We will review some of the major results in random graphs and some of the more challenging open problems. We will cover algorithmic and structural questions. We will touch on newer models, including those related to the WWW.

Random graphs

Modern cyber physical systems (CPSs) has widely being used in our daily lives because of development of information and communication technologies (ICT). With the provision of CPSs, the security and privacy threats associated to these systems are also increasing. Passive attacks are being used by intruders to get access to private information of CPSs. In order to make CPSs data more secure, certain privacy preservation strategies such as encryption, and k-anonymity have been presented in the past. However, with the advances in CPSs architecture, these techniques also need certain modifications. Meanwhile, differential privacy emerged as an efficient technique to protect CPSs data privacy. In this paper, we present a comprehensive survey of differential privacy techniques for CPSs. In particular, we survey the application and implementation of differential privacy in four major applications of CPSs named as energy systems, transportation systems, healthcare and medical systems, and industrial Internet of things (IIoT). Furthermore, we present open issues, challenges, and future research direction for differential privacy techniques for CPSs. This survey can serve as basis for the development of modern differential privacy techniques to address various problems and data privacy scenarios of CPSs.

Differential Privacy Techniques for Cyber Physical Systems: A Survey

Autonomous vehicles (AVs) are increasingly common, although there remain a number of limitations that need to be addressed in order for their deployment to be more widespread. For example, to mitigate the failure of self-driving functions in AVs, introducing the remote control capability (which allows a human driver to operate the vehicle remotely in certain circumferences) is one of several countermeasures proposed. However, the remote control capability breaks the isolation of onboard driving systems and can be potentially exploited by malicious actors to take over control of the AVs; thus, risking the safety of the passengers and pedestrians (e.g., AVs are remotely taken over by terrorist groups to carry out coordinated attacks in places of mass gatherings). Therefore, security is a key, mandatory feature in the design of AVs. In this paper, we propose a cloud-centric three-factor authentication and key agreement protocol (CT-AKA) integrating passwords, biometrics and smart cards to ensure secure access to both cloud and AVs. Three typical biometric encryption approaches, including fuzzy vault, fuzzy commitment, and fuzzy extractor, are unified to achieve three-factor authentication without leaking the biometric privacy of users. Moreover, two session keys are negotiated in our protocol, namely: one between the user and AV to support secure remote control of the AV, and the other is negotiated between the mobile device and the cloud to introduce resilience to the compromise of ephemeral security parameters to ensure cloud data access security with a high security guarantee. Finally, we formally verify the security properties and evaluate the efficiency of CT-AKA, whose findings demonstrate that the protocol achieves high security strength with reasonable computation and communication costs.

Unified Biometric Privacy Preserving Three-Factor Authentication and Key Agreement for Cloud-Assisted Autonomous Vehicles

With the rapid digitalization of various industries, mobile crowdsensing (MCS), an intelligent data collection and processing paradigm of the industrial Internet of Things, has provided a promising opportunity to construct powerful industrial systems and provide industrial services. The existing unified privacy strategy for all sensing data results in excessive or insufficient protection and low quality of crowdsensing services (QoCS) in MCS. To tackle this issue, in this article we propose a personalized privacy protection (PERIO) framework based on game theory and data encryption. Initially, we design a personalized privacy measurement algorithm to calculate users’ privacy level, which is then combined with game theory to construct a rational uploading strategy. Furthermore, we propose a privacy-preserving data aggregation scheme to ensure data confidentiality, integrity, and real-timeness. Theoretical analysis and ample simulations with real trajectory dataset indicate that the PERIO scheme is effective and makes a reasonable balance between retaining high QoCS and privacy.

A Personalized Privacy Protection Framework for Mobile Crowdsensing in IIoT

The Internet of Things (IoT) enables all objects to connect to the Internet and exchange data via different emerging technologies, which makes the intelligent identification and management a reality. Wireless sensor networks (WSNs), as a crucial basis of IoT, have been applied in many fields like smart health care and smart transportation. With the development of WSNs, data security has attracted more and more attention, and user authentication is a popular mechanism to ensure the information security of WSNs. Recently, many authentication mechanisms for wireless medical sensor networks (WMSNs) have been proposed, but most of the protocols cannot achieve the features of local password change and forward secrecy while resisting stolen smart card attack. To enhance the security based on previous work, an ECC-based secure three-factor authentication protocol with forward secrecy for WMSN is proposed in this paper. It utilizes a fuzzy commitment scheme to handle the biometric information. Meanwhile, fuzzy verifier and honey_list techniques are used to solve the contradiction of local password verification and mobile device lost attack. The security of our protocol is evaluated by provable security, Proverif tool, and information analysis. Besides, the comparisons with the relevant protocols are given, and the results indicate that our protocol is robust and secure for WMSN systems.

A Secure Three-Factor User Authentication Protocol With Forward Secrecy for Wireless Medical Sensor Network Systems

Efficient end-to-end authentication protocol for wearable health monitoring systems☆

Since the dummy-based method can provide precise query results without any requirement for a third party or key sharing, it has been widely used to protect the user's location privacy in location-based services. However, the neighboring location sets submitted in consecutive requests always include a close spatiotemporal correlation, which enables the adversary to identify some dummies. Therefore, the existing dummy-based schemes cannot protect the user's location privacy completely. To solve this problem, based on the dummies generated by the existing schemes, this paper filters out the dummies that can be identified by taking into account of the spatiotemporal correlation from three aspects, namely time reachability, direction similarity and in-degree/out-degree. In this way, the rest dummies can satisfy the user's personalized privacy protection requirement. Security analysis shows that the proposed scheme successfully perturbs the spatiotemporal correlation between neighboring location sets, therefore, it is infeasible for the adversary to distinguish the user's real location from the dummies. Furthermore, extensive experiments indicate that the proposal is able to protect the user's location privacy effectively and efficiently.

Spatiotemporal correlation-aware dummy-based privacy protection scheme for location-based services

Ciphertext-policy attribute-based encryption (CP-ABE) is widely used in fine-grained access control to achieve the secure data sharing. However, most of the existing CP-ABE access control schemes involve intermediary entities, which might suffer from a high trust-building cost, single point of failure and so on. Due to the decentralization and transparency of blockchain, some blockchain-based access control schemes are proposed to address these problems, but bring new challenges, such as the privacy leakage of access policy or attribute. In this paper, we propose a new trustworthy secure ciphertext-policy and attribute hiding access control scheme based on blockchain, named TrustAccess, to achieve trustworthy access while guaranteeing the privacy of policy and attribute. For one thing, to make the existing hidden policy CP-ABE more efficient and scalable for blockchain, we propose an optimized hidden policy CP-ABE, named OHP-CP-ABE, to ensure policy privacy while satisfying the large universe access requirement. For another thing, we use the multiplicative homomorphic ElGamal cryptosystem to ensure the attribute privacy during authorization validation. Finally, we theoretically prove the security of our TrustAccess from the aspects of blockchain operations and OHP-CP-ABE. Comprehensive comparisons and extensive experiments are conducted to demonstrate the advantages of our TrustAccess.

Xindi Ma

Papers

Unified Biometric Privacy Preserving Three-Factor Authentication and Key Agreement for Cloud-Assisted Autonomous Vehicles

Efficient end-to-end authentication protocol for wearable health monitoring systems☆

Spatiotemporal correlation-aware dummy-based privacy protection scheme for location-based services

TrustAccess: A Trustworthy Secure Ciphertext-Policy and Attribute Hiding Access Control Scheme Based on Blockchain

Three-factor authentication protocol using physical unclonable function for IoV