Privacy enhancing data reporting system for participatory sensing

Abstract

Privacy is a crucial aspect of any system involving user-supplied data. There exist multiple approaches to protecting the identity and secrecy of users in data submission systems. In this thesis I consider the case of privacy-enhancing of data reporting in Participatory Sensing systems. I conducted an extensive literature overview to explore privacy-oriented enhancements to data submission that are applicable in the PS systems. I designed a protocol for proximity-based data aggregation that utilizes Multi-party Secure Computations over Bluetooth Low Energy. Users are divided into groups that perform sub-aggregations and report results to central entities, protecting themselves from honest-but-curious adversary threats. I present a mobile app and web servers for central entities that follow the design of the protocol. I evaluated the achieved effectiveness and discuss the utility and privacy trade-offs. The implementation performs as one would expect for an MPC system with high communication overhead, and is implemented over Bluetooth, with the additional time needed for discovering and connecting devices. The overall performance is of the system suggests that deployments targeting 1-second intervals of data submission are feasible. Main use cases are sensitive measurements, such as medical data or highly private user information.