隐私保护的信息熵模型及其度量方法

隐私的量化是隐私保护技术的重要支撑,信息熵作为信息的量化手段,自然可以用于解决隐私度量问题. 基于Shannon信息论的通信框架,提出了几种隐私保护信息熵模型,以解决隐私保护系统的相关度量问题,主要包括：隐私保护基本信息熵模型、含敌手攻击的隐私保护信息熵模型、带主观感受的信息熵模型和多隐私信源的隐私保护信息熵模型.在这些模型中,将信息拥有者假设为发送方,隐私谋取者假设为接收方,隐私的泄露渠道假设为通信信道;基于这样的假设,分别引入信息熵、平均互信息量、条件熵及条件互信息等来分别描述隐私保护系统信息源的隐私度量、隐私泄露度量、含背景知识的隐私度量及泄露度量;以此为基础,进一步提出了隐私保护方法的强度和敌手攻击能力的量化测评,为隐私泄露的量化风险评估提供了一种支撑;最后,针对位置隐私保护的应用场景,给出了具体的信息熵模型及隐私保护机制和攻击能力的度量及分析.所提出的模型和隐私量化方法,可以为隐私保护技术和隐私泄露风险分析与评估提供可行的理论基础.     

面向云数据的隐私度量研究进展

隐私保护技术是云计算环境中防止隐私信息泄露的重要保障,通过度量这种泄露风险可反映隐私保护技术的隐私保护强度,以便构建更好的隐私保护方案。因此,隐私度量对隐私保护具有重大意义。主要对现有面向云数据的隐私度量方法进行综述：首先,对隐私保护技术和隐私度量进行概述,给出攻击者背景知识的量化方法,提出云数据隐私保护技术的性能评价指标和一种综合评估框架;然后,提出一种云数据隐私度量抽象模型,从工作原理和具体实施的角度对基于匿名、信息熵、集对分析理论和差分隐私四类隐私度量方法进行详细阐述;再从隐私度量指标和度量效果方面分析与总结这四类方法的优缺点及其适用范围;最后,从隐私度量的过程、效果和方法三方面指出云数据隐私度量技术的发展趋势及有待解决的问题。     

Factors mediating disclosure in social network sites

In this paper, we explore how privacy settings and privacy policy consumption (reading the privacy policy) affect the relationship between privacy attitudes and disclosure behaviors. We present results from a survey completed by 122 users of Facebook regarding their information disclosure practices and their attitudes about privacy. Based on our data, we develop and evaluate a model for understanding factors that affect how privacy attitudes influence disclosure and discuss implications for social network sites. Our analysis shows that the relationship between privacy attitudes and certain types of disclosures (those furthering contact) are controlled by privacy policy consumption and privacy behaviors. This provides evidence that social network sites could help mitigate concerns about disclosure by providing transparent privacy policies and privacy controls.     

差分隐私保护k- means聚类方法研究

研究了基于差分隐私保护的k-means聚类隐私保护方法。首先介绍了隐私保护数据挖掘和隐私保护聚类分析的研究现状,简单介绍了差分隐私保护的基本原理和方法。为了解决差分隐私k-means聚类方法聚类结果可用性差的问题,提出了一个新的IDP k-means聚类方法,并证明了其满足e-差分隐私保护。最后的仿真实验表明,在相同隐私保护级别下,IDP k-means聚类方法与差分隐私k-means聚类方法相比,聚类可用性得到了较大程度的提高。     

社交网络用户隐私泄露量化评估方法

社交网络用户隐私泄露的量化评估有利于帮助用户了解个人隐私泄露状况,提高公众隐私保护和防范意识,同时也能为个性化隐私保护方法的设计提供依据.针对目前隐私量化评估方法主要用于评估隐私保护方法的保护效果,无法有效评估社交网络用户的隐私泄露风险的问题,提出了一种社交网络用户隐私泄露量化评估方法.基于用户隐私偏好矩阵,利用皮尔逊相似度计算用户主观属性敏感性,然后取均值得到客观属性敏感性;采用属性识别方法推测用户隐私属性,并利用信息熵计算属性公开性;通过转移概率和用户重要性估计用户数据的可见范围,计算数据可见性;综合属性敏感性、属性公开性和数据可见性计算隐私评分,对隐私泄露风险进行细粒度的个性化评估,同时考虑时间因素,支持用户隐私泄露状况的动态评估,为社交网络用户了解隐私泄露状况、针对性地进行个性化隐私保护提供支持.在新浪微博数据上的实验结果表明,所提方法能够有效地对用户的隐私泄露状况进行量化评估.     

基于k-匿名位置隐私保护的自适应学习模型

个性化k-匿名模型能够根据用户隐私偏好实现隐私保护,为用户提供控制位置隐私更多选择性,但由于设置隐私偏好的复杂性,就算最为注重隐私保护的用户也可能忽略一些问题。研究的目的是开发一个框架,帮助用户选择自己的隐私偏好,有效管理和获取来自匿名者的隐私内容。分析一组影响隐私配置选择因素,构建自适应学习模型来帮助用户做出正确的决定,保护他们的隐私信息。随着学习模型的成熟,将以最小的用户干预来管理各种情况下不同用户的隐私偏好,防止隐私泄露,并鼓励用户使用模型推荐的隐私设置。     

Computational data privacy in wireless networks

Wireless networks appeal to privacy eavesdroppers that secretly capture packets from the open medium and read the metadata and data content in search of any type of information through data mining and statistical analysis. Addressing the problems of personal privacy for wireless users will require flexible privacy protection mechanisms adaptively to the frequently varying context. Privacy quantification is prerequisite for enabling a context-aware privacy protection in wireless networks. This paper proposes to quantify the data privacy during wireless communication processes. We give a computational quantification method of data privacy through introducing the concepts of privacy entropy and privacy joint entropy, which permits users and applications to on-demand customize their preferential sensitivity extent of privacy leakage and protection strength. Accordingly, we put forward a data-privacy protection scheme in order to explain how to utilize the proposed computational quantification method of data privacy against the excessive disclosure of data privacy. The results show that the computational quantitation method can effectively characterize the real-time fluctuation of data privacy during communication processes and provide the reliable judgment to context-aware privacy protection, which enables to real-timely control the present data privacy to an anticipated target and to balance a tradeoff between the data privacy and communication efficiency.     

A multi-level model of individual information privacy beliefs

Several types of individual information privacy beliefs have been studied in literature, but their distinctions, relationships, and behavioral impacts have yet been systematically analyzed, causing difficulties in comparing and consolidating results across literature. Based on a review on various types of privacy beliefs, this study develops a multi-level model to strengthen this concept. The model consists of three levels of privacy beliefs, including: disposition to privacy, representing a person’s fundamental beliefs and overall propensity to value privacy across contexts; online privacy concern, representing a person’s overall perception of privacy risks in the online environment; and website privacy concern, representing a person’s perception of privacy risks on a particular website. An empirical test reveals that disposition to privacy has a positive impact on both online privacy concern and website privacy concern, and website privacy concern is the only significant predictor of intentions to disclose information and transact on a website. The study helps to synthesize individual information privacy beliefs and assists in understanding their impacts on online behavior.     

面向云计算隐私保护的5A问责制建模

针对云计算数据安全的核心问题——隐私安全的保护问题,提出了一种面向云计算隐私保护的5A问责机制。并基于该5A问责机制,对服务提供方的隐私安全策略、租户的隐私需求、云隐私暴露条件和安全场景等进行了精确定义和形式化描述与建模。主要以描述逻辑为基础,重点研究面向语义的云隐私需求描述方法,并对云隐私需求和服务提供方的隐私策略一致性等问题进行检测,避免冲突。在界定并形式化描述云隐私暴露条件和云安全场景的基础上,采用Protégé本体建模工具对云租户的隐私需求和云服务提供方的隐私策略、隐私暴露条件和安全场景等进行建模并检验,验证了形式化建模及其描述的一致性和完整性,为后续5A问责制机制的实现奠定了基础。     

基于聚类的云隐私行为挖掘技术

随着云计算的不断普及,隐私安全问题逐渐显现,已成为制约云计算发展的重要障碍。受经济社会“问责制”的启发,从规范和约束云参与者隐私行为的角度,针对云参与者的隐私违约认定的问题,进行了基于审查对象隐私行为挖掘的研究。对隐私日志行为数据进行预处理,采用夹角余弦法来定义任意两个隐私会话之间的相似度并构建云隐私间的相似度矩阵,选择K-均值聚类算法对隐私会话基于设置的云隐私规则进行相似度聚类。实验测试结果表明所提出的隐私聚类挖掘技术能够精确地对云系统隐私行为及其相似度进行识别并聚类。     

基于图论与互信息量的差分隐私度量模型

差分隐私是数据发布、数据挖掘领域内隐私保护的重要工具,但其强度和效果仅能后验评估,且高度依赖于经验性选择的隐私预算。文中提出一种基于图论和互信息量的差分隐私量化模型和隐私泄露量计算方法。利用信息论通信模型重构了差分隐私保护框架,构造了差分隐私信息通信模型和隐私度量模型;基于图的距离正则和点传递提出隐私泄露互信息量化方法,证明并计算了差分隐私泄露量的信息量上界。分析和对比表明,该隐私泄露上界与原始数据集的属性数量、属性值数量以及隐私预算参数具有较好的函数关系,且计算限制条件较少。文中所提方法优于现有方法,能够为差分隐私算法的设计及评价、隐私泄露风险评估提供理论支撑。     

Control your Facebook: An analysis of online privacy literacy

For an effective and responsible communication on social network sites (SNSs) users must decide between withholding and disclosing personal information. For this so-called privacy regulation, users need to have the respective skills—in other words, they need to have online privacy literacy. In this study, we discuss factors that potentially contribute to and result from online privacy literacy. In an online questionnaire with 630 Facebook users, we found that people who spend more time on Facebook and who have changed their privacy settings more frequently reported to have more online privacy literacy. People with more online privacy literacy, in turn, felt more secure on Facebook and implemented more social privacy settings. A mediation analysis showed that time spend on Facebook and experience with privacy regulation did not per se increase safety and privacy behavior directly, stressing the importance of online privacy literacy as a mediator to a safe and privacy-enhancing online behavior. We conclude that Internet experience leads to more online privacy literacy, which fosters a more cautious privacy behavior on SNSs.     

基于位置服务的隐私保护机制度量研究综述

如何度量隐私保护机制的隐私水平和对服务质量的影响是当前位置服务隐私保护中的一个重要课题。本文对位置服务中隐私保护机制度量的研究现状和进展进行了阐述。介绍了位置服务中隐私保护机制度量的研究背景,归纳总结了位置服务中的隐私信息、攻击模型和隐私度量方法及其评价指标,给出了基于位置服务的隐私保护机制度量框架,并提出了未来需要深入研究的方向。     

A privacy policy conflict detection method for multi-owner privacy data protection

The current privacy-preserving researches focus on single-owner privacy data. However, multi-owner privacy data, which is also a widespread privacy data, need to be properly protected. At first, the characteristics of multi-owner privacy data and its protection requirement is introduced in this paper. Secondly, a data schema based on deputy mechanism for multi-owner privacy data is proposed. Thirdly, based on the schema, this paper proposes a privacy policy conflict detection method based on sub-graph isomorphic. This method models the privacy policy and each possible policy conflict pattern as a stratified-directed graph (SDG), and provides an algorithm to detect whether the SDG of a privacy conflict mode is isomorphic to that of privacy policies.     

An Extended Privacy Calculus Model for SNSs: Analyzing Self‐Disclosure and Self‐Withdrawal in a Representative U.S. Sample

The privacy calculus established that online self‐disclosures are based on a cost‐benefit tradeoff. For the context of SNSs, however, the privacy calculus still needs further support as most studies consist of small student samples and analyze self‐disclosure only, excluding self‐withdrawal (e.g., the deletion of posts), which is essential in SNS contexts. Thus, this study used a U.S. representative sample to test the privacy calculus' generalizability and extend its theoretical framework by including both self‐withdrawal behaviors and privacy self‐efficacy. Results confirmed the extended privacy calculus model. Moreover, both privacy concerns and privacy self‐efficacy positively predicted use of self‐withdrawal. With regard to predicting self‐disclosure in SNSs, benefits outweighed privacy concerns; regarding self‐withdrawal, privacy concerns outweighed both privacy self‐efficacy and benefits.     

射频识别(RFID)隐私保护技术综述

随着RFID(radio frequency identification)技术的广泛应用,引发的隐私威胁问题越来越突出.了解RFID隐私的内涵和常见攻击方法,掌握现有的RFID隐私保护技术,有助于减少RFID隐私信息的泄漏.从RFID技术的基本概念入手,全面分析了RFID隐私及隐私威胁,给出了RFID隐私分类方法;对RFID隐私中的跟踪攻击和罗列攻击两种攻击方法进行了深入探讨.在此基础上,对现有典型的RFID隐私防御方法进行了详细讨论.全面介绍了RFID隐私保护技术发展现状和动态,可作为开展RFID隐私保护技术研究工作的参考和借鉴.     

智能电网隐私保护工程分析与相关对策

保护电力消费者的数据和隐私对于智能电网来说是至关重要的。纵观全球,目前的智能电网往往趋于关注隐私安全的需要,隐私仅仅作为智能电网的一个特性存在。为了填补隐私保护在智能电网中的空白,同时帮助智能电网工程师分析隐私威胁、选择合适的策略即隐私保护技术最后达到解决智能电网系统开发阶段的隐私问题的目的,描述了相应的方法框架和指导规则,对现有的隐私保护技术进行了详细的总结,讨论了其应用的环境,并阐述了隐私实施过程中面对的潜在挑战。     

面向移动终端情景隐私保护设计研究

基于情境的个性化服务已经广泛应用在人们的日常生活中,并且在不断扩展服务的应用范围。然而,在这些 个性化服务体验的背后,也隐藏着不容忽视的隐私问题。因此,研究情景隐私的保护有迫切的现实需要。本论文重新分析移 动端重情境隐私保护的隐私模型,突破当前情境隐私保护的狭隘概念,完善情境隐私保护的理论基础,提出新的情境隐私的保 护方法,拟将解决当前情境隐私保护中理论基础不完善的现状,促进密码学、网络安全与软件安全技术的发展与情境隐私保护 方法的实用化。     

Developing a Culture of Privacy: A Case Study

In building a culture of privacy, an organization must clearly articulate privacy as an organizational priority; communicate key privacy and security messages; educate across the organization; raise awareness of the importance of registering privacy incidents and breaches; build privacy into the fabric of the organization's activities; and make privacy information and guidance readily accessible. Accomplishing these objectives provides a framework to create or reinforce a privacy culture. In 2003, the province of Ontario, Canada, created the smart systems for health agency (SSHA) to connect healthcare professionals across the province.     

基于策略的移动RFID隐私安全问题研究

隐私安全问题是移动RFID众多安全问题中最重要的问题之一.对移动RFID的隐私安全问题进行研究,并提出一个基于策略的移动RFID隐私保护系统,该系统通过建立和管理应用服务的隐私保护策略,并根据标签的隐私策略对信息进行访问控制,确保隐私安全.