Although it is convenient to exchange data by publishing view, but it may disclose sensitive information. The problem of how to eliminate information disclosure becomes a core problem in the view publishing process. I...Although it is convenient to exchange data by publishing view, but it may disclose sensitive information. The problem of how to eliminate information disclosure becomes a core problem in the view publishing process. In order to eliminate information disclosure, deciding view security algorithm and eliminating information disclosure algorithm are proposed, and the validity of the algorithms are proved by experiment. The experimental results showing, deciding view security algorithm can decide the safety of a set of views under prior knowledge, and eliminating information disclosure algorithm can eliminate disclosure efficiently.展开更多
A game measurement model considering the attacker’s knowledge background is proposed based on the Bayesian game theory aiming at striking a balance between the protection of sensitive information and the quality of s...A game measurement model considering the attacker’s knowledge background is proposed based on the Bayesian game theory aiming at striking a balance between the protection of sensitive information and the quality of service.We quantified the sensitive level of information according to the user’s personalized sensitive information protection needs.Based on the probability distribution of sensitive level and attacker’s knowledge background type,the strategy combination of service provider and attacker was analyzed,and a game-based sensitive information protection model was constructed.Through the combination of strategies under Bayesian equilibrium,the information entropy was used to measure the leakage of sensitive information.Furthermore,in the paper the influence of the sensitive level of information and the attacker’s knowledge background on the strategy of both sides of the game was considered comprehensively.Further on,the leakage of the user’s sensitive information was measured.Finally,the feasibility of the model was described by experiments.展开更多
Privacy preservation has recently received considerable attention for location-based mobile services. A lot of location cloaking approaches focus on identity and location protection, but few algorithms pay attention t...Privacy preservation has recently received considerable attention for location-based mobile services. A lot of location cloaking approaches focus on identity and location protection, but few algorithms pay attention to prevent sensitive information disclosure using query semantics. In terms of personalized privacy requirements, all queries in a cloaking set, from some user's point of view, are sensitive. These users regard the privacy is breached. This attack is called as the sensitivity homogeneity attack. We show that none of the existing location cloaking approaches can effectively resolve this problem over road networks. We propose a (K, L, P)-anonymity model and a personalized privacy protection cloaking algorithm over road networks, aiming at protecting the identity, location and sensitive information for each user. The main idea of our method is first to partition users into different groups as anonymity requirements. Then, unsafe groups are adjusted by inserting relaxed conservative users considering sensitivity requirements. Finally, segments covered by each group are published to protect location information. The efficiency and effectiveness of the method are validated by a series of carefully designed experiments. The experimental results also show that the price paid for defending against sensitivity homogeneity attacks is small.展开更多
Automated trust negotiation (ATN) is an approach to establishing mutual trust between strangers wishing to share resources or conduct business by gradually requesting and disclosing digitally signed credentials. In ...Automated trust negotiation (ATN) is an approach to establishing mutual trust between strangers wishing to share resources or conduct business by gradually requesting and disclosing digitally signed credentials. In ATN, there are conflicts between negotiation success and sensitive information protection, that is, these two needs cannot be given priority at the same time, which is a challenging problem to resolve. In this paper, a language independent ATN framework, which is dynamic, flexible and adaptive, is presented to address this problem, ensuring negotiation success without sensitive information leakage. This framework is independent of the policy language which is used. However, the language used should have the capability to specify all kinds of sensitive information appearing in credentials and policies, and support the separation of attribute disclosure from credential disclosure. Thus definitions of new language features, which can be incorporated into existing policy languages, are given, enabling the used language to support the capabilities mentioned above.展开更多
基金Supported bythe Key Project of Ministry of Educationof China(205014)
文摘Although it is convenient to exchange data by publishing view, but it may disclose sensitive information. The problem of how to eliminate information disclosure becomes a core problem in the view publishing process. In order to eliminate information disclosure, deciding view security algorithm and eliminating information disclosure algorithm are proposed, and the validity of the algorithms are proved by experiment. The experimental results showing, deciding view security algorithm can decide the safety of a set of views under prior knowledge, and eliminating information disclosure algorithm can eliminate disclosure efficiently.
基金This work was supported by Key project of Hunan Provincial Education Department(20A191)Hunan teaching research and reform project(2019-134)+3 种基金Cooperative Education Fund of China Ministry of Education(201702113002,201801193119)Hunan Natural Science Foundation(2018JJ2138)Hunan teaching research and reform project(2019)Natural Science Foundation of Hunan Province(2020JJ7007).
文摘A game measurement model considering the attacker’s knowledge background is proposed based on the Bayesian game theory aiming at striking a balance between the protection of sensitive information and the quality of service.We quantified the sensitive level of information according to the user’s personalized sensitive information protection needs.Based on the probability distribution of sensitive level and attacker’s knowledge background type,the strategy combination of service provider and attacker was analyzed,and a game-based sensitive information protection model was constructed.Through the combination of strategies under Bayesian equilibrium,the information entropy was used to measure the leakage of sensitive information.Furthermore,in the paper the influence of the sensitive level of information and the attacker’s knowledge background on the strategy of both sides of the game was considered comprehensively.Further on,the leakage of the user’s sensitive information was measured.Finally,the feasibility of the model was described by experiments.
文摘Privacy preservation has recently received considerable attention for location-based mobile services. A lot of location cloaking approaches focus on identity and location protection, but few algorithms pay attention to prevent sensitive information disclosure using query semantics. In terms of personalized privacy requirements, all queries in a cloaking set, from some user's point of view, are sensitive. These users regard the privacy is breached. This attack is called as the sensitivity homogeneity attack. We show that none of the existing location cloaking approaches can effectively resolve this problem over road networks. We propose a (K, L, P)-anonymity model and a personalized privacy protection cloaking algorithm over road networks, aiming at protecting the identity, location and sensitive information for each user. The main idea of our method is first to partition users into different groups as anonymity requirements. Then, unsafe groups are adjusted by inserting relaxed conservative users considering sensitivity requirements. Finally, segments covered by each group are published to protect location information. The efficiency and effectiveness of the method are validated by a series of carefully designed experiments. The experimental results also show that the price paid for defending against sensitivity homogeneity attacks is small.
文摘Automated trust negotiation (ATN) is an approach to establishing mutual trust between strangers wishing to share resources or conduct business by gradually requesting and disclosing digitally signed credentials. In ATN, there are conflicts between negotiation success and sensitive information protection, that is, these two needs cannot be given priority at the same time, which is a challenging problem to resolve. In this paper, a language independent ATN framework, which is dynamic, flexible and adaptive, is presented to address this problem, ensuring negotiation success without sensitive information leakage. This framework is independent of the policy language which is used. However, the language used should have the capability to specify all kinds of sensitive information appearing in credentials and policies, and support the separation of attribute disclosure from credential disclosure. Thus definitions of new language features, which can be incorporated into existing policy languages, are given, enabling the used language to support the capabilities mentioned above.