CN106899700A - A kind of method for secret protection of the position shared system in mobile social networking - Google Patents

A kind of method for secret protection of the position shared system in mobile social networking Download PDF

Info

Publication number
CN106899700A
CN106899700A CN201710287904.0A CN201710287904A CN106899700A CN 106899700 A CN106899700 A CN 106899700A CN 201710287904 A CN201710287904 A CN 201710287904A CN 106899700 A CN106899700 A CN 106899700A
Authority
CN
China
Prior art keywords
user
assumed name
social
location
lookup
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710287904.0A
Other languages
Chinese (zh)
Other versions
CN106899700B (en
Inventor
孙罡
谢喻霞
廖丹
孙健
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
University of Electronic Science and Technology of China
Original Assignee
University of Electronic Science and Technology of China
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by University of Electronic Science and Technology of China filed Critical University of Electronic Science and Technology of China
Priority to CN201710287904.0A priority Critical patent/CN106899700B/en
Publication of CN106899700A publication Critical patent/CN106899700A/en
Application granted granted Critical
Publication of CN106899700B publication Critical patent/CN106899700B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/52Network services specially adapted for the location of the user terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/107Network architectures or network communication protocols for network security for controlling access to devices or network resources wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals

Abstract

The present invention searches the technical problem of the location privacy protection of service for the nearby friends in Mobile Online's social networks and stranger, proposes a kind of method for secret protection for realizing the position shared system in a kind of mobile social networking that nearby friends are searched, stranger searches.The present invention considers nearby friends lookup, stranger and searches particularity of the service relative to traditional location Based service, and the social networks privacy of user can be protected in addition to the location privacy to user is protected.In the present invention, user is using nearby friends when being searched, neighbouring stranger searching this position shared service, the object that position can be selected shared, that is, allow user to select for the position of oneself to be exposed to a part of good friend, rather than all of good friend.Preservation tactics proposed by the present invention are more efficient than existing method for secret protection, can more quickly find neighbouring good friend, stranger.

Description

A kind of method for secret protection of the position shared system in mobile social networking
Technical field
The invention belongs to mobile communication technology field, and in particular to a kind of position shared system in mobile social networking Secret protection.
Background technology
It is traditional with mobile communication technology, the popularization developed rapidly with high-performance Intelligent mobile equipment of social networks Location-based service and social networks are constantly merged, and form Mobile Online's social networks.Mobile Online's social networks provides more Position shared service, user can not only search neighbouring good friend and stranger, can also carry out the service of registering.It is mobile social Be combined for actual position service and virtual community by network, enriches the social mode of people.However, when user is enjoying position Service band come it is convenient when, they also take on the risk of sensitive information leakage.
When user sends location service request, attacker can not only associate position with the identity information of user Come, and can be inferred that more privacy informations of user, such as health status etc..Meanwhile, attacker can also be using continuous Location service request information according to the time formed user track, by the trajectory analysis to user, it is not only possible to find use The past and present position in family, but also the possible home address of user, job site and rule of life can be analyzed, or even Can be inferred that the information such as behavior pattern and the habits and customs of the daily life track of user.If mobile social networking is constantly received Collect the position of user, then the position of user may be betrayed and give third party businessman by it because of commercial interest.
The Privacy Protection that nearby friends and stranger in Mobile Online's social networks search service can be decomposed into Social identity protection problem in location privacy protection problem and location server in social network server.
Position encryption is the main method for solving the problems, such as the location privacy protection in social network server.User by Terminal is sent to social network server after actual position is encrypted, social network server does not have corresponding decruption key, because This can not obtain the actual position of user.The location privacy of user is guaranteed at social network server end.Dynamic subscriber is false Name is the main method for solving the problems, such as the social identity protection in location server.User performs nearby friends and stranger every time When searching service, social network server all can at random generate user's assumed name for user, and what location server was obtained is only to use User's assumed name at family also has the social buddy list of user.Therefore location server cannot obtain the social identity of user.In order to The social privacy of identities protection of enhancing, false social identity can be increased in the buddy list of user at random.User's is social good Friendly list good friend inquire about in can change at random, therefore location server can not by user's assumed name of user, user it is social good Social identity of the friendly list association to user.But in the encryption of above-mentioned position and social identity protection strategy, asymmetrical position AES computation complexity and calculating time are higher, and user terminal needs more computing resource.Meanwhile, dynamic subscriber's assumed name Not completely random, user's assumed name content contains the true social identity of user, therefore user identity is likely to be taken by position Business device is deduced, then the social identity information of user is exposed.
A kind of system for solving social privacy of identities and location privacy includes social network server and multiple positions Server.Position AES, dynamic subscriber's assumed name technology are introduced in the system and increases false social activity identity.User sends out every time Rise and can at random generate user's assumed name when finding that nearby friends, stranger are asked, this ensure that location server cannot be by user The true social Identity Association of assumed name information and user gets up.Consider to increase in buddy list simultaneously false social activity identity and Buddy list is randomly divided into many points, multiple location servers is sent respectively to so that location server cannot close buddy list It is linked to the real social identity of user.Location privacy encrypts the position for social network server is obtained user.On The method stated not only realizes the location privacy protection of user, while realizing the social privacy of identities protection of user.But its Still there are following defects:(1) the true social identity information of user is contained in dynamic subscriber's assumed name, location server can be with The historical position of user is deduced according to historic user assumed name.(2) computing resource of user terminal is limited, often finds a good friend Or stranger will carry out asymmetric encryption to its position, the time is calculated almost with good friend's number and stranger's number into just Than.In the case where good friend's number and stranger's number are more, it is necessary to the more calculating time.(3) the method causes user only Can not accounted in practical application with all good friend's sharing positions, user may simultaneously distrust all good friends, only want to and portion Divide good friend's sharing position.
Another kind is used to solve social privacy of identities and the scheme of location privacy:Position based on trusted third party's server Shared system is put, the system includes trusted third party's server and position social interaction server device.Position social interaction server device can provide with Position and socially relevant service.User sends before discovery nearby friends, stranger are asked, it is necessary to position is sent to every time Can third-party server, third-party server deduce user and arrive according to the historical position of user plus the position of current request The sensitive position crossed.User stops sending possible to position social interaction server device according to the result of calculation of trusted third party's server Reveal the request of sensitive position.The system and algorithm effectively realize the secret protection of the sensitive position of user.But there is also Following shortcoming:(1) system needs trusted third party's server, once attacker's successful attack server, then it is all The historical position of user all can be compromised.(2) location privacy protection here refers mainly to the secret protection of sensitive position, does not examine Considering other positions can expose the individual privacy of some users, such as zone of action, movement track etc..
The content of the invention
Nearby friends and stranger in Mobile Online's social networks are searched in service, not only to prevent social networks from taking Business device obtains the actual position of user, also to prevent location server from obtaining the social identity information of user, while also have preventing Unauthorized user accesses the position of user.Therefore it is attached during traditional location privacy protection algorithm is for Mobile Online's social networks Nearly good friend and stranger search and service and do not apply to.The present invention is for the nearby friends in Mobile Online's social networks and stranger The technical problem of the location privacy protection of service is searched, the user that a kind of nearby friends are searched, stranger is searched in service is proposed Location privacy protection and social networks method for secret protection.The present invention has considered nearby friends lookup, stranger and has searched clothes It is engaged in relative to the particularity of traditional location Based service, can be to user in addition to the location privacy to user is protected Social networks privacy protected.In view of the computing resource pretty valuable of terminal, Preservation tactics of the present invention are than existing Some method for secret protection are more efficient, can more quickly find neighbouring good friend, stranger.In the present invention, use Family can select the object that position is shared when being searched using nearby friends, neighbouring stranger searching this position shared service, User is allowed to select for the position of oneself to be exposed to a part of good friend, rather than all of good friend.
The method for secret protection of the position shared system in mobile social networking of the invention, comprises the following steps:
A kind of method for secret protection of the position shared system in mobile social networking, comprises the following steps:
Step 1:Online social network server is that user terminal generates user's assumed name, and user terminal is on location server Enter row positional information based on user's assumed name to log in:
101:User terminal initiates the generation request of user's assumed name to online social network server:
User terminal generates random key pair, and using private key when registering social activity identity ID as key, to social identity ID Asymmetric encryption is carried out with timestamp and generate the first digital signature, and will be signed comprising social identity ID, timestamp, the first numeral Name, user's assumed name generation request of the public key of random key pair are sent to online social network server;
102:Online social network server carries out social identity ID checkings to user terminal:By user's registration social activity identity Public key during ID is decrypted and verifies social identity ID to the first digital signature for receiving;
Online social network server is to generate user's assumed name at random and return to user terminal by the user for verifying, while The public key of active user's assumed name and random key pair from user terminal is sent to location server;And update local social User's assumed name of current social activity identity ID in network data base, wherein social network database include that social identity ID, user are false Name, the social identity ID of good friend;
103:User terminal is based on active user's assumed name and generates login location information and be sent to location server, wherein position Logon information include user's assumed name, timestamp, the second digital signature, customer location, by lookup distance, second digital signature For:Asymmetric encryption generation is carried out to active user's assumed name and timestamp as key using the private key of current random key pair;Quilt Searching distance includes:The distance that customer location is searched by good friend, stranger;
104:Location server carries out user's assumed name checking to user terminal, and safeguards local position data storehouse:
User's assumed name is verified:Based on the public key of the random key pair matched with user's assumed name, the second digital signature is carried out Decrypt and verify user's assumed name;
Safeguard in local position data storehouse:Local position data storehouse will be saved in by the login location information verified;Institute Stating location database includes:Customer location, searched distance, the public key of current random key pair and user's assumed name;
Step 2:Location lookup request is processed:
201:User terminal sends the first search request to online social network server, and first search request includes: Social identity ID, lookup type, social identity access rights, wherein social identity access rights are:Allow to access this end subscriber Buddy list;
202:Online social network server is based on lookup type and carries out lookup treatment:
If lookup type is good friend, the social identity ID and user's assumed name of the good friend of social identity access rights will be met Return to user terminal;
If lookup type is stranger, holding fix server sends second user assumed name set, when receiving the second use During the assumed name set of family, the good friend that social network server will belong to the user of currently transmitted first search request uses from described second After being deleted in the assumed name set of family, then the set of second user assumed name, corresponding social identity ID are returned into user terminal;
203:User terminal sends the second search request to location server, and second search request includes:User's assumed name, Type, seeking scope, position access control are searched, wherein position access control is:Whether the customer location of this end subscriber is shown;
204:Location server is based on lookup type and carries out lookup treatment:
If lookup type is good friend, location server is searched and meets query context and all users vacation by lookup distance Name, obtains initial lookup set;And based on whether be transmitted across show this end-user locations position access control, to initial lookup Set is divided:If not being transmitted across, the first subset is divided into;Otherwise it is divided into yield in the second subset;By the user of the first subset User's assumed name and customer location of assumed name and yield in the second subset return to user terminal;
If lookup type is stranger, location server is searched and meets seeking scope and all users by lookup distance Assumed name, obtains second user assumed name set, and the second user assumed name set is returned into user terminal, and is sent to online society Hand over the webserver;
205:User terminal is matched to the return information of online social network server and location server, is searched As a result.
In sum, by adopting the above-described technical solution, the beneficial effects of the invention are as follows:
(1) location privacy protection.The present invention has taken into full account that user is searched using nearby friends, stranger searches this position Location privacy protection problem that may be present during shared service is put, online social network server and location server can be reached On customer location secret protection.
(2) social networks secret protection.The present invention has taken into full account the social pass of user on online social network server It is Privacy Protection, user social contact relation secret protection on location server can be reached.
(3) high efficiency.Privacy preserving algorithms proposed by the invention, contrast and traditional symmetrical/rivest, shamir, adelman It is more efficient.
Brief description of the drawings
Fig. 1 is position update flow figure of the invention;
Fig. 2 is Fellow searching flow chart of the invention;
Fig. 3 is that stranger of the invention searches flow chart;
Wherein, LS represents location server, and SNS represents online social network server, and ID represents the social activity of social user Identity, pid represents that SNS is user's assumed name of user's generation.
Specific embodiment
To make the object, technical solutions and advantages of the present invention clearer, with reference to implementation method and accompanying drawing, to this hair It is bright to be described in further detail.
The implementation process of the method for secret protection of position shared system proposed by the present invention is as follows:
(1) position shared system
For realizing that position shared system of the invention mainly includes three parts:Terminal, location server, online social network Network server.User initiates the request of the good friend, stranger of inquiry specified range by the terminal (abbreviation user terminal) for carrying. Terminal can be communicated with location server and online social network server.Online social network server management is social to be used The social identity information (User Identity) at family, buddy list info and authentication etc..Social network server is online User provides the online social networking service based on social identity.Location server manages user's assumed name of all users, right The position answered and authentication, and provide position related service.
(2) lookup method is set
Lookup, the matching treatment being related in this specific embodiment are using red-black balance search tree as data knot Structure, button is searched.
(3) privacy protection policy
Three steps can be divided into:User's registration, location updating and request are submitted to.
(3.1) user logs in
In the present invention, the different coordinate positions of user correspond to different user's assumed names respectively, when customer location changes When, then need to initiate the request of generation user's assumed name to online social network server first, then based on current user's assumed name Logged on location server so that location server energy real time record customer location.
Logged in on location server including being logged on online social network server.
Logged on online social networks:
Online social network server stores ID and corresponding buddy list.Such as online social network server The social network database of user is safeguarded in the form of { (ID, pid, G, PK) }.Wherein user social network diagram G=(V, E), V represents the summit of social network diagram, and E represents the side of social network diagram, and (PK, SK) is user in online social networking service The key pair during social activity identity ID is registered on device, usually third-party digital certificate server generation, for carrying out user's Social identity ID, in order to distinguish different user, PK represents public key, and SK represents private key, can be entered by the subscript with user identifier Row is distinguished, such as PKID、SKID
When user initiates the generation of user's assumed name to social network server every time, user terminal can generate random key pair User identity (user's assumed name) certification that (pk, sk) is used on location server, wherein pk is Public Key, and sk is privately owned close Key, in order to distinguish the random key pair of different user, can be made a distinction by the subscript with user identifier, such as (pkID, skID)。
User is by social identity ID checking requests (ID, ts, SigSKID(ID, ts), pk) it is sent to online social networks clothes Business device, wherein SigSKID(ID, ts) is user by ID and timestamp ts with registering private key SK during social activity identity IDIDAs The digital signature of asymmetric encryption (such as RSA public key encryptions) generation of key, i.e. the first digital signature.
Public key PK when online social network server is by user's registration social activity identity IDIDIt is decrypted, and once The validity of the social identity ID of checking is demonstrated, online social network server will at random generate user's assumed name for user Pid, and the pid is unique, in order to identify the corresponding relation of user's assumed name and user, can be by the subscript with user identifier Make a distinction, such as ID, corresponding user's assumed name is then pidID.Final online social network server will be current User's assumed name pid of generation is sent to user, while (pid, pk) is sent into location server.
Logged on location server:
Location server carrys out maintenance position database in the form of { (pid, pk, (x, y), dif, s) }.Wherein pid is represented User's assumed name, pk represents that public key for certification user's assumed name, (x, y) represent that customer location, dif represent that pid is looked into by its good friend The distance looked for, s represents the distance that pid is searched by stranger.The user verified by social identity ID is sent to location server Login location information (pid, ts, Sigsk (pid, ts), (x, y), difID,sID), wherein Sigsk (pid, ts) is user to work as Preceding sk carries out the digital signature of asymmetric encryption generation as key to user's assumed name pid and timestamp ts, i.e., the second numeral is signed Name, dif represents the distance that customer location can be inquired about by good friend, and s represents the distance that customer location can be inquired about by stranger, (x, y) represent customer location, in order to distinguish different user apart from dif, apart from s and position, by with user identifier Subscript makes a distinction, and the customer location of such as correspondence social activity identity ID is (xID,yID), the customer location can be by good friend, stranger The distance of inquiry is respectively difID、sID.Location server using from online social network server and with active user's assumed name The public key pk of the random key pair of matching, the legitimacy of checking signature Sigsk (pid, ts).To be believed by the login location verified Breath is saved in local position data storehouse.
In the present invention, different customer location one user's assumed names of correspondence, when user position update, its handling process Processing mode with new position log-on message is identical, referring to Fig. 1, user terminal firstly generate for verify user's assumed name with secret Key is to after (pk ', sk '), then social identity ID checkings are carried out on SNS (online social network server), will while checking The public key pk ' of the random key pair being currently generated is sent to SNS;SNS is that the user verified by social identity ID is regenerated User assumed name pid ', and user's assumed name is unique.Meanwhile, SNS update user social network database (ID, pid ', G, pk) }, and pid ' is sent to user, while will (pid ', pk ') it is sent to LS.
User by login location information (pid ', Sigsk ' Sigsk ' (pid ', ts), (x ', y '), dif s) is sent to LS, After LS pk ' are decrypted and are verified the validity of active user's assumed name pid ', new customer location (x ', y ') will with (pid ', Form pk ', (x ', y '), dif, s) } is saved in location database.
(3.3) search request is submitted to and processed
It is currently to complete corresponding authentication, wherein SNS on SNS, LS that user can submit the premise of search request to On be complete to the first digital signature (SigSKID(ID, ts)) verification process, that is, verify that the decryption of first digital signature is obtained Whether ID is consistent with the ID for receiving;It is to complete to the verification process of the second digital signature Sigsk (pid, ts) on LS, that is, verifies the Whether the pid that the decryption of two digital signature is obtained is consistent with the pid for receiving.
Search request includes that friend location search request, stranger's location lookup are asked.
Referring to Fig. 2, friend location search request flow is:
After user terminal currently completes corresponding authentication on SNS, LS, user terminal sends the first lookup to SNS please Ask, wherein the first search request includes:Social identity ID, lookup type (good friend), social identity access rights, wherein social body Part access rights can use field " Y/N/<friends-set>" mode be configured, wherein Y is represented allows all good friends to visit Its customer location is asked, N represents that the ID of user allows good friend to access but customer location refuses accessed, and the default symbol of Y/N is NULL, <friends-set>Represent the good friend for allowing its position of access that user specifies.
Such as NULL/NULL/<friends-set>Represent and only allow<friends-set>(user is false for the good friend for specifying Name) this end subscriber (sending the user of the first search request) customer location is accessed, it is non-<friends-set>The good friend for specifying allows Access the social identity ID but denied access customer location of this end subscriber;NULL/N/NULL represents the use for not showing this end subscriber The social identity ID of family position, i.e. this end subscriber allows good friend to access but customer location refuses accessed.
Because current lookup type is good friend, therefore SNS will directly meet the social body of the good friend of social identity access rights Part ID and user's assumed name return to user terminal:
SNS devices manage the buddy list and its corresponding user's assumed name of user, and the social identity ID based on lookup side is in society Inquiry obtains the buddy list of lookup side and its SNS lookup results of user's assumed name in handing over network data base, uses Friend-Set SNS lookup results are represented, then Friend-Set={ (ID1,pid1),…,(IDi,pidi),…,(IDn,pidn)}.Again will The element for allowing the side of lookup to access customer location in Friend-Set is divided into set Friend-Set '.Finally, SNS will Friend-Set ' is sent to lookup side.
Meanwhile, user terminal sends the second search request to LS, wherein the second search request includes:User's assumed name, lookup class Type (good friend), seeking scope, position access control, wherein position access control is:Whether the customer location of this end subscriber is shown, The customer location for not showing this end subscriber is for example represented with field Y/N/NULL, field Y/NULL/NULL represents that display local terminal is used The customer location at family.
To the user being verified by user's assumed name, LS is searched and is met query context and all users by lookup distance Assumed name, obtains initial lookup set.For example when the preceding search request condition (pid, l, Y/N/NULL) sent to LS, wherein letter L represents the seeking scope of the friend location that user specifies, then LS is searched with the position (x, y) of user's assumed name pid as the center of circle, and l is Meet by all user's assumed names apart from dif of Fellow searching in the circle of radius, obtain initial lookup collection and share PID0, wherein PID0={ pid1,…,pidi,…,pidn, wherein i (i=1 ..., n), then PID0In all user's assumed names should meet Following condition:
dis((x,y),(xi,yi))≤min(l,difi)
Wherein dis () represents distance function, that is, calculate the distance between any two customer location, and min () represents meter Calculate the function of minimum value.
Because current lookup type is good friend, whether LS is transmitted across N according to user terminal, and (i.e. position access control is set to:No Show the customer location of this end subscriber), when type is searched to search good friend, by set PID0In user's assumed name be divided into two Point, if active user's assumed name is transmitted across N to LS, active user's assumed name will be divided into subclass PID1In (be rejected Access its customer location), otherwise it is divided into subclass PID2(allowing to access customer location);
Based on the division result to initial lookup set, by subclass PID1, subclass PID2And its corresponding user's assumed name It is sent to user terminal.
User terminal is matched the information from SNS and LS, matching process:Belong to PID for any1User it is false Name pidiIf, pidiBelong to Friend-Set ', then user gets pidiCorresponding social identity ID.Belong to for any PID2User's assumed name pidiIf, pidiBelong to Friend-Set ', then user gets pidiCorresponding social identity IDi And position (xi,yi)。
Referring to Fig. 3, stranger's location lookup request flow is:
After user terminal currently completes corresponding authentication on SNS, LS, user terminal sends the to user terminal to SNS One search request, i.e. user verify whether social identity ID is effective on SNS.Wherein the first search request includes:Social identity ID, lookup type (stranger), social identity access rights.
Because current lookup type is stranger, SNS waits LS to send user's assumed name set.
User terminal sends the second search request to LS, wherein the second search request includes:User's assumed name, lookup type (footpath between fields Stranger), seeking scope, position access control (when search type be stranger when, location fix control can be with default setting).
For example when the preceding search request condition sent to LS is (pid, d, s), wherein d represents the stranger that lookup side specifies Location lookup scope.Then LS is searched and is met seeking scope and all user's assumed names by lookup distance simultaneously, and it is false to form user PID is sent to user by name set PID, LS.
For example inquire about the user's assumed name collection for obtaining and be combined into PID={ (pid1,(x1,y1)),…,(pidi,(xi,yi)),…, (pidn,(xn,yn)), the element in all PID meets following condition:
dis((x,y),(xi,yi))≤min(d,si)
In order to further enhance location privacy protection, LS randomly chooses some user's assumed name (units in PID before non-addition Element) increase to user's assumed name set PID for obtaining of inquiry, then PID is sent in SNS.Therefore SNS cannot distinguish between set Which user's assumed name in PID meets the seeking scope (i.e. the access distance of the side of lookup) of current lookup side, therefore further increases The strong secret protection of user.
The element of user's assumed name for belonging to user good friend in the set PID that SNS will be received removes, then again by PID and its The corresponding social identity ID of all elements is with { (ID1,pid1),…,(IDi,pidi),…,(IDn,pidn) form be sent to User.
After user receives the message from SNS and LS, it is matched, matching process:Belong to set for any User's assumed name pid of PIDiIf, pidiBelong to PID2, then user obtains pidiCorresponding social identity information IDiAnd position (xi,yi)。
The above, specific embodiment only of the invention, any feature disclosed in this specification, except non-specifically Narration, can alternative features equivalent by other or with similar purpose replaced;Disclosed all features or all sides Method or during the step of, in addition to mutually exclusive feature and/or step, can be combined in any way.

Claims (2)

1. the method for secret protection of the position shared system in a kind of mobile social networking, it is characterised in that comprise the following steps:
Step 1:Online social network server is that user terminal generates user's assumed name, and user terminal is based on location server User's assumed name enters row positional information and logs in:
101:User terminal initiates the generation request of user's assumed name to online social network server:
User terminal generates random key pair, and using private key when registering social activity identity ID as key, to social identity ID and when Between stamp carry out asymmetric encryption and generate the first digital signature, and will comprising social activity identity ID, timestamp, the first digital signature, with User's assumed name generation request of the public key of secret key pair is sent to online social network server;
102:Online social network server carries out social identity ID checkings to user terminal:During by user's registration social activity identity ID Public key to receive the first digital signature be decrypted and verify social identity ID;
Online social network server is to generate user's assumed name at random and return to user terminal by the user for verifying, while ought The public key of preceding user's assumed name and the random key pair from user terminal is sent to location server;And update local social networks User's assumed name of current social activity identity ID in database, wherein social network database include social identity ID, user's assumed name, good The social identity ID of friend;
103:User terminal is based on active user's assumed name and generates login location information and be sent to location server, wherein login location Information include user's assumed name, timestamp, the second digital signature, customer location, by lookup distance, second digital signature is: Asymmetric encryption generation is carried out to active user's assumed name and timestamp as key using the private key of current random key pair;Searched Distance includes:The distance that customer location is searched by good friend, stranger;
104:Location server carries out user's assumed name checking to user terminal, and safeguards local position data storehouse:
User's assumed name is verified:Based on the public key of the random key pair matched with user's assumed name, the second digital signature is decrypted And verify user's assumed name;
Safeguard in local position data storehouse:Local position data storehouse will be saved in by the login location information verified;Institute's rheme Putting database includes:Customer location, searched distance, the public key of current random key pair and user's assumed name;
Step 2:Location lookup request is processed:
201:User terminal sends the first search request to online social network server, and first search request includes:It is social Identity ID, lookup type, social identity access rights, wherein social identity access rights are:Allow to access the good of this end subscriber Friendly list;
202:Online social network server is based on lookup type and carries out lookup treatment:
If lookup type is good friend, the social identity ID and user's assumed name that will meet the good friend of social identity access rights are returned To user terminal;
If lookup type is stranger, holding fix server sends second user assumed name set, false when second user is received During name set, the good friend that social network server will belong to the user of currently transmitted first search request is false from the second user After being deleted in name set, then the set of second user assumed name, corresponding social identity ID are returned into user terminal;
203:User terminal sends the second search request to location server, and second search request includes:User's assumed name, lookup Type, seeking scope, position access control, wherein position access control is:Whether the customer location of this end subscriber is shown;
204:Location server is based on lookup type and carries out lookup treatment:
If lookup type is good friend, location server is searched and meets query context and all user's assumed names by lookup distance, Obtain initial lookup set;And based on whether be transmitted across show this end-user locations position access control, to initial lookup collection Conjunction is divided:If not being transmitted across, the first subset is divided into;Otherwise it is divided into yield in the second subset;The user of the first subset is false User's assumed name and customer location of name and yield in the second subset return to user terminal;
If lookup type is stranger, location server is searched and meets seeking scope and all users vacation by lookup distance Name, obtains second user assumed name set, and the second user assumed name set is returned into user terminal, and is sent to online social activity The webserver;
205:User terminal is matched to the return information of online social network server and location server, obtains searching knot Really.
2. the method for claim 1, it is characterised in that in step 204, when it is stranger to search type, position clothes Business device is then forwarded to online social networking service after the random multiple user's assumed names of addition in the second user assumed name set Device, wherein in second user assumed name set of the user's assumed name for adding not before addition.
CN201710287904.0A 2017-04-27 2017-04-27 Privacy protection method of location sharing system in mobile social network Active CN106899700B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710287904.0A CN106899700B (en) 2017-04-27 2017-04-27 Privacy protection method of location sharing system in mobile social network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710287904.0A CN106899700B (en) 2017-04-27 2017-04-27 Privacy protection method of location sharing system in mobile social network

Publications (2)

Publication Number Publication Date
CN106899700A true CN106899700A (en) 2017-06-27
CN106899700B CN106899700B (en) 2020-01-14

Family

ID=59197552

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710287904.0A Active CN106899700B (en) 2017-04-27 2017-04-27 Privacy protection method of location sharing system in mobile social network

Country Status (1)

Country Link
CN (1) CN106899700B (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108390865A (en) * 2018-01-30 2018-08-10 南京航空航天大学 A kind of fine-grained access control mechanisms and system based on privacy driving
CN108494666A (en) * 2018-04-01 2018-09-04 王勇 Internet chat tool
CN109348413A (en) * 2018-11-26 2019-02-15 苏州达家迎信息技术有限公司 Location information sharing method, device, equipment and storage medium
CN110166350A (en) * 2019-06-06 2019-08-23 深圳市加农炮网络技术有限公司 A kind of open social network communication agreement
CN110569413A (en) * 2019-08-16 2019-12-13 湖北工业大学 Indexing system and method for protecting member privacy in social network
CN110602631A (en) * 2019-06-11 2019-12-20 东华大学 Processing method and processing device for location data for resisting conjecture attack in LBS
CN110650113A (en) * 2018-04-24 2020-01-03 物联智慧股份有限公司 Data encryption and decryption method and system, networking device and data encryption and decryption method thereof
CN110933050A (en) * 2019-11-18 2020-03-27 湖北工业大学 Privacy protection position sharing system and method
CN111061919A (en) * 2019-08-29 2020-04-24 上海岚孜网络科技有限公司 Edge randomization algorithm and authority control method for social network group
CN112800458A (en) * 2021-01-26 2021-05-14 华南理工大学 Track privacy protection method based on relationship strength among users in social network

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140143241A1 (en) * 2012-11-19 2014-05-22 Daniel Dee Barello Internet news platform and related social network
CN103984764A (en) * 2014-05-30 2014-08-13 石家庄铁道大学 Individuation privacy protection method for sensing semantic query based on road network
CN104219245A (en) * 2014-09-19 2014-12-17 西安电子科技大学 System and method for location based service-orientated user privacy protection
CN104836789A (en) * 2015-03-20 2015-08-12 湖南科技大学 Location privacy protection scheme based on space region anonymity
CN105721433A (en) * 2016-01-18 2016-06-29 河南科技大学 Access control method of user private data of online social networks
US20170099133A1 (en) * 2015-10-01 2017-04-06 Pitney Bowes Inc. Method and system for privacy-friendly location-based advertising

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140143241A1 (en) * 2012-11-19 2014-05-22 Daniel Dee Barello Internet news platform and related social network
CN103984764A (en) * 2014-05-30 2014-08-13 石家庄铁道大学 Individuation privacy protection method for sensing semantic query based on road network
CN104219245A (en) * 2014-09-19 2014-12-17 西安电子科技大学 System and method for location based service-orientated user privacy protection
CN104836789A (en) * 2015-03-20 2015-08-12 湖南科技大学 Location privacy protection scheme based on space region anonymity
US20170099133A1 (en) * 2015-10-01 2017-04-06 Pitney Bowes Inc. Method and system for privacy-friendly location-based advertising
CN105721433A (en) * 2016-01-18 2016-06-29 河南科技大学 Access control method of user private data of online social networks

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108390865A (en) * 2018-01-30 2018-08-10 南京航空航天大学 A kind of fine-grained access control mechanisms and system based on privacy driving
CN108494666A (en) * 2018-04-01 2018-09-04 王勇 Internet chat tool
CN110650113A (en) * 2018-04-24 2020-01-03 物联智慧股份有限公司 Data encryption and decryption method and system, networking device and data encryption and decryption method thereof
CN109348413B (en) * 2018-11-26 2020-10-02 苏州达家迎信息技术有限公司 Position information sharing method, device, equipment and storage medium
CN109348413A (en) * 2018-11-26 2019-02-15 苏州达家迎信息技术有限公司 Location information sharing method, device, equipment and storage medium
CN110166350A (en) * 2019-06-06 2019-08-23 深圳市加农炮网络技术有限公司 A kind of open social network communication agreement
CN110166350B (en) * 2019-06-06 2021-08-03 雷雨 Open social network communication method
CN110602631A (en) * 2019-06-11 2019-12-20 东华大学 Processing method and processing device for location data for resisting conjecture attack in LBS
CN110569413A (en) * 2019-08-16 2019-12-13 湖北工业大学 Indexing system and method for protecting member privacy in social network
CN110569413B (en) * 2019-08-16 2022-11-18 湖北工业大学 Indexing system and method for protecting member privacy in social network
CN111061919A (en) * 2019-08-29 2020-04-24 上海岚孜网络科技有限公司 Edge randomization algorithm and authority control method for social network group
CN110933050A (en) * 2019-11-18 2020-03-27 湖北工业大学 Privacy protection position sharing system and method
CN110933050B (en) * 2019-11-18 2022-04-01 湖北工业大学 Privacy protection position sharing system and method
CN112800458A (en) * 2021-01-26 2021-05-14 华南理工大学 Track privacy protection method based on relationship strength among users in social network

Also Published As

Publication number Publication date
CN106899700B (en) 2020-01-14

Similar Documents

Publication Publication Date Title
CN106899700A (en) A kind of method for secret protection of the position shared system in mobile social networking
Liu et al. A survey on secure data analytics in edge computing
Sun et al. User-defined privacy location-sharing system in mobile online social networks
Wei et al. Mobishare: Flexible privacy-preserving location sharing in mobile online social networks
Dong et al. Secure friend discovery in mobile social networks
Zhu et al. An efficient privacy-preserving location-based services query scheme in outsourced cloud
Puttaswamy et al. Preserving location privacy in geosocial applications
Khaliq et al. A secure and privacy preserved parking recommender system using elliptic curve cryptography and local differential privacy
US9003486B2 (en) Methods and apparatus for reliable and privacy protecting identification of parties&#39; mutual friends and common interests
Shen et al. An efficient and privacy-preserving location sharing mechanism
Hasan et al. WORAL: A witness oriented secure location provenance framework for mobile devices
Zhuo et al. Privacy-preserving verifiable proximity test for location-based services
CN109818729A (en) Secret protection average distance querying method based on Paillier homomorphic cryptography
Gope Anonymous mutual authentication with location privacy support for secure communication in M2M home network services
CA2768362C (en) Trusted query network systems and methods
Komninos et al. Privacy preserving attribute based encryption for multiple cloud collaborative environment
KR101760600B1 (en) A Trustless Broker Based Protocol to Discover Friends in Proximity-Based Mobile Social Network and System Therefor
Chen et al. Preserving user location privacy for location-based service
Al-Nazzawi et al. Toward privacy protection for location based recommender systems: a survey of the state-of-the-art
Mocktoolah et al. Privacy challenges in proximity based social networking: Techniques & solutions
Teerakanok et al. A privacy-preserving framework for location-based service: a review of structural design and analysis
Barriga A et al. Enhancement to the privacy-aware authentication for wi-fi based indoor positioning systems
Alzaabi et al. Ensuring anonymity for LBSs in smartphone environment
CN110069945A (en) A kind of method, apparatus and system of privacy of user protection
Bukhari et al. Privacy provision for tip attributes in NTTP based LBS systems

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant