社保系统个人信息隐私保护算法

针对社会保障信息系统中公民的个人信息隐私保护越来越困难的现状,介绍了社保系统的隐私保护难题包括如何保护信息安全和如何界定隐私信息2个方面,分析了隐私信息保护的2个根源性问题在于个人信息的不当采集和不当使用,在此基础上提出了利用转换原始数据的方式保护隐私信息的算法,阻止了信息拥有者对隐私信息直接或间接的获取,为社保系统中个人信息隐私保护的实现提供了一定的研究思路。     

Implementing BS7799 in the UK National Health Service

In the UK National Health Service (NHS), which holds the health records of a Nation, a “little neglect” of these records would not just breed mischief - it is likely to result in harm to a patient or a number of patients. Not surprisingly, then, the NHS adopts a robust stance in protecting the integrity, availability and, not least, the confidentiality of patient information.     

Commitment analysis to operationalize software requirements from privacy policies

Online privacy policies describe organizations’ privacy practices for collecting, storing, using, and protecting consumers’ personal information. Users need to understand these policies in order to know how their personal information is being collected, stored, used, and protected. Organizations need to ensure that the commitments they express in their privacy policies reflect their actual business practices, especially in the United States where the Federal Trade Commission regulates fair business practices. Requirements engineers need to understand the privacy policies to know the privacy practices with which the software must comply and to ensure that the commitments expressed in these privacy policies are incorporated into the software requirements. In this paper, we present a methodology for obtaining requirements from privacy policies based on our theory of commitments, privileges, and rights, which was developed through a grounded theory approach. This methodology was developed from a case study in which we derived software requirements from seventeen healthcare privacy policies. We found that legal-based approaches do not provide sufficient coverage of privacy requirements because privacy policies focus primarily on procedural practices rather than legal practices.     

Privacy as a right or as a commodity in the online world: the limits of regulatory reform and self-regulation

The increased use of the internet and information technology to enable online transactions, distribute information and customer reviews through ecommerce and social networking sites, online advertising, and data mining is both creating efficiencies and challenging our privacy. This paper highlights the growing fear that current federal and state laws in the United States are not adequate to protect the privacy of the data collected while we process electronic transactions or browse the internet for information. The notion of efficiency and cost-benefit are used to justify a certain level of privacy loss, thus treating privacy as a commodity to be transacted rather than a right to be defended. To address developing concerns about personal privacy invasions, we discuss the role and limits that both government regulation and self-regulation play in protecting our privacy.     

The evaluation of an information system for intensive care

This paper describes the application of humancomputer interaction (HCI) research methods in critical care medicine. An evaluation of an information system for the support of cardiological intensive care (The Aachen Information System for Intensive Care- AISIC) is outlined. AISIC supports the capturing of diagnostic and therapeutic patient data by nursing staff, the requesting of external diagnostic reports, and the retrieval of information for treatment planning performed by physicians (Popp 1994). It was hypothesized that use of the information system would result in quicker task completion times and a reduction in error-making, when compared to the existing paper-based record-keeping system. The evaluation was carried out using eight different forms of data capture, ranging from interview and questionnaire to automatic keystroke logging. The results of the evaluation revealed problems in the prescribing and recording of medication dosage and administration. The resultant redesign of the medication option is discussed, along with implications for improved patient care through the cognitive engineering of medical information systems. The problems encountered in conducting this type of work in a critical care environment are also discussed.     

Physical Access Control for Captured RFID Data

To protect the privacy of RFID data after an authorized system captures it, this policy-based approach constrains the data users can access to system events that occurred when and where they were physically present. RFID security is a vibrant research area, with many protection mechanisms against unauthorized RFID cloning and reading attacks emerging. However, little work has yet addressed the complementary issue of protecting the privacy of RFID data after an authorized system has captured and stored it. We've investigated peer-to-peer privacy for personal RFID data through an access-control policy called Physical Access Control. PAC protects privacy by constraining the data a user can obtain from the system to those events that occurred when and where that user was physically present. While strictly limiting information disclosure, PAC also affords a database view that augments users' memory of places, objects, and people. PAC is appropriate as a default level of access control because it models the physical boundaries in everyday life. Here, we focus on the privacy, utility, and security issues raised by its implementation in the RFID Ecosystem.     

位置大数据隐私保护研究综述

大数据时代移动通信和传感设备等位置感知技术的发展形成了位置大数据,为人们的生活、商业运作方法以及科学研究带来了巨大收益.由于位置大数据用途多样,内容交叉冗余,经典的基于“知情与同意”以及匿名的隐私保护方法不能全面地保护用户隐私.位置大数据的隐私保护技术度量用户的位置隐私,在信息论意义上保护用户的敏感信息.介绍了位置大数据的概念以及位置大数据的隐私威胁,总结了针对位置大数据隐私的统一的基于度量的攻击模型,对目前位置大数据隐私保护领域已有的研究成果进行了归纳.根据位置隐私的保护程度,可以把现有方法总结为基于启发式隐私度量、概率推测和隐私信息检索的位置大数据隐私保护技术.对各类位置隐私保护技术的基本原理、特点进行了阐述,并重点介绍了当前该领域的前沿问题：基于隐私信息检索的位置隐私保护技术.在对已有技术深入分析对比的基础上,指出了未来在位置大数据与非位置大数据相结合、用户背景知识不确定等情况下保护用户位置隐私的发展方向.     

How to regulate individuals’ privacy boundaries on social network sites: A cross-cultural comparison

Individuals presently interact with their diverse social circles on social networking sites and may find it challenging to maintain their privacy while deriving pleasure through self-disclosure. Drawing upon the communication privacy management theory, our study examines how boundary coordination and boundary turbulence can influence individuals’ self-disclosure decisions. Further, our study examines how the effects of boundary coordination and boundary turbulence differ across cultures. Our hypotheses are tested with survey data collected from the United States and China. The results strongly support our hypotheses and show interesting cultural differences. The implications for theory and practice are discussed.     

融合标签相似度的差分隐私矩阵分解推荐算法

推荐系统需要利用到大量的用户行为数据,这些数据极有可能暴露用户的喜好,给人们关心的隐私问题带来巨大的挑战。为保证推荐精度与用户隐私,提出一种结合差分隐私与标签信息的矩阵分解推荐模型。该模型首先将标签信息加入到项目相似度的计算过程;随后融入到矩阵分解推荐模型中提高推荐精度;最后运用随机梯度下降法求解模型最优值。为解决用户隐私问题,将拉普拉斯噪声划分成两部分,分别加入项目相似度与梯度求解过程中,使得整个推荐过程满足ε-差分隐私,并在一个真实的数据集上分析验证算法的有效性。实验表明,提出的方法能在保证用户隐私的情况下,仍具有较高的推荐精度。     

The Impact of Privacy Seal on Users’ Perception in Network Transactions

In the age of big data, the issue of online privacy has attracted much attention from all sectors. The introduction and establishment of an evaluation system for the privacy agreement based on a third party, together with the establishment of a safer internet transaction environment, can help to establish mutual trust between users and the platform. With the research background links to the online trading platform, this article investigates how the privacy seal which is provided by the third-party evaluation organization influences and addresses trust-awareness and privacy concerns of users, as well as exposing information and purchasing data. According to this investigation, the application of a privacy seal not only increases the trust-awareness of the users, but can also encourage the intention to disclose information and engage in a transaction. However, it might not totally alleviate the users’ privacy concerns. The results of our research and practical application indicate that the promotion and guarantee of the independence and expertise of the third-party evaluating organization, the effective supervision of privacy policy implementation by the online trading platform, and measures that protect the privacy of the users, all play a vital role in establishing an effective privacy agreement evaluation system.     

基于ZigBee的个人健康信息管理与隐私保护系统设计

为解决健康数据采集、传输、管理过程中存在的系统效率滞后、数据隐私泄漏问题,依据实用性和安全性原则,设计了一种基于ZigBee的个人健康信息管理与隐私保护系统;该系统分为感知层,传输层和应用层,包括数据采集、数据传输及数据处理分析等模块,在实现对个人体征数据的实时监测与分析管理的同时,使用ZigBee无线传输技术,有效保障数据的隐私安全;此外,系统设计中采用RSA加密算法和分布式存储技术保证了数据传输和存储安全;实验结果表明,终端设备各传感器数据传输及系统各模块功能实现均达到预期目标,且系统对个人健康信息的管理具有实时性与便捷性,实现了对个人健康信息的实时监测功能,为有效保护用户数据隐私安全提供思路。     

Semantic and secure search over encrypted outsourcing cloud based on BERT

Searchable encryption provides an effective way for data security and privacy in cloud storage. Users can retrieve encrypted data in the cloud under the premise of protecting their own data security and privacy. However, most of the current content-based retrieval schemes do not contain enough semantic information of the article and cannot fully reflect the semantic information of the text. In this paper, we propose two secure and semantic retrieval schemes based on BERT (bidirectional encoder representations from transformers) named SSRB-1, SSRB-2. By training the documents with BERT, the keyword vector is generated to contain more semantic information of the documents, which improves the accuracy of retrieval and makes the retrieval result more consistent with the user’s intention. Finally, through testing on real data sets, it is shown that both of our solutions are feasible and effective.     

A novel case based reasoning approach to radiotherapy planning

Radiotherapy planning is a complex problem which requires both expertise and experience of an oncologist. A case based reasoning (CBR) system is developed to generate dose plans for prostate cancer patients. The proposed approach captures the expertise and experience of oncologists in treating previous patients and recommends a dose in phase I and phase II of the treatment of a new patient considering also the success rate of the treatment. The proposed CBR system employs a modified Dempster–Shafer theory to fuse dose plans suggested by the most similar cases retrieved from the case base. In order to mimic the continuous learning characteristic of oncologists, the weights corresponding to each feature used in the retrieval process are updated automatically each time after generating a treatment plan for a new patient. The efficiency of the proposed methodology has been validated using real data sets collected from the Nottingham University Hospitals NHS, City Hospital Campus, UK. Experiments demonstrated that for most of the patients, the dose plan generated by our approach is coherent with the dose plan suggested by an experienced oncologist. This methodology can assist both new and experienced oncologists in the treatment planning.     

基于联盟链的电子健康记录隐私保护和共享

医院正在逐渐采用电子健康记录(EHR)的方式去记录患者的医疗信息。然而,医疗数据的隐私性和EHR标准的差异化阻碍了医疗数据在病人和医院之间的共享。因此,针对隐私信息泄露和难于共享的问题,提出了一个基于联盟链的隐私保护数据共享模型。此外,基于匿名算法提出了(p,α,k)匿名隐私算法,能够解决EHR隐私信息泄露的问题。通过理论分析和实验证明,提出的基于联盟链和(p,α,k)隐私匿名算法模型能够在保护数据隐私的前提下,实现病人和医院之间的数据安全共享。对比前人的模型,该模型具有所需节点少、减少主链压力、容错性强和病人对EHR完全控制等优势。     

PrivAPP: An integrated approach for the design of privacy‐aware applications

Nowadays, personal information is collected, stored, and managed through web applications and services. Companies are interested in keeping such information private due to regulation laws and privacy concerns of customers. Furthermore, the reputation of a company can be dependent on privacy protection, ie, the more a company protects the privacy of its customers, the more credibility it gets. This paper proposes an integrated approach that relies on models and design tools to help in the analysis, design, and development of web applications and services with privacy concerns. Using the approach, these applications can be developed consistently with their privacy policies to enforce them, protecting personal information from different sources of privacy violation. The approach is composed of a conceptual model, a reference architecture, and a Unified Modified Language Profile, ie, an extension of the Unified Modified Language for including privacy protection. The idea is to systematize the privacy concepts in the scope of web applications and services, organizing the privacy domain knowledge and providing features and functionalities that must be addressed to protect the privacy of the users in the design and development of web applications. Validation has been performed by analyzing the ability of the approach to model privacy policies from real web applications and by applying it to a simple application example of an online bookstore. Results show that privacy protection can be implemented in a model‐based approach, bringing values for the stakeholders and being an important contribution toward improving the process of designing web applications in the privacy domain.     

Development of a knowledge management initiative and system: A case study

As knowledge emerges as the primary strategic resource in the 21st century, many firms in the manufacturing and service sectors alike are beginning to introduce and implement Knowledge Management (KM). Organisations can certainly benefit from its application for enhanced decision support, efficiency and innovation, thus helping them to realise their strategic mission. However, KM is an emerging paradigm, and not many organisations have a clear idea of how to proceed with it. This paper presents the results of a case study conducted in one company in the United Kingdom (UK), the major aim being to identify how it has developed a KM initiative and system. Hopefully, the information extracted from this study will be beneficial to other organisations that are attempting to implement KM or to those that are in the throes of adopting it.     

一种面向图数据的AWG-LDP局部差分隐私保护算法研究

针对传统的图数据隐私保护方法只关注保护属性或结构两者之一易导致节点或边隐私信息泄露的问题,提出了一种对属性加权图的局部差分隐私的保护算法（AWG-LDP）。首先,该算法利用GN算法将图数据划分成社区子图;其次,分别计算每个社区子图的局部敏感度,对于划分后的每一个子图,通过结合结构相似性和属性相似性并添加拉普拉斯噪声进行边扰动,实现局部差分隐私;最后,利用属性泛化的方式将待发布的节点进行泛化,防止节点敏感信息被攻击。利用真实的图数据集进行了不同参数配置以及不同算法的对比实验,实验结果表明该算法提升了隐私保护效果,同时,降低了信息损失,提高了数据的可用性。