面向版式文档的细粒度隐私操作控制方法

doi:10.11959/j.issn.1000-436x.2023083

Abstract

Abstract:

In view of the problem of privacy information disclosure caused by uncontrolled forwarding in the context of frequent exchange of privacy information, a fine-grained privacy operation control method for layout documents was proposed, which could achieve differentiated fine-grained privacy operation control according to the requirements of the sharer during the sharing process of privacy information.For the received multimodal layout document, the existing privacy operation control strategy was extracted, which combined the current sharer’s use attribute and the receiver’s privacy protection ability and other factors.The privacy operation control strategy was generated iteratively, and an abstract control strategy generation algorithm framework was given.Based on the iterative privacy operation control strategy and combined with specific operation scenarios, the differentiated data-masking control, exchange boundary control and local use control were carried out for different modes of information components, and the abstract privacy operation control algorithm framework was given.A prototype system for privacy operation control of OFD (open fixed-layout document) was developed to verify the above algorithms.The generation and delivery of iterative privacy operation control strategy based on friendship, as well as the differential data-masking control, exchange boundary control and local use control of OFD were implemented in the instant messaging system.

Key words: privacy operation control, iteration, layout document

CLC Number:

TN92

Peijie YIN, Fenghua LI, Ben NIU, Haiyang LUO, Bin KUANG, Lingcui ZHANG. Fine-grained privacy operation control method for layout documents[J]. Journal on Communications, 2023, 44(5): 94-109.

Figures/Tables 21

符号	含义
	版式文档X及其信息分量X_k
	信息分量X_k的组成内容
c	信息分量的内容
A	隐私属性向量（量化隐私信息分量及分量组合的保护程度）
Γ	广义定位信息集合
?	审计控制信息集合（流转过程中的主客体信息和被执行的操作记录）
Ψ	共享控制操作集合（信息分量及其组合可被执行的操作）
	隐私操作控制策略集合
	版式文档信息分量X_k的当前迭代隐私操作控制策略集合
	接收到版式文档时信息分量X_k已有的迭代隐私操作控制策略集合
X_k.P_j	信息分量X_k的第j条隐私操作控制策略
	信息分量 X_k的第j 条隐私操作控制策略调整后的策略
S_i-1, S_i, S_i+1	前一分享者，当前分享者，接收者
X’	脱敏后的版式文档
G_pic	图片脱敏算法库
G_wds	文字脱敏算法库
t	策略调整动作
para.opt	操作控制目的
para.opt.dataMasking	操作控制目的为脱敏操作控制的标志位
para.opt.broadControl	操作控制目的为交换边界控制的标志位
para.opt.localControl	操作控制目的为本地使用控制的标志位
para.opt.direction	交换方向，比如传出、传入等
para.opt.mod	交换模式，比如查看该信息的人员、方式、位置、设备（终端、后台服务器）、时间等
OP_bc	交换边界控制判断结果
OP_lc	本地使用控制判断结果
f₁	策略调整虚函数
f₂/f₅	图片/文字脱敏算法选择虚函数
f₃/f₆	图片/文字交换边界控制虚函数
f₄/f₇	图片/文字本地使用控制虚函数
g₁/g₂	所选出的对图片/文字的脱敏算法
Attr(S_i)	当前分享者使用属性
Attr.scene	场景
Attr.desire	操作要求
Ability(S_i+1)	接收者隐私保护能力（接收者S_i+1的硬件和软件保护能力，比如硬件防护能力包括但不限于内存运行能力、CPU 运行能力、防火墙、隔离网关等，软件防护能力包括但不限于恶意监听者查杀软件、流量监控能力等）
Ability.hardware	硬件防护能力

References 28

[1]	FRAGKOS G , JOHNSON J , TSIROPOULOU E E . Dynamic role-based access control policy for smart grid applications:an offline deep reinforcement learning approach[J]. IEEE Transactions on Human-Machine Systems, 2022,52(4): 761-773.
[2]	ZHANG Q K , ZHU L , ZHAO K Y ,et al. Dynamic permission access control model based on privacy protection[J]. Telecommunication Systems, 2022,81(2): 191-205.
[3]	LIN H , KAUR K , WANG X D ,et al. Privacy-aware access control in IoT-enabled healthcare:a federated deep learning approach[J]. IEEE Internet of Things Journal, 2023,10(4): 2893-2902.
[4]	SANTOS D R D , MARINHO R , SCHMITT G R ,et al. A framework and risk assessment approaches for risk-based access control in the cloud[J]. Journal of Network and Computer Applications, 2016,74: 86-97.
[5]	SANTOS D R D , WESTPHALL C M , WESTPHALL C B . A dynamic risk-based access control architecture for cloud computing[C]// Proceedings of 2014 IEEE Network Operations and Management Symposium (NOMS). Piscataway:IEEE Press, 2014: 1-9.
[6]	NING J T , CAO Z F , DONG X L ,et al. Auditable σ time outsourced attribute-based encryption for access control in cloud computing[J]. IEEE Transactions on Information Forensics and Security, 2018,13(1): 94-105.
[7]	YAN Z , LI X Y , WANG M J ,et al. Flexible data access control based on trust and reputation in cloud computing[J]. IEEE Transactions on Cloud Computing, 2017,5(3): 485-498.
[8]	KARJOTH G , SCHUNTER M , WAIDNER M . Platform for enterprise privacy practices:privacy-enabled management of customer data[C]// Privacy Enhancing Technologies Symposium. Berlin:Springer, 2003: 69-84.
[9]	PEARSON S , MONT M C , KOUNGA G . Enhancing accountability in the cloud via sticky policies[C]// FTRA International Conference on Secure and Trust Computing,Data Management,and Application. Berlin:Springer, 2011: 146-155.
[10]	SPYRA G , BUCHANAN W J , EKONOMOU E . Sticky policies approach within cloud computing[J]. Computers ＆ Security, 2017,70: 366-375.
[11]	NIU B , LI Q H , WANG H Y ,et al. A framework for personalized location privacy[J]. IEEE Transactions on Mobile Computing, 2022,21(9): 3071-3083.
[12]	CHEN K K , LIU L . Privacy preserving data classification with rotation perturbation[C]// Proceedings of Fifth IEEE International Conference on Data Mining (ICDM’05). Piscataway:IEEE Press, 2005: 589-592.
[13]	WANG L , NEAR J P , SOMANI N ,et al. Data capsule:a new paradigm for automatic compliance with data privacy regulations[C]// Heterogeneous Data Management,Polyestrous,and Analytics for Healthcare. Berlin:Springer, 2019: 3-23.
[14]	WANG L , KHAN U , NEAR J ,et al. PrivGuard:privacy regulation compliance made easier[C]// 2022 USENIX Security Symposium (USENIX Security). Berkeley:USENIX Association, 2022: 3753-3770.
[15]	李凤华, 李晖, 牛犇 . 隐私计算理论与技术[M]. 北京: 人民邮电出版社, 2021.
	LI F H , LI H , NIU B . Privacy computing theory and technology[M]. Beijing: Posts ＆ Telecom Press, 2021.
[16]	李凤华, 孙哲, 吕梦凡 ,等. 社交照片隐私保护机制研究进展[J]. 信息安全学报, 2018,3(2): 41-61.
	LI F H , SUN Z , LYU M F ,et al. Research progress of photo privacy-preserving mechanisms in online social network[J]. Journal of Cyber Security, 2018,3(2): 41-61.
[17]	李凤华, 孙哲, 牛犇 ,等. 跨社交网络的隐私图片分享框架[J]. 通信学报, 2019,40(7): 1-13.
	LI F H , SUN Z , NIU B ,et al. Privacy-preserving photo sharing framework cross different social network[J]. Journal on Communications, 2019,40(7): 1-13.
[18]	LI F H , SUN Z , NIU B ,et al. An extended control framework for privacy-preserving photo sharing across different social networks[C]// Proceedings of 2019 International Conference on Computing,Networking and Communications (ICNC). Piscataway:IEEE Press, 2019: 390-394.
[19]	LI F H , SUN Z , LI A ,et al. HideMe:privacy-preserving photo sharing on social networks[C]// Proceedings of IEEE Conference on Computer Communications. Piscataway:IEEE Press, 2019: 154-162.
[20]	李凤华, 王彦超, 殷丽华 ,等. 面向网络空间的访问控制模型[J]. 通信学报, 2016,37(5): 9-20.
	LI F H , WANG Y C , YIN L H ,et al. Novel cyberspace-oriented access control model[J]. Journal on Communications, 2016,37(5): 9-20.
[21]	LI F H , LI H , NIU B ,et al. Privacy computing:concept,computing framework,and future development trends[J]. Engineering, 2019,5(6): 1179-1192.
[22]	电子文件存储与交换格式:LD/T 50.5-2016[S]. GB/T 33190-2016, 2016.
	Electronic files storage and exchanges formats—fixed layout documents[S]. GB/T 33190-2016, 2016.
[23]	SWEENEY L . K-anonymity:a model for protecting privacy[J]. International Journal of Uncertainty,Fuzziness and Knowledge-Based Systems, 2002,10(5): 557-570.
[24]	MACHANAVAJJHALA A , GEHRKE J , KIFER D ,et al. L-diversity:privacy beyond k-anonymity[C]// Proceedings of 22nd International Conference on Data Engineering (ICDE’06). Piscataway:IEEE Press, 2006:24.
[25]	DWORK C . Differential privacy:a survey of results[C]// International Conference on Theory and Applications of Models of Computation. Berlin:Springer, 2008: 1-19.
[26]	MCSHERRY F , TALWAR K . Mechanism design via differential privacy[C]// Proceedings of 48th Annual IEEE Symposium on Foundations of Computer Science (FOCS’07). Piscataway:IEEE Press, 2007: 94-103.
[27]	WU G Q , XIA X Y , HE Y P . Extending differential privacy for treating dependent records via information theory[J]. arXiv Preprint,arXiv:1703.07474, 2017.
[28]	彭长根, 丁红发, 朱义杰 ,等. 隐私保护的信息熵模型及其度量方法[J]. 软件学报, 2016,27(8): 1891-1903.
	PENG C G , DING H F , ZHU Y J ,et al. Information entropy models and privacy metrics methods for privacy protection[J]. Journal of Software, 2016,27(8): 1891-1903.

Metrics

Recommended 0

No Suggested Reading articles found!

算法库	包含的脱敏算法
文字G_wds	空白置换算法
	特殊符号置换算法
	指定文字置换算法
	假名置乱算法
	部分置乱算法
图片G_pic	全黑遮蔽算法
	全透明置换算法

脱敏模态	寻找信息分量的方式	策略生成/ms	策略解析/ms	策略执行/ms	策略生成和策略解析时间占比	策略执行时间占比
图片		7.00	2.00	83.00	9.78%	90.22%
文字	正则特定内容	7.00	1.00	226.00	3.42%	96.58%
	关键词	10.00	2.00	195.00	5.80%	94.20%
平均		8.00	1.67	168.00	5.44%	94.56%

首次脱敏信息分量模态及寻找信息分量的方式	迭代脱敏信息分量模态及寻找信息分量的方式	策略生成/ms	策略解析/ms	策略执行/ms	策略生成和策略解析时间占比	策略执行时间占比
	图片	6.00	1.00	76.00	8.43%	91.57%
图片	文字-正则特定内容	9.00	2.00	261.00	4.04%	95.96%
	文字-关键词	7.00	2.00	181.00	4.74%	95.26%
	平均	7.33	1.67	172.67	4.95%	95.05%
	图片	9.00	3.00	76.00	13.64%	86.36%
文字-正则特定内容	文字-正则特定内容	10.00	1.00	280.00	3.78%	96.22%
	文字-关键词	8.00	2.00	187.00	5.08%	94.92%
	平均	9.00	2.00	181.00	5.73%	94.27%
	图片	8.00	2.00	81.00	10.99%	89.01%
文字-关键词	文字-正则特定内容	8.00	1.00	264.00	3.30%	96.70%
	文字-关键词	9.00	2.00	177.00	5.85%	94.15%
	平均	8.33	1.67	174.00	5.43%	94.57%
平均		8.22	1.78	175.89	5.38%	94.62%

保护方法	延伸控制	迭代延伸控制	脱敏	迭代脱敏	交换边界控制	前端操作控制	后台操作控制	细粒度差异化保护
本文方法	√	√	√	√	√	√	√	√
基于匿名的脱敏方法	×	×	√	×	×	×	×	×
基于差分的脱敏方法	×	×	√	×	×	×	部分支持	×
基于信息论的脱敏方法	×	×	√	×	×	×	×	×

Fine-grained privacy operation control method for layout documents

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 21

References 28

Related Articles 10

Metrics

Recommended 0

[1]	Cuitao ZHU,Ning WEI,Hanxin WANG,Zhongjie LI. Multi-user detection scheme for SCMA systems based on iteration removal [J]. Journal on Communications, 2018, 39(6): 64-72.
[2]	Ye DU,dan ZHANGYa,hong LIMei,wei ZHANGDa. Improved FastICA algorithm for data optimization processing in intrusion detection [J]. Journal on Communications, 2016, 37(1): 42-48.
[3]	Ding WANG,Li ZHANG,Ying WU. Moving source geolocation algorithm and performance analysis using dual-satellites sequence measurements and calibration sources [J]. Journal on Communications, 2015, 36(10): 62-75.
[4]	. Optimized algorithm for value iteration based on topological sequence backups [J]. Journal on Communications, 2014, 35(8): 8-62.
[5]	Wei HUANG,Quan LIU,Hong-kun SUN,Qi-ming FU,HOUXiao-ke Z. Optimized algorithm for value iteration based on topological sequence backups [J]. Journal on Communications, 2014, 35(8): 56-62.
[6]	Yu-bo LI,Cheng-qian XU. Zero-correlation zone complementary sets based on iteration [J]. Journal on Communications, 2011, 32(8): 38-44.
[7]	Zhen-yu ZHANG,Fan-xin ZENG,Gui-xin XUAN,Hua WU,Yuan-hong ZHONG. Design of sequences with intra-group complementary properties for MC-CDMA systems [J]. Journal on Communications, 2011, 32(3): 27-32.
[8]	Xing-cheng LIU,Qing LIU. Study on the decoding algorithm of block Turbo codes based on partial extrinsic information [J]. Journal on Communications, 2008, 29(3A): 20-24.
[9]	Ling-yan FAN,Chen HE,Guo-rui FENG. Adaptive iterative bit allocation algorithm for MIMO-OFDM system [J]. Journal on Communications, 2007, 28(11): 62-67.
[10]	Qian-jun DING,Yong-liang WANG,Yong-shun ZHANG. Fast algorithm for implementing multistage wiener filter:iterative correlation subtraction algorithm [J]. Journal on Communications, 2005, 26(12): 6-12.