移动网络与云环境下的重认证和访问控制策略研究

随着手机、电脑等移动设备的普遍使用,人们越来越习惯于用智能设备存储个人信息。但近些年来,由于移动设备丢失导致的用户隐私泄露事件屡见不鲜,如何实现互联网云环境下身份认证以及信息安全性的提高已经成为人们极为关注的问题。基于这个问题本文提出了一种访问策略的更新,设计动态演化的隐式重认证方法,使得智能终端能够持续地识别用户是否合法,对抗恶意用户的模拟攻击,防止未授权用户造成数据泄露。通过分析及研究以期为相关工作者提供一定的帮助。     

Enhanced dynamic credential generation scheme for protection of user identity in mobile-cloud computing

To improve the resource limitation of mobile devices, mobile users may utilize cloud-computational and storage services. Although the utilization of the cloud services improves the processing and storage capacity of mobile devices, the migration of confidential information on untrusted cloud raises security and privacy issues. Considering the security of mobile-cloud-computing subscribers’ information, a mechanism to authenticate legitimate mobile users in the cloud environment is sought. Usually, the mobile users are authenticated in the cloud environment through digital credential methods, such as password. Once the users’ credential information theft occurs, the adversary can use the hacked information for impersonating the mobile user later on. The alarming situation is that the mobile user is unaware about adversary’s malicious activities. In this paper, a light-weight security scheme is proposed for mobile user in cloud environment to protect the mobile user’s identity with dynamic credentials. The proposed scheme offloads the frequently occurring dynamic credential generation operations on a trusted entity to keep minimum processing burden on the mobile device. To enhance the security and reliability of the scheme, the credential information is updated frequently on the basis of mobile-cloud packets exchange. Furthermore, the proposed scheme is compared with the existing scheme on the basis of performance metrics i.e. turnaround time and energy consumption. The experimental results for the proposed scheme showed significant improvement in turnaround time and energy consumption as compared to the existing scheme.     

Privacy‐aware shared UI toolkit for nomadic environments

As computing becomes more nomadic, privacy becomes a greater concern. People use portable devices to annex displays in their environments so that they can share information with other people. However, private information such as usernames, e‐mail addresses, and folder names are shown on foreign displays. In addition, foreign keyboards can be used to enter in passwords generating a significant privacy and security risk. Because nomadic users' sensitive data is constantly at risk for exploitation via the UI toolkit, a solution for protecting user privacy must include that toolkit. This paper introduces the XICE framework—a windowing toolkit that provides easy display annexing and includes a robust privacy framework to help protect users and their data. This paper discusses the exploits that annexing external devices introduces and how XICE mitigates or eliminates those threats safely and naturally for both users and developers. Copyright © 2011 John Wiley & Sons, Ltd.     

Efficient privacy-preserving fault tolerance aggregation for people-centric sensing system

People-centric sensing (PCS) system is gaining popularity in the current technology world due to its ability to enhance the mobile device into a global mobile sensing device. But, PCS system is still suffering from security risks related to users privacy risks since the data being sensed by PCS are capable of allowing the attackers to gain privacy information related to the user. Hence, user privacy security is a main concern in the PCS system. In this paper, we propose to develop an efficient privacy-preserving fault tolerance aggregation technique for the PCS system. The proposed technique will consider registration of the involved mobile nodes and access point as an important initial step. Then, the data message being transmitted will be encrypted into reports and forwarded in a highly secure manner. Finally, the data will be decrypted and retrieved at the destination based on the homomorphic encryption and decryption mechanism. In this way, the privacy of the user is maintained secure and the process is made more tolerant toward fault in order to enhance efficient network operation. We evaluate the performance of the protocol according to the parameters like communication overhead, delay and delivery ratio.     

Anonymous proximity mobile payment (APMP)

The growth of wireless networks and the increasing popularity of mobile devices present an significant opportunity to empower them as a payment device. Unfortunately, several problems hinder the widespread acceptance of mobile payments, for example, privacy protection and user anonymity. Measures to ensure anonymity in payment systems must be considered as an important factor in privacy and system acceptance. We propose a new measure to enhance the level of anonymity in mobile payments where users can customize their anonymity, according to their personal preferences. We rely on IPAS (Implicit Password Authentication System) (Almuairfi et al. 2011) for dispute resolution to support our proposed idea.     

Multi-device anonymous authentication

Recently, a few pragmatic and privacy protecting systems for authentication in multiple systems have been designed. The most prominent examples include Pseudonymous Signatures for German personal identity cards and Anonymous Attestation. The main properties are that a user can authenticate himself with a single private key (stored on a smart card), but nevertheless the user’s IDs in different systems are unlinkable. We develop a solution which enables a user to achieve the above-mentioned goals while using more than one personal device, each holding a single secret key, but different for each device. Our solution is privacy preserving: it will remain hidden for the service system which device is used. Nevertheless, if a device gets stolen, lost or compromised, the user can revoke it (leaving his other devices intact). In particular, in this way we create a strong authentication framework for cloud users, where the cloud does not learn indirectly personal data. Our solution is based on a novel cryptographic primitive, called Pseudonymous Public Key Group Signature.

     

Study on two privacy-oriented protocols for information communication systems

In these days, the privacy of a user in information communication system is more important than ever before. Especially, the property is important for mobile communication systems due to the mobility of underlying mobile devices. Until now, many cryptographic tools have been proposed for achieving users’ privacy. In this paper, we review two privacy-oriented cryptographic protocols, and show their security holes. We also provide some countermeasure to fix the weaknesses. First, we discuss the security of the user identification scheme proposed by Hsu and Chuang which permits a user to anonymously log into a system and establish a secret key shared with the system. We show that the Hsu-Chuang scheme is not secure against known session key attacks, and then we provide a countermeasure which can be used for enhancing the security the Hsu-Chuang scheme. Secondly, we review a deniable authentication proposed by Harn and Ren which protects the privacy of a message sender. Then we show that the protocol has a potential incompleteness and two weaknesses.     

Modeling context in mobile distributed systems with the UML

Context-awareness plays an important role in mobile distributed systems since it enables the adaptation of mobile devices to the users. However, one of the major challenges is the preservation of the users’ privacy. Many different approaches of modeling the context of the user exist, but the incorporation of privacy restrictions into context models, which makes the protection of privacy apparent, is missing. This paper presents the Context Modeling Profile (CMP), a lightweight UML (Unified Modeling Language) extension, as a visual language for context models in mobile distributed systems. The resulting models embody metainformation of the context, i.e. source and validity of context information, and reflect privacy restrictions. The profile provides several well-formedness rules for context models and supports the development of context-aware mobile applications through an adequate visual modeling language. A case study is used to illustrate the approach.     

Electronic retention: what does your mobile phone reveal about you?

The global information rich society is increasingly dependent on mobile phone technology for daily activities. A substantial secondary market in mobile phones has developed as a result of a relatively short life-cycle and recent regulatory measures on electronics recycling. These developments are, however, a cause for concern regarding privacy, since it is unclear how much information is retained on a device when it is re-sold. The crucial question is: what, despite your best efforts, does your mobile phone reveal about you?. This research investigates the extent to which personal information continues to reside on mobile phones even when users have attempted to remove the information; hence, passing the information into the secondary market. A total of 49 re-sold mobile devices were acquired from two secondary markets: a local pawn shop and an online auction site. These devices were examined using three industry standard mobile forensic toolkits. Data were extracted from the devices via both physical and logical acquisitions and the resulting information artifacts categorized by type and sensitivity. All mobile devices examined yielded some user information and in total 11,135 artifacts were recovered. The findings confirm that substantial personal information is retained on a typical mobile device when it is re-sold. The results highlight several areas of potential future work necessary to ensure the confidentially of personal data stored on mobile devices.     

Android用户隐私保护系统

随着移动互联网的快速发展,手机作为移动互联的重要终端其所受的安全威胁已不亚于传统PC。文章针对目前手机用户的隐私信息(如通讯信息、短信息、通话记录、相册、文件等)泄露这一用户最为关心的问题,在目前主流的手机操作系统Android OS下设计并实现一个用户隐私保护系统。其主要研究和解决Android系统下的恶意进程识别和隐私数据加密两个问题,通过设计黑白名单授权访问隐私数据和实时监控每个进程以及用AES、MD5等算法加密隐私数据,从而达到保护用户隐私的目的。     

Efficient mining and prediction of user behavior patterns in mobile web systems

The development of wireless and web technologies has allowed the mobile users to request various kinds of services by mobile devices at anytime and anywhere. Helping the users obtain needed information effectively is an important issue in the mobile web systems. Discovery of user behavior can highly benefit the enhancements on system performance and quality of services. Obviously, the mobile user's behavior patterns, in which the location and the service are inherently coexistent, become more complex than those of the traditional web systems. In this paper, we propose a novel data mining method, namely SMAP-Mine that can efficiently discover mobile users' sequential movement patterns associated with requested services. Moreover, the corresponding prediction strategies are also proposed. Through empirical evaluation under various simulation conditions, SMAP-Mine is shown to deliver excellent performance in terms of accuracy, execution efficiency and scalability. Meanwhile, the proposed prediction strategies are also verified to be effective in measurements of precision, hit ratio and applicability.     

面向不可信服务器的空间众包隐私保护研究

随着互联网技术的迅速发展以及智能移动设备的普遍使用,空间众包的使用愈加广泛。用户发布空间任务,空间众包平台将会雇佣工作者为其分配任务并执行。该类方法需要通过智能设备获取用户位置数据和工作者位置数据,容易泄露位置隐私,严重威胁了用户和工作者的隐私安全。针对个人位置隐私泄露的问题,本文提出了一种采用地理不可区分性对不可信服务器空间众包的位置数据进行扰动的方法。向用户的真实位置和工作者的真实位置添加可控的随机噪声,得到扰动位置,并计算两者的可达性。该方法向二者的真实位置添加噪声生成扰动位置,能有效保护位置隐私,具有很强的隐私保护强度,隐私程度增大。     

大规模手机位置数据发布的隐私保护方法——基于频繁活动点集匹配的策略*

作为一种新兴的个体轨迹数据,大规模手机位置数据被认为能为人类活动研究带来新的前景。然而,近期研究发现,手机位置数据中蕴含的个体活动点可能导致用户重识别,即隐私信息泄露。因此,针对个体的频繁活动点集合,本研究计算手机位置数据中的个体重识别风险,通过点击匹配策略实现高风险个体敏感位置信息的隐匿;利用交通流分析来评价隐私保护后的数据可用性损失。基于深圳市大规模手机位置数据实验,结果表明本研究提出的方法在降低整体隐私泄露风险和确保隐私保护后的数据可用性方面皆具有良好效果。本研究成果对大规模手机位置数据隐私保护具有重要的促进作用,有助于保障此类大规模个体轨迹数据的安全应用以及相关法律法规的合理制定。     

基于用户视觉能力的交互设备筛选方法

普适计算为智能环境通过多个交互设备向用户提供信息服务奠定了基础,但如何选择恰当的设备向用户提供服务仍是一项待解决的问题。论文基于用户视觉交互能力参数筛选出最优的交互设备提供服务。根据用户的视野范围和面部朝向,结合所在位置,计算显示设备相对于用户的双向可达性;根据用户的视力水平,结合显示界面字符大小,计算显示设备所显示信息对用户的可读性;综合以上两方面信息计算设备推荐率。利用具有不同视觉能力的用户对论文所提出方法进行了验证,实验结果表明所提出方法能选择出最与用户交互能力匹配的交互设备。     

A user friendly authentication scheme with anonymity for wireless communications

Secure user authentication is an important issue for wireless environment such as GSM, CDPD, and 3G and 4G wireless systems. Especially, anonymity of the mobile users should be guaranteed to protect the privacy of the mobile users. This paper proposes a user friendly authentication scheme with anonymity for wireless communications that not only can overcome the weaknesses of the previous related schemes, but also can provide efficiency and security to suitable for battery-powered mobile devices in wireless communication systems.     

社交网络中的位置隐私保护研究

随着智能终端设备和社交网络服务的广泛使用,移动互联网发展的一个重要趋势是社交、位置和移动相融合,在这些应用中,位置是一项非常重要的信息。该文从位置隐私泄露的风险出发,介绍了几种位置隐私保护技术,比较它们的优劣,提出了移动感知的匿位区域生成方法,通过信息熵理论将用户位置的不可推测性最大化,实现了社交网络中个人隐私保护。     

TAPAS: Trustworthy privacy-aware participatory sensing

With the advent of mobile technology, a new class of applications, called participatory sensing (PS), is emerging, with which the ubiquity of mobile devices is exploited to collect data at scale. However, privacy and trust are the two significant barriers to the success of any PS system. First, the participants may not want to associate themselves with the collected data. Second, the validity of the contributed data is not verified, since the intention of the participants is not always clear. In this paper, we formally define the problem of privacy and trust in PS systems and examine its challenges. We propose a trustworthy privacy-aware framework for PS systems dubbed TAPAS, which enables the participation of the users without compromising their privacy while improving the trustworthiness of the collected data. Our experimental evaluations verify the applicability of our proposed approaches and demonstrate their efficiency.     

An Integrated Model of Voice-User Interface Continuance Intention: The Gender Effect

Advanced speech recognition technology facilitated the development of voice-based smart devices. Voice user interface (VUI) is now a common feature on smartphones, computers, smart home devices, and car systems. The fragmented and context focused literature on VUI motivates this examination of the relationship between perceived quality and customer satisfaction in VUI portable devices. This study is the first to introduce extrinsic motivational factors as an extension to Wixom and Todd’s model. These additional antecedent factors add an enriched explanation of VUI user behavior. This study is also the first to consider the role of gender in a VUI behavior model. Our findings suggest that the proposed driving factors, including trust, perceived risks, perceived enjoyment, and mobile self-efficacy, significantly affect VUI user attitudes, which influence their continuance intention. Our results also address the role of gender on the association of attitude toward VUI use and its antecedents. The findings show that perceived risk (privacy concerns) and perceived ease of use are more influential on VUI use behavior of males than females. However, the effect of trust and mobile self-efficacy play a more crucial role for females than males.     

社交网络用户隐私泄露量化评估方法

社交网络用户隐私泄露的量化评估有利于帮助用户了解个人隐私泄露状况,提高公众隐私保护和防范意识,同时也能为个性化隐私保护方法的设计提供依据.针对目前隐私量化评估方法主要用于评估隐私保护方法的保护效果,无法有效评估社交网络用户的隐私泄露风险的问题,提出了一种社交网络用户隐私泄露量化评估方法.基于用户隐私偏好矩阵,利用皮尔逊相似度计算用户主观属性敏感性,然后取均值得到客观属性敏感性;采用属性识别方法推测用户隐私属性,并利用信息熵计算属性公开性;通过转移概率和用户重要性估计用户数据的可见范围,计算数据可见性;综合属性敏感性、属性公开性和数据可见性计算隐私评分,对隐私泄露风险进行细粒度的个性化评估,同时考虑时间因素,支持用户隐私泄露状况的动态评估,为社交网络用户了解隐私泄露状况、针对性地进行个性化隐私保护提供支持.在新浪微博数据上的实验结果表明,所提方法能够有效地对用户的隐私泄露状况进行量化评估.     

Mean estimation over numeric data with personalized local differential privacy

The fast development of the Internet and mobile devices results in a crowdsensing business model, where individuals (users) are willing to contribute their data to help the institution (data collector) analyze and release useful information. However, the reveal of personal data will bring huge privacy threats to users, which will impede the wide application of the crowdsensing model. To settle the problem, the definition of local differential privacy (LDP) is proposed. Afterwards, to respond to the varied privacy preference of users, researchers propose a new model, i.e., personalized local differential privacy (PLDP), which allow users to specify their own privacy parameters. In this paper, we focus on a basic task of calculating the mean value over a single numeric attribute with PLDP. Based on the previous schemes for mean estimation under LDP, we employ PLDP model to design novel schemes (LAP, DCP, PWP) to provide personalized privacy for each user. We then theoretically analysis the worst-case variance of three proposed schemes and conduct experiments on synthetic and real datasets to evaluate the performance of three methods. The theoretical and experimental results show the optimality of PWP in the low privacy regime and a slight advantage of DCP in the high privacy regime.