| In today's information age, companies are increasingly acquiring and storing vast amounts of data about their users and their users' activities using information and communication technologies. Advances in big data analytics enable companies to examine these data to uncover hidden patterns, correlations, and other revealing information, improving the quality of their services. However, with massive data and advanced data analytical techniques, far more information can be inferred than most people have anticipated at the time of data collection/publication, as evidenced by recent privacy leakage incidents such as the AOL search log scandal and the de-anonymization of Netflix prize data. Traditional privacy-preserving techniques are either insufficient against such new privacy attacks (e.g., anonymization and privacy notices) or preventing reasonable data usage (e.g., data encryption and data deletion). The need for a secure and privacy-preserving solution to allowing people to learn information as it was intended and stopping people from learning information in ways it was not has motivated my research.;My research attempts to provide a systematic view and an in-depth understanding of the security and privacy issues in data-intensive applications, and design practical, secure, and privacy-preserving protocols for performing tasks widely used in big data analytics. Specifically, my research is focused on formalizing and addressing security and privacy problems with emphasis on the following domains: (1) mobile health (mHealth), which uses emerging mobile telecommunication and network technologies to deliver healthcare services such as remote health monitoring, remote data collection, and diagnostic and patient-group support; (2) smart grid, which is a modernized power grid that uses information and communication technologies to improve the efficiency, reliability, economics, and sustainability of power systems, (3) mobile cloud computing, which enables resource-constrained mobile devices to utilize computational resources of varied cloud-based resources such as proximate mobile computing entities, and (4) mobile crowdsourcing, which utilizes the advanced sensing, computing, and communication capabilities of mobile devices to provide crowdsourcing services. These applications generate massive datasets, i.e., medical, metering, or mobile data, respectively. A major challenge throughout these applications is to design secure and privacy-preserving mechanisms that can handle the volume, velocity, and variety of the involved data. To address this challenge, my research approach is first to identify the data analysis goals in these applications, then to rigorously model and analyze the security and privacy issues, and finally, to devise solutions that achieve the data analysis goals with rigorous and provable security and privacy guarantees. Throughout my projects, I integrate computational, information-theoretic, and cryptographic techniques to construct simple, efficient, and practical solutions. |
