Low complexity quantum private queries protocol

Private information retrieval(PIR) is an important privacy protection issue of secure multi-party computation, but the PIR protocols based on classical cryptography are vulnerable because of new technologies,such as quantum computing and cloud computing. The quantum private queries(QPQ) protocols available, however, has a high complexity and is inefficient in the face of large database. This paper, based on the QKD technology which is mature now, proposes a novel QPQ protocol utilizing the key dilution and auxiliary parameter. Only N quits are required to be sent in the quantum channel to generate the raw key, then the straight k bits in the raw key are added bitwise to dilute the raw key, and a final key is consequently obtained to encrypt the database. By flexible adjusting of auxiliary parameters θ and k, privacy is secured and the query success ratio is improved. Feasibility and performance analyses indicate that the protocol has a high success ratio in first-trial query and is easy to implement, and that the communication complexity of O(N) is achieved.     

Compensation paradox: the influence of monetary rewards on user behaviour

Many e-commerce companies collect users’ personal data for marketing purposes despite privacy concerns. Information-collecting companies often offer a monetary reward to users to alleviate privacy concerns and ease the collection of personal information. This study focused on the negative effects of monetary rewards on both information privacy concerns (IPC) and information disclosure. A survey approach was used to collect data and 370 final responses were analysed using a two-way analysis of variance and a binomial logistic regression model. The results show that monetary rewards increase IPC when an information-collecting company requires sensitive information. Additional results indicate that building trust is a more effective way of collecting personal data. This study identifies how organisations can best execute information-collection activities and contributes additional insights for academia and practitioners.     

“人工智能+”背景下的数据安全与隐私保护探析

随着大数据和云计算的技术的深入应用，人工智能时代的机器学习和深度学习更需要日益增长的数据，因此数据安全与隐私保护变得更加迫切。本文介绍人工智能的定义以及特征，探究数据安全和隐私保护现状，分析数据安全和隐私保护面临的诸多问题，并提出在人工智能时代对数据安全和隐私保护的措施。     

可交易水权改革若干问题的思考

从水权制度变迁理论分析入手,认定水权制度的改革不仅是一个简单的资源配置或生产力布局问题,更是涉及制度建设和一个国家管理体制的演化的问题。通过对已建立可交易水权为基础的水权制度改革作进一步探讨,提出了建立“准市场”和“地方政治民主协商”机制、构建合约化的水权交易市场、加快水权市场的布设与推广等相应的建议。     

世界各国(或地区)推进RFID的策略

介绍了一些国家和地区发展RFID的政策和推进措施，总结了各国发展RFID的共性。     

小议探视权的执行

针对修改后的《中华人民共和国婚姻法》所规定的探视权，结合笔的审判经验，提出一些有关探视权在执行方面的个人见解。     

Verifiable Distributed Oblivious Transfer and Mobile Agent Security

The mobile agent is a fundamental building block of the mobile computing paradigm. In mobile agent security, oblivious transfer (OT) from a trusted party can be used to protect the agent’s privacy and the hosts’ privacy. In this paper, we introduce a new cryptographic primitive called Verifiable Distributed Oblivious Transfer (VDOT), which allows us to replace a single trusted party with a group of threshold trusted servers. The design of VDOT uses a novel technique called consistency verification of encrypted secret shares. VDOT protects the privacy of both the sender and the receiver against malicious attacks of the servers. We also show the design of a system to apply VDOT to protect the privacy of mobile agents. Our design partitions an agent into the general portion and the security-sensitive portion. We also implement the key components of our system. As far as we know, this is the first effort to implement a system that protects the privacy of mobile agents. Our preliminary evaluation shows that protecting mobile agents not only is possible, but also can be implemented efficiently. This work was supported in part by the DoD University Research Initiative (URI) program administered by the Office of Naval Research under grant N00014-01-1-0795. Sheng Zhong was supported by ONR grant N00014-01-1-0795 and NSF grants ANI-0207399 and CCR-TC-0208972. Yang Richard Yang was supported in part by NSF grant ANI-0207399. A preliminary version of this paper was presented at the DialM-POMC Joint Workshop on Foundations of Mobile Computing in 2003. Sheng Zhong received his Ph.D. in computer science from Yale University in the year of 2004. He holds an assistant professor position at SUNY Buffalo and is currently on leave for postdoctoral research at the Center for Discrete Mathematics and Theoretical Computer Science (DIMACS). His research interests, on the practical side, are security and incentives in data mining, databases, and wireless networks. On the theoretical side, he is interested in cryptography and game theory. Yang Richard Yang is an Assistant Professor of Computer Science at Yale University. His research interests include computer networks, mobile computing, wireless networking, sensor networks, and network security. He leads the LAboratory of Networked Systems (LANS) at Yale. His recent awards include a Schlumberger Fellowship and a CAREER Award from the National Science Foundation. He received his B.E. degree from Tsinghua University (1993), and his M.S. and Ph.D. degrees from the University of Texas at Austin (1998 and 2001).     

Ownership-attached unblinding of blind signatures for untraceable electronic cash

In an untraceable electronic cash protocol based on blind signatures, an identified customer can withdraw a blinded electronic cash from the bank and the unblinding operation is adopted by the customer to transform the blinded electronic cash into a valid one. Before performing the operation, the blinded electronic cash is protected well since attackers cannot convert it into a valid electronic cash without the blinding factor corresponding to the operation. However, after unblinding, the electronic cash will suffer from the theft attacks since it is not protected by any security mechanism. This paper introduces a new unblinding operation called ownership-attached unblinding which attaches the identities of a designated payee and a specified transaction to the blinded electronic cash and then produces an ownership-attached electronic cash other than a bare one such that the cash can withstand the theft attacks during the entire transaction because it is valid for the designated payee and the specified transaction only. Furthermore, the proposed scheme does not largely increase the computation cost required for each customer so that it also is a customer efficient protection solution for untraceable electronic cash and especially suitable for mobile clients and smart-card users.     

IPTV及相关技术

IPTV是基于IP协议的新一代技术,介绍了IPTV的主要业务功能和系统组成,并阐述了IPTV系统的关键技术。     

基于分布式信息流控制的MapReduce隐私安全加强方案研究

随着信息技术的发展,分布式系统被广泛应用于金融、医疗等领域。其中以基于MapReduce的数据挖掘为代表的应用对隐私的保护往往有很高的要求。本文提出一个基于分布式信息流控制的MapReduce框架,用以保证MapReduce中信息的私密性和完整性,同时给出系统原型的实现。