To support secure database management, a number of value-added encryption schemes have been studied including order-revealing encryption (ORE) schemes. One of outstanding features of ORE schemes is the efficiency of range queries in an encrypted form. Compared to existing encryption methods, ORE leads to an increase in the length of ciphertexts. To improve the efficiency of ORE schemes in terms of the length of ciphertext, a new ORE scheme with shorter ciphertext has been proposed by Kim. In this paper, we revisit Kim's ORE scheme and show that the length of ciphertexts is not as short as analyzed in their paper. We also introduce a simple modification reducing the memory requirement than existing ORE schemes.

A private decentralized e-health environment, empowered by blockchain technology, grants authorized healthcare entities to legitimately access the patient's medical data without relying on a centralized node. Every activity from authorized entities is recorded immutably in the blockchain transactions. In terms of privacy, the e-health system preserves a default privacy option as an initial state for every patient since the patients may frequently customize their medical data over time for several purposes. Moreover, adjustments in the patient's privacy contexts are often solely from the patient's initiative without any doctor or stakeholders' recommendation. Therefore, we design, implement, and evaluate user-defined data privacy utilizing nudge theory for decentralized e-health systems named PDPM to tackle these issues. Patients can determine the privacy of their medical records to be closed to certain parties. Data privacy management is dynamic, which can be executed on the blockchain via the smart contract feature. Tamper-proof user-defined data privacy can resolve the dispute between the e-health entities related to privacy management and adjustments. In short, the authorized entities cannot deny any changes since every activity is recorded in the ledgers. Meanwhile, the nudge theory technique supports providing the best patient privacy recommendations based on their behaviour activities even though the final decision rests on the patient. Finally, we demonstrate how to use PDPM to realize user-defined data privacy management in decentralized e-health environments.

Data anonymization is required before a big-data business can run effectively without compromising the privacy of personal information it uses. It is not trivial to choose the best algorithm to anonymize some given data securely for a given purpose. In accurately assessing the risk of data being compromised, there needs to be a balance between utility and security. Therefore, using common pseudo microdata, we propose a competition for the best anonymization and re-identification algorithm. The paper reported the result of the competition and the analysis on the effective of anonymization technique. The competition result reveals that there is a tradeoff between utility and security, and 20.9% records were re-identified in average.

Since wireless sensor networks (WSNs) are resources-constrained, it is very essential to gather data efficiently from the WSNs so that their life can be prolonged. Data aggregation can conserve a significant amount of energy by minimizing transmission cost in terms of the number of data packets. Many applications require privacy and integrity protection of the sampled data while they travel from the source sensor nodes to a data collecting device, say a query server. However, the existing schemes suffer from high communication cost, high computation cost and data propagation delay. To resolve the problems, in this paper, we propose a new and efficient integrity protecting sensitive data aggregation scheme for WSNs. Our scheme makes use of the additive property of complex numbers to achieve sensitive data aggregation with protecting data integrity. With simulation results, we show that our scheme is much more efficient in terms of both communication and computation overheads, integrity checking and data propagation delay than the existing schemes for protecting integrity and privacy preserving data aggregation in WSNs.