Xiaoliang Wang,Liang Bai,Qing Yang,Liu Wang,Frank Jiang

DOI: https://doi.org/10.1016/j.jisa.2019.04.010

IF: 4.96

2019-01-01

Journal of Information Security and Applications

Abstract:With the development of wireless sensor network and internet, ubiquitous eHealth care systems are booming. However, a great deal of data computing and storage processing restrict the scalability of ubiquitous eHealth. As a solution, cloud-based eHealth is coming up. However, using cloud-computing model often causes some privacy concerns. Massive medical data in eHealth system contain numerous sensitive information and electronic health records of users. Meanwhile, if data encryption is adopted to protect privacy, cloud center cannot process data. To solve this problem, a scheme based on fully homomorphism conception for privacy protection and data processing of eHealth is proposed in this paper. Our scheme not only meets the aforementioned dual requirements but also limit the arbitrary actions of patients and doctors.

Ji-Jiang Yang,Jian-Qiang Li,Yu Niu

DOI: https://doi.org/10.1016/j.future.2014.06.004

IF: 7.307

2014-01-01

Future Generation Computer Systems

Abstract:Storing and sharing of medical data in the cloud environment, where computing resources including storage is provided by a third party service provider, raise serious concern of individual privacy for the adoption of cloud computing technologies. Existing privacy protection researches can be classified into three categories, i.e., privacy by policy, privacy by statistics, and privacy by cryptography. However, the privacy concerns and data utilization requirements on different parts of the medical data may be quite different. The solution for medical dataset sharing in the cloud should support multiple data accessing paradigms with different privacy strengths. The statistics or cryptography technology alone cannot enforce the multiple privacy demands, which blocks their application in the real-world cloud. This paper proposes a practical solution for privacy preserving medical record sharing for cloud computing. Based on the classification of the attributes of medical records, we use vertical partition of medical dataset to achieve the consideration of different parts of medical data with different privacy concerns. It mainly includes four components, i.e., (1) vertical data partition for medical data publishing, (2) data merging for medical dataset accessing, (3) integrity checking, and (4) hybrid search across plaintext and ciphertext, where the statistical analysis and cryptography are innovatively combined together to provide multiple paradigms of balance between medical data utilization and privacy protection. A prototype system for the large scale medical data access and sharing is implemented. Extensive experiments show the effectiveness of our proposed solution.

Xin Kang,Zhuo Ma,Yang Liu,Teng Li,Zuobing Ying,Bingsheng Zhang

DOI: https://doi.org/10.1109/tmc.2024.3403664

IF: 6.075

2024-01-01

IEEE Transactions on Mobile Computing

Abstract:Facing the global threat of endemic diseases, utilizing edge computing for exposure detection enables efficient monitoring of the dynamic distribution of infected patient groups across regions, enhancing the management and control of these diseases. Employing the quantitative exposure detection of endemic diseases, regions seek to reconcile patient information collected through mobile devices, aiming to obtain statistical and analytical results based on the intersection of patient lists. In this paper, we propose a privacy-preserving scheme for the collaborative quantitative exposure detection of endemic diseases, which ensures each region to only learn the statistical results, without any information about other regions' datasets. Our scheme is fundamentally achieved through Circuit-based Private Set Intersection (Circuit-PSI) that can compute functions over the set intersection without disclosing the intersection itself. However, the state-of-the-art solution involves a laborious process in which one party iteratively compares its elements with those of others, which leads to a significantly high communication complexity. Therefore, we introduce a novel multi-party protocol that can diminish the communication overhead of circuit-PSI through a skillful decoupling of the comparison complexity from the number of parties. To achieve this, we design a multiparty oblivious encoding scheme, which can prevent any party from inferring any private info through the encoded data. By filtering out the repeated elements, the comparison complexity is independent of the number of parties. Furthermore, to address scenarios involving patient information with additional attributes, we extend our protocol to include payloads by developing a lightweight multiparty data mapping algorithm. Our extensive experiments show that compared to prior works, our protocol achieves a substantial reduction in communication overhead by 6.4×, and runs 1.2× faster in the LAN setting and 3.1× in the WAN setting.

Jie Xu,Zhenxing Xu,Peter Walker,Fei Wang

DOI: https://doi.org/10.1609/aaai.v34i04.6121

2020-01-01

Proceedings of the AAAI Conference on Artificial Intelligence

Abstract:Privacy concerns on sharing sensitive data across institutions are particularly paramount for the medical domain, which hinders the research and development of many applications, such as cohort construction for cross-institution observational studies and disease surveillance. Not only that, the large volume and heterogeneity of the patient data pose great challenges for retrieval and analysis. To address these challenges, in this paper, we propose a Federated Patient Hashing (FPH) framework, which collaboratively trains a retrieval model stored in a shared memory while keeping all the patient-level information in local institutions. Specifically, the objective function is constructed by minimization of a similarity preserving loss and a heterogeneity digging loss, which preserves both inter-data and intra-data relationships. Then, by leveraging the concept of Bregman divergence, we implement optimization in a federated manner in both centralized and decentralized learning settings, without accessing the raw training data across institutions. In addition to this, we also analyze the convergence rate of the FPH framework. Extensive experiments on real-world clinical data set from critical care are provided to demonstrate the effectiveness of the proposed method on similar patient matching across institutions.

Lianyong Qi,Chunhua Hu,Xuyun Zhang,Mohammad R. Khosravi,Suraj Sharma,Shaoning Pang,Tian Wang

DOI: https://doi.org/10.1109/tii.2020.3012157

IF: 12.3

2021-06-01

IEEE Transactions on Industrial Informatics

Abstract:As one of the cyber–physical–social systems that plays a key role in people's daily activities, a smart city is producing a considerable amount of industrial data associated with transportation, healthcare, business, social activities, and so on. Effectively and efficiently fusing and mining such data from multiple sources can contribute much to the development and improvements of various smart city applications. However, the industrial data collected from the smart city are often sensitive and contain partial user privacy such as spatial–temporal context information. Therefore, it is becoming a necessity to secure user privacy hidden in the smart city data before these data are integrated together for further mining, analyses, and prediction. However, due to the inherent tradeoff between data privacy and data availability, it is often a challenging task to protect users' context privacy while guaranteeing accurate data analysis and prediction results after data fusion. Considering this challenge, a novel privacy-aware data fusion and prediction approach for the smart city industrial environment is put forward in this article, which is based on the classic locality-sensitive hashing technique. At last, our proposal is evaluated by a set of experiments based on a real-world dataset. Experimental results show better prediction performances of our approach compared to other competitive ones.

automation & control systems,computer science, interdisciplinary applications,engineering, industrial

Haleh Hayati,Nathan van de Wouw,Carlos Murguia

2024-08-10

Abstract:Cloud computing enables users to process and store data remotely on high-performance computers and servers by sharing data over the Internet. However, transferring data to clouds causes unavoidable privacy concerns. Here, we present a synthesis framework to design coding mechanisms that allow sharing and processing data in a privacy-preserving manner without sacrificing data utility and algorithmic performance. We consider the setup where the user aims to run an algorithm in the cloud using private data. The cloud then returns some data utility back to the user (utility refers to the service that the algorithm provides, e.g., classification, prediction, AI models, etc.). To avoid privacy concerns, the proposed scheme provides tools to co-design: 1) coding mechanisms to distort the original data and guarantee a prescribed differential privacy level; 2) an equivalent-but-different algorithm (referred here to as the target algorithm) that runs on distorted data and produces distorted utility; and 3) a decoding function that extracts the true utility from the distorted one with a negligible error. Then, instead of sharing the original data and algorithm with the cloud, only the distorted data and target algorithm are disclosed, thereby avoiding privacy concerns. The proposed scheme is built on the synergy of differential privacy and system immersion tools from control theory. The key underlying idea is to design a higher-dimensional target algorithm that embeds all trajectories of the original algorithm and works on randomly encoded data to produce randomly encoded utility. We show that the proposed scheme can be designed to offer any level of differential privacy without degrading the algorithm's utility. We present two use cases to illustrate the performance of the developed tools: privacy in optimization/learning algorithms and a nonlinear networked control system.

Cryptography and Security

Ashutosh Kumar Singh,Rishabh Gupta

DOI: https://doi.org/10.1007/s11042-021-11751-w

IF: 2.577

2022-04-18

Multimedia Tools and Applications

Abstract:A large amount of data and applications need to be shared with various parties and stakeholders in the cloud environment for storage, computation, and data utilization. Since a third party operates the cloud platform, owners cannot fully trust this environment. However, it has become a challenge to ensure privacy preservation when sharing data effectively among different parties. This paper proposes a novel model that partitions data into sensitive and non-sensitive parts, injects the noise into sensitive data, and performs classification tasks using k-anonymization, differential privacy, and machine learning approaches. It allows multiple owners to share their data in the cloud environment for various purposes. The model specifies communication protocol among involved multiple untrusted parties to process owners’ data. The proposed model preserves actual data by providing a robust mechanism. The experiments are performed over Heart Disease, Arrhythmia, Hepatitis, Indian-liver-patient, and Framingham datasets for Support Vector Machine, K-Nearest Neighbor, Random Forest, Naive Bayes, and Artificial Neural Network classifiers to compute the efficiency in terms of accuracy, precision, recall, and F1-score of the proposed model. The achieved results provide high accuracy, precision, recall, and F1-score up to 93.75%, 94.11%, 100%, and 87.99% and improvement up to 16%, 29%, 12%, and 11%, respectively, compared to previous works.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

Heng Pan,Yaoyao Zhang,Xueming Si,Zhongyuan Yao,Liang Zhao

DOI: https://doi.org/10.3390/sym14122479

2022-01-01

Symmetry

Abstract:The Internet of Things (IoT) and cloud technologies have significantly facilitated healthcare. In such a context, medical data are collected by the terminals from the patients, manipulated, and stored on the cloud by hospitals (doctors). This brings asymmetry problems in medical data access control, processing, and storage between doctors and patients, which results in medical data sharing face many challenges such as privacy leakage and malicious feedback from cloud servers on queries. To solve these asymmetry problems, this paper proposes a medical data sharing scheme with cloud-chain cooperation and policy fusion in the IoT. Regarding asymmetrical access control rights, a conflict resolution and fusion algorithm that enables co-authorization of medical data by the doctor and the patient is introduced. To balance the symmetry of medical data storage and processing, a cloud-chain cooperation ciphertext retrieval method is proposed by means of two-stage joint searching from cloud servers and the blockchain, which can not only detect malicious medical data feedback from cloud servers, but also improve the data search efficiency. The security analysis showed that this scheme satisfies the confidentiality and verifiability of the retrieved information, and the feasibility of the proposed scheme was demonstrated through experiments.

Fang Liu,Dong Wang,Tian Yan

DOI: https://doi.org/10.48550/arXiv.2106.10339

2022-09-14

Abstract:A considerable amount of various types of data have been collected during the COVID-19 pandemic, the analysis and interpretation of which have been indispensable for curbing the spread of the disease. As the pandemic moves to an endemic state, the data collected during the pandemic will continue to be rich sources for further studying and understanding the impacts of the pandemic on various aspects of our society. On the other hand, naïve release and sharing of the information can be associated with serious privacy concerns. In this study, we use three common but distinct data types collected during the pandemic (case surveillance tabular data, case location data, and contact tracing networks) to illustrate the publication and sharing of granular information and individual-level pandemic data in a privacy-preserving manner. We leverage and build upon the concept of differential privacy to generate and release privacy-preserving data for each data type. We investigate the inferential utility of privacy-preserving information through simulation studies at different levels of privacy guarantees and demonstrate the approaches in real-life data. All the approaches employed in the study are straightforward to apply. Our study generates statistical evidence on the practical feasibility of sharing pandemic data with privacy guarantees and on how to balance the statistical utility of released information during this process.

Cryptography and Security,Computers and Society

Han Qiu,Meikang Qiu,Meiqin Liu,Gerard Memmi

DOI: https://doi.org/10.48550/arXiv.1904.08270

2019-04-17

Cryptography and Security

Abstract:The recent spades of cyber security attacks have compromised end users' data safety and privacy in Medical Cyber-Physical Systems (MCPS). Traditional standard encryption algorithms for data protection are designed based on a viewpoint of system architecture rather than a viewpoint of end users. As such encryption algorithms are transferring the protection on the data to the protection on the keys, data safety and privacy will be compromised once the key is exposed. In this paper, we propose a secure data storage and sharing method consisted by a selective encryption algorithm combined with fragmentation and dispersion to protect the data safety and privacy even when both transmission media (e.g. cloud servers) and keys are compromised. This method is based on a user-centric design that protects the data on a trusted device such as end user's smartphone and lets the end user to control the access for data sharing. We also evaluate the performance of the algorithm on a smartphone platform to prove the efficiency.

Xin Wang,Jianping He,Peng Cheng,Jiming Chen

DOI: https://doi.org/10.1109/tsp.2018.2880722

IF: 4.875

2019-01-01

IEEE Transactions on Signal Processing

Abstract:Collaborative computing uses multiple data servers to jointly complete data analysis, e.g., statistical analysis and inference. One major obstruction for it lies in privacy concern, which is directly associated with nodes' participation and the fidelity of received data. Existing privacy-preserving paradigms for cloud computing and distributed data aggregation only provide nodes with homogeneous privacy protection without consideration of nodes' diverse trust degrees to different data servers. We propose a two-phase framework that computes the average value while preserving heterogeneous privacy for nodes' private data. The new challenge is that in the premise of meeting privacy requirements, we should guarantee the proposed framework has the same computation accuracy with existing privacy-aware solutions. In this paper, nodes obtain heterogeneous privacy protection in the face of different data servers through one-shot noise perturbation. Based on the definition of KL privacy, we derive the analytical expressions of the privacy preserving degrees (PPDs) and quantify the relation between different PPDs. Then, we obtain the closed-form expression of computation accuracy. Furthermore, an efficient incentive mechanism is proposed to achieve optimized computation accuracy when data servers have fixed budgets. Finally, extensive simulations are conducted to verify the obtained theoretical results.

Zhitao Guan,Zefang Lv,Xiaojiang Du,Longfei Wu,Mohsen Guizani

DOI: https://doi.org/10.1016/j.future.2019.01.058

IF: 7.307

2019-09-01

Future Generation Computer Systems

Abstract:The emergence and rapid development of the Internet of Medical Things (IoMT), an application of the Internet of Things into the medical and healthcare systems, have brought many changes and challenges to modern medical and healthcare systems. Particularly, machine learning technology can be used to process the data involved in IoMT for medical analysis and disease diagnosis. However, in this process, the disclosure of personal privacy information must receive considerable attentions especially for sensitive medical data. Cluster analysis is an important technique for medical analysis and disease diagnosis. To enable privacy-preserving cluster analysis in IoMT, this paper proposed an Efficient Differentially Private Data Clustering scheme (EDPDCS) based on MapReduce framework. In EDPDCS, we optimize the allocation of privacy budgets and the selection of initial centroids to improve the accuracy of differentially private K-means clustering algorithm. Specifically, the number of iterations of the K-means algorithm is set to a fixed value according to the total privacy budget and the minimal privacy budget of each iteration. In addition, an improved initial centroids selection method is proposed to increase the accuracy and efficiency of the clustering algorithm. Finally, we prove that the proposed EDPDCS can improve the accuracy of the differentially private k-means algorithm by comparing the Normalized Intra-Cluster Variance (NICV) produced by our algorithm on two datasets with two other algorithms.

Qian Chen,Yiqiang Chen,Xinlong Jiang,Teng Zhang,Weiwei Dai,Wuliang Huang,Bingjie Yan,Zhen Yan,Wang Lu,Bo Ye

DOI: https://doi.org/10.1109/tkde.2024.3430819

IF: 9.235

2024-01-01

IEEE Transactions on Knowledge and Data Engineering

Abstract:Model fusion is becoming a crucial component in the context of model-as-a-service scenarios, enabling the delivery of high-quality model services to local users. However, this approach introduces privacy risks and imposes certain limitations on its applications. Ensuring secure model exchange and knowledge fusion among users becomes a significant challenge in this setting. To tackle this issue, we propose PrivFusion, a novel architecture that preserves privacy while facilitating model fusion under the constraints of local differential privacy. PrivFusion leverages a graph-based structure, enabling the fusion of models from multiple parties without additional training. By employing randomized mechanisms, PrivFusion ensures privacy guarantees throughout the fusion process. To enhance model privacy, our approach incorporates a hybrid local differentially private mechanism and decentralized federated graph matching, effectively protecting both activation values and weights. Additionally, we introduce a perturbation filter adapter to alleviate the impact of randomized noise, thereby recovering the utility of the fused model. Through extensive experiments conducted on diverse image datasets and real-world healthcare applications, we provide empirical evidence showcasing the effectiveness of PrivFusion in maintaining model performance while preserving privacy. Our contributions offer valuable insights and practical solutions for secure and collaborative data analysis within the domain of privacy-preserving model fusion.

Wenjuan Tang,Kuan Zhang,Ju Ren,Yaoxue Zhang,Xuemin (Sherman) Shen

DOI: https://doi.org/10.1109/glocom.2017.8254989

2017-01-01

Abstract:With the advancements of electronic medical equipment, e-healthcare system becomes a promising paradigm to continuously monitor health conditions and remotely diagnose phenomena. Meanwhile, it generates a large volume of health data and poses several security challenges, such as access control and privacy leakage. In this paper, we propose a lightweight and privacy- preserving fog-assisted information sharing scheme (PFHD) for health big data. Specifically, we integrate fog computing into e-healthcare system to pre-process the raw health data and improve the efficiency of health data analysis. Furthermore, to prevent privacy leakage, we design a hierarchical attribute-based encryption method by encrypting the profile and health data with different access policies. In addition, we reduce the computation cost on devices by offloading health data encryption from devices to fog servers. Security discussions show that PFHD can achieve fine- grained health data sharing with privacy preservation. Performance evaluations demonstrate the efficiency of PFHD, especially in terms of encryption computation and storage costs.

Shenqing Wang,Chunpeng Ge,Lu Zhou,Huaqun Wang,Zhe Liu,Jian Wang

DOI: https://doi.org/10.1109/tsc.2022.3144265

IF: 11.019

2022-01-01

IEEE Transactions on Services Computing

Abstract:Internet of Things (IoT) is increasingly being used in real life, especially in the eHealthcare field. Among eHealthcare, the application of predicting patients’ health status based on their daily activity data which is collected by IoT equipment has attracted extensive attentions and researches. In this application, patients’ data which are treated as time-series data are transmitted to healthcare center (HC), then HC makes predictions based on an established classification model. However, making predictions using classification models requires a lot of computing resources, while HC usually cannot afford such numerous calculations. The use of the cloud solves the problem of insufficient computing resources, but it causes another problem, namely the leakage of user privacy. In particular, not only patients’ data leak patients’ privacy information, the classification model also causes the privacy disclosure of patients and HC. Therefore, we propose a method to store patients’ data and classification model in multiple clouds respectively. According to the method, we design a new system model and propose an algorithm which can protect patients’ data and classification model from leakage and offload calculation to multiple clouds. Our algorithm can better protect privacy of patients and HC in more complex classification scene, and can effectively reduce the computational cost of the healthcare center.

computer science, information systems, software engineering

Wenjuan Tang,Ju Ren,Kuan Zhang,Deyu Zhang,Yaoxue Zhang,Xuemin (Sherman) Shen

DOI: https://doi.org/10.1145/3341104

IF: 5

2019-01-01

ACM Transactions on Intelligent Systems and Technology

Abstract:Pervasive data collected from e-healthcare devices possess significant medical value through data sharing with professional healthcare service providers. However, health data sharing poses several security issues, such as access control and privacy leakage, as well as faces critical challenges to obtain efficient data analysis and services. In this article, we propose an efficient and privacy-preserving fog-assisted health data sharing (PFHDS) scheme for e-healthcare systems. Specifically, we integrate the fog node to classify the shared data into different categories according to disease risks for efficient health data analysis. Meanwhile, we design an enhanced attribute-based encryption method through combination of a personal access policy on patients and a professional access policy on the fog node for effective medical service provision. Furthermore, we achieve significant encryption consumption reduction for patients by offloading a portion of the computation and storage burden from patients to the fog node. Security discussions show that PFHDS realizes data confidentiality and fine-grained access control with collusion resistance. Performance evaluations demonstrate cost-efficient encryption computation, storage and energy consumption.

Hafiz Asif,Periklis A Papakonstantinou,Stephanie Shiau,Vivek Singh,Jaideep Vaidya

DOI: https://doi.org/10.1109/mis.2022.3145691

Abstract:Intelligently responding to a pandemic like Covid-19 requires sophisticated models over accurate real-time data, which is typically lacking at the start, e.g., due to deficient population testing. In such times, crowdsensing of spatially tagged disease-related symptoms provides an alternative way of acquiring real-time insights about the pandemic. Existing crowdsensing systems aggregate and release data for pre-fixed regions, e.g., counties. However, the insights obtained from such aggregates do not provide useful information about smaller regions - e.g., neighborhoods where outbreaks typically occur - and the aggregate-and-release method is vulnerable to privacy attacks. Therefore, we propose a novel differentially private method to obtain accurate insights from crowdsensed data for any number of regions specified by the users (e.g., researchers and a policy makers) without compromising privacy of the data contributors. Our approach, which has been implemented and deployed, informs the development of the future privacy-preserving intelligent systems for longitudinal and spatial data analytics.

Mina Sheikhalishahi,Andrea Saracino,Fabio Martinelli,Antonio La Marra

DOI: https://doi.org/10.1007/s10207-021-00542-x

2021-03-06

International Journal of Information Security

Abstract:In this paper, we present a framework for privacy preserving collaborative data analysis among multiple data providers acting as edge of a cloud environment. The proposed framework computes the best trade-off among privacy and result accuracy, based on the privacy requirements of data providers and the specific requested analysis algorithm. Though the presented model is general and can be applied to different environments, this work is motivated by the need of sharing information related to Cyber Threats (CTI). The presented framework is independent from the number of data providers, used data format, privacy requirement and analysis operations. The model is based on the concepts of trade-off score between accuracy and privacy, which also considers measures for privacy requirement such as differential privacy, <i>l</i>-diversity and <i>k</i>-anonymity. Together with the model, the paper discusses the framework implementation and presents results to show the effectiveness and viability of the proposed approach.

computer science, information systems, theory & methods, software engineering

Chang Xu,Ningning Wang,Liehuang Zhu,Kashif Sharif,Chuan Zhang

DOI: https://doi.org/10.1109/jiot.2019.2917186

IF: 10.6

2019-01-01

IEEE Internet of Things Journal

Abstract:The integration of wearable wireless devices and cloud computing in e-health systems has significantly improved their effectiveness and availability. Patients can upload their personal health information (PHI) files to the cloud, from where the health service providers (HSPs) can obtain appropriate information to determine the health state. This system not only reduces the costs associated to healthcare but also provides timely diagnosis to save lives. However, a number of privacy concerns arise while sharing sensitive information. In this paper, we propose a novel privacy-preserving patient health information sharing scheme, which allows HSPs to access and search PHI files in a secure yet efficient manner. We make use of the searchable encryption technique with keyword range search and multikey-word search. The proposed privacy-preserving equality test protocol allows different types of numeric comparison searches on encrypted data. We also use a variant of bloom filter and message authentication code to classify PHI files, filter false data, and check integrity of search results. The simulations on real-world and synthetic data show the feasibility and efficiency of the system, and security analysis proves the privacy-preservation properties.

Yulong Wang,Xingshu Chen,Qixu Wang

DOI: https://doi.org/10.48550/arXiv.2212.06428

2022-12-13

Abstract:Cloud-edge collaborative inference approach splits deep neural networks (DNNs) into two parts that run collaboratively on resource-constrained edge devices and cloud servers, aiming at minimizing inference latency and protecting data privacy. However, even if the raw input data from edge devices is not directly exposed to the cloud, state-of-the-art attacks targeting collaborative inference are still able to reconstruct the raw private data from the intermediate outputs of the exposed local models, introducing serious privacy risks. In this paper, a secure privacy inference framework for cloud-edge collaboration is proposed, termed CIS, which supports adaptively partitioning the network according to the dynamically changing network bandwidth and fully releases the computational power of edge devices. To mitigate the influence introduced by private perturbation, CIS provides a way to achieve differential privacy protection by adding refined noise to the intermediate layer feature maps offloaded to the cloud. Meanwhile, with a given total privacy budget, the budget is reasonably allocated by the size of the feature graph rank generated by different convolution filters, which makes the inference in the cloud robust to the perturbed data, thus effectively trade-off the conflicting problem between privacy and availability. Finally, we construct a real cloud-edge collaborative inference computing scenario to verify the effectiveness of inference latency and model partitioning on resource-constrained edge devices. Furthermore, the state-of-the-art cloud-edge collaborative reconstruction attack is used to evaluate the practical availability of the end-to-end privacy protection mechanism provided by CIS.

Cryptography and Security