基于属性基加密的用户协作连续查询隐私保护策略

doi:10.11959/j.issn.1000-436x.2017184

通信学报 ›› 2017, Vol. 38 ›› Issue (9): 76-85.doi: 10.11959/j.issn.1000-436x.2017184

基于属性基加密的用户协作连续查询隐私保护策略

张磊^1,²,马春光¹,杨松涛^1,²,李增鹏¹

¹ 哈尔滨工程大学计算机科学与技术学院，黑龙江哈尔滨 150001
² 佳木斯大学信息电子技术学院，黑龙江佳木斯 154007

修回日期:2017-07-17 出版日期:2017-09-01 发布日期:2017-10-18
作者简介:张磊（1982-），男，黑龙江绥化人，哈尔滨工程大学博士生，佳木斯大学讲师，主要研究方向为信息安全、隐私保护。|马春光（1974-），男，黑龙江双城人，博士，哈尔滨工程大学教授、博士生导师，主要研究方向为密码学、数据安全与隐私保护、无线自组织网络及安全。|杨松涛（1972-），男，黑龙江鹤岗人，博士，佳木斯大学教授，主要研究方向为信息安全、隐私保护。|李增鹏（1989-），男，山东青岛人，哈尔滨工程大学博士生，主要研究方向为密码学、密码协议。
基金资助:
国家自然科学基金资助项目(61472097);高等学校博士学科点专项科研基金资助项目(20132304110017);黑龙江省自然科学基金资助项目(F2015022)

CP-ABE based users collaborative privacy protection scheme for continuous query

Lei ZHANG^1,²,Chun-guang MA¹,Song-tao YANG^1,²,Zeng-peng LI¹

¹ College of Computer Science and Technology,Harbin Engineering University,Harbin 150001,China
² College of Information and Electronic Technology,Jiamusi University,Jiamusi 154007,China

Revised:2017-07-17 Online:2017-09-01 Published:2017-10-18
Supported by:
The National Natural Science Foundation of China(61472097);Specialized Research Fund for the Doctoral Program of Higher Education(20132304110017);The Natural Science Foundation of Heilongjiang Province(F2015022)

摘要/Abstract

摘要：

在基于位置服务（LBS,location-based service）中，不可信的服务器可利用掌握的用户属性信息作为背景知识，在快照或连续查询过程中关联不确定位置集合中的位置，进而识别出潜在的用户真实位置造成用户位置隐私的泄露。针对这种攻击行为，当前主要的隐私保护方法是进行属性泛化。然而，已有的属性泛化方法一般假设存在一个可信的第三方服务器对参与匿名用户的属性进行寻找与比较，而这个第三方服务器很可能因为攻击焦点或服务瓶颈问题变得不再可信。针对攻击者可能使用的用户属性进行分析攻击以及第三方服务器潜在的不可信问题，提出一种基于属性基加密（CP-ABE,ciphertext policy attribute based encryption）的方法，通过用户协作完成对用户属性的匿名操作，并且整个过程中第三方服务器以及协作用户无法获知该用户任何隐私信息。最后，安全性分析和实验验证进一步证明了所提方法具有较高的隐私保护效力和算法执行效率。

关键词: 基于位置服务, 隐私保护, 属性基加密, 属性匿名

Abstract:

In location-based services (LBS),as the untrusted LBS server can be seen as an adversary,and it can utilize the attribute as background knowledge to correlate the real location of the user in the set of uncertain locations.Then the adversary can gain the location privacy when the user enjoys the snapshot and continuous query through the correlation inference attack.In order to cope with this attack,the main scheme in privacy protection is to generalize the attribute and achieve attribute anonymity.However,algorithms of this type usually assumes a trusted third party (TTP) which provides the service of similarity attribute finding and comparing,and it is unpractical in the real environment,as the TTP may become the point of attack or the bottleneck of service and it cannot be considered as the trusted one all the time.Thus,to cope with the correlation inference attack as well as the semi-trusted third party,ciphertext policy attribute based encryption (CP-ABE) and users collaboration based attribute anonymous scheme was proposed.In this scheme,the user coupled achieve location and attribute anonymity.Furthermore,this scheme could also provide security for attacks from the semi-trusted third party as well as semi-trusted collaborative users.At last,security analysis and the experiment results further verify the effectiveness of privacy protection and the efficiency of algorithm execution.

Key words: location-based services, privacy protection, attribute encryption, attribute anonymity

中图分类号:

TP311

张磊,马春光,杨松涛,李增鹏. 基于属性基加密的用户协作连续查询隐私保护策略[J]. 通信学报, 2017, 38(9): 76-85.

Lei ZHANG,Chun-guang MA,Song-tao YANG,Zeng-peng LI. CP-ABE based users collaborative privacy protection scheme for continuous query[J]. Journal on Communications, 2017, 38(9): 76-85.

图/表 7

表1

图1

图2

图3

图4

图5

图6

参考文献 22

[1]	马春光, 张磊, 杨松涛 . 位置轨迹隐私保护综述[J]. 信息网络安全, 2015(10): 24-31.
	MA C G , ZHANG L , YANG S T . Review on location trajectory privacy protection[J]. Netinfo Security, 2015(10): 24-31.
[2]	WANG Y , XIA Y , HOU J ,et al. A fast privacy-preserving framework for continuous location-based queries in road networks[J]. Journal of Network and Computer Applications, 2015,53: 57-73.
[3]	LIN C , WU G W , YU C W . Protecting location privacy and query privacy:a combined clustering approach[J]. Concurrency and Computation-Practice ＆ Experience, 2015,27(12): 3021-3043.
[4]	周长利, 马春光, 杨松涛 . 基于敏感位置多样性的LBS位置隐私保护方法研究[J]. 通信学报, 2015,36(4): 129-140.
	ZHOU C L , MA C G , YANG S T . Research of LBS privacy preserving based on sensitive location diversity[J]. Journal on Communications, 2015,36(4): 129-140.
[5]	NIU B , GAO S , LI F H ,et al. Protection of location privacy in continuous LBSs against adversaries with background information[C]// 2016 International Conference on Computing,Networking and Communications (ICNC). 2016.
[6]	GAO S , MA J F , SHI W S ,et al. LTPPM:a location and trajectory privacy protection mechanism in participatory sensing[J]. Wireless Communications ＆ Mobile Computing, 2015,15(1): 155-169.
[7]	HWANG R H , HSUEH Y L , CHUNG H W . A novel time-obfuscated algorithm for trajectory privacy protection[J]. IEEE Transactions on Services Computing, 2014,7(2): 126-139.
[8]	NI W , GU M , CHEN X . Location privacy-preserving k nearest neighbor query under user's preference[J]. Knowledge-Based Systems, 2016,103: 19-27.
[9]	张磊, 马春光, 杨松涛 ,等. 基于轮廓泛化的位置隐私保护模型及方法[J]. 系统工程与电子技术, 2016,38(12): 2894-900.
	ZHANG L , MA C G , YANG S T ,et al. Location privacy protection model and algorithm based on profiles generalization[J]. Systems Engineering and Electronics, 2016,38(12): 2894-2900.
[10]	GRUTESER M , GRUNWALD D . Anonymous usage of location-based services through spatial and temporal cloaking[C]// 1st International Conference on Mobile Systems,Applications and Services. San Francisco,California,F, 2003:1189037.
[11]	XIAO Z , XU J , MENG X . P-sensitivity:a semantic privacy-protection model for location-based services[C]// International Conference on Mobile Data Management Workshops. 2008.
[12]	FUYU L , HUA K A , YING C . Query l-diversity in location-based services[C]// Mobile Data Management:Systems,Services and Middleware. 2009.
[13]	CHOW C Y , MOKBEL M F , LIU X . A peer-to-peer spatial cloaking algorithm for anonymous location-based service[C]// 14th Annual ACM International Symposium on Advances in Geographic Information Systems. 2006: 171-178.
[14]	MA C , ZHANG L , YANG S ,et al. Achieve personalized anonymity through query blocks exchanging[J]. China Communications, 2016,13(11): 106-18.
[15]	GHINITA G , KALNIS P , KHOSHGOZARAN A ,et al. Private queries in location based services:anonymizers are not necessary[C]// 2008 ACM SIGMOD International Conference on Management of data. 2008: 121-32.
[16]	KATO R , IWATA M , HARA T ,et al. A dummy-based anonymization method based on user trajectory with pauses[C]// 20th International Conference on Advances in Geographic Information Systems. 2012.
[17]	GHASEMZADEH M , FUNG B C M , CHEN R ,et al. Anonymizing trajectory data for passenger flow analysis[J]. Transportation Research Part C-Emerging Technologies, 2014,39(2014): 63-79.
[18]	PALANISAMY B , LIU L , LEE K ,et al. Anonymizing continuous queries with delay-tolerant mix-zones over road networks[J]. Distributed and Parallel Databases, 2014,32(1): 91-118.
[19]	张磊, 马春光, 杨松涛 . 基于位置关联相似性的匿名算法[J]. 中国科技论文, 2016,11(2): 197-201,13.
	ZHANG L , MA C G , YANG S T . Location association similar based anonymus algorithm[J]. China Sciencepaper, 2016,11(2): 197-201,13.
[20]	马春光, 周长利, 杨松涛 ,等. 基于 Voronoi 图预划分的 LBS 位置隐私保护方法[J]. 通信学报, 2015,36(5): 5-16.
	MA C G , ZHOU C L , YANG S T ,et al. Location privacy-preserving method in LBS based on Voronoi division[J]. Journal on Communications, 2015,36(5): 5-16.
[21]	RODRIGUEZ-CARRION A , REBOLLO-MONEDERO D , FORNE J ,et al. Entropy-based privacy against profiling of user mobility[J]. Entropy, 2015,17(6): 3913-3946.
[22]	BETHENCOURT J , SAHAI A , WATERS B . Ciphertext-policy attribute-based encryption[C]// IEEE Symposium on Security and Privacy. 2007.

符号	描述
p	用户关联概率
A	所有属性集合
S	不确定位置集合
k_u	用户提供的对称密钥
pk_L	LBS提供的加密公钥
pk	用户使用的属性基加密公钥
A_u	用户指定的部分属性
E	密文信息
E_c	CS广播的密文信息
E_cu	CU反馈给CS的密文信息
q_t	兴趣点类型集合
k	匿名值

基于属性基加密的用户协作连续查询隐私保护策略

CP-ABE based users collaborative privacy protection scheme for continuous query

在线阅读

PDF下载

可视化

被引次数

摘要/Abstract

引用本文

使用本文

图/表 7

参考文献 22

相关文章 15

Metrics

推荐阅读 0

[1]	马鑫迪, 李清华, 姜奇, 马卓, 高胜, 田有亮, 马建峰. 面向Non-IID数据的拜占庭鲁棒联邦学习[J]. 通信学报, 2023, 44(6): 138-153.
[2]	冯涛, 陈李秋, 方君丽, 石建明. 基于本地化差分隐私和属性基可搜索加密的区块链数据共享方案[J]. 通信学报, 2023, 44(5): 224-233.
[3]	夏莹杰, 朱思雨, 刘雪娇. 区块链架构下具有条件隐私的车辆编队跨信任域高效群组认证研究[J]. 通信学报, 2023, 44(4): 111-123.
[4]	胡柏吉, 张晓娟, 李元诚, 赖荣鑫. 支持多功能的V2G网络隐私保护数据聚合方案[J]. 通信学报, 2023, 44(4): 187-200.
[5]	徐明, 张保俊, 伍益明, 应晨铎, 郑宁. 面向网络攻击和隐私保护的多智能体系统分布式共识算法[J]. 通信学报, 2023, 44(3): 117-127.
[6]	刘雪娇, 曹天聪, 夏莹杰. 区块链架构下高效的车联网跨域数据安全共享研究[J]. 通信学报, 2023, 44(3): 186-197.
[7]	余晟兴, 陈钟. 基于同态加密的高效安全联邦学习聚合框架[J]. 通信学报, 2023, 44(1): 14-28.
[8]	张学旺, 黎志鸿, 林金朝. 基于公平盲签名和分级加密的联盟链隐私保护方案[J]. 通信学报, 2022, 43(8): 131-141.
[9]	杜瑞忠, 张添赫, 石朋亮. 基于区块链且支持数据共享的密文策略隐藏访问控制方案[J]. 通信学报, 2022, 43(6): 168-178.
[10]	殷新春, 王梦宇, 宁建廷. 轻量级可搜索医疗数据共享方案[J]. 通信学报, 2022, 43(5): 110-122.
[11]	王继锋, 王国峰. 边缘计算模式下密文搜索与共享技术研究[J]. 通信学报, 2022, 43(4): 227-238.
[12]	封化民, 史瑞, 袁峰, 李艳俊, 杨旸. 高效的强隐私保护和可转让的属性票据方案[J]. 通信学报, 2022, 43(3): 63-75.
[13]	于海宁, 张宏莉, 余翔湛, 曲家兴, 葛蒙蒙. 隐私保护的轨迹相似度计算方法[J]. 通信学报, 2022, 43(11): 1-13.
[14]	彭滔, 钟文韬, 王国军, 罗恩韬, 熊金波, 刘忆宁, Hao Wang. 移动社交网络中面向隐私保护的精确好友匹配[J]. 通信学报, 2022, 43(11): 90-103.
[15]	史瑞, 封化民, 谢惠琴, 史国振, 刘飚, 杨旸. 基于带智能卡的移动终端实现的隐私保护的属性票据方案[J]. 通信学报, 2022, 43(10): 26-41.