CN107347096A - Location privacy protection method based on cloud server - Google Patents
Location privacy protection method based on cloud server Download PDFInfo
- Publication number
- CN107347096A CN107347096A CN201710551578.XA CN201710551578A CN107347096A CN 107347096 A CN107347096 A CN 107347096A CN 201710551578 A CN201710551578 A CN 201710551578A CN 107347096 A CN107347096 A CN 107347096A
- Authority
- CN
- China
- Prior art keywords
- data
- service provider
- cloud server
- piecemeal
- data service
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 24
- 238000003860 storage Methods 0.000 claims abstract description 13
- 238000004364 calculation method Methods 0.000 claims abstract description 6
- 238000012546 transfer Methods 0.000 claims description 8
- 241001269238 Data Species 0.000 claims description 7
- 238000004321 preservation Methods 0.000 claims description 6
- 238000004891 communication Methods 0.000 abstract description 7
- 230000005540 biological transmission Effects 0.000 abstract 1
- 238000005516 engineering process Methods 0.000 description 10
- 125000004122 cyclic group Chemical group 0.000 description 3
- 238000013500 data storage Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000004069 differentiation Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 230000001681 protective effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/068—Network architectures or network communication protocols for network security for supporting key management in a packet data network using time-dependent keys, e.g. periodically changing keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/02—Services making use of location information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3006—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
- H04L9/3013—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters involving the discrete logarithm problem, e.g. ElGamal or Diffie-Hellman systems
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Bioethics (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Computing Systems (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a location privacy protection method based on a cloud server, which is characterized by comprising the following steps: the method comprises the following steps that a cloud server, a data service provider and a plurality of mobile users exist; a data service provider uniformly defines a data format, encrypts and stores data in blocks on a cloud server, and secretly stores a decryption key; the user obtains the encrypted block data from the cloud server according to the position of the user, then the data service provider transmits a decryption key to the user according to an accidental transmission protocol, and finally the user decrypts the encrypted block data to obtain plaintext block data; the position information of the user can not be revealed in the whole process, so that the position privacy is protected. The invention can effectively solve the problems of data privacy and position privacy protection in the position-based service, and simultaneously reduces the storage cost, the calculation cost and the communication cost of a data service provider, thereby reducing the system overhead while ensuring the user privacy.
Description
Technical field
It is specifically a kind of to be applied to mobile network the present invention relates to data encryption and location privacy protection technical field
The method for secret protection of middle protection location of mobile users privacy and data confidentiality.
Background technology
In location-based data, services, user asks to service according to present position, and user wishes to obtain the same of service
When, privacy-sensitive information, such as positional information can not be revealed.Location Based service (Location-based
Services, abbreviation LBS) secret protection technology mainly have:Position anonymity technology, data encryption technology etc..
Position anonymity technology is concerned with the privacy information of user, such as positional information, is carried out with the real information of user
Separate.Common position anonymity technology includes assumed name anonymity, position k anonymities, space anonymity etc..(1) assumed name anonymity refers to by one
The position of individual assumed name user hides the actual position of real user, so the degree of accuracy of inquiry is by the position of assumed name user and true
The distance of the position of real user determines;(2) position k is anonymous mainly makes some band of position have an at least k user, and by this
The identity attribute of k user is anonymous so that can not be distinguished between them by identity.So even if obtain a certain
The positional information of individual user, attacker also can not accurately find out this user from this k user.So secret protection
Degree depends on k value size;(3) the anonymous mainly user in space is when sending request, not by oneself accurate position
Information is sent to server, but sends a certain region of position to server, and according to actual conditions, this region can be with
It is arbitrary shape.
Data encryption technology is that the sensitive data of user, such as positional information are protected using encryption data.Common data
Encryption technology has symmetrical and asymmetric encryption, homomorphic cryptography, multi-party computations etc..(1) common symmetric encipherment algorithm has
DES, AES, RC2 etc.;Common rivest, shamir, adelman has elliptic curve encryption algorithm, RSA Algorithm, Elgamal algorithms etc.;
(2) for homomorphic cryptography mainly in the case of unknown plaintext, the operation to ciphertext is close by decrypting equivalent to the operation to plaintext
Text is the plaintext result after being operated.Homomorphic cryptography is generally used for user and ciphertext data is sent into server, service
Device operates to ciphertext data, so as to protect the data-privacy of user;(3) multi-party computations have been commonly applied to multiple participations
In the computing environment or Distributed Calculation of side, it is characterized in two sides or in many ways with respective secret input, calculates one jointly
Individual function, calculating terminate, and participant can be exported correctly, and can only obtain the output of oneself understanding.
On the one hand, also there is many deficiencies, such as communication overhead in the main flow secret protection technology based on location-based service
Or computing cost is excessive, leakage part privacy is, it is necessary to believable KMC etc..In addition, the privacy in above-mentioned main flow is protected
In shield technology, typically by all data storages on LBS service device, related data is then returned to according to positional information.Big
Data age, the excessive storage of data service provider may be the bottlenecks of LBS development.On the other hand, current cloud service
Prevalence has brought huge change to data storage, and substantial amounts of data can consign to cloud storage so as to reduce local storage generation
Valency.User can download by directly accessing cloud and consult data.Certainly also revealed while convenient service along with data-privacy
Risk, so typically will after data encryption storage on cloud.
The content of the invention
The present invention, with reference to data encryption, Oblivious Transfer and space anonymity thought, proposes that one kind is based on by Cloud Server
The location privacy protection method of Cloud Server, it is hidden based on the data-privacy in location-based service and position to efficiently solve
Private protection problem, while data service provider SP storage cost, calculation cost and communication cost are reduced, so as to ensure to use
Overhead is reduced while the location privacy of family.
The present invention is that technical scheme is used by solving technical problem:
A kind of location privacy protection method based on Cloud Server of the present invention, be applied to several mobile subscribers, one
In the distributed network environment that data service provider and a Cloud Server are formed, the distributed network environment is positioned at same
In individual map area, remember any one mobile subscriber be U, data service provider SP, Cloud Server CS;It is characterized in,
The location privacy protection method is to carry out in accordance with the following steps:
Step 1, data service provider SP generations and public address system parameter;
Region carries out piecemeal according to the map by all data related to position by step 2, the data service provider SP,
And the block data in each region is encrypted using public key, then the block data after encryption is uploaded to the Cloud Server
Stored in CS;Wherein, public, private key difference corresponding to the block data in different zones;
Step 3, any mobile subscriber U obtain the close of region block data according to itself current actual positions
Text, and the private key using oblivious transfer protocol to data service provider SP request region block datas, so as to
Ciphertext is decrypted, and obtains corresponding clear data;
Step 4, the data service provider SP regularly update the key of all block datas, and by the Cloud Server
CS regularly updates the ciphertext of all block datas.
The characteristics of location privacy protection method of the present invention, lies also in, and the step 2 is to carry out as follows:
Step 2.1, the data service provider SP disclose a boundary rectangle according to the map area and established
Coordinate system, and the map area is divided into s × t piecemeal in the coordinate system, wherein any one piecemeal is designated as
Dij, 1≤i≤s, 1≤j≤t;
Step 2.2, the data service provider SP are by introducing some virtual datas, by all numbers related to position
According to progress standardized format processing so that the data in each piecemeal are consistent from form and quantity;And by any piecemeal
DijInterior data are designated as Mij;
Step 2.3, the data service provider SP are any piecemeal DijGenerate public and private key (pkij,skij), and it is open public
Key pkij, secret preservation private key skij;
Step 2.4, the data service provider SP utilize any piecemeal DijPublic key pkijTo data MijCarry out
EIGaml algorithm for encryption, form ciphertextAfter send Cloud Server CS storage to.
Step 3 is to carry out as follows:
The physical location of step 3.1, any mobile subscriber U in itself current place map area, obtains institute
Belong to piecemeal Dab, wherein 1≤a≤s, 1≤b≤t;
Step 3.2, any mobile subscriber U obtain affiliated piecemeal D using oblivious transfer protocolabPrivate key skab;
Step 3.3, any mobile subscriber U piecemeal D according to belonging to currentabDownloaded from the Cloud Server CS corresponding
CiphertextAnd utilize private key skabIt is decrypted, so as to obtain clear data Mab。
The step 4 is to carry out according to the following procedure:
Step 4.1, the data service provider SP generate a private key sk at randomij' it is used as any piecemeal DijNew private
Key, and according to the new private key sk 'ijNew public key pk ' is calculatedij, and the secret preservation new private key sk 'ij, an open institute
State new public key pk 'ij;
Step 4.2, the data service provider SP are according to any piecemeal DijThe new private key sk 'ijWith it is described
New public key pk 'ij, generate an assistance messages FijAnd it is sent to the Cloud Server CS;
Step 4.3, the Cloud Server CS are according to the assistance messages FijAnd the new public key pk 'ijTo corresponding sub-block
DijCiphertextIt is updated, the ciphertext after being updatedAnd store.
Compared with the method for existing protective position privacy, beneficial effects of the present invention are embodied in:
1st, the mass data for being stored in data service provider originally is converted into close by the present invention by cloud storage service
Text, Cloud Server is dumped to, be not only effectively protected data-privacy, and significantly reduce data service provider SP's
Storage cost;
2nd, user obtains the decruption key of ciphertext data by oblivious transfer protocol in the present invention, so as to effectively protect
The location privacy of user, and the encrypted result that data service provider only needs to return to decruption key is to user, nothing
Real ciphertext data need to be returned to, so significantly reducing the communication cost between user and data service provider;
3rd, data service provider is updating piecemeal key and during ciphertext in the present invention, it is only necessary to updates each piecemeal
Key, and the renewal operation of corresponding ciphertext is completed by Cloud Server, therefore, the present invention significantly reduces data service provider
Calculation cost;
4th, data service provider moderately increases virtual data in each piecemeal in the present invention so that the number of all piecemeals
It is completely the same with size according to form, reduce the risk of information leakage, so as to improve the security of system.
5th, the key generation in the present invention, distribution are managed independently by data service provider completely with renewal, it is not necessary to are borrowed
Other KMCs or believable third party are helped, so as to reduce the cost of implementation of system, namely improves system
Realizability.
Brief description of the drawings
Fig. 1 is the system model figure of the present invention;
Fig. 2 is the data block division figure of the present invention.
Embodiment
Technical solution of the present invention is described in detail in conjunction with the accompanying drawings and embodiments below, but the protection model of the present invention
Enclose and be not limited to the embodiment.
As shown in figure 1, in the present embodiment, a kind of location privacy protection method based on Cloud Server is to be applied to several
In the distributed network environment that mobile subscriber, a data service provider and a Cloud Server are formed, the network environment position
In in same map area, its specific physical model is as shown in Figure 1:1. mobile subscriber U.Feature is taken according to position
Business, it may move;2. data service provider SP.Whole system is initialized, and is data owner, can be provided for mobile subscriber
Location-based diversified service, the mechanism half is credible.3. Cloud Server CS.Data service provider SP is by paying or handing over
Pay etc. mode store data on CS, the data stored on Cloud Server CS are full disclosures, and the mechanism half is credible.It is mobile
User U identity assumes that Cloud Server CS can correct identification data provider SP by metadata provider SP certifications.
Data service provider SP by data according to position block encryption, Encrypt and Decrypt corresponding to the piecemeal on diverse location
Key is different, and then data service provider SP uploads the encryption data of all piecemeals and store into Cloud Server CS, mobile
The encryption data of piecemeal where user U obtains according to the position of oneself from Cloud Server CS, and please to data service provider
Seek corresponding decruption key.Specifically, location privacy protection method is to carry out as follows:
Step 1, data service provider SP generations and public address system parameter;
(1.1) a security parameter d is given, data service provider SP establishes finite field Fp, wherein Big prime p is according to such as
Lower step generation:
A) Big prime p bit length d is determined;According to specific demand for security, security parameter l=1024 is such as set, then is existed
In ElGamal cipher systems, d=1024;
B) one bit length of random generation is the odd number q that the last position of d bits is 1;
C) prime number examination method is used to judge that q whether for prime number, if then making p=q, otherwise re-executes step b.
(1.2) data service provider SP is in finite field FpOne multiplicative cyclic group G of upper selection, and cyclic group G rank is
q;
(1.3) data service provider SP selection multiplicative cyclic groups G two q ranks generate member at random, labeled as g, h;
(1.4) data service provider SP public address systems parameter { l, Fp,G,q,g,h}。
Region carries out piecemeal, and profit according to the map by all data related to position by step 2, data service provider SP
The block data in each region is encrypted with public key, then the block data after encryption is uploaded in Cloud Server CS and deposited
Storage;Wherein, public, private key difference corresponding to the block data in different zones;
Step 2.1, data service provider SP disclose a coordinate system established according to the boundary rectangle of map area,
And map area is divided into s × t piecemeal in coordinate system, wherein any one piecemeal is designated as Dij, 1≤i≤s, 1≤j≤
t;
(2.1.1) as shown in Fig. 2 data service provider SP according to region trim lines, by whole region it is regular be one
Rectangle, and establish coordinate system;
(2.1.2) data service provider SP will be regular after rectangle according to certain regional rule to be divided into s × t big
Small equal piecemeal, and each piecemeal is labeled as Dij, wherein 1≤i≤s, 1≤j≤t;
Here s × t size is relevant with service precision and calculating and communication cost, and s × t is bigger, and user, which inquires about, to be returned
Data will be fewer, service precision reduce, and calculate and communication cost will be higher;Conversely, s × t is smaller, user inquires about what is returned
Data will be more, and service precision improves, and calculating and communication cost will be smaller.
Step 2.2, data service provider SP are entered all data related to position by introducing some virtual datas
Row format standardization so that the data in each piecemeal are consistent from form and quantity;And by any piecemeal DijIt is interior
Data be designated as Mij;
(2.2.1) data service provider SP unifies the size of each block data, and specific implementation can be:Take piecemeal
Maximum data item and data length in data are standard, are that other sparse piecemeals add virtual data point so that any two
Piecemeal can not put differentiation from data format and the enterprising line position of data volume.
(2.2.2) data service provider SP is by piecemeal DijData total abstract be labeled as Mij, wherein 1≤i≤s, 1
≤j≤t;
Step 2.3, data service provider SP are any piecemeal DijGenerate public and private key (pkij,skij), and open public key
pkij, secret preservation private key skij;
(2.3.1) data service provider SP is that each piecemeal chooses random numberAnd calculateIts
In 1≤i≤s, 1≤j≤t.Then pkijFor piecemeal DijPublic key, skij=xijFor piecemeal DijPrivate key.
(2.3.2) data service provider SP discloses all piecemeal public key pkij, because discrete mathematics difficult problem is false
If even if user knows public key pkij, can not also obtain private key skij;Secret preserves the private key sk of all piecemealsij, and establish hidden
Private database, store all piecemeal private keys.
Step 2.4, data service provider SP utilize any piecemeal DijPublic key pkijTo data MijCarry out EIGaml calculations
Method is encrypted, and forms ciphertextAfter send to Cloud Server CS storage.
(2.4.1) data service provider SP utilizes piecemeal public key pkijTo block data MijIt is encrypted.Actually should
The M duringijLength it is general all longer, it is apparent in order to state, it is assumed here that MijAn only clear packets.Specifically
Encrypting embodiment can be:SP is randomly selectedAnd calculate
Form ciphertextWherein 1≤i≤s, 1≤j≤t.
(2.4.2) data service provider SP is by all block encryption dataSend Cloud Server CS to.
Step 3, any mobile subscriber U obtain the ciphertext of region block data according to itself current actual positions, and
The private key of region block data is asked to data service provider SP using oblivious transfer protocol, so as to decrypt ciphertext,
And obtain corresponding clear data;
The physical location of step 3.1, any mobile subscriber U in itself current place map area, obtains affiliated point
Block Dab, wherein 1≤a≤s, 1≤b≤t;
Step 3.2, any mobile subscriber U obtain affiliated piecemeal D using oblivious transfer protocolabPrivate key skab;
(3.2.1) any mobile subscriber U is according to itself affiliated area Dab, v=b+ (a-1) × t is calculated, and choose random numberCalculate z=grhv, z is sent to data service provider SP.
After (3.2.2) data service provider SP receives z, random number is chosen for each piecemealAnd calculateWherein 1≤i≤s, 1≤j≤t.Will be allIt is sent to mobile use
Family U.
(3.2.3) mobile subscriber U receives allAfterwards, can calculateWhere obtaining
The decruption key sk of positionab;
Step 3.3, any mobile subscriber U piecemeal D according to belonging to currentabCorresponding ciphertext is downloaded from Cloud Server CSAnd utilize private key skabIt is decrypted, so as to obtain clear data Mab。
Mobile subscriber U utilizes decruption key skabIt is decrypted as follows:
So as to obtain clear data Mab;
Step 4, data service provider SP regularly update the key of all block datas, and regular more by Cloud Server CS
The ciphertext of new all block datas.
Step 4.1, data service provider SP generate a private key sk ' at randomijAs any piecemeal DijNew private key,
And according to new private key sk 'ijNew public key pk ' is calculatedij, and the secret new private key sk ' of preservationij, only new public key pk ' is disclosedij;
Step 4.2, data service provider SP are according to any piecemeal DijNew private key sk 'ijWith new public key pk 'ij, generation
One assistance messages FijAnd it is sent to Cloud Server CS;
(4.2.1) data service provider SP is according to new private key sk 'ijAnd the secret former private key sk preservedij, calculate Δ
xij=sk 'ij-skij(modq) (i.e. sk 'ij=skij+Δxij(modq)),pk′ij=pkij·Δ
pkij;
(4.2.2) data service provider SP is calculatedWhereinObtain, then aid in from Cloud Server CS
Message Fij=(C 'ij,Δpkij), and by FijIt is sent to Cloud Server CS;
Step 4.3, Cloud Server CS are according to assistance messages FijAnd new public key pk 'ijTo corresponding sub-block DijCiphertextIt is updated, the ciphertext after being updatedAnd store.
(4.3.1) Cloud Server CS receives assistance messages (C 'ij,Δpkij) after, choose random numberCalculate renewal
Ciphertext afterwardsSpecific implementation can be in the following way:
The ciphertext of storage is updated to by (4.3.2) Cloud Server CSBecause discrete logarithm is difficult
Property assume problem, user U there is no renewal after private key sk 'ijIn the case of, even if it possesses former private key skij, and
Obtain the ciphertext after renewalAlso it can not decrypt and obtain clear data Mij;Similarly, because Cloud Server can not obtain
Private key sk after original/renewal of any piecemealij/sk′ij, the ciphertext after original/renewal of any piecemeal can not be also decrypted certainlySo as to know real data.
Further, in step (4.3.2), the correctness reasoning that ciphertext updates is respectively as shown in formula (6) and formula (7):
Further, the key in the location privacy protection method based on Cloud Server and ciphertext security are based on discrete
Mathematical difficulties assume problem (Discrete Logarithm Problem, DLP):Given element ga∈ G, solve
Claims (4)
1. a kind of location privacy protection method based on Cloud Server, it is applied to several mobile subscribers, a data, services
In the distributed network environment that provider and a Cloud Server are formed, the distributed network environment is located at same map area
In domain, remember any one mobile subscriber be U, data service provider SP, Cloud Server CS;It is characterized in that the position
Method for secret protection is to carry out in accordance with the following steps:
Step 1, data service provider SP generations and public address system parameter;
Region carries out piecemeal, and profit according to the map by all data related to position by step 2, the data service provider SP
The block data in each region is encrypted with public key, then the block data after encryption is uploaded in the Cloud Server CS
Storage;Wherein, public, private key difference corresponding to the block data in different zones;
Step 3, any mobile subscriber U obtain the ciphertext of region block data according to itself current actual positions, and
The private key of region block data is asked to the data service provider SP using oblivious transfer protocol, it is close so as to decrypt
Text, and obtain corresponding clear data;
Step 4, the data service provider SP regularly update the key of all block datas, and are determined by the Cloud Server CS
Phase updates the ciphertext of all block datas.
2. according to the location privacy protection method described in claim 1, it is characterised in that the step 2 is as follows
Carry out:
Step 2.1, the data service provider SP disclose a seat established according to the boundary rectangle of the map area
Mark system, and the map area is divided into s × t piecemeal in the coordinate system, wherein any one piecemeal is designated as Dij, 1
≤ i≤s, 1≤j≤t;
Step 2.2, the data service provider SP are entered all data related to position by introducing some virtual datas
Row format standardization so that the data in each piecemeal are consistent from form and quantity;And by any piecemeal DijIt is interior
Data be designated as Mij;
Step 2.3, the data service provider SP are any piecemeal DijGenerate public and private key (pkij,skij), and open public key
pkij, secret preservation private key skij;
Step 2.4, the data service provider SP utilize any piecemeal DijPublic key pkijTo data MijCarry out EIGaml calculations
Method is encrypted, and forms ciphertextAfter send Cloud Server CS storage to.
3. according to the location privacy protection method described in claims 1, it is characterised in that step 3 is to enter as follows
OK:
The physical location of step 3.1, any mobile subscriber U in itself current place map area, obtains affiliated point
Block Dab, wherein 1≤a≤s, 1≤b≤t;
Step 3.2, any mobile subscriber U obtain affiliated piecemeal D using oblivious transfer protocolabPrivate key skab;
Step 3.3, any mobile subscriber U piecemeal D according to belonging to currentabDownloaded from the Cloud Server CS corresponding close
TextAnd utilize private key skabIt is decrypted, so as to obtain clear data Mab。
4. location privacy protection method according to claim 1, it is characterised in that the step 4 is to enter according to the following procedure
OK:
Step 4.1, the data service provider SP generate a private key sk at randomij' it is used as any piecemeal DijNew private key, and
According to the new private key sk 'ijNew public key pk ' is calculatedij, and the secret preservation new private key sk 'ij, only the new public affairs are disclosed
Key pk 'ij;
Step 4.2, the data service provider SP are according to any piecemeal DijThe new private key sk 'ijWith the new public affairs
Key pk 'ij, generate an assistance messages FijAnd it is sent to the Cloud Server CS;
Step 4.3, the Cloud Server CS are according to the assistance messages FijAnd the new public key pk 'ijTo corresponding sub-block Dij's
CiphertextIt is updated, the ciphertext after being updatedAnd store.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710551578.XA CN107347096B (en) | 2017-07-07 | 2017-07-07 | Location privacy protection method based on cloud server |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710551578.XA CN107347096B (en) | 2017-07-07 | 2017-07-07 | Location privacy protection method based on cloud server |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107347096A true CN107347096A (en) | 2017-11-14 |
CN107347096B CN107347096B (en) | 2019-09-27 |
Family
ID=60256919
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710551578.XA Expired - Fee Related CN107347096B (en) | 2017-07-07 | 2017-07-07 | Location privacy protection method based on cloud server |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107347096B (en) |
Cited By (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107749865A (en) * | 2017-12-07 | 2018-03-02 | 安徽大学 | Location privacy query method based on homomorphic encryption |
CN107886010A (en) * | 2017-12-21 | 2018-04-06 | 中国电力科学研究院有限公司 | The data managing method of privacy of user is protected under big data environment |
CN110650119A (en) * | 2019-08-20 | 2020-01-03 | 阿里巴巴集团控股有限公司 | Data transmission method and device and electronic equipment |
CN111526155A (en) * | 2020-04-30 | 2020-08-11 | 桂林电子科技大学 | System for protecting user privacy in social network and optimal path matching method |
CN111723394A (en) * | 2020-04-22 | 2020-09-29 | 北京大学 | Privacy protection distributed computing method and system for dynamically loading code base |
WO2020211485A1 (en) * | 2019-04-19 | 2020-10-22 | 创新先进技术有限公司 | Data processing method and apparatus, and electronic device |
CN112055021A (en) * | 2020-09-08 | 2020-12-08 | 苏州同济区块链研究院有限公司 | Imperial transmission method and device based on elliptic curve |
CN112135278A (en) * | 2020-10-09 | 2020-12-25 | 成都淞幸科技有限责任公司 | D2D communication privacy protection method facing 5G |
CN112307149A (en) * | 2020-10-30 | 2021-02-02 | 陕西师范大学 | Spatial data range query method with access mode protection |
CN112367305A (en) * | 2020-10-22 | 2021-02-12 | 香港中文大学(深圳) | Privacy block chain-based vehicle networking protection method and mobile terminal |
US10936605B2 (en) | 2019-04-19 | 2021-03-02 | Advanced New Technologies Co., Ltd. | Providing oblivious data transfer between computing devices |
CN112468445A (en) * | 2020-10-29 | 2021-03-09 | 广西电网有限责任公司 | AMI lightweight data privacy protection method for power Internet of things |
CN112887973A (en) * | 2021-01-19 | 2021-06-01 | 河南科技大学 | Social networking location privacy protection method based on double k-anonymity |
CN112910631A (en) * | 2021-02-08 | 2021-06-04 | 上海海洋大学 | Efficient privacy set intersection calculation method and system based on assistance of cloud server |
CN113468553A (en) * | 2021-06-02 | 2021-10-01 | 湖北工业大学 | Privacy protection analysis system and method for industrial big data |
CN113742779A (en) * | 2021-09-18 | 2021-12-03 | 湖北工业大学 | Service customization system and method with privacy protection function |
CN114143055A (en) * | 2021-11-24 | 2022-03-04 | 国网江苏省电力有限公司营销服务中心 | Data distribution method and credible tracing method based on block chain |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101026869A (en) * | 2006-02-24 | 2007-08-29 | 中兴通讯股份有限公司 | Privacy control method for position service |
CN103957109A (en) * | 2014-05-22 | 2014-07-30 | 武汉大学 | Cloud data privacy protection security re-encryption method |
CN104703138A (en) * | 2015-03-19 | 2015-06-10 | 福建师范大学 | Method and system for protecting location privacy |
CN104994068A (en) * | 2015-05-22 | 2015-10-21 | 武汉大学 | Multimedia content protection and safe distribution method in cloud environment |
CN105812354A (en) * | 2016-03-07 | 2016-07-27 | 江苏大学 | LBS-based anti-attack location privacy protection method for IoV |
CN104079574B (en) * | 2014-07-02 | 2017-04-12 | 南京邮电大学 | User privacy protection method based on attribute and homomorphism mixed encryption under cloud environment |
-
2017
- 2017-07-07 CN CN201710551578.XA patent/CN107347096B/en not_active Expired - Fee Related
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101026869A (en) * | 2006-02-24 | 2007-08-29 | 中兴通讯股份有限公司 | Privacy control method for position service |
CN103957109A (en) * | 2014-05-22 | 2014-07-30 | 武汉大学 | Cloud data privacy protection security re-encryption method |
CN104079574B (en) * | 2014-07-02 | 2017-04-12 | 南京邮电大学 | User privacy protection method based on attribute and homomorphism mixed encryption under cloud environment |
CN104703138A (en) * | 2015-03-19 | 2015-06-10 | 福建师范大学 | Method and system for protecting location privacy |
CN104994068A (en) * | 2015-05-22 | 2015-10-21 | 武汉大学 | Multimedia content protection and safe distribution method in cloud environment |
CN105812354A (en) * | 2016-03-07 | 2016-07-27 | 江苏大学 | LBS-based anti-attack location privacy protection method for IoV |
Non-Patent Citations (2)
Title |
---|
王家礼: "面向云环境的高效匿名认证系统的设计与实现", 《电脑知识与技术》 * |
裴媛媛: "面向位置服务的用户隐私保护", 《计算机工程》 * |
Cited By (31)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107749865B (en) * | 2017-12-07 | 2019-11-15 | 安徽大学 | Location privacy query method based on homomorphic encryption |
CN107749865A (en) * | 2017-12-07 | 2018-03-02 | 安徽大学 | Location privacy query method based on homomorphic encryption |
CN107886010A (en) * | 2017-12-21 | 2018-04-06 | 中国电力科学研究院有限公司 | The data managing method of privacy of user is protected under big data environment |
WO2020211485A1 (en) * | 2019-04-19 | 2020-10-22 | 创新先进技术有限公司 | Data processing method and apparatus, and electronic device |
US11194824B2 (en) | 2019-04-19 | 2021-12-07 | Advanced New Technologies Co., Ltd. | Providing oblivious data transfer between computing devices |
US10936605B2 (en) | 2019-04-19 | 2021-03-02 | Advanced New Technologies Co., Ltd. | Providing oblivious data transfer between computing devices |
CN110650119A (en) * | 2019-08-20 | 2020-01-03 | 阿里巴巴集团控股有限公司 | Data transmission method and device and electronic equipment |
CN110650119B (en) * | 2019-08-20 | 2022-01-21 | 创新先进技术有限公司 | Data transmission method and device and electronic equipment |
CN111723394B (en) * | 2020-04-22 | 2022-10-11 | 北京大学 | Privacy protection distributed computing method and system for dynamically loading code base |
CN111723394A (en) * | 2020-04-22 | 2020-09-29 | 北京大学 | Privacy protection distributed computing method and system for dynamically loading code base |
CN111526155B (en) * | 2020-04-30 | 2022-09-09 | 桂林电子科技大学 | System for protecting user privacy in social network and optimal path matching method |
CN111526155A (en) * | 2020-04-30 | 2020-08-11 | 桂林电子科技大学 | System for protecting user privacy in social network and optimal path matching method |
CN112055021A (en) * | 2020-09-08 | 2020-12-08 | 苏州同济区块链研究院有限公司 | Imperial transmission method and device based on elliptic curve |
CN112055021B (en) * | 2020-09-08 | 2021-07-23 | 苏州同济区块链研究院有限公司 | Imperial transmission method and device based on elliptic curve |
CN112135278A (en) * | 2020-10-09 | 2020-12-25 | 成都淞幸科技有限责任公司 | D2D communication privacy protection method facing 5G |
WO2022082893A1 (en) * | 2020-10-22 | 2022-04-28 | 香港中文大学(深圳) | Privacy blockchain-based internet of vehicles protection method, and mobile terminal |
CN112367305A (en) * | 2020-10-22 | 2021-02-12 | 香港中文大学(深圳) | Privacy block chain-based vehicle networking protection method and mobile terminal |
CN112367305B (en) * | 2020-10-22 | 2022-05-20 | 香港中文大学(深圳) | Internet of vehicles protection method based on privacy block chain and mobile terminal |
CN112468445A (en) * | 2020-10-29 | 2021-03-09 | 广西电网有限责任公司 | AMI lightweight data privacy protection method for power Internet of things |
CN112307149B (en) * | 2020-10-30 | 2022-11-25 | 陕西师范大学 | Spatial data range query method with access mode protection |
CN112307149A (en) * | 2020-10-30 | 2021-02-02 | 陕西师范大学 | Spatial data range query method with access mode protection |
CN112887973B (en) * | 2021-01-19 | 2022-07-26 | 河南科技大学 | Social networking location privacy protection method based on double k-anonymity |
CN112887973A (en) * | 2021-01-19 | 2021-06-01 | 河南科技大学 | Social networking location privacy protection method based on double k-anonymity |
CN112910631A (en) * | 2021-02-08 | 2021-06-04 | 上海海洋大学 | Efficient privacy set intersection calculation method and system based on assistance of cloud server |
CN112910631B (en) * | 2021-02-08 | 2022-11-22 | 上海海洋大学 | Efficient privacy set intersection calculation method and system based on cloud server assistance |
CN113468553B (en) * | 2021-06-02 | 2022-07-19 | 湖北工业大学 | Privacy protection analysis system and method for industrial big data |
CN113468553A (en) * | 2021-06-02 | 2021-10-01 | 湖北工业大学 | Privacy protection analysis system and method for industrial big data |
CN113742779A (en) * | 2021-09-18 | 2021-12-03 | 湖北工业大学 | Service customization system and method with privacy protection function |
CN113742779B (en) * | 2021-09-18 | 2024-03-22 | 湖北工业大学 | Service customization system and method with privacy protection function |
CN114143055A (en) * | 2021-11-24 | 2022-03-04 | 国网江苏省电力有限公司营销服务中心 | Data distribution method and credible tracing method based on block chain |
CN114143055B (en) * | 2021-11-24 | 2023-12-01 | 国网江苏省电力有限公司营销服务中心 | Block chain-based data distribution method and trusted traceability method |
Also Published As
Publication number | Publication date |
---|---|
CN107347096B (en) | 2019-09-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107347096B (en) | Location privacy protection method based on cloud server | |
Hao et al. | Fine-grained data access control with attribute-hiding policy for cloud-based IoT | |
Li et al. | Full verifiability for outsourced decryption in attribute based encryption | |
CN107749865B (en) | Location privacy query method based on homomorphic encryption | |
Liu et al. | Efficient and privacy-preserving outsourced calculation of rational numbers | |
US8964982B2 (en) | Cryptographic system, cryptographic communication method, encryption apparatus, key generation apparatus, decryption apparatus, content server, program, and storage medium | |
Guo et al. | TABE-DAC: Efficient traceable attribute-based encryption scheme with dynamic access control based on blockchain | |
CN103023637B (en) | Encryption and search method for revocable keyword search public keys in cloud storage | |
JP6363032B2 (en) | Key change direction control system and key change direction control method | |
CN102396012B (en) | Secret distribution system, distribution device, distribution management device, acquisition device, processing methods for said devices, secret distribution method | |
JP5979141B2 (en) | Encrypted statistical processing system, apparatus, method and program | |
CN105812349B (en) | A kind of unsymmetrical key distribution of identity-based information and message encryption method | |
CN106612271A (en) | Encryption and access control method for cloud storage | |
Murugesan et al. | Analysis on homomorphic technique for data security in fog computing | |
Rana et al. | Efficient and secure attribute based access control architecture for smart healthcare | |
Baseri et al. | Privacy preserving fine-grained location-based access control for mobile cloud | |
CN107086912A (en) | Ciphertext conversion method, decryption method and system in a kind of heterogeneous storage system | |
Yan et al. | Traceable and weighted attribute-based encryption scheme in the cloud environment | |
Belguith et al. | CUPS: secure opportunistic cloud of things framework based on attribute‐based encryption scheme supporting access policy update | |
Yu et al. | Decentralized, revocable and verifiable attribute-based encryption in hybrid cloud system | |
CN113824713B (en) | Key generation method, system and storage medium | |
WO2022136282A1 (en) | Method, first server, second server and system for secure key transmission | |
Li et al. | A Dynamic Location Privacy Protection Scheme Based on Cloud Storage. | |
Hwang et al. | An SKP‐ABE Scheme for Secure and Efficient Data Sharing in Cloud Environments | |
Schipor | On the anonymization of Cocks IBE scheme |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20190927 |