Advances in information technology, and its use in research, are increasing both the need for anonymized data and the risks of poor anonymization. In this thesis,  we point out some questions raised by current anonymization techniques such as a)  support for additional adversary models and the difficulty of measuring privacy pro-  vided, b) flexibility of algorithms-generalizations with respect to a utility cost metric,  and c) working with complex data. To address these issues, a) We propose a human understandable privacy notion, δ-presence ; b) We increase flexibility by introduc-  ing a new family of algorithms, clustering-based anonymity algorithms and two new types of generalizations, natural domain generalizations, generalizations with proba-  bility distributions. We also point out weaknesses such as metric-utility anomalies ;  c) We extend the definitions of current anonymization techniques for multirelational and spatio-temporal setting by presenting multirelational k-anonymity, and trajectory anonymity.

Data sharing with multiple parties over a third-party distribution framework requires that both data integrity and confidentiality be assured. One of the most widely used data organization structures is the tree structure. When such structures encode sensitive information (such as in the XML documents), it is crucial that integrity and confidentiality be assured not only for the content, but also for the structure. Digital signature schemes are commonly used to authenticate the integrity of the data. The most widely used such technique for tree structures is the Merkle hash technique, which however is known to be ``not hiding’‘, thus leading to leakage of information. Most existing techniques for the integrity of hierarchical data structures   are based on the Merkle hash technique and thus suffer from the problem of information leakages.  We describe the types of leakages and inference attacks that can be carried out on the Merkle hash technique, in the context of integrity assurance. Assurance of integrity and confidentiality (no leakages) of tree-structured data is an important problem in the context of secure data publishing and content distribution systems.

In this paper, we propose an integrity assurance scheme for tree data structures, which assures both confidentiality and integrity and is also efficient, especially in third-party distribution environments. Our integrity assurance technique, which we refer to as the ``structural integrity assurance scheme’‘, is based on the structure of the tree as defined by tree traversals (pre-order, post-order, in-order) and is defined using a randomized notion of such traversal numbers. Techniques for computing randomized traversal numbers are also described in the paper. In addition to formally defining the technique, we prove that it protects against violations of content and structural integrity and information leakages. We also show through complexity and performance analysis that the structural integrity assurance scheme is efficient; with respect to the Merkle hash technique, it incurs comparable cost for signing trees and incurs lower cost for user-side integrity verification. Further, we extend the proposed technique in order to assure integrity of weighted trees and dynamic updates.  % As an % example, the paper also describes a revised scheme for structure-based routing % for secure dissemination of XML documents.  We also show how the proposed structural integrity assurance technique can be applied in order to precisely detect integrity violations as well as to efficiently recover data. Such techniques have applications in digital forensics and efficient data transmission.

We present algorithms to reliably generate biometric identifiers from a user’s biometric image which in turn is used for identity verification possibly in conjunction with cryptographic keys. The biometric identifier generation algorithms employ image hashing functions using singular value decomposition and support vector classification techniques. Our algorithms capture generic biometric features that ensure unique and repeatable biometric identifiers. We provide an empirical evaluation of our techniques using 2569 images of 488 different individuals for three types of biometric images; namely fingerprint, iris and face. Based on the biometric type and the classification models, as a result of the empirical evaluation we can generate biometric identifiers ranging from 64 bits up to 214 bits. We provide an example use of the biometric identifiers in privacy preserving multi-factor identity verification based on zero knowledge proofs. Therefore several identity verification factors, including various traditional identity attributes, can be used in conjunction with one or more biometrics of the individual to provide strong identity verification. We also ensure security and privacy of the biometric data. More specifically, we analyze several attack scenarios. We assure privacy of the biometric using the one-way hashing property, in that no information about the original biometric image is revealed from the biometric identifier.

Users increasingly use their mobile devices for electronic transactions to store related information, such as digital receipts. However, such information can be target of several attacks. There are some security issues related to Mcommerce: the loss or theft of mobile devices results in a exposure of transaction information; transaction receipts that are send over WI-FI or 3G networks can be easily intercepted; transaction receipts can also be captured via Bluetooth connections without the user’s consent; and mobile viruses, worms and Trojan horses can access the transaction information stored on mobile devices if this information is not protected by passwords or PIN numbers. Therefore, assuring privacy and security of transactions’ information, as well as of any sensitive information stored on mobile devices is crucial. In this paper, we propose a privacy-preserving approach to manage electronic transaction receipts on mobile devices. The approach is based on the notion of transaction receipts issued by service providers upon a successful transaction and combines Pedersen commitment and Zero Knowledge Proof of Knowledge (ZKPK) techniques and Oblivious Commitment-Based Envelope (OCBE) protocols. We have developed a version of such protocol for Near Field Communication (NFC) enabled cellular phones.