CP-ABE based users collaborative privacy protection scheme for continuous query

In location-based services (LBS),as the untrusted LBS server can be seen as an adversary,and it can utilize the attribute as background knowledge to correlate the real location of the user in the set of uncertain locations.Then the adversary can gain the location privacy when the user enjoys the snapshot and continuous query through the correlation inference attack.In order to cope with this attack,the main scheme in privacy protection is to generalize the attribute and achieve attribute anonymity.However,algorithms of this type usually assumes a trusted third party (TTP) which provides the service of similarity attribute finding and comparing,and it is unpractical in the real environment,as the TTP may become the point of attack or the bottleneck of service and it cannot be considered as the trusted one all the time.Thus,to cope with the correlation inference attack as well as the semi-trusted third party,ciphertext policy attribute based encryption (CP-ABE) and users collaboration based attribute anonymous scheme was proposed.In this scheme,the user coupled achieve location and attribute anonymity.Furthermore,this scheme could also provide security for attacks from the semi-trusted third party as well as semi-trusted collaborative users.At last,security analysis and the experiment results further verify the effectiveness of privacy protection and the efficiency of algorithm execution.     

基于Voronoi图预划分的LBS位置隐私保护方法

为了解决服务器面临大量用户请求时匿名效率下降的问题,分别提出适用于静态用户和动态用户的协作匿名方法。首先基于Voronoi图划分全局区域,再由中心服务器组织本区域内用户实现协作匿名,由于服务器无需为每个用户单独构造匿名区,降低了服务端的负担;针对查询过程中用户提供真实位置信息带来位置隐私泄露的问题,提出了逆向增量近邻查询算法。用户以固定锚点代替真实位置,向位置服务器逐步获取兴趣点候选集并计算出想要的结果,避免位置隐私直接泄漏的同时获取精准查询结果。该算法同时解决了锚点与用户过近而带来的位置隐私被推断问题。实验表明本方法在有效保护用户位置隐私的同时,具有良好的工作效率。     

基于均衡增量近邻查询的位置隐私保护方法

针对用户在获得位置服务的同时,用户的位置隐私可能会被泄露的问题,采用协作的分布式模型,移动终端和LBS服务器这两端都使用k-匿名机制,提出基于k-匿名的均衡增量近邻(KHINN)查询方法。该方法在移动终端构造匿名用户组时,利用安全多方求和的技术计算锚点以保证用户隐私;在处理查询结果时,使用基于k-匿名的SpaceTwist方法提高查询隐私度和准确度。经过性能分析和实验结果表明,在考虑用户节点之间半可信或不可信的情况下,可以解决SpaceTwist方法中的查询兴趣点围绕锚点分布不均衡的缺陷问题,提高查询准确度。     

Privacy self-correlation privacy-preserving scheme in LBS

The prevalence of mobile intelligent terminals gives the location-based service (LBS) more opportunities to enrich mobile users’ lives.However,mobile users enjoy the convenience with the cost of personal privacy.The side information and mobile user’s recent requirement records were considered,which were obtained or stored by the service provider.Based on the existence of recent requirement records,adversary can employ the inference attack to analysis mobile user’s personal information.Therefore,two schemes were proposed,including of basic privacy self-correlation privacy-preserving scheme (Ba-2PS) and enhanced privacy self-correlation privacy-preserving scheme(En-2PS).In En-2PS,the privacy-preserving scheme was designed from two dimensions of aspects of time factor and query region,which increased the uncertainty inferring out the real information.Finally,the privacy analysis was illustrated to proof En-2PS’s privacy degree,then the performance and privacy evaluation results indicate that En-2PS is effective and efficient.     

Research on LBS privacy preservation based on pseudorandom permutation in road network

A method of privacy preservation based on pseudorandom permutation was put forward for the issues of location privacy and query content privacy.Firstly,the distribution information of points of interest (PoI) based on the vertexes in the road network was organized,each single road vertex was taken as the foundational processing object.Based on the pseudorandom permutation,a permutation scheme of the point-of-interest records at the LBS server's end was put forward,a 32-bit random seed was adopted to generate a permuted table in the scheme,and the point-of-interest records were encrypted and permuted according to the table.These processed records were stored in the LBS database.Then a trusted intermediate server,replacing of the user,issued a query request with a record number instead of the query content to the LBS server.The LBS server could not determine which kind of PoI the user was interested in or which road section the user was locating on,and therefore the scheme achieved private information retrieval.Finally,the efficiency in the metrics of query accuracy,communication overhead and processing time was also analyzed.By the performance analysis and extensive experiments,the proposed scheme is proved to be location untraceable and query content uncorrelation.     

Achieving efficient location privacy protection based on cache

With the development of mobile Internet and the popularization of intelligent terminals,location based services(LBS) has been widespread in navigation,social network and other fields.Due to the sensitivity of personal location information,data privacy protection related to location of mobile objects has become the hotspots of research.Considering the openness of the background information,and based on the information cache mechanism,a dummy selection algorithm was proposed to reduce the number of interactions between the user and the untrusted server and combine the k-anonymity to achieve efficient location privacy.Without relying on trusted third party,the scheme can prevent the attackers owned background information from inference attack,and the detail simulation results indicate its effectiveness and efficiency.     

Trajectory privacy protection method based on location obfuscation

In the process of continuous queries,a method of trajectory privacy protection based on location obfuscation was proposed to solve the problem that K-anonymity was difficult to guarantee user privacy in third party architectrue.Firstly,the (G-1) query obfuscation locations through the location prediction was obtained and the dummy location selection mechanism,and then sent them together with the user’s real query location to different anonymizers to form cloaking regions and sent them to the LBS server for queries,and the query results were returned to the user by different anonymizers.In this method,the user’s real query location was confused by the location obfuscation,and the attacker couldn’t deduce the user’s trajectory from a single anonymizer or the LBS server.The method can enhance the privacy of the user’s trajectory and can effectively solve the performance bottleneck in the single anonymizer structure.Security analysis shows the security of the proposed approach,and experiments show this method can reduce the number of interactions between the user and the LBS server and the overhead of the single anonymizer.     

个性化搜索中一种基于位置服务的隐私保护方法

在基于位置服务的个性化搜索中,利用可信第三方服务器以及对等节点是保护用户隐私的主要方法,但在现实生活中,它们却是不完全可信的。为了解决这一问题,该文提出一种个性化搜索中基于位置服务的隐私保护方法。该方法通过转换用户的位置信息,并根据用户的查询类型生成用户模型,进而形成带有用户位置信息的查询矩阵,然后利用矩阵加密用户的查询,隐藏查询矩阵中的用户信息,最后根据安全内积计算返回相关性得分最高的前K个查询文件给用户。安全性分析表明该方法能有效地保护用户的查询隐私和位置隐私,通过分析与实验表明,该方法大幅度地缩短了索引构建时间,降低了通信开销,同时为用户提供了基于位置的个性化搜索结果,一定程度上解决了移动设备屏幕小带来的弊端。     

LBS中面向协同位置隐私保护的群组最近邻查询

在分析现有群组最近邻查询中位置隐私保护的基础上,提出LBS中一种面向位置隐私保护的群组最近邻查询方法。该方法采用分布式系统结构,克服了集中式匿名系统结构所存在通信瓶颈和攻击重点的缺陷。在此基础上根据用户群组的运动状态信息,提出使用位置随机扰动和门限秘密共享的Paillier密码系统来安全地计算用户群组的质心位置。于是将用户群组的最近邻查询转换为此质心的最近邻查询。与现有的相关工作相比,理论分析表明所提有关方案能够在有效抵御现有的距离交叉攻击和共谋攻击下,实现灵活的群组最近邻查询,同时耗费较低的网络资源。     

Anonymizing region construction scheme based on query range in location-based service privacy protection

Since k-anonymity method can reduce the users’ computation cost and provides the precise query results,it has been widely used to protect the user’s privacy in location-based service.However,the existing schemes did not consider the size of the querying region for location based service provider (LSP) during the construction of the anonymizing region,which led that the quality of service was low.To solve this problem,the user’s querying range was introduced to present a novel anonymizing region construction scheme.In the proposal,the anonymity server first generated the original anonymizing sub-regions according to the user’s privacy requirements,and then merged these sub-regions to construct the anonymity region submitted to LSP based on the size of corresponding querying regions.The security and experiment analysis show that the presented scheme not only protects the user’s privacy effectively,but also decreases LSP’s querying regions,thereby improving the quality of service.     

Improved SpaceTwist privacy protection method based on anchor optimization algorithm

With location-based services worldwide used,private location data appealed easily in query process which caused serious security problems.So the introduction of SpaceTwist incremental nearest neighbor query algorithm,proposes protection of privacy method combined with improved SpaceTwist location optimization algorithm.The anchor point authentication server added to distributed system structure,user generate a k anonymous area according to their privacy preference and actual environment,using optimization algorithm to generate the anchor point.Forwarding users use the incremental nearest neighbor query throught the anchor point and accurate.Experiments in road network environment with different data sets show that the privacy protection works well in the algorithm,and own high work efficiency.     

Efficient privacy-preserving group-nearest-neighbor queries with the presence of active adversaries

Location-based services (LBSs) allow users to ask location-dependent queries and receive information based on their location. A group of users can send a group-nearest-neighbor (GNN) query in order to receive a Point Of Interest (POI). This POI in turn shows a point which is the minimum distance from all members of the group. To benefit from these services, it is important to preserve the location privacy of each group user from others in the group (Intragroup location privacy) as well as from anyone outside of the group, including the LBS, (Intergroup location privacy). It may also be necessary to protect the location privacy of the resulting POI from the LBS and other possible attackers. In this paper, we propose two different privacy-preserving protocols for finding the exact answer to a GNN query among a set of returned POIs. The first protocol assumes a semi-honest model while the second one works in a malicious model. The proposed protocols are based on the Anonymous Veto network and Burmester–Desmedt key establishment protocols. The security analysis shows that the proposed protocols provide both Intragroup and Intergroup location privacy; they also protect the location privacy of the resulting POI and are resistant to collusion and multi-point aggregate distance attacks. The performed analyses indicate that they incur a constant computation cost per user and are efficient in terms of computation and communication costs.

     

Privacy-preserving and efficient user matching based on attribute encryption in mobile social networks

With the rapid popularity of social networking platforms, users can be matched when sharing their profiles. However, there is a risk of leakage of sensitive user information during the user matching process, which leads to the lack of user privacy protection. In this paper, we propose a privacy protection scheme based on the encryption of hidden attributes during user matching in mobile social networks, which uses linear secret sharing scheme (LSSS) as the access structure based on ciphertext policy attribute-based encryption (CP-ABE), and the match server can perform friend recommendation by completing bi-directional attribute matching determination without disclosing user attribute information. In addition, the use of selective keywords protects the privacy of requesters and publishers in selecting keywords and selecting plaintext attacks. The scheme reduces the encryption and decryption overhead for users by dividing encryption into a preparation phase and an online phase and shifting most of the decryption overhead from the requester to the match server. The experimental results show that the scheme ensures user privacy while effectively reducing communication overhead.     

Delay‐aware privacy‐preserving location‐based services under spatiotemporal constraints

The ubiquitous use of location‐based services (LBS) through smart devices produces massive amounts of location data. An attacker, with an access to such data, can reveal sensitive information about users. In this paper, we study location inference attacks based on the probability distribution of historical location data, travel time information between locations using knowledge of a map, and short and long‐term observation of privacy‐preserving queries. We show that existing privacy‐preserving approaches are vulnerable to such attacks. In this context, we propose a novel location privacy‐preserving approach, called KLAP, based on the three fundamental obfuscation requirements: minimum k ‐locations, l ‐diversity, and privacy a rea p reservation. KLAP adopts a personalized privacy preference for sporadic, frequent, and continuous LBS use cases. Specifically, it generates a secure concealing region (CR) to obfuscate the user's location and directs that CR to the service provider. The main contribution of this work is twofold. First, a CR pruning technique is devised to establish a balance between privacy and delay in LBS usage. Second, a new attack model called a long‐term obfuscated location tracking attack, and its countermeasure is proposed and evaluated both theoretically and empirically. We assess KLAP with two real‐world datasets. Experimental results show that it can achieve better privacy, reduced delay, and lower communication costs than existing state‐of‐the‐art methods.     

J2ME平台下基于手机定位实现的移动GIS导航系统

结合手机定位与数字地图传送功能,对J2ME开发平台下基于手机定位实现便携式移动导航系统进行了研究,提出了可行的解决实现方案。利用手机提供的基于位置服务功能LBS(Location Based Server),通过无线通信网络传送用户所在区域的数字地图,为用户提供定位、导航、服务等多种相关的信息。整个系统由无线移动终端、数字地图服务器、网关3部分组成,通过在手机中内嵌J2ME-MIDP,让手机端可以提供更新准确的定位服务,地图服务器和网关建立在传统的以太网络上,可以有效地减少网络通信的时间,降低系统复杂度。实验中以浙江大学校园地图为例,结合WAP Push技术和手机定位功能,成功地实现了手机导航的功能。     

面向LBS的隐私保护模型及方案

首先,提出一种基于中心服务器结构的位置隐私保护模型,然后,针对该模型设计了一种基于伪随机置换的位置隐私保护方案,此方案借鉴k-匿名技术、秘密信息检索技术的设计理念和方法,实现了完美匿名和基于位置的盲查询。最后,证明此方案具备不可追踪性和不可关联性等安全属性,并对方案的效率问题进行了分析。     

基于服务相似性的k-匿名位置隐私保护方法

针对当前基于位置的服务(LBS)系统存在的隐私保护度、位置服务质量和通信开销三者难于平衡的问题,提出了一种基于服务相似性的k-匿名位置隐私保护方法。在不改变现有LBS 系统架构的情况下,利用位置服务查询结果的相似性来辅助匿名服务器构造匿名区域,从而实现在确保用户隐私安全的基础上,有效提高服务质量和降低系统开销。最后,通过实验验证了该算法的有效性。     

个人移动数据收集中的多维轨迹匿名方法

在情景感知位置服务中,移动互联网络的开放性使得个人移动数据面临巨大的安全风险,移动数据的时空关联特性对个人数据的隐私保护提出重大挑战.针对基于时空关联的背景知识攻击,本文提出了一种多维的轨迹匿名隐私保护方法.该方法在匿名轨迹数据收集系统的基础上,基于多用户协作的隐私保护模式,通过时间匿名和空间匿名算法,实现用户的隐私保护.实验结果表明,该方法可以有效的对抗基于位置和移动方式的背景知识攻击,满足了k-匿名的隐私保护要求.     

基于授权的多服务器可搜索密文策略属性基加密方案

针对现有属性基可搜索加密方案缺乏对云服务器授权的服务问题,该文提出一种基于授权的可搜索密文策略属性基加密(CP-ABE)方案。方案通过云过滤服务器、云搜索服务器和云存储服务器协同合作实现搜索服务。用户可将生成的授权信息和陷门信息分别发送给云过滤服务器和云搜索服务器,在不解密密文的情况下,云过滤服务器可对所有密文进行检测。该方案利用多个属性授权机构,在保证数据机密性的前提下能进行高效的细粒度访问,解决数据用户密钥泄露问题,提高数据用户对云端数据的检索效率。通过安全性分析,证明方案在提供数据检索服务的同时无法窃取数据用户的敏感信息,且能够有效地防止数据隐私的泄露。     

Approach of location privacy protection based on order preserving encryption of the grid

The centralized structure of the trusted third party is a major privacy protection structure on location based services.However,if the central third party server can not be trusted or compromised,users have the risk of leakage of privacy location.Aiming at the above problems,location privacy protection approach based on a user-defined grid to hide location was proposed.The system first automatically converted the query area into a user-defined grid,and then the approach utilized order preserving encryption,which made the user’s real-time position in the hidden state could still be compared.Because the information in the process of the approach was in a state of encryption,the server could not know the user’s location information,thus improved privacy protection of the user location.The central third party server only need to do simple comparison work,so its processing time overhead would effectively decrease.Security analysis certificate the security of the proposed approach and simulation experimental show the proposed approach can reduce the time cost of the central third party server.