位置隐私研究综述

近年来随着传感器和无线移动设备的飞速发展,随时随地获得个人位置成为可能。一方面,促进了基于位置服务的飞速发展,另一方面,个人位置隐私泄露的问题引起人们的广泛关注。由于移动环境中位置信息的特殊性,造成无法直接利用现有的关系数据库隐私保护技术。文章分析了位置隐私保护中存在的挑战问题,从系统结构、位置匿名技术和查询处理技术三方面归纳总结了现有的研究工作,并指出了未来的研究方向。     

一种改进的移动社会性软件搜索方法

大多数移动社会性软件搜索方法缺乏对用户物理位置和社会性的兼顾研究。针对这种情况,提出了一种基于兴趣和位置的移动社会性软件搜索方法,通过设置不同功能类型的超级节点将覆盖层网络分层,从而兼顾了节点的社会性和物理位置。为了提高查询效率,引入了查询度的概念,节点的查询和位置更新均受其查询度的影响。实验结果表明,相比传统算法该方法在平均响应时间和查询效率上有显著提高。     

移动数据库中基于k-匿名的隐私保护模型研究

由于移动网络低安全等特性,导致移动数据库中与用户隐私相关的字段处在一种可能会被披露的状态,如何实现高效可靠地隐私保护是当前移动数据库中一个主要的研究方向。其中k-匿名技术已被证明是一种可靠地数据查询发布技术,在文中,我们在移动数据库引入k-匿名技术从而对数据库中用户的相关数据或敏感数据进行保护,以防止具有知识背景下的隐私披露。实验证明具有一定的有效性,时间复杂度也在可控的O(k)级别,比较高效。     

基于匿名路由的移动位置隐私保护

为了保证移动节点在使用基于位置的服务时的位置隐私,提出基于匿名路由的移动位置隐私保护方法。该方法将移动网络中的每一个移动节点都当作可以使用的中转节点,采用重路由的方式进行路由选择,第一跳用随机选取的方式选择中转节点,剩下的路径选择通过一定的转发概率来确定下一跳并将其发送给中转节点或LBS服务器。为保证位置信息不被泄露,移动发送节点用目标服务器的公钥对地理位置信息和查询信息进行加密,再利用下一跳的公钥对已加密的内容进行二次加密,并转发给下一跳。同时中转节点收到后,用当前节点的私钥解密,解密时只能解密最外层,再用随机选取的下一跳的公钥加密,重复此过程,直至LBS服务器接收到移动发送节点发来的信息。理论分析和实验结果表明,这种移动位置隐私保护方式可以保证LBS服务器和任何中转节点都不能获取移动发送节点的位置隐私,可以在较低的代价下实现移动发送节点的位置隐私保护。并且在该方案中中转节点可以是移动网络中的任意一个节点,不会因为部分节点故障导致通信失败,因此所提方案的健壮性较好。     

基于V-grid模型的位置隐私保护方法

Casper模型只适用于用户移动速度较慢的情况,当用户高速运动时,匿名区域构造成功率下降,LBS服务质量降低。为此,提出一种基于V-grid模型的位置隐私保护方法。引入用户移动速度,在构造匿名区域前更新用户位置,以满足不同移动速度用户的隐私需求。实验结果表明,V-grid模型适用于户运动速度不同的情况,比Casper模型的匿名区域构造成功率更高,服务质量更好。     

基于Alt-Geohash编码的k-匿名位置隐私保护方案

在对享受基于位置服务（LBS）用户进行位置隐私保护时,传统k-匿名技术在执行匿名操作时没有全面考虑时间开销和位置背景信息。针对上述问题,提出了一种基于Alt-Geohash编码的k-匿名位置隐私保护方案（k-anonymous location privacy protection scheme based on Alt-Geohash coding,KLPPS-AGC）。首先,通过位置泛化和Alt-Geohash编码技术实现对历史数据的快速检索;其次,根据历史查询概率筛选出能与用户构建高位置熵的位置;再次,利用海伦公式改善匿名集的位置分散度;最后,构建安全匿名集实现对用户的位置隐私保护。实验证明,该方案拥有较低的时间开销和较高的隐私性。     

基于地理社交网络的频繁位置隐私保护算法

针对地理社交网络中以频繁位置为背景知识的攻击导致用户身份泄露的问题,提出一种基于地理社交网络的频繁位置隐私保护算法。首先,根据用户对位置访问的频次设置频繁位置并为每个用户建立频繁位置集合;然后按照背景知识的不同,将频繁位置的子集组成超边,把不满足匿名参数k的超边以用户偏离和位置偏离最小值为优化目标进行超边重组;最后,通过仿真实验表明,与（k,m）-anonymity算法相比,在频繁位置为3的情况下,该算法在Gowalla数据集上用户偏离度以及位置偏离度分别平均降低了约19.1%和8.3%,在Brightkite数据集上分别平均降低了约22.2%和10.7%,因此所提算法能够有效保护频繁位置的同时降低用户和位置偏离度。     

基于近似匹配的假位置k-匿名位置隐私保护方法

为了提高假位置k-匿名位置隐私保护方法中的假位置生成效率和查询服务质量,以及解决假位置生成过程中预处理复杂、没有充分考虑地理语义信息特征等问题,提出一种基于近似匹配的假位置k-匿名位置隐私保护方法.首先,将所选区域划分为若干个正方形网格,并将各位置坐标按所在网格转换为莫顿码;然后,通过对各位置莫顿码之间的近似匹配,选取互不相邻、分布在不同网格的位置点,生成假位置候选集;最后,对候选集中位置点的地名信息进行近似匹配,得到位置点之间的语义相似度,并选取语义相似度最小的k-1个位置点作为假位置.实验结果表明,所提出的方法在保证假位置之间物理分散性和语义多样化的同时,能够提高假位置生成效率,有效平衡隐私保护效果和查询服务质量.     

空间众包中的位置隐私保护技术综述

群众外包(crowdsourcing,简称众包)是互联网发展带来的新的商业模式,依赖大量的工作者完成任务。许多众包任务都是在线完成的,其中存在一类特殊的任务依赖于用户实际的位置信息,这类依赖于用户实际位置信息的众包通常被称为空间众包。近年来,随着移动设备和无线网络的迅速发展,传感器能够更加精确的获取用户的位置、移动速度和方向等信息,空间众包中用户的位置隐私安全问题日益凸显。本文集中介绍空间众包的基本概念,工作流程以及已有空间众包平台中的位置隐私保护问题,并以此为基础详细阐述了空间众包中基于差分隐私、空间匿名以及加密技术的三种主流的隐私保护模型。最后总结并展望了我们未来的研究方向。     

路网环境下位置隐私保护技术研究进展

基于位置服务(LBS)在给人们带来方便的同时也引起了越来越多的安全隐患,位置隐私保护成为了学术界和业界关注的焦点.由于大部分用户是沿着道路交通网络移动,研究路网环境下的位置隐私技术更具有现实意义.通过分析路网环境面临隐私泄露的新挑战,从网络扩张匿名技术、X-Star匿名技术、Mix zone匿名技术三个方面对现有路网下的位置隐私技术进行了深入研究,比较了其隐私水平、服务质量等性能指标.最后,总结了路网环境下位置隐私保护技术存在的问题及未来的研究热点.     

Enhancing WLAN location privacy using mobile behavior

Recently wireless network is massively used in the daily life, but user’s location privacy can be threatened. In a wireless local area network (WLAN), an adversary can track a user through his/her unchanged MAC address. Many correlation researches have been proposed to combat this issue, but they have not included mobile behavior of neighboring nodes as a key factor; therefore, their solutions may miss the opportune moment to update MAC address to improve the user’s location privacy. In other words, the existing schemes in the opportune moment to update MAC address may not be the best one. Furthermore, they will have many unnecessary MAC addresses to be updated; it then causes the network throughput being reduced. In this paper, we are going to enhance user’s location privacy with the relative positioning scheme. We analyze the mobile behavior of neighboring nodes to decide which mobile nodes are going to update their MAC addresses. The experiment results show that our scheme can decrease the time of changing MAC address, and also to enhance the user’s location privacy, although the network throughput is a little decrease.     

Long-term location privacy protection for location-based services in mobile cloud computing

The popularity of mobile devices, especially intelligent mobile phones, significantly prompt various location-based services (LBSs) in cloud systems. These services not only greatly facilitate people’s daily lives, but also cause serious threats that users’ location information may be misused or leaked by service providers. The dummy-based privacy protection techniques have significant advantages over others because they neither rely on trusted servers nor need adequate number of trustworthy peers. Existing dummy-based location privacy protection schemes, however, cannot yet provide long-term privacy protection. In this paper, we propose four principles for the dummy-based long-term location privacy protection (LT-LPP). Based on the principles, we propose a set of long-term consistent dummy generation algorithms for the LT-LPP. Our approach is built on soft computing techniques and can balance the preferred privacy protection and computing cost. Comprehensive experimental results demonstrate that our approach is effective to both long-term privacy protection and fake path generation for LBSs in mobile clouds.     

Protecting location privacy in mobile geoservices using fuzzy inference systems

Mobile geoservices, especially location-based services (LBSs), are becoming more popular each day. The most important goal of these services is to use a user’s location to provide location-aware services. Because the user’s spatial information can be abused by organizations or advertisers, and sometimes for criminal purposes, the protection of this information is a necessary part of such services. There has been substantial research on privacy protection in LBSs and mobile geoservices; most studies have attempted to anonymize the user and hide his/her identity or to engage the user in the protection process. The major defects of these previous approaches include an increased complexity of system architecture, a decrease in service capabilities, undesirable processing times, and a failure to satisfy users. Additionally, anonymization is not a suitable solution for context-aware services. Therefore, in this paper, a new approach is proposed to locate users with different levels of spatial precision, based on his/her spatio-temporal context and a user’s group, through fuzzy inference systems. The user’s location and the time of the request determine the spatio-temporal context of the user. A fuzzy rule base is formed separately for each group of users and services. An interview is a simple method to extract the rules. The spatial precision of a user’s location, which is obtained from a fuzzy system, goes to a spatial function called the conceptualization function, to determine the user’s location based on one of the following five levels of qualitative precision: geometrical coordinates, streets, parish, region, and qualitative location, such as the eastern part of the city. Thus, there is no need to anonymize users in mobile geoservices or to turn the service off. The applicability and efficiency of the proposed method are shown for a group of taxi drivers.     

Wireless location privacy protection

After more than two decades of hype, computing and communication technologies are finally converging. Java-enabled cell phones run a host of powerful applications including mobile Internet access, while many notebook computers offer high-speed wireless connectivity as a standard feature. The big decision when purchasing a PDA is whether to get integrated cellular service or Wi-Fi capability. Location-based services are emerging as the next killer app in personal wireless devices, but there are few safeguards on location privacy. In fact, the demand for improved public safety is pushing regulation in the opposite direction. Today, when a person reports an emergency from a landline phone by dialing 911 in the United States or 112 in Europe, the system displays the caller's phone number and address to the dispatcher. The US Federal Communications Commission has mandated that, by December 2005, all cellular carriers be able to identify the location of emergency callers using mobile phones to within 50 to 100 meters. However, how cellular carriers and other businesses will use this capability remains open to question. The article looks at some of the areas this capability affects, including: privacy risks; economic damages; location-based spam; intermittent connectivity; user interfaces; network privacy; and privacy protection.     

WSNs中的位置隐私评述

随着无线传感器网络（WSNs）的广泛应用,隐私已成为WSNs成功应用的一大障碍。当WSNs用于监控敏感对象,被监控对象的位置隐私成为一个重要问题。特别是WSNs在军事上的应用,基站一旦被控制或破坏,后果不堪设想。分析了WSNs的安全特点、位置隐私性能评价、面临的隐私威胁,并基于对WSNs位置隐私问题的分析和评述,指出了今后该领域的研究方向。     

Unfolding the privacy paradox among mobile social commerce users: a multi-mediation approach

Considering that privacy paradox is currently an underexplored research area, this study proposes a privacy paradox model to explain the reasons behind such phenomenon. Built upon the theoretical link of belief-intention-behaviour and the idea of multi-mediation, this study seeks to discover the relationship between concern for social media information privacy and usage intention, and the potential mediators that stand between such linkage. The results suggest that perceived mobility and social support do mediate the said linkage, and the model could reasonably explain usage intention, which surprisingly has a negative association with usage behaviour. Theoretical and practical implications are subsequently offered.     

一种支持位置隐私保护的社交发现服务模型

针对社交发现服务中的隐私保护问题,提出一种位置隐私保护社交模型。通过将用户数据分成索引消息和数据消息,使得地理坐标和位置数据解耦,引入多授权中心环境下的属性基加密方法(attribute based encryption,ABE)对索引消息进行加密,位置数据由对称加密后上传,两者分别保存在索引服务器和数据服务器的个人存储空间上。分析表明,模型支持陌生成员发现和群组管理功能,灵活性高,能够保护用户的社交隐私数据,可以很好地用于社交发现服务。     

A survey of computational location privacy

This is a literature survey of computational location privacy, meaning computation-based privacy mechanisms that treat location data as geometric information. This definition includes privacy-preserving algorithms like anonymity and obfuscation as well as privacy-breaking algorithms that exploit the geometric nature of the data. The survey omits non-computational techniques like manually inspecting geotagged photos, and it omits techniques like encryption or access control that treat location data as general symbols. The paper reviews studies of peoples’ attitudes about location privacy, computational threats on leaked location data, and computational countermeasures for mitigating these threats.     

移动智能网软件自动化测试的研究与实现

对移动智能网原有的手工测试系统进行了分析,总结出测试系统存在的不足,提出了改进方案。改进后的自动化测试系统能够在测试用例执行的不同阶段实现测试自动化,包括测试用例的设计、数据表的配置、状态机的构造、测试结果的检查、测试环境的配置和回归测试。改进后的测试系统在移动智能网项目的测试中进行了实验,并对实验结果进行了分析。