=Paper=
{{Paper
|id=Vol-2482/paper18
|storemode=property
|title=Data Security and Privacy on Intelligent Environments
|pdfUrl=https://ceur-ws.org/Vol-2482/paper18.pdf
|volume=Vol-2482
|authors=Leandro Marin
|dblpUrl=https://dblp.org/rec/conf/cikm/Marin18
}}
==Data Security and Privacy on Intelligent Environments==
https://ceur-ws.org/Vol-2482/paper18.pdf
Data Security and Privacy on Intelligent Environments
Leandro Marin
Area of Applied Mathemetics (DITEC)
Faculty of Computer Science
University of Murcia
leandro@um.es
information between these safe computers, the security
level could be consider high.
Abstract The reduction of the number of trusted users and
strong restrictions on the software and hardware used
In this paper we present some of the problems for the system can increase in the security level, but
related with the data protection and privacy the price paid is the reduction of the usability and
on intelligent environments and some of the nowadays, the technology is moving in the opposite
solutions that have been considered. direction.
Nowadays, the computers have been replaced by
1 Introduction much more complex intelligent environments, in which
it is almost impossible to have a control over the soft-
Information has always been an object of desire for ma- ware running in our system or the devices connected
licious attacker. This is not something new. We can to our network. It is not realistic to consider isolated
see multiple examples during the history, but nowa- environments or even ones in which only trusted users
days, intelligent environments are making the problem can manipulate the data. The great challenge is to
much more dangerous. balance security and usability.
We can divide the information management in three
different problems: storage, manipulation and trans- 2 Multiple faces, only one problem
port.
In the past, it could be enough to have the infor- We are going to consider some different cases that, at
mation hidden in a safe place and to reduce the num- the end, can be considered only one single problem:
ber of people allowed to manipulate the information to
zero or almost zero. The communication process was 2.1 Protection of Public Databases
based on cryptographic protocols applied by the peo-
Consider a database with registers linked to persons
ple allowed to manipulate the information under very
and some kind of medical information. It is clear
restrictive circumstances.
that the names and the ID-numbers are identifiers
On a first etage, computers replaced humans in that should be protected, but other information like
these tasks. This was not a big problem if the comput- postal codes or illness could be interesting to obtain
ers used are safe. In order to make a computer safe, the legitimate statistical information, for example, an ill-
first idea is to reduce to the minimum the interactions ness related with pollution levels in certain areas. The
of this computer with other computers or humans. If problem is that this information can reveal the actual
the computer is manipulated only by trusted users and identity of the patient.
we use strong cryptographic algorithms to transfer the
Copyright © CIKM 2018 for the individual papers by the papers'
2.2 Multiparty Computation
authors. Copyright © CIKM 2018 for the volume as a collection Consider the case of a group of two or more users
by its editors. This volume and its papers are published under that want to make some kind of computation based
the Creative Commons License Attribution 4.0 International (CC on common data, but without revealing to the oth-
BY 4.0). ers their own information. The typical example is the
Yao’s Millionaire Problem, in which two millionaire
�that want to know who is the richest without reveal- 3.5 Multiple Implementations
ing to the other the amount of money that they have.
In some cases, it is really impossible to generate safe
implementations. For example in the case of Internet
2.3 White Box Cryptography of Things. We can have a huge amount of computa-
Consider a program that should be able to make a tional devices with very limited resources and in that
computation using some kind of secret information. case, we can be sure that the security of some of our de-
The result can be given, but the secret information vices will be broken. If the information retrieved from
should not be revealed. During the computation, the one of these devices can be used to break the following
attacker has access to all memory positions. A typical ones, the damage can grow exponentially. So, it is bet-
example is the encryption of some kind of information ter to have multiple implementations that make the
without revealing the keys. information of one device, not usable to break other
ones.
3 Protection techniques 4 Conclusions
There are several techniques that can be used to pro- It is non longer reasonable to consider that informa-
tect the information: tion can be kept safe in isolated places. Multiple de-
vices collect information all around us, even inside our
3.1 Encryption own computers, cell phones or intelligent devices. Pre-
serving security and privacy in these environments is
This is probably the first idea that we can consider to a serious task and it is connecting different areas of
protect the information. This is a good solution when research.
the computation can be made in safe environments,
but it cannot be applied to all cases. For example, 4.0.1 Acknowledgements
the information in databases that should be used by
learning algorithms or partially modified by legitimate This research is partially financed by the project
users. Multiparty computation and white box environ- TIN2017-86885-R
ments are also a problem for standard encryptions.
References
3.2 Anonymized Data [1] Alfredo Cuzzocrea. Big Data Provenance:
State-Of-The-Art Analysis and Emerging
It is necessary to make the information useless to the
Research Challenges. In Workshop Proceed-
attacker, specially in the case of active attackers that
ings of the EDBT/ICDT 2016 Joint Confer-
can introduce records or information linking data, in
ence (March 15, 2016, Bordeaux, France)
order to make visible any transformation made in the
data. When the data is given in categories, it is pos- [2] Sjouke Mauw, Yunior Ramrez-Cruz,
sible to use a bijection as a method of anonymization. Rolando Trujillo-Rasua Anonymising
social graphs in the presence of active
3.3 Statistical Protection attackers. Transactions on Data Privacy 11
(2018) 169198
One of the ideas to protect information is to intro-
duce noise in order to make records indistinguishable. [3] Boaz Barak, Oded Goldreich, Russell Im-
Many of the definitions of privacy are given in terms of pagliazzo, Steven Rudich, Amit Sahai,
probability, so randomness seems to be a good choice, Salil P. Vadhan, and Ke Yang. On the
but this randomness should be introduced carefully in (im)possibility of obfuscating programs. In
order to avoid interferences with legitimate learning Joe Kilian, editor, Advances in Cryptology
algorithms. - CRYPTO 2001, 21st Annual International
Cryptology Conference, Santa Barbara, Cal-
3.4 Algebraic Protection ifornia, USA, August 19-23, 2001, Proceed-
ings, volume 2139 of Lecture Notes in Com-
Another fruitful method is to analyze the kind of le- puter Science, pages 1–18. Springer, 2001.
gitimate operations that should be performed on the
data to generate algebraic transformations compatible [4] Leandro Marin. White Box Implementa-
with the operations. For example, linear transforma- tions Using Non-Commutative Cryptogra-
tions are quite useful when the data should be added phy. Sensors. 19. 1122 (2019).
and multiplied by constants.
�