View All Documents & Correspondence
A Computer Implemented System And Method For Secure And Private Data Transmission
Abstract: In accordance with an aspect of the present disclosure, a computer implemented system and method for secure and private data transmission. The system is connected with at least one sensor which senses physical world data and generates time series data. The sensors transmit the time series data to a server connected via a network. The server include functionality modules for processing and analyzing the time series data for purpose of determining sensitivity of contents in the segments of the time series data received. Based on the sensitivity of the contents sever includes an encryption module which encrypts the time series data based on the level of sensitivity and transmits the data through either a plurality of first secure channels with low overhead or a plurality of second secure channels. Fig.1
Notices, Deadlines & Correspondence
Patent Information
Applicants
TATA CONSULTANCY SERVICES LIMITED
Inventors
1. BANDYOPADHYAY, Soma
2. BHATTACHARYYA, Abhijan
3. UKIL, Arijit
4. PAL, Arpan
5. BOSE, Tulika
Specification
CLIAMS:1. A computer implemented system for secure and private data transmission, said system comprising:
at least one sensor configured to sense data and generate time series data divided into plurality of segments, wherein each of said sensors is adapted to cooperate with a transmitter configured to receive and transmit the time series data;
a central repository configured to store data therein;
a first transceiver configured to receive and transmit time series data to said central repository;
a server comprising:
a first repository configured to store pre-determined sets of processing rules;
a first processor configured to process data on the basis of said processing rules stored in said first repository and generate command signals;
a second transceiver adapted to receive command signals from said first processor for receiving and transmitting time series data to said central repository;
a receiver adapted to receive command signals from said first processor for receiving cutoff privacy score (Pmin) and threshold privacy score (Pst) from users;
a first determinator adapted to receive command signal from said first processor for receiving time series data from said second transceiver stored in said central repository and determining the sensitivity of contents of the time series data by examining each of the segments of the time series data;
a mensuration module configured to receive the time series data determined with the sensitivity of the contents of the segments thereof, and further configured to receive command signals from said first processor for marking said segments with privacy score (Ps);
a first comparator module adapted to receive the cutoff privacy score (Pmin) set by a user and the privacy score (Ps) received from the mensuration module for a specific time series data, said first comparator adapted to receive command signals from said first processor for comparing the scores to generate a first output and a second output of the time series data;
a third transceiver adapted to receive command signal from said first processor for receiving the first output of time series data corresponding to segments of time series data where the privacy score (Ps < Pmin) for transmission of these segments of time series data without encryption;
a fourth transceiver adapted to receive command signal from said first processor for receiving the second output of time series data corresponding to segments of time series data where the privacy score (Ps > Pmin) for transmission of these segments of the time series data with encryption; and
an encryption module adapted to receive command signal from said first processor for receiving the second output of the time series data from said fourth transceiver, said encryption module cooperating with said first determinator to receive the sensitivity of contents of said segments of the time series data.
2. The system as claimed in claim 1, wherein said encryption module comprises:
a second determinator configured to determine the privacy score (Ps) with respect to said threshold privacy score (Pst);
a fifth transceiver adapted to receive said time series data having privacy score (Ps) and satisfying the condition (Pst > Ps > Pmin);
a low overhead security module adapted to receive the time series data from said fifth transceiver, said low overhead security module configured to encrypt and transmit the time series data satisfying the condition (Pst > Ps > Pmin) via a plurality of first secure channels with low overhead;
at least one sixth transceiver adapted to receive said time series data having privacy score (Ps) satisfying the condition (Ps > Pst); and
a security module adapted to receive the time series data from said fifth transceiver, and further adapted to encrypt said time series data and transmit said time series data satisfying the condition (Ps > Pst) via a plurality of second secure channels, wherein said security module has said plurality of second secure channels to transmit said time series data received from said sixth transceiver is further differentiated on the basis of sensitivity of the content in the segments of the time series data.
3. The system as claimed in claim 1, wherein said first determinator comprises:
a kurtosis measurement module configured to identify peakedness in the segments of the time series data;
a filter mechanism adapted to receive the identified peakedness in the segments of the time series data said kurtosis measurement module, said filter mechanism filtering out the noise from the received time series data as well as remove false alarms in sensitivity detection; and
a quantification module cooperating with said a kurtosis measurement module and said filter mechanism, said quantification module configured to identify segments of the time series data with similar peakedness and determine frequency of the similar content in said segments along the time series data.
4. The system as claimed in claim 3, wherein said quantification module is configured to apply the processing rules of Shannon’s entropy for determining the information measure frequencies of the content in the segments of the time series data.
5. The system as claimed in claim 1, wherein said mensuration module further comprises a marking module configured to mark the privacy score (Ps) of segments of the time series data based on the determined frequency of the content.
6. The system as claimed in claim 1, wherein said low overhead security module has said plurality of first secure channels to transmit the time series data with low overhead received from said fifth transceiver is further differentiated on the basis of sensitivity of the content in the segments of the time series data.
7. The system as claimed in claim 1, wherein said low overhead security module configured to encrypt each of these segments of the time series received with sensitive contents received from said fifth transceiver by a first encryption technique and transmit the time series data by one of said plurality of first secure channels with low overhead.
8. The system as claimed in claim 1, wherein said security module configured to encrypt each of these segments of the time series received with sensitive contents received from said sixth transceiver by a second encryption technique and transmit the time series data by one of said plurality of second secure channels.
9. The system as claimed in claim 1, wherein said server further comprises an alert generating module adapted to receive command signal from said first processor for receiving the second output of time series data from said fourth transceiver to generate alert notifications in a format selected from a group consisting of an email, an audio alert, a video alert, a message and an sms.
10. The system as claimed in claim 1, wherein said central repository configured to store the time series data, privacy score (Ps), user provided cutoff privacy score (Pmin), at least one threshold privacy score (Pst), and encryption rules.
11. A computer implemented method for implementing a system for secure and private data transmission, said method comprising the following steps:
storing, data in a central repository;
sensing and generating, at each sensor, time series data divided into plurality of segments, and further transmitting the time series data from said sensor;
receiving, at a server, cutoff privacy score (Pmin) and threshold privacy score (Pst) from users;
receiving, at a server, time series data from said sensors, and transmitting the time series data to said central repository for the purpose of storing the time series data;
determining the sensitivity of the content of the time series data by examining each of the segments of the time series data;
marking, said segments with privacy score (Ps) in the time series data;
comparing the cutoff privacy score (Pmin) set by a user and the privacy score (Ps) received for a specific time series data;
generating a first output and a second output of the time series data based on the comparative results;
receiving, at a third transceiver of said server, the first output of time series data corresponding to segments of time series data where the privacy score (Ps < Pmin) for the purpose of data transmission, wherein these segments of time series data satisfying the condition (Ps < Pmin) are transmitted without encryption;
receiving, at a fourth transceiver of said server, the second output of time series data corresponding to segments of time series data where the privacy score (Ps > Pmin) for the purpose of data transmission, wherein these segments of the time series data satisfying the condition (Ps > Pmin) are transmitted with encryption;
receiving, at an encryption module of said server, the time series data satisfying the condition (Ps > Pmin) and determining the privacy score (Ps) with respect to said threshold privacy score (Pst);
determining said time series data having privacy score (Ps) and satisfying the condition (Pst > Ps > Pmin);
encrypting and transmitting the time series data satisfying the condition (Pst > Ps > Pmin) via a plurality of first secure channels with low overhead;
determining said time series data having privacy score (Ps) satisfying the condition (Ps > Pst); and
encrypting and transmitting said time series data satisfying the condition (Ps > Pst) via a plurality of second secure channels, wherein differentiating said time series data satisfying the condition (Ps > Pst) on the basis of sensitivity of the content which is inversely proportional to the frequency of similar contents in the segments of the time series data.
12. The method as claimed in claim 11, wherein the step of determining the sensitivity of the content of the time series data by examining each of the segments of the time series data further comprises the following steps:
identifying peakedness in the segments of the time series data by applying processing rules of kurtosis;
filtering out the noise from the received time series data; and
identifying segments of the time series data with similar peakedness and determining frequency of the similar content in said segments along the time series data.
13. The method as claimed in claim 11, wherein the step of identifying segments of the time series data with similar peakedness further includes the step of applying the processing rules of Shannon’s entropy for determining the self-contained information of the segments of the time series data.
14. The method as claimed in claim 11, wherein the step of marking, said segments with privacy score (Ps) in the time series data further includes the step of marking the privacy score (Ps) of segments of the time series data based on the determined frequency of the content (entropy).
15. The method as claimed in claim 11, wherein the step of transmitting the time series data satisfying the condition (Pst > Ps > Pmin) further includes the step of differentiating the time series data on the basis of sensitivity of the content which is inversely proportional to the frequency of similar contents in the segments of the time series data.
16. The method as claimed in claim 11, wherein the step of receiving the second output of time series data corresponding to segments of time series data where the privacy score (Ps > Pmin) further includes the step of generating alert notifications in a format selected from a group consisting of an email, an audio alert, a video alert, a message and an sms.
17. The method as claimed in claim 11, wherein the step of storing data in a central repository, wherein data includes time series data, privacy score (Ps), user provided cutoff privacy score (Pmin), at least one threshold privacy score (Pst), and encryption rules. ,TagSPECI:FIELD OF DISCLOSURE
The present disclosure relates to data security.
DEFINITIONS OF TERMS USED IN THE DISCLOSURE
The expression ‘sensor’ used hereinafter in the disclosure refers to a device or an apparatus used to detect and respond to an analog signal. The sensor can sense and convert a physical parameter such as temperature, pressure, speed, humidity and the like, into a signal which can be measured electrically. The sensor may be a sound or vibration sensing device, a motion detector, a navigation instrument, an image sensor, a heat sensing device, an optical sensor, an infra-red sensor, an ultrasonic sensor, a microwave sensor, a passive sensor, an active sensor, a biometric device, a security surveillance device, an accelerometer, and a biosensor.
The expression ‘time series data’ used hereinafter in the disclosure refers to data samples collected after successive measurements specified by a given time interval.
The expression ‘sensitive content’ used hereinafter in the disclosure refers to but is not limited to an anomaly in a time series data.
The expression ‘network’ used hereinafter in the specification refers to but is not limited to a computer network, a communication network, a lease-line network, a telephone network, a Bluetooth network, a WiFi, a WiFi access point, a WiFi Hotspot, a wide area network (WAN), a local area network (LAN), a Metropolitan Area Network (MAN), a Near Field Communication (NFC) network, an Internet, a Wireless Local Area Network (WLAN), a cellular network and a combination thereof.
The expression ‘Constrained Application Protocol (CoAP)’ used hereinafter in the specification refers to but is not limited to a protocol controlling a computer system. The CoAP is an application layer protocol that is intended for use in resource-constrained internet enabled electronic devices such as sensors.
The expression ‘kurtosis’ us ed hereinafter in the specification refers to a measure of a ‘peakedness’ of the probability distribution of data. A kurtosis value indicates the shape description of data around the mean.
The expression ‘peakedness’ used hereinafter in the specification refers to but is not limited to a sharp peak and a sharp tail in statistical analysis data, wherein the statistical analysis used herein in the specification is kurtosis technique of data distribution.
The expression ‘Shannon’s entropy’ used herein after in the specification refers to density or repetitive occurrence of a sensitive content observed in the given time series data.
The expression ‘first secure channel with low overhead’ used hereinafter in the specification refers to a data transmission channel which can transmit data with low overhead, wherein data transmitted is encrypted using minimum amount of computing resources. Due to this the transmitted data remains lite and does not posit load on the first secure channel.
The expression ‘second secure channel’ used hereinafter in the specification refers to but is not limited to a data transmission channel which can transmit data with overhead or load, wherein data transmitted is encrypted using maximum amount of computing resources.
BACKGROUND
Emerging in high technology industries in today’s society, Internet of things (IoT) has attracted major research and development in the IT sector. This has accelerated industrial growth and transformation. IoT comprises different types of sensor for the purpose of sensing and gathering information corresponding to parameters related to the physical world. The important needs of IoT are ensuring security and preserving privacy of a user.
Sharing the sensor data collected from multiple sensor sources through untrusted third party sources, might lead to misuse of private data. Further, sharing of private data through untrusted third party sources may also lead to activation of unwanted services or applications and may compromise a user’s privacy in the hands of unauthorized persons. It has been observed that sensor data poses significant privacy breach risk as it private data corresponding to a user such as health information, location data, home energy consumption data, and the like. Therefore, preserving privacy of IoT systems is important. Further, securing of sensor data transmission needs to be lightweight owing to resource limitation of sensor devices and sensor gateways in terms of computation and communication capacity. Thus there exists a need to have a computer implemented system for having a secure and private data transmission with low overheads. Additionally, there is a need for a system and method to transmit sensitive data based on the information being transmitted.
OBJECTS
Some of the objects of the present disclosure aimed to ameliorate one or more problems of the prior art or to at least provide a useful alternative are listed herein below.
An object of the present disclosure is to provide a computer implemented system and method for private data transmission.
Another object of the present disclosure is to provide a computer implemented system and method for transmitting data having low overhead.
Another object of the present disclosure is to provide a computer implemented system and method for secure data transmission.
Another object of the present disclosure is to provide a system which is capable of transmitting secure data having low overhead on top of a Constraint Application Protocol (CoAP).
Another object of the present disclosure is to provide a system that can identify sensitive content within a given time series data.
Another object of the present disclosure is to provide a system that can encrypt sensitive content.
Another object of the present disclosure is to provide a system that can adapt encryption based on the derived sensitive content and privacy score.
Another object of the present disclosure is to provide a system which is able to transmit large data blocks securely.
Another object of the present disclosure is to provide a system that can be implemented on Internet of Things (IoT), particularly, uniquely identifiable embedded computing devices within an existing computer network.
Another object of the present disclosure is to provide a system that is capable of reducing communication cost.
Other objects and advantages of the present disclosure will be more apparent from the following description when read in conjunction with the accompanying figures, which are not intended to limit the scope of the present disclosure.
SUMMARY
In accordance with an aspect of the present disclosure, there is provided a computer implemented system for secure and private data transmission, the system comprising at least one sensor configured to sense data and generate time series data divided into plurality of segments, wherein each of the sensor is adapted to cooperate with a transmitter configured to receive and transmit the time series data, a central repository configured to store data therein, a first transceiver configured to receive and transmit time series data to the central repository, a server comprising a first repository configured to store pre-determined sets of processing rules, a first processor configured to process data on the basis of the processing rules stored in the first repository and generate command signals, a second transceiver adapted to receive command signals from the first processor for receiving and transmitting time series data to the central repository, a receiver adapted to receive command signals from the first processor for receiving cutoff privacy score (Pmin) and threshold privacy score (Pst) from users, a first determinator adapted to receive command signal from the first processor for receiving time series data from the second transceiver stored in the central repository and determining the sensitivity of contents of the time series data by examining each of the segments of the time series data, a mensuration module adapted to receive the time series data determined with the sensitivity of the contents of the segments thereof, further the mensuration module adapted to receive command signals from the first processor for marking the segments with privacy score (Ps), a mensuration module configured to receive the time series data determined with the sensitivity of the contents of the segments thereof, and further configured to receive command signals from the first processor for marking the segments with privacy score (Ps), a first comparator module adapted to receive the cutoff privacy score (Pmin) set by a user and the privacy score (Ps) received from the mensuration module for a specific time series data, the first comparator adapted to receive command signals from the first processor for comparing the scores to generate a first output and a second output of the time series data, a third transceiver adapted to receive command signal from the first processor for receiving the first output of time series data corresponding to segments of time series data where the privacy score (Ps < Pmin) for transmission of these segments of time series data without encryption, a fourth transceiver adapted to receive command signal from the first processor for receiving the second output of time series data corresponding to segments of time series data where the privacy score (Ps > Pmin) for transmission of these segments of the time series data with encryption, an encryption module adapted to receive command signal from the first processor for receiving the second output of the time series data from the fourth transceiver, the encryption module cooperating with the first determinator to receive the sensitivity of contents of the segments of the time series data.
Typically, the encryption module comprises a second determinator configured to determine the privacy score (Ps) with respect to at least one threshold privacy score (Pst), a fifth transceiver adapted to receive the time series data having privacy score (Ps) and satisfying the condition (Pst > Ps > Pmin), a low overhead security module adapted to receive the time series data from the fifth transceiver, the low overhead security module configured to encrypt and transmit the time series data satisfying the condition (Pst > Ps > Pmin) via a plurality of first secure channels with low overhead, at least one sixth transceiver adapted to receive the time series data having privacy score (Ps) satisfying the condition (Ps > Pst) and a security module adapted to receive the time series data from the fifth transceiver, and further adapted to encrypt the time series data and transmit the time series data satisfying the condition (Ps > Pst) via a plurality of second secure channels, wherein the security module has the plurality of second secure channels to transmit the time series data received from the sixth transceiver is further differentiated on the basis of sensitivity of the content in the segments of the time series data.
Typically, the first determinator comprises a kurtosis measurement module configured to identify peakedness in the segments of the time series data, a filter mechanism adapted to receive the identified peakedness in the segments of the time series data the kurtosis measurement module, the filter mechanism filtering out the noise from the received time series data as well as remove false alarms in sensitivity detection and a quantification module cooperating with the a kurtosis measurement module and the filter mechanism, the quantification module configured to identify segments of the time series data with similar peakedness and determine frequency of the similar content in the segments along the time series data.
Additionally, the quantification module is configured to apply the processing rules of Shannon’s entropy for determining the frequencies of the content in the segments of the time series data. Typically, the mensuration module further comprises a marking module configured to mark the privacy score (Ps) of segments of the time series data based on the determined frequency of the content. Also, the low overhead security module has the plurality of first secure channels to transmit the time series data with low overhead received from the fifth transceiver is further differentiated on the basis of sensitivity of the content in the segments of the time series data.
Typically, the low overhead security module configured to encrypt each of these segments of the time series received with sensitive contents received from the fifth transceiver by a first encryption technique and transmit the time series data by one of the plurality of first secure channels with low overhead. Additionally, the security module configured to encrypt each of these segments of the time series received with sensitive contents received from the sixth transceiver by a second encryption technique and transmit the time series data by one of the plurality of second secure channels. Also, the server further comprises an alert generating module adapted to receive command signal from the first processor for receiving the second output of time series data from the fourth transceiver to generate alert notifications in a format selected from a group consisting of an email, an audio alert, a video alert, a message and an sms.
Typically, the central repository configured to store the time series data, privacy score (Ps), user provided cutoff privacy score (Pmin), at least one threshold privacy score (Pst), and encryption rules.,
In accordance with an aspect of the present disclosure, there is provided a computer implemented method for implementing a system for secure and private data transmission, the method comprising storing, data in a central repository sensing and generating, at each sensor, time series data divided into plurality of segments, and further transmitting the time series data from the sensor, receiving, at a server, cutoff privacy score (Pmin) and threshold privacy score (Pst) from users, receiving, at a server, time series data from the sensors, and transmitting the time series data to the central repository for the purpose of storing the time series data, determining the sensitivity of the content of the time series data by examining each of the segments of the time series data, marking, the segments with privacy score (Ps) in the time series data, comparing the cutoff privacy score (Pmin) set by a user and the privacy score (Ps) received for a specific time series data, generating a first output and a second output of the time series data based on the comparative results, receiving, at a third transceiver of the server, the first output of time series data corresponding to segments of time series data where the privacy score (Ps < Pmin) for the purpose of data transmission, wherein these segments of time series data satisfying the condition (Ps < Pmin) are transmitted without encryption, receiving, at a fourth transceiver of the server, the second output of time series data corresponding to segments of time series data where the privacy score (Ps > Pmin) for the purpose of data transmission, wherein these segments of the time series data satisfying the condition (Ps > Pmin) are transmitted with encryption, receiving, at an encryption module of the server, the time series data satisfying the condition (Ps > Pmin) and determining the privacy score (Ps) with respect to at least one threshold privacy score (Pst), determining the time series data having privacy score (Ps) and satisfying the condition (Pst > Ps > Pmin), encrypting and transmitting the time series data satisfying the condition (Pst > Ps > Pmin) via a plurality of first secure channels with low overhead, determining the time series data having privacy score (Ps) satisfying the condition (Ps > Pst) and encrypting and transmitting the time series data satisfying the condition (Ps > Pst) via a plurality of second secure channels, wherein differentiating the time series data satisfying the condition (Ps > Pst) on the basis of sensitivity of the content which is inversely proportional to the frequency of similar contents in the segments of the time series data.
Typically, the step of determining the sensitivity of the content of the time series data by examining each of the segments of the time series data further comprises the steps of identifying peakedness in the segments of the time series data by applying processing rules of kurtosis, filtering out the noise from the received time series data and identifying segments of the time series data with similar peakedness and determining frequency of the similar content in the segments along the time series data.
Typically, the step of identifying segments of the time series data with similar peakedness further includes the step of applying the processing rules of Shannon’s entropy for determining the frequencies of the content of the segments of the time series data. Additionally, the step of marking, the segments with privacy score (Ps) in the time series data further includes the step of marking the privacy score (Ps) of segments of the time series data based on the determined frequency of the content. Also, the step of transmitting the time series data satisfying the condition (Pst > Ps > Pmin) further includes the step of differentiating the time series data on the basis of sensitivity of the content which is inversely proportional to the frequency of similar contents in the segments of the time series data.
Typically, the step of receiving the second output of time series data corresponding to segments of time series data where the privacy score (Ps > Pmin) further includes the step of generating alert notifications in a format selected from a group consisting of an email, an audio alert, a video alert, a message and an sms. Additionally, the step of storing data in a central repository, wherein data includes time series data, privacy score (Ps), user provided cutoff privacy score (Pmin), at least one threshold privacy score (Pst), and encryption rules.
BRIEF DESCRIPTION OF ACCOMPANYING DRAWINGS
The computer implemented system and method for secure and private data transmission of the present disclosure will now be described with the help of the accompanying drawings, in which:
FIGURE 1(a) and 1(b) illustrates a computer implemented system for secure and private data transmission, in accordance with the present disclosure;
FIGURE 2 illustrates a flow chart for quantification of a privacy score (Ps) performed by the first determinator 120 of the server 10 of the system 100 illustrated in FIGURE 1, in accordance with the present disclosure;
FIGURE 3 illustrates implementation of a portion of the system 100 illustrated in FIGURE 1 in an application layer for data transmission, in accordance with the present disclosure; and
FIGURES 4(a) and 4(b), illustrate a flow diagram, depicting a computer implemented method for implementing a system for secure and private data transmission, in accordance with the present disclosure.
DETAILED DESCRIPTION
Preserving privacy of user related data and ensuring security are two important needs of IoT (Internet of Things). IoT computing system sensors are arranged in a plurality of locations for collecting physical world information. However, sensor data poses significant privacy breaching risk as it contains minute personal data of a user such as health information, location data, home energy consumption information, and the like. Therefore, preserving privacy of IoT systems is of utmost importance. Further, sensor data transmission needs to be secured and yet lightweight owing to resource limitation of sensor devices and sensor gateways in terms of computation and communication capacity.
The present disclosure proposes a computer implemented system and method for secure and private data transmission, which provides a privacy preservation mechanism by introducing a lightweight security scheme on top of a Constrained Application Protocol (CoAP). There is provided at least one sensor which collects or gathers sensor data which includes various classes of information, such as critical/sensitive, non-sensitive (repetitive, or with a lower variance), and context information. The sensors are configured to collect sensor data in a given time series manner. The time series data is received from the sensor for one or more instances. The sensitive content is detected in the time series data. The sensitive content indicates presence of an anomaly in the time series data. In an exemplary embodiment, the time series data may be considered for a period of 24 hours receiving the values at 1 second intervals.
Referring to FIGUREs 1(a) and 1(b), there is shown a computer implemented system 100 for secure and private data transmission, wherein the system 100 is accessible via a network. The system 100 may include at least one sensor (101a, 101b, 101c,…, 101n), a server 10, a central repository 20 and a first transceiver 30. The central repository 20 stores the time series data, privacy score (Ps), cutoff privacy score (Pmin) and a threshold privacy score (Pst) provided by users, and encryptions rules.
Each of the sensors (101a, 101b, 101c,…,101n) are connected to corresponding transmitters (102a, 102b, 102c,…,102n) for the purpose of transmitting time series data generated by the sensors (101a, 101b, 101c,…,101n) in the form of signals to the server 10. In one embodiment, each of the transmitters (102a, 102b, 102c,…,102n) acts as a communication bridge between respective sensors (101a, 101b, 101c,…,101n) and the server 10.
In accordance with an embodiment of the present disclosure, the server 10 includes but is not limited to a first repository 112, a first processor 114, a second transceiver 116, a receiver 118, a first determinator 120, a mensuration module 122, a first comparator 124, a third transceiver 126, a fourth transceiver 128 and an encryption module 130. The first repository 112 of the server 10 stores predetermined sets of processing rules therein. These processing rules include computing instructions for carrying out the functions performed by various modules of the server 10. In an embodiment, a user can access the server 10 for updating the predetermined sets of processing rules stored in the first repository 112 from time to time through a user interface. The user may access the server 10 using a remotely located workstation connected with the server 10 via a network. The first processor 114 processes data on the basis of the processing rules stored in the first repository 112 for the purpose of ensuring proper functioning of the functionality modules of the server 10 by generating command signals. In one embodiment, the functionality modules includes second transceiver 116, receiver 118, first determinator 120, mensuration module 122, first comparator 124, third transceiver 126, fourth transceiver 128 and encryption module 130. The first processor 114 provides computing instructions to the aforementioned functionality modules inform of command signals.
The sensors (101a, 101b, 101c,…,101n) collect or gather information pertaining to the physical world or environment and generate time series data. The time series data is received by the transmitters (102a, 102b, 102c,…,102n) which further transmits the time series data to the server 10 for further processing and analysis.
In accordance with the present disclosure, the second transceiver 116 of the server 10, receives the command signal from the first processor 114 for receiving the time series data transmitted by the sensors (101a, 101b, 101c,…,101n). The second transceiver 116 communicates with the central repository 20 through the first transceiver 30 for the purpose of storing and retrieving the time series data. In another embodiment, the server 10 may be connected with a plurality of repositories (not shown in the figure) similar to the central repository 20 via the network for the purpose of storing and accessing time series data using the second transceiver 116. The plurality of repositories similar to the central repository 20 cooperates with the first transceiver 30 to receive, store and transmit information pertaining to the time series data to the server 10 as and when required.
In accordance with an embodiment of the present disclosure, the receiver 118 receives the command signal from the first processor 114 for enabling users to manually specify cutoff privacy score (Pmin) and threshold privacy score (Pst) using key inputting mechanisms such as a keypad or keyboard. Further, the processor 114 directs the second transceiver 116 by sending command signals, to cooperate with the receiver 118 and transmit the cutoff privacy score (Pmin) provided by the users to the central repository 20. The second transceiver 116 communicates with the first transceiver 30 for storing and retrieving the cutoff privacy score (Pmin) from the central repository 20. The cutoff privacy score (Pmin) may be considered as reference privacy score. Users may access workstations with which the server 10 is connected or may access the server 10 remotely from another workstation via the network through a user interface.
In accordance with an embodiment of the present disclosure, the first determinator 120 includes but is not limited to a kurtosis measurement module 120a, a filter mechanism 120b and a quantification module 120c. The first determinator 120 receives command signals from the first processor 114 for its execution. The first determinator 120 cooperates with the second transceiver 116 for retrieving the time series data from the central repository 20. The first determinator 120 determines the sensitivity of contents of the time series data by examining each of the segments of the time series data. This is achieved by the execution of the kurtosis measurement module 120a, filter mechanism 120b and quantification module 120c. The kurtosis measurement module 120a receives the time series data and applies kurtosis analyzing rules for the purpose of examining peaks in the time series data. Typically, the kurtosis measurement module 120a implements a method to identify one of platykurtic distribution, a mesokurtic distribution and a leptokurtic distribution from the given time series data.
The kurtosis measurement module 120a identifies the peakedness in the segments of the time series data. The filter mechanism 120b receives the identified peakedness in the segments of the time series data from the kurtosis measurement module 120a, and applies filtering rules to filter out errors in the sensitivity detection and privacy scores. Typically, the filter mechanism 120b may implement a Rosner filtering and a Hampel filtering methodology. The quantification module 120c of the first determinator 120 cooperates with the kurtosis measurement module 120a and the filter mechanism 120b for the purpose of receiving the identified peakedness in the segments of the filtered time series data. The quantification module 120c identifies segments of the time series data with similar peakedness. Further, the quantification module 120c determines frequency of the similar content in the segments along the time series data. Typically, the quantification module 120c may apply processing rules of Shannon’s entropy for determining the frequencies of the content in the segments of the time series data.
The quantification module 120c determines the entropy of the content against the entropy of the entire time series data for the purpose of analyzing the sensitivity of the content. This determines the sensitivity or density of the content in the segments by analyzing the occurrence of similar content of similar peakedness in the given time series data.
The mensuration module 122 receives command signals from the first processor 114 for its execution. The mensuration module 122 receives the time series data determined with the sensitivity of contents of the segments from the first determinator 120. The mensuration module 122 may include but is not limited to a marking module 122a. The marking module 122a marks the privacy score (Ps) of segments of the time series data on the determined frequency of the content. Thus marked segments with privacy score (Ps) is achieved as an output from the mensuration module 122.
The first processor 114 of the server 10 sends command signals to the first comparator 124 for its execution. The first comparator 124 receives the marked segments with privacy score (Ps) of the time series data from the mensuration module 122. The first comparator 124 cooperates with the second transceiver 116 to retrieve the cutoff privacy score (Pmin) from the central repository 20 set by a user and the privacy score (Ps) from the mensuration module 122 for a specific time series data. The first comparator 124 performs the function of comparing the privacy score (Ps) with respect to the cutoff privacy score (Pmin) and generates a first output and a second output of the time series data.
Based on the first output generated by the first comparator 124, the third transceiver 126 receives command signals from the first processor 114 for its execution. The third transceiver 126 cooperates with the first comparator 124 for the purpose of receiving the first output of the time series data corresponding to segments of the time series data for which the privacy score (Ps) is less than the cutoff privacy score (Pmin) or (Ps < Pmin). In one embodiment, the third transceiver 126 transmits these segments of time series data with privacy score (Ps < Pmin) without encryption.
Based on the second output generated by the first comparator 124, the fourth transceiver 128 receives command signals form the first processor 114 for its execution. The fourth transceiver 128 cooperates with the first comparator 124 for the purpose of receiving the second output of the time series data corresponding to the segments of the time series data for the privacy score (Ps) is greater than the cutoff privacy score (Pmin) or (Ps > Pmin). In one embodiment, the fourth transceiver 128 transmits these segments of time series data with privacy score (Ps > Pmin) with encryption. In addition, the alert generating module 132 receives command signals from the first processor 114 to receive the second output of the time series data generated from the first comparator 124 from the fourth transceiver 128. On receiving the second output where the segments of time series data with privacy score (Ps > Pmin), the alert generating module 132 generates alert notifications to inform authorized users. The alert notifications are generated in a format selected a group consisting of an email, an audio alert, a video alert, a message, and a SMS (Short Message Service).
In accordance with one embodiment, based on the second output of the time series data generated by the first comparator 124 and received by the fourth transceiver 128, the first processor 114 transmits command signals to the encryption module 130 for its execution. The encryption module 130 cooperates with the fourth transceiver 128 to receive the second output of the time series data and with the first determinator 120 to receive the sensitivity of contents of the segments of the time series data. Further, the encryption module 130 cooperates with the second transceiver 116 for the purpose of retrieving the requisite data from the central repository 20. The encryption module may include but is not limited to a second determinator 130a, a fifth transceiver 130b, a low overhead security module 130c, at least one sixth transceiver 130d and a security module 130e.
The second determinator 130a of the encryption module 130 first transmits a request to the second transceiver 116 to retrieve the threshold privacy score (Pst) from the central repository 20. On receiving the threshold privacy score (Pst), the second determinator 130a determines the privacy score (Ps) with respect to at least one threshold privacy score (Pst) of the segments of the time series data.
The fifth transceiver 130b cooperates with the second determinator 130a to receive the aforementioned segments with privacy score (Ps) of the time series data. The fifth transceiver 130b checks whether the time series data received from the second determinator 130a satisfies the condition (Pst > Ps > Pmin) or not. If yes, the fifth transceiver 130b communicates and provides the time series data to the low overhead security module 130c satisfying the condition (Pst > Ps > Pmin). The low overhead security module 130c has a plurality of first secure channels for data transmission. The low overhead security module 130c encrypts and transmits the time series data satisfying the condition (Pst > Ps > Pmin) via plurality of first secure channels with low overhead. The time series data transmitted via the plurality of first secure channels considered to be low overhead as the minimum amount of computing resources are utilized for encrypting the time series data. Therefore, the time series data remains lite and does not posit load on the first secure channels for data transmission. In addition, the low overhead security module 130c differentiates the time series data received from the fifth transceiver 130b on the basis of sensitivity content in the segments of the time series data. The low overhead security module 130c encrypts the time series data by implementing a first encryption methodology stored internally therein, in the encryption module 130. In one embodiment, the low overhead security module 130c may encrypt the time series data using an Advanced Encryption Standard (AES) and transmit the time series data via the plurality of first secure channels to a desired destination.
The sixth transceiver 130d cooperates with the second determinator 130a to receive the aforementioned segments with privacy score (Ps) of the time series data. The sixth transceiver 130d checks whether the time series data received from the second determinator 130a satisfies the condition (Ps > Pst) or not. If yes, the sixth transceiver 130d communicates and provides the time series data to the security module 130e satisfying the condition (Ps > Pst). The security module 130e has a plurality of second secure channels for data transmission. The security module 130e encrypts and transmits the time series data satisfying the condition (Ps > Pst) via plurality of second secure channels. In addition, the security module 130e differentiates the time series data received from the sixth transceiver 130d on the basis of sensitivity content in the segments of the time series data. The security module 130e encrypts the time series data received from the sixth transceiver 130d by implementing a second encryption methodology stored internally therein, in the encryption module 130. In one embodiment, the security module 130e may encrypt the time series data using an adaptive secured encryption technique and transmit the time series data through the plurality of second secure channels to the desired destination.
In accordance with one embodiment of the present disclosure, the encrypted time series data transmitted via the plurality of second secure channels posit a load as compared to the data transmitted via the first secure channels. This is because the security module 130e utilizes maximum amount of computing resources are encrypting the time series data to be transmitted via the plurality of second secure channels.
Typically, the low overhead security module 130c and the security module 130e may implement third party computing applications for the purpose of encrypting the time series data. Typically, the desired third party computing applications are communicably interfaced with the system 100.
In accordance with the present disclosure, in one embodiment, the system 100 is implemented in an application layer of network for data transmission. The system 100 may be implemented in the constraint application layer (CoAP) for data transmission.
Referring now to FIGURE 2, showing flowchart for quantification of a privacy score (Ps) performed by the first determinator 120 of the server 10 of the system 100 as shown in FIGURE 1. The computation method implemented by the first determinator 120 for determining the sensitivity of contents of the time series data by examining each of the segments of the time series data may include but is not limited to the following steps:
• receiving sensor data from the second transceiver 116 of the server 10, 202;
• performing statistical analysis on the time series data received using a Kurtosis statistical analyzing technique, wherein the cutoff privacy score (Pmin) is provided by users for the purpose of performing further analysis 204;
o analyzing the time series data using either a platykurtic data distribution or the mesokurtic data distribution 204a;
o analyzing the time series data using leptokurtic distribution 204b;
wherein, computing a kurtosis value after performing statistical analysis on the sensor data and comparing the kurtosis value with respect to the reference value provided, wherein the data distribution of the time series data takes place based on the result of the comparison performed;
• determining the sensitivity of the contents by aggregating the analytical results of the step 204a and 204b, 206; and
• computing a privacy score (Ps) corresponding to the determined content 208.
In accordance with the present disclosure, the kurtosis value corresponding to the time series data is determined. The kurtosis value is compared with a reference value. A data distribution of the time series data is determined based upon the comparison. Typically, the data distribution techniques implemented may include at least one of a platykurtic distribution, a mesokurtic distribution, and a leptokurtic distribution. The time series data is processed using at least one of a first filter module 204c and a second filter module 204d. The first filter module 204c is used when the data distribution of the time series data is the leptokurtic data distribution. Typically, the first filter module 204c may be Rosner filtering for reducing the swamping effect. The second filter module 204d is used when the data distribution of the time series data is either of the platykurtic distribution or the mesokurtic distribution. Typically, the second filter module 204d may be Hampel filtering method is used for reducing masking effect in data distribution. Typically, a Shannon’s entropy computation privacy quantification method may be implemented for the purpose of computing the privacy score for the corresponding sensitive content.
Referring now to FIGURE 3, showing implementation of a portion of the system 100 illustrated in FIGURE 1 in an application layer for data transmission. The first determinator 120, mensuration module 122, first comparator 124, third transceiver 126, fourth transceiver 128 and encryption module 130 of the server 10 of the system 100 are implemented in the application layer. This facilitates the system whether to encrypt the sensor data based on the sensitivity of the sensor data in the application layer, before being received by the subsequent layers such as presentation layer, session layer, transport layer, network layer, data link layer and physical layer for data transmission. In an embodiment, first determinator 120, mensuration module 122, first comparator 124, third transceiver 126, fourth transceiver 128 and encryption module 130 of the server 10 of the system 100 are implemented in constrained application protocol (CoAP). The CoAP is an application layer protocol which enables the sensors (101a, 101b, 101c,..., 101n) to communicate interactively over the Internet or network. Typically, the CoAP is bound to be used with a user datagram protocol (UDP) and optionally with a datagram transport layer security (DTLS). The UPD and DTLS protocols execute in the transport layer, IP (internet protocol) executes in the network layer, and ZigBee executes in the data link layer.
Referring FIGUREs 4(a) and 4(b), illustrate flow diagram, depicting a computer implemented method for implementing a system for secure and private data transmission, the method includes the following steps:
storing, data in a central repository 402;
sensing and generating, at each sensor, time series data divided into plurality of segments, and further transmitting the time series data from the sensor 404;
receiving, at a server, cutoff privacy score (Pmin) from users 406;
receiving, at a server, time series data from the sensors, and transmitting the time series data to the central repository for the purpose of storing the time series data 408;
determining the sensitivity of the content of the time series data by examining each of the segments of the time series data 410;
marking, the segments with privacy score (Ps) in the time series data 412;
comparing the cutoff privacy score (Pmin) set by a user and the privacy score (Ps) received for a specific time series data 414;
generating a first output and a second output of the time series data based on the comparative results 416;
receiving, at a third transceiver of the server, the first output of time series data corresponding to segments of time series data where the privacy score (Ps < Pmin) for the purpose of data transmission, wherein these segments of time series data satisfying the condition (Ps < Pmin) are transmitted without encryption 418;
receiving, at a fourth transceiver of the server, the second output of time series data corresponding to segments of time series data where the privacy score (Ps > Pmin) for the purpose of data transmission, wherein these segments of the time series data satisfying the condition (Ps > Pmin) are transmitted with encryption 420;
receiving, at an encryption module of the server, the time series data satisfying the condition (Ps > Pmin) and determining the privacy score (Ps) with respect to at least one threshold privacy score (Pst) 422;
determining the time series data having privacy score (Ps) and satisfying the condition (Pst > Ps > Pmin) 424;
encrypting and transmitting the time series data satisfying the condition (Pst > Ps > Pmin) via a plurality of first secure channels with low overhead 426;
determining the time series data having privacy score (Ps) satisfying the condition (Ps > Pst) 428; and
encrypting and transmitting the time series data satisfying the condition (Ps > Pst) via a plurality of second secure channels, wherein differentiating the time series data satisfying the condition (Ps > Pst) on the basis of sensitivity of the content which is inversely proportional to the frequency of similar contents in the segments of the time series data 430.
In accordance with the present disclosure, the aforementioned step of determining the sensitivity of the content of the time series data by examining each of the segments of the time series data further comprises the following steps:
• identifying peakedness in the segments of the time series data by applying processing rules of kurtosis;
• filtering out the noise from the received time series data; and
• identifying segments of the time series data with similar peakedness and determining frequency of the similar content in the segments along the time series data.
In accordance with the present disclosure, the step of identifying segments of the time series data with similar peakedness further includes the step of applying the processing rules of Shannon’s entropy for determining the frequencies of the content of the segments of the time series data.
In accordance with the present disclosure, in the aforementioned method, the step of identifying segments of the time series data with similar peakedness further includes the step of applying the processing rules of Shannon’s entropy for determining the frequencies of the content of the segments of the time series data.
In accordance with the present disclosure, the step of marking, the segments with privacy score (Ps) in the time series data further includes the step of marking the privacy score (Ps) of segments of the time series data based on the determined frequency of the content.
In accordance with the present disclosure, the step of transmitting the time series data satisfying the condition (Pst > Ps > Pmin) further includes the step of differentiating the time series data on the basis of sensitivity of the content which is inversely proportional to the frequency of similar contents in the segments of the time series data.
In accordance with the present disclosure, in the aforementioned method, the step of receiving the second output of time series data corresponding to segments of time series data where the privacy score (Ps > Pmin) further includes the step of generating alert notifications in a format selected from a group consisting of an email, an audio alert, a video alert, a message and an sms.
In accordance with the present disclosure, the step of storing data in a central repository in a central repository, wherein data includes time series data, privacy score (Ps), user provided cutoff privacy score (Pmin), at least one threshold privacy score (Pst), and encryption rules.
TECHNICAL ADVANCEMENTS AND ECONOMIC SIGNIFICANCE
The technical advancements offered by the system for audio watermarking of the present disclosure include the realization of:
• a computer implemented system and method for private data transmission;
• a computer implemented system and method for adapting different security levels depending on the measured private or sensitive content;
• a computer implemented system and method for transmitting data having low overhead;
• a computer implemented system and method for secure data transmission;
• a system which is capable of transmitting secure data having low overhead on top of the constraint application protocol (CoAP);
• a system that can identify sensitive content in the given time series data;
• a system that can encrypt sensitive content;
• a system which is able to transmit large data blocks securely;
• a system that can be implemented on Internet of Things (IoT), particularly, uniquely identifiable embedded computing devices within an existing computer network; and
• a system that is capable of reducing communication cost.
Throughout this specification the word “comprise”, or variations such as “comprises” or “comprising”, will be understood to imply the inclusion of a stated element, integer or step, or group of elements, integers or steps, but not the exclusion of any other element, integer or step, or group of elements, integers or steps.
The use of the expression “at least” or “at least one” suggests the use of one or more elements or ingredients or quantities, as the use may be in the embodiment of the invention to achieve one or more of the desired objects or results.
The foregoing description of the specific embodiments will so fully reveal the general nature of the embodiments herein that others can, by applying current knowledge, readily modify and/or adapt for various applications such specific embodiments without departing from the generic concept, and, therefore, such adaptations and modifications should and are intended to be comprehended within the meaning and range of equivalents of the disclosed embodiments. It is to be understood that the phraseology or terminology employed herein is for the purpose of description and not of limitation. Therefore, while the embodiments herein have been described in terms of preferred embodiments, those skilled in the art will recognize that the embodiments herein can be practiced with modification within the spirit and scope of the embodiments as described herein.
Documents
Application Documents
| # | Name | Date |
|---|---|---|
| 1 | 610-MUM-2015-FORM 1-(31-03-2015).pdf | 2015-03-31 |
| 2 | 610-MUM-2015-CORRESPONDENCE-(31-03-2015).pdf | 2015-03-31 |
| 3 | 610-MUM-2015-GENERAL POWER OF ATTORNEY-(26-05-2015).pdf | 2015-05-26 |
| 4 | 610-MUM-2015-CORRESPONDENCE-(26-05-2015).pdf | 2015-05-26 |
| 5 | Other Patent Document [01-09-2016(online)].pdf | 2016-09-01 |
| 6 | tcs-6.pdf ONLINE | 2018-08-11 |
| 7 | tcs-6.pdf | 2018-08-11 |
| 8 | FORM 3.pdf ONLINE | 2018-08-11 |
| 9 | FORM 3.pdf | 2018-08-11 |
| 10 | CS Draft_24.02.15.pdf ONLINE | 2018-08-11 |
| 11 | CS Draft_24.02.15.pdf | 2018-08-11 |
| 12 | abs.pdf ONLINE | 2018-08-11 |
| 13 | abs.pdf | 2018-08-11 |
| 14 | 610-MUM-2015-FER.pdf | 2019-10-16 |
| 15 | 610-MUM-2015-FORM-26 [11-01-2020(online)].pdf | 2020-01-11 |
| 16 | 610-MUM-2015-OTHERS [01-04-2020(online)].pdf | 2020-04-01 |
| 17 | 610-MUM-2015-FER_SER_REPLY [01-04-2020(online)].pdf | 2020-04-01 |
| 18 | 610-MUM-2015-CLAIMS [01-04-2020(online)].pdf | 2020-04-01 |
| 19 | 610-MUM-2015-ABSTRACT [01-04-2020(online)].pdf | 2020-04-01 |
| 20 | 610-MUM-2015-US(14)-HearingNotice-(HearingDate-11-01-2022).pdf | 2021-12-08 |
| 21 | 610-MUM-2015-FORM-26 [07-01-2022(online)].pdf | 2022-01-07 |
| 22 | 610-MUM-2015-Correspondence to notify the Controller [07-01-2022(online)].pdf | 2022-01-07 |
| 23 | 610-MUM-2015-US(14)-ExtendedHearingNotice-(HearingDate-18-01-2022).pdf | 2022-01-13 |
| 24 | 610-MUM-2015-Written submissions and relevant documents [01-02-2022(online)].pdf | 2022-02-01 |
| 25 | 610-MUM-2015-PatentCertificate11-05-2022.pdf | 2022-05-11 |
| 26 | 610-MUM-2015-IntimationOfGrant11-05-2022.pdf | 2022-05-11 |
| 27 | 610-MUM-2015-RELEVANT DOCUMENTS [30-09-2023(online)].pdf | 2023-09-30 |
Search Strategy
| 1 | Search_Strategy_Amended_610_MUM_2015AE_09-09-2020.pdf |
| 2 | Search_Strategy_610_MUM_2015_14-10-2019.pdf |