Skip to main content
Login | Suomeksi | På svenska | In English

Browsing by Subject "privacy"

Sort by: Order: Results:

  • A Review of Privacy and Security in Federated Multi-armed Bandits 
    Virtanen, Lasse (2023)
    The multi-armed bandit is a sequential decision making problem where an agent chooses actions and receives rewards. The agent faces an explore-exploit dilemma: it has to balance exploring its options to find the optimal actions, and exploiting choosing the empirically best actions. This problem can also be solved by multiple agents who collaborate in a federated learning setting, where agents do not share their raw data samples. Instead, small updates containing learned parameters are shared. In this setting, the learning process can happen with a central server that coordinates the agents to learn the global model, or in a fully decentralized fashion where agents communicate with each other to collaborate. The distribution of rewards may be heterogeneous, meaning that the agents face distributions with local biases. Depending on the context, this can be handled by cancelling the biases by averaging, or by personalizing the global model to fit each individual agent’s local biases. Another common characteristic of federated multi-armed bandits is preserving privacy. Even though only parameter updates are shared, they can be used to infer the original data. To privatize the data, a method known as differential privacy is applied by adding enough random noise to mask the effect of a single contribution. The newest area of interest for federated multi-armed bandits is security. Collaboration between multiple agents means more opportunities for attacks. Achieving robust security means defending against Byzantine attacks that inject arbitrary data into the learning process to affect the model accuracy in an undesirable way. This thesis is a literature review that explores how the federated multi-armed bandit problem is solved, and how privacy and security for it is achieved.
  • On Self-Sovereign Identity : Verifiable Credentials and Presentations with OpenID Connect 
    Pärni, Miika (2023)
    Self-Sovereign Identity is a new concept of managaging digital identities in the digital services. The purpose of the Self-Sovereign Identity is to place the user in the center and move towards decentralized model of identity management. Verifiable Credentials, Verifiable Presentations, Identity Wallets and Decentralized Identifiers are part of the Self-Sovereign Identity model. They have also been recently included in the OpenID Connect specifications to be used with the widely used authentication layer built on OAuth 2.0. The OpenID Connect authentication can now be leveraged with the Decetralized Identifiers (DIDs) and the public keys contained in DID Documents. This work assessed the feasibility of integrating the Verifiable Credentials, Verifiable Presentations and Decentralized Identifiers with OpenID Connect in the context of two use cases. The first use case is to integrate the Verifiable Credentials and Presentations into an OpenID Connect server and utilise Single Sign-On in federated environment. The second use case is to ignore the OpenID Provider and enable the Relying Party to authenticate directly with the Identity Wallet. Custom software components, the Relying Party, the Identity Wallet and the Verifiable Credential Issuer were built to support the assessments. Two new authorization flows were designed for the two use cases. The Federated Verifiable Presentation Flow describes the protocol of Relying Party authenticating with OpenID Provider which receives the user information from the Wallet. The flow does not require any changes for any Relying Party using the same OpenID Provider to authenticate and utilise Single Sign-On. The Verifiable Presentation Flow enables the Relying Party to authenticate directly with the Wallet. However, this flow requires multiple changes to Relying Party and benefits of federated environment are not available, e.g., the Single Sign-On. Both of the flows are useful for their own specific use cases. The new flows are utilising the new segments of the Self-Sovereign Identity and are promising steps towards self-sovereignty.
  • Towards trusted data sharing and access control 
    Zubair, Maria (2022)
    The growing popularity of the Internet of Things (IoT) has massively increased the volume of data available for analysis. This data can be used to get detailed and precise insights about users, products, and organizations. Traditionally, organizations collect and process this data separately, which is a slow process and requires significant resources. Over the past decade, data sharing has become a popular trend, where several organizations have engaged in sharing their collected data with other organizations and processing it together for analysis. Digital marketplaces are developed to facilitate this data sharing. These marketplaces connect producers and consumers of data while ensuring that the data can be shared inside and outside the organization seamlessly and securely. This is achieved by implementing a fine-grained and efficient data access control method that restricts access to the data for authorized parties only. The data generated by IoT devices is voluminous, continuous, and heterogeneous. Therefore, traditional access control methods are no longer suitable for managing access to this data in a digital marketplace. IoT data requires an access control model, which can handle large volumes of streaming data, and provides full control transparency of data access to IoT device owners. In this thesis, we have designed and implemented a novel access control mechanism for a data distribution system developed by Nokia Bell Labs. We have outlined the requirements for designing an access control system to manage data access for data shared across multiple heterogeneous organizations. We have evaluated the proposed system to assess the feasibility and performance of the system in various scenarios. The thesis also discusses the strengths and limitations of the proposed system and highlights future research perspectives in this domain. We expect this thesis to be helpful for researchers studying IoT data processing, access control methods for streaming (big) data, and digital marketplaces.
  • Zero-knowledge proofs in blockchain applications 
    Tani, Antti (2020)
    The release of Bitcoin marked the birth of blockchain applications. Due, among other things, to the need for public verifiability, blockchain information is often transparent, which in many cases leads to insufficient privacy. Various methods have been developed to obfuscate the blockchain data, which should at the same time maintain public verifiability. A promising cryptographic approach is zero-knowledge proof that enables a statement to be proved without revealing any other information than the validity of the statement. Zero-knowledge proofs are examined in detail, first focusing on their general properties. With blockchains, the key features for zero-knowledge proof schemes are non-interactivity and succinctness, and schemes that fulfill these requirements are often called as zk-SNARKs. In a limited use, where succinctness is not critical, Fiat-Shamir transform has also been useful. We study the use of zero-knowledge proofs in blockchain applications Zcash, Ethereum and Monero, with a particular focus on privacy and feasibility.

Yhteystiedot

HELSINGIN YLIOPISTO