车联网中Mix-zone的隐私保护机制研究

车联网在通过位置服务中解决道路安全问题、为驾乘者提供便捷服务的同时,也带来了相应的隐私保护问题。文章总结了隐私保护内容,重点分析了车联网的假名隐私保护技术,假名方案分为基于特殊地形、基于安静时段、加密Mixzone。不同的假名方案在不同的道路特征下会有特定的应用场景。继而针对隐私保护水平的高低,着重分析了特殊地形的Mix-zone的性能。     

VANETs中一种隐私保护的高效批认证协议

车载自组网(Vehicular Ad Hoc Networks, VANETs)是一种自组织、自管理、快速移动的户外通信网络系统。车辆加入VANETs可以获取道路的交通状况信息,但是其与路侧单元进行通信时消息容易被窃取。为此,文章提出了一种基于假名和数字签名的批认证协议,实现了车辆身份的匿名和隐私保护。同时,该协议支持路侧单元(Road Side Unit, RSU)对多辆车辆的批量认证,极大地降低了身份验证的计算开销。     

基于网格密度的位置隐私保护系统设计与实现

基于位置服务(LBS)给人们生活带来巨大便利的同时,其对个人隐私的泄露风险不容忽视。首先讨论了位置服务中的隐私泄露途径及隐私保护模型,并着重介绍了位置k匿名思想;针对位置k匿名中对模糊匿名区域的寻找问题,提出基于网格密度模型的保护系统方案,利用网格结构简单、索引便捷的特点,可以迅速获知周围用户数目状态,找到覆盖临近k个用户的最小包含空间;此外,考虑若连续使用位置服务,即使每次请求均满足k匿名条件仍可能泄露大概的轨迹信息,提出动态假名算法,量化轨迹隐私泄露风险,将高风险用户的假名与临近用户的假名进行随机的交换,使得攻击者无法对其轨迹进行追踪。     

基于票据的车联网安全和隐私保护方案

随着车联网的发展,车辆通信将在提高行车安全,驾驶效率和舒适度方面发挥重要作用。车辆将访问多种应用,考虑到现有行车安全应用面临的严峻威胁,加之对用户验证、授权和计费的需求,攻击防护安全对于车载自组网来说尤为重要。在车辆使用基于位置的服务或行车安全服务时,攻击者可能会窃听通信内容,获取用户身份信息和位置隐私。为了提高车载自组织网安全,提出了一种采用分布式车辆公钥基础设施(VPKI)对车辆通信安全、位置隐私和身份匿名进行保护的方案。该方案采用票据为应用服务提供匿名访问控制和认证,并且可以解析和撤销不法车辆身份。最后,通过实验分析方案的效率来证明VPKI的可实施性。     

基于车载自组网的匿名认证机制

车载自组网中,车辆在进行相互通信时需要对收到的信息进行合法性验证,但同时又不希望自己的身份被泄露,从而导致了安全与隐私保护之间的问题。匿名认证是车载自组网中安全和身份隐私保护的关键机制,本文对现有的匿名认证方案进行了分类对比,分析了各个方案的优缺点。     

车载网中可证安全的无证书聚合签名算法

为了实现车载自组织网络中车辆节点之间信息传输的安全认证,该文设计了一种无证书聚合签名方案。提出的方案采用无证书密码体制,消除了复杂的证书维护成本,同时也解决了密钥托管问题。通过路侧单元生成的假名与周围节点进行通信,实现了车辆用户的条件隐私保护。在随机预言模型下,证明了方案满足自适应选择消息攻击下的存在性不可伪造。然后,分析了方案的实现效率,并模拟实现了车载自组网(VANET)环境中车流密度与消息验证的时间延迟之间的关系。结果表明,该方案满足消息的认证性、匿名性、不可伪造性和可追踪性等性质,并且通信效率高、消息验证的时延短,更适合于动态的车载自组织网络环境。     

移动互联网服务的隐私保护机制

探讨了考虑背景信息的位置和查询隐私保护方案,如基于背景信息的虚假位置k-匿名方案、同时保护位置和兴趣的隐私保护方案、基于交互的隐私保护方案,还探讨了基于用户隐私链拆分的实名认证和身份隐私保护策略;认为在避免可信第三方参与,敌手能够获取到背景信息的前提下,能够实现对用户身份、位置和查询隐私的保护,达到信任机制和隐私保护的有机结合将是未来隐私保护发展的趋势。     

WSN中源节点隐私保护协议研究

无线传感器网络被广泛应(wireless sensor network,WSN)用于军事战场、环境监测等外部环境比较恶劣领域。又因为无线传感器网络依赖于无线通信,WSN节点资源受限,所以WSN安全问题相当突出。本文关注的是WSN中位置隐私保护问题,其中对源位置隐私保护进行了重点研究。文章首先对WSN的隐私保护问题进行了简单分类介绍,接着总结介绍了几种典型的源节点隐私保护方案,最后对评价源节点位置隐私保护协议有效性的协议度量标准进行了归纳总结。     

新的基于变色龙的车载通信安全与隐私保护

在车载自组网（VANET）中许多服务和应用需要保护数据通信的安全,为提高驾驶的安全性和舒适性,一些与交通状况有关的信息就要被周期性地广播并分享给司机,如果用户的身份和信息没有隐私和安全的保证,攻击者就会通过收集和分析交通信息追踪他们感兴趣的车辆,因此,匿名消息身份验证是VANET中不可或缺的要求。另一方面,当车辆参与纠纷事件时,证书颁发机构能够恢复车辆的真实身份。为解决车载通信这一问题,郭等人在传统方案的基础上提出一种基于椭圆曲线的变色龙散列的隐私保护验证协议。虽然此方案较之前方案具有车辆身份可追踪性和高效率性,但分析表明此方案不满足匿名性。对郭等人的方案进行安全性分析并在此基础上做出改进。     

基于LBS的位置隐私保护方案综述

LBS随移动互联网的发展逐步进入人们的日常生活。文章针对位置隐私保护这一问题,介绍了位置隐私保护方案的系统结构,从4个不同的技术方向研究了位置隐私保护方案,总结了现有的位置隐私保护方案,并对未来的研究方向进行了展望。     

隐私计算研究范畴及发展趋势

随着移动互联网、云计算和大数据技术的广泛应用,电商、搜索、社交网络等服务在提供便利的同时,大数据分析使用户隐私泄露的威胁日益凸显,不同系统隐私保护策略和能力的差异性使隐私的延伸管理更加困难,同一信息的隐私保护需求随时间变化需要多种隐私保护方案的组合协同。目前已有的各类隐私保护方案大多针对单一场景,隐私缺乏定量化的定义,隐私保护的效果、隐私泄露的利益损失以及隐私保护方案融合的复杂性三者之间的关系刻画缺乏系统的计算模型。因此,在分析隐私保护研究现状的基础上,提出隐私计算的概念,对隐私计算的内涵加以界定,从隐私信息的全生命周期讨论隐私计算研究范畴,并从隐私计算模型、隐私保护场景适应的密码理论、隐私控制与抗大数据分析的隐私保护、基于信息隐藏的隐私保护以及支持高并发的隐私保护服务架构等方面展望隐私计算的发展趋势。     

连续服务请求下基于假位置的用户隐私增强方法

基于假位置的隐私保护方案在为用户提供准确位置服务查询结果的同时,还无需第三方和共享密钥。然而,当用户连续请求位置服务时,由于现有保护单次查询的假位置方案未考虑相邻位置集合间的时空关系,使攻击者能推断出假位置,降低用户的位置隐私保护等级。针对上述问题,采用现有假位置方案生成候选假位置,并通过连续合理性检查和单次隐私增强对其进行筛选,提出一个适用于连续请求的假位置隐私保护增强方法。安全性分析表明,所提方法能保证连续请求中形成的移动路径在时空上不可区分,有效保护连续请求中的用户位置隐私。大量实验表明,所提方法在不增加用户计算开销的同时,与采用的候选假位置生成方案相比,还能提高用户单次查询的隐私保护等级。     

Differential privacy protection scheme based on edge betweenness model

With the continuous development of social network application,user’s personal social data is so sensitive that the problem of privacy protection needs to be solved urgently.In order to reduce the network data sensitivity,a differential privacy protection scheme BCPA based on edge betweenness model was proposed.The 2K sequence corresponding to the graph structure based on the dK model was captured,and 2K sequences based on the edge betweenness centrality were reordered.According to the result of reordering,the 2K sequence was grouped into several sub-sequences,and each sub-sequence was respectively added with noise by a dK perturbation algorithm.Finally,a social network graph satisfying differential privacy was generated according to the new 2K sequences after integration.Based on the real datasets,the scheme was compared with the classical schemes through simulation experiments.The results demonstrate that it improves the accuracy and usability of data while ensuring desired privacy protection level.     

个人移动数据收集中的多维轨迹匿名方法

在情景感知位置服务中,移动互联网络的开放性使得个人移动数据面临巨大的安全风险,移动数据的时空关联特性对个人数据的隐私保护提出重大挑战.针对基于时空关联的背景知识攻击,本文提出了一种多维的轨迹匿名隐私保护方法.该方法在匿名轨迹数据收集系统的基础上,基于多用户协作的隐私保护模式,通过时间匿名和空间匿名算法,实现用户的隐私保护.实验结果表明,该方法可以有效的对抗基于位置和移动方式的背景知识攻击,满足了k-匿名的隐私保护要求.     

Correlation probability indistinguishable location privacy protection algorithm

The attack of corre1ation probabi1ity used by the adversary in snapshot query and continuous query services were measured.Then，on account of these attacks，a privacy protection framework based on the differentia1 privacy and a 1ocation-shift scheme to achieve the indistinguishab1e of corre1ation probabi1ities was provided，and the protection effectiveness of this method was proved.At 1ast，security ana1ysis and the experiment resu1ts further verify the protection effectiveness and guarantee the execution efficiency of the proposed scheme.     

Differential privacy protection technology and its application in big data environment

The privacy protection in big data is a research hotspot in the field of cyberspace security.As a strict and provable definition of privacy protection,studying application status of differential privacy protection in big data environment can provide reference and guidance for its subsequent system applications.Based on the analysis of the related concepts and technical characteristics of differential privacy protection,the application of differential privacy protection technology was reviewed in data distribution and analysis,cloud computing and big data computing,location and trajectory services and social networks,which expounded the current representative research results and analyzed its existing problems.The research shows that the existing results have made effective innovation and exploration of differential privacy protection applications from the aspects of differential privacy protection mechanism,noise addition mechanism and location,and data processing methods,and the related results have been cross-applied in different scenarios.Finally,four major problems that need to be studied in the further systematic application of differential privacy protection in the big data environment are proposed.     

视频隐私保护技术综述

互联网的快速发展和各类视频应用的日益普及,使视频个人隐私保护得到广泛关注。如何在保证视频应用的同时使隐私信息不被泄露是目前亟待研究和解决的热点问题。针对这些问题从视频隐私保护技术的研究现状进行综述,从隐私提取、隐私区域保护及访问权限控制3个方面进行概括、比较和分析。此外,对与视频隐私保护相关的一些问题,如隐私的定义、感知安全性评价等方面进行了讨论。最后总结了视频隐私保护技术面临的挑战,并对其发展趋势进行展望。     

Preserving User Anonymity in Context‐Aware Location‐Based Services: A Proposed Framework

Protecting privacy is an important goal in designing location‐based services. Service providers want to verify legitimate users and allow permitted users to enjoy their services. Users, however, want to preserve their privacy and prevent tracking. In this paper, a new framework providing users with more privacy and anonymity in both the authentication process and the querying process is proposed. Unlike the designs proposed in previous works, our framework benefits from a combination of three important techniques: k‐anonymity, timed fuzzy logic, and a one‐way hash function. Modifying and adapting these existing schemes provides us with a simpler, less complex, yet more mature solution. During authentication, the one‐way hash function provides users with more privacy by using fingerprints of users' identities. To provide anonymous authentication, the concept of confidence level is adopted with timed fuzzy logic. Regarding location privacy, spatial k‐anonymity prevents the users' locations from being tracked. The experiment results and analysis show that our framework can strengthen the protection of anonymity and privacy of users by incurring a minimal implementation cost and can improve functionality.     

Privacy self-correlation privacy-preserving scheme in LBS

The prevalence of mobile intelligent terminals gives the location-based service (LBS) more opportunities to enrich mobile users’ lives.However,mobile users enjoy the convenience with the cost of personal privacy.The side information and mobile user’s recent requirement records were considered,which were obtained or stored by the service provider.Based on the existence of recent requirement records,adversary can employ the inference attack to analysis mobile user’s personal information.Therefore,two schemes were proposed,including of basic privacy self-correlation privacy-preserving scheme (Ba-2PS) and enhanced privacy self-correlation privacy-preserving scheme(En-2PS).In En-2PS,the privacy-preserving scheme was designed from two dimensions of aspects of time factor and query region,which increased the uncertainty inferring out the real information.Finally,the privacy analysis was illustrated to proof En-2PS’s privacy degree,then the performance and privacy evaluation results indicate that En-2PS is effective and efficient.     

User Friendly Preferential Private Recommendation

To provide preferential protection for users while keeping good service utility, a preferential private recommendation framework ( named as PrefER) is proposed. In this framework, a preferential budget allocation scheme is designed and implemented at the system side to provide multilevel protection. And users' preference is utilized at the user side to improve recommendation performance without increasing users' burden. This framework is generic enough to be employed with other schemes. Recommendation accuracy based on the MovieLens dataset by the collaborative filtering schemes and PrefER are compared and analyzed. The experimental results show that PrefER can provide preferential privacy protection with the improvement of recommendation accuracy.