Search for: privacy
Total 133 records
Article 11th International ISC Conference on Information Security and Cryptology, ISCISC 2014 ; 3-4 September , 2014 , pp. 137-142 ; ISBN: 9781479953837 ; Abdolmaleki, B ; Akhbari, B ; Aref, M. R ; Sharif University of Technology
Radio Frequency Identification (RFID) technology is being deployed at our daily life. Although RFID systems provide useful services to users, they can also threat the privacy and security of the end-users. In order to provide privacy and security for RFID users, different RFID authentication protocols have been proposed. In this study, we investigate the privacy of two recently proposed RFID authentication protocols. It is shown that these protocols have some privacy problems that cannot provide user privacy. Then, in order to enhance the privacy of these protocols, two improvements of analyzed protocols are proposed that provide RFID users privacy
Article Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 11 July 2012 through 13 July 2012, Paris ; Volume 7371 LNCS , 2012 , Pages 263-273 ; 03029743 (ISSN) ; 9783642315398 (ISBN) ; Hadavi, M. A ; Jalili, R ; Sharif University of Technology
This paper proposes a horizontal fragmentation method to preserve privacy in data outsourcing. The basic idea is to identify sensitive tuples, anonymize them based on a privacy model and store them at the external server. The remaining non-sensitive tuples are also stored at the server side. While our method departs from using encryption, it outsources all the data to the server; the two important goals that existing methods are unable to achieve simultaneously. The main application of the method is for scenarios where encrypting or not outsourcing sensitive data may not guarantee the privacy
M.Sc. Thesis Sharif University of Technology ; Jalili, Rasoul
Providing anonymity in communications is one of the major requirements for the preserving the privacy of users using communication networks. There are several protocols for transmitting anonymous message in public communication networks. DC-Nets can be considered as an important solution to anonymous communications because they provide perfect anonymity; however, their high message and bit complexity is a major obstacle in their practical usage. All DC-Net based protocols provide anonymity of sender and receiver by establishing some anonymous channels for transmission of messages. Each execution of the DC-Net protocol acts as an anonymous channel, which only one participant can send his...
Article Security and Communication Networks ; Volume 8, Issue 7 , September , 2015 , Pages 1306-1317 ; 19390114 (ISSN) ; Hadavi, M. A ; Jalili, R ; Sharif University of Technology
John Wiley and Sons Inc 2015
Privacy preservation is an important issue in data publishing. Existing approaches on privacy-preserving data publishing rely on tabular anonymization techniques such as k-anonymity, which do not provide appropriate results for aggregate queries. The solutions based on graph anonymization have also been proposed for relational data to hide only bipartite relations. In this paper, we propose an approach for anonymizing multirelation constraints (ternary or more) with (t,k) hypergraph anonymization in data publishing. To this end, we model constraints as undirected hypergraphs and formally cluster attribute relations as hyperedge with the t-means-clustering algorithm. In addition,...
Article 2016 IEEE International Conference on Pervasive Computing and Communication Workshops, PerCom Workshops 2016, 14 March 2016 through 18 March 2016 ; 2016 ; 9781509019410 (ISBN) ; Hosseini, M ; Kanhere, S. S ; Sowmya, A ; Sharif University of Technology
Institute of Electrical and Electronics Engineers Inc 2016
The ability of wearable cameras to continuously capture the first person viewpoint with minimal user interaction, has made them very attractive in many application domains. Wearable technology today is available and useful but not widely used and accepted due to various challenges mainly privacy concerns. In this paper, we introduce a novel efficient privacy-aware framework for wearable cameras that can protect all sensitive subjects such as people, objects (e.g, display screens, license plates and credit cards) and locations (e.g, bathrooms and bedrooms). It uses the contextual information obtained from the wearable's sensors and recorded images to identify the potential sensitive subjects...
Article Wireless Networks ; 2014 ; ISSN: 10220038 ; Arkian, H. R ; Aref, M. R ; Sharif University of Technology
Modern power systems have been faced with a rising appeal for the upgrade to a highly intelligent generation of electricity networks known as the smart grid. Thus, security for the smart grid has emerged as an important issue. Recently, Hur proposed an attribute based data sharing for smart grid which unfortunately is vulnerable to the denial of service (DoS) attack. Moreover, it does not support the user revocation property and the grid system manager cannot prevent the revoked user of having access to the shared data in the storage center. For these weaknesses, we suggest an efficient revocable data sharing scheme which is immune against DoS attack. In addition, we present the security...
Article Security and Communication Networks ; Volume 6, Issue 8 , 2013 , Pages 999-1009 ; 19390122 (ISSN) ; Aref, M. R ; Sharif University of Technology
Ubiquitousness of Radio Frequency Identification (RFID) systems with inherent weaknesses has been a cause of concern about their privacy and security. Therefore, secure protocols are essentially necessary for the RFID tags to guarantee privacy and authentication among them and the reader. This paper inspects privacy in the RFID systems. First, we survey four new-found RFID authentication protocols, and then, their weaknesses in formal privacy model are analyzed. Although the authors of the schemes claimed that their protocols completely resist privacy attacks, we formally prove that all of them suffer from the family of traceability attacks. Furthermore, not only are the four improved...
Article Wireless Personal Communications ; Volume 83, Issue 3 , 2015 , Pages 1663-1682 ; 09296212 (ISSN) ; Baghery, K ; Abdolmaleki, B ; Aref, M. R ; Sharif University of Technology
Radio frequency identification (RFID) technology is a prominent technology which has been used in most authentication and identification applications. Above all, recently RFID systems have got more attention as an interesting candidate to implement in the internet of things systems. Although RFID systems provide useful and interest services to users, they can also threat the security and the privacy of the end-users. In order to provide the security and the privacy of RFID users, different authentication protocols have been proposed. In this study, we analyze the privacy of three RFID authentication protocols that proposed recently. For our privacy analysis, we use a formal RFID privacy...
Article Wireless Personal Communications ; Volume 95, Issue 4 , 2017 , Pages 5057-5080 ; 09296212 (ISSN) ; Baghery, K ; Khazaei, S ; Aref, M. R ; Sharif University of Technology
Recently, Radio Frequency Identification (RFID) and Near Field Communication systems are found in various user-friendly services that all of us deal with in our daily lives. As these systems are ubiquitously deployed in different authentication and identification applications, inferring information about our behavior will be possible by monitoring our use of them. In order to provide privacy and security requirements of RFID users in novel authentication applications, lots of security schemes have been proposed which have tried to provide secure and untraceable communication for end-users. In this paper, we investigate the privacy of three RFID security schemes which have been proposed...
Article 2013 11th Annual Conference on Privacy, Security and Trust, PST 2013 ; 2013 , Pages 61-68 ; 9781467358392 (ISBN) ; Alagheband, M. R ; Aref, M. R ; Sharif University of Technology
Since low-cost RFID systems are applied in ubiquitous varied applications, privacy and security of their users became a great concern. Therefore, the various authentication protocols have been proposed. In this paper, we inspect the three new-found RFID authentication protocols based on quadratic residue property via one of the well-organized formal RFID privacy models instead of intuitive analysis. We formally prove that modular squaring is the suitable technique to guarantee RFID authentication protocols against backward traceability. Then, the flaws are alleviated to resist traceability attacks
Article Wireless Personal Communications ; Volume 69, Issue 4 , May , 2013 , Pages 1583-1596 ; 09296212 (ISSN) ; Aref, M. R ; Sharif University of Technology
Many applications, such as e-passport, e-health, credit cards, and personal devices that utilize Radio frequency Identification (RFID) devices for authentication require strict security and privacy. However, RFID tags suffer from some inherent weaknesses due to restricted hardware capabilities and are vulnerable to eavesdropping, interception, or modification. The synchronization and untraceability characteristics are the major determinants of RFID authentication protocols. They are strongly related to privacy of tags and availability, respectively. In this paper, we analyze a new lightweight RFID authentication protocol, Song and Mitchell, in terms of privacy and security. We prove that not...
Article 26th Iranian Conference on Electrical Engineering, ICEE 2018, 8 May 2018 through 10 May 2018 ; 2018 , Pages 704-709 ; 9781538649169 (ISBN) ; Delavar, M ; Mohajeri, J ; Salmasizadeh, M ; Sharif University of Technology
Social networks and the shared data in these networks are always considered as good opportunities in hands of the attackers. To evaluate the privacy risks in these networks and challenge the anonymization techniques, several de-anonymization attacks have been introduced so far. In this paper, we propose a technique to improve the success rate of passive seed based de-anonymization attacks. Our proposed technique is simple and can be applied in combination with different types of de-anonymization attacks. We show that it can achieve high success rates with low number of seeds compared to similar attacks. Our technique can also be used for applying partial attacks on graphs which results in...
Article 2019 IEEE International Symposium on Information Theory, ISIT 2019, 7 July 2019 through 12 July 2019 ; Volume 2019-July , 2019 , Pages 171-175 ; 21578095 (ISSN); 9781538692912 (ISBN) ; Maddah Ali, M. A ; Abolfazl Motahari, S ; Sharif University of Technology
Institute of Electrical and Electronics Engineers Inc 2019
Current techniques in sequencing a genome allow a service provider (e.g. a sequencing company) to have full access to the genome information, and thus the privacy of individuals regarding their lifetime secret is violated. In this paper, we introduce the problem of private DNA sequencing, where the goal is to keep the DNA sequence private to the sequencer. We propose an architecture, where the task of reading fragments of DNA and the task of DNA assembly are separated, the former is done at the sequencer(s), and the later is completed at a local trusted data collector. To satisfy the privacy constraint at the sequencer and reconstruction condition at the data collector, we create an...
A location privacy-preserving method for spectrum sharing in database-driven cognitive radio networks, Article Wireless Personal Communications ; Volume 95, Issue 4 , 2017 , Pages 3687-3711 ; 09296212 (ISSN) ; Ahmadian Attari, M ; Jannati, H ; Aref, M. R ; Sharif University of Technology
Springer New York LLC 2017
The great attention to cognitive radio networks (CRNs) in recent years, as a revolutionary communication paradigm that aims to solve the problem of spectrum scarcity, prompts serious investigation on security issues of these networks. One important security concern in CRNs is the preservation of users location privacy, which is under the shadow of threat, especially in database-driven CRNs. To this end, in this paper, we propose a Location Privacy Preserving Database-Driven Spectrum-Sharing (L-PDS 2) protocol for sharing the spectrum between PUs and SUs in a database-driven CRN, while protecting location privacy of both primary and secondary users, simultaneously. We also present two...
M.Sc. Thesis Sharif University of Technology ; Maddah-Ali, Mohammad Ali ; Mirmohseni, Mahtab
In this thesis, we argue that in many basic algorithms for machine learning, including support vector machine (SVM) for classification, principal component analysis (PCA) for dimensionality reduction, and regression for dependency estimation, we need the inner products of the data samples, rather than the data samples themselves. Motivated by the above observation, we introduce the problem of private inner product retrieval for distributed machine learning, where we have a system including a database of some files, duplicated across some non-colluding servers. A user intends to retrieve a subset of specific size of the inner products of the data files with minimum communication load, without...
M.Sc. Thesis Sharif University of Technology ; Movaghar, Ali
Opportunistic delay tolerance networks are widely used networks that do not require infrastructure. Many routing algorithms have been proposed for these networks in which nodes need to compare their metrics (such as visit frequency, node geographical location, etc.)Therefore, routing in these networks has a high security risk and the possibility of violating privacy. There are many ways to protect privacy, but these methods have limitations: some are limited to vehicles and some are limited to social networks and node communities. Also, more general methods require a lot of complexity, including processing time, storage resources, and key management.In this study, we propose a method with...
Article Journal of Network and Computer Applications ; Volume 139 , 2019 , Pages 49-56 ; 10848045 (ISSN) ; Ahmadian Attari, M ; Rajabzadeh Asaar, M ; Aref, M. R ; Sharif University of Technology
Academic Press 2019
In a cloud storage service, public auditing mechanisms allow a third party to verify integrity of the outsourced data on behalf of data users without the need to retrieve data from the cloud server. Recently, Shen et al. proposed a new lightweight and privacy preserving cloud data auditing scheme which employs a third party medium to perform time-consuming operations on behalf of users. The authors have claimed that the scheme meets the security requirements of public auditing mechanisms. In this paper, we show that Shen et al.'s scheme is insecure by proposing two attacks on the scheme. In the first attack, an outside adversary can modify some messages in transmission to the cloud server...
Article Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) ; Volume 7107 LNCS , 2011 , Pages 216-235 ; 03029743 (ISSN) ; 9783642255779 (ISBN) ; Aref, M. R ; Ma, D ; Sharif University of Technology
The development of RFID systems in sensitive applications like e-passport, e-health, credit cards, and personal devices, makes it necessary to consider the related security and privacy issues in great detail. Among other security characteristic of an RFID authentication protocol, untraceability and synchronization are the most important attributes. The former is strongly related to the privacy of tags and their holders, while the latter has a significant role in the security and availability parameters. In this paper, we investigate three RFID authentication protocols proposed by Duc and Kim, Song and Mitchell, and Cho, Yeo and Kim in terms of privacy and security. We analyze the protocol...
Article Wireless Networks ; Volume 25, Issue 3 , 2018 , Pages 1-18 ; 10220038 (ISSN) ; Abdolmaleki, B ; Khazaei, S ; Aref, M. R ; Sharif University of Technology
Springer New York LLC 2018
Due to their impressive advantages, Radio Frequency IDentification (RFID) systems are ubiquitously found in various novel applications. These applications are usually in need of quick and accurate authentication or identification. In many cases, it has been shown that if such systems are not properly designed, an adversary can cause security and privacy concerns for end-users. In order to deal with these concerns, impressive endeavors have been made which have resulted in various RFID authentications being proposed. In this study, we analyze three lightweight RFID authentication protocols proposed in Wireless Personal Communications (2014), Computers & Security (2015) and Wireless Networks...
Article Proceedings - SocialCom 2010: 2nd IEEE International Conference on Social Computing, PASSAT 2010: 2nd IEEE International Conference on Privacy, Security, Risk and Trust, 20 August 2010 through 22 August 2010 ; August , 2010 , Pages 865-872 ; 9780769542119 (ISBN) ; Sharif University of Technology
Technical evolution of location technologies has augmented the development and growth of location-based services. With widespread adoption of these services, threats to location privacy are increasing, entailing more robust and sophisticated solutions. This paper proposes an intuitive obfuscation-based scheme, which uses vagueness in human perception of nearness to provide a flexible and robust location privacy scheme. Key to this work is the concept of vagueness degree, which aims to enhance its robustness against privacy attacks. Furthermore, our scheme is totally in line with human perception of privacy and provides a solution, which mostly suits proximity-based services, social...