Ahmad Sabouri

PEPPeR: A Querier’s Privacy Enhancing Protocol for PaRticipatory Sensing

In this work we study the problem of querier privacy in the Participatory Sensing domain. While prior work has attempted to protect the privacy of people contributing sensing data from their mobile phones, little or no work has focused on the problem of querier privacy. Motivated by a novel communication model in which clients may directly query participatory sensing networks operated by potentially untrusted adversaries, we propose PEPPeR, a protocol for privacy-preserving access control in participatory sensing applications that focuses on the privacy of the querier. Contrary to past solutions, PEPPeR enables queriers to have access to the data provided by participating users without placing any trust in third parties or reducing the scope of queries. Additionally, our approach naturally extends the traditional pull/push models of participatory sensing and integrates nicely with mobile social networks, a new breed of sensing which combines mobile sensor devices with personal sensing environments.

Attribute-Based Credentials for Trust (ABC4Trust)

The rapid growth of communication infrastructures and enterprise software solutions has caused electronic services to penetrate into our everyday life. So it is not far from reality that many personal and trust-sensitive transactions happen online. In this regard, one of the biggest challenges to deal with will be proper user authentication and access control, as strong authentication and authorization techniques used nowadays are double-edged swords: while they can protect service providers by offering a satisfactory level of resilience against unauthorized accesses, most of these technologies have the drawback of threatening the clients’ privacy.

Attribute-based Credentials for Trust

The need for information privacy and security continues to grow and gets increasingly recognized. In this regard, Privacy-preserving Attribute-based Credentials (Privacy-ABCs) are elegant techniques to provide secure yet privacy-respecting access control. This book addresses the federation and interchangeability of Privacy-ABC technologies. It defines a common, unified architecture for Privacy-ABC systems that allows their respective features to be compared and combined Further, this book presents open reference implementations of selected Privacy-ABC systems and explains how to deploy them in actual production pilots, allowing provably accredited members of restricted communities to provide anonymous feedback on their community or its members. To date, credentials such as digitally signed pieces of personal information or other information used to authenticate or identify a user have not been designed to respect the users privacy. They inevitably reveal the identity of the holder even though the application at hand often needs much less information, e.g. only the confirmation that the holder is a teenager or is eligible for social benefits. In contrast, Privacy-ABCs allow their holders to reveal only their minimal information required by the applications, without giving away their full identity information. Privacy-ABCs thus facilitate the implementation of a trustworthy and at the same time privacy-respecting digital society. The ABC4Trust project as a multidisciplinary and European project, gives a technological response to questions linked to data protection. Viviane Reding(Former Vice-president of the European Commission, Member of European Parliament)

ABC4Trust: Protecting Privacy in Identity Management by Bringing Privacy-ABCs into Real-Life

Security of the Identity Management system or privacy of the users? Why not both? Privacy-preserving Attribute-based Credentials (Privacy-ABCs) can cope with this dilemma and offer a basis for privacy-respecting Identity Management systems.

Privacy preservation schemes for querying wireless sensor networks

In this work we study the problem of query privacy in large scale sensor networks. Motivated by a novel trust model in which clients query networks owned by trusted entities but operated by potentially untrusted adversaries, we consider several proposals for protecting the identities of the queried sensors.

Understanding the Determinants of Privacy-ABC Technologies Adoption by Service Providers

As using online services penetrates deeper in our everyday life, lots of trust-sensitive transactions are carried out electronically. In this regard, a big challenge is to deal with proper user authentication and access control without threatening the users’ privacy. However, commonly used strong authentication schemes fail to address important privacy requirements. In this paper, we focus on an emerging type of digital certificates, known as Privacy-preserving Attribute-based Credentials (Privacy-ABCs), which allow privacy and security go hand-in-hand. So far, there has been no systematic study on the potential factors that have influence on the adoption of Privacy-ABCs by service providers. Thus, we developed a conceptual model of the relevant factors based on well-established theories and our practical experience with trialing Privacy-ABCs, and evaluated the model through expert surveys.

An Architecture for Privacy-ABCs

One of the main objectives of the ABC4Trust project was to define a common, unified architecture for Privacy-ABC systems to allow comparing their respective features and combining them into common platforms. The chapter presents an overview of features and concepts of Privacy-ABCs and introduces the architecture proposed by ABC4Trust, describing the layers and components as well as the highlevel APIs. We also present the language framework of ABC4Trust through an example scenario. Furthermore, this chapter investigates integration of Privacy-ABCs with the existing Identity Management protocols and also analyses the required trust relationships in the ecosystem of Privacy-ABCs.

Trust Relationships in Privacy-ABCs’ Ecosystems

— Privacy Preserving Attribute-based Credentials (Privacy-ABCs) are elegant techniques to offer strong authentication and a high level of security to the service providers, while users’ privacy is preserved. Users can obtain certified attributes in the form of Privacy-ABCs, and later derive unlinkable tokens that only reveal the necessary subset of information needed by the service providers. Therefore, Privacy-ABCs open a new way towards privacy-friendly identity management systems. In this regards, considerable effort has been made to analyse Privacy-ABCs , design a generic architecture model, and verify it in pilot environments within the ABC4Trust EU project. However, before the technology adopters try to deploy such an architecture, they would need to have a clear understanding of the required trust relationships.

Comparison of Mechanisms

In this chapter we compare Privacy-ABC schemes based on the security, functionality and efficiency they offer. The aim of this is to help researchers and application developers choose an schemes and parameters most suitable for their application.

Privacy-ABCs to Leverage Identity Management as a Service

Along with the rapid growth in adoption of cloud services, there have been developments towards a new emerging concept, called Identity Management as a Service. As the internal IT systems were not designed for externals, the IT solutions from the cloud can solve the challenges of connecting the enterprises to the outer world and consequently, bring all the benefits of the cloud-based services to them.