The vehicular fog is a relatively new computing paradigm where fog computing works with the vehicular network. It provides computation, storage, and location-aware services with low latency to the vehicles in close proximity. A vehicular fog network can be formed on-the-fly by adding underutilized or unused resources of nearby parked or moving vehicles. Interested vehicles can outsource their resources or data by being added to the vehicular fog network while maintaining proper security and privacy. Client vehicles can use these resources or services for performing computation-intensive tasks, storing data, or getting crowdsource reports through the proper secure and privacy-preserving communication channel. As most vehicular network applications are latency and location sensitive, fog is more suitable than the cloud because of the capability of performing calculations with low latency, location awareness, and the support of mobility. Architecture, security, and privacy models of vehicular fog are not well defined and widely accepted yet as it is in its early stage. In this paper, we have analyzed existing studies on vehicular fog to determine the requirements and issues related to the architecture, security, and privacy of vehicular fog computing. We have also identified and highlighted the open research problems in this promising area.
more »
« less
Privacy-aware Task Allocation and Data Aggregation in Fog-assisted Spatial Crowdsourcing
Spatial crowdsourcing (SC) enables task owners (TOs) to outsource spatial-related tasks to a SC-server who engages mobile users in collecting sensing data at some specified locations with their mobile devices. Data aggregation, as a specific SC task, has drawn much attention in mining the potential value of the massive spatial crowdsensing data. However, the release of SC tasks and the execution of data aggregation may pose considerable threats to the privacy of TOs and mobile users, respectively. Besides, it is nontrivial for the SC-server to allocate numerous tasks efficiently and accurately to qualified mobile users, as the SC-server has no knowledge about the entire geographical user distribution. To tackle these issues, in this paper, we introduce a fog-assisted SC architecture, in which many fog nodes deployed in different regions can assist the SC-server to distribute tasks and aggregate data in a privacy-aware manner. Specifically, a privacy-aware task allocation and data aggregation scheme (PTAA) is proposed leveraging bilinear pairing and homomorphic encryption. PTAA supports representative aggregate statistics (e.g.,sum, mean, variance, and minimum) with efficient data update while providing strong privacy protection. Security analysis shows that PTAA can achieve the desirable security goals. Extensive experiments also demonstrate its feasibility and efficiency.
more »
« less
- PAR ID:
- 10096002
- Date Published:
- Journal Name:
- IEEE Transactions on Network Science and Engineering
- ISSN:
- 2334-329X
- Page Range / eLocation ID:
- 1 to 1
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
In an IoP environment, edge computing has been proposed to address the problems of resource limitations of edge devices such as smartphones as well as the high-latency, user privacy exposure and network bottleneck that the cloud computing platform solutions incur. This paper presents a context management framework comprised of sensors, mobile devices such as smartphones and an edge server to enable high performance, context-aware computing at the edge. Key features of this architecture include energy-efficient discovery of available sensors and edge services for the client, an automated mechanism for task planning and execution on the edge server, and a dynamic environment where new sensors and services may be added to the framework. A prototype of this architecture has been implemented, and an experimental evaluation using two computer vision tasks as example services is presented. Performance measurement shows that the execution of the example tasks performs quite well and the proposed framework is well suited for an edge-computing environment.more » « less
-
The Domain Name System (DNS) is used in every website visit and e-mail transmission, so privacy is an obvious concern. In DNS, users ask recursive resolvers (or ``recursives'') to make queries on their behalf. Prior analysis of DNS privacy focused on privacy risks to individual end-users, mainly in traffic between users and recursives. Recursives cache and aggregate traffic for many users, factors that are commonly assumed to protect end-user privacy above the recursive. We document \emph{institutional privacy} as a new risk posed by DNS data collected at authoritative servers, even after caching and aggregation by DNS recursives. We are the first to demonstrate this risk by looking at leaks of e-mail exchanges which show communications patterns, and leaks from accessing sensitive websites, both of which can harm an institution's public image. We define a methodology to identify queries from institutions and identify leaks. We show the current practices of prefix-preserving anonymization of IP addresses and aggregation above the recursive are not sufficient to protect institutional privacy, suggesting the need for novel approaches. We demonstrate this claim by applying our methodology to real-world traffic from DNS servers that use partial prefix-preserving anonymization. Our work prompts additional privacy considerations for institutions that run their own resolvers and authoritative server operators that log and share DNS data.more » « less
-
more » « less
Abstract In many real-world applications, an untrusted aggregator (server) is required to collect privacy-sensitive data from the users (clients) to compute aggregate statistics on that data periodically. In Private Stream Aggregation (PSA), multiple data producers encrypt their data for a central party, which can then retrieve only the aggregate sum of the encrypted values, without access to any individual values. PSA enables untrusted aggregators to execute aggregation operations over privacy-critical data from multiple data sources. Traditionally, existing PSA schemes require the aggregator to interact with a trusted third party to achieve fault tolerance. However, this kind of
interactive recovery poses many security and practical vulnerabilities to achieve fault tolerance in real-world applications. This paper introduces a new formal PSA framework that ensures rigorous privacy guarantees for individual user inputs and achieves fault tolerance withnon-interactive recovery . Existing definitions for fault tolerance do not account for the impact of faults on security and cannot defend against residual function attacks. We define a new level of security for a non-interactive fault tolerance model with malicious adversaries that guarantees defense for such attacks during fault recovery. We present the first PSA protocol that provably achieves this new level of security. Our techniques are versatile and can be used to enhance any existing PSA scheme to safely recover from faults in a non-interactive manner. We employ our proposed framework and use trusted hardware, cryptographic hashing, and p-ary trees to develop a protocol that achieves significant improvements in scalability and communication efficiency. Our proposed protocol is about 3$$\times$$ -
null (Ed.)Security is a huge challenge in vehicular networks due to the large size of the network, high mobility of nodes, and continuous change of network topology. These challenges are also applicable to the vehicular fog, which is a new computing paradigm in the context of vehicular networks. In vehicular fog computing, the vehicles serve as fog nodes. This is a promising model for latency-sensitive and location-aware services, which also incurs some unique security and privacy issues. However, there is a lack of a systematic approach to design security solutions of the vehicular fog using a comprehensive threat model. Threat modeling is a step-by-step process to analyze, identify, and prioritize all the potential threats and vulnerabilities of a system and solve them with known security solutions. A well-designed threat model can help to understand the security and privacy threats, vulnerabilities, requirements, and challenges along with the attacker model, the attack motives, and attacker capabilities. Threat model analysis in vehicular fog computing is critical because only brainstorming and threat models of other vehicular network paradigms will not provide a complete scenario of potential threats and vulnerabilities. In this paper, we have explored the threat model of vehicular fog computing and identified the threats and vulnerabilities using STRIDE and CIAA threat modeling processes. We posit that this initiative will help to improve the security and privacy system design of vehicular fog computing.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Journal Article:
- https://doi.org/10.1109/TNSE.2019.2892583
