Scopus İndeksli Yayınlar Koleksiyonu / Scopus Indexed Publications Collection
Permanent URI for this collectionhttps://hdl.handle.net/11147/7148
Browse
7 results
Search Results
Article Citation - WoS: 3Citation - Scopus: 4Scalable Rfid Authentication Protocol Based on Physically Unclonable Functions(Elsevier, 2023) Kurt, Işıl; Alagöz, Fatih; Akgün, MeteRadio Frequency Identification (RFID) technology is commonly used for tracking and identifying objects. However, this technology poses serious security and privacy concerns for individuals carrying the tags. To address these issues, various security protocols have been proposed. Unfortunately, many of these solutions suffer from scalability problems, requiring the back-end server to work linearly in the number of tags for a single tag identification. Some protocols offer O(1) or O(log n) identification complexity but are still susceptible to serious attacks. Few protocols consider attacks on the reader-side. Our proposed RFID authentication protocol eliminates the need for a search in the back-end and leverages Physically Unclonable Functions (PUFs) to securely store tag secrets, making it resistant to tag corruption attacks. It provides constant-time identification without sacrificing privacy and offers log2 n times better identification performance than the state-of-the-art protocol. It ensures destructive privacy for tag holders in the event of reader corruption without any conditions. Furthermore, it enables offline readers to maintain destructive privacy in case of corruption.Article Citation - WoS: 16Citation - Scopus: 25A Privacy-Preserving Scheme for Smart Grid Using Trusted Execution Environment(IEEE, 2023) Akgün, Mete; Üstündağ Soykan, Elif; Soykan, GürkanThe increasing transformation from the legacy power grid to the smart grid brings new opportunities and challenges to power system operations. Bidirectional communications between home-area devices and the distribution system empower smart grid functionalities. More granular energy consumption data flows through the grid and enables better smart grid applications. This may also lead to privacy violations since the data can be used to infer the consumer's residential behavior, so-called power signature. Energy utilities mostly aggregate the data, especially if the data is shared with stakeholders for the management of market operations. Although this is a privacy-friendly approach, recent works show that this does not fully protect privacy. On the other hand, some applications, like nonintrusive load monitoring, require disaggregated data. Hence, the challenging problem is to find an efficient way to facilitate smart grid operations without sacrificing privacy. In this paper, we propose a privacy-preserving scheme that leverages consumer privacy without reducing accuracy for smart grid applications like load monitoring. In the proposed scheme, we use a trusted execution environment (TEE) to protect the privacy of the data collected from smart appliances (SAs). The scheme allows customer-oriented smart grid applications as the scheme does not use regular aggregation methods but instead uses customer-oriented aggregation to provide privacy. Hence the accuracy loss stemming from disaggregation is prevented. Our scheme protects the transferred consumption data all the way from SAs to Utility so that possible false data injection attacks on the smart meter that aims to deceive the energy request from the grid are also prevented. We conduct security and game-based privacy analysis under the threat model and provide performance analysis of our implementation. Our results demonstrate that the proposed method overperforms other privacy methods in terms of communication and computation cost. The execution time of aggregation for 10,000 customers, each has 20 SAs is approximately 1 second. The decryption operations performed on the TEE have a linear complexity e.g., 172800 operations take around 1 second while 1728000 operations take around 10 seconds. These results can scale up using cloud or hyper-scalers for real-world applications as our scheme performs offline aggregation.Article Citation - WoS: 2Privacy Issues in Post Dissemination on Facebook(Türkiye Klinikleri Journal of Medical Sciences, 2019) Sayın, Burcu; Şahin, Serap; Kogias, Dimitrios G.; Patrikakis, Charalampos Z.With social networks (SNs) being populated by a still increasing numbers of people who take advantage of the communication and collaboration capabilities that they offer, the probability of the exposure of people's personal moments to a wider than expected audience is also increasing. By studying the functionalities and characteristics that modern SNs offer, along with the people's habits and common behaviors in them, it is easy to understand that several privacy risks may exist, many of which people may be unaware of. In this paper, we focus on users' interactions with posts in a social network (SN), using Facebook as our research domain, and we emphasize some privacy leakages currently existing in Facebook's privacy policy. We also propose a solution to detected privacy issues, featuring a reference implementation of a tool based on a simulation, which visualizes the effect of potential privacy risks on Facebook and directs users to control their privacy. The proposed and simulated tool allows a post owner to observe the spreading area of his or her post depending on the selected privacy settings. Moreover, it provides preliminary feedback for all Facebook users that have interacted with this post, to make them aware of the possible privacy changes, aiming to give them a chance to protect the privacy of their interaction on this post by deleting it when an unwanted privacy change takes place. Finally, an online survey to increase privacy awareness in Facebook usage with over 500 volunteer participants has illuminated the need for such a tool or solution.Article Citation - Scopus: 7Transformation in a Housing-Design Story: Reading the Spatial Typologies of Apartment Projects in Hatay-Izmir(İstanbul Teknik Üniversitesi, 2018) Yaylalı Yıldız, Berna; Ek, Fatma İpek; Can, IşınThe politics of central government or incentives determine new design-systems of housing plots as well as housing units. Especially after the enactment of the law of urban regeneration for risky areas, regeneration of areas under disaster risk, there has been an acceleration in knocking down old buildings and constructing new ones in inner cities. Thus, this paper focuses on the changes in housing typologies in Hatay-Izmir, in terms of space syntax parameters through the time period 1960-2000, and interprets the final plan-solutions within the perspective of urban regeneration. By accelerating implementations of the urban transformation projects in Hatay region, alternative plan-typologies coming from the past have undergone the so-called “re-design and transformation” process; however, they have actually been substituted by the “never-changing” plan-templates of the apartment typology. We will examine these changes in plan typologies and spatial organisations of the mentioned apartment-projects on the same plots by utilizing the method of space syntax and visibility analysis (VGA). Transformations in spatial configuration in two periods are interpreted through their relationships to shifts in meaning of privacy and daily life represented by degree of permeability and connectivity of housing-unit-plans based on spatial analysis. © 2018, Istanbul Teknik Universitesi, Faculty of Architecture. All rights reserved.Article Citation - WoS: 1Citation - Scopus: 4A Practical Privacy-Preserving Targeted Advertising Scheme for Iptv Users(Springer Verlag, 2016) Khayati, Leyli Javid; Örencik, Cengiz; Savaş, Erkay; Ustaoğlu, BerkantIn this work, we present a privacy-preserving scheme for targeted advertising via the Internet Protocol TV (IPTV). The scheme uses a communication model involving a collection of subscribers, a content provider (IPTV), advertisers and a semi-trusted server. To target potential customers, the advertiser can utilize not only demographic information of subscribers, but also their watching habits. The latter includes watching history, preferences for IPTV content and watching rate, which are periodically (e.g., weekly) published on a semi-trusted server (e.g., cloud server) along with anonymized demographics. Since the published data may leak sensitive information about subscribers, it is safeguarded using cryptographic techniques in addition to the anonymization of demographics. The techniques used by the advertiser, which can be manifested in its queries to the server, are considered (trade) secrets and therefore are protected as well. The server is oblivious to the published data and the queries of the advertiser as well as its own responses to these queries. Only a legitimate advertiser, endorsed with so-called trapdoors by the IPTV, can query the cloud server and access the query results. Even when some background information about users is available, query responses do not leak sensitive information about the IPTV users. The performance of the proposed scheme is evaluated with experiments, which show that the scheme is practical. The algorithms demonstrate both weak and strong scaling property and take advantage of high level of parallelism. The scheme can also be applied as a recommendation system. © 2015, Springer-Verlag Berlin Heidelberg.Conference Object Citation - Scopus: 1Privacy-Preserving Targeted Advertising Scheme for Iptv Using the Cloud(SciTePress, 2012) Khayati, Leyli Javid; Savaş, Erkay; Ustaoğlu, Berkant; Örencik, CengizIn this paper, we present a privacy-preserving scheme for targeted advertising via the Internet Protocol TV (IPTV). The scheme uses a communication model involving a collection of viewers/subscribers, a content provider (IPTV), an advertiser, and a cloud server. To provide high quality directed advertising service, the advertiser can utilize not only demographic information of subscribers, but also their watching habits. The latter includes watching history, preferences for IPTV content and watching rate, which are published on the cloud server periodically (e.g. weekly) along with anonymized demographics. Since the published data may leak sensitive information about subscribers, it is safeguarded using cryptographic techniques in addition to the anonymization of demographics. The techniques used by the advertiser, which can be manifested in its queries to the cloud, are considered (trade) secrets and therefore are protected as well. The cloud is oblivious to the published data, the queries of the advertiser as well as its own responses to these queries. Only a legitimate advertiser, endorsed with a so-called trapdoor by the IPTV, can query the cloud and utilize the query results. The performance of the proposed scheme is evaluated with experiments, which show that the scheme is suitable for practical usage.Conference Object Citation - WoS: 22Multi-Party Off-The Messaging(Association for Computing Machinery (ACM), 2009) Goldberg, Ian; Ustaoğlu, Berkant; Van Gundy, Matthew D.; Chen, HaoMost cryptographic algorithms provide a means for secret and authentic communication. However, under many circumstances, the ability to repudiate messages or deny a conversation is no less important than secrecy and authenticity. For whistleblowers, informants, political dissidents and journalists - to name a few - it is most important to have means for deniable conversation, where electronic communication must mimic face-to-face private meetings. Off-the-Record Messaging, proposed in 2004 by Borisov, Goldberg and Brewer, and its subsequent improvements, simulate private two-party meetings. Despite some attempts, the multi-party scenario remains unresolved. In this paper, we first identify the properties of multi-party private meetings. We illustrate the differences not only between the physical and electronic medium but also between two- and multi-party scenarios, which have important implications for the design of private chatrooms. We then propose a solution to multi-party off-the-record instant messaging that satisfies the above properties. Our solution is also composable with extensions that provide other properties, such as anonymity. Copyright 2009 ACM.