数据隐私保护的社会化推荐协议

基于邻域的社会化推荐需要同时依赖用户的历史行为数据和完善的社交网络拓扑图,但通常这些数据分别属于不同平台,如推荐系统服务提供商和社交网络服务提供商。出于维护自身数据价值及保护用户隐私的考虑,他们并不愿意将数据信息提供给其他方。针对这一现象,提出了2种数据隐私保护的社会化推荐协议,可以在保护推荐系统服务提供商和社交网络服务提供商的数据隐私的同时,为用户提供精准的推荐服务。其中,基于不经意传输的社会化推荐,计算代价较小,适用于对推荐效率要求较高的应用;基于同态加密的社会化推荐,安全程度更高,适用于对数据隐私要求较高的应用。在4组真实数据集上的实验表明,提出的2种方案切实可行,用户可以根据自身需求选择合适的方案。     

AMOEBA: Robust Location Privacy Scheme for VANET

Communication messages in vehicular ad hoc networks (VANET) can be used to locate and track vehicles. While tracking can be beneficial for vehicle navigation, it can also lead to threats on location privacy of vehicle user. In this paper, we address the problem of mitigating unauthorized tracking of vehicles based on their broadcast communications, to enhance the user location privacy in VANET. Compared to other mobile networks, VANET exhibits unique characteristics in terms of vehicular mobility constraints, application requirements such as a safety message broadcast period, and vehicular network connectivity. Based on the observed characteristics, we propose a scheme called AMOEBA, that provides location privacy by utilizing the group navigation of vehicles. By simulating vehicular mobility in freeways and streets, the performance of the proposed scheme is evaluated under VANET application constraints and two passive adversary models. We make use of vehicular groups for anonymous access to location based service applications in VANET, for user privacy protection. The robustness of the user privacy provided is considered under various attacks.     

Secure Data Access and Sharing Scheme for Cloud Storage

Cloud storage is a new storage mode emerged along with the development of cloud computing paradigm. By migrating the data to cloud storage, the consumers can be liberated from building and maintaining the private storage infrastructure, and they can enjoy the data storage service at anywhere and anytime with high reliability and a relatively low cost. However, the security and privacy risks, especially the confidentiality and integrity of data seem to be the biggest hurdle to the adoption of the cloud storage applications. In this paper, we consider the secure data access and sharing issues for cloud storage services. Based on the intractability of the discrete logarithm problem, we design a secure data access and data sharing scheme for cloud storage, where we utilize the user authentication scheme to deal with the data access problem. According to our analysis, through our scheme, only valid user with the correct password and biometric can access to the cloud storage provider. Besides, the authorized users can access the rightful resources and verify the validity of the shared data, but cannot transfer the permission to any other party. At the same time, the confidentiality and integrity of data can be guaranteed.

     

F-Seeker：基于重匿名的粒度化好友搜索架构

针对社交网络中好友检索服务的隐私保护问题,本文提出一种基于重匿名技术的粒度化好友搜索架构F-Seeker．对用户发布的位置信息采用增强的k匿名策略—（k,m,e）-匿名,用以防止“好奇”的搜索服务提供方对用户隐私的推测．在处理好友搜索服务过程中,由服务提供方根据粒度化的可视策略对数据实施重匿名,实现了对用户位置信息粒度化的访问控制．此外,文中对发布数据采用Z序编码并在搜索过程中通过运用剪枝策略提高搜索效率．实验结果表明,文中提出的匿名策略在保护用户隐私的同时并没有大幅度地增加计算开销．     

采用加密机制在云计算环境中进行访问控制

从数据的隐私角度来讲,公有云的服务提供商对用户来说是不可信的。为保障用户数据私密性,需要采用加密技术在云计算这种开放互联的环境中对托管数据进行访问控制。文中对广播加密机制和CPK组合公钥密码机制在云计算环境中的访问控制应用进行了探讨,并对这两种加密机制的主要理论基础——多项式插值法、多线性映射,以及ECC复合定理进行了介绍。通过加密技术的应用,为实现在云计算等不可信的空间安全存取敏感数据提供了一种研究思路。     

云计算环境中支持隐私保护的数字版权保护方案简

针对云计算环境中数字内容安全和用户隐私保护的需求,提出了一种云计算环境中支持隐私保护的数字版权保护方案。设计了云计算环境中数字内容版权全生命周期保护和用户隐私保护的框架,包括系统初始化、内容加密、许可授权和内容解密4个主要协议;采用基于属性基加密和加法同态加密算法的内容加密密钥保护和分发机制,保证内容加密密钥的安全性;允许用户匿名向云服务提供商订购内容和申请授权,保护用户的隐私,并且防止云服务提供商、授权服务器和密钥服务器等收集用户使用习惯等敏感信息。与现有的云计算环境中数字版权保护方案相比,该方案在保护内容安全和用户隐私的同时,支持灵活的访问控制,并且支持在线和超级分发应用模式,在云计算环境中具有较好的实用性。     

Identity-Based User Authenticated Key Agreement Protocol for Multi-Server Environment with Anonymity

A multi-server environment is an important application paradigm in the Internet of Things (IoT). It enables a user access services from different vendors without having to go through multiple registration. The privacy of one who desires to access these services is often crucial. In order to access this service in a manner that assures user privacy, a user needs to be anonymously authenticated independent of the vendors’ services. However, existing identity-based anonymous schemes are only suitable for the client-server domain. Moreover, these schemes provide conditional anonymity which presupposes that if an adversary discovers the user’s private key, the identity can easily be recovered and misused. To avoid this situation, a new unconditional anonymity identity-based user authenticated key agreement scheme for IoT multi-server environment is introduced in this paper. Our protocol applies a ring signature to allow users to anonymously authenticate themselves in the severs without revealing their identities. Hence, an adversary cannot recover the user’s identity even when the user’s private key is known. We further provide a security proof in the random oracle model. Compared with the existing protocols, our proposed scheme is well fitting for mobile phone applications and guarantees the privacy of users in IoT multi-server domain.

     

Secure service convergence based on scalable media coding

In multimedia services, security and privacy issues are urgent to be solved, such as the content security and service protection. To solve these issues, some means have been proposed, such as conditional access and digital rights management. However, for the latest application scenarios in convergent networks, there is still no solution. This paper focuses on the convergent multimedia broadcasting applications: the multimedia content, e.g., TV program, is encoded and packaged by the content provider, and is then transmitted to users through different communication networks, e.g., 3G network, DVB-H, ADSL, etc. Thus, the same multimedia content will be used for various services, i.e., mobile TV, Internet TV and home TV. Since different network channel support different bandwidths, the multimedia content should be transcoded before being transmitted through the networks. To protect the content and service in this application, we propose the content and service protection methods. In content protection, the content provider encrypts the scalable multimedia content with the manner denoted by Encryption Flag. The content distributor has no decryption keys, but can transcode the scalable content with the manner denoted by Layer Flag, and transmit the transcoded content to users. In service protection, the content provider combines the encryption key, Encryption Flag and the user right information, and transmits them, independent from the encrypted content, to certified users. At user side, the content is decrypted with the received key according to the Encryption Flag and Layer Flag. Thus, the content provider needs only to encrypt the content once, which can be transcoded by the content distributor in a secure manner and used for various networks. Additionally, the user rights need not to be changed when the service network is changed. Totally, the proposed scheme is secure and efficient for service convergence.     

面向运营商的P2P流媒体系统架构

针对现有流媒体系统存在的主要问题,本文提出了一种面向电信运营商的可运营、可管理、可扩展的P2P流媒体系统架构,并给出了该架构下流媒体点播业务的实现流程以及主要的资源调度和管理流程.该系统的建立可有效解决困扰业界已久的内容盗版、用户收费、质量保障等关键问题,协助P2P流媒体确立自身盈利模式.     

Enhanced secure medical data sharing with traceable anddirect revocation

Sharing of the electronic medical records among different hospitals raises serious concern of the leakage of individual privacy for the adoption of the semi trustworthiness of the medical cloud platform. The tracking and revocation of malicious users have become urgent problems. To solve these problems, this paper proposed a traceable and directly revocable medical data sharing scheme. In the scheme, a unique identity parameter(ID), which was generated and embedded in the private key generation ...     

Efficient E-coupon systems with strong user privacy

We propose two novel e-coupon systems that can achieve the following new properties: (1) The coupon issuer (or service provider) can trace the identity of a dishonest user while the identity privacy (or anonymity) of a honest user is still well protected. (2) A honest user’s redemption privacy (i.e., the items chosen when redeeming an e-coupon) is well protected from the service provider. (3) If a dishonest user redeems an e-coupon for more than the pre-determined number of times, then the user will lose the redemption privacy (i.e., all the choices the user has made in the previous redemptions can be revealed). We first propose a novel blind signature scheme that we employ together with oblivious transfer to construct our first e-coupon system, which achieves the first two properties without the involvement of any trusted third party. Then we propose a novel oblivious transfer scheme and use it to construct the second e-coupon system that can achieve all the properties given above. We also define the formal security models for these new security requirements, and show that our new e-coupon systems are proven secure in the proposed models.     

Provable data possession scheme based on public verification and private verification

More and more users choose to transfer their applications and data into the cloud.Data security is a key issue for cloud storage systems.To ensure the integrity and validity of the data stored in the cloud,provable data possession (PDP) scheme is particularly important.In order to verify whether the cloud storage service provider had stored the data of the user completely,a scheme on the basis of NRPDP (non-repudiable PDP) was improved and extended,and a data retention scheme based on public authentication and private authentication was proposed.The scheme can verify the trustworthiness of the service provider and the user in the cloud storage at the same time,which satisfies the non-repudiation of the verification.The theory proves the non-repudiation of the proposed scheme.The experiment proves that the efficiency of each stage is better than that of the existing single public verification method or private authentication method.     

Application layer classification of Internet traffic using ensemble learning models

Accurate application layer classification of Internet traffic has been a necessary requirement for various regulatory, control, and operational purposes of Internet service provider (ISP). Due to the dynamic and ever evolving nature of Internet applications generating a diverse mixture of Internet traffic, it has been necessary to apply deep packet inspection (DPI) techniques for traffic classification. DPI methods offer accuracy but degrade overall network throughput and thus cause problems in ensuring quality of service (QoS) and maintaining service-level agreements. Moreover, Internet traffic is mostly end to end encrypted. This in turn limits the applicability of DPI techniques and renders them useless, unless the encryption tunnel is broken by the service provider which would risk violating user privacy. To address these trade-offs between classification accuracy, performance, and user privacy, we resort to machine learning (ML)-based algorithms. In this article, we apply three ensemble ML algorithms and report their performance metrics in the application layer classification of Internet traffic.     

User location privacy protection mechanism for location-based services

With the rapid development of the Internet of Things (IoT), Location-Based Services (LBS) are becoming more and more popular. However, for the users being served, how to protect their location privacy has become a growing concern. This has led to great difficulty in establishing trust between the users and the service providers, hindering the development of LBS for more comprehensive functions. In this paper, we first establish a strong identity verification mechanism to ensure the authentication security of the system and then design a new location privacy protection mechanism based on the privacy proximity test problem. This mechanism not only guarantees the confidentiality of the user’s information during the subsequent information interaction and dynamic data transmission, but also meets the service provider’s requirements for related data.     

Mobile common friends discovery with friendship ownership and replay-attack resistance

Online social networking applications are nearly ubiquitous, but are currently limited to trusted infrastructure. For example, two unfamiliar users can exploit their social proximity to discover common friends, but otherwise face considerable difficulty in discovering of things they may have in common. However, social proximity depends on access personal data, raising concerns regarding potential data leakage from databases, the degree of trust in the particular social proximity, and user unwillingness to disclose the nature of personal friendships. Previous works have used mobile middleware to provide alternatives to hosting personal data in a fixed database, but these approaches still require users to divulge private information. Other approaches have used private-preserved decentralized online social networks to solve centralization and privacy issues, but these methods are still subject to other security problems such as mutual authentication, data-spoofing and replay attacks. This paper proposes the development of secure mobile common friends discovery methods to preserve the privacy of friendship data, establish mutual authentication between contact users, provide mutual proof of friendship, and provide protection against friendship spoofing and replay attacks. The proposed methods are shown to be secure and efficient, and are implemented in mobile phones that allow users to find common friends securely in seconds.     

Address Permutation for Privacy‐Preserving Searchable Symmetric Encryption

This paper proposes a privacy‐preserving database encryption scheme that provides access pattern hiding against a service provider. The proposed scheme uses a session key to permute indices of database records each time they are accessed. The proposed scheme can achieve access pattern hiding in situations in which an adversary cannot access the inside of the database directly, by separating the entity with an index table and data table and permuting both the index and position where the data are stored. Moreover, it is very efficient since only O(1) server computation and communication cost are required in terms of the number of the data stored. It can be applied to cloud computing, where the intermediate entities such as cloud computing service provider can violate the privacy of users or patients.     

移动群智感知应用

认为无线通信和智能移动设备的发展为群智感知在移动环境下的应用奠定了基础,而廉价多样的传感器使移动群智感知应用与人类社会的联系更加紧密。移动群智感知用户采集数据时的协作方式分为参与式感知、机会感知两种,各有优缺点和局限性。移动群智感知需要考虑用户成本、网络压力、云计算服务器架设、用户隐私保护等方面的问题,要面对情境隐私、匿名任务、匿名数据汇报、可靠数据读取、数据真实性等安全方面的挑战。     

Authentication protocols for mobile network environment value-addedservices

The secure provision of mobile computing and telecommunication services is rapidly increasing in importance as both demand and applications for such services continue to grow. This paper is concerned with the design of public key based protocols suitable for application in upcoming third-generation mobile systems such as the Universal Mobile Telecommunications Service. Candidate protocols are considered for the authentication of a mobile user to a value-added service provider with initialization of a mechanism enabling payment for the value-added service. A set of goals for such a protocol are identified, as are a number of generic attacks; these goals and attacks are then used to evaluate the suitability of seven candidate third-generation user-to-network authentication protocols. Many of these candidate protocols are shown to have highly undesirable features     

Understanding user privacy expectations: A software developer’s perspective

Software developers are trained to develop and design software applications that provide services to users. However, software applications sometimes collect users’ data without their knowledge. When applications collect and use users’ data without transparency, this leads to user privacy invasions because users do not expect the application to collect and use these information. Therefore, it is important that software developers understand users’ privacy expectations when designing applications in order to handle user data transparently in software applications. However, due to the lack of systematic approaches to extract user privacy requirements, developers end up designing applications either based on their assumptions on user privacy expectations, or relating to their own expectations of privacy as a user. Nevertheless, how accurate these perceived privacy expectations are against actual user expectations is not currently known. This research focuses on investigating developers’ privacy expectations from a user point of view against users’ privacy expectations. We also investigate developers’ assumptions on user privacy expectations against actual user privacy expectations. Our findings revealed that developers’ assumptions on user privacy expectations are close to their own expectations of privacy from a user point of view and that developers’ privacy expectations from a user point of view are significantly different from actual user privacy expectations. With this understanding, we provide recommendations for software developers to understand and acknowledge user expectations on privacy when they design and develop applications.     

基于PBAC模型和IBE的医疗数据访问控制方案

医疗卫生领域形成的医疗大数据中包含了大量的个人隐私信息,面临着外部攻击和内部泄密的潜在安全隐患。传统的访问控制模型没有考虑用户访问目的在侧重数据隐私的访问控制中的重要作用,现有的对称、非对称加密技术又都存在密钥管理、证书管理复杂的问题。针对这些问题,提出了综合应用PBAC模型和IBE加密技术的访问控制方案,支持针对医疗数据密文的灵活访问控制。通过加入条件目的概念对PBAC模型进行扩展,实现了对目的树的全覆盖;以病患ID、条件访问位和预期目的作为IBE身份公钥进行病患数据加密,只有通过认证并且访问目的符合预期的用户才能获得相应的私钥和加密数据,从而实现对病患信息的访问。实验结果证明,该方案达到了细粒度访问控制和隐私保护的目的,并具有较好的性能。