对混合属性数据表可行的差分隐私保护方法

为加强隐私保护和提高数据可用性,提出一种可对混合属性数据表执行差分隐私的数据保护方法。该方法首先采用ICMD（insensitive clustering for mixed data）聚类算法对数据集进行聚类匿名,然后在此基础上进行
-差分隐私保护。ICMD聚类算法对数据表中的分类属性和数值属性采用不同方法计算距离和质心,并引入全序函数以满足执行差分隐私的要求。通过聚类,实现了将查询敏感度由单条数据向组数据的分化,降低了信息损失和信息披露的风险。最后实验结果表明了该方法的有效性。     

一种可信第三方医学影像数据云平台身份认证

身份认证是云计算安全应用的挑战之一。针对Hadoop医学影像数据平台,提出改进的双服务器模型,并采用基于三角形原则的密码存储方法存储口令。其次,在该模型的基础上提出基于可信第三方的云存储架构。安全分析表明：基于双服务器模型的身份认证机制能够一定程度上改善口令认证的不足,加强口令存储安全,基于可信第三方的云存储架构能够实现用户信息管理和数据存储的分离,保护用户隐私。两者有机结合加强了医学影像平台的身份认证安全,防止攻击者访问云平台,窃取Dicom数据用于非法途径。     

Ω-模糊软环

将软集理论的概念应用到Ω-模糊环中,提出了Ω-模糊软环的概念,给出了Ω-模糊软环的交与并的定义;探讨了交与并的一些相关性质;讨论了Ω-模糊软环的同态的一些性质,并提出了Ω-模糊软子环和模糊软同构的概念,研究了与其相关的性质。     

基于多方排序协议的安全电子投票方案

与传统投票相比较, 电子投票拥有许多优势, 也存在重要的安全问题. 电子投票的全隐私性是评估投票方案安全的重要指标, 它是指对投票者的隐私保护和候选者的隐私保护, 特别是落选者的得票数的保护. 利用可验证秘密共享的思想提出了一个安全多方排序协议, 并将它运用到电子投票中, 设计了一个新的安全的电子投票协议, 本协议具有全隐私性.     

Proactive privacy for a driverless age

Autonomous vehicles are on the cusp of disrupting the entire transportation industry and current privacy legislation is not yet equipped to deal with the changes being spurred by this innovation. This paper enumerates and elucidates on the various privacy concerns that are specific autonomous vehicles. It also proposes the principles of “Privacy-by-Design”, an industry trend pertaining to other arenas of privacy, be adapted and used for regulating privacy around autonomous vehicles. It calls for the NHTSA (National Highway Transportation Safety Administration), with guidance from the FCC, and the FTC, to use their expertise in creating administrative rules that will protect the privacy of the public. Having learned valuable lessons from recent privacy concerns in the mobile device industry, the Privacy-by-Design approach would help ease the transition into this useful, but potentially intrusive technology. Currently, privacy is receiving significant attention in publications, but with autonomous vehicles being a nascent industry, there is very little being said about the privacy concerns specifically pertaining to these technology autonomous vehicles. Recent strides in the technology and the legislative acceptance of these vehicles have made them a widely discussed topic, and thus makes a thorough discussion of privacy related specifically to this technology both timely and relevant. This paper provides an early assessment of an area of concern that is growing as rapidly as are autonomous vehicles. The technology is being proven effective and safe, so the real focus will shift to use concerns, like privacy. The autonomous vehicle industry is still early in its development, and there is imminent opportunity to anchor privacy into the fundamentals of autonomous vehicles, preempting numerous potential infringements.     

多样性攻击下的WSN位置隐私保护方案

研究无线传感器网络节点隐私保护问题,节点位置隐私是无线传感器网络领域中所研究的一个基本问题。传统的位置隐私保护算法存在抵御攻击类型单一、保护目标单一以及无法应对复杂多样性攻击等问题。为了解决上述问题,在传统的位置隐私保护算法基础上提出了针对多样性攻击的位置隐私保护方案。通过增加冗余抵御数据包流量分析,破坏数据包之间的相关性抵御数据包追踪,利用数据包分组、概率丢弃冗余包等方式降低网络资源消耗,达到抵御攻击类型、保护目标多样和应对多样性攻击的目的。理论分析和仿真结果表明,上述方案能够保证事件检测率和降低网络时延,同时实现多样性攻击下的位置隐私保护。     

An efficient and secure approach for a cloud collaborative editing

The demand for cloud-based collaborative editing service is rising along with the tremendously increased popularity in cloud computing. In the cloud-based collaborative editing environment, the data are stored in the cloud and able to be accessed from everywhere through every compatible device with the Internet. The information is shared with every accredited user in a group. In other words, multiple authorized users of the group are able to work on the same document and edit the document collaboratively and synchronously online. Meanwhile, during the whole collaborative editing process, the encryption technique is eventually applied to protect and secure the data. The encryption for the collaborative editing, however, could require much time to operate. To elevate the efficiency of the encryption, this study first analyzes the text editing in the collaborative service and presents a framework of the Red–Black tree, named as rbTree-Doc. The rbTree-Doc can reduce the amount of data to be encrypted. Although the trade-off for creating the Red–Black tree introduces extra cost, the experimental results of using rbTree-Doc in text editing operations, such as insertion and removal, show improved efficiency compared with other whole-document encryption strategy. Using rbTree-Doc, the efficiency is improved by 31.04% compared to that 3DES encryption is applied and by 23.94% compared to that AES encryption is applied.     

Google and Privacy

Abstract

Google has emerged as the preeminent Internet search engine, but more important, it has achieved an iconic status. It is solidly entrenched in our language and popular culture. But there is a darker side to Google. Google collects personal information about its users, and it aggregates third party information more effectively than many third world governments. While there has been no abuse (that we know of) by Google of personal information, that potential exists, and there are numerous instances of third parties using Google to aggregate personal information for dubious purposes.     

Territorial targeting in EU private law

In a series of rulings given in the last few years, the Court of Justice of the European Union (EU) has made use of the concept of targeting by a trader of a particular territorial market as a device for determining the scope of European legislation on private law. The concept is of particular importance in the context of trading activities conducted by means of the Internet, though its significance is not confined to such activities. In particular, the European Court has used the concept of targeting for the purpose of restricting the substantive ambit of intellectual property rights created or harmonised by EU legislation. On the other hand, it has avoided use of the concept of targeting in the context of EU legislation allocating jurisdiction between the courts of the Member States, even in respect of disputes involving intellectual property, except where a legislative text specifically invokes such a concept. The instant paper endeavours to review the position as currently established by the European case-law, and to predict the likely further developments.