云计算环境下支持排名的关键词加密检索方法

随着云计算的出现,越来越多的数据开始集中存储到云端,为了保护数据隐私,敏感数据需要在外包到云端之前进行加密,使在加密数据上进行有效检索成为一个挑战性任务。尽管传统的加密检索模型支持在加密数据上进行关键词检索,但是它们没有描述检索结果的相关度,导致返回所有包含关键词的检索结果占用了大量的网络带宽,并且用户从返回的检索结果中再次选择最相关的结果也会产生大量的时间开销,为此,提出了云计算环境下支持排名的关键词加密检索方法。该方法根据相关度返回排序后的检索结果,其中的保序对称加密模型不仅防止了相关度信息的泄漏,而且提供了高效的检索性能。实验表明了该方法的有效性。     

Privacy preserving friend discovery cross domain scheme using re-encryption in mobile social networks

In order to guarantee the users’ privacy in the process of making friends in the mobile social networks,a new scheme of proxy re-encryption privacy protection in the cross-domain environment was introduced.The scheme employed the cross-domain multi-authority to sharing secret keys,so as to realize the access and shave of the cross-domain users data.And the secret keys of users’ attributes were re-encrypted,based on the technology of the proxy re-encryption and attribute encryption,to achieve the friends matching under the conditions of extending the access policy.Meanwhile,in purpose of enhancing the privacy of users’ data,the technology which contained the separation of users’ privacy ciphertext and secret keys was adopted.Based on that,problems in the existing system such as user data’s inability to be shared cross-cloud,less matching during the process of making friends and users’ inability to make friends when offline had been addressed.Security and experimental analysis show that this scheme can achieve chosen plaintext attack (CPA) security,ensure the privacy of friend discovery,and that is more effective than existing solutions.     

Efficient and privacy-preserving online face authentication scheme

In traditional face authentication system,the trait template and authentication request were generally matched over plaintext,which may lead to the leakage of users’ sensitive data.In order to address the above-mentioned problem,based on matrix encryption,an efficient and privacy-preserving online face authentication scheme was proposed.Specifically,the users’ face trait template for register and the authentication request were encrypted before being sent to the online authentication server,and the similarity computation between the encrypted face trait template and authentication request was computed by the online authentication server over ciphertexts,which guaranteed the security of users’ sensitive data without affecting the accuracy of face authentication.Security analysis shows that the proposed scheme can achieve multiple security levels according to different security parameters.Moreover,performance evaluation shows that the proposed scheme has low computation cost and communication overhead.Experiments results demonstrate the high efficiency of the proposed scheme,which can be implemented in the real environment effectively.     

Dynamic Mix-zone scheme with joint-entropy based metric for privacy-perserving in IoV

Aiming at the weak flexibility and lack of users’ transparency existing in the current Mix-zone schemes for Internet of vehicle (IoV),a dynamic was proposed for Mix-zone construction with traffic adaption,which could construct a Mix-zone for the vehicles dynamically according to the traffic conditions for changing pseudonym at anytime and anywhere.This kind of Mix-zone could achieve privacy-preserving based on the identity and location.In addition,a novel traffic-adaptive metric was presented for classifying the privacy leveled in Mix-zone,which applied the normalization quantitation to measure the degree of Mix-zone’s privacy demanding by the current region.It was verified that the joint entropy-based privacy measuring model and the Mix-zone construction scheme by utilizing the trajectory data of taxis in certain district in Shenzhen city.The experimental shows that the proposed combination entropy-based model could depict the proportional relationship between the traffic scene parameters and the privacy-preserving degrees.The scheme is better in performance over the related methods,and strikes a good balance between location privacy and service usability.     

移动社交网络中基于代理转发机制的轨迹隐私保护方法

K匿名技术是当前轨迹隐私保护的主流方法,但该方法也存在隐私泄露的风险。该文提出一种在移动社交网络中基于代理转发机制(BAFM)的轨迹隐私保护方法。该方法利用安全多方计算和内积安全计算进行隐私加密匹配,通过可信服务器在移动社交网络中找最匹配的用户做代理,然后由代理转发用户的请求到服务器进行查询,隐藏用户的真实轨迹与位置服务器的联系,有效保护用户的轨迹隐私。安全分析表明该方法能有效保护用户的轨迹隐私;同时,通过实验验证该方法相对K匿名更高效,能减小服务器的查询和通信开销。     

Location publishing technology based on differential privacy-preserving for big data services

Aiming at dealing with prospect knowledge and complex combinatorial attack,a new location big data publishing mechanism under differential privacy technology was given.And innovative usability evaluation feedback mechanism was designed.It gave corresponding solution details for the sensitive attributes and the identity recognition to analyze the quality of service,aimed at privacy protecting for location based big data under situations like combination of location information and non-location information and attacker’s arbitrary background knowledge.Simulation results based on different spatial indexing technology proved that the new publishing model has a higher accuracy under specified privacy conditions for the location query service.     

传感器网络中基于路线的隐私保护数据聚集算法

针对现有隐私保护数据聚集算法依赖某种网络拓扑结构和加解密次数过多的问题,本文提出了一种基于同心圆路线的隐私保护数据聚集算法PCIDA （Privacy-preserving and Concentric-circle Itinerary-based Data Aggregation algorithm）.PCIDA沿着设计好的理想路线执行数据聚集,使得算法不依赖网络拓扑结构.PCIDA利用安全通道保证数据的隐私性,避免了数据聚集过程中的加解密运算.PCIDA沿着同心圆并行处理,使得算法数据处理延迟较小.理论分析和实验结果显示,PCIDA在较低通信量和能耗的情况下获得较高的数据隐私性和聚集精确度.     

Federated Quantum Machine Learning

Distributed training across several quantum computers could significantly improve the training time and if we could share the learned model, not the data, it could potentially improve the data privacy as the training would happen where the data is located. One of the potential schemes to achieve this property is the federated learning (FL), which consists of several clients or local nodes learning on their own data and a central node to aggregate the models collected from those local nodes. However, to the best of our knowledge, no work has been done in quantum machine learning (QML) in federation setting yet. In this work, we present the federated training on hybrid quantum-classical machine learning models although our framework could be generalized to pure quantum machine learning model. Specifically, we consider the quantum neural network (QNN) coupled with classical pre-trained convolutional model. Our distributed federated learning scheme demonstrated almost the same level of trained model accuracies and yet significantly faster distributed training. It demonstrates a promising future research direction for scaling and privacy aspects.     

EEPPDA—Edge-enabled efficient privacy-preserving data aggregation in smart healthcare Internet of Things network

The Internet of Things-based smart healthcare provides numerous facilities to patients and medical professionals. Medical professionals can monitor the patient's real-time medical data and diagnose diseases through the medical health history stored in the cloud database. Any kind of attack on the cloud database will result in misdiagnosis of the patients by medical professionals. Therefore, it becomes a primary concern to secure private data. On the other hand, the conventional data aggregation method for smart healthcare acquires immense communication and computational cost. Edge-enabled smart healthcare can overcome these limitations. The paper proposes an edge-enabled efficient privacy-preserving data aggregation (EEPPDA) scheme to secure health data. In the EEPPDA scheme, captured medical data have been encrypted by the Paillier homomorphic cryptosystem. Homomorphic encryption is engaged in the assurance of secure communication. For data transmission from patients to the cloud server (CS), data aggregation is performed on the edge server (ES). Then aggregated ciphertext data are transmitted to the CS. The CS validates the data integrity and analyzes and processes the authenticated aggregated data. The authorized medical professional executes the decryption, then the aggregated ciphertext data are decrypted in plaintext. EEPPDA utilizes the batch verification process to reduce communication costs. Our proposed scheme maintains the privacy of the patient's identity and medical data, resists any internal and external attacks, and verifies the health data integrity in the CS. The proposed scheme has significantly minimized computational complexity and communication overhead concerning the existing approach through extensive simulation.     

Risk assessing and privacy-preserving scheme for privacy leakage in APP

The APP in smartphone contain various third-party services.However,the service providers illegally read the user’s private information.To address this problem,a privacy risk assessing scheme called PRAS was proposed.Firstly,a model was built to assess the risk of privacy leakage,by counting all the permissions acquired by each service providers and considering the non-linear impact of the permissions combination on privacy leakage.Then,by analyzing the balance between service quality and privacy-preserving,an optimal model was used to minimized the risk of private information leakage,and a permission management method was given to protect the privacy information among APP.The experiment results show that PRAS reduces the risk of privacy leakage by an average of 18.5%.