No Arabic abstract
Mobile location-based services (LBSs) empowered by mobile crowdsourcing provide users with context-aware intelligent services based on user locations. As smartphones are capable of collecting and disseminating massive user location-embedded sensing information, privacy preservation for mobile users has become a crucial issue. This paper proposes a metric called privacy exposure to quantify the notion of privacy, which is subjective and qualitative in nature, in order to support mobile LBSs to evaluate the effectiveness of privacy-preserving solutions. This metric incorporates activity coverage and activity uniformity to address two primary privacy threats, namely activity hotspot disclosure and activity transition disclosure. In addition, we propose an algorithm to minimize privacy exposure for mobile LBSs. We evaluate the proposed metric and the privacy-preserving sensing algorithm via extensive simulations. Moreover, we have also implemented the algorithm in an Android-based mobile system and conducted real-world experiments. Both our simulations and experimental results demonstrate that (1) the proposed metric can properly quantify the privacy exposure level of human activities in the spatial domain and (2) the proposed algorithm can effectively cloak users activity hotspots and transitions at both high and low user-mobility levels.
The proliferation of smartphones has led to the increased popularity of location-based search and recommendation systems. Online platforms like Google and Yelp allow location-based search in the form of nearby feature to query for hotels or restaurants in the vicinity. Moreover, hotel booking platforms like Booking[dot]com, Expedia, or Trivago allow travelers searching for accommodations using either their desired location as a search query or near a particular landmark. Since the popularity of different locations in a city varies, certain locations may get more queries than other locations. Thus, the exposure received by different establishments at these locations may be very different from their intrinsic quality as captured in their ratings. Today, many small businesses (shops, hotels, or restaurants) rely on such online platforms for attracting customers. Thus, receiving less exposure than that is expected can be unfavorable for businesses. It could have a negative impact on their revenue and potentially lead to economic starvation or even shutdown. By gathering and analyzing data from three popular platforms, we observe that many top-rated hotels and restaurants get less exposure vis-a-vis their quality, which could be detrimental for them. Following a meritocratic notion, we define and quantify such exposure disparity due to location-based searches on these platforms. We attribute this exposure disparity mainly to two kinds of biases -- Popularity Bias and Position Bias. Our experimental evaluation on multiple datasets reveals that although the platforms are doing well in delivering distance-based results, exposure disparity exists for individual businesses and needs to be reduced for business sustainability.
With the advent of the Internet-of-Things (IoT), vehicular networks and cyber-physical systems, the need for real-time data processing and analysis has emerged as an essential pre-requite for customers satisfaction. In this direction, Mobile Edge Computing (MEC) provides seamless services with reduced latency, enhanced mobility, and improved location awareness. Since MEC has evolved from Cloud Computing, it inherited numerous security and privacy issues from the latter. Further, decentralized architectures and diversified deployment environments used in MEC platforms also aggravate the problem; causing great concerns for the research fraternity. Thus, in this paper, we propose an efficient and lightweight mutual authentication protocol for MEC environments; based on Elliptic Curve Cryptography (ECC), one-way hash functions and concatenation operations. The designed protocol also leverages the advantages of discrete logarithm problems, computational Diffie-Hellman, random numbers and time-stamps to resist various attacks namely-impersonation attacks, replay attacks, man-in-the-middle attacks, etc. The paper also presents a comparative assessment of the proposed scheme relative to the current state-of-the-art schemes. The obtained results demonstrate that the proposed scheme incurs relatively less communication and computational overheads, and is appropriate to be adopted in resource constraint MEC environments.
Driven by emerging tolerance-critical use cases of future communication networks, the demand on cloud computing service providers for their reliable and timely service delivery is to dramatically increase in the upcoming era. Advanced techniques to resolve the congestion of task queues are therefore called for. In this study we propose to rely on the impatient behavior of cloud service tenants towards a distributed risk-based queue management, which enables a profitability-sensitive task dropping while protecting the tenants data privacy. Regarding the service providers data privacy, we propose a dynamic online learning scheme, which allows the tenant to learn the queue dynamics from an adaptive number of observations on its own position in queue, so as to make a rational decision of impatient behavior.
With an enormous range of applications, Internet of Things (IoT) has magnetized industries and academicians from everywhere. IoT facilitates operations through ubiquitous connectivity by providing Internet access to all the devices with computing capabilities. With the evolution of wireless infrastructure, the focus from simple IoT has been shifted to smart, connected and mobile IoT (M-IoT) devices and platforms, which can enable low-complexity, low-cost and efficient computing through sensors, machines, and even crowdsourcing. All these devices can be grouped under a common term of M-IoT. Even though the positive impact on applications has been tremendous, security, privacy and trust are still the major concerns for such networks and an insufficient enforcement of these requirements introduces non-negligible threats to M-IoT devices and platforms. Thus, it is important to understand the range of solutions which are available for providing a secure, privacy-compliant, and trustworthy mechanism for M-IoT. There is no direct survey available, which focuses on security, privacy, trust, secure protocols, physical layer security and handover protections in M-IoT. This paper covers such requisites and presents comparisons of state-the-art solutions for IoT which are applicable to security, privacy, and trust in smart and connected M-IoT networks. Apart from these, various challenges, applications, advantages, technologies, standards, open issues, and roadmap for security, privacy and trust are also discussed in this paper.
Location-based queries enable fundamental services for mobile road network travelers. While the benefits of location-based services (LBS) are numerous, exposure of mobile travelers location information to untrusted LBS providers may lead to privacy breaches. In this paper, we propose StarCloak, a utility-aware and attack-resilient approach to building a privacy-preserving query system for mobile users traveling on road networks. StarCloak has several desirable properties. First, StarCloak supports user-defined k-user anonymity and l-segment indistinguishability, along with user-specified spatial and temporal utility constraints, for utility-aware and personalized location privacy. Second, unlike conventional solutions which are indifferent to underlying road network structure, StarCloak uses the concept of stars and proposes cloaking graphs for effective location cloaking on road networks. Third, StarCloak achieves strong attack-resilience against replay and query injection-based attacks through randomized star selection and pruning. Finally, to enable scalable query processing with high throughput, StarCloak makes cost-aware star selection decisions by considering query evaluation and network communication costs. We evaluate StarCloak on two real-world road network datasets under various privacy and utility constraints. Results show that StarCloak achieves improved query success rate and throughput, reduced anonymization time and network usage, and higher attack-resilience in comparison to XStar, its most relevant competitor.