Detailed Description
It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The main solution of the embodiment of the invention is as follows: confirming the position of a user, and acquiring a user interest point in a preset environment range according to the position of the user; counting the distribution density of the interest points of the user in the preset environment range; determining a protection budget according to the counted interest point distribution density, and calculating a disturbance position point corresponding to the user position by a preset differential privacy protection algorithm based on the protection budget; and processing the generated disturbance position point by using a preset edge processing node and uploading the disturbance position point to a preset cloud server.
Because the traditional privacy protection technology facing edge computing in the prior art is difficult to be applied to an edge computing environment, the position privacy based on edge computing has no privacy protection mechanism capable of realizing the position privacy protection effect, and the technical problem of low safety caused by the fact that the position privacy protection effect is not strong and the privacy position is easy to leak is solved.
The invention provides a solution, which generates a disturbance position point by limiting a privacy processing flow from a user position in an environment range in a limited mode, so as to obtain environment data based on the disturbance position point by a user initiating a query service, and in addition, when the user initiates a service request based on an edge environment position, the user sends the environment range based on the disturbance position point in a disturbance position point mode, thereby realizing the beneficial effect of the user based on position privacy protection by the application of the disturbance position point.
As shown in fig. 1, fig. 1 is a schematic diagram of a terminal \ device structure of a hardware operating environment according to an embodiment of the present invention.
The terminal of the embodiment of the invention can be a PC, and can also be a mobile or non-mobile terminal device such as a smart phone, a tablet computer, an electronic book reader, a portable computer and the like.
As shown in fig. 1, the terminal may include: a processor 1001, such as a CPU, a network interface 1004, a user interface 1003, a memory 1005, a communication bus 1002. Wherein a communication bus 1002 is used to enable connective communication between these components. The user interface 1003 may include a Display screen (Display), an input unit such as a Keyboard (Keyboard), and the optional user interface 1003 may also include a standard wired interface, a wireless interface. The network interface 1004 may optionally include a standard wired interface, a wireless interface (e.g., WI-FI interface). The memory 1005 may be a high-speed RAM memory or a non-volatile memory (e.g., a magnetic disk memory). The memory 1005 may alternatively be a storage device separate from the processor 1001.
Those skilled in the art will appreciate that the terminal structure shown in fig. 1 is not intended to be limiting and may include more or fewer components than those shown, or some components may be combined, or a different arrangement of components.
As shown in fig. 1, a memory 1005, which is a type of computer storage medium, may include an operating system, a network communication module, a user interface module, and a dynamic location privacy preserving application in a marginal computing environment.
In the terminal shown in fig. 1, the network interface 1004 is mainly used for connecting to a backend server and performing data communication with the backend server; the user interface 1003 is mainly used for connecting a client (user side) and performing data communication with the client; and the processor 1001 may be configured to invoke the dynamic location privacy preserving application in the edge computing environment stored in the memory 1005 and perform the following operations:
confirming the position of a user, and acquiring a user interest point in a preset environment range according to the position of the user;
counting the distribution density of the interest points of the user in the preset environment range;
determining a protection budget according to the counted interest point distribution density, and calculating a disturbance position point corresponding to the user position by a preset differential privacy protection algorithm based on the protection budget;
and processing the generated disturbance position point by using a preset edge processing node and uploading the disturbance position point to a preset cloud server.
Further, the processor 1001 may invoke a dynamic location privacy preserving application in an edge computing environment stored in the memory 1005, and further perform the following operations:
receiving user access information, and determining the position of a user according to the user access information;
and generating user interest points according to the user positions in a preset format.
Further, the processor 1001 may invoke a dynamic location privacy preserving application in an edge computing environment stored in the memory 1005, and further perform the following operations:
determining a density grade according to the density condition of the distribution density of the interest points;
and determining the corresponding protection budget according to the determined density level.
Further, the processor 1001 may invoke a dynamic location privacy preserving application in an edge computing environment stored in the memory 1005, and further perform the following operations:
receiving a service request of a user based on location service, and judging a corresponding service request type of the service request of the location service, wherein the service request type comprises an independent request and an associated request;
and determining a corresponding preset edge processing node according to the service request type.
Further, the processor 1001 may invoke a dynamic location privacy preserving application in an edge computing environment stored in the memory 1005, and further perform the following operations:
and issuing a processing task to the determined preset edge processing node.
Further, the processor 1001 may invoke a dynamic location privacy preserving application in an edge computing environment stored in the memory 1005, and further perform the following operations:
and counting the processing tasks and issuing the processing tasks to preset edge processing nodes according to the processing tasks, wherein the preset edge processing nodes may comprise one or more than one according to the processing tasks and the processing capacity of the edge processing nodes.
Further, the processor 1001 may invoke a dynamic location privacy preserving application in an edge computing environment stored in the memory 1005, and further perform the following operations:
when receiving a query service request, acquiring a query range based on the query service request;
and calculating a query area based on the disturbance position point through the preset edge processing node by taking the query range as a parameter, and returning the searched query area.
Referring to fig. 2, fig. 2 is a schematic flowchart of a first embodiment of a dynamic location privacy protection method in an edge computing environment according to the present invention, where the dynamic location privacy protection method in the edge computing environment includes:
step S10, confirming the position of a user, and acquiring the interest point of the user in a preset environment range according to the position of the user;
and confirming the user position of the user through the terminal application of the current user based on the position. Because the user position is based on the terminal application with the positioning function, when confirming the user position, the user position can be determined based on the network access information of the current application terminal of the user, namely, the user position is confirmed, and the user interest point in the preset environment range is obtained according to the user position, the method also comprises the following steps:
receiving user access information, and determining the position of a user according to the user access information;
and generating user interest points according to the user positions in a preset format.
The method comprises the steps of receiving user access information based on network application in a current preset environment range, wherein the user access information is terminal information connected by a user based on the terminal application, and in practical application, when the terminal is accessed to a network, equipment parameters of the terminal are generally acquired according to a network access protocol of the current application network, wherein the equipment parameters may further include user information logged in by the current user application terminal. In addition, according to the currently received user access information, the user access information is analyzed to determine the position of the user based on the user access information.
As described above, according to the currently confirmed user position, the user interest point needs to be determined based on the user position. The user points of interest may be initiated based on user point of interest gathering requirements of the current edge environment. Therefore, when the user interest point is registered, the current user application terminal is accessed to the network in the preset environment range to realize network connection, so that the user application terminal realizes network application through network connection, and the network captures the user interest information through the accessed user application terminal and the user application terminal based on network connection, thereby realizing the capture and collection of the user interest point. Further, based on the currently determined user location and the operation of the user interest points generated by the user location, in practical applications, the manner of generating the user interest points based on the user location may be generated based on a currently set preset format, the preset format may be set according to a user privacy algorithm of the current edge environment, and based on the current big data era, the user interest points generated based on the user location may include, but are not limited to, user application information.
Step S20, counting the interest point distribution density of the user interest points in the preset environment range;
and determining the interest point distribution density of the user interest points in the preset environment range based on the user position according to the user interest points generated by the user position at present. Furthermore, compared with cloud computing, edge computing is generally located indoors and is a distributed computing structure, the edge computing structure is closer to the edge side of a network, the environment is more complex, more wireless technologies are used for transmission, and the number of interest points in a limited environment is represented to a great extentThe number of users in the current range. In the embodiment of the invention, a user uses terminal equipment to sense the current environment through wireless Wi-Fi, and uploads the position density distribution of the user and the type of the requested position service to an LBS cloud server. The invention adopts the distribution density of the interest points to determine the user distribution density under the current environment, the distribution density information of the interest points is generally determined by the number of Access Points (APs) in a specified range, and Wi-FiMac addresses are adopted as the unique identification of the user ID. For example, a mobile user in an indoor environment is defined to send a location distribution sensing request Q to an LBS cloud server through a secure connection channel by using an intelligent terminalL(u, r, task, t). Wherein u represents the user identification, a terminal Wi-FiMac address is used as a unique identification, r represents the radius of the query range expected by the user for submitting the LBS query request, task represents the query content of the user request, and t represents the request Q submitted by the userLTime of (d). The LBS cloud server takes delta r-r + rand (random number of 0-5) as the number N of APs in a radius range around the AP according to the current access of the user submitting the requestPOICalculating the distribution density rho of interest points around the userPOI,
The LBS cloud server obtains (u, p) according to calculationpoiT) matching cloud preset experience "ppoiAnd extracting the corresponding value range belonging to the mapping table.
Step S30, determining a protection budget according to the counted interest point distribution density, and calculating a disturbance position point corresponding to the user position by a preset differential privacy protection algorithm based on the protection budget;
determining a protection budget according to the determined distribution density of the interest points, wherein when determining the protection budget based on the distribution density of the interest points, the protection budget needs to be determined based on a preset density level, that is, the protection budget is determined according to the counted distribution density of the interest points, and a disturbance position point corresponding to the user position is calculated by a preset differential privacy protection algorithm based on the protection budget, and the method further includes:
determining a density grade according to the density condition of the distribution density of the interest points;
and determining the corresponding protection budget according to the determined density level.
The method comprises the steps of determining the density grade of the interest point distribution density based on the interest point distribution density in the current preset environment range, wherein the density grade can be determined based on a preset density determination step, the preset density determination step can be set based on a privacy protection mechanism of a current edge environment algorithm, and thus, according to the density grade determined according to the density condition of the determined interest point distribution density, a corresponding protection budget is determined according to the density grade, and the protection budget is the calculation grade of the privacy protection algorithm for calculating the interest points of a user at present. In practical application, the LBS cloud server is generally used for data determination, the LBS cloud server unloads tasks to relevant edge processing nodes according to the interest point distribution density (POI) determined in step S10 and the requested location service type information, and issues different DP protection budgets to the side according to the distribution status of the interest points in the environment where the user is located, and dynamic lightweight location privacy protection is provided by using the end cloud in cooperation with the overall architecture. In general, the greater the distribution density of the interest points in the region, the greater the privacy protection strength required to be met, and the smaller the value of the DP protection budget e.
As described above, according to the determined distribution density of the interest points and the protection budget determined based on the distribution density of the interest points, the disturbance location point corresponding to the user location is calculated based on the protection budget by using a preset differential privacy protection algorithm, in practical application, the user terminal device processes location data by using a lightweight privacy processing technology, namely a differential privacy protection technology, and allocates the DP protection budget e fed back by the LBS cloud server to the privacy protection with the maximum intensity of the current location of the user, so that the privacy disclosure risk is effectively reduced, and the acquired service quality is ensured. When a plurality of users request services, different users allocate different DP protection budgets, and collusion attack initiated by edge processing node collusion can be effectively prevented. The processing of location data for its differential privacy protection technique may be as follows:
the LBS cloud server unloads the response task to the relevant edge processing node according to the type (independent/associated) of the task judgment request service, and a single edge processing node is responsible for one type of service processing. Meanwhile, the LBS cloud server transmits the value range belonging to the element extracted by the S1 to the user mobile terminal, the Laplace mechanism adds random noise obeying Laplace distribution to the exact query result to realize protection belonging to the element-DP, and the probability density function of the Laplace distribution is as follows:
the distribution of the protection budget can be seen in fig. 3, and fig. 3 is a schematic diagram of a Laplace probability density function. From Laplace distributions (as shown in fig. 3) with different protection budgets, it can be seen that the smaller the value of e is, the more effective the disturbance position is, and the greater the privacy protection strength is.
Aiming at the response task of the associated service, the combined property of a differential privacy protection algorithm is adopted, a combined DP mechanism is executed, and an algorithm M is arranged1,M2,...MnAssigning users different privacy preserving budgets e within a given e range1,∈2,....∈nProviding the userAnd (4) protecting.
And the user terminal performs privacy protection processing on the real position data of the user by adopting a DP protection technology according to the value range belonging to the feedback of the distribution density of the interest points of the user at the current position of the user through the cloud. DP protection technology is a privacy definition that c.dwork in 2006 addresses the issue of privacy disclosure of statistical databases, with the advantage that it can fully prove security in theory, without considering any possible background knowledge that an attacker possesses. The differential privacy is continuously developed and perfected in theory, and is widely applied to the fields of statistics, data mining, social networks, machine learning, internet of things and the like. Geo-indestructibility, proposed by ME andres et al, in 2013, will differentiate privacyThe application of protection technology in the field of location privacy protection has pushed a new height. The invention adopts a Laplace mechanism to provide the user with the real position Lu=(xu,yu) Adding random noise generation satisfying DP idea obeying Laplace distributionPAnd (x ', y') to implement e-DP protection of the position data, and the establishment of the indoor position coordinate system and the position mapping process involved in the process are not discussed.
Suppose an attacker has some prior distribution knowledge about the user's true location distribution, denoted as pi (L)u) The probability distribution of the position disturbance can also be knownIf the attacker observes the disturbance location L at this timepThen, the posterior distribution knowledge of the real position of the user can be predicted by using the Bayesian rule (formula (3)), and the difference sigma (L) of the two can be comparedu)/π(Lu) To determine the true position for the user.
Defined according to DP, the location of the generated disturbance LpThe requirements are satisfied:
if two different user positions L are in the same spaceuAnd Lu'Mapping the disturbance positions to the same disturbance position L with extremely similar probabilities after disturbancepThen the attacker cannot follow the observed perturbation position LpTo accurately map LuWith other Lu'To distinguish them. The principle of epsilon-DP can be proved to limit the effect of attacker background knowledge to a controllable range, no matter whether the attacker possesses any prior distribution knowledge pi (L)u) The posterior distribution knowledge obtained by the user always meets the following requirements:
ideally e is 0,a ratio sigma (L) of a priori distribution knowledge to a posteriori distribution knowledge mastered by an attackeru)/π(Lu) 1, cannot be distinguished by differentiation, and the true location information for use is fully protected.
The invention refers to the real position L of the useru=(xu,yu) Converting the signal into a polar coordinate form and then adding noise to generate a disturbance position LP=(x',y'):
X'=Xu+Lap_noise*cosθ;
Y’=Yu+Lap_noise*sinθ
Wherein theta is any random number between [0,2 pi ], Lap _ noise is two-dimensional Laplace noise, and the probability density function is as follows:
wherein X0,X∈R2Representing two different position points in the same two-dimensional space, with the probability density function being represented by X0As a center, the specific variation thereof can be shown in fig. 4, and fig. 4 is a schematic diagram of the variation of the two-dimensional Laplace probability density function.
The projection of the two-dimensional Laplace distribution on any vertical plane passing through the center is linear Laplace distribution, the concept of belonging to the E-DP is completely met, the privacy processing method realized by the method also meets the constraint of belonging to the E-DP and is protected by the principle of belonging to the DP. And finally, sending the position data of the disturbed user after the DP protection processing at the stage to a relevant edge computing processing node of the service response, and waiting for the disturbed user to feed back a service inquiry result.
And step S40, processing the generated disturbance location point with a preset edge processing node and uploading the processed disturbance location point to a preset cloud server.
And transmitting the disturbance position point to a preset edge processing node based on the disturbance position point obtained by calculating the user interest point by the current preset differential privacy protection algorithm, so that the preset edge processing node processes the disturbance position point to improve the privacy protection mechanism of the user position based on the disturbance position point. As described above, in practical applications, based on the processing capability of the edge processing node, when the perturbation position point is processed by a preset edge processing node, the step of determining the corresponding edge processing node of the currently processed perturbation position point based on the location service type information of the privacy protection mechanism initiated based on the user location in the current preset environment range, that is, processing the generated perturbation position point by the preset edge processing node and uploading the perturbation position point to a preset cloud server, further includes:
receiving a service request of a user based on location service, and judging a corresponding service request type of the service request of the location service, wherein the service request type comprises an independent request and an associated request;
and determining a corresponding preset edge processing node according to the service request type.
In practical application, considering the privacy processing task amount of a disturbed location point, a general edge processing node is divided into an independent edge processing node and a related edge processing node according to the current processable task type, namely a service request based on the current user location service, the independent computing request of the edge processing node needs to be processed by a preset independent edge processing node, the related computing request needs to be processed by a preset related edge processing node to realize the processing request of user interest points with different request types, the user interest privacy processing request is initiated when the user interest points in a preset environment range are obtained to realize the grabbing of the user interest points in the preset environment range, and further a user location privacy protection mechanism is realized, thus, the user location service request based on the location service is initiated when the current user interest points are obtained, after the user location is calculated as a disturbance location point, the step of issuing the disturbance location point to a preset edge processing node according to the request type of the service request of the location service, that is, determining a corresponding preset edge processing node according to the service request type, further includes:
and issuing a processing task to the determined preset edge processing node.
Determining a preset edge processing node corresponding to a target according to a received service request of a user based on location service, and issuing a calculated disturbance location point to the preset edge processing node for processing, wherein when issuing the disturbance location point, a processing task based on calculation of the disturbance location point is involved, that is, the processing task based on calculation of the disturbance location point is issued to the corresponding preset edge processing node, and further, considering the situation that the processing task amount is taken into consideration to improve the calculation efficiency, the step of receiving the issued processing task based on the processing capability of the preset edge processing node, that is, issuing the processing task to the determined preset edge processing node, further comprises:
and counting the processing tasks and issuing the processing tasks to preset edge processing nodes according to the processing tasks, wherein the preset edge processing nodes may comprise one or more than one according to the processing tasks and the processing capacity of the edge processing nodes.
When a preset edge processing node is used for processing a disturbance position point, processing tasks need to be issued based on the processing capacity of the current edge processing node, and the issuing application needs to be issued based on the maximum processing efficiency, so that the processing capacity of the target preset edge processing node is determined, and the tasks of the edge processing node are issued according to the processing capacity and the amount of the processing tasks, and thus, when the processing task of the disturbance position point is large, the corresponding preset edge processing node may include one or more processing tasks.
As described above, the step of processing the calculated disturbance location point based on the edge processing node, where the edge processing node performs the environment range calculation for the user query service based on the disturbance location point when processing the disturbance location point, that is, the step of processing the generated disturbance location point by the preset edge processing node and uploading the generated disturbance location point to the preset cloud server only based on the disturbance location point when the edge processing node processes the disturbance location point and is based on the query request initiated by the current user when processing the disturbance location point, further includes:
when receiving a query service request, acquiring a query range based on the query service request;
and calculating a query area based on the disturbance position point through the preset edge processing node by taking the query range as a parameter, and returning the searched query area.
Based on the edge node processing operation, the cloud server receives an inquiry service request initiated by a user, determines an inquiry range according to the inquiry service request, wherein the inquiry range is based on the inquiry condition initiated by the current inquiry address and the inquiry requirement content, therefore, when the inquiry service request is received, the inquiry range of the inquiry service request needs to be determined, determines a disturbance position point of a target according to the inquiry range, and further processes the inquiry result of the point based on the disturbance position by using a preset edge processing node, namely, the disturbance position point is used as the inquiry range to enable the preset edge processing node to process the disturbance position point, the processing result comprises an inquiry area based on the disturbance position point and area information based on the inquiry area, the area information content of the area information is generated based on the inquiry service request, and in the practical application, the relevant edge processing receives the user location information uploaded in the step S3 and performs service feedback in cooperation with the cloud, and meanwhile stores the query service in a cache region for quick response of similar service requests. In order to ensure the integrity of the service, the Lap _ noise described in S3 is added on the basis of the radius r of the query range expected by the user submitting the LBS query request at this stage of the present invention, the query range is expanded to ensure the integrity of the result, the schematic effect of the comparison of the query range before and after disturbance is as shown in fig. 5, and fig. 5 is a schematic effect diagram of the comparison of the query range before and after disturbance.
Wherein L isrQuery range, L, with r as radius, initiated for user's true location pointpInitiating with R (R + Lap) for DP perturbation position pointnoise) The query range of the radius is the query range of the radius, so that the query range fed back by the disturbance position always completely contains the real position point of the user no matter where the disturbance position is locatedAnd in the query range, the integrity of the query result is ensured, and the user filters and selects after obtaining the feedback of the query result, deletes the wrong query result and obtains the required service.
In the embodiment, the privacy processing flow is limited, the disturbance position point is generated in a limited mode according to the user position in the environment range, so that the environment data based on the disturbance position point is obtained by initiating the query service through the user, in addition, when the user initiates the service request based on the edge environment position, the environment range based on the disturbance position point is also sent through the user based on the disturbance position point, and further, the beneficial effect of the user based on the position privacy protection is realized through the application of the disturbance position point.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or system. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or system that comprises the element.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium (e.g., ROM/RAM, magnetic disk, optical disk) as described above and includes instructions for enabling a terminal device (e.g., a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method according to the embodiments of the present invention.
The above description is only a preferred embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes, which are made by using the contents of the present specification and the accompanying drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.