网络与信息安全学报 ›› 2016, Vol. 2 ›› Issue (3): 28-38.doi: 10.11959/j.issn.2096-109x.2016.00035
修回日期:
2016-03-02
出版日期:
2016-12-01
发布日期:
2016-04-20
作者简介:
华佳烽(1989-),男,湖北黄冈人,西安电子科技大学博士生,主要研究方向为信息安全、隐私保护。|李凤华(1966-),男,湖北浠水人,博士,中国科学院信息工程研究所副总工、研究员、博士生导师,主要研究方向为网络与系统安全、隐私计算、信息保护。|郭云川(1977-),男,四川营山人,博士,中国科学院信息工程研究所副研究员,主要研究方向为物联网安全、形式化方法。|耿魁(1989-),男,湖北红安人,西安电子科技大学博士生,主要研究方向为网络安全。|牛犇(1984-),男,陕西西安人,博士,中国科学院信息工程研究所助理研究员,主要研究方向为网络安全、信息保护。
基金资助:
Jia-feng HUA1,Feng-hua LI2,Yun-chuan GUO2,Kui GENG1,Ben NIU2()
Revised:
2016-03-02
Online:
2016-12-01
Published:
2016-04-20
Supported by:
摘要:
结合国内外相关最新研究趋势,对信息交换过程中的隐私保护问题进行了总结和展望。首先,介绍了泛在网络中不同类型信息服务模式,抽象信息传播的本质,并分析了主体在信息流转过程中的隐私泄露风险;其次,总结归纳了环境信息的隐私感知、度量、隐私保护方案自适应调整、隐私分割与延伸授权的研究现状;最后,提出了多源环境信息的隐私感知、场景自适应的隐私度量、场景定义的隐私保护方案、隐私分割和延伸授权等4个未来研究方向。
中图分类号:
华佳烽,李凤华,郭云川,耿魁,牛犇. 信息交换过程中的隐私保护技术研究[J]. 网络与信息安全学报, 2016, 2(3): 28-38.
Jia-feng HUA,Feng-hua LI,Yun-chuan GUO,Kui GENG,Ben NIU. Research on privacy protection in the process of information exchange[J]. Chinese Journal of Network and Information Security, 2016, 2(3): 28-38.
[1] | LIU C G , JULIEN C . Pervasive context sharing in MAGPIE: adaptive trust-based privacy protection[J]. Mobile Computing, Applications, and Services, 2016, (162): 122-139. |
[2] | LI Q H , CAO G H , PORTA T F L . Efficient and privacy-aware data aggregation in mobile sensing[J]. IEEE Transactions on Dependable and Secure Computing (TDSC), 2014, 11 (2): 115-129. |
[3] | GROAT M M , EDWARDS B , HOREY J et al Enhancing privacy in participatory sensing applications with multidimensional data[J]. Pervasive & Mobile Computer, 2012, 9 (5): 144-152. |
[4] | QIU F D , WU F , CHEN G H . Privacy and quality preserving multimedia data aggregation for participatory sensing systems[J]. IEEE Transactions on Mobile Computing (TMC), 2015, 14 (6): 1287-1300. |
[5] | CHAKRABORTY S , RAGHAVAN K R , JOHNSON M P , et al. A framework for context-aware privacy of sensor data on mobile systems[C]// The 14th Workshop on Mobile Computing Systems and Applications.c 2013: 1-6. |
[6] | WANG W , ZHANG Q . A stochastic game for privacy preserving context sensing on mobile phone[C]// IEEE International Conference on Computer Communications (INFOCOM).c 2014: 2328-2336. |
[7] | CRISTOFARO E D , SORIENTE C . PEPSI: privacy-enhanced participatory sensing infrastructure[C]// Communications of ACM.c 2011: 23-28. |
[8] | WANG X L , CHENG W , HAPATRA P M , et al ARTSense:anonymous reputation and trust in participatory sensing[C]// IEEE International Conference on Computer Communications (INFOCOM).c 2013: 2517-2525. |
[9] | XING K , WAN Z G , HU P F , et al Mutual privacy-preserving regression modeling in participatory sensing[C]// IEEE International Conference on Computer Communications (INFOCOM).c 2013: 3039-3047. |
[10] | WANG C , ZHANG B S , REN K , et al. A privacy-aware cloudassisted healthcare monitoring system via compressive sensing[C]// IEEE International Conference on Computer Communications (INFOCOM).c 2014: 2130-2138. |
[1] | FREDRIKSON M , JHA S , RISTENPART T . Model inversion attacks that exploit confidence information and basic countermeasures[C]// The 22nd ACM SIGSAC Conference on Computer and Communications Security (CCS).c 2015: 1322-1333. |
[12] | SHIN M , CORNELIUS C , PEEBLES D , et al. AnonySense: a system for anonymous opportunistic sensing[J]. Pervasive and Mobile Computing, 2011, 7 (1): 16-30. |
[13] | PALLAPA G , ROY N , DAS S K . A scheme for quantizing privacy in context-aware ubiquitous computing[C]// The 4th International Conference on Intelligent Environments. c 2008, 1-8. |
[14] | SIMON M , SVETHA V , GEOFF . Dynamic privacy assessment in a smart house environment using multimodal sensing[J]. ACM Transactions on Multimedia Computing, Communications, and Applications (TOMM), 2008, 5 (2): 1-29. |
[15] | JANA S , NARAYANAN A , SHMATIKOV V . A scanner darkly:protecting user privacy from perceptual applications[C]// IEEE Symposium on Security and Privacy (S&P).c 2013: 349-363. |
[17] | ASSAM R , SEIDL T . Private map matching: realistic private route cognition on road networks[C]// IEEE 10th International Conference on Ubiquitous Intelligence and Computing, Autonomic and Trusted Computing (UIC/ATC).c 2013: 178-185. |
[16] | CRISTOFARO E D , SORIENTE C . Participatory privacy: enabling privacy in participatory sensing[J]. IEEE Network, 2013, 27 (1): 32-36. |
[18] | ZHENG Y , LI M , LOU W , et al. Location based handshake and private proximity test with location tags[J]. IEEE Transactions on Dependable and Secure Computing, 2015: 1. |
[19] | 王璐, 孟小峰 . 位置大数据隐私保护研究综述[J]. 软件学报 2014, 25 (4): 693-712. |
WANG L , MENG X F . Location privacy preservation in big data era: a survey[J]. Journal of Software, 2014, 25 (4): 693-712. | |
[20] | 鄢旭, 陈晶, 杜瑞颖 , 等. 无线传感器网络中基于组合框架的贝叶斯信任模型[J]. 计算机应用研究 2012, 29 (3): 1078-1083. |
YAN X , CHEN J DU R Y et al. Bayes trust model based on combinatorial frame in WSNs[J]. Application Research of Computers, 2012, 29 (3): 1078-1083. | |
[21] | GOGA O , LOISEAU P SOMMER R , et al. On the reliability of profile matching across large online social networks[C]// ACM Sigkdd International Conference on Knowledge Discovery and Data Mining.c 2015: 1799-1808. |
[22] | SHOKRI R , THEDODORAKOOULOS G DANEZIS G , et al. Quantifying location privacy: the case of sporadic location exposure[C]// The 11th International Symposium on Privacy Enhancing Technologies.c 2011: 57-56. |
[23] | 王彩梅, 郭亚军, 郭艳华 . 位置服务中用户轨迹的隐私度量[J]. 软件学报 2012, 23 (2): 352-360. |
WANG C M , GUO Y J GUO Y H . Privacy metric for user’s tra-jectory in location-based services[J]. Journal of Software, 2012, 23 (2): 352-360. | |
[24] | SUN L , LUO Y , DING X , et al. A novel artificial immune algo rithm for spatial clustering with obstacle constraint and its applications[J]. ACM Computational Intelligence and Neuroscience, 2014, 2014 (13): 1-11. |
[25] | NIU B , LI Q ZHU X , CAO G , et al. Achieving k-anonymity in privacy-aware location-based services[C]// IEEE International Conference on Computer Communications(INFOCOM).c 2014: 754-762. |
[26] | NIU B , LI Q ZHU X , CAO G ., et al. Enhancing privacy through caching in location-based Services[C]// IEEE International Conference on Computer Communications(INFOCOM).c 2015: 1017-1025. |
[27] | DAHL M , DELAUNE S STEEL G , . Formal analysis of privacy for vehicular mix-zones[C]// The 15th European Symposium on Research in Computer Security.c 2010: 55-70. |
[28] | DWORK C . Differential privacy: a survey of results[C]// The 5th International Conference on Theory and Applications of Models of Computation (TAMC).c 2008: 1-19. |
[29] | DWORK C . Ask a better question, get a better answer: a new approach to private data analysis[C]// The 11th International Conference on Database Theory (ICDT’07).c 2007: 18-27. |
[30] | DWORK C . Differential privacy[C]// The 33rd International Colloquium of the Automata, Languages and Programming(ICALP’06).c 2006, 26 (2): 1-12. |
[31] | MCSHERRY F , TALWAR K . Mechanism design via differential privacy[C]// The 48th Annual IEEE Symposium on Foundations of Computer Science(FOCS’07).c 2007: 94-103. |
[32] | GHOSH A , ROUGHGARDEN T SUNDARARAJAN M . Universally utility-maximizing privacy mechanisms[J]. SIAM Journal on Computing, 2012, 41 (6): 1673-1693. |
[1] | BLOCKI J , BLUMAND A , DATTA A , et al. The Johnson-Lindenstrauss transform itself preserves differential privacy[C]// The 2012 IEEE 53rd Annual Symposium on Foundations of Computer Science(FOCS’12).C 2012: 410-419. |
[34] | BONOMI L , XIONG L , CHEN R , et al. Frequent grams based embedding for privacy preserving record linkage[C]// The 21st ACM International Conference on Information and Knowledge Management. Hawaii.C 2012: 1597-1601. |
[35] | FANAND L , XIONG L , et al Real-time aggregate monitoring with differential privacy[C]// The 21st ACM International Conference on Information and Knowledge Management. Hawaii.C 2012: 2169-2173. |
[36] | CHEN J , NAUGHTON J F , CAI J Y . On differentially private frequent itemsetmining[J]. The International Journal on Very Large Data Bases, 2012, 6 (1): 25-36. |
[37] | LU R X , LIN X D H , LUAN T , et al. Pseudonym Changing at Social Spots: An Effective Strategy for Location Privacy in VANETs[J]. IEEE Transactions on Vehicular Technology, 2012, 61 (1): 86-96. |
[38] | 熊平, 朱天清, 王晓峰 . 差分隐私保护及其应用[J]. 计算机学报 2014, 37 (1): 101-122. |
XIONG P , ZHU T Q , WANG X F . A survey on differential privacy and applications[J]. Chinese Journal of Computers, 2014, 37 (1): 101-122. | |
[39] | 杨震, 范科峰, 雷建军 . 隐私保护的自适应垃圾邮件过滤方法研究[J]. 通信学报 2009, 30 (51): 145-149. |
YANG Z , FAN K F , LEI J J . Privacy preserving online spam filtering[J]. Journal on Communications, 2009, 30 (51): 145-149. | |
[40] | 毛典辉, 蔡强, 李海生 , 等. 一种自适应情景的位置隐私保护方法[J]. 中南大学学报(自然科学版) 2013, 44 (S2): 279-283. |
MAO D H , CAI Q , LI H S et al. An adaptive context-aware location privacy protection method[J]. Journal of Central South University (Science and Technology), 2013, 44 (S2): 279-283. | |
[41] | ASSAM R , SEIDL T . Private map matching: realistic private route cognition on road networks[C]// The 10th IEEE International Conference on Ubiquitous Intelligence and Computing, and 10th International Conference on Autonomic and Trusted Computing (UIC/ATC’13).C 2013: 178-185. |
[42] | 王波, 杨静 . 一种基于逆聚类的个性化隐私匿名方法[J]. 电子学报, 2012, 40 (5): 883-890. |
WANG B , YANG J . A personalized privacy anonymous method based on inverse clustering[J]. Acta Electronica Sinica, 2012, 40 (5): 883-890. | |
[43] | ZHANG R , ZHANG J ZHANG Y , et al. Privacy-preserving profile matching for proximity-based mobile social networking[J]. IEEE Journal on Selected Areas in Communications, 2013, 31 (9): 665-668. |
[44] | LI H , XIONG L , JIANG X Q et al. Differentially private histogram publication for dynamic datasets: an adaptive sampling approach[C]// The 24th ACM International on Conference on Information and Knowledge Management, Melbourne.C 2015: 1001-1010. |
[45] | 田丰, 桂小林, 张学军 , 等. 基于兴趣点分布的外包空间数据隐私保护方法[J]. 计算机学报, 2014, 37 (1): 123-138. |
TIAN F , GUI X L , ZHANG X J , et al. Privacy-preserving approach for outsourced spatial data based on POI distribution[J]. Chinese Journal of Computers, 2014, 37 (1): 123-138. | |
[46] | 刘昭斌, 刘文芝, 顾君忠, . 位置感知的自适应隐私保护策略[J]. 计算机工程与设计, 2011, 32 (3): 839-841,1032. |
LIU Z B , LIU W Z , GU J Z . Adaptive privacy protection policy of location-aware[J]. Computer Engineering and Design, 2011, 32 (3): 839-841,1032. | |
[47] | 毛典辉, 蔡强, 李海生 , 等. 用户协作模式下自适应情景的LBS隐私保护方法[J]. 四川大学学报(工程科学版), 2013, 45 (4): 124-130. |
MAO D H , CAI Q , LI H S , et al. An adaptive context-aware LBS privacy protection method based on users collaboration[J]. Journal of Sichuan University (Engineering Science Edition), 2013, 45 (4): 124-130. | |
[48] | PALLAPA G , DAS S K FRANCECO M D , et al. Adaptive and context-aware privacy preservation exploiting user interactions in smart environments[J]. Pervasive and Mobile Computing, 2014, 12 (11): 232-243. |
[49] | SCHAUB F , KONINGS B WEBER M , et al. Towards context adaptive privacy decisions in ubiquitous computing[C]// The 9th IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops’12).c 2012: 407-410. |
[50] | SCHAUB F , KONINGS B LANG p , et al. PriCal: context-adaptive privacy in ambient calendar displays[C]// The 2014 ACM International Joint Conference on Pervasive and Ubiquitous Computing (UbiComp’14).c 2014: 499-510. |
[51] | OMORONYIA I , CAVALLARO L SALEHIE M , et al. Engineering adaptive privacy: on the role of privacy awareness requirements[C]// The 35th IEEE International Conference on Software Engineering (ICSE’13).c 2013: 632-641. |
[52] | WANG W , ZHANG Q . Toward long-term quality of protection in mobile networks: a context-aware perspective[J]. IEEE Wireless Communications, 2015, 22 (4): 34-40. |
[53] | ZHANG K , YANG K , LIANG X H , et al. Security and privacy for mobile healthcare networks: from a quality of protection perspective[J]. IEEE Wireless Communications, 2015, 22 (4): 104-112. |
[54] | ITANI W , KAYSSI A , CHEHAB A . Privacy as a service: privacy-aware data storage and processing in cloud computing architectures[C]// The 8th International Conference on Dependable, Autonomic and Secure Computing (DASC’09). Chengdu.c 2009: 711-716. |
[55] | 徐小龙, 周静岚, 杨庚 . 一种基于数据分割与分级的云存储数据隐私保护机制[J]. 计算机科学, 2013, 40 (2): 98-102. |
XU X L , ZHOU J L , YANG G . Data privacy protection mechanism for cloud storage based on data partition and classification[J]. Computer Science, 2013, 40 (2): 98-102. | |
[56] | 江颉, 顾祝燕, 高骏骁 , 等. 基于敏感等级的云租户数据安全保护模型研究[J]. 系统工程理论与实践, 2014, 34 (9): 2392-2401. |
JIANG J , GU Z Y , GAO J X et al. Cloud tenants-oriented data security protection model based on data sensitivity grading[J]. Systems Engineering Theory & Practice, 2014, 34 (9): 2392-2401. | |
[57] | 施荣华, 刘鑫, 董健 , 等. 云环境下一种基于数据分割的 CP-ABE隐私保护方案[J]. 计算机应用研究, 2015, 32 (2): 522-523,527. |
SHI R H , LIU X , DONG J et al. Privacy protection scheme in cloud computing using CP-ABE based on data partition[J]. Application Research of Computers, 2015, 32 (2): 521-523,527. | |
[58] | GEORGAKAKIS E , NIKOLIDAKIS S A , VERGADOS D D , et al. Spatio temporal emergency role based access control (STEM-RBAC):a time and location aware role based access control model with a break the glass mechanism[C]// The 16th IEEE International Symposium on Computers and Communications (ISCC’11).c 2011: 764-770. |
[59] | TARAMESHLOO E , FONG P W L . Access control models for geo-social computing systems[C]// The 20th ACM Symposium on Access Control Models and Technologies (SACMAT’14). London,c 2014: 115-126. |
[60] | MIETTINEN M , HEUSER S , KRONZ W , et al. ConXsenseautomated context classification for context-aware access control[C]// The 9th ACM Symposium on Information, Computer and Communications Security (CCS’14). Kyoto,c 2014: 293-304. |
[61] | ZHANG Y , CHEN J , DU R , et al. FEACS: a flexible and efficient access control scheme for cloud computing[C]// The 13th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TRUSTCOM’14). Beijing,c 2014: 310-319. |
[62] | RUBIO-MEDRANO C E , ZHAO Z , DOUPE A , et al. Federated access management for collaborative network environments: framework and case study[C]// The 20th ACM Symposium on Access Control Models and Technologies (SACMAT’15).c 2015: 125-134. |
[63] | CAPPOS J , WANG L , WEISS R , et al. BlurSense: dynamic fine-grained access control for smartphone privacy[C]// The IEEE Sensors Applications Symposium (SAS’14).c 2014: 329-332. |
[64] | WANG J , HUANG C , WANG J . Scalable access policy for attribute based encryption in cloud storage[M]// Algorithms and Architectures for Parallel Processing. Berlin: Springer, 2015: 383-402. |
[65] | ZHOU J , LIN X D , DONG X L , et al. PSMPA: patient self-controllable and multi-level privacy-preserving cooperative authentication in distributed m-healthcare cloud computing system[J]. IEEE Transactions on Parallel & Distributed Systems, 2015, 26 (6): 1693-1703. |
[66] | 张颖君, 冯登国, 陈恺 . 面向空间索引树的授权机制[J]. 通信学报, 2010, 31 (9): 64-73. |
ZHANG Y J , FENG D G , CHEN K . Authorization mechanism based on spatial index[J]. Journal on Communications, 2010, 31 (9): 64-73. | |
[671] | LIU H , NING H S , XIONG Q X , et al. Shared authority based privacy-preserving authentication protocol in cloud computing[J]. IEEE Transactions on Parallel & Distributed Systems, 2015, 26 (1): 241-251. |
[68] | WANG Y C , LI F H , XIONG J B et al. Achieving lightweight and secure access control in multi-authority cloud[C]// The 2015 IEEE Trustcom/BigDataSE/ISPA.c 2015: 459-466. |
[69] | 马晨华, 王进, 裘炅 , 等. 基于情景约束的工作流柔性访问控制模型[J]. 浙江大学学报(工学版), 2010, 44 (12): 2297-2308. |
MA C H , WANG J , QIU J et al. An action-based fine-grained access control mechanism for structured documents and its application[[J]. The Scientific World Journal, 2010, 44 (12): 2297-2308. | |
[70] | SU M , LI F H , TANG Z , et al. An action-based fine-grained access control mechanism for structured documents and its application[J]. The Scientific World Journal, 2014: 232708-232720. |
[71] | 吴槟, 冯登国 . 多域环境下基于属性的授权委托模型[J]. 软件学报, 2011, 22 (7): 1661-1675. |
WU B , FENG D G . Attribute-based authorization delegation model in multi-domain environments[[J]. Journal of Software, 2011, 22 (7): 1661-1675. |
[1] | 陈赛特, 李卫海, 姚远志, 俞能海. 轻量级K匿名增量近邻查询位置隐私保护算法[J]. 网络与信息安全学报, 2023, 9(3): 60-72. |
[2] | 肖敏, 毛发英, 黄永洪, 曹云飞. 基于属性签名的车载网匿名信任管理方案[J]. 网络与信息安全学报, 2023, 9(2): 33-45. |
[3] | 许建龙, 林健, 黎宇森, 熊智. 分布式用户隐私保护可调节的云服务个性化QoS预测模型[J]. 网络与信息安全学报, 2023, 9(2): 70-80. |
[4] | 孙哲, 宁洪, 殷丽华, 方滨兴. 基于教学实训靶场的“数据隐私保护”课程建设初探[J]. 网络与信息安全学报, 2023, 9(1): 178-188. |
[5] | 白雪, 秦宝东, 郭瑞, 郑东. 基于SM2的两方协作盲签名协议[J]. 网络与信息安全学报, 2022, 8(6): 39-51. |
[6] | 肖敏, 姚涛, 刘媛妮, 黄永洪. 具有隐私保护的动态高效车载云管理方案[J]. 网络与信息安全学报, 2022, 8(6): 70-83. |
[7] | 卢晨昕, 陈兵, 丁宁, 陈立全, 吴戈. 具有紧凑标签的基于身份匿名云审计方案[J]. 网络与信息安全学报, 2022, 8(6): 156-168. |
[8] | 明盛智, 朱建明, 隋智源, 张娴. 信息增值机制下在线医疗隐私保护策略[J]. 网络与信息安全学报, 2022, 8(6): 169-177. |
[9] | 张娴, 朱建明, 隋智源, 明盛智. 数字货币交易匿名性与监管的博弈分析[J]. 网络与信息安全学报, 2022, 8(5): 150-157. |
[10] | 刘峰, 杨杰, 齐佳音. 区块链密码学隐私保护技术综述[J]. 网络与信息安全学报, 2022, 8(4): 29-44. |
[11] | 金琳, 田有亮. 基于区块链的多权限属性隐藏电子病历共享方案[J]. 网络与信息安全学报, 2022, 8(4): 66-76. |
[12] | 张伟成, 卫红权, 刘树新, 普黎明. 5G移动边缘计算场景下的快速切换认证方案[J]. 网络与信息安全学报, 2022, 8(3): 154-168. |
[13] | 陈前昕, 毕仁万, 林劼, 金彪, 熊金波. 支持多数不规则用户的隐私保护联邦学习框架[J]. 网络与信息安全学报, 2022, 8(1): 139-150. |
[14] | 高振升, 曹利峰, 杜学绘. 基于区块链的访问控制技术研究进展[J]. 网络与信息安全学报, 2021, 7(6): 68-87. |
[15] | 杨冠群, 刘荫, 徐浩, 邢宏伟, 张建辉, 李恩堂. 基于区块链的电网可信分布式身份认证系统[J]. 网络与信息安全学报, 2021, 7(6): 88-98. |
阅读次数 | ||||||
全文 |
|
|||||
摘要 |
|
|||||
|