CN106954182A - A kind of anonymous region generation method and location privacy protection method - Google Patents
A kind of anonymous region generation method and location privacy protection method Download PDFInfo
- Publication number
- CN106954182A CN106954182A CN201710146404.5A CN201710146404A CN106954182A CN 106954182 A CN106954182 A CN 106954182A CN 201710146404 A CN201710146404 A CN 201710146404A CN 106954182 A CN106954182 A CN 106954182A
- Authority
- CN
- China
- Prior art keywords
- user
- request
- data
- poi
- poi data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/02—Services making use of location information
- H04W4/023—Services making use of location information using mutual or relative location information between multiple location based services [LBS] targets or of distance thresholds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/2866—Architectures; Arrangements
- H04L67/2871—Implementation details of single intermediate entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
- H04L67/568—Storing data temporarily at an intermediate stage, e.g. caching
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Information Transfer Between Computers (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of anonymous region generation method and location privacy protection method, anonymous region generation method is based on space K anonymous methods and carries out anonymous Area generation, location privacy protection method uses multiple module access protection mechanism, carry out caching standardization, when targeted customer sends LBS service request according to local from targeted customer, neighbor user in network, the priority level of LBS service device obtains POI data, and use foregoing anonymous region generation method to carry out anonymous Area generation when obtaining POI data to LBS service device, LBS service request is sent to LBS service device as the anonymous location of user based on anonymous region, and the POI data for returning to LBS service device is exported.The present invention combines cache methods with space K anonymous methods to protect the location privacy of user; the inquiry request that user sends can at utmost be reduced; the secret protection grade of user can be lifted again, so as to preferably solve the problem of server and channel burdens are overweight, information recycling rate of waterused is low.
Description
Technical field
The present invention relates to location privacy protection technology, and in particular to a kind of anonymous region generation method and location privacy protection
Method.
Background technology
In recent years, the development particularly mobile positioning technique and wireless communication technology of information technology are developed rapidly so that
LBS (Location Based Service, based on location-based service) is widely used popularization, can be whenever and wherever possible by LBS user
The inquiry information service related to position interested.However, because all location Based services are required for user to submit to the greatest extent
The positional information of possible accuracy gives LBS service provider, could obtain and accurately easily service, this causes the positional information of user
In the server of location based service provider, service provider may infer that the place that user once went or will go,
What was done, there are the individual privacy informations such as what hobby.And service provider may malicious exploitation these data (such as
Reveal to advertiser), cause greatly inconvenience to user's life or even threaten.
In fact, location privacy protection causes the concern of scholar very early, it is defined as preventing opponent from deducing use
The ability of family current and past position.The algorithm of protection customer location privacy has pointed out a lot, space K anonymities (k-
Anonymity) method is as this field most a kind of classical method, is from data-privacy earliest by Marco Gruteser et al.
The method that protection field is introduced, its main thought is, by k different identity tag information of a certain position correspondence, to make malicious person not
The positional information of acquisition can be matched with the true identity in k identity.But it is fast due to present-day data digging technology
Speed development, opponent can deduce the true identity of user according to positional information completely using data mining technology.And using
In the method for space Anonymizer (AS), AS is responsible for user's actual position being hidden in one piece of band of position to realize obfuscation,
There are many defects in this use AS method.It will pass through with receiving information on services firstly, since all users send request
AS, this can produce serious bottleneck problem;Secondly, system is easily attacked by single-point, if AS is broken through by opponent, all users'
Information all will leakage;Finally, many algorithms assume that AS is believable, and it is the increase in nothing but another " service offer
Business ", this hypothesis is inherently along with risk.Although some anonymity algorithms based on mobile terminal are suggested, generally existing
The problem of asking frequent, calculating and larger traffic overhead, moreover, protection class and service quality in these traditional guard methods
Between intrinsic contradictions be difficult obtain balance.Importantly, it was noted that the Move Mode of user is design mobile subscriber
The key factor considered is needed during secret protection, and rarely has research to consider this factor.In addition, many algorithms before
Just abandoned after user has utilized the information of acquisition, how to improve these still has the information recycling rate of waterused of value to be also worth
Thinking.
Space anonymity is that the accurate location of user is converted into one to include the area of space including customer location, during inquiry
This area of space is sent to LBS service device so that LBS service device can not know the particular location of user in this region.
There is document to propose obfuscation as a kind of mechanism of location privacy protection that but it can only concentrate hiding unique user for the first time
Positional information, lack retractility when a large number of users is concurrently inquired about.There is document that position k anonymity technologies are hidden applied to space
Name, and introduce one and can handle the trusted third party AS that a large number of users is concurrently inquired about, is inquired about instead of user and will be accurately by AS
Information is returned.But this method it is also proposed higher performance requirement to trusted third party AS, once and trusted third party AS
Become it is insincere when, can be very big to the threat of position privacy leakage.There is document to propose a kind of distributed frame, it is solid by some
The fixed communications infrastructure such as base station is communicated between realizing user, and user is voluntarily found k user by network and forms required
Anonymous location region, without passing through AS, the problem of being brought this avoid AS.Hide the position for thering is document to propose P2P
Communicated between name algorithm, user by the communications infrastructure broadcasted rather than fixed.User passes through single-hop or many during inquiry
The mode of jump finds k user and carries out anonymous, the anonymous area of space of formation, and therefrom selects a user as agency, by generation
Manage to LBS service device and send inquiry request, agency receives result is filtered after candidate result collection after return to user.This method
The problem of location privacy protection is present is largely solved, but has the disadvantage to disappear to the network bandwidth during a large number of users inquiry
Consumption is larger.
Because the focus of location privacy protection has been limited in processing and has been sent to asking for service provider by research before
Ask in content, in order to improve security and service quality, in recent years, academia's reduction that begins one's study is sent to service provider
Number of requests.Because the request for sending content supplier to is fewer, exposed user privacy information is fewer, and opponent successfully obtains
The chance for taking family location privacy is lower;In addition, being said on stricti jurise, there is security risk in networking.Cache methods are therefore
Arise at the historic moment, it gets up the effective content caching obtained to reuse, and improves security intensity and service quality.
Shahriyar et al. proposes the location privacy protection that cache systems are used for realizing user in the literature first, because
All there is a phase for most location-based service POI (Point of Interest, the information name interested of user's request)
When long effective time, the POI of some regions can be downloaded store completely by user in advance, when obtaining relevant information in the future
It need to only be asked in local obtain without being sent to content supplier, so as to realize secret protection.But such a method requires to use
Family is previously stored the inner huge data in a sheet of region (such as one city), thus cache contents are blindly, and wastes storage
Space.
The MobiCrowd methods that Shokri et al. is proposed in the literature, are a kind of distributions completed by user collaboration
Location privacy protection method.When its main thought is that user needs service, request is sent to periphery neighbor user first, from him
Obtain required POI in the content that caches.But this method does not account for cache hit probability, real protection effect allows
People queries;Secondly, for can not from it is local obtain related content in the case of, that is, need to send request to service provider
Situation, document does not consider.And have in the method that document is pointed out, if user can not obtain content in local cache, it is
System can select some dummy locations to realize anonymous request, and the method for the false position of this selection is easily by data mining and the back of the body
Scape knowledge is attacked.
In summary, anonymous region generation method and location privacy protection how to be realized, have become one it is urgently to be resolved hurrily
Key technical problem.
The content of the invention
The technical problem to be solved in the present invention:Above mentioned problem for prior art is hidden there is provided one kind based on locational space K
Name method, can effectively protect user location privacy anonymous region generation method, and in the anonymous region generation method
On the basis of, a kind of multiple module access protection mechanism based on user's Move Mode is realized, it is anonymous with reference to cache methods and space K
Method protects the location privacy of user, can at utmost reduce the inquiry request that user sends, the hidden of user can be lifted again
Private protection class, so as to preferably solve the position for the problem of server and channel burdens are overweight, information recycling rate of waterused is low
Method for secret protection.
In order to solve the above-mentioned technical problem, the technical solution adopted by the present invention is:
First, the present invention provides a kind of anonymous region generation method, and implementation steps include:
1) map is divided into size identical cell in advance, gone over according to user's POI data counting user of caching
The Probability p of request is sent in each unit lattice;
2) when user sends LBS service request to LBS service device, the current location a of user is obtainedr, according to user's
Current location arThe cell formed after k-1 anonymity, and root are obtained using locational space K anonymous methods from peripheral unit lattice
The out-of-date degree of data stored according to each cell chooses the out-of-date cell of data and is used as the anonymous zone for being sent to LBS service device
Domain.
Preferably, step 2) detailed step include:
2.1) when user sends LBS service request to LBS service device, execution next step is redirected;
2.2) the current location a of user is obtainedr, by current location arPeripheral unit lattice according to Probability p size sort;
2.3) the z peripheral unit lattice specified are selected according to the principle of Probability p from big to small and obtain set Cc;
2.4) from set CcMiddle all subset C ' composition candidate collections containing k-1 cell of selectionWherein k is less than
z;
2.5) to candidate collectionIn the out-of-date degree of each subset C ' calculating data;
2.6) the out-of-date degree of output data and the optimal subset C ' of caching contribution rate k-1 cell are as being sent to LBS
The anonymous region of server.
Preferably, step 2.4) middle composition candidate collectionFunction expression such as formula (1) shown in;
In formula (1),Represent candidate collection, subset of the C ' expressions containing k-1 cell, CcRepresent according to Probability p from
Small principle is arrived greatly selecting the z peripheral unit lattice specified and gathered, k is anonymity level and is the integer less than z.
Preferably, step 2.5) fall into a trap and count according to shown in the function expression such as formula (2) of out-of-date degree;
In formula (2), O represents the out-of-date degree of data, and n represents the cell quantity in anonymous region, tiRepresent i-th of cell
Corresponding user's POI data downloads the existence time of dependence, T from LBS service deviceiRepresent the corresponding user of i-th of cell
The life cycle of POI data.
Preferably, step 2.6) in the out-of-date degree of output data and the optimal subset C ' of caching contribution rate k-1 cell
Function expression such as formula (3) shown in;
In formula (3), CsRepresent that the out-of-date degree of data and caching contribution rate optimal subset C ', k are anonymity level and are less than z
Integer, O represents the out-of-date degree of data, αiRepresent contribution rate of i-th of cell to cache hit rate of selection, and αiValue and
User's past sends the Probability p of request in i-th of celliIt is equal.
Further, the present invention also provides a kind of location privacy protection method, and implementation steps include:
S1) access control middleware is set in the interruption equipment of each user in advance, passes through access control middleware meter
Calculate the positional information of user and cache the POI data of LBS service request;Under being performed when targeted customer sends LBS service request
One step;
S2 the POI data) cached in the local access control middleware of targeted customer obtains POI data, if obtained
Success, then export the POI data of acquisition and exit;Otherwise execution step S3 is redirected);
S3) neighbor user into network sends LBS cooperations and mutually takes request, in the middle of the local access control of neighbor user
Shared POI data is obtained in part, POI data is obtained in the POI data shared from all neighbor users, if obtained successfully,
Then export the POI data of acquisition and exit;Otherwise execution step S4 is redirected);
S4) targeted customer is generated for being sent to LBS service device according to the foregoing anonymous region generation method of the present invention
Anonymous region, and LBS service request is sent to LBS service device as the anonymous location of user based on the anonymous region, and will
The POI data output that LBS service device is returned.
Preferably, step S1) in by access control middleware calculate user positional information when also include determine user
Personal audience venue, the access control middleware cache POI data when, if LBS service request physical location for individual
Place, then specify the POI data in radius to be cached on the physical location periphery, and to the non-sensitive information of storage
It is set to default sharing;If the physical location of LBS service request is non-personal audience venue, the physical location periphery is not cached and is referred to
Determine the POI data in radius.
Preferably, the personal audience venue for determining user is specifically referred to:What counting user appeared in a certain position goes out occurrence
Number n, if occurrence number n of the user in a certain position is more than default threshold value c, judges personal field of the position as user
Institute.
Preferably, step S2) detailed step include:
S2.1) searched in the POI data cached in the local access control middleware of targeted customer and LBS service request
The POI data of matching, obtains set P1, wherein P1={ ap1,ap2, ap1,ap2It is the POI data of matching;
S2.2) will set P1Common factor is taken with the ideal zone request complete or collected works Q of targeted customer | P1∩ Q |, wherein Q={ aq1,
aq2, aq1,aq2It is the ideal zone request complete or collected works Q of targeted customer POI data;
S2.3) according to formula (4) first order calculation information threshold λ1If calculating obtained primary information threshold λ1More than or equal to pre-
If one-level expect threshold gamma1, then will occur simultaneously | P1∩ Q | export and exit, otherwise redirect execution step S3);
In formula (4), λ represents primary information threshold, | P1∩ Q | represent set P1With the ideal zone request complete or collected works Q of targeted customer
Take common factor, P1Represent in the POI data cached in the local access control middleware of targeted customer and LBS service asks matching
POI data, Q represents the ideal zone request complete or collected works of targeted customer.
Preferably, step S3) detailed step include:
S3.1) targeted customer and its neighbor user are in together in self-organizing peer-to-peer multi-hop mobile communications network, and target is used
Family sends a form into self-organizing peer-to-peer multi-hop mobile communications network for (poi, LBS cooperations h) mutually take request, poi
For information name, the hop count that h is propagated in a network for request often can subtract 1, hop count h is kept to by the hop count h in user's request
Request is no longer propagated when 0;
S3.2 the neighbor user for) receiving request mutually takes LBS cooperations in information name poi and the machine access control in request
Between the content that stores in part matched, if there is related POI data, be returned to targeted customer;
S3.3) if targeted customer receives the POI data of return, all neighbor users of targeted customer are returned
The POI of matching is asked in the POI data cached in POI data and the local access control middleware of targeted customer with LBS service
Data generate set P, wherein P={ ap1,ap2, ap1,ap2It is the POI data in set P;
S3.4 the ideal zone request complete or collected works Q of set P and targeted customer) are taken into common factor | P ∩ Q |, wherein Q={ aq1,
aq2, aq1,aq2It is the ideal zone request complete or collected works Q of targeted customer POI data;
S2.3 second-level message threshold λ) is calculated according to formula (5)2If calculating obtained second-level message threshold λ2More than or equal to pre-
If two grades expectation threshold gammas2, then will occur simultaneously | P ∩ Q | export and exit, otherwise redirect execution step S4);
In formula (5), λ2Second-level message threshold is represented, | P ∩ Q | represent the ideal zone request complete or collected works Q of set P and targeted customer
Common factor is taken, P is represented in the middle of the POI data of all neighbor users return of targeted customer and the local access control of targeted customer
The set of the POI data generation of matching is asked in the POI data cached in part with LBS service, Q represents the ideal area of targeted customer
Domain request complete or collected works.
The anonymous region generation method tool of the present invention has the advantage that:The anonymous region generation method of the present invention is in advance by ground
Figure is divided into size identical cell, and request was sent in each unit lattice according to user's POI data counting user past of caching
Probability p;When user sends LBS service request to LBS service device, the current location a of user is obtainedr, according to working as user
Front position arUsing the cell formed after k-1 anonymity of locational space K anonymous methods acquisition from peripheral unit lattice, and according to
The out-of-date degree of data of each cell storage chooses the out-of-date cell of data as the anonymous region for being sent to LBS service device,
The location privacy of user can be effectively protected based on locational space K anonymous methods.
The location privacy protection method tool of the present invention has the advantage that:
1st, location privacy protection method of the invention makes request mainly ask for letter in the machine by multiple module access protection mechanism
Breath, neighbours take second place, and preferably make use of prestored information, and the number of request that server is sent to by reducing reduces communication overhead,
Make to can reach 90% from the local probability for obtaining information, this not only saves communication flows expense, and reduces privacy leakage
Risk, improve secret protection intensity;
2nd, location privacy protection method of the invention carries out caching standardization to user terminal, optimizes information Store empty
Between, buffer efficiency is improved, and realizes neighbor user Information Cooperation mutually take.
3rd, location privacy protection method of the invention consider Move Mode, region request probability and user collaboration etc. because
Influence of the element to cache hit rate, improves the possibility that user obtains information from the machine and neighbours, and cache hit rate reaches
90% or so.
4th, the anonymous region generation method that location privacy protection method of the invention is proposed has taken into full account background knowledge, neighbour
The factor such as user collaboration and data age is occupied, prevents the location privacy of user by opponent while cache hit rate is improved
Deduce and.
5th, test result indicate that the location privacy protection method of the present invention has a preferable secret protection effect, and communication and
Storage overhead is smaller, and higher cache hit rate is presented in the contrast with other methods.
Brief description of the drawings
Fig. 1 is the basic procedure schematic diagram of the anonymous region generation method of the embodiment of the present invention.
Fig. 2 is the anonymous region generation method step 2 of the embodiment of the present invention) detailed process schematic diagram.
The anonymous area schematic generated when Fig. 3 is only consideration caching contribution rate.
Fig. 4 is the anonymous area schematic that the embodiment of the present invention considers to generate after caching contribution rate and the out-of-date degree of data.
Fig. 5 is the basic procedure schematic diagram of embodiment of the present invention location privacy protection method.
Fig. 6 is embodiment of the present invention location privacy protection method multiple module access location privacy protection level schematic diagram.
Fig. 7 is embodiment of the present invention location privacy protection method location privacy protection method system structure diagram.
Fig. 8 is k=4, h=4, and terminal sends the quantity time-varying figure of request to different entities during γ=0.8.
Fig. 9 is k=4, h=4, and the quantitative comparison that algorithms of different sends request to LBS service device during γ=0.8 schemes.
Figure 10 is k=4, and cache hit rate during γ=0.8, t=7 is with k value changes situation comparison diagrams.
Figure 11 is k=4, and cache hit rate during γ=0.8, k=4 is with t value changes situation comparison diagrams.
Embodiment
First, the technical scheme example of the anonymous region generation method of the present embodiment and location privacy protection method.
As shown in figure 1, the implementation steps of the anonymous region generation method of the present embodiment include:
1) map is divided into size identical cell in advance, gone over according to user's POI data counting user of caching
The Probability p of request is sent in each unit lattice;
2) when user sends LBS service request to LBS service device, the current location a of user is obtainedr, according to user's
Current location arThe cell formed after k-1 anonymity, and root are obtained using locational space K anonymous methods from peripheral unit lattice
The out-of-date degree of data stored according to each cell chooses the out-of-date cell of data and is used as the anonymous zone for being sent to LBS service device
Domain.
In the present embodiment, step 1) described in cell be square shaped cells lattice.
As shown in Fig. 2 step 2) detailed step include:
2.1) when user sends LBS service request to LBS service device, execution next step is redirected;
2.2) the current location a of user is obtainedr, by current location arPeripheral unit lattice according to Probability p size sort;
2.3) the z peripheral unit lattice specified are selected according to the principle of Probability p from big to small and obtain set Cc;
2.4) from set CcMiddle all subset C ' composition candidate collections containing k-1 cell of selectionWherein k is less than
z;
2.5) to candidate collectionIn the out-of-date degree of each subset C ' calculating data;
2.6) the out-of-date degree of output data and the optimal subset C ' of caching contribution rate k-1 cell are as being sent to LBS
The anonymous region of server.
In the present embodiment, step 2.4) middle composition candidate collectionFunction expression such as formula (1) shown in;
In formula (1),Represent candidate collection, subset of the C ' expressions containing k-1 cell, CcRepresent according to Probability p from
Small principle is arrived greatly selecting the z peripheral unit lattice specified and gathered, k is anonymity level and is the integer less than z.
In the present embodiment, step 2.5) fall into a trap and count according to shown in the function expression such as formula (2) of out-of-date degree;
In formula (2), O represents the out-of-date degree of data, and n represents the cell quantity in anonymous region, tiRepresent i-th of cell
Corresponding user's POI data downloads the existence time of dependence, T from LBS service deviceiRepresent the corresponding user of i-th of cell
The life cycle of POI data.
In the present embodiment, step 2.6) in k-1 of the out-of-date degree of output data and the optimal subset C ' of caching contribution rate singly
Shown in the function expression of first lattice such as formula (3);
In formula (3), CsRepresent that the out-of-date degree of data and caching contribution rate optimal subset C ', k are anonymity level and are anonymous
Grade and be integer less than z, O represents the out-of-date degree of data, αiRepresent contribution of i-th of the cell chosen to cache hit rate
Rate, and αiValue and user's past the Probability p of request is sent in i-th of celliIt is equal.Referring to formula (3), the present embodiment is hidden
Name Area generation method input parameter includes:Each cell past history sends the Probability p of request, system specified parameter z,
Output is then Cs.In the present embodiment, the scope of activities of user is defaulted as personal audience venue periphery 1km, and z this scopes are have chosen first
The region of interior request maximum probability, z is set by default or user according to computing cost and safe class, is defaulted as 20.By
This z cell can obtain all candidate collection set containing k-1 cellIf obvious anonymity level k is more than candidate collection Cc
In element number z will appear from mistake, otherwise, in candidate selection will be concentrated to meet the optimal set C of conditions。
In order to solve the problem of location privacy is exposed to incredible content supplier, the anonymous Area generation of the present embodiment
The cell formed after k-1 anonymity is obtained in method using locational space K anonymous methods, when user is needed to LBS service device
When sending request (can estimate such case can increase and rapid drawdown over time), space K anonymous methods guarantor will be realized in terminal
Shield.Influence in view of side information to cache hit probability and personal secrets, the space K anonymous methods of this method
The side information ignored by many methods influence will be considered, side information refer to that opponent can obtain simultaneously
For deducing the background context knowledge of user's actual position, a certain request regional lattice from map are refered in particular in the method
The probability sent.As shown in figure 3, map is divided into many zonules, the list of different shades by size identical square shaped cells lattice
First lattice represent that the probability for sending request is different.And this probability shows that more greatly user is more possible to inquiry information herein, in order to carry
Information recycling rate of waterused during high user collaboration, i.e. cache hit probability, this method realize space in the other k-1 cell of selection
When anonymous, it will be selected from several cells maximum side information around user.It is additionally, since the unit of selection
Lattice request probability is larger, can prevent that opponent from carrying out background knowledge attack according to side information and reducing user's actual position
Location.In short, this method realizes locational space K anonymous methods by the larger public place of user density is chosen first.Such as
Dotted line frame represents the region formed after user A is anonymous in Fig. 3.In order to ensure the freshness of data, the anonymous region of the present embodiment
Generation method also will account for the ageing of data, and the out-of-date degree of data and caching contribution rate have been considered in the present embodiment.Such as Fig. 4
Shown, the shade of each cell is different, and shade, which is more deeply felt, shows that this data age is higher, and blank table registration, should according to having failed
Method is uploaded to data no longer fresh cell is chosen as far as possible in LBS service device, and is obtained in latest update data, Fig. 4
Dotted line frame represents to consider the anonymous region of user A formation after data age.The anonymous region generation method of the present embodiment it is total
Body thinking is that the concept for making full use of personal audience venue makes user obtain information in the machine as far as possible, secondly, makes full use of public place
Concept user is then obtained information from local neighbor user as far as possible, and it is final if desired to server request information when, adopt
Privacy of user is protected with space K anonymous methods, shadow of the system to safety and cache hit probability is taken into full account in specific implementation
Ring.
The present embodiment step 2.6) in the out-of-date degree of output data and the optimal subset C ' of caching contribution rate k-1 cell
It is used as the anonymous region for being sent to LBS service device.
Cache contribution rate:That is side information values, because each region crowd activity's frequent degree on map
Difference (i.e. public place the crowd is dense degree different), request nature that the place more than crowd the is sent place fewer than crowd is sent
Request it is many, this is also the reason for side information values are different.This method is chosen when realizing space K anonymous methods
The larger other k-1 regions of side information values (the more dense public place of crowd) because this region please
Ask probability bigger, the possibility that following local user inquires about this region POI again is also bigger, and cache hit probability is higher.In quilt
On the map for being divided into m × m cell, the history time that service provider can send request in the past by each cell is figured
Go out the probability that all cells send request, each entity can easily obtain the probability distribution.This probability is represented with p, that is, is had
Formula (3-1):
In formula (3-1), p represents the probability of i-th of cell, m2For the total quantity of cell.
Represent that to the contribution rate of cache hit rate, then there is α in the region chosen with αi=pi, it is clear that do not considering data age
Property when, choose k-1 user area should be satisfactionIt is worth maximum regional ensemble, is formula (3- by this selection set expression
2):
Each symbolic parameter is identical with formula (3) in formula (3-2).
The out-of-date degree (data age) of data:Because there is certain life cycle, such as weather condition in itself in data,
When finding anonymous cell, this method will take this opportunity to be updated according to the ageing content to having stored of data simultaneously.For example,
The life cycle of certain Weather information is 1 day, although weather condition is not in notable difference in one day, but small difference (ratio
Such as temperature, wind-force) it is present, distortion occurs in data, and in life cycle, data existence time is more long, and distortion can
Can be more obvious.It is therefore necessary to be updated to out-of-date information, especially for the higher region of those request probability.
The life cycle of certain POI is represented with T, the time that the POI has existed since being downloaded from LBS service device is represented with t,
The out-of-date degree of data is represented with O, O is defined as formula (3-3), data carry mechanism is represented with f, f is defined as formula (3-4);
In formula (3-3), O represents the out-of-date degree of data, and T represents the life cycle of certain POI, represents the POI from LBS with t
The time that server has existed since downloading.
In formula (3-4), f represents data carry mechanism, and T represents the life cycle of certain POI, represents the POI from LBS with t
The time that server has existed since downloading.Because the anonymous region generation method of the present embodiment is by hideing that k cell is generated
Name region, it is considered to which the data age of all cells in full wafer anonymity region, average out-of-date degree O is expressed as formula (2), wherein n
For cell quantity in anonymous region.In summary two factors (the out-of-date degree of data and caching contribution rate), step in the present embodiment
2.6) the function expression such as formula (3) of the out-of-date degree of output data and the optimal subset C ' of caching contribution rate k-1 cell in
It is shown, i.e. formula (3-5);
The explanation in Chinese of a symbolic parameter refers to formula (2) and formula (3) in formula (3-5).
As shown in figure 5, the implementation steps of the location privacy protection method of the present embodiment include:
S1) access control middleware cacheware is set in the interruption equipment of each user in advance, passes through access control
Middleware cacheware calculates the positional information of user and caches the POI data of LBS service request;When targeted customer sends LBS
Next step is performed during service request;
S2 the POI data) cached in the local access control middleware cacheware of targeted customer obtains POI data,
If obtained successfully, export the POI data of acquisition and exit;Otherwise execution step S3 is redirected);
S3) neighbor user into network sends LBS cooperations and mutually takes request, in the middle of the local access control of neighbor user
Shared POI data is obtained in part cacheware, POI data is obtained in the POI data shared from all neighbor users, if
Obtain successfully, then export the POI data of acquisition and exit;Otherwise execution step S4 is redirected);
S4) targeted customer is generated for being sent to LBS service device according to the foregoing anonymous region generation method of the present embodiment
Anonymous region, and LBS service request is sent to LBS service device as the anonymous location of user based on anonymous region, and by LBS
The POI data output that server is returned.
Referring to step S1)~S4) and Fig. 6, the location privacy protection method of the present embodiment devises multiple module access protection
Mechanism, independent of third-party distributed access location privacy protection, it is in main frame, neighbours' cooperation, three layers of server protection
The access protection rank in face, realizes the multi-stage protection of customer location privacy.Locally stored inquiry is multiple module access protection mechanism
The first order;Neighbours' cooperation is mutually taken as the second level of multiple module access protection mechanism;To the request of LBS service device machine is protected for multiple module access
The third level of system;The protection level of the first order is highest, and second and third level is reduced step by step.Locally stored inquiry:Needing service
When, user is first in local terminal memory block query-related information, if meeting the expectation threshold value of user's setting, completes inquiry;It is adjacent
Cooperation is occupied mutually to take:If locally stored query-related information is unsatisfactory for the expectation threshold value of user's setting, then to its in local group
Relevant information needed for his neighbor user request, if meeting the expectation threshold value of user's setting, completes inquiry;To LBS service device
Request:If neighbours' cooperation mutually takes the expectation threshold value for being still unsatisfactory for user's setting, by anonymous region generation method to LBS service
Device sends request.Multiple module access protection mechanism of the location privacy protection method of the present embodiment based on user's Move Mode, with reference to
Cache methods and space K anonymous methods protect the location privacy of user, and at utmost reducing inquiry that user sends please
Ask, the secret protection grade of user can be lifted again, and so as to preferably solve, server and channel burdens be overweight, information repeats profit
With rate it is low the problem of.
The location privacy protection method of the present embodiment has carried out caching standardization, according to the inherent characteristic of user's Move Mode
Access control middleware is devised in terminal system (hereinafter referred to as:Cacheware) carry out the content of control terminal storage, make end
The content of end caching tends to standardization, reaches optimization information storage space, lifts the effect of buffer efficiency, and neighbor user is logical
Cross it and realize that the cooperation of information mutually takes;And the location privacy protection method of the present embodiment is also based on the foregoing anonymity of the present embodiment
Area generation method is (referred to as:CRGA methods) considered on the basis of space K anonymous methods (space k-anonymity methods)
The influence for the ageing factor of background knowledge and data that opponent can obtain, this method is on the basis of optimization position anonymity scheme
Cache hit rate is improved, and strengthens secret protection intensity;The location privacy protection method of the present embodiment is by the Move Mode of user
It is dissolved into cache methods, the location privacy protection of user is realized with reference to anonymous region generation method, is improving cache hit
On the basis of rate, strengthen secret protection intensity to greatest extent and ensure service quality.
The mobile behavior pattern of user, the behavioural habits of mobile subscriber have some inherent characteristics, have scholar to study
The mobile behavior pattern for crossing user is that design LBS (Location Based Service, based on location-based service) location privacy is protected
The key factor considered is needed during shield.But existing most guard methods all have ignored this factor, the present embodiment will
Take into full account this factor.First, from the point of view of the individual angle of mobile subscriber, no matter how different interpersonal life is,
Vast majority of people for a long time (user will not move about or change jobs), always habitually limited
Fixed place activity, such as residence, company, the place activity such as bus station or market.In brief, our majority are more
It is simply movable in fixed some places in the number time.In terms of personal angle, these places are referred to as personal audience venue by we.Its
It is secondary, from the point of view of global angle, with the presence of the activity of many place a large number of users, such as apartment, company, the place such as bus station, we
Referred to as public place.For personal audience venue and public place, we have concluded that the association between them, i.e., when personal audience venue is same
Become during a lot of other users of Shi Yongyou for public place, in other words, public place is the publicly-owned personal field of many users
Institute.
In the location privacy protection method of the present embodiment, personal audience venue is theoretical will to obtain higher caching life for local cache
Middle rate provides theory support, and the theoretical higher cache contribution rates of acquisition that will be cooperated for completion between user in public place be carried
Theory support is supplied.Contemplate a scene:Employee Alice and her colleague will have lunch during company's lunch break, and they understand thing
The restaurant information on periphery is first inquired about, such as restaurant menu, whether has vacant seat etc..In traditional LBS service, Alice is with his
Colleague needs to send the request for including oneself positional information to service provider, and then service provider respectively passes restaurant information
Back to them.The problem of this mode has two obviously.First, the location privacy of oneself is exposed to not by Alice
(more seriously her request may not yet reach the server of content supplier and just be hacked certainly for believable content supplier
Visitor intercepts and captures);Secondly, a large amount of employees inquire about restaurant information in this period, and being connected to the server of request needs to be repeated several times
Identical information is sent to different user, which increase server computing cost and network transmission expense.In order to solve first
Problem, using the anonymous region generation method that the present embodiment is foregoing.In order to solve Second Problem, the location privacy of the present embodiment
Guard method uses currently a popular cache methods, and it can settlement server and channel burdens are overweight, information is repeated well
The problem of utilization rate is low, because the restaurant information after Alice is utilized is available for local other users to reuse completely.And pass through
Cache methods at utmost reduce the inquiry request that user sends, and the secret protection grade of user can be lifted again so as to more preferably
Ground solves first problem.
After the mobile behavior pattern of user, in the location privacy protection method of the present embodiment, terminal user will
The only POI (Point of Interest, the information name interested of user's request) on storage user oneself personal audience venue periphery.
, intuitively can be very high from the local hit rate for obtaining information because user's most time is movable within this range.Cache is deposited simultaneously
Content is stored up by after limitation standardization, it is to avoid terminal storage excessive redundancy, cache content is reduced, and saves storage
Space.Because personal audience venue is likely to be also public place, occur simultaneously if the personal audience venue of any at least two user is present, this
It is their public place, they easily can mutually win the confidence breath in this place, will be also utilized in the present embodiment and be based on ad
The neighbor user group that hoc networks (self-organizing peer-to-peer multi-hop mobile communications network) are connected cooperates acquisition letter
User in breath, group prevents their privacy leakage by mutual sharing information.The location privacy protection side of the present embodiment
The entirety of method is contemplated:When needing service, user is first in local terminal memory block query-related information, if relevant information is discontented
The threshold value (information content is not enough) of sufficient user's setting, then to the relevant information needed for other neighbor users request in local group,
If being still unsatisfactory for, request is sent to LBS service device by anonymous region generation method.This multistage to customer location privacy
Access protection is reached and make to greatest extent this as shown in fig. 6, the wherein protection class highest of the first order, second and third level is reduced step by step
Ground caching meets user's request, and few sent to LBS service provider is asked as far as possible.
In the present embodiment, step S1) in when calculating the positional information of user by access control middleware cacheware also
Personal audience venue including determining user, the access control middleware cacheware is when caching POI data, if LBS service
The physical location of request is personal audience venue, then specifies the POI data in radius to be cached on the physical location periphery, and
And default sharing is set to the non-sensitive information of storage;If the physical location of LBS service request is non-personal audience venue, no
Cache the POI data in the specified radius in the physical location periphery.
Strictly, there is security risk when connecting external network transmission request, this requires to realize correlation in terminal
Function.In addition, the content that existing cache methods are stored to user before this does not do specification, such as, certain user is gone outer by group of company
Ground is gone on business, all without using again after the POI that he inquires about in nonlocal activity is possible, if these POIs are stored in into local milli
Without use and waste memory space.After these factors, in the present embodiment according to personal audience venue in user's Move Mode and
The concept of public place and association, deploy access control middleware cacheware in terminal system.As shown in fig. 7, access
Control middleware cacheware has memory block and calculates area, and memory block is used for storing user periphery P OI interested;Calculate area
Go out the personal audience venue of user by the user terminal GPS a large amount of positional information calculations obtained, when calculating personal audience venue, calculate area
Meeting periodic detection positional information, if user frequently appears in a certain position, i.e. occurrence number n more than some threshold value c, the position
It is arranged to personal audience venue.In the present embodiment, determine that the personal audience venue of user is specifically referred to:Counting user appears in a certain position
Occurrence number n, if user a certain position occurrence number n be more than default threshold value c, judge the position as user's
Personal audience venue.
In the present embodiment, access control middleware cacheware is by sending the personal audience venue periphery P OI obtained after request
(default radii is in the range of 1km) is stored, in case oneself future usage, and the non-sensitive information of storage is set to write from memory
Recognize shared, facilitate the cooperation of neighbor user in system to access;The non-personal audience venue periphery P OI of acquisition is then deleted after being finished.
The purpose that the present embodiment sets access control middleware cacheware is obvious:(1) when, user wants to obtain information,
It is to search information in access control middleware cacheware memory blocks first, without to anonymous server or directly inwardly
Hold service provider and send request exposure privacy.(2), calculated by calculating area behind the personal audience venue of user, access control middleware
That stored in cacheware memory blocks is only the POI of individual subscriber proximal site, it is to avoid blindness cache information, saves and deposits
Storage space does not influence but cache to hit effect.(3) the cooperation access information between user, is helped through, user can not be from the machine
, will be to periphery neighbor user access control middleware when access control middleware cacheware memory blocks obtain enough information
Cacheware asks for relevant information in memory block, if these information meet the demand of user, successfully completes cooperation, to greatest extent
Ensure privacy of user.
In the present embodiment, step S2) detailed step include:
S2.1) in the POI data cached in the local access control middleware cacheware of targeted customer search and
The POI data of LBS service request matching, obtains set P1, wherein P1={ ap1,ap2, ap1,ap2It is the POI data of matching;
S2.2) will set P1Common factor is taken with the ideal zone request complete or collected works Q of targeted customer | P1∩ Q |, wherein Q={ aq1,
aq2, aq1,aq2It is the ideal zone request complete or collected works Q of targeted customer POI data;
S2.3) according to formula (4) first order calculation information threshold λ1If calculating obtained primary information threshold λ1More than or equal to pre-
If one-level expect threshold gamma1, then will occur simultaneously | P1∩ Q | export and exit, otherwise redirect execution step S3);
In formula (4), λ represents primary information threshold, | P1∩ Q | represent set P1With the ideal zone request complete or collected works Q of targeted customer
Take common factor, P1Represent in the POI data that is cached in the local access control middleware cacheware of targeted customer and LBS service
The POI data of matching is asked, Q represents the ideal zone request complete or collected works of targeted customer.
In the present embodiment, step S3) detailed step include:
S3.1) targeted customer and its neighbor user are in together in self-organizing peer-to-peer multi-hop mobile communications network, and target is used
Family sends a form into self-organizing peer-to-peer multi-hop mobile communications network for (poi, LBS cooperations h) mutually take request, poi
For information name, the hop count that h is propagated in a network for request often can subtract 1, hop count h is kept to by the hop count h in user's request
Request is no longer propagated when 0;
S3.2 the neighbor user for) receiving request mutually takes LBS cooperations in information name poi and the machine access control in request
Between the content that stores in part cacheware matched, if there is related POI data, be returned to targeted customer;
S3.3) if targeted customer receives the POI data of return, all neighbor users of targeted customer are returned
In the POI data cached in POI data and the local access control middleware cacheware of targeted customer and LBS service request
POI data generation the set P, wherein P={ a of matchingp1,ap2, ap1,ap2It is the POI data in set P;
S3.4 the ideal zone request complete or collected works Q of set P and targeted customer) are taken into common factor | P ∩ Q |, wherein Q={ aq1,
aq2, aq1,aq2It is the ideal zone request complete or collected works Q of targeted customer POI data;
S2.3 second-level message threshold λ) is calculated according to formula (5)2If calculating obtained second-level message threshold λ2More than or equal to pre-
If two grades expectation threshold gammas2, then will occur simultaneously | P ∩ Q | export and exit, otherwise redirect execution step S4);
In formula (5), λ2Second-level message threshold is represented, | P ∩ Q | represent the ideal zone request complete or collected works Q of set P and targeted customer
Common factor is taken, P is represented in the middle of the POI data of all neighbor users return of targeted customer and the local access control of targeted customer
The set of the POI data generation of matching is asked in the POI data cached in part cacheware with LBS service, Q represents that target is used
The ideal zone request complete or collected works at family.
As shown in fig. 7, in the application system of the location privacy protection method of the present embodiment, two realities are mainly considered for the time being
Body object, i.e. mobile subscriber and content supplier.Mobile subscriber is exactly handheld intelligent terminal device (such as smart mobile phone, flat board)
Crowd;Content supplier can be the network company of any offer LBS service, and their LBS service device provides for mobile subscriber
POI.Cooperated each other by ad hoc networks between user and complete the exchange and storage of information, as necessary by fortune
The cellular network (such as 4G) of battalion business sends request to LBS service device.Each terminal access control middleware cacheware storages
POI marked the ageing of content.Fig. 7 shows the System Operation flow of the location privacy protection method of the present embodiment, when
When Alice (User A) will obtain related POI, system detects the relevant information of this terminal cacheware memory blocks first,
Inquiry is completed if information meets the threshold value of A settings;Otherwise need to send request to periphery neighbor user (such as User B, C) and obtain
Related POI is taken, if being still unsatisfactory for A threshold condition (can not locally obtain enough information), system will be sent out to LBS service device
Go out request.Obtain after information, system will decide whether storage information according to storage condition (near personal audience venue).
Assuming that map is divided into m × m size identical square shaped cells lattice, the collection of these cells is combined into Φ={ a1,
a2,...,am2, POI content transmissions form is (a between collaboration usern, poi, data), wherein n=1,2, m2Represent content place
Map cell, poi represents the information name interested of user's request, and data represents detailed and marked ageing POI
The information content.Assuming that in scene before, the restaurant menu information that Alice will be inquired about in 1 kilometer range fails in the machine again
On find the information for being related to restaurant.It is (poi, request h), poi that she, which needs to send a form into ad hoc networks,
The hop count that information name is propagated in a network such as restaurant, h for request, often by a user, the hop count h in request can subtract
1, request is no longer propagated when being kept to 0.The user of request is received by the information i.e. restaurant of name and the machine access control middleware
Storage content in cacheware is matched, if there is relevant information, is returned to Alice.Return to Alice's
Information generation set P, the P={ a in all restaurantsp1,ap2, and Alice ideal zone request complete or collected works are Q={ aq1,aq2,
For example in 1 kilometer all restaurants of map combining information, take common factor | P ∩ Q | as return to Alice effective content.
In order to preferably utilize local cache contents, and facilitate user between service quality and secret protection grade
Choice adjustment (often with the difference of when and where, it is also different that user focuses on privacy degree) is carried out, the inventive method is fixed
Justice information threshold (referring to formula (4) and formula (5)), represents user to the local tolerance for obtaining information, peak is for 1 (if the machine
Be stored with relevant information, in the information threshold of the first order is calculated, P1It is the set of the machine relevant information, the calculating in the second level
In, P is the union of the machine and collaborative user's relevant information).Alice will set one after balance service quality and privacy classes
Expect threshold γ (or being set by system default).If λ >=γ, represent that local information can meet demand;If λ<γ, Alice are by profit
Request is sent with the foregoing anonymous region generation method (CRGA methods) of the present embodiment.
2nd, the risk of attacks of resisting of the present embodiment method is assessed.
On the basis of the above-mentioned record technical scheme of the present embodiment method, hereafter by the location privacy for the present embodiment
The risk of guard method resistance attack is estimated.For location privacy protection, the purpose of opponent is specific in order to obtain
The location privacy information of user, is substantially divided into two classes by the risk that network safety system faces, and a class is Outer risks, and a class is
Internal risks.Outer risks be primarily referred to as attacker from its exterior by invade between collaboration user or user and server it
Between channel intercept and capture privacy information, in order to prevent opponent carry out Network Intrusion (eavesdropping attack), can this
Encryption technology is further introduced into the location privacy protection method of embodiment, such as PKIX (PKI) is protected, this
It is also the main method protected at present channel safety.Internal risks refer to internal system entity using itself it is some privilege from
Thing privacy information is stolen, such as the LBS service provider of malice or neighbours' collaboration user of malice, and these internal risks will
More harmfulness.For the location privacy protection method of the present embodiment, mainly two kinds are internaled attack with risk and assess and is divided
Analysis:
I) resistance collusion attack (colluding attack), for the collusion attack from user, it is assumed that in this method
There is the collaboration user of several malice in application system, they wish to obtain more sensitive informations from inside.And should in this method
With in system, need to seek to the transmission of periphery collaboration user when specific user Alice can not obtain enough information in the machine
When taking related POI, its request form is (poi, h), if malicious user receives request, due to being set to hop count h
Put, the solicited message that Alice is sent may transmit many hundreds rice in wireless Ad Hoc peer-to-peer multi-hop mobile communications network,
Connection between these malicious users and Alice does not have not special relevance, causes these malicious persons to deduce
Request from where.What is more important, the true identity information not sticked one's chin out at all in Alice request (if
Need, she can be with pseudonymity), these malicious persons even can not know be who send request.It can be seen that, the position of the present embodiment
The application system of method for secret protection has stronger repellence to internal collusion attack.
II) resistance Inference Attack (inference attack), the mainly Inference Attack from LBS service provider,
Because LBS service device have recorded all solicited messages transmitted from user, the service provider of malice is desirable with these please
Information is asked to deduce the actual position of user.The form for sending request in the inventive method application system with user orientation server is
(ID, poi, R), ID is the identity or assumed name of user oneself, and R is the area of space after local anonymity.What CRGA methods were chosen
K-1 position is the cell for asking probability larger, and service provider is not simply failed to by anonymous region R clear requests by what
Place is sent, or even can cause bigger deviation because of true request location is analyzed according to side information, and this is fine
Taken precautions against the Inference Attack that service provider is carried out according to background knowledge.
Due to the defect of some traditional anonymous methods, some attackers may speculate user's actual position just anonymous empty
Between center (or other geometric positions).Although this method is that the anonymity list on periphery is found centered on individual subscriber place
First lattice, but first look for asking the higher cell of probability, this has the anonymous region for causing generation very big uncertain
Property.Also, after this method considers the factor such as data age of unit lattice, will finally aggravate it is this it is uncertain with
Machine.Caused result is exactly that the actual position of user is unlikely in the center in the anonymous region of generation.
3rd, for the experimental simulation and Performance Evaluation of the present embodiment method.
In order to which the location privacy protection method of the present embodiment carries out experimental simulation and Performance Evaluation, the present embodiment is flat in Android
The system is deployed on platform, 10000 mobile subscribers are set on 10km × 10km maps in city, each mobile subscriber abides by
Follow Levy walk mobility model (model has been demonstrated truly to describe the mobile behavior pattern of the mankind), map quilt
It is divided into the cell that the length of side is 50m.Initial region request probability is obtained from Google Map API, it is assumed that each user is daily
Carry out 10 POI inquiries.In the case of without loss of generality, we consider a POI for the time being.Experimental data is averaged.It is real
Some parameters are used in testing, k is the parameter related to space K anonymous methods, represents anonymity degree;H is request wirelessly from group
The maximum hop count propagated in peer-to-peer multi-hop mobile communications network is knitted, γ is the threshold value that user is set, and t is the time of simulated experiment
(number of days).Method as a comparison has enhanced-DLS methods (abbreviation enhanced-DLS), and MobiCrowd methods are (referred to as
) and CaDSA methods (abbreviation CaDSA) MobiCrowd.
3.1st, communications cost
In order to evaluate communications cost, the present embodiment by changing with time communication request as assessment,
The Information Number obtained especially by the Information Number to being obtained from the machine, from the Information Number of neighbours' acquisition and from LBS service device is (i.e.
The Information Number obtained from LBS providers) three kinds of data change with time as assessment.Referring to Fig. 8, because in access control
Between part cacheware calculate personal audience venue and the POI data that prestores and need the regular hour, therefore the information for being obtained from the machine
For number, gradually rise in the early stage, then reach one higher stable state, show that user often asks in personal audience venue
POI data cached by the machine after, user main will obtain information from the machine;And the Information Number obtained from neighbours is by initial short
Temporarily decline after increase and reach a stationary value, it is seen that user has starting the stage of prestoring strong ask for after information to the demand of neighbours
Declined;And user then constantly declines to the demand of server, i.e., the Information Number obtained from LBS providers constantly declines.
Due to the uncertainty of safety problem, it is believed that the request sent from the machine is fewer, and security is higher.And according to
On reach stable experimental result, table 1 is concluded to the security protection strength of the location privacy protection method of the present embodiment.
Table 1:The communication overhead and security intensity table of the location privacy protection method of the present embodiment.
Stage | Security intensity | Communication overhead | Information source | Information percentage |
Stage 1 | It is high | It is low | The machine | 71% |
Stage 2 | In | In | Neighbours | 19% |
Stage 3 | It is low | It is high | LBS service device | 10% |
It can be seen from table 1, ask that mainly information, neighbours will be asked in the machine in the location privacy protection method of the present embodiment
Take second place, make to can reach 90% from the local probability for obtaining information, this not only saves communication flows expense, and reduces privacy
The risk of leakage, improves secret protection intensity.
As shown in figure 9, the number of request for being sent to server to user under distinct methods compares, enhanced-DLS side
A horizontal line is presented in the number of request that method is sent, because it does not utilize cache.Although MobiCrowd and CaDSA methods are sent out
The number of request sent is fewer than enhanced-DLS, but still has many requests to be sent to server, respectively may be about 50% and 30%.And
The location privacy protection method (RuleCache) of the present embodiment take into account the mobile behavior pattern of user, neighbours cooperation and
The factors such as Data renewal mechanism and less request is have sent to server, only about 10% request.This result shows this
The location privacy protection method of embodiment than other method preferably make use of prestored information, by reduce be sent to server
Number of request reduce communication overhead.
3.2nd, carrying cost
Obviously, the size that terminal storage space takes is depending on the map area size and the POI in region stored
Number, it is assumed that each with (an, poi, data) form storage POI size be no more than 1KB, using New York City as
Example, its a total of 250,000 POI.Because cache methods before, such as CaDSA methods, as use time is elapsed, eventually
End spaces takes can be increasing, and maximum possible will store 250, the data of 000 × 1KB=250MB sizes, although this is to present
Smart mobile phone without a doubt, but waste larger memory space after all, and store information largely unrelated with user.And
The location privacy protection method of the present embodiment only store with the POI near user-related personal audience venue, it is average only consume it is big
About 27MB memory space is with regard to that can meet the demand of user, hence it is evident that reduce storage expense.
3.3rd, cache hit rate
Comparative analysis has been carried out to the cache hit rate that user obtains information from local (the machine and neighbours).Such as Figure 10 institutes
Show, reflect in t=7, h=4, during γ=0.8, the location privacy protection method (RuleCache) of the present embodiment and existing several
Relation between the cache hit rate and parameter k of the method for kind.Because MobiCrowd methods do not account for specially lifting caching life
The problem of middle rate, so cache hit rate is not relatively high.Enhanced-DLS methods use cache methods useless, cache hit
Rate is 0.CaDSA methods have also reached higher cache hit rate because employing false position to lift cache hit rate.And this
The location privacy protection method (RuleCache) of embodiment design when just consider Move Mode, region request probability and
Influence of the factors such as user collaboration to cache hit rate, lifts the possibility that user obtains information from the machine and neighbours as far as possible, delays
Deposit hit rate and reach 90% or so.As shown in figure 11, the pass between the cache hit rate of several method and time t is reflected
System, it can be seen that the cache hit rate of enhanced-DLS methods as before for 0, MobiCrowd methods, CaDSA methods,
The cache hit rate of the location privacy protection method (RuleCache) of the present embodiment is increased over time and increased, and is finally reached
To a nearly quasi-stationary value.And the location privacy protection method (RuleCache) of the present embodiment remains one relatively high
Position, has with respect to other method and at least improves 20%.As a result the location privacy protection method (RuleCache) of the present embodiment is shown
There is higher cache hit rate with respect to other method.
In summary, the location privacy protection method of the present embodiment is combined the Move Mode of user with cache methods, and
And devise multiple module access protection mechanism come protective position privacy by the distributed collaborative of user, devise in access control
Between part realize the standardization of terminal storage, sent and asked using anonymous region generation method, farthest reduce user's
Inquiry request, improves secret protection grade.And during to LBS service device solicited message, it is contemplated that background knowledge and data age
Property etc. factor influence, improve cache hit rate on the basis of optimization position anonymity scheme, and it is strong to strengthen secret protection
Degree.
The above is only the preferred embodiment of the present invention, and protection scope of the present invention is not limited merely to above-mentioned implementation
Example, all technical schemes belonged under thinking of the present invention belong to protection scope of the present invention.It should be pointed out that for the art
Those of ordinary skill for, some improvements and modifications without departing from the principles of the present invention, these improvements and modifications
It should be regarded as protection scope of the present invention.
Claims (10)
1. a kind of anonymous region generation method, it is characterised in that implementation steps include:
1) map is divided into size identical cell in advance, according to user's POI data counting user past of caching each
Cell sends the Probability p of request;
2) when user sends LBS service request to LBS service device, the current location a of user is obtainedr, according to the present bit of user
Put arThe cell formed after k-1 anonymity is obtained using locational space K anonymous methods from peripheral unit lattice, and according to each
The out-of-date degree of data of cell storage chooses the out-of-date cell of data and is used as the anonymous region for being sent to LBS service device.
2. anonymous region generation method according to claim 1, it is characterised in that step 2) detailed step include:
2.1) when user sends LBS service request to LBS service device, execution next step is redirected;
2.2) the current location a of user is obtainedr, by current location arPeripheral unit lattice according to Probability p size sort;
2.3) the z peripheral unit lattice specified are selected according to the principle of Probability p from big to small and obtain set Cc;
2.4) from set CcMiddle all subset C ' composition candidate collections containing k-1 cell of selectionWherein k is less than z;
2.5) to candidate collectionIn the out-of-date degree of each subset C ' calculating data;
2.6) the out-of-date degree of output data and the optimal subset C ' of caching contribution rate k-1 cell are as being sent to LBS service
The anonymous region of device.
3. anonymous region generation method according to claim 2, it is characterised in that step 2.4) middle composition candidate collection
Function expression such as formula (1) shown in;
In formula (1),Represent candidate collection, subset of the C ' expressions containing k-1 cell, CcRepresent according to Probability p from big to small
Principle select the z peripheral unit lattice specified and gathered, k is anonymity level and is the integer less than z.
4. anonymous region generation method according to claim 2, it is characterised in that step 2.5) fall into a trap and count according to out-of-date degree
Function expression such as formula (2) shown in;
In formula (2), O represents the out-of-date degree of data, and n represents the cell quantity in anonymous region, tiRepresent i-th of cell correspondence
User's POI data the existence time of dependence, T are downloaded from LBS service deviceiRepresent the corresponding user POI numbers of i-th of cell
According to life cycle.
5. anonymous region generation method according to claim 2, it is characterised in that step 2.6) in the out-of-date degree of output data
With caching contribution rate shown in the function expression such as formula (3) of optimal subset C ' k-1 cell;
In formula (3), CsRepresent that the out-of-date degree of data and caching contribution rate optimal subset C ', k are anonymity level and are whole less than z
Number, O represents the out-of-date degree of data, αiRepresent contribution rate of i-th of cell to cache hit rate of selection, and αiValue and user
Past sends the Probability p of request in i-th of celliIt is equal.
6. a kind of location privacy protection method, it is characterised in that implementation steps include:
S1) access control middleware is set in the interruption equipment of each user in advance, is calculated and used by access control middleware
The positional information at family and the POI data for caching LBS service request;Next step is performed when targeted customer sends LBS service request;
S2 the POI data) cached in the local access control middleware of targeted customer obtains POI data, if obtained successfully,
Then export the POI data of acquisition and exit;Otherwise execution step S3 is redirected);
S3) neighbor user into network sends LBS cooperations and mutually takes request, in the local access control middleware of neighbor user
Shared POI data is obtained, POI data is obtained in the POI data shared from all neighbor users, it is defeated if obtained successfully
Go out the POI data of acquisition and exit;Otherwise execution step S4 is redirected);
S4) anonymous region generation method of the targeted customer according to any one in Claims 1 to 5 is generated for being sent to
The anonymous region of LBS service device, and LBS clothes are sent to LBS service device as the anonymous location of user based on the anonymous region
Business request, and the POI data output that LBS service device is returned.
7. location privacy protection method according to claim 6, it is characterised in that step S1) in by access control
Between part calculate user positional information when also include determine user personal audience venue, the access control middleware caching POI
During data, if the physical location of LBS service request is personal audience venue, the physical location periphery is specified in radius
POI data is cached, and is set to default sharing to the non-sensitive information of storage;If the actual bit of LBS service request
Non- personal audience venue is set to, then does not cache the POI data in the specified radius in the physical location periphery.
8. location privacy protection method according to claim 7, it is characterised in that the personal audience venue tool of the determination user
Body refers to:Counting user appears in the occurrence number n of a certain position, if occurrence number n of the user in a certain position is more than in advance
If threshold value c, then judge personal audience venue of the position as user.
9. location privacy protection method according to claim 6, it is characterised in that step S2) detailed step include:
S2.1) searched in the POI data cached in the local access control middleware of targeted customer and LBS service asks matching
POI data, obtain set P1, wherein P1={ ap1,ap2..., ap1,ap2It is the POI data of matching;
S2.2) will set P1Common factor is taken with the ideal zone request complete or collected works Q of targeted customer | P1∩ Q |, wherein Q={ aq1,
aq2..., aq1,aq2It is the ideal zone request complete or collected works Q of targeted customer POI data;
S2.3) according to formula (4) first order calculation information threshold λ1If calculating obtained primary information threshold λ1More than or equal to default
One-level expects threshold gamma1, then will occur simultaneously | P1∩ Q | export and exit, otherwise redirect execution step S3);
In formula (4), λ represents primary information threshold, | P1∩ Q | represent set P1Friendship is taken with the ideal zone request complete or collected works Q of targeted customer
Collection, P1Represent in the POI data cached in the local access control middleware of targeted customer and LBS service asks the POI of matching
Data, Q represents the ideal zone request complete or collected works of targeted customer.
10. location privacy protection method according to claim 6, it is characterised in that step S3) detailed step include:
S3.1) targeted customer and its neighbor user are in together in self-organizing peer-to-peer multi-hop mobile communications network, targeted customer to
A form is sent in self-organizing peer-to-peer multi-hop mobile communications network for (poi, LBS cooperations h) mutually take request, and poi is letter
Name is ceased, the hop count that h is propagated in a network for request often can subtract 1, when hop count h is kept to 0 by the hop count h in user's request
Request is no longer propagated;
S3.2 the neighbor user of request) is received LBS to cooperate the information name poi and the machine access control middleware mutually taken in request
The content of middle storage is matched, if there is related POI data, is returned to targeted customer;
S3.3) if targeted customer receives the POI data of return, the POI numbers that all neighbor users of targeted customer are returned
According to the POI data life for asking matching in the POI data cached in the access control middleware local with targeted customer with LBS service
Into set P, wherein P={ ap1,ap2..., ap1,ap2It is the POI data in set P;
S3.4 the ideal zone request complete or collected works Q of set P and targeted customer) are taken into common factor | P ∩ Q |, wherein Q={ aq1,aq2...,
aq1,aq2It is the ideal zone request complete or collected works Q of targeted customer POI data;
S2.3 second-level message threshold λ) is calculated according to formula (5)2If calculating obtained second-level message threshold λ2More than or equal to default
Two grades of expectation threshold gammas2, then will occur simultaneously | P ∩ Q | export and exit, otherwise redirect execution step S4);
In formula (5), λ2Second-level message threshold is represented, | P ∩ Q | represent that the ideal zone request complete or collected works Q of set P and targeted customer take friendship
Collection, P is represented in the POI data and the local access control middleware of targeted customer of all neighbor users return of targeted customer
The set of the POI data generation of matching is asked in the POI data of caching with LBS service, Q represents that the ideal zone of targeted customer please
Demand perfection collection.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710146404.5A CN106954182A (en) | 2017-03-13 | 2017-03-13 | A kind of anonymous region generation method and location privacy protection method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710146404.5A CN106954182A (en) | 2017-03-13 | 2017-03-13 | A kind of anonymous region generation method and location privacy protection method |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106954182A true CN106954182A (en) | 2017-07-14 |
Family
ID=59467877
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710146404.5A Pending CN106954182A (en) | 2017-03-13 | 2017-03-13 | A kind of anonymous region generation method and location privacy protection method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106954182A (en) |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107707566A (en) * | 2017-11-07 | 2018-02-16 | 湖南科技大学 | A kind of method for protecting track privacy based on caching and position prediction mechanism |
CN108282745A (en) * | 2017-12-18 | 2018-07-13 | 西安电子科技大学 | Method for secret protection based on user collaboration |
CN108540936A (en) * | 2017-12-18 | 2018-09-14 | 西安电子科技大学 | Method for secret protection based on prediction |
CN108632237A (en) * | 2017-09-15 | 2018-10-09 | 湖南科技大学 | A kind of position service method based on the anonymity of more Anonymizers |
CN108665316A (en) * | 2018-05-14 | 2018-10-16 | 中国平安人寿保险股份有限公司 | Insurance products method for pushing, device, equipment and computer readable storage medium |
CN109218974A (en) * | 2018-09-18 | 2019-01-15 | 北京邮电大学 | It is a kind of cooperate secret protection node determine method and device |
CN110290149A (en) * | 2019-07-17 | 2019-09-27 | 暨南大学 | A kind of location privacy protection method based on C/S multi-level buffer |
CN113993125A (en) * | 2021-10-18 | 2022-01-28 | 暨南大学 | Location acquisition method, system and medium for mobile APP privacy protection based on false location injection |
CN114041177A (en) * | 2019-06-28 | 2022-02-11 | 大众汽车股份公司 | Method for anonymizing and processing vehicle data |
WO2022251883A1 (en) * | 2021-05-28 | 2022-12-01 | Intuizi, Inc. | Privacy compliant insights platform incorporating data signals from various sources |
CN117411730A (en) * | 2023-09-28 | 2024-01-16 | 贵州大学 | Distributed position cache cooperation method based on excitation mechanism |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103813311A (en) * | 2014-03-06 | 2014-05-21 | 福建师范大学 | Position information privacy protecting method |
CN105930738A (en) * | 2016-04-13 | 2016-09-07 | 青岛科技大学 | Location based individual internet of things service system user privacy protection method |
-
2017
- 2017-03-13 CN CN201710146404.5A patent/CN106954182A/en active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103813311A (en) * | 2014-03-06 | 2014-05-21 | 福建师范大学 | Position information privacy protecting method |
CN105930738A (en) * | 2016-04-13 | 2016-09-07 | 青岛科技大学 | Location based individual internet of things service system user privacy protection method |
Non-Patent Citations (2)
Title |
---|
NICHOLAS LOULLOUDES ; GEORGE PALLIS ; MARIOS D. DIKAIAKOS: "On the Evaluation of Caching in Vehicular Information Systems", 《 2010 ELEVENTH INTERNATIONAL CONFERENCE ON MOBILE DATA MANAGEMENT》 * |
QIUWEI YANG ; PAN KONG: "RuleCache: A Mobility Pattern Based Multi-Level Cache Approach for Location Privacy Protection", 《2016 IEEE 22ND INTERNATIONAL CONFERENCE ON PARALLEL AND DISTRIBUTED SYSTEMS (ICPADS)》 * |
Cited By (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108632237A (en) * | 2017-09-15 | 2018-10-09 | 湖南科技大学 | A kind of position service method based on the anonymity of more Anonymizers |
CN107707566B (en) * | 2017-11-07 | 2020-02-18 | 湖南科技大学 | Track privacy protection method based on cache and position prediction mechanism |
CN107707566A (en) * | 2017-11-07 | 2018-02-16 | 湖南科技大学 | A kind of method for protecting track privacy based on caching and position prediction mechanism |
CN108282745A (en) * | 2017-12-18 | 2018-07-13 | 西安电子科技大学 | Method for secret protection based on user collaboration |
CN108540936A (en) * | 2017-12-18 | 2018-09-14 | 西安电子科技大学 | Method for secret protection based on prediction |
CN108540936B (en) * | 2017-12-18 | 2020-08-04 | 西安电子科技大学 | Privacy protection method based on prediction |
CN108282745B (en) * | 2017-12-18 | 2020-04-14 | 西安电子科技大学 | Privacy protection method based on user cooperation |
CN108665316A (en) * | 2018-05-14 | 2018-10-16 | 中国平安人寿保险股份有限公司 | Insurance products method for pushing, device, equipment and computer readable storage medium |
CN108665316B (en) * | 2018-05-14 | 2023-06-30 | 中国平安人寿保险股份有限公司 | Insurance product pushing method, apparatus, equipment and computer readable storage medium |
CN109218974A (en) * | 2018-09-18 | 2019-01-15 | 北京邮电大学 | It is a kind of cooperate secret protection node determine method and device |
CN114041177A (en) * | 2019-06-28 | 2022-02-11 | 大众汽车股份公司 | Method for anonymizing and processing vehicle data |
CN110290149A (en) * | 2019-07-17 | 2019-09-27 | 暨南大学 | A kind of location privacy protection method based on C/S multi-level buffer |
CN110290149B (en) * | 2019-07-17 | 2021-10-22 | 暨南大学 | Location privacy protection method based on C/S multi-level cache |
WO2022251883A1 (en) * | 2021-05-28 | 2022-12-01 | Intuizi, Inc. | Privacy compliant insights platform incorporating data signals from various sources |
CN113993125A (en) * | 2021-10-18 | 2022-01-28 | 暨南大学 | Location acquisition method, system and medium for mobile APP privacy protection based on false location injection |
CN113993125B (en) * | 2021-10-18 | 2023-12-05 | 暨南大学 | Position acquisition method, system and medium for mobile APP privacy protection based on false position injection |
CN117411730A (en) * | 2023-09-28 | 2024-01-16 | 贵州大学 | Distributed position cache cooperation method based on excitation mechanism |
CN117411730B (en) * | 2023-09-28 | 2024-04-02 | 贵州大学 | Distributed position cache cooperation method based on excitation mechanism |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106954182A (en) | A kind of anonymous region generation method and location privacy protection method | |
Peng et al. | Collaborative trajectory privacy preserving scheme in location-based services | |
Wu et al. | Constructing dummy query sequences to protect location privacy and query privacy in location-based services | |
Niu et al. | A novel attack to spatial cloaking schemes in location-based services | |
Zheng et al. | Location-privacy-aware review publication mechanism for local business service systems | |
Huang et al. | Preserving privacy in participatory sensing systems | |
Zakhary et al. | On location-privacy in opportunistic mobile networks, a survey | |
Chow et al. | A privacy-preserving location monitoring system for wireless sensor networks | |
CN103120003B (en) | The system and method that dynamic coordinate Radio Resource uses in wireless network environment | |
Hong et al. | Privacy and security in the location-enhanced world wide web | |
Gupta et al. | Achieving location privacy through CAST in location based services | |
Niu et al. | Epcloak: An efficient and privacy-preserving spatial cloaking scheme for lbss | |
Kaur et al. | Secure trust based key management routing framework for wireless sensor networks | |
Sai et al. | A survey on privacy issues in mobile social networks | |
CN111723399A (en) | Large-scale social network directed graph privacy protection method based on k-kernel | |
CN107770722A (en) | The method for secret protection of location-based service based on the information constrained double stealthy regions in side | |
Lai et al. | Privacy-aware query processing in vehicular ad-hoc networks | |
Wu et al. | A dynamic trust model exploiting the time slice in WSNs | |
Chen et al. | Location privacy in unattended wireless sensor networks upon the requirement of data survivability | |
Yang et al. | Participant selection strategy with privacy protection for internet of things search | |
Xu et al. | Multiple mix-zones deployment for continuous location privacy protection | |
Ma et al. | Achieve personalized anonymity through query blocks exchanging | |
Zhao et al. | A fast physical layer security-based location privacy parameter recommendation algorithm in 5G IoT | |
Gutiérrez-Soto et al. | Location‐Query‐Privacy and Safety Cloaking Schemes for Continuous Location‐Based Services | |
Shao et al. | From Centralized Protection to Distributed Edge Collaboration: A Location Difference‐Based Privacy‐Preserving Framework for Mobile Crowdsensing |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170714 |
|
RJ01 | Rejection of invention patent application after publication |