CN105246072A - User position privacy protection method under road network environment and system thereof - Google Patents

User position privacy protection method under road network environment and system thereof Download PDF

Info

Publication number
CN105246072A
CN105246072A CN201510550941.7A CN201510550941A CN105246072A CN 105246072 A CN105246072 A CN 105246072A CN 201510550941 A CN201510550941 A CN 201510550941A CN 105246072 A CN105246072 A CN 105246072A
Authority
CN
China
Prior art keywords
section
anonymous
user
district
road network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510550941.7A
Other languages
Chinese (zh)
Other versions
CN105246072B (en
Inventor
周非
檀童和
范馨月
李志立
苏艳涛
李双双
叶志龙
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chongqing University of Post and Telecommunications
Original Assignee
Chongqing University of Post and Telecommunications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chongqing University of Post and Telecommunications filed Critical Chongqing University of Post and Telecommunications
Priority to CN201510550941.7A priority Critical patent/CN105246072B/en
Publication of CN105246072A publication Critical patent/CN105246072A/en
Application granted granted Critical
Publication of CN105246072B publication Critical patent/CN105246072B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention provides a user position privacy protection method under the road network environment and a system thereof, and relates to mobile terminal position safety. According to method, position privacy and inquiring privacy of a mobile communication terminal are considered, road segment diversity is considered in the aspect of position privacy, and sensitive inquiring privacy is protected by setting the upper limit value of probability of sensitive inquiring. Voronoi graph partition is performed on a road network according to node dimension and the minimal road segment requirement of an anonymity set is formed. Average information entropy and probability of sensitive inquiring are calculated, and road segments are continuously added in an anonymous box if the requirement of average information entropy and probability of sensitive inquiring is not met. According to the method, two levels of security can be greatly protected for users, which is quite close to the real user privacy protection requirement. The user position privacy protection method under the road network environment and the system thereof can be applied to a mobile terminal privacy protection system under the road network environment.

Description

Customer location method for secret protection under a kind of road network environment and system
Technical field
The present invention relates to the method and system of road network secret protection in a kind of communication of mobile terminal security fields.
Background technology
The fast development of mobile communication and location technology, making to obtain personnel location information by wireless device becomes possibility, and location Based service (LocationBasedService, LBS) is occurred and develops.It is various convenient, fast that user can enjoy that LBS brings, and user needs the precise position information providing oneself to location server simultaneously, and this will directly cause the leakage of customer position information.In conjunction with the background knowledge of mobile subscriber, assailant can infer the personal information of mobile subscriber from the LBS query contents of mobile subscriber, as privacy informations such as personal lifestyle custom, political orientation, history of disease, location privacy and the inquiry privacy of mobile subscriber are all on the hazard.The development of Euclidean space upper/lower positions method for secret protection is very rapid, has formed a more complete system configuration of ratio.In daily life, no matter people's walking or use the various vehicles, always follows fixing road network and carries out activity, under the activity of people is constrained on certain regional environment.Under the target that location privacy protection is studied starts to turn to road network environment.
In secret protection, the various algorithms based on the anonymous thought of space k are constantly suggested, and because its anonymous effect is better, obtains and apply widely.K anonymity in space is the mode of a kind of collective anonymity, request anonymous is formed anonymous frame together with other k-1 user, spatially carries out obfuscation to the actual position of user, thus reach the protection to actual position.For road network environment; section diversity (l-diversity) in anonymous frame can be avoided all users in anonymous frame to be positioned at a section thus cause the risk of customer location privacy leakage; the anonymous anonymous methods such as honeycomb, Voronoi diagram root is taked to satisfy the need the means that web area divides by node dimension, can protect section diversity well.Inquiry secret protection aspect, if the user of same queries content is more in anonymous frame, once relate to sensitive information inquiry, this increases the risk of inquiry privacy leakage undoubtedly.Inquiry diversity (p-diversity) can effectively prevent sensitive queries information leakage; sensitive information probabilistic model is suggested; when forming accurate anonymous collection, calculating sensitive information inquiry probability, then continuing to add section to anonymity collection when sensitive queries protection can not be met to be required.
Voronoi diagram root method, before carrying out section search, by V district number of users and the comparison of user anonymity demand, just needs to carry out the expansion of V district once not reach number of users requirement; In addition in the search section stage, will continue to continue interpolation section to accurate anonymous collection if do not meet number of users demand behind accurate anonymous collection interpolation section.Be that increasing of resource consumption all can be caused in the expansion of V district or continuation interpolation section, particularly V district expansion, can cause the increase in anonymous region thus service quality is declined.In the interpolation section stage, unavoidably make anonymous region increase if the whole piece section in V district to be added anonymous set, thus reduce service quality.
Summary of the invention
The present invention is directed to traditional algorithm only consider the safety protection problem of location privacy protection or inquiry secret protection single aspect and anonymous region excessive, in road network customer location privacy and inquiry privacy leakage, the increase in anonymous region makes service quality decline problem.Customer location secret protection and querying method under a kind of road network environment are proposed.The method take into account location privacy and the inquiry privacy of mobile communication terminal, in location privacy, take into account section diversity; At query aspects, by arranging sensitive queries probability higher limit, sensitive queries privacy is protected.Utilize the method to carry out Voronoi diagram root according to node dimension to road network at pretreatment stage, so just can ensure the minimum section requirement forming anonymous collection; After forming anonymous frame, calculating average information entropy and sensitive queries probability, do not meet average information entropy and sensitive queries probability demands then continues to add section to anonymous frame; Adding to need after section to aim at anonymous collection number of users and maximum user anonymity demand is compared, if just lack little user, ensures the demand of number of users aspect by generating bogus subscriber; When selecting section to add accurate anonymous collection, the part only selecting section to be positioned at V district adds accurate anonymous collection, instead of whole piece section is added anonymous collection.The method can be good at the safety ensureing user's two aspects, and this is very close with the privacy of user protection demand in reality.The present invention can to apply under road network environment in mobile terminal intimacy protection system.The present invention with the addition of bogus subscriber's generation module, judges in needs V district expansion and adding before section, if number of users lack be not a lot of situation under, a small amount of bogus subscriber can be added, corresponding amount of calculation and unnecessary expense will be reduced like this; Before interpolation section, first carry out the calculating of sensitive information entropy, if be less than preset value, do not add this section, this overhead of comparing again after carrying out sequence of operations after just avoiding adding and producing; When adding section, the part only section being belonged to this V district adds accurate anonymous collection to, and this will effectively be avoided the problem causing anonymous frame excessive because part way is long, improve service quality.
Concrete technical scheme of the present invention is: the customer location intimacy protection system under a kind of road network environment, this system comprises: user side, center anonymous server, location-based service providing end, wherein, center anonymous server comprises: pretreatment module, secret protection module and result refinement module, user side proposes anonymous request to center anonymous server, the section at anonymous server pretreatment module Location Request user place, center and V district, road network figure is divided, form V figure, the section at Location Request user place and V district, secret protection module forms anonymous collection according to user side request, again anonymity collection is sent to location-based service providing end, location-based service providing end is inquired about neighbouring point of interest according to the query contents of user, and Query Result is sent to center anonymous server, and center anonymous server obtains exact position according to Query Result and result sent to user side to complete inquiry, propose in anonymous request process at user side, when number of users is not enough, center anonymous server secret protection module is carried out the expansion of V district or is generated bogus subscriber, utilizes average information entropy and sensitive information probability to realize anti-limit power and attacks and inquiry secret protection.
One of them embodiment of the present invention comprises further, and section and the V district at pretreatment module Location Request user place comprise further: obtain road network limit data Edges and road network point data Nodes; Be the index three groups of data NEdges comprising section numbering, two nodes by road network limit data processing, road network point data is treated to and comprises node serial number ID, latitude value, longitude three groups of data NNodes; Using NEdges, NNodes as input, the mobile object maker based on road network is utilized to generate user data User; Road network figure G (V, E) is divided into V figure; Calculate user to the distance in each section, section corresponding to minimum distance is the section at user place; Calculate the distance in each V district in user to V figure, V district corresponding to minimum distance is the V district at user place.
One of them embodiment of the present invention comprises further, and secret protection module forms anonymous collection according to user side request and comprises further: secret protection module polls database, section, consumer positioning place number and V area code; If request user does not exist existing anonymous frame, by the section LID at request user place 0add accurate anonymous set C zhun, and according to the anonymous demand k of i-th user iwith anonymous section number demand l i, call formula: k s=max (k i), l s=max (l i) upgrade anonymous aggregate user demand and obtain maximum number of user demand k in anonymous frame swith maximum section number demand l s; Calculate the number of users e on Nei Meitiao section, V district 1, e 2, e 3..., e pobtain section weights, the section that section weights are minimum generates requisite number object bogus subscriber; L is selected near request section, user place s+ σ bar section forms Candidate Set, and the part way selecting request user section to be positioned at V district from Candidate Set adds accurate anonymous set C zhun.
One of them embodiment of the present invention comprises further, described carry out the expansion of V district or generate bogus subscriber comprise further: the section that number of users is minimum in V district generates requisite number object bogus subscriber, when asking there is un-added V district near V district, user place, neighbouring un-added V district and V district, this request user place are merged, forms new V district;
One of them embodiment of the present invention comprises further, according to sensitive queries number n m, total number of users N in anonymous collection, calls formula calculate sensitive queries informational probability p m, the limit power according to every bar limit attacks Probability p ib, call formula calculate average information entropy H lbif, inequality H lb> μ and set up, export anonymous collection section number { LID 0, LID 1..., LID s, more new database, the anonymous process of completing user, wherein, μ is the lower limit of anonymous ensemble average comentropy, for the lower limit of anonymity collection sensitive queries probability.Be less than preset value λ when anonymity collects number of users difference in maximum anonymous demand and V district, enable bogus subscriber and generate submodule, the section that section weights are minimum in V district generates λ bogus subscriber.
The present invention also proposes the customer location method for secret protection under a kind of road network environment, user side proposes anonymous request to center anonymous server, the section at anonymous server pretreatment module Location Request user place, center and V district, road network figure is divided, form V figure, the section at Location Request user place and V district, secret protection module forms anonymous collection according to user side request, then anonymity collection is sent to location-based service providing end; Location-based service providing end is inquired about neighbouring point of interest according to the query contents of user, and Query Result is sent to center anonymous server, and center anonymous server obtains exact position according to Query Result and result sent to user side to complete inquiry; Propose in anonymous request process at user side, when number of users is not enough, center anonymous server secret protection module is carried out the expansion of V district or is generated bogus subscriber, utilizes average information entropy and sensitive information probability to realize anti-limit power and attacks and inquiry secret protection.
The present invention, by calculating the method for sensitive information probability and limit the number of sensitive information in algorithmic procedure, therefore can protect the privacy of the query contents of user, effectively prevent the leakage of query contents while protective position privacy.From candidate road section set, select section to add anonymous set, the part only selecting section to be positioned at V district adds, and can reduce the size of anonymous frame like this, can improve service quality.Carry out the expansion of V district at needs and to judge in anonymous frame whether user meets before anonymity requires the stage, judges, just lack several user and then generate several bogus subscriber, avoiding problems unnecessary calculating lacked number of users.Therefore the present invention in effective protective position privacy and can inquire about on the basis of privacy, reduces the complexity of calculating to a certain extent and improves service quality.Solve traditional algorithm and only consider the excessive problem of the safety protection problem of location privacy protection or inquiry secret protection single aspect and anonymous region; the time overhead in the Set-search of anonymous section can be reduced simultaneously, improve anonymous service quality to a certain extent.
Accompanying drawing explanation
Fig. 1: road network privacy of user system module figure;
Fig. 2: anonymous server pretreatment module detail flowchart;
Fig. 3: anonymous server anonymity algorithm detail flowchart.
Embodiment
For making object/technical scheme of the present invention and advantage clearly understand, below in conjunction with specific embodiment, and with reference to accompanying drawing, the present invention is described in more detail.The description that it should be noted that herein is only the main process of a specific embodiment, and should not be considered to be unique embodiment, wherein each step is not necessary, and whole flow process and concrete steps thereof are also not limited in figure and following description.Obviously; for those skilled in the art; after understanding content of the present invention and principle; all may when not deviating from the principle of the invention, structure; various correction in form and details and change are carried out to this system, but these are revised and change still within claims of the present invention.
Fig. 1 is road network privacy of user system architecture module map of the present invention, and native system module comprises three parts: user side, center anonymous server, location-based service providing end.User's request module, this module realizes in mobile terminal inside, the positional information (as utilized GPS, WIFI location, network based positioning etc.) of acquisition for mobile terminal oneself, and complete alternately by mobile network or WIFI network pretreatment module that is continuous and center anonymous server, complete the renewal of information, user's request module also realizes sending of anonymous request, can customize anonymous demand and section diversity requirement for anonymous request.Center anonymous server comprises: pretreatment module, secret protection module, result refinement module; pretreatment module realizes the spatial division of whole road network; the one_to_one corresponding in each user and V district, section in road network, the adding of user, location updating and exit and all need to upgrade corresponding V district and section.User's request module proposes anonymous request to secret protection module; mutual by with pretreatment module; orient V district and the section at request user place; and run anonymous main program; user is selected to add anonymous collection according to actual conditions from V district, user place or neighbouring V district; also be likely run bogus subscriber to generate subprogram and generate several bogus subscriber, after Successful construct anonymity collection need anonymous information to submit to query processing module.Result refinement module, in conjunction with the actual position information of user, carries out refinement process to the fuzzy information of position service providing end feedback, and the Query Result after refinement is fed back to user side.
The anonymity collection Query Information that in location-based service providing end, query processing module is submitted to according to the anonymous processing module of center anonymous server, this module completes the search to neighbouring point of interest, and the interest point information searched is fed back to center anonymous server.
Channel between user and center anonymous server is trusted channel, and new user arrives Xu center anonymous server and registers, and such as log-on message is { ID, Loc (x, y) }, user position update, then more new database, user leaves, then user profile deleted from database, anonymous quick-reading flow sheets is: (1) such as user proposes anonymous request <ID to center anonymous server, Loc (x, y), k, l, query>; (2) center anonymous server operation anonymity algorithm carries out anonymity, and obtaining anonymous set is <ID', [(x 1, y 1) (x 2, y 2)], query'>; (3) LBS server is inquired about according to query contents, and Query Result is turned back to center anonymous server; (4) center anonymous server is to Query Result refinement process, and result is returned to request user.Wherein, center anonymous server comprises pretreatment module, secret protection module.
Fig. 2 is anonymous server pretreatment module detail flowchart.
Obtain road network limit data (Edges) and road network point data (Nodes); Selvage data of satisfying the need and road network point data process, and the limit data after process are expressed as NEdges (comprising index three groups of data of section numbering, two nodes), node data is expressed as NNodes (comprising node ID, latitude value, longitude three groups of data); Using NEdges, NNodes as input, ThomasBrinkhoff mobile object maker is utilized to generate user data User (comprising user's latitude and longitude two groups of data); Division is carried out to road network figure G (V, E) and obtains V figure V (V, E); Calculate the user user distance to each section, section corresponding to minimum distance is the section at user place; Calculate the user user distance to each V district, V district corresponding to minimum distance is the V district at user place.
Below lift an example and be described further implementation step:
Step 201: obtain road network limit data (Edges) and road network point data (Nodes), choose the road net data in certain city, data comprise: road network limit data and road network point data, wherein section number and nodes use n respectively e, n orepresent;
Step 202: selvage data of satisfying the need and road-net node data process, the limit data NEdges after process represents (NEdges comprises index three groups of data of section numbering, two nodes), node data NNodes represents (NNodes comprises node ID, latitude value, longitude three groups of data);
Step 203: using NEdges, NNodes as input, utilizes ThomasBrinkhoff mobile object maker to generate user data User (comprising user's latitude and longitude two groups of data), setting number of users n orepresent, general n oget 5000;
Step 204: with G (V, E) (node that V represents the limit of road network, E represents road network) represents road network figure, with V (V', E') (node that V' represents the limit of road network, E' represents road network) represents Thiessen polygon figure (Thiessen polygon figure, have another name called Voronoi figure, be called for short V figure).Take Voronoi method to carry out division to road network figure and obtain V figure, represent that dimension is more than or equal to the node of 3 with Nodes_up3, this method adopts Nodes_up3 as generation V figure Centroid;
Step 205: the latitude and longitude coordinates of user user is (x, y), calculates user user to section [(x f, y f) (x' f, y' f)] (f gets 1,2,3 ..., n e) distance, (x f, y f), (x' f, y' f) represent two end points in section respectively, wherein, x f, x' ffor latitude value, y f, y' ffor longitude, section corresponding to minimum distance is the section at user place, specifically can adopt and obtain with the following method:
Step 2051: make f=1;
Step 2052: computational discrimination factor cross=(x' f-x f) * (x' f-x f)+(y' f-y f) * (y' f-y f);
Step 2053: judge whether cross>0 sets up, no, then go to step 3054; Then go to step 3055;
Step 2054: user coordinates, section extreme coordinates are substituted into formula (1):
disl(f)=sqrt((x-x f)*(x-x f)+(y-y f)*(y-y f))(1)
Calculate the distance disl (f) of user to section, f=f+1;
Step 2055: calculate d 2=(x' f-x f) * (x' f-x f)+(y' f-y f) * (y' f-y f);
Step 2056: judge cross>=d 2whether set up, be, then go to step 20561; No, then go to step 20562;
Step 20561: user coordinates, section extreme coordinates are substituted into formula (2):
disl(f)=sqrt((x-x' f)*(x-x' f)+(y-y' f)*(y-y' f))(2)
Calculate the distance disl (f) of user to section, f=f+1;
Step 20562: calculate r=cross/d 2, p x=x f+ (x' f-x f) * r, p y=y f+ (y' f-y f) * r, user coordinates, section extreme coordinates are substituted into formula (3):
disl(f)=sqrt((x-p x)*(x-p x)+(p y-y y)*(p y-y y))(3)
Calculate the distance disl (f) of user to section, f=f+1;
Step 2057: judge f>n ewhether set up, be, then go to step 2058; No, then go to step 2052;
Step 2058: get the section (LID making disl (f) minimum value corresponding 0section number for this section) as the section of current request user;
Step 206: calculate user user to each V district center point (x v, y v) distance, v gets 1,2 ..., M, V district corresponding to minimum range is the V district at user place, and concrete steps are as follows:
Step 2061: make v=1;
Step 2062: the latitude x of user, longitude y are substituted into formula (4):
disv(v)=sqrt((x-x v)*(x-x v)+(y-y v)*(y-y v))(4)
Step 2063: judge whether v>M sets up, and is, then go to step 2064; No, then v=v+1 go to step 2062;
Step 2064: get the V district as current request user of the V district that makes disv (v) corresponding to minimum value;
If Fig. 3 is anonymous server anonymity algorithm detail flowchart.User sends anonymous request to center anonymous server; Query Database, section, consumer positioning place number and V area code; If request user does not exist existing anonymous frame, by the section LID at request user place 0add accurate anonymous set C zhun, and according to formula: k s=max (k i), l s=max (l i) upgrade anonymous aggregate user demand, wherein k s, l srepresent maximum number of user demand and maximum section number demand in anonymous frame respectively, k i, l ibe respectively anonymous demand and the anonymous section number demand of i-th user; Calculate the number of users e on Nei Meitiao section, V district 1, e 2, e 3..., e p, wherein p is section sum in current V district, and to section in V district by section weights descending, section weights are the number of users on section; The section that number of users is less in V district generates requisite number object bogus subscriber; According to the sequence of section weights, near request section, user place, select l s+ σ bar section forms Candidate Set, and from Candidate Set, select request user section to be positioned at the part LID in V district 1add accurate anonymous set C zhun, enable and generate bogus subscriber's submodule, the section that number of users is less in V district generates requisite number object bogus subscriber; According to formula calculate sensitive queries informational probability p m, wherein, n mfor sensitive queries number, N is total number of users in anonymous collection, and the limit power according to every bar limit attacks Probability p ib, call formula calculate average information entropy H lbif, H lb> μ and whether set up simultaneously, export anonymous collection section number { LID 0, LID 1..., LID s, more new database, the anonymous process of completing user.μ is as the lower limit of anonymous ensemble average comentropy, and value is higher, and user distributes more even on each section, and corresponding anti-limit power attacking ability is stronger, otherwise, illustrate that user distribution is uneven, weighed by limit and attack; as the lower limit of anonymity collection sensitive queries probability, the higher corresponding anonymous sensitive queries quantity of concentrating of value is on the high side, and the ability of attacking inquiry is on the weak side, and the lower corresponding anonymous collection sensitive queries number of value is less, and the risk that user attacks by inquiry reduces.
Concrete example can adopt following steps to realize.
Step 301: user user sends LBS request to center anonymous server, request content is expressed as <ID, Loc (x, y), k, l, query>, wherein ID is user ID, Loc (x, y) represents customer location (i.e. customer location longitude and latitude data, x represents latitude, and y represents longitude), k, l be the anonymous demand of User Defined (k be number of users demand, l be section diversity requirements);
Step 302: Query Database, section, consumer positioning place number and V area code, the V district number index_k=0 added;
Step 303: judge whether request user exists existing anonymous frame, is then go to step 325; No, then go to step 304;
Step 304: by the section LID at request user place 0add accurate anonymous set C zhun, and upgrade anonymous aggregate user demand k s=max (k i), l s=max (l i), wherein k s, l srepresent maximum number of user demand and maximum section number demand in anonymous frame respectively, k i, l i(i=1,2,3 ..., n; N is the total number of users in anonymous frame) be respectively anonymous demand and the anonymous section number demand of i-th user;
Step 305: calculate the number of users e on Nei Meitiao section, current V district 1, e 2, e 3..., e p, wherein p is section sum in current V district, and to section in V district by section weights descending, section weights are the number of users on section;
Step 306: judge number of users v in V district kwhether be greater than maximum user's request k in the collection of anonymous section s, be then go to step 311; No, then go to step 307;
Step 307: judge the maximum anonymous demand k of anonymous collection swith number of users v in V district kwhether difference is less than preset value λ (λ gets 3), is then go to step 310; No, then go to step 308;
Step 308: the neighbouring V district number merged is index_k, the number of vertex in V district, user place is num (v_index) (v_index is V area code), judge whether index_k<num (v_index) sets up, and is then go to step 309; No, then go to step 320;
Step 309: neighbouring V district and this V district are merged, forms new V district, index_k=index_k+1;
Step 310: enable and generate bogus subscriber's submodule, the section that number of users is less in V district generates requisite number object bogus subscriber;
Step 311: judge number v in section in V district lwhether be greater than the maximum anonymous section demand l of user in the collection of anonymous section s, be then go to step 312; No, then go to step 308;
Step 312: make st=1, judges in V district, whether number of users λ is greater than l s+ σ, σ are preset value, get σ=3, are, then go to step 313; No, then go to step 314;
Step 313: according to the sequence of step 305 section weights, selects l near request section, user place s+ σ bar section forms Candidate Set, and from Candidate Set, select the section LID near the sequence of request user section s(section is positioned at the part in V district) adds C zhun;
Step 314: according to the sequence of step 305 section weights, selects the section LID near the sequence of request user section from V district sadd anonymous set;
Step 315: upgrade C zhunin maximum number of user demand k swith maximum section number demand l s;
Step 316: judge C zhunin number of users n kwhether be greater than k s, be then go to step 322; No, then go to step 317;
Step 317: judge k swith n kdifference whether be less than λ (λ gets 3), be then go to step 321; No, then go to step 318;
Step 318: upgrade Candidate Set, the section of having added is deleted from Candidate Set;
Step 319: judge the section number n selected yxwhether be less than the total section number n in candidate collection hx, be, then st=st+1 go to step 312; No, then go to step 320;
Step 320: export anonymous failure, more new database;
Step 321: enable and generate bogus subscriber's submodule, the section that section number is less in V district generates requisite number object bogus subscriber, bogus subscriber's form of generation is <ID', Loc (x u, y u), k, l, query>, wherein ID' is the random user ID produced, k≤k s, l≤l s, query is non-sensitive inquiry;
Step 322: judge C zhunroad hop count n lwhether be greater than l s, be then go to step 323; No, then go to step 318;
Step 323: count sensitive queries number n m, calculating sensitive queries informational probability is wherein N is total number of users in anonymous collection; The limit power on every bar limit attacks probability calculate average information entropy H L b = - &Sigma; i = 1 n p i b ;
Step 324: judge H lb> μ and whether set up simultaneously, be, then go to step 325; No, then go to step 318;
Step 325: export anonymous collection section number { LID 0, LID 1..., LID st, more new database, the anonymous process of completing user.
Road net data is described as follows: the data of road network comprise road network limit data and road network point data, and the mobile object maker (Network-basedGeneratorofMovingObjects) selecting ThomasBrinkhoff to propose generates user data.Data format is as follows: original road network limit data (Edges.txt) comprises four groups of data, is respectively: section numbering, first, section node index, second, section node index, highway character.Three groups of data above are only got when emulation.Original road network point data (Nodes.txt) comprises three groups of data, is respectively: user ID, latitude value, longitude.The user data (user.txt) generated by road network object generator comprises two groups of data, is respectively: latitude value, longitude.User data after pretreatment (User.txt) comprises four groups of data, is respectively: latitude value, longitude, section number, V district call number.
Voronoi diagram root is described as follows:
Voronoi figure is a kind of geometry being widely used in compartition, supposes to comprise a discrete point set P={P in plane domain A 1, P 2..., P n, definition P ivoronoi area (be called for short V district) V (P i) for all to P in A ithe set of distance smallest point: V (P i)={ p|d (p, P i)≤d (p, P j), p ∈ A, j ≠ i, j=1,2,3 ..., n}.The Voronoi of definition P schemes V (P)={ V (P 1), V (P 2) ..., V (P n), P ibe called Voronoi figure generator.Each point in point set P and n point of surrounding are done line, and do perpendicular bisector to each line, then this n bar perpendicular bisector intersects the Voronoi polygon surrounding a n bar limit.
Voronoi figure has following character:
(1) same limit is shared in adjacent V district;
(2) each V district does not overlap mutually, the whole region of V map combining of composition;
(3) point in each V district is less than the distance of other generators to this V district generator distance.
The present invention adopts V diagram root mode to divide road network figure, and G (V, E) is a road net model net, makes V p={ V i| degree (V i)>=d m, V i∈ V}, V pcorresponding Voronoi figure is called that road network V schemes.V ibe called road network V map generalization unit.
Limit power attacks probability and average information entropy is described as follows:
Limit power inference attack utilizes the feature of user's skewness on section to judge a kind of attack pattern in section residing for user.The user supposing to be positioned at same anonymous section set is equal by the probability attacked, and is 1/l, then due to the skewness of user on each section, and the probability every bar section victim being inferred and limit power inference attack Probability p ibno longer 1/l, but i-th section number of users and the ratio gathering all numbers of users, namely limit power attacks probability wherein n is section sum in set, w iit is number of users on the i-th section.So average information entropy h lblarger, user is more even in the distribution of each section, and the possibility that user is subject to limit power attack is less.
The present invention, except can protective position privacy, also can protect inquiry privacy to a certain extent, also takes measure in addition in anti-limit power attack.By judging whether average information entropy and inquiry sensitive information probability satisfy the demands, thus reach the demand of inquiry secret protection and anti-limit power attack.In secret protection module, when number of users does not meet anonymous demand in V district, calculate k s-v kvalue, if be less than preset value, just enable bogus subscriber's generation module, otherwise just enable V district expansion module.Number of users n in accurate anonymous collection kwhen not meeting anonymous demand, calculate k s-n kvalue, if be less than preset value, just can generate several bogus subscriber, otherwise just upgrade anonymous collection, again add section and add anonymous collection.When interpolation section adds anonymous frame, the part that an interpolation section is positioned at V district adds anonymous frame.

Claims (12)

1. the customer location intimacy protection system under a road network environment, it is characterized in that, this system comprises: user side, center anonymous server, location-based service providing end, wherein, center anonymous server comprises: pretreatment module, secret protection module and result refinement module, user side proposes anonymous request to center anonymous server, the section at anonymous server pretreatment module Location Request user place, center and V district, road network figure is divided, form V figure, the section at Location Request user place and V district, secret protection module forms anonymous collection according to user side request, again anonymity collection is sent to location-based service providing end, location-based service providing end is inquired about neighbouring point of interest according to the query contents of user, and Query Result is sent to center anonymous server, and center anonymous server obtains exact position according to Query Result and result sent to user side to complete inquiry, propose in anonymous request process at user side, when number of users is not enough, center anonymous server secret protection module is carried out the expansion of V district or is generated bogus subscriber, utilizes average information entropy and sensitive information probability to realize anti-limit power and attacks and inquiry secret protection.
2. system according to claim 1, is characterized in that, section and the V district at pretreatment module Location Request user place comprise further: obtain road network limit data Edges and road network point data Nodes; Be the index three groups of data NEdges comprising section numbering, two nodes by road network limit data processing, road network point data is treated to and comprises node serial number ID, latitude value, longitude three groups of data NNodes; Using NEdges, NNodes as input, the mobile object maker based on road network is utilized to generate user data User; Road network figure G (V, E) is divided into V figure; Calculate user to the distance in each section, section corresponding to minimum distance is the section at user place; Calculate the distance in each V district in user to V figure, V district corresponding to minimum distance is the V district at user place.
3. system according to claim 1, is characterized in that, secret protection module forms anonymous collection according to user side request and comprises further: secret protection module polls database, section, consumer positioning place number and V area code; If request user does not exist existing anonymous frame, by the section LID at request user place 0add accurate anonymous set C zhun, and according to the anonymous demand k of i-th user iwith anonymous section number demand l i, call formula: k s=max (k i), l s=max (l i) upgrade anonymous aggregate user demand and obtain maximum number of user demand k in anonymous frame swith maximum section number demand l s; Calculate the number of users e on Nei Meitiao section, V district 1, e 2, e 3..., e pobtain section weights, the section that section weights are minimum generates requisite number object bogus subscriber; L is selected near request section, user place s+ σ bar section forms Candidate Set, and the part way selecting request user section to be positioned at V district from Candidate Set adds accurate anonymous set C zhun.
4. system according to claim 1, it is characterized in that, described carry out the expansion of V district or generate bogus subscriber comprise further: the section that number of users is minimum in V district generates requisite number object bogus subscriber, when asking there is un-added V district near V district, user place, neighbouring un-added V district and V district, this request user place are merged, forms new V district.
5. system according to claim 1, is characterized in that, according to sensitive queries number n m, total number of users N in anonymous collection, calls formula calculate sensitive queries informational probability p m, the limit power according to every bar limit attacks Probability p ib, call formula calculate average information entropy H lbif, inequality H lb> μ and set up, export anonymous collection section number { LID 0, LID 1..., LID s, more new database, the anonymous process of completing user, wherein, μ is the lower limit of anonymous ensemble average comentropy, for the lower limit of anonymity collection sensitive queries probability.
6. system according to claim 3, is characterized in that, is less than preset value λ, enables bogus subscriber and generate submodule, the section that section weights are minimum in V district generates λ bogus subscriber when anonymity collects number of users difference in maximum anonymous demand and V district.
7. the customer location method for secret protection under a road network environment, it is characterized in that, user side proposes anonymous request to center anonymous server, the section at anonymous server pretreatment module Location Request user place, center and V district, road network figure is divided, forms V figure, the section at Location Request user place and V district, secret protection module forms anonymous collection according to user side request, then anonymity collection is sent to location-based service providing end; Location-based service providing end is inquired about neighbouring point of interest according to the query contents of user, and Query Result is sent to center anonymous server, and center anonymous server obtains exact position according to Query Result and result sent to user side to complete inquiry; Propose in anonymous request process at user side, when number of users is not enough, center anonymous server secret protection module is carried out the expansion of V district or is generated bogus subscriber, utilizes average information entropy and sensitive information probability to realize anti-limit power and attacks and inquiry secret protection.
8. method according to claim 7, is characterized in that, section and the V district at pretreatment module Location Request user place comprise further: obtain road network limit data Edges and road network point data Nodes; Be the index three groups of data NEdges comprising section numbering, two nodes by road network limit data processing, road network point data is treated to and comprises node serial number ID, latitude value, longitude three groups of data NNodes; Using NEdges, NNodes as input, the mobile object maker based on road network is utilized to generate user data User; Road network figure G (V, E) is divided into V figure; Calculate user to the distance in each section, section corresponding to minimum distance is the section at user place; Calculate the distance in each V district in user to V figure, V district corresponding to minimum distance is the V district at user place.
9. method according to claim 7, is characterized in that, secret protection module forms anonymous collection according to user side request and comprises further: secret protection module polls database, section, consumer positioning place number and V area code; If request user does not exist existing anonymous frame, by the section LID at request user place 0add accurate anonymous set C zhun, and according to the anonymous demand k of i-th user iwith anonymous section number demand l i, call formula: k s=max (k i), l s=max (l i) upgrade anonymous aggregate user demand and obtain maximum number of user demand k in anonymous frame swith maximum section number demand l s; Calculate the number of users e on Nei Meitiao section, V district 1, e 2, e 3..., e pobtain section weights, the section that section weights are minimum generates requisite number object bogus subscriber; L is selected near request section, user place s+ σ bar section forms Candidate Set, and the part way selecting request user section to be positioned at V district from Candidate Set adds accurate anonymous set C zhun.
10. method according to claim 7, it is characterized in that, described carry out the expansion of V district or generate bogus subscriber comprise further: the section that number of users is minimum in V district generates requisite number object bogus subscriber, when asking there is un-added V district near V district, user place, neighbouring un-added V district and V district, this request user place are merged, forms new V district.
11. methods according to claim 7, is characterized in that, according to sensitive queries number n m, total number of users N in anonymous collection, calls formula calculate sensitive queries informational probability p m, the limit power according to every bar limit attacks Probability p ib, call formula calculate average information entropy H lbif, inequality H lb> μ and set up, export anonymous collection section number { LID 0, LID 1..., LID s, more new database, the anonymous process of completing user, wherein, μ is the lower limit of anonymous ensemble average comentropy, for the lower limit of anonymity collection sensitive queries probability.
12. methods according to claim 9, is characterized in that, be less than preset value λ, enable bogus subscriber and generate submodule, the section that section weights are minimum in V district generates λ bogus subscriber when anonymity collects number of users difference in maximum anonymous demand and V district.
CN201510550941.7A 2015-09-01 2015-09-01 User location method for secret protection and system under a kind of road network environment Active CN105246072B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510550941.7A CN105246072B (en) 2015-09-01 2015-09-01 User location method for secret protection and system under a kind of road network environment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510550941.7A CN105246072B (en) 2015-09-01 2015-09-01 User location method for secret protection and system under a kind of road network environment

Publications (2)

Publication Number Publication Date
CN105246072A true CN105246072A (en) 2016-01-13
CN105246072B CN105246072B (en) 2018-12-28

Family

ID=55043497

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510550941.7A Active CN105246072B (en) 2015-09-01 2015-09-01 User location method for secret protection and system under a kind of road network environment

Country Status (1)

Country Link
CN (1) CN105246072B (en)

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106507312A (en) * 2016-12-30 2017-03-15 华南理工大学 One kind is based on personalized location privacy protection method under road network environment
CN106878312A (en) * 2017-02-24 2017-06-20 华南理工大学 A kind of semantic locations method for secret protection based on side cluster figure
CN106911670A (en) * 2017-01-13 2017-06-30 重庆邮电大学 Intimacy protection system and method in a kind of car networking
CN107172095A (en) * 2017-07-05 2017-09-15 重庆邮电大学 Customer location method for secret protection under a kind of road network environment based on longitude and latitude grid
CN107835241A (en) * 2017-11-02 2018-03-23 辽宁工业大学 A kind of secret protection region construction method in road network environment under Continuous Nearest Neighbors Inquiry
CN108040321A (en) * 2017-12-20 2018-05-15 河海大学 The position anonymous methods of preventing playback attack under a kind of road network environment
CN108573165A (en) * 2017-03-09 2018-09-25 北京京东尚科信息技术有限公司 Data processing method and device
CN109544900A (en) * 2018-11-21 2019-03-29 长安大学 A kind of route matching method that the privacy multiplying trip altogether towards passenger and driver retains
CN110300029A (en) * 2019-07-06 2019-10-01 桂林电子科技大学 A kind of location privacy protection method of anti-side right attack and position semantic attacks
CN110365679A (en) * 2019-07-15 2019-10-22 华瑞新智科技(北京)有限公司 Context aware cloud data-privacy guard method based on crowdsourcing assessment
CN112601194A (en) * 2020-12-08 2021-04-02 兰州理工大学 Internet of vehicles position privacy protection method and system under road network environment
CN114629722A (en) * 2022-04-19 2022-06-14 湖南科技大学 Cache-based double K-anonymous location privacy protection method in edge computing environment
CN117119444A (en) * 2023-10-25 2023-11-24 成都信息工程大学 Position privacy protection method based on mobile edge calculation

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009089251A2 (en) * 2008-01-08 2009-07-16 Mobile Traffic Network, Inc. Mobile alerting network
CN102970652A (en) * 2012-10-16 2013-03-13 北京航空航天大学 Query sensing position privacy protection system facing to road network
CN103249038A (en) * 2013-04-09 2013-08-14 哈尔滨工程大学 Privacy protection method based on location of moving object in road network space
CN103957523A (en) * 2014-03-31 2014-07-30 西安电子科技大学 Position privacy protection method based on probability forecasting in road network

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009089251A2 (en) * 2008-01-08 2009-07-16 Mobile Traffic Network, Inc. Mobile alerting network
CN102970652A (en) * 2012-10-16 2013-03-13 北京航空航天大学 Query sensing position privacy protection system facing to road network
CN103249038A (en) * 2013-04-09 2013-08-14 哈尔滨工程大学 Privacy protection method based on location of moving object in road network space
CN103957523A (en) * 2014-03-31 2014-07-30 西安电子科技大学 Position privacy protection method based on probability forecasting in road network

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
XINYUE FANJING TUCHAOLONG YEFEI ZHOU: "The research for protecting location privacy based on V-W algorithm", 《EURASIP JOURNAL ON WIRELESS COMMUNICATIONS AND NETWORKING》 *
赵平,马春光,高训兵,朱蔚: "路网环境下基于Voronoi图的位置隐私保护方法", 《计算机科学》 *

Cited By (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106507312A (en) * 2016-12-30 2017-03-15 华南理工大学 One kind is based on personalized location privacy protection method under road network environment
CN106507312B (en) * 2016-12-30 2019-07-16 华南理工大学 One kind is based on location privacy protection method personalized under road network environment
CN106911670A (en) * 2017-01-13 2017-06-30 重庆邮电大学 Intimacy protection system and method in a kind of car networking
CN106911670B (en) * 2017-01-13 2020-09-29 重庆邮电大学 Privacy protection system and method in Internet of vehicles
CN106878312A (en) * 2017-02-24 2017-06-20 华南理工大学 A kind of semantic locations method for secret protection based on side cluster figure
CN108573165A (en) * 2017-03-09 2018-09-25 北京京东尚科信息技术有限公司 Data processing method and device
CN107172095B (en) * 2017-07-05 2020-04-28 重庆邮电大学 Method for protecting user position privacy in road network environment based on graticule
CN107172095A (en) * 2017-07-05 2017-09-15 重庆邮电大学 Customer location method for secret protection under a kind of road network environment based on longitude and latitude grid
CN107835241A (en) * 2017-11-02 2018-03-23 辽宁工业大学 A kind of secret protection region construction method in road network environment under Continuous Nearest Neighbors Inquiry
CN107835241B (en) * 2017-11-02 2021-05-07 辽宁工业大学 Privacy protection area construction method under continuous neighbor query in road network environment
CN108040321A (en) * 2017-12-20 2018-05-15 河海大学 The position anonymous methods of preventing playback attack under a kind of road network environment
CN108040321B (en) * 2017-12-20 2020-09-22 河海大学 Position anonymization method for resisting replay attack in road network environment
CN109544900A (en) * 2018-11-21 2019-03-29 长安大学 A kind of route matching method that the privacy multiplying trip altogether towards passenger and driver retains
CN110300029A (en) * 2019-07-06 2019-10-01 桂林电子科技大学 A kind of location privacy protection method of anti-side right attack and position semantic attacks
CN110300029B (en) * 2019-07-06 2021-11-30 桂林电子科技大学 Position privacy protection method for preventing edge-weight attack and position semantic attack
CN110365679A (en) * 2019-07-15 2019-10-22 华瑞新智科技(北京)有限公司 Context aware cloud data-privacy guard method based on crowdsourcing assessment
CN112601194A (en) * 2020-12-08 2021-04-02 兰州理工大学 Internet of vehicles position privacy protection method and system under road network environment
CN112601194B (en) * 2020-12-08 2022-04-29 兰州理工大学 Internet of vehicles position privacy protection method and system under road network environment
CN114629722A (en) * 2022-04-19 2022-06-14 湖南科技大学 Cache-based double K-anonymous location privacy protection method in edge computing environment
CN114629722B (en) * 2022-04-19 2023-11-17 湖南科技大学 Dual K-anonymous location privacy protection method based on cache in edge computing environment
CN117119444A (en) * 2023-10-25 2023-11-24 成都信息工程大学 Position privacy protection method based on mobile edge calculation
CN117119444B (en) * 2023-10-25 2024-01-16 成都信息工程大学 Position privacy protection method based on mobile edge calculation

Also Published As

Publication number Publication date
CN105246072B (en) 2018-12-28

Similar Documents

Publication Publication Date Title
CN105246072A (en) User position privacy protection method under road network environment and system thereof
Dong et al. Novel privacy-preserving algorithm based on frequent path for trajectory data publishing
Liao et al. Location and trajectory privacy preservation in 5G-Enabled vehicle social network services
Xu et al. Location anonymity in continuous location-based services
Wang et al. Towards privacy-driven truthful incentives for mobile crowdsensing under untrusted platform
CN104618896B (en) A kind of location-based service method for secret protection and system based on mesh-density
CN105307111A (en) Position privacy protection method based on incremental neighbour inquiry
CN110493182B (en) Crowd sensing worker selection mechanism and system based on block chain position privacy protection
CN110602145B (en) Track privacy protection method based on location-based service
CN111786970B (en) Cache-based cooperative location obfuscation anonymous privacy protection method and system
Zhang et al. An efficient and secure data transmission mechanism for internet of vehicles considering privacy protection in fog computing environment
Ma et al. Personalized location privacy with road network-indistinguishability
CN115052286A (en) User privacy protection and target query method and system based on location service
Liao et al. Towards location and trajectory privacy preservation in 5G vehicular social network
Kalaiarasy et al. An effective variant ring signature-based pseudonym changing mechanism for privacy preservation in mixed zones of vehicular networks
Miura et al. A hybrid method of user privacy protection for location based services
CN104486726B (en) A kind of user of protection looks forward to the prospect the extensive method in road network environment position of location privacy
Gao et al. Location privacy protection algorithm for mobile networks
Kaurav et al. Blockchain for emergency vehicle routing in healthcare services: An integrated secure and trustworthy system
Che et al. SALS: semantics-aware location sharing based on cloaking zone in mobile social networks
CN113766506B (en) Hierarchical access control method for Internet of things
Li et al. A Dynamic Location Privacy Protection Scheme Based on Cloud Storage.
CN112601194B (en) Internet of vehicles position privacy protection method and system under road network environment
Yang et al. RuleCache: A mobility pattern based multi-level cache approach for location privacy protection
CN113761555A (en) Safe and reliable vehicle networking space crowdsourcing task matching method based on intelligent contract

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant