共查询到20条相似文献,搜索用时 0 毫秒
1.
针对Android平台自身粗粒度权限机制的缺陷以及缺乏有效预防程序间隐私泄露机制的问题,提出一种改进的细粒度权限配置机制与隐私数据动态着色隔离相结合的Android隐私保护模型。通过对Android应用程序权限进行细粒度的动态配置,阻断隐私数据从程序内部泄露的途径,利用隐私数据着色跟踪实现对程序间传播的包含不同隐私权限标签的消息的隔离控制。通过大量实验的反复测试,该模型可以有效保护Android程序内部的隐私数据,及时发现程序间权限提升攻击进而实现隐私数据隔离,从而全方位实现Android隐私数据的保护,并为以后相关研究提供了新的方向。 相似文献
2.
3.
《Electronic Commerce Research and Applications》2014,13(1):32-44
Several types of individual information privacy beliefs have been studied in literature, but their distinctions, relationships, and behavioral impacts have yet been systematically analyzed, causing difficulties in comparing and consolidating results across literature. Based on a review on various types of privacy beliefs, this study develops a multi-level model to strengthen this concept. The model consists of three levels of privacy beliefs, including: disposition to privacy, representing a person’s fundamental beliefs and overall propensity to value privacy across contexts; online privacy concern, representing a person’s overall perception of privacy risks in the online environment; and website privacy concern, representing a person’s perception of privacy risks on a particular website. An empirical test reveals that disposition to privacy has a positive impact on both online privacy concern and website privacy concern, and website privacy concern is the only significant predictor of intentions to disclose information and transact on a website. The study helps to synthesize individual information privacy beliefs and assists in understanding their impacts on online behavior. 相似文献
4.
Post-release information privacy protection: A framework and next-generation privacy-enhanced operating system 总被引:1,自引:0,他引:1
In today’s digital world, privacy issues have received widespread public attention. Current research on information privacy
protection focuses on release control and subject identity obscurity. Little work has been done, however, to prevent a piece
of private information from being misused after that information has been released to external entities. This paper focuses
on information privacy protection in a post-release phase. Without entirely depending on the information collector, an information
owner is provided with powerful means to control and audit how his/her released information will be used, by whom, and when.
The goal is to minimize the asymmetry of information flow between an information owner and an information collector. A set
of innovative owner-controlled privacy protection and violation detection techniques has been proposed: Self-destroying File,
Mutation Engine System, Automatic Receipt Collection, and Honey Token-based Privacy Violation Detection. Next generation privacy-enhanced
operating system, which supports the proposed mechanisms, is introduced. Such a privacy-enhanced operating system stands for
a technical breakthrough, which offers new features to existing operating systems. We discuss the functionalities of such
an operating system and the design guidelines. To our best knowledge, no similar technical work has been found to provide
post-release information privacy protection. 相似文献
5.
6.
近年来我国经济水平和人民生活水平飞速发展,医疗水平和医疗技术相继取得了突破。随着“互联网+”对各大领域商业模式创新的不断推动和深化,“互联网+”医疗发展得到了快速推动。机器学习、数据挖掘等数据处理技术不断发展,在线医疗过程中用户个人医疗隐私数据泄露风险引起了广大研究者的关注。考虑信息的可推断性,采用贴现机制以描述博弈不同阶段间用户隐私信息价值的变化;结合在线医疗隐私保护动机领域研究现状,通过博弈分析以从隐私保护动机层面探究如何调动博弈双方主体的积极性。针对用户有强意愿继续使用在线医疗平台、间断性提供隐私的博弈特征,采用重复博弈方法以更好地刻画用户与在线医疗平台之间的博弈过程。得出博弈双方主体的倾向变化规律,分析不同模型参数条件下博弈模型的混合策略纳什均衡及随着博弈阶段的进行双方博弈策略的变化趋势,给出当参数满足 2(cp-cn)≥lp(pn-pp)时,用户开始由选择“同意共享隐私数据”转为选择“拒绝共享隐私数据”的重复博弈阶段,并通过仿真实验对上述结论进行了验证。基于以上结论,分别从在线医疗平台视角和用户视角,针对在线医疗过程中如何从博弈双方隐私保护动机层面实现隐私保护给出了可行的政策性建议。 相似文献
7.
随着网络应用的广泛普及,QQ、微信、YY语音、陌陌等社交软件走进千家万户,但社交网络用户浏览轨迹信息隐私保护问题也随之而来。由于社交网络平台安全机制存在漏洞,抵御网络攻击性能不强,使社交网络用户信息纷纷泄露。针对问题根源,提出ACP用户隐私信息防护系统,建立社交网络用户真空登陆模块(VM)、通讯信息密码文模块(RDT)及信息储存保护墙模块(LDM)一体化ACP用户隐私信息防护系统,从根源保护社交网络用户浏览轨迹信息的隐私安全。通过数据模拟仿真实验证明提出的ACP用户隐私信息防护系统,对社交网络用户浏览轨迹信息隐私保护具有可用性与有效性。 相似文献
8.
9.
10.
欧汝鹏 《网络安全技术与应用》2014,(5):129-129
本文结合医院信息系统建设的重要意义,在分析医院信息系统下医疗数据隐私安全危险因素的基础上,从安装漏洞扫描系统、建立完善的访问控制机制、安装入侵检测系统(IDS)及数据备份等方面探讨了医院信息系统下医疗数据隐私安全的防护策略. 相似文献
11.
针对远程医疗信息系统的应用需求,提出了Android移动终端在系统中的应用设计方案,并结合Android系统特点,探讨Android在医疗信息系统中的开发方法。首先介绍信息系统整体框架以及Android的架构,然后详细分析了Android的串口、蓝牙、Socket、HTTP等通信方式的开发方法,及其在医疗数据采集和数据处理中的应用,并介绍了表述性状态转移风格Web服务的构建,实现了Android数据采集应用和Android移动信息管理应用。结果表明Android可以应用在远程医疗信息系统中的多个方面。 相似文献
12.
Elhadad Ahmed Hamad Safwat Khalifa Amal Ghareeb A. 《Neural computing & applications》2016,28(1):91-95
In this paper, a framework to hide privacy in video is proposed based on data hiding principals. A novel data hiding technique is proposed and implemented to hide the original frame into the in-painted one. The proposed hiding technique is carried out in the discrete wavelet transform domain of the cover video. The proposed technique is embedding video into video. Furthermore, the proposed data hiding method can blindly reconstruct the original frame from the fake one. Experimental results showed that the proposed method can successfully hide the complete frames of the original video into their corresponding in-painted ones that are as large as themselves. Simple visual inspection of the results showed that the quality of the stego-frames maintain very high (above 45 dB) while providing an acceptable visual quality for the retrieved original frames.
相似文献13.
Abdulsalam Yassine Ali Asghar Nazari Shirehjini Shervin Shirmohammadi Thomas T. Tran 《Knowledge and Information Systems》2012,32(2):445-473
Today, many online companies are gathering information and assembling sophisticated databases that know a great deal of information about many people, generally without the knowledge of those people. Such endeavor has resulted in the unprecedented attrition of individual??s right to informational self-determination. On the one hand, Consumers are powerless to prevent the unauthorized dissemination of their personal information, and on the other, they are excluded from its profitable commercial exchange. This paper focuses on developing knowledge-empowered agent information system for privacy payoff as a means of rewarding consumers for sharing their personal information with online businesses. The design of this system is driven by the following argument: if consumers?? personal information is a valuable asset, should they not be entitled to benefit from their asset as well? The proposed information system is a multi-agent system where several agents employ various knowledge and requirements for personal information valuation and interaction capabilities that most users cannot do on their own. The agents in the information system bear the responsibility of working on behalf of consumers to categorize their personal data objects, report to consumers on online businesses?? trust and reputation, determine the value of their compensation using risk-based financial models, and finally negotiate for a payoff value in return for the dissemination of users?? information. The details of the system as well as a proof-of-concept implementation using JADE (Java Agent Development Environment) are presented here. 相似文献
14.
针对安卓(Android)应用过度授权导致的隐私泄露问题,提出了一种用户友好的Android隐私监管机制UFMDroid。该机制使用服务代理重定向技术在Android控制流中插入隐私行为监控和细粒度运行时资源约束模块。UFMDroid通过对安卓市场已有软件的权限进行分层聚类和欧几里得距离度量以构建各类应用的预置权限轮廓,从而过滤可疑权限。UFMDroid通过计算当前权限配置与预置权限的距离获得应用静态威胁值;通过对涉隐私行为分类,同时考虑不同类别隐私行为的个体威胁和组合威胁,为用户提供应用实时威胁量化值。此外,UFMDroid通过提供虚假数据的方式防止应用因权限撤销引发程序崩溃。实验结果表明,UFMDroid可以成功监控应用对21种隐私数据的获取行为并可按用户配置进行隐私行为实时拦截响应,在一定程度上加强隐私保护。 相似文献
15.
After more than two decades of hype, computing and communication technologies are finally converging. Java-enabled cell phones run a host of powerful applications including mobile Internet access, while many notebook computers offer high-speed wireless connectivity as a standard feature. The big decision when purchasing a PDA is whether to get integrated cellular service or Wi-Fi capability. Location-based services are emerging as the next killer app in personal wireless devices, but there are few safeguards on location privacy. In fact, the demand for improved public safety is pushing regulation in the opposite direction. Today, when a person reports an emergency from a landline phone by dialing 911 in the United States or 112 in Europe, the system displays the caller's phone number and address to the dispatcher. The US Federal Communications Commission has mandated that, by December 2005, all cellular carriers be able to identify the location of emergency callers using mobile phones to within 50 to 100 meters. However, how cellular carriers and other businesses will use this capability remains open to question. The article looks at some of the areas this capability affects, including: privacy risks; economic damages; location-based spam; intermittent connectivity; user interfaces; network privacy; and privacy protection. 相似文献
16.
隐私数据验证场景是信息验证服务下的一类特殊场景,其实用性要求数据在第三方数据库进行存储、发布且有能力处理任意形式声明的验证,其安全性要求数据在存储、更新与证明期间提供有效的隐私保护手段。目前该场景下的隐私保护研究尚且处于空白阶段,因此本文引入可证明数据加密策略的概念,以满足隐私数据验证场景下的实用性与安全性需求。本文主要有三个贡献:(1)对可证明数据加密策略进行讨论并给出形式化定义;(2)基于非交互零知识证明构造出首个可证明数据加密方案,并同时支持高效的数据更新操作;(3)基于承诺方案、非交互零知识证明与全同态加密,提出可证明数据加密策略的两种通用构造框架并给予相关性质证明。 相似文献
17.
针对用户位置隐私保护过程中攻击者利用背景知识等信息发起攻击的问题,提出一种面向移动终端的位置隐私保护方法。该方案通过利用k-匿名和本地差分隐私技术进行用户位置保护,保证隐私和效用的权衡。结合背景知识构造匿名集,通过改进的Hilbert曲线对k-匿名集进行分割,使用本地差分隐私算法RAPPOR扰动划分后的位置集,最后将生成的位置集发送给位置服务提供商获取服务。在真实数据集上与已有的方案从用户位置保护、位置可用性和时间开销方面进行对比,实验结果显示,所提方案在确保LBS服务质量的同时,也增强了位置隐私保护的程度。 相似文献
18.
在保护数据隐私的匿名技术中,为解决匿名安全性不足的问题,即匿名过程中因计算等价类质心遭受同质性和背景知识攻击造成的隐私泄漏,提出了一种基于差分隐私的数据匿名化隐私保护方法,构建了基于差分隐私的数据匿名化隐私保护模型;在利用微聚集MDAV算法划分相似等价类并在匿名属性过程中引入SuLQ框架设计得到ε-MDAV算法,同时选用Laplace实现机制合理控制隐私保护预算。通过对比不同隐私保护预算下可用性和安全性的变化,验证了该方法可以在保证数据高可用性的前提下有效地提升数据的安全性能。 相似文献
19.