An efficient and secure approach for a cloud collaborative editing

The demand for cloud-based collaborative editing service is rising along with the tremendously increased popularity in cloud computing. In the cloud-based collaborative editing environment, the data are stored in the cloud and able to be accessed from everywhere through every compatible device with the Internet. The information is shared with every accredited user in a group. In other words, multiple authorized users of the group are able to work on the same document and edit the document collaboratively and synchronously online. Meanwhile, during the whole collaborative editing process, the encryption technique is eventually applied to protect and secure the data. The encryption for the collaborative editing, however, could require much time to operate. To elevate the efficiency of the encryption, this study first analyzes the text editing in the collaborative service and presents a framework of the Red–Black tree, named as rbTree-Doc. The rbTree-Doc can reduce the amount of data to be encrypted. Although the trade-off for creating the Red–Black tree introduces extra cost, the experimental results of using rbTree-Doc in text editing operations, such as insertion and removal, show improved efficiency compared with other whole-document encryption strategy. Using rbTree-Doc, the efficiency is improved by 31.04% compared to that 3DES encryption is applied and by 23.94% compared to that AES encryption is applied.     

Google and Privacy

Abstract

Google has emerged as the preeminent Internet search engine, but more important, it has achieved an iconic status. It is solidly entrenched in our language and popular culture. But there is a darker side to Google. Google collects personal information about its users, and it aggregates third party information more effectively than many third world governments. While there has been no abuse (that we know of) by Google of personal information, that potential exists, and there are numerous instances of third parties using Google to aggregate personal information for dubious purposes.     

Territorial targeting in EU private law

In a series of rulings given in the last few years, the Court of Justice of the European Union (EU) has made use of the concept of targeting by a trader of a particular territorial market as a device for determining the scope of European legislation on private law. The concept is of particular importance in the context of trading activities conducted by means of the Internet, though its significance is not confined to such activities. In particular, the European Court has used the concept of targeting for the purpose of restricting the substantive ambit of intellectual property rights created or harmonised by EU legislation. On the other hand, it has avoided use of the concept of targeting in the context of EU legislation allocating jurisdiction between the courts of the Member States, even in respect of disputes involving intellectual property, except where a legislative text specifically invokes such a concept. The instant paper endeavours to review the position as currently established by the European case-law, and to predict the likely further developments.     

Privacy leakage on the Web: Diffusion and countermeasures

Protecting privacy on the Web is becoming increasingly complicated because of the considerable amount of personal and sensitive information left by users in many locations during their Web browsing and the silent actions of third party sites that collect data, aggregate information and build personal profiles of Internet users in order to provide free and personalized services. On the other hand, most of people are unaware that their information may be collected online, and that, after their aggregation from multiple sources, could be used for secondary purposes, such as linked to allow identification, without user’s notice.     

防止路径攻击的加权社会网络匿名化技术

随着社会网络的普及,社会网络数据的隐私保护问题,已经成为数据隐私研究领域学者普遍关注的热点问题。由于隐私信息异常广泛,攻击者可以利用多种背景知识进行隐私攻击。现有的隐私保护技术,大多针对简单社会网络,并不适用于加权社会网络。对加权社会网络中的路径隐私泄露问题进行了研究,针对最短路径识别提出了加权图k-可能路径匿名（k-possible path anonymity,KPPA）隐私保护模型,来防止基于加权社会网络的最短路径隐私攻击,设计了一种基于权重泛化的匿名方法来实现KPPA算法。通过在真实数据集上的大量测试研究,证明了KPPA算法对于加权图路径隐私保护的有效性,同时基于KPPA算法可以保留原图结构性质,提高权重信息的可用性。     

基于网络编码的文件备份方案

针对数据备份需占用大量空间和需额外手段对其安全保密性进行保护的问题,提出了一种基于网络编码技术的文件备份方案,其核心是对多个备份文件进行网络编码操作,生成编码备份文件后存储于备份服务器中。该方案包括以下部分:备份的基本原理、备份过程、文件更新对备份恢复的影响和处理、备份的更新和全局备份控制系统。实验与理论分析表明,该方案较传统备份方案大幅节省了存储空间,提高了备份文件的安全保密性,但文件的可恢复性微降并增加了系统的复杂度。     

一种增强的隐私保护K-匿名模型——（α，L）多样化K-匿名

K-匿名化是数据发布环境下保护个人隐私的一种有效的方法。指出目前已有的一些K-匿名模型存在隐私泄露问题,给出了一种新的有效的K-匿名模型——（α,L）多样化K-匿名模型解决存在的问题。通过一个局部化泛化算法对新模型的有效性进行实验验证。     

基于模糊兴趣模型与多Agent的个性化推荐系统

提出了基于模糊兴趣模型与多Agent的个性化推荐系统框架,通过引入用户模糊兴趣模型,使以Agent为基础的推荐系统无法通过隐式收集用户对商品属性评价的问题得到解决,并且在客户端收集并挖掘用户的私有信息,然后从服务器中获取用户感兴趣的信息,最后生成并更新UserProfile。     

人脸特征的SIFT保护算法

人脸识别技术在门禁、视频监控等公共安全领域中的应用日益广泛,人脸特征数据的安全性和隐私性问题成为备受关注的焦点。提出一种基于SIFT的人脸特征安全保护新算法,首次将随机投影应用到对人脸特征数据的保护中。该算法首先利用SIFT特征对旋转、尺度缩放、光照变化等具有较好稳定性的特点,提取有较好鲁棒性的人脸数据;然后根据用户密钥对SIFT特征进行不可逆变换,生成具有可重建性的人脸特征模板数据,从而实现对人脸特征数据的保护。实验表明,该算法在CMU、AR和Feret人脸数据库中均取得较高的识别率,不仅对人脸特征数据具有保护作用,并且对姿势、遮挡和表情的变化具有较高的鲁棒性。