Lei Zhang, Qianhong Wu, Agusti Solanas, Josep Domingo-Ferrer

IEEE Transactions on vehicular Technology 59 (4), 1606-1617

Description: Existing authentication protocols to secure vehicular ad hoc networks (VANETs) raise challenges such as certificate distribution and revocation, avoidance of computation and communication bottlenecks, and reduction of the strong reliance on tamper-proof devices. This paper efficiently copes with these challenges with a decentralized group-authentication protocol in the sense that the group is maintained by each roadside unit (RSU) rather than by a centralized authority, as in most existing protocols that are employing group signatures. In our proposal, we employ each RSU to maintain and manage an on-the-fly group within its communication range. Vehicles entering the group can anonymously broadcast vehicle- to-vehicle (V2V) messages, which can be instantly verified by the vehicles in the same group (and neighboring groups). Later, if the message is found to be false, a third party can be invoked to disclose the identity of the message originator. Our protocol efficiently exploits the specific features of vehicular mobility, physical road limitations, and properly distributed RSUs. Our design leads to a robust VANET since, if some RSUs occasionally collapse, only the vehicles that are driving in those collapsed areas will be affected. Due to the numerous RSUs sharing the load to maintain the system, performance does not significantly degrade when more vehicles join the VANET; hence, the system is scalable.

Antoni Martínez-Ballesté, Pablo A Pérez-Martínez, Agusti Solanas

IEE Communications Magazine 51 (6), 136-141

Description: Cities are growing steadily, and the process of urbanization is a common trend in the world. Although cities are getting bigger, they are not necessarily getting better. With the aim to pro- vide citizens with a better place to live, a new concept of a city was born: the smart city. The real meaning of smart city is not strictly defined, but it has gained much attention, and many cities are taking action in order to be considered “smart.” These smart cities, founded on the use of information and communication technologies, aim at tackling many local problems, from local economy and transportation to quality of life and e-governance. Although technology helps to solve many of these local problems, their ability to gather unprecedented amounts of information could endanger the privacy of citizens. In this article we identify a number of privacy breaches that can appear within the context of smart cities and their services. We leverage some concepts of previously defined privacy models and define the concept of citizens’ privacy as a model with five dimensions: identity privacy, query privacy, loca- tion privacy, footprint privacy and owner privacy. By means of several examples of smart city ser- vices, we define each privacy dimension and show how existing privacy enhancing technolo- gies could be used to preserve citizens’ privacy.

Agusti Solanas, Antoni Martinez-Balleste

17th COMPSTAT Symposium of the IASC, Rome, 917-925

Description: Microaggregation is a clustering problem with minimum size constraints on the resulting clusters or groups; the number of groups is unconstrained and the within-group homogeneity should be maximized. In the context of privacy in statistical databases, microaggregation is a well-known approach to obtaining anonymized versions of confidential microdata. Optimally solving microaggregation on multivariate data sets is known to be difficult (NP-hard). Therefore, heuristic methods are used in practice. This paper presents a new heuristic approach to multivariate microaggregation, which provides variable-sized groups (and thus higher within-group homogeneity) with a computational cost similar to the one of fixed-size microaggregation heuristics.

Josep Domingo-Ferrer, Francesc Sebé, Agusti Solanas

Computers & Mathematics with Applications 55 (4), 714-732

Description: Microaggregation is a family of methods for statistical disclosure control (SDC) of microdata (records on individuals and/or companies), that is, for masking microdata so that they can be released without disclosing private information on the underlying individuals. Microaggregation techniques are currently being used by many statistical agencies. The principle of microaggregation is to group original database records into small aggregates prior to publication. Each aggregate should contain at least k records to prevent disclosure of individual information, where k is a constant value preset by the data protector. In addition to it being a good masking method, microaggregation has recently been shown useful to achieve k-anonymity. In k-anonymity, the parameter k specifies the maximum acceptable disclosure risk, so that, once a value for k has been selected, the only job left is to maximize data utility: if microaggregation is used to implement k-anonymity, maximizing utility can be achieved by microaggregating optimally, i.e. with minimum within-groups variability loss. Unfortunately, optimal microaggregation can only be computed in polynomial time for univariate data. For multivariate data, it has been shown to be NP-hard. We present in this paper a polynomial-time approximation to microaggregate multivariate numerical data for which bounds to optimal microaggregation can be derived at least for two different optimality criteria: minimum within-groups Euclidean distance and minimum within-groups sum of squares. Beyond the theoretical interest of being the first microaggregation proposal with proven approximation bounds for any k, our method is empirically shown to be comparable to the best available heuristics for multivariate microaggregation.

Achilleas Papageorgiou, Michael Strigkos, Eugenia Politou, Efthimios Alepis, Agusti Solanas, Constantinos Patsakis

IEEE Access 6, 9390-9403

Description: Recent advances in hardware and telecommunications have enabled the development of low cost mobile devices equipped with a variety of sensors. As a result, new functionalities, empowered by emerging mobile platforms, allow millions of applications to take advantage of vast amounts of data. Following this trend, mobile health applications collect users health-related information to help them better comprehend their health status and to promote their overall wellbeing. Nevertheless, health-related information is by nature and by law deemed sensitive and, therefore, its adequate protection is of substantial importance. In this paper we provide an in-depth security and privacy analysis of some of the most popular freeware mobile health applications. We have performed both static and dynamic analysis of selected mobile health applications, along with tailored testing of each application’s functionalities. Long term analyses of the life cycle of the reviewed apps and our general data protection regulation compliance auditing procedure are unique features of the present paper. Our findings reveal that the majority of the analyzed applications do not follow well-known practices and guidelines, not even legal restrictions imposed by contemporary data protection regulations, thus jeopardizing the privacy of millions of users.

Page 3 of 43

Slide 1
Join us
Follow our last publications and stay connected!

Av. Països Catalans, 26, 43470 Tarragona, Catalonia, Spain