Light-Weight Selective Image Encryption for Privacy Preservation

To protect personal privacy and confidential preservation, access control is used to authorize legal users for safe browsing the authorized contents on photos. The access control generates an authorization rule according to each permission assignment. However, the general access control is inappropriate to apply in some social services (e.g., photos posted on Flickr and Instagram, personal image management in mobile phone) because of the increasing popularity of digital images being stored and managed. With low maintenance loads, this paper integrates the data hiding technique to propose an access control mechanism for privacy preservation. The proposed scheme changes the partial regions of a given image as random pads (called selective image encryption) and only allows the authorized people to remedy the random pads back to meaningful ones which are with similar visual qualities of original ones.     

Privacy measurement method using a graph structure on online social networks

Recently, with an increase in Internet usage, users of online social networks (OSNs) have increased. Consequently, privacy leakage has become more serious. However, few studies have investigated the difference between privacy and actual behaviors. In particular, users' desire to change their privacy status is not supported by their privacy literacy. Presenting an accurate measurement of users' privacy status can cultivate the privacy literacy of users. However, the highly interactive nature of interpersonal communication on OSNs has promoted privacy to be viewed as a communal issue. As a large number of redundant users on social networks are unrelated to the user's privacy, existing algorithms are no longer applicable. To solve this problem, we propose a structural similarity measurement method suitable for the characteristics of social networks. The proposed method excludes redundant users and combines the attribute information to measure the privacy status of users. Using this approach, users can intuitively recognize their privacy status on OSNs. Experiments using real data show that our method can effectively and accurately help users improve their privacy disclosures.     

基于布隆过滤器的轻量级隐私信息匹配方案

针对智能终端用户私有数据匹配中的隐私保护问题,基于布隆过滤器和二元向量内积协议,提出一种新的综合考虑用户属性及其偏好的轻量级隐私信息匹配方案,包括建立基于Dice相似性系数的二维向量相似度函数、设置参数、生成布隆过滤器、计算二元向量内积、计算相似度和确定匹配对象6个部分。该方案采用基于布隆过滤器的相似度估计和基于混淆方法的二元向量内积协议,在不依赖于可信第三方的前提下,大幅度降低计算开销,且能够有效抵御蛮力攻击和无限制输入攻击。实验结果表明,该方案与典型代表方案相比,计算效率得到明显提升。     

基于PBAC模型和IBE的医疗数据访问控制方案

医疗卫生领域形成的医疗大数据中包含了大量的个人隐私信息,面临着外部攻击和内部泄密的潜在安全隐患。传统的访问控制模型没有考虑用户访问目的在侧重数据隐私的访问控制中的重要作用,现有的对称、非对称加密技术又都存在密钥管理、证书管理复杂的问题。针对这些问题,提出了综合应用PBAC模型和IBE加密技术的访问控制方案,支持针对医疗数据密文的灵活访问控制。通过加入条件目的概念对PBAC模型进行扩展,实现了对目的树的全覆盖;以病患ID、条件访问位和预期目的作为IBE身份公钥进行病患数据加密,只有通过认证并且访问目的符合预期的用户才能获得相应的私钥和加密数据,从而实现对病患信息的访问。实验结果证明,该方案达到了细粒度访问控制和隐私保护的目的,并具有较好的性能。     

基于差分隐私的权重社会网络隐私保护

针对权重社会网络发布隐私保护中的弱保护问题,提出一种基于差分隐私模型的随机扰动方法可实现边及边权重的强保护。设计了满足差分隐私的查询模型-WSQuery,WSQuery模型可捕获权重社会网络的结构,以有序三元组序列作为查询结果集;依据WSQuery模型设计了满足差分隐私的算法-WSPA,WSPA算法将查询结果集映射为一个实数向量,通过在向量中注入Laplace噪音实现隐私保护;针对WSPA算法误差较高的问题提出了改进算法-LWSPA,LWSPA算法对查询结果集中的三元组序列进行分割,对每个子序列构建满足差分隐私的算法,降低了误差,提高了数据效用。实验结果表明,提出的隐私保护方法在实现隐私信息的强保护同时使发布的权重社会网络仍具有可接受的数据效用。     

Privacy self-correlation privacy-preserving scheme in LBS

The prevalence of mobile intelligent terminals gives the location-based service (LBS) more opportunities to enrich mobile users’ lives.However,mobile users enjoy the convenience with the cost of personal privacy.The side information and mobile user’s recent requirement records were considered,which were obtained or stored by the service provider.Based on the existence of recent requirement records,adversary can employ the inference attack to analysis mobile user’s personal information.Therefore,two schemes were proposed,including of basic privacy self-correlation privacy-preserving scheme (Ba-2PS) and enhanced privacy self-correlation privacy-preserving scheme(En-2PS).In En-2PS,the privacy-preserving scheme was designed from two dimensions of aspects of time factor and query region,which increased the uncertainty inferring out the real information.Finally,the privacy analysis was illustrated to proof En-2PS’s privacy degree,then the performance and privacy evaluation results indicate that En-2PS is effective and efficient.     

基于隐私本体的个性化访问控制模型

在信息收集频繁化、普遍化的今天,由用户制定隐私策略、自主控制个人信息访问的方式,可以最大程度满足用户的隐私保护需求。构建的隐私本体,客观反映了隐私保护领域普遍认可的知识,体现了用户最根本的隐私保护需求。基于隐私本体的个性化访问控制模型采用基于隐私本体的通用策略与个性策略相结合的模式,通过多级链式激活的方式实现用户不同粒度、灵活多变的个性化隐私保护需求。     

Privacy preserving friend discovery cross domain scheme using re-encryption in mobile social networks

In order to guarantee the users’ privacy in the process of making friends in the mobile social networks,a new scheme of proxy re-encryption privacy protection in the cross-domain environment was introduced.The scheme employed the cross-domain multi-authority to sharing secret keys,so as to realize the access and shave of the cross-domain users data.And the secret keys of users’ attributes were re-encrypted,based on the technology of the proxy re-encryption and attribute encryption,to achieve the friends matching under the conditions of extending the access policy.Meanwhile,in purpose of enhancing the privacy of users’ data,the technology which contained the separation of users’ privacy ciphertext and secret keys was adopted.Based on that,problems in the existing system such as user data’s inability to be shared cross-cloud,less matching during the process of making friends and users’ inability to make friends when offline had been addressed.Security and experimental analysis show that this scheme can achieve chosen plaintext attack (CPA) security,ensure the privacy of friend discovery,and that is more effective than existing solutions.     

Encrypted data sharing with multi-owner based on digital rights management in online social networks简

The online social networks（OSNs） offer attractive means for social interactions and data sharing, as well as raise a number of security and privacy issues. Although current solutions propose to encrypt data before sharing, the access control of encrypted data has become a challenging task. Moreover, multiple owners may enforce different access policy to the same data because of their different privacy concerns. A digital rights management（DRM） scheme is proposed for encrypted data in OSNs. In order to protect users＇ sensitive data, the scheme allows users outsource encrypted data to the OSNs service provider for sharing and customize the access policy of their data based on ciphertext-policy attribute-based encryption. Furthermore, the scheme presents a multiparty access control model based on identity-based broadcast encryption and ciphertext-policy attribute-based proxy re-encryption, which enables multiple owners, such as tagged users who appear in a single data, customize the access policy collaboratively, and also allows the disseminators update the access policy if their attributes satisfy the existing access policy. Security analysis and comparison indicate that the proposed scheme is secure and efficient.     

Understanding user privacy expectations: A software developer’s perspective

Software developers are trained to develop and design software applications that provide services to users. However, software applications sometimes collect users’ data without their knowledge. When applications collect and use users’ data without transparency, this leads to user privacy invasions because users do not expect the application to collect and use these information. Therefore, it is important that software developers understand users’ privacy expectations when designing applications in order to handle user data transparently in software applications. However, due to the lack of systematic approaches to extract user privacy requirements, developers end up designing applications either based on their assumptions on user privacy expectations, or relating to their own expectations of privacy as a user. Nevertheless, how accurate these perceived privacy expectations are against actual user expectations is not currently known. This research focuses on investigating developers’ privacy expectations from a user point of view against users’ privacy expectations. We also investigate developers’ assumptions on user privacy expectations against actual user privacy expectations. Our findings revealed that developers’ assumptions on user privacy expectations are close to their own expectations of privacy from a user point of view and that developers’ privacy expectations from a user point of view are significantly different from actual user privacy expectations. With this understanding, we provide recommendations for software developers to understand and acknowledge user expectations on privacy when they design and develop applications.     

Trajectory differential privacy protection mechanism based on prediction and sliding window

To address the issues of privacy budget and quality of service in trajectory differential privacy protection,a trajectory differential privacy mechanism integrating prediction disturbance was proposed.Firstly,Markov chain and exponential perturbation method were used to predict the location which satisfies the differential privacy and temporal and spatial security,and service similarity map was introduced to detect the availability of the location.If the prediction was successful,the prediction location was directly used to replace the location of differential disturbance,to reduce the privacy cost of continuous query and improve the quality of service.Based on this,the trajectory privacy budget allocation mechanism based on w sliding window was designed to ensure that any continuous w queries in the trajectory meet the ε-differential privacy and solve the trajectory privacy problem of continuous queries.In addition,a privacy customization strategy was designed based on the sensitivity map.By customizing the privacy sensitivity of semantic location,the privacy budget could be customized to improve its utilization.Finally,the validity of the scheme was verified by real data set experiment.The results illustrate that it offers the better privacy and quality of service.     

Improving user content privacy on social networks using rights management systems

Currently, millions and millions of users are using online social networks to share their thoughts, experiences and content with online friends. Documents, videos, music and pictures are shared online, relying on the privacy and security controls offered by the social network platforms, with little control from the end user. This creates serious privacy concerns, since the control over the content shared online on the social network is out of the hands of the user. In this paper, the authors propose an approach for content privacy shared on social networks that is user-centric and not based on the social network platform. In order to achieve that, an architecture based on a rights management platform capable of enforcing the necessary security and privacy mechanisms that extend the original controls provided by the social network platform will be presented. That way, users will be able to control their privacy settings and protect their own content, even when they are no longer part of the social network (suspending or deleting its account).     

隐私计算研究范畴及发展趋势

随着移动互联网、云计算和大数据技术的广泛应用,电商、搜索、社交网络等服务在提供便利的同时,大数据分析使用户隐私泄露的威胁日益凸显,不同系统隐私保护策略和能力的差异性使隐私的延伸管理更加困难,同一信息的隐私保护需求随时间变化需要多种隐私保护方案的组合协同。目前已有的各类隐私保护方案大多针对单一场景,隐私缺乏定量化的定义,隐私保护的效果、隐私泄露的利益损失以及隐私保护方案融合的复杂性三者之间的关系刻画缺乏系统的计算模型。因此,在分析隐私保护研究现状的基础上,提出隐私计算的概念,对隐私计算的内涵加以界定,从隐私信息的全生命周期讨论隐私计算研究范畴,并从隐私计算模型、隐私保护场景适应的密码理论、隐私控制与抗大数据分析的隐私保护、基于信息隐藏的隐私保护以及支持高并发的隐私保护服务架构等方面展望隐私计算的发展趋势。     

连续服务请求下基于假位置的用户隐私增强方法

基于假位置的隐私保护方案在为用户提供准确位置服务查询结果的同时,还无需第三方和共享密钥。然而,当用户连续请求位置服务时,由于现有保护单次查询的假位置方案未考虑相邻位置集合间的时空关系,使攻击者能推断出假位置,降低用户的位置隐私保护等级。针对上述问题,采用现有假位置方案生成候选假位置,并通过连续合理性检查和单次隐私增强对其进行筛选,提出一个适用于连续请求的假位置隐私保护增强方法。安全性分析表明,所提方法能保证连续请求中形成的移动路径在时空上不可区分,有效保护连续请求中的用户位置隐私。大量实验表明,所提方法在不增加用户计算开销的同时,与采用的候选假位置生成方案相比,还能提高用户单次查询的隐私保护等级。     

Pseudonym changing strategy with multiple mix zones for trajectory privacy protection in road networks

In road network, vehicles' location may be identified, and their transmissions may even tracked by eavesdrops (eg, safety messages) that contain sensitive personal information such as identity and location of the vehicle. This type of communication leads to breaking the users' trajectory privacy. Frequently changing pseudonyms are widely accepted as a solution that protects the trajectory privacy of users in road networks. However, this solution may become invalid if a vehicle changes its pseudonym at an improper occasion. To cope with this issue, we presented an efficient pseudonym change strategy with multiple mix zones scheme to provide trajectory privacy for road network. In addition, we protected vehicles against linkability attack by cheating mechanism. Henceforth, we constructed a cheating detection mechanism which allows the vehicles to verify whether the pseudonym change process is successful or not and also detect to malicious vehicles. In this way, users' trajectory privacy can be improved. Finally, by taking the anonymity set size (ASS) as the trajectory privacy metric, we exhibit by means of simulations that the proposed scheme is effective in multiple networks scenarios.     

Privacy-preserving and efficient user matching based on attribute encryption in mobile social networks

With the rapid popularity of social networking platforms, users can be matched when sharing their profiles. However, there is a risk of leakage of sensitive user information during the user matching process, which leads to the lack of user privacy protection. In this paper, we propose a privacy protection scheme based on the encryption of hidden attributes during user matching in mobile social networks, which uses linear secret sharing scheme (LSSS) as the access structure based on ciphertext policy attribute-based encryption (CP-ABE), and the match server can perform friend recommendation by completing bi-directional attribute matching determination without disclosing user attribute information. In addition, the use of selective keywords protects the privacy of requesters and publishers in selecting keywords and selecting plaintext attacks. The scheme reduces the encryption and decryption overhead for users by dividing encryption into a preparation phase and an online phase and shifting most of the decryption overhead from the requester to the match server. The experimental results show that the scheme ensures user privacy while effectively reducing communication overhead.     

基于位置语义的路网位置隐私保护

移动用户在享受基于位置的服务（LBS）的同时受到位置隐私泄露的威胁,因而提供有效的位置隐私保护策略至关重要。传统的位置隐私保护方法主要采用空间匿名的方式,若攻击者获得了更多与匿名空间相关的背景知识,尤其是与位置相关的语义信息,就会严重降低匿名效果。为了防止由位置语义分析造成的敏感位置信息泄露,并根据移动用户活动范围大多限定为道路网络的特点,提出一种基于位置语义的路网位置隐私保护方法,充分考虑了用户的个性化隐私需求,并通过实验验证了方法的可行性及有效性。     

高效的轨迹隐私保护方案

作为基于位置服务中的一种重要信息,智能终端用户的轨迹隐私保护问题日益受到广大研究者的重视。为解决这一问题,综合考虑了用户所处区域的背景信息、用户行动模式和轨迹相似性等特征,构建了(k?1)条难以被拥有背景信息的敌手所区分的虚假轨迹,从而为移动用户提供k-匿名级别的轨迹隐私保护。相对于现有技术,该方案不依赖于任何可信第三方,能够在保证虚假轨迹与真实轨迹相似性的基础上有效抵御拥有背景信息的敌手的攻击。实验结果表明了方案的有效性和高效性。     

Differential privacy protection scheme based on edge betweenness model

With the continuous development of social network application,user’s personal social data is so sensitive that the problem of privacy protection needs to be solved urgently.In order to reduce the network data sensitivity,a differential privacy protection scheme BCPA based on edge betweenness model was proposed.The 2K sequence corresponding to the graph structure based on the dK model was captured,and 2K sequences based on the edge betweenness centrality were reordered.According to the result of reordering,the 2K sequence was grouped into several sub-sequences,and each sub-sequence was respectively added with noise by a dK perturbation algorithm.Finally,a social network graph satisfying differential privacy was generated according to the new 2K sequences after integration.Based on the real datasets,the scheme was compared with the classical schemes through simulation experiments.The results demonstrate that it improves the accuracy and usability of data while ensuring desired privacy protection level.