可追踪的区块链账本隐私保护方案

由于区块链中交易的有效性建立在账本公开验证的基础上,这带来了隐私保护的安全问题。目前的研究成果往往过度强调隐私性,使得区块链在实际应用中不受监管。如何在区块链上既保证用户信息的隐私性又使得用户能够被特定监管人所追踪是一个值得研究的问题。基于零知识证明、隐身地址技术和环签名,提出了一种可追踪的区块链账本隐私保护方案。通过使用可追踪的零知识证明、可追踪的隐身地址和可追踪的环签名,使得一般用户无法通过分析历史账本降低匿名性,同时管理者能够解密交易信息。该方案增强了区块链账本的隐私性,也保证了区块链能够被监管。理论分析证明了方案拥有较强的安全性和可追踪性。仿真实验结果表明方案具有强匿名性,且不会对传统区块链的性能带来显著影响。     

A survey of recommender systems for energy efficiency in buildings: Principles,challenges and prospects

Recommender systems have significantly developed in recent years in parallel with the witnessed advancements in both internet of things (IoT) and artificial intelligence (AI) technologies. Accordingly, as a consequence of IoT and AI, multiple forms of data are incorporated in these systems, e.g. social, implicit, local and personal information, which can help in improving recommender systems’ performance and widen their applicability to traverse different disciplines. On the other side, energy efficiency in the building sector is becoming a hot research topic, in which recommender systems play a major role by promoting energy saving behavior and reducing carbon emissions. However, the deployment of the recommendation frameworks in buildings still needs more investigations to identify the current challenges and issues, where their solutions are the keys to enable the pervasiveness of research findings, and therefore, ensure a large-scale adoption of this technology. Accordingly, this paper presents, to the best of the authors’ knowledge, the first timely and comprehensive reference for energy-efficiency recommendation systems through (i) surveying existing recommender systems for energy saving in buildings; (ii) discussing their evolution; (iii) providing an original taxonomy of these systems based on specified criteria, including the nature of the recommender engine, its objective, computing platforms, evaluation metrics and incentive measures; and (iv) conducting an in-depth, critical analysis to identify their limitations and unsolved issues. The derived challenges and areas of future implementation could effectively guide the energy research community to improve the energy-efficiency in buildings and reduce the cost of developed recommender systems-based solutions.     

Private personalized social recommendations in an IPTV system

In our connected world, recommender systems have become widely known for their ability to provide expert and personalize referrals to end-users in different domains. The rapid growth of social networks and new kinds of systems so called “social recommender systems” are rising, where recommender systems can be utilized to find a suitable content according to end-users' personal preferences. However, preserving end-users' privacy in social recommender systems is a very challenging problem that might prevent end-users from releasing their own data, which detains the accuracy of extracted referrals. In order to gain accurate referrals, social recommender systems should have the ability to preserve the privacy of end-users registered in this system. In this paper, we present a middleware that runs on end-users' Set-top boxes to conceal their profile data when released for generating referrals, such that computation of recommendation proceeds over the concealed data. The proposed middleware is equipped with two concealment protocols to give users a complete control on the privacy level of their profiles. We present an IPTV network scenario and perform a number of different experiments to test the efficiency and accuracy of our protocols. As supported by the experiments, our protocols maintain the recommendations accuracy with acceptable privacy level.     

区块链在数据安全领域的研究进展

大数据时代,数据已成为驱动社会发展的重要的资产.但是数据在其全生命周期均面临不同种类、不同层次的安全威胁,极大降低了用户进行数据共享的意愿.区块链具有去中心化、去信任化和防篡改的安全特性,为降低信息系统单点化的风险提供了重要的解决思路,能够应用于数据安全领域.该文从数据安全的核心特性入手,介绍区块链在增强数据机密性、数...     

Recommender Systems Research: A Connection-Centric Survey

Recommender systems attempt to reduce information overload and retain customers by selecting a subset of items from a universal set based on user preferences. While research in recommender systems grew out of information retrieval and filtering, the topic has steadily advanced into a legitimate and challenging research area of its own. Recommender systems have traditionally been studied from a content-based filtering vs. collaborative design perspective. Recommendations, however, are not delivered within a vacuum, but rather cast within an informal community of users and social context. Therefore, ultimately all recommender systems make connections among people and thus should be surveyed from such a perspective. This viewpoint is under-emphasized in the recommender systems literature. We therefore take a connection-oriented perspective toward recommender systems research. We posit that recommendation has an inherently social element and is ultimately intended to connect people either directly as a result of explicit user modeling or indirectly through the discovery of relationships implicit in extant data. Thus, recommender systems are characterized by how they model users to bring people together: explicitly or implicitly. Finally, user modeling and the connection-centric viewpoint raise broadening and social issues—such as evaluation, targeting, and privacy and trust—which we also briefly address.     

基于区块链和属性基加密的个人隐私数据保护方案

针对用户使用第三方应用提供的服务时所带来的隐私泄露问题,提出一种基于属性基加密和区块链的个人隐私数据保护方案.方案利用区块链来保存个人隐私数据的哈希值和第三方应用的属性集,而真正的隐私信息利用属性基算法加密后保存在分布式哈希表中.本方案实现了个人数据的一对多的安全传输和数据的细粒度访问控制;针对用户在不同时期的需求动态变化的特点,提出了一种新的属性基加密方案,用户可以随时撤销第三方应用的访问权限,并且不需要可信第三方.对整个方案进行了仿真实验,验证了方案的可行性和实用性.     

Location-Aware Computing, Virtual Networks

This issue includes four works in process on issues and applications in location-aware computing: letting users set and control privacy policies when they use location-aware applications, cold-starting recommender systems for mobile location-aware services, aggregating contextual information for location-based applications, and applying location-based services to public transportation environments. The department also includes a report on lightweight virtualization of low-power wireless personal area networks.     

Enabling privacy and leakage resistance for dynamic blockchain-based access control systems

With rise of 5G/6G network, low-storage devices usually outsource data for higher rate and less latency. Non-controlled outsourcing and complex communications incur security issues for IoT applications. Specially, user privacy and access reliability pose technical challenges for sensitive data outsourcing and sharing. In this paper, we harmonize functional encryption and blockchain to propose a reliable and privacy-aware access control system named R-PAC. It allows a result-form access without learning raw information and fair interaction against malicious users. With a combination of all-or-nothing encapsulation technology, R-PAC supports users’ dynamic joining and key leakage resistance. We design R-PAC from Boneh–Franklin identity-based encryption, with forward-coverable encryption and reverse-discoverable decryption, and formally prove its indistinguishability security. We implement a R-PAC prototype and deploy it to a simulated Ethereum network to evaluate its performance. Experiments from both data access and transaction overhead show that R-PAC is with reasonable cost and has a trade-off between efficiency and strong security/functionality.     

从脸书用户个人信息泄露事件谈我国社交媒体用户隐私保护

The rapid development of information technology has promoted the popularization of social media applications. Social me- dia has become a platform for users to search for real-time information and communicate and interact. Privacy protection is an im- portant symbol of the progress of human modern civilization. While enjoying the benefits brought by social media, human rights al- so face unprecedented challenges. Therefore, the protection of privacy highlights its importance. This paper analyzes the information leakage of Facebook users in order to discover the various risks faced by the privacy protection of social media users. Then it re- views the user privacy protection measures of major social media platforms at home and abroad. Finally, it is recommended that the government level should speed up the improvement of the social media platform user privacy supervision system, the enterprise lev- el should strengthen the implementation of the social media platform user privacy protection subject responsibility, and the user must improve personal information security literacy and protect personal information and privacy together.     

基于隐私保护联邦学习与区块链的图像分类方案

传统的中心化图像分类方法受制于数据隐私问题和计算资源限制,无法满足实际需求。现有的联邦学习框架依赖中心服务器,存在单点故障和数据中毒攻击等安全挑战。为解决这些问题,提出了一种面向隐私保护联邦学习与区块链的图像分类方案,通过将联邦学习与区块链技术相结合,实现在分布式环境下进行图像分类任务的可靠性和安全性。图像分类模型通过联邦学习进行训练,并上传至区块链网络进行验证和共识;在分类阶段,模型通过加权组合得到最终分类结果。实验结果表明,该方案在确保用户隐私的同时提高了图像分类的准确度,本方法为解决图像分类中的数据隐私和安全问题提供了一种有效途径,并为提高分类准确性作出了积极探索。     

区块链环境下支持隐私保护的数字权限管理

针对数字权限保护中对数字内容安全和用户隐私保护的需求,提出了一种支持区块链环境下隐私保护的数字权限保护方案,设计了区块链环境下数字内容权限全生命周期保护和用户隐私保护的框架,主要包括内容加密、许可授权和内容解密3个协议。利用Diffie-Hellman密钥交换和加法同态加密算法,实现了内容加密密钥的保护和分发,同时保证了内容加密密钥的安全性和用户的隐私性,防止区块链中的其他节点收集用户的敏感信息,如用户的使用习惯。与传统的数字权限保护方案相比,该方案基于区块链具有信息公开透明、信息不可篡改等特点,并且保护了内容安全和用户的隐私,具有较好的实用性。安全性分析表明,该方案在区块链环境下是安全的;仿真实验结果表明,该方案能够以较低的开销实现用户的隐私保护。     

基于区块链的网络安全体系结构与关键技术研究进展

随着互联网技术的不断演进与用户数量的"爆炸式"增长,网络作为一项基础设施渗透于人们生存、生活的各个方面,其安全问题也逐渐成为人们日益关注的重点.然而,随着网络规模的扩大以及攻击者恶意行为的多样化、复杂化,传统网络安全体系架构及其关键技术已经暴露出单点信任、部署困难等诸多问题,而具备去中心化、不可篡改等特性的区块链技术为...     

区块链密码学隐私保护技术综述

近年来,数据隐私问题日益明显,如何在区块链中实现有效的隐私保护是研究热点。针对区块链在隐私保护上的研究现状与发展态势,阐述了区块链在交易地址、预言机以及智能合约上的隐私保护方法,归纳出区块链在基本要素防护上的隐私策略。基于国内外高水平文献梳理分析了特殊密码学原语、后量子密码学两类区块链密码学防护方法及使用场景,综述其研究思路,并给出属性基加密、特殊数据签名、同态加密、安全多方计算、零知识证明、格密码等适用于区块链隐私保护的密码学技术的优缺点,得出区块链应用的隐私防护离不开密码学技术支持的结论。针对区块链隐私保护技术,从基本要素防护和密码学防护两个方面进行了分析,总结出仅从区块链的应用层、合约层出发难以有效解决隐私问题,还需要利用各类密码学技术根据需求和应用场景的不同进行优势互补。根据区块链隐私加密技术发展现状,从区块链基本要素防护和基于密码学的防护展开叙述。从内生性基本要素安全和外生性密码学隐私安全两个角度出发,先研究基本要素隐私防护,再深入分析区块链隐私密码学防护技术。在对应防护措施中以技术联合实际应用发展,考虑技术时效性的同时,衡量其隐私处理方面的优劣势以及潜在价值。展望了未来区块...     

基于用户信任和张量分解的社会网络推荐

社会化网络中的推荐系统可以在浩瀚的数据海洋中给用户推荐相关的信息。社会网络中用户之间的信任关系已经被用于推荐算法中,但是目前的基于信任的推荐算法都是单一的信任模型。提出了一种基于主题的张量分解的用户信任推荐算法,用来挖掘用户在不同的物品选取的时候对不同朋友的信任程度。由于社交网络更新速度快,鉴于目前的基于信任算法大都是静态算法,提出了一种增量更新的张量分解算法用于用户信任的推荐算法。实验结果表明：所提出的基于主题的用户信任推荐算法比现有算法具有更好的准确性,并且增量更新的推荐算法可以大幅度提高推荐算法在训练数据增加后的模型训练效率,适合更新速度快的社会化网络中的推荐任务。     

基于联盟区块链的安全能源交易方案

目前区块链技术广泛应用于车载网、能源互联网、智能电网等领域，但攻击者可以结合社会工程学与数据挖掘算法获取用户记录在区块链网络中的隐私数据，尤其是微网中相邻能源节点之间由于博弈产生的数据更容易导致隐私的泄露。为了解决这一安全问题，基于联盟区块链技术提出一个以一对多的能源节点账户匹配机制为核心的安全能源互联网交易模型。该模型主要通过新账户的生成来防止攻击者通过数据挖掘算法从交易记录中获取能源节点的账户、地理位置、能源使用情况等隐私数据。仿真实验结合联盟链的特点、能源节点新账户生成数量、交易验证时间变化情况，给出对隐私保护性能、交易效率、安全性效率的分析结果。实验结果表明，所提模型在交易发起和验证阶段所需时间较少，具有较高的安全性，且模型能对相邻用户间的交易趋势进行隐藏。所提方案能够很好地适用于能源互联网交易场景。     

区块链在物联网中的应用态势分析

[目的]物联网是物体之间共享资源和交流信息的平台,其上的数据价值不断被挖掘显现,而区块链作为一种新型的数据存储管理模式,在体系去中心化、数据溯源和防篡改等方面拥有良好的效果.近来,不少研究都探索了区块链在物联网中的应用.[方法]利用文献计量工具CiteSpace,采用关键词共现分析等方法分析了关键词包含区块链和物联网的...     

可监管的区块链匿名交易系统模型

针对现有区块链系统可追溯性与隐私保护难以兼顾的问题,设计了一种可监管的区块链匿名交易系统模型。首先,结合标识密码（IBC）和无证书公钥密码体制（CL-PKC）的优点,消除了单一IBC托管密钥带来的隐患,并在可保证安全条件下将用户交易标识与用户身份关联,从而保证了模型中的可监管性;其次,通过从网络层和应用层双层签名认证实现了隐私安全,既保证了用户交易内容和身份隐私的安全性,又确保权威机构能够根据异常交易进行追溯,从而为当下区块链匿名性和可监管性的兼容提供了一种新的思路;最后,把所提模型和自认证签名模型、多中心SM9模型及可追溯门罗币模型等进行对比,并通过计算机模拟仿真比较了所提模型和主流区块链模型的传输耗时。实验结果表明,所提模型在安全性和可追溯性上有较大优势;在相同软硬件环境下,多次传输相同大小信息时,所提模型的信息传输耗时比以太坊模型多168%,而长时间传输情况下效率差距不大;传输不同长度的信息时,所提模型的平均耗时要比以太坊模型多38%。     

Information privacy?!

When using the Internet, we reveal much personal information both willingly and indadvertedly. Companies use this information for targeted advertisement and thereby to finance the services they offer to users. The mechanisms used today to protect users’ personal information are lacking resulting in far too frequent privacy and security breaches that put the users at risk. In this article we argue that applications on the Internet should be built with privacy and security as a mandatory requirement, then provide an overview of the state of the art in privacy-enhancing mechanisms, and conclude with a roadmap towards a privacy-enhanced digital world, and pointing out a number of challenges that need to be solved.     

区块链在供应链管理中的应用综述

供应链管理面临诸多挑战：保证产品信息的完整性、真实性和透明度;上下游企业之间的信任管理;企业交互过程中的隐私保护等等。而伴随区块链技术的问世,其为供应链的诸多挑战提供了完美的解决方案,但是依旧存在一些挑战。该文对区块链在供应链管理中的应用进行了系统化的综述分析;论述了当前供应链管理的技术与实施面临的问题,在此基础上分析了传统解决方案的不足以及区块链技术的相关优势。系统阐述了当前区块链主流的应用框架与原理,比较各个技术之间的差异。对不同行业的供应链进行了系统的分析,全面阐述了近年来区块链在不同行业供应链管理中的解决方案,并对不同解决方案的优缺点进行了系统化的分析与比较,重点分析区块链在不同行业的系统中的所发挥的功能与优势,以对区块链在供应链管理中的应用发展提供指南。     

Towards the design of secure and privacy-oriented information systems in the cloud: Identifying the major concepts

One of the major research challenges for the successful deployment of cloud services is a clear understanding of security and privacy issues on a cloud environment, since cloud architecture has dissimilarities compared to traditional distributed systems. Such differences might introduce new threats and require a different treatment of security and privacy issues. It is therefore important to understand security and privacy within the context of cloud computing and identify relevant security and privacy properties and threats that will support techniques and methodologies aimed to analyze and design secure cloud based systems.