面向数字图书馆用户隐私保护的匿名发布方法

针对数字图书馆用户隐私保护问题,提出了一种基于图聚类匿名发布的敏感数据保护方法。该方法将数字图书馆用户数据建模为属性图,利用结构相似性和属性相似性对属性图中节点进行聚类,并将类簇中的节点信息进行匿名化处理,实现了用户数据的匿名化保护。实验结果表明,该方法在实现用户数据匿名保护的同时,有效减少了信息损失,提高了计算效率。     

基于网格标识匹配的位置隐私保护方法

在基于位置的服务中,基于可信第三方模型是当前位置隐私保护中的主要模型,但该模型存在一定的隐私泄露风险。该文提出一种基于网格标识匹配(GIM)的位置隐私保护方法,用户首先将查询区域划分为网格,并结合保序对称加密和K匿名技术,在匿名器形成K匿名,然后利用网格标识匹配返回查询结果给用户。在查询的过程中,匿名器并不知道用户的具体位置,加强了该模型中用户位置的隐私保护。同时中间匿名器仅进行简单的比较和匹配,有效缓解了匿名器的性能瓶颈问题。安全分析表明该方法能有效保护用户的位置隐私;并且通过实验验证该方法能有效减小匿名器的处理时间开销。     

移动互联网服务的隐私保护机制

探讨了考虑背景信息的位置和查询隐私保护方案,如基于背景信息的虚假位置k-匿名方案、同时保护位置和兴趣的隐私保护方案、基于交互的隐私保护方案,还探讨了基于用户隐私链拆分的实名认证和身份隐私保护策略;认为在避免可信第三方参与,敌手能够获取到背景信息的前提下,能够实现对用户身份、位置和查询隐私的保护,达到信任机制和隐私保护的有机结合将是未来隐私保护发展的趋势。     

基于位置语义的路网位置隐私保护

移动用户在享受基于位置的服务（LBS）的同时受到位置隐私泄露的威胁,因而提供有效的位置隐私保护策略至关重要。传统的位置隐私保护方法主要采用空间匿名的方式,若攻击者获得了更多与匿名空间相关的背景知识,尤其是与位置相关的语义信息,就会严重降低匿名效果。为了防止由位置语义分析造成的敏感位置信息泄露,并根据移动用户活动范围大多限定为道路网络的特点,提出一种基于位置语义的路网位置隐私保护方法,充分考虑了用户的个性化隐私需求,并通过实验验证了方法的可行性及有效性。     

基于网格密度的位置隐私保护系统设计与实现

基于位置服务(LBS)给人们生活带来巨大便利的同时,其对个人隐私的泄露风险不容忽视。首先讨论了位置服务中的隐私泄露途径及隐私保护模型,并着重介绍了位置k匿名思想;针对位置k匿名中对模糊匿名区域的寻找问题,提出基于网格密度模型的保护系统方案,利用网格结构简单、索引便捷的特点,可以迅速获知周围用户数目状态,找到覆盖临近k个用户的最小包含空间;此外,考虑若连续使用位置服务,即使每次请求均满足k匿名条件仍可能泄露大概的轨迹信息,提出动态假名算法,量化轨迹隐私泄露风险,将高风险用户的假名与临近用户的假名进行随机的交换,使得攻击者无法对其轨迹进行追踪。     

利用盲签名实现对3G位置隐私的保护

随着3G技术的深入发展,人们对服务提出了更高的要求,在合法用户获取相应服务的同时,还要保护好用户的隐私。论文主要目的是解决3G用户的位置隐私问题,通过使用一个授权的匿名身份来替代3G中用到的IMSI和TMSI,防止了用户身份和位置信息的暴露。文章采用盲签名来实现身份的隐藏,从而达到了保护位置信息的目的。匿名身份的独立性和基于应用层实现该协议达到了用户对位置隐私的完全控制。     

基于投影区域密度划分的k匿名算法

在数据发布的隐私保护中,现有的算法在划分临时匿名组时,没有考虑临时匿名组中相邻数据点的距离,在划分过程中极易产生许多不必要的信息损失,从而影响发布匿名数据集的可用性。针对以上问题,提出矩形投影区域,投影区域密度和划分表征系数等概念,旨在通过提高记录点的投影区域密度来合理地划分临时匿名组,使划分后的匿名组产生的信息损失尽量小;并提出基于投影区域密度划分的k匿名算法,通过优化取整划分函数和属性维选择策略,在保证匿名组数量不减少的同时,减少划分过程中不必要的信息损失,进一步提高发布数据集的可用性。通过理论分析和实验验证了算法的合理性和有效性。     

基于k-模糊匿名的隐私保护

在发布数据的隐私保护过程中,准标识符和敏感属性信息是隐私保护的主要内容。但无论是K-匿名还是基于模糊集的隐私保护方法,都不能有效地对准标识符和敏感属性信息进行保护。针对上述问题,提出了新型的K-模糊匿名隐私保护算法。并通过实验进行了验证,相比于其它两种方法,基于k-模糊匿名的隐私保护方法能更有效保护准标识符和敏感属性信息,信息损失更少,发布数据的可用性更好。     

基于K-匿名的隐私保护关键技术研究

通过对数据的挖掘,企业能提供更加精准、贴心的服务,获得更大的收益。但是数据挖掘同时也带来巨大的挑战,个人隐私保护问题就是其中之一。如何在挖掘数据时既能保护用户的个人隐私又能确保数据的可用性,隐私保护数据发布技术应运而生。文中简要介绍了该技术的基本K-匿名模型,更深入对敏感属性的研究,提出了敏感度联合矩阵。最终结合聚类算法,提出了文中的方法。结果表明,确实加强了对敏感属性隐私的保护。     

个性化搜索中一种基于位置服务的隐私保护方法

在基于位置服务的个性化搜索中,利用可信第三方服务器以及对等节点是保护用户隐私的主要方法,但在现实生活中,它们却是不完全可信的。为了解决这一问题,该文提出一种个性化搜索中基于位置服务的隐私保护方法。该方法通过转换用户的位置信息,并根据用户的查询类型生成用户模型,进而形成带有用户位置信息的查询矩阵,然后利用矩阵加密用户的查询,隐藏查询矩阵中的用户信息,最后根据安全内积计算返回相关性得分最高的前K个查询文件给用户。安全性分析表明该方法能有效地保护用户的查询隐私和位置隐私,通过分析与实验表明,该方法大幅度地缩短了索引构建时间,降低了通信开销,同时为用户提供了基于位置的个性化搜索结果,一定程度上解决了移动设备屏幕小带来的弊端。     

基于授权的多服务器可搜索密文策略属性基加密方案

针对现有属性基可搜索加密方案缺乏对云服务器授权的服务问题,该文提出一种基于授权的可搜索密文策略属性基加密(CP-ABE)方案。方案通过云过滤服务器、云搜索服务器和云存储服务器协同合作实现搜索服务。用户可将生成的授权信息和陷门信息分别发送给云过滤服务器和云搜索服务器,在不解密密文的情况下,云过滤服务器可对所有密文进行检测。该方案利用多个属性授权机构,在保证数据机密性的前提下能进行高效的细粒度访问,解决数据用户密钥泄露问题,提高数据用户对云端数据的检索效率。通过安全性分析,证明方案在提供数据检索服务的同时无法窃取数据用户的敏感信息,且能够有效地防止数据隐私的泄露。     

Privacy Protected Spatial Query Processing for Advanced Location Based Services

Due to the popularity of mobile devices (e.g., cell phones, PDAs, etc.), location-based services have become more and more prevalent in recent years. However, users have to reveal their location information to access location-based services with existing service infrastructures. It is possible that adversaries could collect the location information, which in turn invades user’s privacy. There are existing solutions for query processing on spatial networks and mobile user privacy protection in Euclidean space. However there is no solution for solving queries on spatial networks with privacy protection. Therefore, we aim to provide network distance spatial query solutions which can preserve user privacy by utilizing K-anonymity mechanisms. In this paper, we propose an effective location cloaking mechanism based on spatial networks and two novel query algorithms, PSNN and PSRQ, for answering nearest neighbor queries and range queries on spatial networks without revealing private information of the query initiator. We demonstrate the appeal of our technique using extensive simulation results.     

Efficient privacy-preserving image retrieval scheme over outsourced data with multi-user

The traditional privacy-preserving image retrieval schemes not only bring large computational and communication overhead,but also cannot protect the image and query privacy in multi-user scenarios.To solve above problems,an efficient privacy-preserving content-based image retrieval scheme was proposed in multi-user scenarios.The scheme used Euclidean distance comparison technique to rank the pictures according to similarity of picture feature vectors and return top-k returned.Meanwhile,the efficient key conversion protocol designed in proposed image retrieval scheme allowed each search user to generate queries based on his own private key so that he can retrieval encrypted images generated by different data owners.Strict security analysis shows that the user privacy and cloud data security can be well protected during the image retrieval process,and the performance analysis using real-world dataset shows that the proposed image retrieval scheme is efficient and feasible in practical applications.     

云存储中加密数据的相似检索技术应用研究

随着云存储的广泛应用，大量数据存储在云服务器。尽管云服务提供很多便利，但数据的隐私及安全性一直是重点关注的问题，为解决数据安全问题需要将外储数据以加密的形式进行存储。加密存储的方式保护了数据不被恶意访问，然而数据的一些重要的基本应用如检索等不能实现。为了在不泄露隐私的条件下实现对加密数据的检索，很多可检索的加密方案被提出。然而，这些方案多数只能处理确切的关键字匹配检索而不能进行相似的关键字检索，相似检索在现实应用中又极其重要。本文提出一个高效的支持加密数据相似检索的方案，为了实现相似密文的检索我们利用一种被称为位置敏感的哈希算法。为了确保数据的机密性和安全性，我们给出了严格的安全定义，并且在安全定义下证明了方案的安全性。      

Performance of MIMO-UWB for LOS and N-LOS Propagation

Mobile cloud computing (MCC) enables ubiquitous access to a diverse range of Internet multimedia services in a pay-as-you-go economic model. In an MCC environment with highly mobile users, the migration of service requests from one cloud server to another due to user movement may frequently occur. We note that when the load offered to the cloud server is increased beyond the capacity limit, particularly when migrated traffic due to user movement suddenly appears, the probability to disrupt existing services gets higher, consequently resulting in the degradation of user quality of experience (QoE). To keep the service disruption probability at an acceptable level so as to maintain a high user-perceived QoE for different classes of multimedia services, this paper proposes a QoE-aware service continuity strategy for the cloud server in an MCC environment. The strategy is based on the buffer-occupancy threshold policy that differentiates newly arriving service requests coming from the mobile users and offers effective protection for migrated service requests against traffic fluctuation in newly arriving service requests. With the proposed strategy, the cloud server can dynamically change the buffer thresholds for different classes of service requests based on the offered traffic load and the user mobility to improve resource utilization, and, most importantly, to keep the service disruption probability at an acceptable level. Besides, by taking the effect of migrated traffic into account, we develop an analytical model to study the performance of the cloud server using the proposed strategy. With the analytical model, we propose an iterative method to determine the optimal buffer thresholds that maximize resource utilization while keeping an acceptable user QoE for different classes of services.

     

Understanding user privacy expectations: A software developer’s perspective

Software developers are trained to develop and design software applications that provide services to users. However, software applications sometimes collect users’ data without their knowledge. When applications collect and use users’ data without transparency, this leads to user privacy invasions because users do not expect the application to collect and use these information. Therefore, it is important that software developers understand users’ privacy expectations when designing applications in order to handle user data transparently in software applications. However, due to the lack of systematic approaches to extract user privacy requirements, developers end up designing applications either based on their assumptions on user privacy expectations, or relating to their own expectations of privacy as a user. Nevertheless, how accurate these perceived privacy expectations are against actual user expectations is not currently known. This research focuses on investigating developers’ privacy expectations from a user point of view against users’ privacy expectations. We also investigate developers’ assumptions on user privacy expectations against actual user privacy expectations. Our findings revealed that developers’ assumptions on user privacy expectations are close to their own expectations of privacy from a user point of view and that developers’ privacy expectations from a user point of view are significantly different from actual user privacy expectations. With this understanding, we provide recommendations for software developers to understand and acknowledge user expectations on privacy when they design and develop applications.     

个人移动数据收集中的多维轨迹匿名方法

在情景感知位置服务中,移动互联网络的开放性使得个人移动数据面临巨大的安全风险,移动数据的时空关联特性对个人数据的隐私保护提出重大挑战.针对基于时空关联的背景知识攻击,本文提出了一种多维的轨迹匿名隐私保护方法.该方法在匿名轨迹数据收集系统的基础上,基于多用户协作的隐私保护模式,通过时间匿名和空间匿名算法,实现用户的隐私保护.实验结果表明,该方法可以有效的对抗基于位置和移动方式的背景知识攻击,满足了k-匿名的隐私保护要求.     

云计算环境下密文搜索算法的研究

为确保数据私密性,用户选择将数据加密后再上传到云端,但云无法为密文数据提供管理和搜索等服务。密文搜索技术可以把保护用户数据私密性和有效利用云服务结合起来。在分析云环境下密文搜索算法的基础上,提出基于云环境的密文搜索体系结构,研究其中的关键技术,指出云环境应用密文搜索技术存在的问题和改进的方向。     

Data Protection and Data Sharing in Telematics

Automotive telematics may be defined as the information-intensive applications enabled for vehicles by a combination of telecommunications and computing technology. Telematics by its nature requires the capture, storage, and exchange of sensor data to obtain remote services. Such data likely include personal, sensitive information, which require proper handling to protect the driver's privacy. Some existing approaches focus on protecting privacy through anonymous interactions or by stopping information flow altogether. We complement these by concentrating instead on giving different stakeholders control over data sharing and use. In this paper, we identify several data protection challenges specifically related to the automotive telematics domain, and propose a general data protection framework to address some of those challenges. The framework enables data aggregation before data is released to service providers, which minimizes the disclosure of privacy sensitive information. We have implemented the core component, the privacy engine, to help users manage their privacy policies and to authorize data requests based on policy matching. The policy manager provides a flexible privacy policy model that allows data subjects to express rich constraint-based policies, including event-based, and spatio-temporal constraints. Thus, the policy engine can decide on a large number of requests without user assistance and causes no interruptions while driving. A performance study indicates that the overhead is stable with an increasing number of data subjects.     

A Privacy Preserving Method Using Privacy Enhancing Techniques for Location Based Services

The move towards service-oriented architectures and the increasing usage of mobile devices to access such services are two of the major changes in modern computing. Information about the user, their location and their trajectory can provide additional context information to a service, leading to useful applications such as directing a user to the nearest bus stop and displaying which buses are due to arrive in the next minutes. While this type of information can be useful, when the offered services are trusted, it also introduces privacy issues relating to gathering of location information for non-trusted applications like location-based marketing or user behaviour profiling. Users can limit their location information provided to a service but these controls are simple, making it important for the user to understand how their location information is being used by services. This paper reviews some of the methods currently being proposed to reduce the impact of location tracking on user privacy, and presents a novel encryption method for preserving the location and trajectory path of a user using Privacy-Enhancing Technologies.