路网环境下位置隐私保护技术研究进展

基于位置服务(LBS)在给人们带来方便的同时也引起了越来越多的安全隐患,位置隐私保护成为了学术界和业界关注的焦点.由于大部分用户是沿着道路交通网络移动,研究路网环境下的位置隐私技术更具有现实意义.通过分析路网环境面临隐私泄露的新挑战,从网络扩张匿名技术、X-Star匿名技术、Mix zone匿名技术三个方面对现有路网下的位置隐私技术进行了深入研究,比较了其隐私水平、服务质量等性能指标.最后,总结了路网环境下位置隐私保护技术存在的问题及未来的研究热点.     

k-Multi-preference query over road networks

Nowadays, the road network has gained more and more attention in the research area of databases. Existing works mainly focus on standalone queries, such as k-nearest neighbor queries over a single type of objects (e.g., facility like restaurant or hotel). In this paper, we propose a k-multi-preference (kMP) query over road networks, involving complex query predicates and multiple facilities. In particular, given a query graph, a kMP query retrieves of the top-k groups of vertices (of k facility types) satisfying the label constraints and their aggregate distances are the smallest. A naïve solution to this problem is to enumerate all combinations of vertices with k possible facility types and then select the one with the minimum sum distance. This method, however, incurs rather high computation cost due to exponential possible combinations. In addition, the existing solutions to other standalone queries are for a single type of facilities and cannot be directly used to answer kMP queries. Therefore, in this paper, we propose an efficient approach to process a kMP query, which utilizes an index with bounded space and reduces the computation cost of the shortest path queries. We also design effective pruning techniques to filter out false alarms. Through our extensive experiments, we demonstrate the efficiency and effectiveness of our proposed solutions.     

基于连续查询的用户轨迹k-匿名隐私保护算法

随着移动服务和移动网络的持续发展,基于LBS的连续查询服务被广泛应用。基于单点的K-匿名位置隐私保护算法已经不能满足连续查询下用户位置隐私需求。针对用户轨迹隐私保护提出新的保护方法,该方法采用不可信第三方中心匿名器,用户获取自己的真实位置后首先在客户端进行模糊处理,然后提交给第三方匿名器,第三方匿名器根据用户的隐私需求结合用户某时刻的真实位置信息生成虚假用户,然后根据历史数据生成虚假轨迹。为了进一步提高虚假轨迹与用户真实轨迹的相似性,该算法提出了虚假轨迹生成的两个约束条件：虚假轨迹距用户真实轨迹的距离约束和相似性约束。经大量实验证明,该算法与传统的不同时刻K-匿名算法相比,不仅可以满足连续查询的用户轨迹隐私保护而且可以满足基于快照的LBS用户位置隐私保护。     

CP2: Cryptographic privacy protection framework for online social networks

In Online Social Networks (OSNs), users interact with each other by sharing their personal information. One of the concerns in OSNs is how user privacy is protected since the OSN providers have full control over users’ data. The OSN providers typically store users’ information permanently; the privacy controls embedded in OSNs offer few options to users for customizing and managing the dissipation of their data over the network. In this paper, we propose an efficient privacy protection framework for OSNs that can be used to protect the privacy of users’ data and their online social relationships from third parties. The recommended framework shifts the control over data sharing back to the users by providing them with flexible and dynamic access policies. We employ a public-key broadcast encryption scheme as the cryptographic tool for managing information sharing with a subset of a user’s friends. The privacy and complexity evaluations show the superiority of our approach over previous.     

An efficient index method for the optimal path query over multi-cost networks

World Wide Web - In the past couple of decades, graphs have been widely used to model complex relationships among various entities in real applications. Shortest path query is a fundamental problem...     

Location monitoring approach: multiple mix-zones with location privacy protection based on traffic flow over road networks

Multimedia Tools and Applications - Nowadays communication by using mobile vehicle getting popularity and user experience map services like Google maps to reach at the destination. It is also clear...     

Anonymizing continuous queries with delay-tolerant mix-zones over road networks

This paper presents a delay-tolerant mix-zone framework for protecting the location privacy of mobile users against continuous query correlation attacks. First, we describe and analyze the continuous query correlation attacks (CQ-attacks) that perform query correlation based inference to break the anonymity of road network-aware mix-zones. We formally study the privacy strengths of the mix-zone anonymization under the CQ-attack model and argue that spatial cloaking or temporal cloaking over road network mix-zones is ineffective and susceptible to attacks that carry out inference by combining query correlation with timing correlation (CQ-timing attack) and transition correlation (CQ-transition attack) information. Next, we introduce three types of delay-tolerant road network mix-zones (i.e., temporal, spatial and spatio-temporal) that are free from CQ-timing and CQ-transition attacks and in contrast to conventional mix-zones, perform a combination of both location mixing and identity mixing of spatially and temporally perturbed user locations to achieve stronger anonymity under the CQ-attack model. We show that by combining temporal and spatial delay-tolerant mix-zones, we can obtain the strongest anonymity for continuous queries while making acceptable tradeoff between anonymous query processing cost and temporal delay incurred in anonymous query processing. We evaluate the proposed techniques through extensive experiments conducted on realistic traces produced by GTMobiSim on different scales of geographic maps. Our experiments show that the proposed techniques offer high level of anonymity and attack resilience to continuous queries.     

A privacy self-assessment framework for online social networks

During our digital social life, we share terabytes of information that can potentially reveal private facts and personality traits to unexpected strangers. Despite the research efforts aiming at providing efficient solutions for the anonymization of huge databases (including networked data), in online social networks the most powerful privacy protection “weapons” are the users themselves. However, most users are not aware of the risks derived by the indiscriminate disclosure of their personal data. Moreover, even when social networking platforms allow their participants to control the privacy level of every published item, adopting a correct privacy policy is often an annoying and frustrating task and many users prefer to adopt simple but extreme strategies such as “visible-to-all” (exposing themselves to the highest risk), or “hidden-to-all” (wasting the positive social and economic potential of social networking websites). In this paper we propose a theoretical framework to i) measure the privacy risk of the users and alert them whenever their privacy is compromised and ii) help the users customize semi-automatically their privacy settings by limiting the number of manual operations. By investigating the relationship between the privacy measure and privacy preferences of real Facebook users, we show the effectiveness of our framework.     

一种支持位置隐私保护的社交发现服务模型

针对社交发现服务中的隐私保护问题,提出一种位置隐私保护社交模型。通过将用户数据分成索引消息和数据消息,使得地理坐标和位置数据解耦,引入多授权中心环境下的属性基加密方法(attribute based encryption,ABE)对索引消息进行加密,位置数据由对称加密后上传,两者分别保存在索引服务器和数据服务器的个人存储空间上。分析表明,模型支持陌生成员发现和群组管理功能,灵活性高,能够保护用户的社交隐私数据,可以很好地用于社交发现服务。     

Protecting personalized privacy against sensitivity homogeneity attacks over road networks in mobile services

Privacy preservation has recently received considerable attention for location-based mobile services. A lot of location cloaking approaches focus on identity and location protection, but few algorithms pay attention to prevent sensitive information disclosure using query semantics. In terms of personalized privacy requirements, all queries in a cloaking set, from some user’s point of view, are sensitive. These users regard the privacy is breached. This attack is called as the sensitivity homogeneity attack. We show that none of the existing location cloaking approaches can effectively resolve this problem over road networks. We propose a (K, L, P)-anonymity model and a personalized privacy protection cloaking algorithm over road networks, aiming at protecting the identity, location and sensitive information for each user. The main idea of our method is first to partition users into different groups as anonymity requirements. Then, unsafe groups are adjusted by inserting relaxed conservative users considering sensitivity requirements. Finally, segments covered by each group are published to protect location information. The efficiency and effectiveness of the method are validated by a series of carefully designed experiments. The experimental results also show that the price paid for defending against sensitivity homogeneity attacks is small.     

基于NNlists的路网k路径近邻查询

为满足k路径近邻查询的实时性要求,运用预计算思想提出了基于NNlists的BNNL算法,通过在用户当前位置和目的地结点进行双向Dijkstra扩展得到两点间的最短路径,再通过对最短路径上的路网结点预计算的m近邻进行优化处理,最终得到正确的k路径近邻。该方法提高了k路径近邻查询的查询速度,尤其适用于兴趣点密度较大、k值较大的情况。     

An enhanced framework for providing multimedia broadcast/multicast service over heterogeneous networks

Multimedia broadcast multicast service （MBMS） with inherently low requirement for network resources has been proposed as a candidate solution for using such resources in a more efficient manner. On the other hand, the Next Generation Mobile Network （NGMN） combines multiple radio access technologies （RATs） to optimize overall network performance. Handover performance is becoming a vital indicator of the quality experience of mobile user equipment （UE）. In contrast to the conventional vertical handover issue, the problem we are facing is how to seamlessly transmit broadcast/multicast sessions among heterogeneous networks. In this paper, we propose a new network entity, media independent broadcast multicast service center （MIBM-SC）, to provide seamless handover for broadcast/multicast sessions over heterogeneous networks, by extensions and enhancements of MBMS and media independent information service （MIIS） architectures. Additionally, a network selection scheme and a cell transmission mode selection scheme are proposed for selecting the best target network and best transmission mode. Both schemes are based on a load-aware network capacity estimation algorithm. Simulation results show that the pro- posed approach has the capability to provide MBMS over heterogeneous networks, with improved handover performance in terms of packet loss rate, throughput, handover delay, cell load, bandwidth usage, and the peak signal-to-noise ratio （PSNR）.     

强制数据隐私和用户隐私的外包数据库服务研究*

外包数据库中的数据隐私和用户隐私保护是现代外包数据库服务面临的新挑战,针对目前外包数据库服务中单方面考虑数据隐私保护或用户隐私保护技术难以同时满足外包数据库安全需求的不足,提出一种可同时强制数据隐私和用户隐私保护的外包数据库服务模型,采用属性分解和部分属性加密技术,基于结合准标志集自动检测技术的近似算法实现外包数据的最小加密属性分解,同时把密码学应用于辅助随机服务器协议,以实现数据库访问时的用户隐私保护。理论分析和实验结果表明,该模型可以提供有效的数据隐私保护和查询处理,以及较好的用户隐私保护计算复杂度。     

数据流多连续查询优化技术

根据数据流连续达到、大小无界和实时性强的特点,引出数据流多连续查询的基本概念.针对多连续查询的特点和用户的需求,将多连续查询优化技术分为单流多查询和多流多查询.详细论述了单流过滤型多连续查询优化技术和基于共享的多流多连续查询优化技术,通过全面系统地分析每种优化算法的基本思想,得出每种查询技术的优缺点及适用场合.     

基于抽样路径的K-匿名隐私保护算法

K-匿名是信息隐私保护的一种常用技术,而使用K-匿名技术不可避免会造成发布数据的信息损失,因此,如何提高K-匿名化后数据集的可用性一直以来都是K-匿名隐私保护的研究重点。对此提出了一种基于抽样路径的局域泛化算法——SPOLG算法。该算法基于泛化格寻找信息损失较小的泛化路径,为减少寻径时间,引入等概率抽样的思想,选用等概率抽样中的系统抽样方法进行取样,利用样本代替数据集在泛化格上寻找目标泛化路径,最后在该路径上对数据集进行泛化。同时,本算法使用局域泛化技术,能够降低信息损失量,提高发布数据集的可用性。实验结果证明,本算法匿名化的数据集信息损失度低,数据可用性高。     

基于连续近邻服务请求的位置匿名方法的研究

随着智能设备的普及,基于位置的服务变得越来越流行,人们通过网络获取便捷服务时,同时也将自己的位置信息暴露给LBS提供商,带来了隐私泄露的威胁。针对如何保护用户的位置信息不被泄露问题,国内外学者提出很多种解决方案,其中一种典型的方法是冗余地址查询方法。然而之前的方法在连续的近邻查询过程中存在处理速度较慢,反应延迟较大的问题。为了提高冗余匿名方法连续近邻查询的查询速度和效率,本文利用局部性原理,提出了一种改进算法,能够有效提高服务器的处理速度和查询时间,减少响应延迟。实验结果表明,对连续性较强的近邻查询,本文建议的方法相对于之前的方法查询性能有较大的提高。