Abstract
This research presents an experimental model and prototype to exploit digital evidence in Internet of Things (IoT). The novelty of this research is to consider new data privacy mechanisms that should be implemented in IoT, in compliance with the GDPR regulation, and their impact on digital forensic processes. The testbed is an innovative project for car navigation [1, 2], GDPR compatible, which offers users the possibility to submit their GPS position into a blockchain for obtaining road traffic information and alternative paths. The vehicles are communicating among themselves through IoTs and circumvent the use of third-party services. We propose a solution for forensic investigations of such a service by building a solid case thanks to the non-repudiable, immutable, identifiable as current and authentic properties of data logged into the blockchain. This solution applies to criminal and insurance cases, where law enforcement and individuals need to prove their claims.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Decoster, K., Billard, D. (eds.): HACIT: a privacy preserving and low cost solution for dynamic navigation and forensics in VANET. In: 2018 4th International Conference on Vehicle Technology and Intelligent Transport Systems (VEHITS) (2018)
Kevin, D., David, B.: HACIT2: a privacy preserving, region based and blockchain application for dynamic navigation and forensics in VANET. In: Zheng, J., Xiang, W., Lorenz, P., Mao, S., Yan, F. (eds.) ADHOCNETS 2018. LNICST, vol. 258, pp. 225–236. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-05888-3_21
Gartner: Leading the IoT e-Book. https://www.gartner.com/en/publications/iot-business. Accessed 31 Oct 2018
Rioche, J.: L’enjeu de la sécurité des objets connectés, I2D – Inf. Données Doc., vol. 54, no. 3, pp. 64–65, October 2017
Reporting and Analysis Centre for Information Assurance (MELANI): Data leaks, crimeware and attacks on industrial control systems – topics in the MELANI semi-annual report. https://www.melani.admin.ch/. Accessed 31 Oct 2018
The DDoS Attack Against Dyn One Year Later. https://www.forbes.com/sites/davelewis/2017/10/23/the-ddos-attackagainst-dyn-one-year-later/#44f2b8311ae9. Accessed 31 Oct 2018
C. for D. and R. Health: Safety Communications - Firmware Update to Address Cybersecurity Vulnerabilities Identified in Abbott’s (formerly St. Jude Medical’s) Implantable Cardiac Pacemakers: FDA Safety Communication, 29 August 2017
Beresford, A.R., Stajano, F.: Mix zones: user privacy in location-aware services. In: 2004 Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops, pp. 127–131 (2004)
P.O. of the E. Union: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Text with EEA relevance), 27 April 2016
Guegan, D.: The Digital World: II – Alternatives to the Bitcoin Blockchain?, June 2018
IBM: IBM Blockchain Platform (2017). https://ibm-blockchain.github.io/develop/. Accessed 04 Oct 2018
Linux Foundation: HyperLedger Fabric docs (2016). https://hyperledger-fabric.readthedocs.io/en/release/. Accessed 26 Sept 2018
Hyperledger-fabric: Membership Service Providers (MSP)—hyperledger-fabricdocs master documentation (2018).. https://hyperledger-fabric.readthedocs.io/en/release-1.3/msp.html. Accessed 31 Oct 2018
Hyperledger-fabric: Chaincode tutorials - hyperledger-fabricdocs master documentation (2018). https://hyperledger-fabric.readthedocs.io/en/release-1.3/chaincode.html. Accessed 31 Oct 2018
OpenStreetMap: OpenStreetMap (2018). https://www.openstreetmap.org/. [Accessed: 31-Oct-2018]
GraphHopper: GraphHopper Directions API with Route Optimization,” GraphHopper Directions API (2018). https://www.graphhopper.com/. Accessed 31 Oct 2018
OsmAnd: OsmAnd - Offline Mobile Maps and Navigation (2018). https://osmand.net/. Accessed 31 Oct 2018
On the effectiveness of an opportunistic traffic management system for vehicular networks. IEEE J. Mag. https://ieeexplore.ieee.org/document/5970119. Accessed 15 Nov 2018
Garip, M.T., Gursoy, M.E., Reiher, P., Gerla, M.: Scalable reactive vehicle-to-vehicle congestion avoidance mechanism. In: 2015 12th Annual IEEE Consumer Communications and Networking Conference (CCNC), pp. 943–948 (2015)
Wang, L., Liu, G., Sun, L.: A secure and privacy-preserving navigation scheme using spatial crowdsourcing in fog based VANETs. Sensors 17(4), 668 (2017)
Raya, M., Hubaux, J.-P.: Securing vehicular ad hoc networks. J. Comput. Secur. 15(1), 39–68 (2007)
Sharma, P.K., Moon, S.Y., Park, J.H.: Block-VN: a distributed blockchain based vehicular network architecture in smart city. J. Inf. Process. Syst. 13(1), 184–195 (2017)
Leiding, B., Memarmoshrefi, B., Hogrefe, D.: Self-managed and blockchain-based vehicular ad-hoc networks. In: Proceedings of the 2016 ACM International Joint Conference on Pervasive and Ubiquitous Computing: Adjunct, New York, NY, USA, pp. 137–140 (2016)
Aronson, J.D.: DNA fingerprinting on trial: the dramatic early history of a new forensic technique. Endeavour 29(3), 126–131 (2005)
Stoney, D.A., Stoney, P.L.: Critical review of forensic trace evidence analysis and the need for a new approach. Forensic Sci. Int. 251, 159–170 (2015)
Bahsoun, J., Guerraoui, R., Shoker, A.: Making BFT protocols really adaptive. In: 2015 IEEE International Parallel and Distributed Processing Symposium, pp. 904–913 (2015)
Zheng, Z., Xie, S., Dai, H.N., Chen, X., Wang, H.: Blockchain challenges and opportunities: a survey. Int. J. Web Grid Serv. 14(4), 352 (2018)
CC 235.1 Federal Act of 19 June 1992 on Data Protection (FADP), 19 June 1992. https://www.admin.ch/opc/en/classifiedcompilation/19920153/index.html. Accessed 31 Oct 2018
Hafsi, S.: L’exploitation des traces dans les accidents de la circulation. University of Lausanne, Lausanne (2011)
RS 221.229.1 Loi fédérale du 2 avril 1908 sur le contrat d’assurance (Loi sur le contrat d’assurance, LCA), 02 April 1908. https://www.admin.ch/opc/fr/classifiedcompilation/19080008/index.html. Accessed 31 Oct 2018
Hern, A.: Google ‘betrays patient trust’ with DeepMind Health move, The Guardian, 14 November 2018
ASA: Versements évités de 24 millions de francs d’indemnités injustifiés, ASA (2018). https://www.svv.ch/fr/newsroom/versements-evites-de-24-millions-de-francs-dindemnites-injustifies. Accessed 31 Oct 2018
Gershgorn, D.: A life insurance giant is asking customers to wear health trackers,” Quartz. https://qz.com/1396035/lifeinsurance-giant-john-hancock-is-asking-customers-to-wear-healthtrackers/. Accessed 31 Oct 2018
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Billard, D., Bartolomei, B. (2019). Digital Forensics and Privacy-by-Design: Example in a Blockchain-Based Dynamic Navigation System. In: Naldi, M., Italiano, G., Rannenberg, K., Medina, M., Bourka, A. (eds) Privacy Technologies and Policy. APF 2019. Lecture Notes in Computer Science(), vol 11498. Springer, Cham. https://doi.org/10.1007/978-3-030-21752-5_10
Download citation
DOI: https://doi.org/10.1007/978-3-030-21752-5_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-21751-8
Online ISBN: 978-3-030-21752-5
eBook Packages: Computer ScienceComputer Science (R0)