Browsing by Author "Jacobson Jr., Michael John"

Now showing 1 - 2 of 2
  • Thumbnail Image
    ItemOpen Access
    Light-weight Privacy Infrastructure - A Blockchain-based Privacy-Preservation Platform for Data Storage and Query Processing
    (2022-06) Mireku Kwakye, Michael; Barker, Kenneth Edwin; Jacobson Jr., Michael John; Reardon, Joel Christopher; Ray, Suprio; Far, Behrouz Homayoun
    Privacy-preservation policies are guidelines and recommendations formulated to protect data provider’s private, sensitive data in data repositories. These policies are implemented using privacy-preservation methodologies. Previous privacy-preservation methodologies have addressed privacy in which data are permanently stored in repositories and disconnected from changing data provider privacy preferences. This becomes evident as the data moves to another data repository. The ability of data providers to flexibly update or change their privacy preferences when it is required is a known challenge. Moreover, the ability for data providers to control their existing privacy preferences due to changes in data usage continues to remain a problem. This research proposes a Light-weight Privacy Infrastructure (LPI); which is a methodology/framework for privacy-preservation of data provider’s private and sensitive data. The approach offers data providers flexibility to easily change and monitor privacy preferences on their stored data when the data usage requirements change. Additionally, the approach offers data providers control over access and usage of their private, sensitive data by data collectors and/or accessors and third-party data accessors. The research proposes to tightly couple data provider’s private attribute data element to privacy preferences and data accessor data elements. The implementation presents a framework of tightly-coupled relational Database Management System (DBMS), blockchains, and genomic data store. The coupled database framework delivers a secure and query-efficient platform for management and query processing of data provider’s private data. The implementation adopts an Alberta biotechnology platform that provides commercial oncogenomic services, as a case study. The healthcare platform processes both cancer-related healthcare data and next generation sequencing (NGS) genomic data. Data privacy in healthcare data is a necessary requirement in the processing of data provider private and sensitive data across varied data repositories. The implementation provides data providers (i.e., patients) and data collectors and/or accessors (for e.g., physicians) the platform to efficiently manage data whiles eliminating the risks of privacy breaches and unauthorized data access. The major contributions are: first, provide an approach to tightly couple data provider private, sensitive data with privacy preferences, and data accessor data elements into a privacy tuple. Second, provide a tightly-coupled immutable, tamper-resistant data processing platform where data providers monitor and control all forms of access to their private, sensitive data. Third, provide implementation of a privacy infrastructure where data providers have maximum flexibility to change their privacy preferences on all transactions processed on their underlying private, sensitive data without requiring the data collector. Finally, provide an implementation framework applicable to healthcare and genomic data processing that uses a biotechnology platform as a case study. The evaluation analysis from the implementation procedures offers a validation for the research based on the query processing output of privacy-aware queries on the privacy infrastructure.
  • Thumbnail Image
    ItemOpen Access
    Secure Smart Contract-based Computation (Verifiable computation, Fair two-party protocols, and Resource sharing)
    (2024-02-15) Avizheh, Sepideh; Safavi-Naini, Reihaneh; Jacobson Jr., Michael John; Henry, Ryan; Far, Behrouz; Pieprzyk, Josef
    A smart contract is a trusted computer program that runs on the decentralized computer that underlies a blockchain. Smart contracts are part of Web3 technology, the next generation of the Internet, and they enable distributed applications over the Internet. Smart contracts can remove intermediaries in real-world systems and have the promise of revolutionizing industries and processes in healthcare, retail, banking, government, and many more. Because of their trusted execution, smart contracts have been used as a trusted third party/referee in cryptographic protocols. They have also been used to automate processes and seamlessly incorporate cryptocurrency in payments. In this thesis, we consider the application of the smart contract as a trusted (semi-honest) third party/referee in the following problems: verifiable computation using refereed delegation of computation, fair two-party protocols that include fair private set intersection and fair exchange, and resource sharing. We show that the direct replacement of the trusted third party/referee with the smart contract can expose the protocols to new threats and attacks. We model the security of each protocol, analyze the security of the existing ones, propose new protocols that can achieve the required security guarantee in the smart contract setting, provide a proof-of-concept implementation, and evaluate their performance. Our results incorporate both secure smart contract-based cryptographic protocols and systems. We mainly propose formal models and descriptions in the real-world/ideal-world paradigm for the cryptographic protocols. We also look into the privacy in the smart contract setting. The smart contract is transparent and interactions with the smart contract are through public communication channels, thus ensuring the privacy of the parties' input and messages becomes a significant challenge in designing the protocols. We lay the foundations to define and capture privacy for a smart contract and use it to show the privacy of our cryptographic protocols.