Joshua Joy

Joshua Joy

In this paper, we describe our approach to achieve distributed differential privacy by sampling alone. Our mechanism works in the semi-honest setting (honest-but-curious whereby aggregators attempt to peek at the data though follow the protocol). We show that the utility remains constant and does not degrade due to the variance as compared to the randomized response mechanism. In addition, we show smaller privacy leakage as compared to the randomized response mechanism.

Joshua Joy, Mario Gerla

In this paper, we introduce the family of Anonymized Local Privacy mechanisms. These mechanisms have an output space of three values "Yes", "No", or "$\perp$" (not participating) and leverage the law of large numbers to generate linear noise in the number of data owners to protect privacy both before and after aggregation yet preserve accuracy. We describe the suitability in a distributed on-demand network and evaluate over a real dataset as we scale the population.

Dylan Gray, Joshua Joy, Mario Gerla

When dealing with privatized data, it is important to be able to protect against malformed user inputs. This becomes difficult in MPC systems as each server should not contain enough information to know what values any user has submitted. In this paper, we implement an MPC technique to verify blinded user inputs are unit vectors. In addition, we introduce a BGW circuit which can securely aggregate the blinded inputs while only releasing the result when it is above a public threshold. These distributed techniques take as input a unit vector. While this initially seems limiting compared to real number input, it is quite powerful for cases such as selecting from a list of options, indicating a location from a set of possibilities, or any system which uses one-hot encoding.

Joshua Joy, Ciaran McGoldrick, Mario Gerla

Smart cities rely on dynamic and real-time data to enable smart urban applications such as intelligent transport and epidemics detection. However, the streaming of big data from IoT devices, especially from mobile platforms like pedestrians and cars, raises significant privacy concerns. Future autonomous vehicles will generate, collect and consume significant volumes of data to be utilized in delivering safe and efficient transportation solutions. The sensed data will, inherently, contain personally identifiable and attributable information - both external (other vehicles, environmental) and internal (driver, passengers, devices). The autonomous vehicles are connected to the infrastructure cloud (e.g., Amazon), the edge cloud, and also the mobile cloud (vehicle to vehicle). Clearly these different entities must co-operate and interoperate in a timely fashion when routing and transferring the highly dynamic data. In order to maximise the availability and utility of the sensed data, stakeholders must have confidence that the data they transmit, receive, aggregate and reason on is appropriately secured and protected throughout. There are many different metaphors for providing end-to-end security for data exchanges, but they commonly require a management and control sidechannel. This work proposes a scalable smart city privacy-preserving architecture named Authorized Analytics that enables each node (e.g. vehicle) to divulge (contextually) local privatised data. Authorized Analytics is shown to scale gracefully to IoT scope deployments.

Joshua Joy, Minh Le, Mario Gerla

Today, mobile data owners lack consent and control over the release and utilization of their location data. Third party applications continuously process and access location data without data owners granular control and without knowledge of how location data is being used. The proliferation of IoT devices will lead to larger scale abuses of trust. In this paper we present the first design and implementation of a privacy module built into the GPSD daemon. The GPSD daemon is a low-level GPS interface that runs on GPS enabled devices. The integration of the privacy module ensures that data owners have granular control over the release of their GPS location. We describe the design of our privacy module and then evaluate the performance of private GPS release and demonstrate that strong privacy guarantees can be built into the GPSD daemon itself with minimal to no overhead.

Joshua Joy, Sayali Rajwade, Mario Gerla

In our study, we seek to learn the real-time crowd levels at popular points of interests based on users continually sharing their location data. We evaluate the benefits of users sharing their location data privately and non-privately, and show that suitable privacy-preserving mechanisms provide incentives for user participation in a private study as compared to a non-private study.

Uichin Lee, Joshua Joy, Youngtae Noh

Securely sharing and managing personal content is a challenging task in multi-device environments. In this paper, we design and implement a new platform called Personal Content Networking (PCN). Our work is inspired by Content-Centric Networking (CCN) because we aim to enable access to personal content using its name instead of its location. The unique challenge of PCN is to support secure file operations such as replication, updates, and access control over distributed untrusted devices. The primary contribution of this work is the design and implementation of a secure content management platform that supports secure updates, replications, and fine-grained content-centric access control of files. Furthermore, we demonstrate its feasibility through a prototype implementation on the CCNx skeleton.

Joshua Joy, Eric Chung, Zengwen Yuan et al.

This paper presents a secure communication application called DiscoverFriends. Its purpose is to securely communicate to a group of online friends while bypassing their respective social networking servers under a mobile ad hoc network environment. DiscoverFriends leverages Bloom filters and a hybrid encryption technique with a self-organized public-key management scheme to securely identify friends and provide authentication. Additionally, DiscoverFriends enables anonymous location check-ins by utilizing a new cryptographic primitive called Function Secret Sharing. Finally, to the best of our knowledge, DiscoverFriends implements and evaluates the first Android multi-hop WiFi direct protocol using IPv6.