1 / 20

Sensor Networks: privacy-preserving queries

Sensor Networks: privacy-preserving queries. Nguyen Dinh Thuc University of Science, HCMC ndthuc@fit.hcmus.edu.vn. Outline. Introduction Privacy-preserving queries in sensor networks Privacy-preserving queries in two-tiered networks. Sensor networks introduction.

ata
Télécharger la présentation

Sensor Networks: privacy-preserving queries

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Sensor Networks:privacy-preserving queries Nguyen DinhThuc University of Science, HCMC ndthuc@fit.hcmus.edu.vn

  2. Outline • Introduction • Privacy-preserving queries in sensor networks • Privacy-preserving queries in two-tiered networks

  3. Sensor networksintroduction • Wireless sensor network: • is a distributed system consisting of a large number of sensor notes • deployed in adverse environments that are being monitored • Sensor notes: • collect and report data to the base station • usewireless multi-hop route • In many application of sensor networks, some of the biggest concerns are efficiency, security and privacy preserving

  4. Privacy-preserving queries:system model: network assumptions Network assumptions • We consider a WSN consisting of 1 base station BS and n sensor nodes, denoted as Ni • BS has much more computation, storage and energy capabilities than sensor nodes • BS and sensor nodes communicate with one another by using wireless medium • Not all sensor nodes can directly communicate with BS, in such cases they need to use multi-hop path • Sensor nodes don’t know the network topology but each sensor node knows its parent and children nodes

  5. Privacy-preserving queries:system model: security assumptions • Security assumptions • Assume that BS is trustworthy while any sensor node could be compromised • We only consider the attacks that outsiders or compromised sensor nodes eavesdrop sensor data, and reveal the data they receive/forward to the adversary • Design goals • Privacy/confidentiality of querying results • Privacy of raw and intermediately data • efficiency

  6. Privacy-preserving queries:solutions for range queries • SMART (W. He et al) • A node’s data reading is partitioned into several pieces • These pieces are send to different nodes in network • BS receives all pieces and the summation of all data in network is revealed • Scheme of Feng et al. • Each nodes i shares a secret Si with BS • Instead of reporting di, sensor node i reports vi=di+Si • From vi= di + Si, BS can deduce summation of all sensor data. W.He, X.Liu, H.Nguyen, K.Nahrsteld, and T.Abdelzaher, PDA: Privacy-preserving Data Aggregation in wireless sensor networks, Infocom, May 2007, Anchorage, Alaska T.Feng, C.Wang, W.Wang, and L.Ruan, Confidentiality protection for distributed sensor data aggregation, Infocom 2008, April 2008, Phoenix, Arizona

  7. Privacy-preserving queries:solutions for answering exact queries: ideas General ideas • Let x=(d1,…,dn){1,…,2m-1}n • Let Anxn=[e1…en] where ei: ith column of A nxn • Let x={d1,…,dn}be the values of all the sensor nodes in the system, di {1,…,2m-1}, (i=1,…,n) corresponds to the value of node Ni • BS maintains a non-singular matrix Anxn and each of sensor nodes Ni has m successive columns • When the sensor nodes propagate the values up the tree to the BS, they can help in reconstructing x

  8. Privacy-preserving queries:solutions for answering exact queries: preparation System preparation before network deployment • Assume that each sensor value is a binary number of m-bit length di=(ci1…cim) • BS is preloaded a binary matrix matrixATxT , T=mxn • Each sensor Ni maintains m vectors of size Tx1 of A: {ei1,…,eim}, randomly chosen among T such vectors • Note that in order to keep the individual reading secure, BS must not know the distribution of the vector. This can be done by a trusted third party

  9. Privacy-preserving queries:solutions for answering exact queries: data collection Data collection • Each sensor knows the time at which it needs to send its report to BS • If sensor node is a leaf node: • Computes y=(yi1,…,yin)=ci1ei1+…+cimeim where di=(ci1…cim) is value of sensor di • Sent result to its parent • If sensor is an intermediate node: • Computes y=(yi1,…,yin)=ci1ei1+…+cimeim where di=(ci1…cim) is value of sensor Ni • Sent z=y+z1+…+zk to its parent, where zi is report data of its ithchild • BS, upon receiving reports from all of its children (bi’s), solves Ax=b to deduce n values of n nodes, where b=i bi

  10. Privacy-preserving queries:solutions for answering exact queries: a baby example BS x4 x5 N4 N5 x3 {A9,A10}, d=3 {A7,A8}, d=1 N3 {A5,A6}, d=2 x1 x2 N1 N2 {A1,A2}, d=2 {A3,A4}, d=3

  11. Privacy-preserving queries:solutions for answering exact queries: discussion Advantages • Accuracy. It can answer all queries without revealing each individual data of each sensor • Privacy. Each node only knows its values • No key distribution • Aggregation. • Topology independence • Low computer overhead Disadvantages • Large size data are transmitted Hai Vu, ThucNguye, NeerajMittal, and S.Venkatesan, PEQ: A privacy-preserving scheme for answering exact queries in distributed sensor data networks. Proceedings of the 2009 28th IEEE International Symposium on Reliable Distributed Systems , pp 189-198, 2009.

  12. Privacy-preserving queries in 2-tiered WSNsystem model • We consider a WSN consisting of storages nodes and regular sensors • Assume that each sensor generates data values in a fixed rate and periodically submits the collected data to the closest storage node • En epoch is an interval time between two submissions • All sensors are synchronized • The data message from sensor sicontain the sensor ID (i), the current value (t) and data

  13. Privacy-preserving queries in 2-tiered WSNsystem model Query Storage node Reply Sink Query Reply Storage node

  14. Privacy-preserving queries in 2-tiered WSNadversary model and Security goals Adversary model • The adversary want to obtain the sensitive data information from the SN • The attacker want to breach data fidelity Security goals • Against compromised storage nodes • Against compromised sensors

  15. Privacy-preserving queries in 2-tiered WSNstate-of-the-art Scheme of Sheng and Li • Sheng and Li proposed a scheme to preserve the privacy and integrity of range queries in SN • This scheme uses the bucket partitioning idea • The basic idea is to divide the domain of data values into multiple buckets • In each slot, a sensor collects data items, places them into buckets, encrypts them together in each bucket, and then sends each bucket along with its bucket ID to a nearby storage node • When the BS want to perform a range query, it finds the smallest set of bucket IDs that contains the range in query, sends this set to storage nodes • Upon receiving the bucket ID, storage node returns the corresponding encrypted data in all those bucket • BS can decrypt the encrypted buckets and verify the integrity Bo Sheng and Qun Li, Verifiable privacy-preserving range query in two-tiered sensor networks, IEEE INFOCOM 2008 proceedings, pp 457-465

  16. Privacy-preserving queries in 2-tiered WSNan algebraic approach: problem description Problem description • Let Akxn be a matrix such that aij {1,…,N}, N>n • d1,…,dm{1,…,N} where didj, ij • Let ci = aid1 +…+ aidm,i=1,…,k • If given ci’s (i=1,…,k), then dj (j=1,…,m) is one of solutions of the systems ai1x1+…+ainxn = ci (*) i=1,…,n; where (x1,…,xn){0,1} • Determining Akxn such that (*) has only one solution: (X1,…,Xn) such that Xi=1 if i=dj (j=1,…,m) and Xi=0, otherwise • We will say (d1,…,dm) be a solution of (*), too.

  17. Privacy-preserving queries in 2-tiered WSNan algebraic approach: necessary conditions Establishing necessary conditions for matrix Akxn • Suppose that (d1,…,dm) and dp1,….,dpm; p=1,…,q be different solution of (*), then • jaidj = j aid1j = jaidqj = ci; (i=1,…,k) • Therefore (d1,…,dm) is unique solution if and only if v{1,…,k} such that • u{1,…,p}\{v}, jaiduj = ci; (i=1,…,k) • jaidvj  ci; (i=1,…,k)

  18. Privacy-preserving queries in 2-tiered WSNan algebraic approach: building matrix Building matrix Akxn • Generates a random matrix : A’(k-1)xn such that aij{1,…,t}, t<<n • For each pair of solutions (d1,…,dm) and (d’1,…,d’m) of the system (*), let xd1+…+xdmxd’1+…+xd’m, where xdj, xd’j{1,…,N}, j=1,…,m • After step 2) we receive an in-equation system in which each in-equation has form xd1+…+xdm xd’1+…+xd’m where (d1,…,dm) and (d’1,…,d’m) are solution of (*). • Let (ak1,…,akn) be a solution of this system, then (ak1,…,akn) is just kth row of the desired matrix

  19. Privacy-preserving queries in 2-tiered WSNan algebraic approach: a tiny example

  20. Privacy-preserving queries in 2-tiered WSNan algebraic approach: an example of a baby system Sensor i storage Data={1,4,6,2}  c={9,7,28} (j,t,{9,7,28}) (i,t,{10,5,21}) Data={1,3,4,6}  c={10,5,21} Sensor i

More Related