Toward Lightweight and Privacy-Preserving Data Provision in Digital Forensics for Driverless Taxi

IF 8.9 1区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS IEEE Internet of Things Journal Pub Date : 2025-02-04 DOI:10.1109/JIOT.2025.3538679

Yanwei Gong;Xiaolin Chang;Jelena Mišić;Vojislav B. Mišić;Junchao Fan;Kaiwen Wang

{"title":"Toward Lightweight and Privacy-Preserving Data Provision in Digital Forensics for Driverless Taxi","authors":"Yanwei Gong;Xiaolin Chang;Jelena Mišić;Vojislav B. Mišić;Junchao Fan;Kaiwen Wang","doi":"10.1109/JIOT.2025.3538679","DOIUrl":null,"url":null,"abstract":"Data provision, referring to data upload and data access, is one key phase in vehicular digital forensics. The unique features of driverless taxi (DT) bring new issues to this phase: I1) efficient verification of data integrity when diverse data providers (DPs) upload data; I2) DP privacy preservation during data upload; and I3) privacy preservation of both data and investigator (IN) under complex data ownership when accessing data. Considering that the existing works on digital forensics cannot address all these issues, we first propose a novel lightweight and privacy-preserving data provision (LPDP) approach consisting of three mechanisms: 1) privacy-friendly batch verification mechanism (PBVm); 2) data access control mechanism (DACm); and 3) decentralized IN warrant issuance mechanism (DIWIm). PBVm ensures scalable verification of data integrity to address I1. PBVm also ensures the DP privacy preservation in terms of the location privacy and unlinkability of data upload requests to address I2. Besides, DACm and DIWIm are combined to ensure data privacy preservation and the identity privacy of IN in terms of the anonymity and unlinkability of data access requests without sacrificing the traceability to address I3. Security analysis and performance evaluations validate LPDP’s capabilities in addressing the three issues.","PeriodicalId":54347,"journal":{"name":"IEEE Internet of Things Journal","volume":"12 11","pages":"17569-17580"},"PeriodicalIF":8.9000,"publicationDate":"2025-02-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Internet of Things Journal","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10870308/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Data provision, referring to data upload and data access, is one key phase in vehicular digital forensics. The unique features of driverless taxi (DT) bring new issues to this phase: I1) efficient verification of data integrity when diverse data providers (DPs) upload data; I2) DP privacy preservation during data upload; and I3) privacy preservation of both data and investigator (IN) under complex data ownership when accessing data. Considering that the existing works on digital forensics cannot address all these issues, we first propose a novel lightweight and privacy-preserving data provision (LPDP) approach consisting of three mechanisms: 1) privacy-friendly batch verification mechanism (PBVm); 2) data access control mechanism (DACm); and 3) decentralized IN warrant issuance mechanism (DIWIm). PBVm ensures scalable verification of data integrity to address I1. PBVm also ensures the DP privacy preservation in terms of the location privacy and unlinkability of data upload requests to address I2. Besides, DACm and DIWIm are combined to ensure data privacy preservation and the identity privacy of IN in terms of the anonymity and unlinkability of data access requests without sacrificing the traceability to address I3. Security analysis and performance evaluations validate LPDP’s capabilities in addressing the three issues.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

面向无人驾驶出租车数字取证的轻量化和隐私保护数据提供

数据提供指的是数据上传和数据访问，是车辆数字取证的一个关键阶段。无人驾驶出租车（DT）的独特功能为这一阶段带来了新的问题：1)当不同的数据提供商（DPs）上传数据时，有效验证数据完整性；I2)数据上传过程中的DP隐私保护；I3)在访问数据时，在复杂的数据所有权下，数据和研究者（IN）的隐私保护。考虑到现有的数字取证工作无法解决所有这些问题，我们首先提出了一种新的轻量级和隐私保护数据提供（LPDP）方法，该方法由三种机制组成：1)隐私友好的批处理验证机制（PBVm）；2)数据访问控制机制（DACm）；3)分布式IN权证发行机制（DIWIm）。PBVm确保可扩展的数据完整性验证，以解决I1。PBVm还在地址I2的数据上传请求的位置隐私和不可链接性方面确保DP隐私保护。此外，DACm和DIWIm相结合，在不牺牲可追溯性的情况下，在数据访问请求的匿名性和不可链接性方面保证了数据隐私保护和IN的身份隐私。安全分析和性能评估验证了LPDP在解决这三个问题方面的能力。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

IEEE Internet of Things Journal Computer Science-Information Systems

CiteScore

17.60

自引率

13.20%

发文量

1982

期刊介绍： The EEE Internet of Things (IoT) Journal publishes articles and review articles covering various aspects of IoT, including IoT system architecture, IoT enabling technologies, IoT communication and networking protocols such as network coding, and IoT services and applications. Topics encompass IoT's impacts on sensor technologies, big data management, and future internet design for applications like smart cities and smart homes. Fields of interest include IoT architecture such as things-centric, data-centric, service-oriented IoT architecture; IoT enabling technologies and systematic integration such as sensor technologies, big sensor data management, and future Internet design for IoT; IoT services, applications, and test-beds such as IoT service middleware, IoT application programming interface (API), IoT application design, and IoT trials/experiments; IoT standardization activities and technology development in different standard development organizations (SDO) such as IEEE, IETF, ITU, 3GPP, ETSI, etc.