attempts, log monitoring and maintaining it in the cloud for promoting allusion to providers and users.

scholarly journals An Efficient Identity-Based Conditional Privacy-Preserving Authentication Scheme for Secure Communication in a Vehicular Ad Hoc Network

Symmetry ◽  
2020 ◽  
Vol 12 (10) ◽  
pp. 1687 ◽  
Author(s):  
Mahmood A. Al-shareeda ◽  
Mohammed Anbar ◽  
Selvakumar Manickam ◽  
Iznan H. Hasbullah
Keyword(s):  
Secure Communication ◽  
Large Scale ◽  
Ad Hoc ◽  
Privacy Preserving ◽  
Authentication Scheme ◽  
Security And Privacy ◽  
Group Signature ◽  
Side Channel ◽  
Sensitive Information ◽  
Identity Based

The security and privacy issues in vehicular ad hoc networks (VANETs) are often addressed with schemes based on either public key infrastructure, group signature, or identity. However, none of these schemes appropriately address the efficient verification of multiple VANET messages in high-density traffic areas. Attackers could obtain sensitive information kept in a tamper-proof device (TPD) by using a side-channel attack. In this paper, we propose an identity-based conditional privacy-preserving authentication scheme that supports a batch verification process for the simultaneous verification of multiple messages by each node. Furthermore, to thwart side-channel attacks, vehicle information in the TPD is periodically and frequently updated. Finally, since the proposed scheme does not utilize the bilinear pairing operation or the Map-To-Point hash function, its performance outperforms other schemes, making it viable for large-scale VANETs deployment.

scholarly journals Privacy-Preserving Process Mining in Healthcare

2020 ◽  
Vol 17 (5) ◽  
pp. 1612 ◽  
Author(s):  
Anastasiia Pika ◽  
Moe T. Wynn ◽  
Stephanus Budiono ◽  
Arthur H.M. ter Hofstede ◽  
Wil M.P. van der Aalst ◽  
...  
Keyword(s):  
Data Mining ◽  
Data Privacy ◽  
Process Mining ◽  
Personal Data ◽  
Data Transformation ◽  
Privacy Preserving ◽  
Sensitive Information ◽  
Process Data ◽  
Mining Community ◽  
Healthcare Process

Process mining has been successfully applied in the healthcare domain and has helped to uncover various insights for improving healthcare processes. While the benefits of process mining are widely acknowledged, many people rightfully have concerns about irresponsible uses of personal data. Healthcare information systems contain highly sensitive information and healthcare regulations often require protection of data privacy. The need to comply with strict privacy requirements may result in a decreased data utility for analysis. Until recently, data privacy issues did not get much attention in the process mining community; however, several privacy-preserving data transformation techniques have been proposed in the data mining community. Many similarities between data mining and process mining exist, but there are key differences that make privacy-preserving data mining techniques unsuitable to anonymise process data (without adaptations). In this article, we analyse data privacy and utility requirements for healthcare process data and assess the suitability of privacy-preserving data transformation methods to anonymise healthcare data. We demonstrate how some of these anonymisation methods affect various process mining results using three publicly available healthcare event logs. We describe a framework for privacy-preserving process mining that can support healthcare process mining analyses. We also advocate the recording of privacy metadata to capture information about privacy-preserving transformations performed on an event log.

Sign in / Sign up

Export Citation Format

Share Document