Secure Life Cycle Assessment in Complex Supply Chains
Sakine Yalman is a second year PhD student who is funded by Ministry of National Education of Turkey. She is a member of the Cybersecurity group at the University of Exeter. Her PhD is supervised by Prof Achim D. Brucker and Dr Jia Hu. Her research focuses on developing a lightweight privacy-preserving technique that supports heterogeneous scenarios using smart devices and cloud resources.
Deciding My Research Focus
With the convergence of technologies such as real-time analytics, machine learning, and embedded systems, the use of smart devices is increasing rapidly. Smart devices, such as smartwatches, smartphones, or home automation gadgets, are used in a wide range of areas from control systems, automation systems to healthcare systems.
As I am curious and sensitive about my confidential data, I do always wonder how data collected by smart devices is used and how companies producing these smart devices ensure the confidentiality, privacy, and security of this data.
As you may know, it is not possible to solve all problems that you have in your mind in just one PhD! Therefore, I am focusing on what excites me the most!
Being Caught Between Protecting Confidential Data and Addressing the Environmental Concerns of Consumers
When I was reviewing literature, an interesting research article took my attention. It was including a subject that I knew nothing about called Life-Cycle Assessment (LCA).
As we can see in our daily lives, the environmental impact of products has become an increasingly important factor in buying decisions of customers, moreover, is also a growing concern of law makers. Hence, companies have an increased interest in determining the ecological footprint of their products. And LCA is a standardized method for computing the ecological footprint of a product. It evaluates the ecological sustainability of a product or service in a quantitative way, and its computation requires exhaustive and comprehensible information about industrial activities, from cradle to grave. This information can, e.g., include information about the production and delivery processes of partners within a supply chain. As this information can reveal the details of production processes that are often considered a trade secret, it is confidential. Moreover, collaborating actively within a supply chain can disclose business relationships, which can be confidential too!
So… After giving some background information, I would like to pose a question. If you were one of the companies placed in a supply chain, would you be interested in sharing your whole data or would you try to hide your confidential information?
Although companies are willing to determine the ecological footprint of their products, they are also concerned about how their confidential data is used in computations/operations and shared with the public or other competitive companies. As a result, security and confidentiality concerns are currently hindering both the collaboration within supply chains and precisely LCA.
What Do I Propose?
With my work, I try to provide a good balance of data protection needs and the availability of data. My work should make it possible to analyse data while preserving privacy of data.
In the first year of my PhD, I developed a hierarchical method for confidential computations within a business network such as supply chains. I applied my method to LCA, which ensures the confidentiality of data (e.g., information about details of production processes) and meta-data (e.g., supplier-consumer relationships). In contrast to traditional LCA, in my approach, I decompose LCA into “levels” in a recursive way which enables us to apply secure multi-party computation (SMPC) in an efficient way in complex supply chains.
In my second year, I plan to extend my approach to focus on the formal privacy analysis of smart devices used in business networks.