基于服务相似性的k-匿名位置隐私保护方法

针对当前基于位置的服务(LBS)系统存在的隐私保护度、位置服务质量和通信开销三者难于平衡的问题,提出了一种基于服务相似性的k-匿名位置隐私保护方法。在不改变现有LBS 系统架构的情况下,利用位置服务查询结果的相似性来辅助匿名服务器构造匿名区域,从而实现在确保用户隐私安全的基础上,有效提高服务质量和降低系统开销。最后,通过实验验证了该算法的有效性。     

位置服务中基于盲签名的隐私保护技术研究

针对传统的基于位置的服务(LBS)隐私保护模式的不足,提出了一种新的位置隐私保护技术,利用RSA密码体制,构造一种盲签名方案来实现用户真实身份的隐藏,从而达到了保护位置信息的目的,实现用户对位置隐私的完全控制,分析结果表明,该技术能有效降低通信开销以及服务器与客户端的处理代价。     

一种移动Ad hoc环境下的LBS位置保护算法的研究

传统的基于位置信息的服务(LBS)的隐私保护需要LBS提供者(简称LSP)与用户之间通过第三方作为中介来进行信息交换,但这种模式极易遭到攻击者攻击。为此提出一种基于K-匿名机制的隐形空间算法KABSCA(k-anonymity based spatial cloaking algorithm),通过移动设备独立建立一个分布式网络直接与LSP通讯进而避免了第三方的安全威胁。仿真实验显示:使用这种算法,用户可以享受到高质量的信息服务以及高度的隐私保护。     

基于本地化差分隐私的时序位置发布方案研究

为了解决基于位置的服务（Location Based Service,LBS）在收集用户位置数据时造成的隐私泄露,提出一种本地化差分隐私位置发布模型.首先,该模型采用了灵活的位置隐私保护方案（个性化隐私设置）,即由用户选择已设定的多种隐私策略或定制隐私策略,在此基础上设计了定制隐私策略位置扰动算法（Customized Privacy policy Location Perturbation algorithm,CPLP）;其次,提出并设计一种基于隐马尔可夫模型的时序关联位置隐私发布算法（Temporal Relational Location Privacy publishing algorithm,TRLP）,解决发布时序位置时产生的隐私泄露;最后,在GeoLife数据集和Gowalla数据集上通过对比实验验证了该模型的有效性.     

浅谈电子商务中位置服务的安全问题

在移动互联网,社会网络和大数据技术迅速发展的背景下,传统的电子商务应用与位置服务(LBS)的结合是电子商务发展的重要趋势。基于位置的电子商务应用根据用户终端获取的用户位置信息和查询属性来为用户提供个性化的商品和服务。而这些位置信息和查询信息能够揭露用户的兴趣爱好、生活习惯、健康状况等个人隐私。所以如何保护用户的位置隐私是发展电子商务的关键问题。     

物联网隐私信息的保护策略

随着社会的快速发展,物联网逐渐建立起了专有的体系结构,但是就目前情况而言,物联网中的很多隐私信息多多少少存在安全威胁,这使得物联网的隐私保护出现了一系列的问题。本文主要通过分析物联网体系中感知层和处理层所面临的隐私安全问题,对现有的与物联网技术相关的隐私保护进行了系统的阐述,并且提出相应的信息保护策略,以此使得物联网隐私信息得到更好的保护。     

基于位置隐私保护的模糊查询方法

随着基于位置的服务（10cation—basedservices,简称LBS）的广泛应用,个人位置信息的保护越来越受到人们关注。在LBS服务中,常常会遇到“谁附近有什么资源”的问题,“谁”代表实体位置,“什么”代表服务请求。在“谁附近有什么”的信息查询服务过程中,如何在保护“谁”的基础上提供相对可靠的服务,将是本文的研究重点。针对这一问题,用模糊集来实现对“谁”的保护,并针对模糊集,提出一种基于位置隐私保护的模糊查询方法,在模糊位置信息的基础上提供相对可靠的服务,并在一定程度上实现了位置隐私保护和位置服务质量之间的平衡。最后,通过相关实验来评估该方法的性能。     

云环境下数据隐私保护模型设计

提出利用文件存储结构与属性加密的方法,来解决云存储数据的隐私安全问题,并给出了一个可以支持用户数据隐私保护的安全模型.该方法的实质是通过运用属性加密与文件存储结构相结合的方式对用户隐私数据进行加密,并提供细粒度的访问控制.该模型可以有效地对用户隐私数据实施保护,并能提高数据安全保护的等级和可靠性.     

网络隐私泄露容忍度与运营商的隐私保护实践

为帮助电信运营商更合理的利用用户信息资源、有的放矢的保护用户隐私,文章借鉴风险容忍度的理论研究提出网络隐私泄露容忍度的概念,并采用调查问卷法对网络隐私泄露容忍度进行了测量。依据测量结果与文章对国内外网络隐私保护举措和现状的梳理归纳,为电信运营商构建安全、高效的信息管理体系提供了实践建议。电信运营商应充分了解用户的网络隐私泄露容忍底线,适当、合理的进行数据挖掘,同时采取企业自律、多重安全技术手段、广泛的用户宣导等多种措施来严守用户的隐私安全。     

面向物联网的隐私数据安全问题研究

随着社会的发展,物联网已成为社会发展的重要新兴产业,在各个领域中广泛应用。物联网是基于互联网技术产生的,在物联网的运行过程中势必会产生大量数据,这些数据都是客户的隐私,切实保护好客户隐私是物联网进一步发展的首要条件。在面向物联网的隐私数据安全问题时,相关技术人员一定要清楚威胁物联网隐私数据安全的主要途径,加大安全防护力度,保护人们的隐私。文章从信息获取、信息传输以及信息处理3个途径,对隐私数据安全问题进行探讨,并提出一些加大隐私安全防护的举措。     

基于预测和滑动窗口的轨迹差分隐私保护机制

为解决轨迹差分隐私保护中存在的隐私预算与服务质量等问题,提出了一种融合预测扰动的轨迹差分隐私保护机制。首先,利用马尔可夫链和指数扰动方法预测满足差分隐私和时空安全的扰动位置,并引入服务相似地图检测该位置的可用性;如果预测成功,则直接采用预测位置替代差分扰动的位置,以降低连续查询的隐私开销并提高服务质量。在此基础上,设计基于w滑动窗口的轨迹隐私预算分配机制,确保轨迹中任意连续的w次查询满足ε-差分隐私,解决连续查询的轨迹隐私问题。此外,基于敏感度地图设计一种隐私定制策略,通过自定义语义位置的隐私敏感度,实现隐私预算的量身定制,从而进一步提高其利用率。最后,利用真实数据集对所提方案进行实验分析,结果显示所提方案提供了更好的隐私保护水平和服务质量。     

关于网络环境下用户信息隐私关注的研究

文章以国内期刊发表的有关网络环境下信息隐私关注的文献为研究对象,从研究现状、概念提出、测量模型、研究方法、影响因素、用户隐私行为等方面对现有文献进行梳理和归纳,然后对网络运营商提出降低用户的隐私关注、提高用户提供隐私信息意愿的相关建议,并对我国未来的研究方向做出展望。     

Android设备中基于流量特征的隐私泄露评估方案

针对Android操作系统App内第三方域名采集用户信息造成的隐私泄露问题,基于TF-IDF模型和层次聚类方法提出了移动设备中的隐私泄露评估方案Host Risk。TF-IDF模型通过App内域名的行为特征计算域名与App的业务相关性,对于未能表现出App业务相关性行为特征的业务相关域名通过平均连接的凝聚型层次聚类方法进行调整优化,最终根据App内所有域名的排名计算其隐私泄露危害程度。实验结果验证了所提方案的有效性和效率。     

Location privacy preservation approach towards to content sharing on mobile online social network

A privacy access control model for content sharing was presented to fine-grained control users' location infor-mation associated with sharing content in mobile social network. A k-anonymity privacy algorithm for privacy settings was given to protect against inference attack on a content sharing service provider server. To balance the privacy and quality of service, a location shifting method was presented. Finally experimental results demonstrate the validity and practicality of the proposed approach.     

LTPPM: a location and trajectory privacy protection mechanism in participatory sensing

The ubiquity of mobile devices has facilitated the prevalence of participatory sensing, whereby ordinary citizens use their private mobile devices to collect regional information and to share with participators. However, such applications may endanger the users' privacy by revealing their locations and trajectories information. Most of existing solutions, which hide a user's location information with a coarse region, are under k‐anonymity model. Yet, they may not be applicable in some participatory sensing applications that require precise location information. The goals are seemingly contradictory: to protect a user's location privacy while simultaneously providing precise location information for a high quality of service. In this paper, we propose a method to meet both goals. Through selecting a certain number of a user's partners, it can protect the user's location privacy while providing precise location information. The user's trajectory privacy can be protected by constructing several trajectories that are similar to the user's trajectory in an interval time T. Finally, we utilize a new metric, called slope ratio, to evaluate the partners' selection algorithm that we proposed. Then, we measure the privacy level that the location and trajectory privacy protection mechanism (LTPPM) can achieve. The analysis and simulation results show that LTPPM can protect the user's location and trajectory privacy effectively and also provide a high quality of service in participatory sensing. Copyright © 2012 John Wiley & Sons, Ltd.     

Privacy self-correlation privacy-preserving scheme in LBS

The prevalence of mobile intelligent terminals gives the location-based service (LBS) more opportunities to enrich mobile users’ lives.However,mobile users enjoy the convenience with the cost of personal privacy.The side information and mobile user’s recent requirement records were considered,which were obtained or stored by the service provider.Based on the existence of recent requirement records,adversary can employ the inference attack to analysis mobile user’s personal information.Therefore,two schemes were proposed,including of basic privacy self-correlation privacy-preserving scheme (Ba-2PS) and enhanced privacy self-correlation privacy-preserving scheme(En-2PS).In En-2PS,the privacy-preserving scheme was designed from two dimensions of aspects of time factor and query region,which increased the uncertainty inferring out the real information.Finally,the privacy analysis was illustrated to proof En-2PS’s privacy degree,then the performance and privacy evaluation results indicate that En-2PS is effective and efficient.     

Towards the creation of a profile of the information privacy aware user through a systematic literature review of information privacy awareness

In today’s Internet reliant services, the issue of users’ information privacy awareness is being raised. Despite the fact that in many cases internet users claim to be cognizant of privacy issues, they tend to jeopardize their privacy and take no actions to protection it. This paper reports a systematic literature review of existing studies related to Internet users’ information privacy awareness, towards enhancing respective initiatives and defining the attributes that a user should have so as to be privacy aware. We created a five-concept classification framework for the research topics that the academic community raises as important to be further investigated and the main challenges inhibiting information privacy awareness, and we classified all the selected papers according to this framework. Based on the analysis of the literature, we identify five main attributes that constitute a “Profile for the Information Privacy Aware User”, stemming from the classification framework, and further, we suggest the way this profile can be beneficial for internet users, Internet providers and designers of privacy awareness enhancing technologies. Additionally, we highlight research gaps and we provide useful insights for future research, such as the need for a concrete definition (theme 1), the need for the proposal of privacy preventive technologies (theme 3 and 4) and the need for investigation of information privacy awareness in multiple contexts (theme 5).     

差分隐私保护参数ε的选取研究

2006年,差分隐私保护作为一种新的隐私保护范式出现,因其不需要攻击者先验知识的假设,而被认为是一种非常可靠的保护机制。然而,作为隐私保护技术的主要参数ε的意义对于一般用户而言不十分明确。鉴于此,提出一个新的攻击模型,可以用来选取参数ε的值。详细分析了该攻击模型的特点,通过理论证明和模型的实证分析,最后给出了一个参数ε的选取计算式。     

Research progress on location privacy-preserving techniques

While providing plenty of convenience for users in daily life, the increasingly popular location-based ser-vice(LBS) posed a serious threat to users' privacy. The research about privacy-preserving techniques for LBS is becoming a hot spot, and there are a large number of research results. First, background information of privacy protection for LBS was introduced, including application scenarios of LBS, the LBS framework, objects of privacy protection and system architectures of privacy protection. Second, adversary models and metrics for privacy protection in LBS was discussed. Third, four types of privacy-preserving techniques based on generalization and obfuscation for LBS were analyzed and summarized thoroughly. Finally, the potential research directions for privacy-preserving techniques for LBS in the future were shown.     

Understanding user privacy expectations: A software developer’s perspective

Software developers are trained to develop and design software applications that provide services to users. However, software applications sometimes collect users’ data without their knowledge. When applications collect and use users’ data without transparency, this leads to user privacy invasions because users do not expect the application to collect and use these information. Therefore, it is important that software developers understand users’ privacy expectations when designing applications in order to handle user data transparently in software applications. However, due to the lack of systematic approaches to extract user privacy requirements, developers end up designing applications either based on their assumptions on user privacy expectations, or relating to their own expectations of privacy as a user. Nevertheless, how accurate these perceived privacy expectations are against actual user expectations is not currently known. This research focuses on investigating developers’ privacy expectations from a user point of view against users’ privacy expectations. We also investigate developers’ assumptions on user privacy expectations against actual user privacy expectations. Our findings revealed that developers’ assumptions on user privacy expectations are close to their own expectations of privacy from a user point of view and that developers’ privacy expectations from a user point of view are significantly different from actual user privacy expectations. With this understanding, we provide recommendations for software developers to understand and acknowledge user expectations on privacy when they design and develop applications.