移动群智感知融合数据隐私保护方法

感知融合数据包含用户日常行为习惯和生活轨迹等敏感信息,需要进行有效的隐私保护,针对传统方法存在无法准确衡量用户与位置关系,导致通信开销过大的问题,提出一种基于数据中台技术的移动群智感知融合数据隐私保护方法。将感知融合数据整合上传到数据中台,利用数据中台技术提取属性信息确定隐私敏感等级,构建数据隐私保护算法。实验测试表明,提出的方法隐私保护水平、数据精确度、数据完整性上具有较好的效果;冗余数据明显减少,降低了数据通信量,说明通信开销性能更好,可应用于实际移动群智感知应用中。     

基于Tangle网络的移动群智感知数据安全交付模型

针对现有群智感知平台在数据和酬金交付过程中存在的安全风险和隐私泄露问题,该文提出一种基于Tangle网络的分布式群智感知数据安全交付模型。首先,在数据感知阶段,调用局部异常因子检测算法剔除异常数据,聚类获取感知数据并确定可信参与者节点。然后,在交易写入阶段,使用马尔科夫蒙特卡洛算法选择交易并验证其合法性,通过注册认证中心登记完成匿名身份数据上传,并将交易同步写入分布式账本。最后,结合Tangle网络的累计权重共识机制,当交易安全性达到阈值时,任务发布者可进行数据和酬金的安全交付。仿真试验表明,在模型保护用户隐私的同时,增强了数据和酬金的安全交付能力,相比现有感知平台降低了时间复杂度和任务发布成本。

     

群智感知环境下基于节点分类的数据隐私保护增强机制研究

物联网技术的发展使得各种各样的智能感知设备应运而生,这些智能感知设备需要不断收集各项数据来完成感知任务,随着参与感知任务的设备增加,出现了大量数据隐私泄露问题,数据隐私保护机制已经无法满足复杂的感知数据保护要求。因此在群智感知环境下,基于节点分类设计新的数据隐私保护增强机制,首先在群智感知环境下设计感知任务模型,其次基于节点分类分析数据隐私保护增强学习冲突,最后在群智感知环境下进行性能评估,从而构建综合数据隐私保护增强机制。实验结果表明,使用该数据隐私保护增强机制后,泄露的隐私信息条数较少,证明其具有有效性,有一定的应用价值,可以作为后续数据隐私保护的参考。     

移动群智感知质量度量与保障

认为移动群智感知网络的感知质量包含时空覆盖质量和数据质量两个层面,前者关注是否能采集到足够多的数据,而后者关注数据是否足够准确和可信。分别从这两个层面讨论了感知质量度量和保障的方法,对移动群智感知网络的部署和应用具有一定的指导意义和实用价值。     

基于组合多臂赌博机的移动群智感知用户招募算法

在移动群智感知任务分配中,数据平台不知道用户的感知质量或成本值的前提下,如何建立合适的用户招募机制是该文需要解决的关键问题,不仅需要在用户执行的过程学习其感知质量值,还要尽可能保证移动群智感知平台的高效性和利润最大化。因此该文提出基于组合多臂赌博机(CMAB)的移动群智感知用户招募算法来解决用户成本已知和未知的招募问题。首先把用户招募过程建模为组合多臂赌博机模型,每个摇臂代表选择不同的用户,所获得的收益代表用户的感知质量;其次提出基于上限置信区间 (UCB)算法的感知质量函数,根据任务完成情况更新用户的感知质量;然后在每轮的用户招募过程中,学习用户的感知质量和成本,并提出一种新颖的贪婪修复算法。该算法是将用户的感知质量值从高到低进行排序,再选择满足预算条件下感知质量值与招募成本最大比率的用户,最后分配任务和更新其感知质量。最后进行了大量基于真实数据集的实验仿真,以此验证算法的可行性与有效性。     

个人移动数据收集中的多维轨迹匿名方法

在情景感知位置服务中,移动互联网络的开放性使得个人移动数据面临巨大的安全风险,移动数据的时空关联特性对个人数据的隐私保护提出重大挑战.针对基于时空关联的背景知识攻击,本文提出了一种多维的轨迹匿名隐私保护方法.该方法在匿名轨迹数据收集系统的基础上,基于多用户协作的隐私保护模式,通过时间匿名和空间匿名算法,实现用户的隐私保护.实验结果表明,该方法可以有效的对抗基于位置和移动方式的背景知识攻击,满足了k-匿名的隐私保护要求.     

群智感知网络的发展及挑战

随着无线移动终端设备的爆炸式普及,移动感知和众包思想的结合产生了新型物联网感知模式,即群智感知。文章结合群智感知网络的发展,分别介绍了它的概念、基本特征、系统结构、典型应用以及面临的问题。     

车联网群智感知与服务

移动群智感知与协同计算是车联网的核心特征之一。通过对集中式和分布式两种车联网群智感知框架的结构、工作过程、优势与问题的分析,提出了支持车联网群智感知与服务的混合式框架模型。混合式模型融合集中式在感知效率和分布式在信息效用方面的优势,解决了车联网群智感知在高效性与实时性之间的矛盾,为移动智群感知和协同计算拓展了新的研究领域。     

移动群智感知系统的任务分配方法研究综述

近年来,随着移动智能终端性能和网络传输能力不断提升,移动群智感知系统得到广泛关注.参与者的趋利性易导致系统效用低且难以完成既定任务.因此,合理的任务分配机制能够保证系统采集较优质量数据、达到更广覆盖范围,并使系统效益最大化.本文首先概述移动群智感知基本概念和工作流程;然后分析移动群智感知系统任务分配环节的2个核心研究问...     

群智感知网络发展现状及面临问题

<正>随着移动终端设备、嵌入式传感器设备等的快速发展,移动群智感知网络成为物联网的新感知技术,相较于传统感知网络解决了成本高的难题,近年来被广泛应用于发展。本文主要从移动群智感知网络的发展研究现状及未来面临问题进行综述。通过对群智感知网络的定义、特点及架构,群智感知网络在3个方面的经典应用等进行阐述和总结。     

Private data aggregation with integrity assurance and fault tolerance for mobile crowd-sensing

Mobile crowd-sensing can learn the aggregate statistics over personal data to produce useful knowledge about the world. Since personal data may be privacy-sensitive, the aggregator should only gain desired statistics without learning anything about the personal data. To guarantee differential privacy of personal data under an untrusted aggregator, existing approaches encrypt the noisy personal data, and allow the aggregator to get a noisy sum. However, these approaches lack of either efficient support of dynamic joins and leaves, or secure data-integrity verification, or fault tolerance. In this paper, we propose a novel private data aggregation scheme to address these issues for mobile crowd-sensing applications. In our scheme, we first design an efficient group management protocol to deal with the participants’ dynamic joins and leaves. Then we enhance the scheme with data-integrity verification by considering the security vulnerability of limited data range. Moreover, we guarantee fault tolerance by leveraging a future message buffering mechanism, enabling continuously obtaining aggregate results and integrity verifications when failures happen. The analysis indicates that our scheme achieves desired properties, and the performance evaluation demonstrates the scheme’s efficiency in terms of communication and computation overhead.     

PSMECS: A provably secure ID-based communication in mobile edge computing

Human-centered systems play an important role in the modern world, for example, driverless car, autonomous and smart vehicles, drones, and robotics. The internet of things environment demands a faster real-time response depending on the applications processed in a particular duration. Mobile edge computing (MEC) allows a user to get a real-time response as compared with cloud computing (CC), although ensuring a number of security attributes in MEC environment remains challenging. In this article, a protocol is designed to achieve mutual authentication, anonymous communication, and security against traceability, as these are very crucial factors to ensure the security of data and user's privacy. Moreover, the proposed scheme ensures mutual authentication between a mobile user and an edge server along with the user's anonymity and untraceability. The proof of security and evaluation of performance of the scheme validates that it ensures security attributes and improves efficiency in terms of communication and computation overheads.     

AMOEBA: Robust Location Privacy Scheme for VANET

Communication messages in vehicular ad hoc networks (VANET) can be used to locate and track vehicles. While tracking can be beneficial for vehicle navigation, it can also lead to threats on location privacy of vehicle user. In this paper, we address the problem of mitigating unauthorized tracking of vehicles based on their broadcast communications, to enhance the user location privacy in VANET. Compared to other mobile networks, VANET exhibits unique characteristics in terms of vehicular mobility constraints, application requirements such as a safety message broadcast period, and vehicular network connectivity. Based on the observed characteristics, we propose a scheme called AMOEBA, that provides location privacy by utilizing the group navigation of vehicles. By simulating vehicular mobility in freeways and streets, the performance of the proposed scheme is evaluated under VANET application constraints and two passive adversary models. We make use of vehicular groups for anonymous access to location based service applications in VANET, for user privacy protection. The robustness of the user privacy provided is considered under various attacks.     

Privacy from Promises to Protection

Privacy issues are becoming more and more important especially since the cyber and the real world are converging up to certain extent when using mobile devices. Means that really protect privacy are still missing. The problem is, as soon as a user provides data to a service provider the user looses control over her data. The simple solution is not to provide any data but then many useful services, e.g. navigation applications, cannot be used. In order to solve this problem, we propose privacy guaranteeing execution containers (PGEC). Basically the concept is that the application obtains access to the user data in a specially protected and certified environment, the PGEC. PGECs enable applications to access private user data and guarantee that the user data is deleted as soon as the service is quit. The PGEC also restricts the communication between the application and the service provider to what is explicitly allowed by the service user. In addition to those means the PGEC also implements countermeasures against malicious attacks such as modified host systems and covert channel attacks, which might be misusing CPU load to signal data out of the PGEC. Thus, the PGEC guarantees a “one time use” of the provided private data.     

Anonymous authentication scheme of trusted mobile terminal under mobile Internet

In order to solve the contradictions between user privacy protection and identity authentication, an anonymous authentication scheme under mobile Internet is proposed, which is based on the direct anonymous attestation of trusted computing and uses the encrypting transfer and signature validation for its implementation. Aiming at two access mode of trusted mobile terminal under mobile Internet, self access and cross-domain access, the authentication process of each mode is described in details. The analysis shows that the scheme implements anonymous authentication on mobile Internet and is correct, controllable and unforgeable.     

Applying privacy on the dissemination of location information

Recent achievements in the positioning technology enable the provision of location-based services that require high accuracy. On the other hand, location privacy is important, since position information is considered as personal information. Thus, anonymity and location privacy in mobile and pervasive environments has been receiving increasing attention during the last few years, and several mechanisms and architectures have been proposed to prevent “big brother” phenomena. In this paper, we discuss an architecture to shield the location of a mobile user and preserve the anonymity on the service delivery. This architecture relies on un-trusted entities to distribute segments of anonymous location information, and authorizes other entities to combine these portions and derive the actual location of a user. The paper describes how the proposed architecture takes into account the location privacy requirements, and how it is used by the end users’ devices, e.g., mobile phones, for the dissemination of location information to Service Providers. Furthermore, it discusses performance study experiments, based on real location data, and summarizes the threats analysis results.     

移动医疗应用程序的数据隐私和安全性分析

随着移动医疗应用程序的普及,其数据隐私和安全问题引起了广泛关注。文中对当前移动医疗应用中的数据隐私和安全现状进行了分析,探讨了数据处理方式、面临的安全挑战、影响数据隐私和安全的因素以及风险评估机制。此外,还研究了技术和法规的双重影响,用户行为对数据安全的影响以及当前数据保护的最佳实践。结合这些分析,文中提出了一系列面向未来的策略和建议,旨在提升移动医疗应用的数据保护能力。     

基于票据的车联网安全和隐私保护方案

随着车联网的发展,车辆通信将在提高行车安全,驾驶效率和舒适度方面发挥重要作用。车辆将访问多种应用,考虑到现有行车安全应用面临的严峻威胁,加之对用户验证、授权和计费的需求,攻击防护安全对于车载自组网来说尤为重要。在车辆使用基于位置的服务或行车安全服务时,攻击者可能会窃听通信内容,获取用户身份信息和位置隐私。为了提高车载自组织网安全,提出了一种采用分布式车辆公钥基础设施(VPKI)对车辆通信安全、位置隐私和身份匿名进行保护的方案。该方案采用票据为应用服务提供匿名访问控制和认证,并且可以解析和撤销不法车辆身份。最后,通过实验分析方案的效率来证明VPKI的可实施性。     

Identity-Based User Authenticated Key Agreement Protocol for Multi-Server Environment with Anonymity

A multi-server environment is an important application paradigm in the Internet of Things (IoT). It enables a user access services from different vendors without having to go through multiple registration. The privacy of one who desires to access these services is often crucial. In order to access this service in a manner that assures user privacy, a user needs to be anonymously authenticated independent of the vendors’ services. However, existing identity-based anonymous schemes are only suitable for the client-server domain. Moreover, these schemes provide conditional anonymity which presupposes that if an adversary discovers the user’s private key, the identity can easily be recovered and misused. To avoid this situation, a new unconditional anonymity identity-based user authenticated key agreement scheme for IoT multi-server environment is introduced in this paper. Our protocol applies a ring signature to allow users to anonymously authenticate themselves in the severs without revealing their identities. Hence, an adversary cannot recover the user’s identity even when the user’s private key is known. We further provide a security proof in the random oracle model. Compared with the existing protocols, our proposed scheme is well fitting for mobile phone applications and guarantees the privacy of users in IoT multi-server domain.