Antoni Martínez-Ballesté

Smart health: A context-aware health paradigm within smart cities

The new era of mobile health ushered in by the wide adoption of ubiquitous computing and mobile communications has brought opportunities for governments and companies to rethink their concept of healthcare. Simultaneously, the worldwide urbanization process represents a formidable challenge and attracts attention toward cities that are expected to gather higher populations and provide citizens with services in an efficient and human manner. These two trends have led to the appearance of mobile health and smart cities. In this article we introduce the new concept of smart health, which is the context-aware complement of mobile health within smart cities. We provide an overview of the main fields of knowledge that are involved in the process of building this new concept. Additionally, we discuss the main challenges and opportunities that s-Health would imply and provide a common ground for further research.

Efficient Remote Data Possession Checking in Critical Information Infrastructures

Checking data possession in networked information systems such as those related to critical infrastructures (power facilities, airports, data vaults, defense systems, etc.) is a matter of crucial importance. Remote data possession checking protocols permit to check that a remote server can access an uncorrupted file in such a way that the verifier does not need to know beforehand the entire file that is being verified. Unfortunately, current protocols only allow a limited number of successive verifications or are impractical from the computational point of view. In this paper, we present a new remote data possession checking protocol such that: 1) it allows an unlimited number of file integrity verifications; 2) its maximum running time can be chosen at set-up time and traded off against storage at the verifier.

Efficient multivariate data-oriented microaggregation

Microaggregation is a family of methods for statistical disclosure control (SDC) of microdata (records on individuals and/or companies), that is, for masking microdata so that they can be released while preserving the privacy of the underlying individuals. The principle of microaggregation is to aggregate original database records into small groups prior to publication. Each group should contain at least k records to prevent disclosure of individual information, where k is a constant value preset by the data protector. Recently, microaggregation has been shown to be useful to achieve k-anonymity, in addition to it being a good masking method. Optimal microaggregation (with minimum within-groups variability loss) can be computed in polynomial time for univariate data. Unfortunately, for multivariate data it is an NP-hard problem. Several heuristic approaches to microaggregation have been proposed in the literature. Heuristics yielding groups with fixed size k tends to be more efficient, whereas data-oriented heuristics yielding variable group size tends to result in lower information loss. This paper presents new data-oriented heuristics which improve on the trade-off between computational complexity and information loss and are thus usable for large datasets.

A TTP-free protocol for location privacy in location-based services

Location-based services (LBS) will be a keystone of the new information society that is founded on the information and communications technologies (ICTs). Mobile devices such as cell phones or laptops have become ubiquitous. They are equipped with a variety of localisation systems that make them proper for making use of the new LBS. Most of the times, these services are provided by a trusted company (e.g. a telecommunications company). However, the massive use of mobile devices pave the way for the creation of ad hoc wireless networks that can be used to exchange information based on locations. When the exchange of location information is done amongst untrusted parties, the privacy of the participants could be in jeopardy. In this paper we present a novel solution that guarantees the privacy of the users of LBS. Our technique is built up of several modules that progressively increase the privacy level of the users. Unlike the existing approaches, our proposal does not rely on a trusted third party (TTP) to anonymise the users and to guarantee their location privacy.

Discrimination prevention in data mining for intrusion and crime detection

Automated data collection has fostered the use of data mining for intrusion and crime detection. Indeed, banks, large corporations, insurance companies, casinos, etc. are increasingly mining data about their customers or employees in view of detecting potential intrusion, fraud or even crime. Mining algorithms are trained from datasets which may be biased in what regards gender, race, religion or other attributes. Furthermore, mining is often outsourced or carried out in cooperation by several entities. For those reasons, discrimination concerns arise. Potential intrusion, fraud or crime should be inferred from objective misbehavior, rather than from sensitive attributes like gender, race or religion. This paper discusses how to clean training datasets and outsourced datasets in such a way that legitimate classification rules can still be extracted but discriminating rules based on sensitive attributes cannot.

Privacy protection in location-based services through a public-key privacy homomorphism

Location-Based Services (LBS) can be accessed from a variety of mobile devices to obtain value added information related to the location of the user. Most of the times, these services are provided by a trusted company (e.g. a telecommunications company). However, the massive use of mobile devices pave the way for the creation of ad hoc wireless networks that can be used to exchange information based on locations. In the latter case, these LBS could be provided by an untrusted party. Sending the location to an untrusted LBS provider could put the privacy of the user in jeopardy. In this paper we propose a novel technique to guarantee the privacy of users of LBS. Our technique consists of several modules, but the highest degree of security is achieved thanks to the use of a public-key privacy homomorphism. Unlike the existing approaches, our proposal does not need any trusted third party to anonymise the users and only makes use of a public-key infrastructure.

Rule protection for indirect discrimination prevention in data mining

Services in the information society allow automatically and routinely collecting large amounts of data. Those data are often used to train classification rules in view of making automated decisions, like loan granting/denial, insurance premium computation, etc. If the training datasets are biased in what regards sensitive attributes like gender, race, religion, etc., discriminatory decisions may ensue. Direct discrimination occurs when decisions are made based on biased sensitive attributes. Indirect discrimination occurs when decisions are made based on non-sensitive attributes which are strongly correlated with biased sensitive attributes. This paper discusses how to clean training datasets and outsourced datasets in such a way that legitimate classification rules can still be extracted but indirectly discriminating rules cannot.

Fast generation of accurate synthetic microdata

Generation of a synthetic microdata set that reproduces the statistical properties of an original microdata set is a promising approach to statistical disclosure control (SDC) of microdata. In this paper, a new method for generating continuous synthetic microdata is proposed. The covariance matrix and the univariate statistics of the original data set are exactly preserved. The method is non-iterative and its complexity grows linearly with the number of records to be protected.

Privacy in Statistical Databases: k-Anonymity Through Microaggregation

The amount of computer-stored information is growing faster with each passing day. This growth and the way in which the stored data are accessed through a variety of channels have raised the alarm about the protection of the individual privacy of the respondents whose data are being collected and stored. On the one hand, data should be available to researchers and statistical agencies so that the necessary research and planning activities can be conducted. However, on the other hand, the right of respondents to privacy must be protected. Statistical disclosure control (SDC) is the discipline which cares about keeping a balance between data access and privacy protection. k-Anonymity is one particular approach to SDC for individual data (microdata): the record corresponding to a specific respondent is k-anonymous if an intruder can at best link the record to a group of k respondents containing the correct one. This paper surveys the use of a special clustering technique called microaggregation to provide k-anonymity.

Multivariate Microaggregation Based Genetic Algorithms

Microaggregation is a clustering problem with cardinality constraints that originated in the area of statistical disclosure control for micro data. This article presents a method for multivariate microaggregation based on genetic algorithms (GA). The adaptations required to characterize the multivariate microaggregation problem are explained and justified. Extensive experimentation has been carried out with the aim of finding the best values for the most relevant parameters of the modified GA: the population size and the crossover and mutation rates. The experimental results demonstrate that our method finds the optimal solution to the problem in almost all experiments when working with small data sets. Thus, for small data sets the proposed method performs better than known polynomial heuristics and can be combined with these for larger data sets. Moreover, a sensitivity analysis of parameter values is reported which shows the influence of the parameters and their best values