基于网格标识匹配的位置隐私保护方法

在基于位置的服务中,基于可信第三方模型是当前位置隐私保护中的主要模型,但该模型存在一定的隐私泄露风险。该文提出一种基于网格标识匹配(GIM)的位置隐私保护方法,用户首先将查询区域划分为网格,并结合保序对称加密和K匿名技术,在匿名器形成K匿名,然后利用网格标识匹配返回查询结果给用户。在查询的过程中,匿名器并不知道用户的具体位置,加强了该模型中用户位置的隐私保护。同时中间匿名器仅进行简单的比较和匹配,有效缓解了匿名器的性能瓶颈问题。安全分析表明该方法能有效保护用户的位置隐私;并且通过实验验证该方法能有效减小匿名器的处理时间开销。     

一种增强的个性化匿名隐私保护模型改进

隐私保护是信息安全的重要研究方向,为了提高隐私保护能力,提出一种基于椭圆曲线同态加密的增强性个性化匿名隐私保护模型。采用K-匿名编码方法进行隐私保护信息的编码设计,构建加密密钥,结合分段线性混沌映射方法进行隐私保护模型的算术编码设计,采用椭圆曲线同态加密算法进行个性化匿名隐私保护增强设计,提高信息加密的深度,实现隐私保护优化。仿真结果表明,采用该方法进行隐私保护信息加密和隐私保护抗攻击能力较强,信息泄露的风险大大降低。     

一种增强的个性化匿名隐私保护模型

匿名模型是近年来隐私保护研究的热点技术之一,主要研究如何在数据发布中避免敏感数据的泄露,又能保证数据发布的高效用性.提出了一种个性化（α[s],l）-多样k-匿名模型,该方法将敏感属性泛化成泛化树,根据数据发布中隐私保护的具体要求,给各结点设置不同的α约束,发布符合个性化匿名模型的数据.该方法在保护隐私的同时进一步提高信息的个性化要求.实验结果表明,该方法提高了信息的有效性,具有很高的实用性.     

个人移动数据收集中的多维轨迹匿名方法

在情景感知位置服务中,移动互联网络的开放性使得个人移动数据面临巨大的安全风险,移动数据的时空关联特性对个人数据的隐私保护提出重大挑战.针对基于时空关联的背景知识攻击,本文提出了一种多维的轨迹匿名隐私保护方法.该方法在匿名轨迹数据收集系统的基础上,基于多用户协作的隐私保护模式,通过时间匿名和空间匿名算法,实现用户的隐私保护.实验结果表明,该方法可以有效的对抗基于位置和移动方式的背景知识攻击,满足了k-匿名的隐私保护要求.     

融合微聚集隐私保护的协同过滤算法研究

现有的k-匿名隐私保护是一种安全有效的隐私保护算法,针对其对背景知识攻击和同质性攻击防范的不足,提出一种基于敏感属性多样性的微聚集隐私保护的协同过滤算法。算法在满足k-匿名的前提下,融入敏感属性的多样性,在微聚集算法中通过设置同一等价类中敏感属性的差异值,来避免敏感属性值过于接近而造成隐私泄露,从而达到保护隐私数据的目的,同时保证推荐的准确性。实验结果表明,该算法既能保证为用户提供高效的个性化推荐,又能够产生安全的信息表。     

基于聚类匿名化的差分隐私保护数据发布方法

基于匿名化技术的理论基础,采用DBSCAN聚类算法对数据记录进行聚类,实现将个体记录匿名化隐藏于一组记录中。为提高隐私保护程度,对匿名化划分的数据添加拉普拉斯噪声,扰动个体数据真实值,以实现差分隐私保护模型的要求。通过聚类,分化查询函数敏感性,提高数据可用性。对算法隐私性进行证明,并实验说明发布数据的可用性。     

面向数据发布的隐私保护技术研究

数据发布中仅采用删除个人身份标识的方法无法保证个人隐私信息的安全,论文分析总结了单敏感属性和多敏感属性情况下常用的匿名模型及匿名化方法,以促进在隐私保护方面有更进一步的研究。     

基于K-匿名的电子商务匿名方法研究

根据K-匿名的基本模型,为了实现在电子商务销售商以营销为目的数据分析发布过程中不泄漏消费者的销费隐私信息,提出了电子商务隐私信息匿名方法,将电子商务消费者个体信息分为3种类,设计出了个体身份标识属性的重编码和个体身份准标识属性的泛化算法.利用Adult data作为数据源,分析了本匿名方法泛化层、信息丢失率和K之间的关系,为电子商务对数据的处理决策提供一个选择方案.     

基于网格密度的位置隐私保护系统设计与实现

基于位置服务(LBS)给人们生活带来巨大便利的同时,其对个人隐私的泄露风险不容忽视。首先讨论了位置服务中的隐私泄露途径及隐私保护模型,并着重介绍了位置k匿名思想;针对位置k匿名中对模糊匿名区域的寻找问题,提出基于网格密度模型的保护系统方案,利用网格结构简单、索引便捷的特点,可以迅速获知周围用户数目状态,找到覆盖临近k个用户的最小包含空间;此外,考虑若连续使用位置服务,即使每次请求均满足k匿名条件仍可能泄露大概的轨迹信息,提出动态假名算法,量化轨迹隐私泄露风险,将高风险用户的假名与临近用户的假名进行随机的交换,使得攻击者无法对其轨迹进行追踪。     

DAA 协议中平台隐私数据的保护方案﹡

针对当前可信计算平台身份证明最好的理论解决方案——直接匿名认证（DAA ,Direct Anonymous Attestation）协议中平台隐私数据（,A e ）是以明文方式直接存储在平台上很容易受到攻击的问题,基于 TPM 的安全存储功能,提出了平台隐私数据（,A e ）的保护方案。该方案根据用户的身份生成隐私数据（,A e ）的保护密钥和授权数据,利用 TPM 的安全存储功能对该保护后的隐私数据进行存储,并通过理论分析和实验验证,表明了所提方案在保护隐私数据（,A e ）的同时,对直接匿名认证协议的性能影响也不大,增强了 DAA 协议的身份认证可信。     

面向多路径传输中数据隐私性分析的安全模型

In order to investigate the enhancement of data privacy by distributing data packets via multiple paths, this paper formulates a security model and analyzes the privacy problem in multipath scenarios leveraging information theoretic concept. Based on proposed model, a privacy function related to the path number is discussed. We heuristically recommend the optimal path number and analyze the tradeoff among the performance, resource consumption and privacy. For reducing the information leakage, the data schedule algorithms are also proposed. The analytical model can provide guidelines for the multipath protocol design.     

支持第三方仲裁的智能电网数据安全聚合方案

智能电网作为新一代的电力系统,显著提高了电力服务的效率、可靠性和可持续性,但用户侧信息安全问题也日渐突出.本文针对智能电网系统中用户数据信息泄露的问题,提出了一个具有隐私保护的数据安全采集方案.收集器能够对采集到的电表数据进行验证,聚合为一个新的数据包,发送给电力服务中心解密和存储,且第三方仲裁机构能够解决用户端智能电表与电力服务中心发生的纠纷.同时,本方案支持收集器,电力服务中心和第三方仲裁机构执行批量验证操作,以提升验证效率.本文的理论分析与实验比较表明,该方案比同类型方案具有更高的运算效率和通信效率.     

基于隐私同态数据融合的完整性验证协议

在无线传感器网络中的安全数据融合能够有效防止隐私泄露和数据篡改等问题,并实现高效的数据传输。由此提出一种基于隐私同态数据融合的完整性验证协议IV-PHDA。该协议采用同态加密保证数据隐私性;利用随机检测节点对节点聚合结果的完整性进行检测,以验证聚合节点是否忠实地传输每个数据分组。通过理论分析和仿真对比,对其算法的性能进行验证,结果表明,该协议能够在网络传输的过程中检测数据的完整性,并且实现较好的隐私保护和较高的数据精确度。     

面向多敏感值的个性化随机响应机制设计与分析

在实际数据收集中,不同敏感值的敏感度有很大差异,隐私保护需求也不相同.然而,现有的基于随机响应的本地化隐私保护模型针对所有敏感值都执行同样程度的隐私保护,从而可能造成某些低敏感度的敏感值过度保护,而某些高敏感度的敏感值却保护不足.基于此,本文在常规随机响应（Conventional Randomized Response,CRR）模型的基础上,考虑个性化的隐私需求,引入敏感值权重,并将其引入到随机响应的决策中,提出一种面向多敏感值的个性化随机响应（Personalized Randomized Response,PRR）机制,该机制能够确保不同的敏感值群体均能达到各自期望的隐私保护程度,实现个性化的隐私保护.理论分析和仿真实验表明,在机制的主观隐私泄露程度一定时,相比于CRR模型,本文所提的PRR机制统计估计误差更小,即获得的统计数据的质量更高,同时又保证了个性化的隐私保护.     

ECC-Based RFID Authentication Protocol

The radio frequency identification (RFID) technology has been widely used so far in industrial and commercial applications. To develop the RFID tags that support elliptic curve cryptography (ECC), we propose a scalable and mutual authentication protocol based on ECC. We also suggest a tag privacy model that provides adversaries exhibiting strong abilities to attack a tag’s privacy. We prove that the proposed protocol preserves privacy under the privacy model and that it meets general security requirements. Compared with other recent ECC-based RFID authentication protocols, our protocol provides tag privacy and performs the best under comprehensive evaluation of tag privacy, tag computation cost, and communications cost.     

Evaluation and protection of multi-level location privacy based on an information theoretic approach

A privacy metric based on mutual information was proposed to measure the privacy leakage occurred when location data owner trust data users at different levels and need to publish the distorted location data to each user according to her trust level,based on which an location privacy protection mechanism (LPPM)was generated to protect user’s location privacy.In addition,based on mutual information,a metric was proposed to measure the privacy leakage caused by attackers obtaining different levels of distorted location data and then performing inference attack on the original location data more accurately.Another privacy metric was also proposed to quantify the information leakage occurred in the scenario based on mutual information.In particular,the proposed privacy mechanism was designed by modifying Blahut-Arimoto algorithm in rate-distortion theory.Experimental results show the superiority of the proposed LPPM over an existing LPPM in terms of location privacyutility tradeoff in both scenarios,which is more conspicuous when there are highly popular locations.     

Traffic characteristic based privacy leakage assessment scheme for Android device

Aiming at the privacy leakage,which was caused by collecting user information by third-party host in Android operating system App,a privacy leakage evaluation scheme HostRisk was proposed.HostRisk was based on TF-IDF model and hierarchical clustering method,which was applied in mobile device.The TF-IDF model calculated the business relevance between Apps and hosts via the behavior characteristics of the hosts in these Apps.For the business related hosts that fail to express the business relevance characteristics,those hosts were adjusted and optimized via the average connected hierarchical agglomerative clustering method.Finally,the harmful degree of privacy leakage was evaluated based on the ranking of all hosts in the App.The experimental results verify the effectiveness and efficiency of the scheme.     

An Improved RFID Authentication Protocol Based on Group Anonymous Model

Aiming at the security and privacy, and authentication efficiency shortages of existing RFID authentication protocol, an improved scheme is proposed based on Alavi et al.’s protocol. Firstly, in order to resist against replay attack, we add the timestamp generator to the reader side and use hash function to encrypt the reader identification, the random number and timestamp generated by the reader; meanwhile, to solve the data integrity problem in the original scheme, the reader matches the decrypted data with the server side message to ensure that it can detect if the data is tampered with by the attacker. Finally, the improved group anonymous authentication model is used to improve the back-end server’s authentication efficiency. Theoretical analysis and experimental results show that the improved protocol effectively solves the security problems and reduces the back-end server’s authentication time. In addition, this paper simulates the impact of group number on system privacy level and authentication efficiency through experiments. In practical applications, the group number can be adjusted appropriately according to different privacy and efficiency requirements, so the privacy and authentication efficiency of the system will be well-balanced.     

Anonymous data collection scheme for cloud-aided mobile edge networks

With the rapid spread of smart sensors, data collection is becoming more and more important in Mobile Edge Networks (MENs). The collected data can be used in many applications based on the analysis results of these data by cloud computing. Nowadays, data collection schemes have been widely studied by researchers. However, most of the researches take the amount of collected data into consideration without thinking about the problem of privacy leakage of the collected data. In this paper, we propose an energy-efficient and anonymous data collection scheme for MENs to keep a balance between energy consumption and data privacy, in which the privacy information of senors is hidden during data communication. In addition, the residual energy of nodes is taken into consideration in this scheme in particular when it comes to the selection of the relay node. The security analysis shows that no privacy information of the source node and relay node is leaked to attackers. Moreover, the simulation results demonstrate that the proposed scheme is better than other schemes in aspects of lifetime and energy consumption. At the end of the simulation part, we present a qualitative analysis for the proposed scheme and some conventional protocols. It is noteworthy that the proposed scheme outperforms the existing protocols in terms of the above indicators.     

局部差分隐私约束的关联属性不变后随机响应扰动

本文研究敏感属性与部分准标识符属性存在相关时,如何有效减小重构攻击导致的隐私泄漏风险.首先,用互信息理论寻找原始数据集中对敏感属性具有强依赖关系的准标识符属性,为精确扰动数据属性提供理论依据;其次,针对关联属性和非关联属性,应用不变后随机响应方法分别对某个数据属性或者属性之间的组合进行扰动,使之满足局部ε-差分隐私要求,并理论分析后数据扰动对隐私泄露概率和数据效用的影响;最后,实验验证所提算法的有效性和处理增量数据的能力,理论分析了数据结果.由实验结果可知,算法可以更好地达到数据效用和隐私保护的平衡.