Privacy-Enhanced Android for Smart Cities Applications

  title={Privacy-Enhanced Android for Smart Cities Applications},
  author={Matt Lepinski and David Levin and Daniel McCarthy and Ronald J. Watro and Michael N. Lack and Daniel A. Hallenbeck and David Slater},
Many Smart Cities applications will collect data from and otherwise interact with the mobile devices of individual users. In the past, it has been difficult to assure users that smart applications will protect their private data and use the data only for the application’s intended purpose. The current paper describes a plan for developing Privacy-Enhanced Android, an extension of the current Android OS with new privacy features based on homomorphic and functional encryption and Secure… 

Security, Privacy and Risks Within Smart Cities: Literature Review and Development of a Smart City Interaction Framework

This comprehensive review provides a useful perspective on many of the key issues and offers key direction for future studies, and develops a smart city interaction framework.

Privacy-enhanced BPMN: enabling data privacy analysis in business processes models

PE-BPMN—a BPMN language for capturing PET-related activities in order to study the flow of private information and ease the communication of privacy concerns and requirements among stakeholders is developed.

FRiPAL: Face recognition in privacy abstraction layer

This paper proposes to utilize dimensionality reduction techniques for privacy-preserving machine learning in face recognition for the image data, and implements a client server system, FRiPAL, which is efficient, and could preserve the privacy of data owners while maintaining the utility for data users.

Privacy-Preserving Image Classification in the Local Setting

This paper considers a two-party image classification problem, in which data owners hold the image and the untrustworthy data user would like to fit a machine learning model with these images as input, and proposes a supervised image feature extractor, DCAConv, which produces an image representation with scalable domain size.

Differentially Private Principal Component Analysis Over Horizontally Partitioned Data

  • Sen WangJ. M. Chang
  • Computer Science
    2018 IEEE Conference on Dependable and Secure Computing (DSC)
  • 2018
This paper designs and implements a highly efficient and largely scalable privacy preserving distributed PCA protocol, in which the ($epsilon, \delta$)-Differential Privacy is guaranteed, and shows that it maintains a high data utility while preserving the privacy.

Privacy-Preserving Boosting in the Local Setting

  • Sen WangJ. M. Chang
  • Computer Science
    IEEE Transactions on Information Forensics and Security
  • 2021
A distributed privacy-preserving boosting algorithm that can be applied to various types of classifiers and which ensures that privacy is well preserved for the participated data owners is proposed.



Privacy-Preserving Applications on Smartphones

The issues that make smartphones a unique platform for secure computation are introduced, some interesting potential applications are identified, and the initial experiences creating privacy-preserving applications on Android devices are described.

Device analyzer: a privacy-aware platform to support research on the Android ecosystem

An overview of the privacy-enhancing techniques used in Device Analzyer is provided, including transparency, consent, purpose, access, withdrawal, and accountability, and the utility of the platform is demonstrated.

A Conundrum of Permissions: Installing Applications on an Android Smartphone

It is found that the permissions displays are generally viewed and read, but not understood by Android users, and users are not currently well prepared to make informed privacy and security decisions around installing applications.

Flexible and Fine-grained Mandatory Access Control on Android for Diverse Security and Privacy Policies

This paper presents an efficient policy language (inspired by SELinux) tailored to the specifics of Android's middleware semantics, and shows the flexibility of the architecture by policy-driven instantiations of selected security models such as the existing work Saint as well as a new privacy-protecting, user-defined and fine-grained per-app access control model.

For your phone only: custom protocols for efficient secure function evaluation on mobile devices

Efficient Mobile Oblivious Computation, a set of SFE protocols customized for the mobile platform using partially homomorphic cryptosystems to meet the needs of two popular application types: location-based and social networking is developed.

Secure outsourced garbled circuit evaluation for mobile devices

This work creates a new SFE protocol that allows mobile devices to securely outsource the majority of computation required to evaluate a garbled circuit and includes a new out-sourced oblivious transfer primitive that requires significantly less bandwidth and computation than standard OT primitives and outsourced input validation techniques that force the cloud to prove that it is executing all protocols correctly.

Using probabilistic generative models for ranking risks of Android apps

This work proposes to use probabilistic generative models for risk scoring schemes, and identifies several such models, ranging from the simple Naive Bayes, to advanced hierarchical mixture models, and shows that Probabilistic general models significantly outperform existing approaches, and that Naives Bayes models give a promising risk scoring approach.

Functional Encryption: Definitions and Challenges

This work shows how to map many existing concepts to the formalization of functional encryption and concludes with several interesting open problems in this young area.

Android permissions: user attention, comprehension, and behavior

It is found that current Android permission warnings do not help most users make correct security decisions, however, a notable minority of users demonstrated both awareness of permission warnings and reasonable rates of comprehension.

Protocols for secure computations

  • A. Yao
  • Mathematics
    23rd Annual Symposium on Foundations of Computer Science (sfcs 1982)
  • 1982
The author gives a precise formulation of this general problem and describes three ways of solving it by use of one-way functions, which have applications to secret voting, private querying of database, oblivious negotiation, playing mental poker, etc.