基于服务相似性的k-匿名位置隐私保护方法

针对当前基于位置的服务(LBS)系统存在的隐私保护度、位置服务质量和通信开销三者难于平衡的问题,提出了一种基于服务相似性的k-匿名位置隐私保护方法。在不改变现有LBS 系统架构的情况下,利用位置服务查询结果的相似性来辅助匿名服务器构造匿名区域,从而实现在确保用户隐私安全的基础上,有效提高服务质量和降低系统开销。最后,通过实验验证了该算法的有效性。     

无可信第三方的数据匿名化收集协议

针对半诚信的数据收集者对包含敏感属性(SA)数据收集和使用过程中可能造成隐私泄露问题,该文在传统模型中增加实时的数据领导者,并基于改进模型提出一个隐私保护的数据收集协议,确保无可信第三方假设前提下,数据收集者最大化数据效用只能建立在K匿名处理过的数据基础上。数据拥有者分布协作的方式参与协议流程,实现了准标识(QI)匿名化后SA的传输,降低了数据收集者通过QI关联准确SA值的概率,减弱内部标识揭露造成隐私泄露风险;通过树形编码结构将SA的编码值分为随机锚点和补偿距离两份份额,由K匿名形成的等价类成员选举获取两个数据领导者,分别对两份份额进行聚集和转发,解除唯一性的网络标识和SA值的关联,有效防止外部标识揭露造成的隐私泄露;建立符合该协议特性的形式化规则并对协议进行安全分析,证明了协议满足隐私保护需求。     

移动环境下LBS位置隐私保护

用k匿名模型对基于位置信息的服务(LBS)中的位置隐私进行保护是近年来研究的热点。在移动用户不断发出查询的场景下,该文提出了移动模式攻击(MPA),使得传统的针对孤立查询的隐私保护算法均失效。基于熵理论,提出了熵匿名度度量,并以此为基础提出了移动环境下的模糊化算法Mclique,实验证明其有效地抵御了MPA攻击。通过简化Mclique算法中熵的计算,提出了快速模糊化算法Fclique,实验证明Fclique不仅仍具有较强的MPA抵御能力,且极大提高了时间效率。     

一种基于兴趣点分布的匿名框KNN查询方法

针对利用匿名框实现的兴趣点K近邻（KNN）查询带来的通信开销大、时延长等问题,提出了基于单一兴趣点Voronoi图划分和四叉树层次化组织的KNN查询方法。该方法根据兴趣点层次信息有针对性的构造查询匿名框用来获取详细查询信息,在保护位置隐私的同时,降低了查询通信开销,同时注入虚假查询保护了用户的真实查询内容隐私。最后分别采用模拟地理数据和真实地理数据进行理论分析和有效性验证。     

移动互联网中的位置隐私保护研究

全面归纳了移动互联网中位置隐私保护的相关研究工作,总结了位置服务和定位服务中的威胁模型。然后,详细介绍了现有基于位置服务的隐私保护技术,分析了其在抗隐私攻击和位置隐私适用性方面的优缺点,并阐述了定位服务中位置隐私问题的本质、威胁和解决方法。最后指出了需要进一步研究的问题。     

大数据时代中的去匿名化技术及应用

首先通过案例说明隐私保护的重要性,然后介绍隐私保护中常用的匿名化方法,并针对评分推荐系统、社交网络和博客分别介绍有效的去匿名化方法。表明在大数据时代下虽然数据的公开有利于学术研究,但是也需要加强考虑隐私保护的问题。     

大数据匿名化隐私保护技术综述

伴随着网络化与信息化的发展,信息呈爆炸式增长,大数据时代正悄无声息到来。大数据在影响人们吃穿住行的同时,也让人们陷入了隐私危机。匿名化技术是在数据发布过程中进行隐私保护的一项重要技术。文章通过查阅大量文献,首先简要地概述了大数据隐私危机现状;接着总结了常见的隐私攻击方法及与抗衡的匿名模型及其实现方法与技术;然后讨论了匿名化质量的度量方法;最后总结并说明下一步的研究方向。     

基于区域划分和排序的K-匿名算法

基于位置的服务(LBS)在日常生活中的应用越来越广,对位置隐私保护的要求也越来越强。目前有很多种对位置隐私和查询隐私的保护原则、保护算法,其中K-匿名是使用较为广泛的一个原则。针对智能终端的平台特性,提出一种新的基于K-匿名的隐私保护算法,主要通过区域划分和排序的方式,对不同区域之间的查询集合合并,模糊用户位置,完成对位置隐私和查询隐私的保护。实验证明,能在较小的代价下完成对用户的位置隐私保护。     

基于聚类匿名化的差分隐私保护数据发布方法

基于匿名化技术的理论基础,采用DBSCAN聚类算法对数据记录进行聚类,实现将个体记录匿名化隐藏于一组记录中。为提高隐私保护程度,对匿名化划分的数据添加拉普拉斯噪声,扰动个体数据真实值,以实现差分隐私保护模型的要求。通过聚类,分化查询函数敏感性,提高数据可用性。对算法隐私性进行证明,并实验说明发布数据的可用性。     

智能移动终端的位置隐私保护技术

从位置隐私保护理论模型和位置隐私保护方法两个方面入手,对智能移动终端上的位置隐私保护研究现状进行了探讨,重点研究当前模型和方法的优缺点以及各自的适用场景;结合智能终端和移动互联网的发展趋势,指出当前位置隐私保护技术存在的问题,对未来的研究方向提出了建议。     

A New Anonymity Model for Privacy-Preserving Data Publishing

Privacy-preserving data publishing （PPDP） is one of the hot issues in the field of the network security. The existing PPDP technique cannot deal with generality attacks, which explicitly contain the sensitivity attack and the similarity attack. This paper proposes a novel model, （w,γ, k）-anonymity, to avoid generality attacks on both cases of numeric and categorical attributes. We show that the optimal （w, γ, k）-anonymity problem is NP-hard and conduct the Top-down Local recoding （TDL） algorithm to implement the model. Our experiments validate the improvement of our model with real data.     

Integrated Personal Mobility Architecture: A Complete Personal Mobility Solution

The high expectations and demand for users to access the Internet from anywhere at anytime has made user mobility an important part of the design and development of the next generation mobile communications and computing. Traditionally user mobility has been divided into two areas: Terminal Mobility and Personal Mobility. In recent years terminal mobility has focused on the movement of the terminal and developed extensions to IP protocols such as Mobile IP. In contrast, personal mobility has only received limited attention, and is somewhat lagging behind. This research has either focussed on personal mobility in communications or personalisation of operating environments. As a result, to date no framework for providing true personal mobility has emerged. In this paper, we introduce a new personal mobility framework called IPMoA (Integrated Personal Mobility Architecture), which integrates both aspects of personal mobility to provide a complete personal mobility solution, and illustrate the viability of this approach through a proof-of-concept implementation.     

(r, QI)-Transform:Reversible Data Anonymity Based on Numeric Type of Data in Outsourced Database

An outsource database is a database service provided by cloud computing companies. Using the outsource database can reduce the hardware and software's cost and also get more efficient and reliable data processing capacity. However, the outsource database still has some challenges. If the service provider does not have sufficient confidence, there is the possibility of data leakage. The data may has user's privacy, so data leakage may cause data privacy leak. Based on this factor, to protect the privacy of data in the outsource database becomes very important. In the past, scholars have proposed k-anonymity to protect data privacy in the database. It lets data become anonymous to avoid data privacy leak. But k-anonymity has some problems, it is irreversible, and easier to be attacked by homogeneity attack and background knowledge attack. Later on, scholars have proposed some studies to solve homogeneity attack and background knowledge attack. But their studies still cannot recover back to the original data. In this paper, we propose a data anonymity method. It can be reversible and also prevent those two attacks. Our study is based on the proposed r-transform. It can be used on the numeric type of attributes in the outsource database. In the experiment, we discussed the time required to anonymize and recover data. Furthermore, we investigated the defense against homogeneous attack and background knowledge attack. At the end, we summarized the proposed method and future researches.     

Personal Data Use and Morality in the E-Business Environment

This paper deals with personal data use by firms in the e-business environment from the viewpoint of business administration and information ethics. Whereas the tremendous development of information and communication technology (ICT) has made it easier for firms to acquire, store, share,and utilise personal data on their customers, firms that use personal data are exposed to risks related to privacy issues. Since individuals fear the invasion of their privacy, the failure of a firm to appear or remain trustworthy would make it difficult for it to maintain accurate, up-to-date databases and to construct desirable business processes, which would affect the bottom line. Therefore, modem firms should do what they can to ensure that their customers trust them. For them, one promising way to remain trustworthy is to behave as a moral agent. Although it is difficult for any firm to meet the conditions necessary to be a moral agent, competence in behaving as a moral agent is a hard-to-imitate capability of firms for which personal data use is vital for enjoying the benefits of business relationships in the e-business environment.     

基于k-度匿名的社会网络隐私保护方法

针对当前社会网络的匿名化隐私保护方法存在信息损失量巨大、网络关系结构被改变严重等问题,提出一种保持网络结构稳定的k-度匿名隐私保护模型SimilarGraph,运用动态规划方法对社会网络按照节点度序列进行最优簇划分,然后采用移动边操作方式重构网络图以实现图的k-度匿名化。区别于传统的数值扰乱或图修改如随机增加、删除节点或边等方法,该模型的优势在于既不增加网络边数和节点数,也不破坏网络原有连通性和关系结构。实验结果表明,SimilarGraph匿名化方法不仅能有效提高网络抵御度属性攻击的能力,并且还能保持网络结构稳定,同时具有较理想的信息损失代价。     

基于差分隐私模型的位置轨迹发布技术研究

位置轨迹大数据的安全分享、发布需求离不开位置轨迹隐私保护技术支持。在差分隐私出现之前,K-匿名及其衍生模型为位置轨迹隐私保护提供了一种量化评估的手段,但其安全性严重依赖于攻击者所掌握的背景知识,当有新的攻击出现时模型无法提供完善的隐私保护。差分隐私技术的出现有效地弥补了上述问题,越来越多地应用于轨迹数据隐私发布领域中。该文对基于差分隐私理论的轨迹隐私保护技术进行了研究与分析,重点介绍了差分隐私模型下位置直方图、轨迹直方图等空间统计数据发布方法,差分隐私模型下轨迹数据集发布方法,以及连续轨迹实时发布隐私保护模型。与此同时,在对现有方法对比分析的基础上,提出了未来的重点发展方向。

     

Preserving User Anonymity in Context‐Aware Location‐Based Services: A Proposed Framework

Protecting privacy is an important goal in designing location‐based services. Service providers want to verify legitimate users and allow permitted users to enjoy their services. Users, however, want to preserve their privacy and prevent tracking. In this paper, a new framework providing users with more privacy and anonymity in both the authentication process and the querying process is proposed. Unlike the designs proposed in previous works, our framework benefits from a combination of three important techniques: k‐anonymity, timed fuzzy logic, and a one‐way hash function. Modifying and adapting these existing schemes provides us with a simpler, less complex, yet more mature solution. During authentication, the one‐way hash function provides users with more privacy by using fingerprints of users' identities. To provide anonymous authentication, the concept of confidence level is adopted with timed fuzzy logic. Regarding location privacy, spatial k‐anonymity prevents the users' locations from being tracked. The experiment results and analysis show that our framework can strengthen the protection of anonymity and privacy of users by incurring a minimal implementation cost and can improve functionality.     

面向DaaS应用的数据集成隐私保护机制研究

云计算的出现为多个数据拥有者进行数据集成发布及协同数据挖掘提供了更广阔的平台,在数据即服务模式(Daa S,data as a service)下,集成数据被部署在非完全可信的服务运营商平台上,数据隐私保护成为制约该模式应用和推广的挑战性问题。为防止数据集成时的隐私泄露,提出一种面向Daa S应用的两级隐私保护机制。该隐私保护机制独立于具体的应用,将数据属性切分到不同的数据分块中,并通过混淆数据确保数据在各个分块中均衡分布,实现对数据集成隐私保护。通过分析证明该隐私保护机制的合理性,并通过实验验证该隐私保护机制具有较低的计算开销。     

CSN切换移动检测与数据完整性的研究

移动检测是支持移动终端进行切换的先决条件,数据完整性是移动终端在切换过程中不丢失分组的重要指标。针对WiMAX网络技术规范中基于IPv6的CSN锚点移动性管理场景的移动检测方案与IETF的移动检测方案不一致和切换过程中不能保证数据完整性的问题,提出了改进的增强型CSN锚点移动性管理方案。该方案没有增加新的网络实体和信令消息,解决了WiMAX规范和IETF规范在移动检测方面的兼容性,保证了CSN锚点移动性管理过程中的数据完整性,完善了CSN锚点移动性管理机制,提高了CSN锚点移动性管理性能。     

Security Flaws in Authentication Protocols with Anonymity for Wireless Environments

The emerging wireless networks require the design of new authentication protocols due to their dynamic nature and vulnerable‐to‐attack structure. Recently, Wu and others proposed a wireless authentication protocol which is claimed to be an improvement of the authentication protocol proposed by Lee and others which provides user anonymity. In this letter, we show that these protocols have a common flaw and that these protocols fail to provide user anonymity. We also propose a modification method to solve this problem.