最近有美国公司做了一项调查,显示网民普遍接受个人化网页服务以及网上购物概念,但同时又十分关注网上私隐外泄的问题。其实网上私隐外泄正是 Internet 发展到今天遇到的重大障碍。电脑普及,令更多的个人或重要资讯存放在电脑上。互联...最近有美国公司做了一项调查,显示网民普遍接受个人化网页服务以及网上购物概念,但同时又十分关注网上私隐外泄的问题。其实网上私隐外泄正是 Internet 发展到今天遇到的重大障碍。电脑普及,令更多的个人或重要资讯存放在电脑上。互联网普及,为你的家居开了第二道大门。但似乎网民仍未习惯为这道门装上应有的防盗系统,甚至有些人让中门大开,任人取用电脑上的资料也不惜。在资讯年代,确有需要建立起一套网络使用习惯,以保障自己的私隐不会从指间漏走。就不同外泄资料的渠道,以下是一些可以有效预防的方法。展开更多
Medical institution data compliance is an exogenous product of the digital society,serving as a crucial means to maintain and balance the relationship between data protection and data sharing,as well as individual int...Medical institution data compliance is an exogenous product of the digital society,serving as a crucial means to maintain and balance the relationship between data protection and data sharing,as well as individual interests and public interests.The implementation of the Healthy China Initiative greatly benefits from its practical significance.In practice,data from medical institutions takes varied forms,including personally identifiable data collected before diagnosis and treatment,clinical medical data generated during diagnosis and treatment,medical data collected in public health management,and potential medical data generated in daily life.In the new journey of comprehensively promoting the Chinese path to modernization,it is necessary to clarify the shift from an individual-oriented to a societal-oriented value system,highlighting the reinforcing role of the trust concept.Guided by the principle of minimizing data utilization,the focus is on the new developments and changes in medical institution data in the postpandemic era.This involves a series of measures such as fulfilling the obligation of notification and consent,specifying the scope of data collection and usage,strengthening the standardized use of relevant technical measures,and establishing a sound legal responsibility system for data compliance.Through these measures,a flexible and efficient medical institution data compliance system can be constructed.展开更多
With the increasing popularity of cloud computing,privacy has become one of the key problem in cloud security.When data is outsourced to the cloud,for data owners,they need to ensure the security of their privacy;for ...With the increasing popularity of cloud computing,privacy has become one of the key problem in cloud security.When data is outsourced to the cloud,for data owners,they need to ensure the security of their privacy;for cloud service providers,they need some information of the data to provide high QoS services;and for authorized users,they need to access to the true value of data.The existing privacy-preserving methods can't meet all the needs of the three parties at the same time.To address this issue,we propose a retrievable data perturbation method and use it in the privacy-preserving in data outsourcing in cloud computing.Our scheme comes in four steps.Firstly,an improved random generator is proposed to generate an accurate "noise".Next,a perturbation algorithm is introduced to add noise to the original data.By doing this,the privacy information is hidden,but the mean and covariance of data which the service providers may need remain unchanged.Then,a retrieval algorithm is proposed to get the original data back from the perturbed data.Finally,we combine the retrievable perturbation with the access control process to ensure only the authorized users can retrieve the original data.The experiments show that our scheme perturbs date correctly,efficiently,and securely.展开更多
In cyberspace security,the privacy in location-based services(LBSs) becomes more critical. In previous solutions,a trusted third party(TTP) was usually employed to provide disturbance or obfuscation,but it may become ...In cyberspace security,the privacy in location-based services(LBSs) becomes more critical. In previous solutions,a trusted third party(TTP) was usually employed to provide disturbance or obfuscation,but it may become the single point of failure or service bottleneck. In order to cope with this drawback,we focus on another important class,establishing anonymous group through short-range communication to achieve k-anonymity with collaborative users. Along with the analysis of existing algorithms,we found users in the group must share the same maximum anonymity degree,and they could not ease the process of preservation in a lower one. To cope with this problem,we proposed a random-QBE algorithm to put up with personalized anonymity in user collaboration algorithms,and this algorithm could preserve both query privacy and location privacy. Then we studied the attacks from passive and active adversaries and used entropy to measure user's privacy level. Finally,experimental evaluations further verify its effectiveness and efficiency.展开更多
While Big Data gradually become a hot topic of research and business and has been everywhere used in many industries, Big Data security and privacy has been increasingly concerned. However, there is an obvious contrad...While Big Data gradually become a hot topic of research and business and has been everywhere used in many industries, Big Data security and privacy has been increasingly concerned. However, there is an obvious contradiction between Big Data security and privacy and the widespread use of Big Data. In this paper, we firstly reviewed the enormous benefits and challenges of security and privacy in Big Data. Then, we present some possible methods and techniques to ensure Big Data security and privacy.展开更多
Privacy-preserving data publishing (PPDP) is one of the hot issues in the field of the network security. The existing PPDP technique cannot deal with generality attacks, which explicitly contain the sensitivity atta...Privacy-preserving data publishing (PPDP) is one of the hot issues in the field of the network security. The existing PPDP technique cannot deal with generality attacks, which explicitly contain the sensitivity attack and the similarity attack. This paper proposes a novel model, (w,γ, k)-anonymity, to avoid generality attacks on both cases of numeric and categorical attributes. We show that the optimal (w, γ, k)-anonymity problem is NP-hard and conduct the Top-down Local recoding (TDL) algorithm to implement the model. Our experiments validate the improvement of our model with real data.展开更多
Privacy is becoming one of the most notable challenges threatening wireless sensor networks(WSNs).Adversaries may use RF(radio frequency) localization techniques to perform hop-by-hop trace back to the source sensor&#...Privacy is becoming one of the most notable challenges threatening wireless sensor networks(WSNs).Adversaries may use RF(radio frequency) localization techniques to perform hop-by-hop trace back to the source sensor's location.A multiple k-hop clusters based routing strategy(MHCR) is proposed to preserve source-location privacy as well as enhance energy efficiency for WSNs.Owing to the inherent characteristics of intra-cluster data aggregation,each sensor of the interference clusters is able to act as a fake source to confuse the adversary.Moreover,dummy traffic could be filtered efficiently by the cluster heads during the data aggregation,ensuring no energy consumption be burdened in the hotspot of the network.Through careful analysis and calculation on the distribution and the number of interference clusters,energy efficiency is significantly enhanced without reducing the network lifetime.Finally,the security and delay performance of MHCR scheme are theoretically analyzed.Extensive analysis and simulation results demonstrate that MHCR scheme can improve both the location privacy security and energy efficiency markedly,especially in large-scale WSNs.展开更多
Demand response has been intensively studied in recent years. It can motivate customers to change their consumption patterns according to the dynamic(time-varying) electricity price, which is considered to be the most...Demand response has been intensively studied in recent years. It can motivate customers to change their consumption patterns according to the dynamic(time-varying) electricity price, which is considered to be the most cost-effective and reliable solution for smoothing the demand curve. However, many existing schemes, based on users' demand request in each period, require users to consume their requested electricity exactly, which sometimes causes inconvenience and losses to the utility, because customers cannot always be able to consume the accurate electricity demand due to various personal reasons. In this paper, we tackle this problem in a novel approach. Instead of charging after consumption, we adopt the prepayment mechanism to implement power request. Furthermore, we propose a trading market running by the control center to cope with the users' dynamic demand. It is noteworthy that both users' original demand and trading records are protected against potential adversaries including the curious control center. Through the numerical simulation, we demonstrate that our scheme is highly efficient in both computation and communication.展开更多
Location-aware applications have been used widely with the assistance of the latest positioning features in Smart Phone such as GPS,AGPS,etc.However,all the existing applications gather users' geographical data an...Location-aware applications have been used widely with the assistance of the latest positioning features in Smart Phone such as GPS,AGPS,etc.However,all the existing applications gather users' geographical data and transfer them into the pertinent information to give meaning and value.For this kind of solutions,the user's privacy and security issues might be raised because the geographical location has to be exposed to the service provider.A novel and practical solution is proposed in this article to provide the relative location of two mobile users based on their WiFi scanned results without any additional sensors.There is no privacy concern in this solution because end users will not collect and send any sensitive information to the server.This solution adopts a Client/Server(C/S) architecture,where the mobile user as a client reports the ambient WiFi APs and the server calculates the distances based on the WiFi AP's topological relationships.A series of technologies are explored to improve the accuracy of the estimated distance and the corresponding algorithms are proposed.We also prove the feasibility with the prototype of "Circle Your Friends" System(CYFS) on Android phone which lets the mobile user know the distance between him and his social network friends.展开更多
The year of 2011 is considered the first year of big data market in China.Compared with the global scale,China's big data growth will be faster than the global average growth rate,and China will usher in the rapid...The year of 2011 is considered the first year of big data market in China.Compared with the global scale,China's big data growth will be faster than the global average growth rate,and China will usher in the rapid expansion of big data market in the next few years.This paper presents the overall big data development in China in terms of market scale and development stages,enterprise development in the industry chain,the technology standards,and industrial applications.The paper points out the issues and challenges facing big data development in China and proposes to make polices and create support approaches for big data transactions and personal privacy protection.展开更多
文摘最近有美国公司做了一项调查,显示网民普遍接受个人化网页服务以及网上购物概念,但同时又十分关注网上私隐外泄的问题。其实网上私隐外泄正是 Internet 发展到今天遇到的重大障碍。电脑普及,令更多的个人或重要资讯存放在电脑上。互联网普及,为你的家居开了第二道大门。但似乎网民仍未习惯为这道门装上应有的防盗系统,甚至有些人让中门大开,任人取用电脑上的资料也不惜。在资讯年代,确有需要建立起一套网络使用习惯,以保障自己的私隐不会从指间漏走。就不同外泄资料的渠道,以下是一些可以有效预防的方法。
文摘Medical institution data compliance is an exogenous product of the digital society,serving as a crucial means to maintain and balance the relationship between data protection and data sharing,as well as individual interests and public interests.The implementation of the Healthy China Initiative greatly benefits from its practical significance.In practice,data from medical institutions takes varied forms,including personally identifiable data collected before diagnosis and treatment,clinical medical data generated during diagnosis and treatment,medical data collected in public health management,and potential medical data generated in daily life.In the new journey of comprehensively promoting the Chinese path to modernization,it is necessary to clarify the shift from an individual-oriented to a societal-oriented value system,highlighting the reinforcing role of the trust concept.Guided by the principle of minimizing data utilization,the focus is on the new developments and changes in medical institution data in the postpandemic era.This involves a series of measures such as fulfilling the obligation of notification and consent,specifying the scope of data collection and usage,strengthening the standardized use of relevant technical measures,and establishing a sound legal responsibility system for data compliance.Through these measures,a flexible and efficient medical institution data compliance system can be constructed.
基金supported in part by NSFC under Grant No.61172090National Science and Technology Major Project under Grant 2012ZX03002001+3 种基金Research Fund for the Doctoral Program of Higher Education of China under Grant No.20120201110013Scientific and Technological Project in Shaanxi Province under Grant(No.2012K06-30, No.2014JQ8322)Basic Science Research Fund in Xi'an Jiaotong University(No. XJJ2014049,No.XKJC2014008)Shaanxi Science and Technology Innovation Project (2013SZS16-Z01/P01/K01)
文摘With the increasing popularity of cloud computing,privacy has become one of the key problem in cloud security.When data is outsourced to the cloud,for data owners,they need to ensure the security of their privacy;for cloud service providers,they need some information of the data to provide high QoS services;and for authorized users,they need to access to the true value of data.The existing privacy-preserving methods can't meet all the needs of the three parties at the same time.To address this issue,we propose a retrievable data perturbation method and use it in the privacy-preserving in data outsourcing in cloud computing.Our scheme comes in four steps.Firstly,an improved random generator is proposed to generate an accurate "noise".Next,a perturbation algorithm is introduced to add noise to the original data.By doing this,the privacy information is hidden,but the mean and covariance of data which the service providers may need remain unchanged.Then,a retrieval algorithm is proposed to get the original data back from the perturbed data.Finally,we combine the retrievable perturbation with the access control process to ensure only the authorized users can retrieve the original data.The experiments show that our scheme perturbs date correctly,efficiently,and securely.
基金supported by the National Natural Science Foundation of China (Grant No.61472097)the Specialized Research Fund for the Doctoral Program of Higher Education(Grant No.20132304110017)+1 种基金the Natural Science Foundation of Heilongjiang Province of China (Grant No.F2015022)the Fujian Provincial Key Laboratory of Network Security and Cryptology Research Fund (Fujian Normal University) (No.15003)
文摘In cyberspace security,the privacy in location-based services(LBSs) becomes more critical. In previous solutions,a trusted third party(TTP) was usually employed to provide disturbance or obfuscation,but it may become the single point of failure or service bottleneck. In order to cope with this drawback,we focus on another important class,establishing anonymous group through short-range communication to achieve k-anonymity with collaborative users. Along with the analysis of existing algorithms,we found users in the group must share the same maximum anonymity degree,and they could not ease the process of preservation in a lower one. To cope with this problem,we proposed a random-QBE algorithm to put up with personalized anonymity in user collaboration algorithms,and this algorithm could preserve both query privacy and location privacy. Then we studied the attacks from passive and active adversaries and used entropy to measure user's privacy level. Finally,experimental evaluations further verify its effectiveness and efficiency.
文摘While Big Data gradually become a hot topic of research and business and has been everywhere used in many industries, Big Data security and privacy has been increasingly concerned. However, there is an obvious contradiction between Big Data security and privacy and the widespread use of Big Data. In this paper, we firstly reviewed the enormous benefits and challenges of security and privacy in Big Data. Then, we present some possible methods and techniques to ensure Big Data security and privacy.
基金supported in part by Research Fund for the Doctoral Program of Higher Education of China(No.20120009110007)Program for Innovative Research Team in University of Ministry of Education of China (No.IRT201206)+3 种基金Program for New Century Excellent Talents in University(NCET-110565)the Fundamental Research Funds for the Central Universities(No.2012JBZ010)the Open Project Program of Beijing Key Laboratory of Trusted Computing at Beijing University of TechnologyBeijing Higher Education Young Elite Teacher Project(No. YETP0542)
文摘Privacy-preserving data publishing (PPDP) is one of the hot issues in the field of the network security. The existing PPDP technique cannot deal with generality attacks, which explicitly contain the sensitivity attack and the similarity attack. This paper proposes a novel model, (w,γ, k)-anonymity, to avoid generality attacks on both cases of numeric and categorical attributes. We show that the optimal (w, γ, k)-anonymity problem is NP-hard and conduct the Top-down Local recoding (TDL) algorithm to implement the model. Our experiments validate the improvement of our model with real data.
基金Project(2013DFB10070)supported by the International Science & Technology Cooperation Program of ChinaProject(2012GK4106)supported by the Hunan Provincial Science & Technology Program,ChinaProject(12MX15)supported by the Mittal Innovation Project of Central South University,China
文摘Privacy is becoming one of the most notable challenges threatening wireless sensor networks(WSNs).Adversaries may use RF(radio frequency) localization techniques to perform hop-by-hop trace back to the source sensor's location.A multiple k-hop clusters based routing strategy(MHCR) is proposed to preserve source-location privacy as well as enhance energy efficiency for WSNs.Owing to the inherent characteristics of intra-cluster data aggregation,each sensor of the interference clusters is able to act as a fake source to confuse the adversary.Moreover,dummy traffic could be filtered efficiently by the cluster heads during the data aggregation,ensuring no energy consumption be burdened in the hotspot of the network.Through careful analysis and calculation on the distribution and the number of interference clusters,energy efficiency is significantly enhanced without reducing the network lifetime.Finally,the security and delay performance of MHCR scheme are theoretically analyzed.Extensive analysis and simulation results demonstrate that MHCR scheme can improve both the location privacy security and energy efficiency markedly,especially in large-scale WSNs.
基金supported by the National Key Research and Development Plan of China under Grant No.2016YFB0800301the Fund of Science and Technology on Communication Networks Laboratory under Grant No.KX162600024Youth Innovation Promotion Association CAS under Grant No.2016394
文摘Demand response has been intensively studied in recent years. It can motivate customers to change their consumption patterns according to the dynamic(time-varying) electricity price, which is considered to be the most cost-effective and reliable solution for smoothing the demand curve. However, many existing schemes, based on users' demand request in each period, require users to consume their requested electricity exactly, which sometimes causes inconvenience and losses to the utility, because customers cannot always be able to consume the accurate electricity demand due to various personal reasons. In this paper, we tackle this problem in a novel approach. Instead of charging after consumption, we adopt the prepayment mechanism to implement power request. Furthermore, we propose a trading market running by the control center to cope with the users' dynamic demand. It is noteworthy that both users' original demand and trading records are protected against potential adversaries including the curious control center. Through the numerical simulation, we demonstrate that our scheme is highly efficient in both computation and communication.
基金supported by HONG KONG RGC and HONG KONG PolyU under the Grant G-U752/PolyU5103/09Ethe National Natural Science Foundation of Chinaunder Grant No.61003040,No.61202354
文摘Location-aware applications have been used widely with the assistance of the latest positioning features in Smart Phone such as GPS,AGPS,etc.However,all the existing applications gather users' geographical data and transfer them into the pertinent information to give meaning and value.For this kind of solutions,the user's privacy and security issues might be raised because the geographical location has to be exposed to the service provider.A novel and practical solution is proposed in this article to provide the relative location of two mobile users based on their WiFi scanned results without any additional sensors.There is no privacy concern in this solution because end users will not collect and send any sensitive information to the server.This solution adopts a Client/Server(C/S) architecture,where the mobile user as a client reports the ambient WiFi APs and the server calculates the distances based on the WiFi AP's topological relationships.A series of technologies are explored to improve the accuracy of the estimated distance and the corresponding algorithms are proposed.We also prove the feasibility with the prototype of "Circle Your Friends" System(CYFS) on Android phone which lets the mobile user know the distance between him and his social network friends.
文摘The year of 2011 is considered the first year of big data market in China.Compared with the global scale,China's big data growth will be faster than the global average growth rate,and China will usher in the rapid expansion of big data market in the next few years.This paper presents the overall big data development in China in terms of market scale and development stages,enterprise development in the industry chain,the technology standards,and industrial applications.The paper points out the issues and challenges facing big data development in China and proposes to make polices and create support approaches for big data transactions and personal privacy protection.
