CN108632237A - A kind of position service method based on the anonymity of more Anonymizers - Google Patents

A kind of position service method based on the anonymity of more Anonymizers Download PDF

Info

Publication number
CN108632237A
CN108632237A CN201710829864.8A CN201710829864A CN108632237A CN 108632237 A CN108632237 A CN 108632237A CN 201710829864 A CN201710829864 A CN 201710829864A CN 108632237 A CN108632237 A CN 108632237A
Authority
CN
China
Prior art keywords
user
anonymizer
anonymizers
information
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710829864.8A
Other languages
Chinese (zh)
Inventor
张少波
廖俊国
宁红辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hunan University of Science and Technology
Original Assignee
Hunan University of Science and Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hunan University of Science and Technology filed Critical Hunan University of Science and Technology
Priority to CN201710829864.8A priority Critical patent/CN108632237A/en
Publication of CN108632237A publication Critical patent/CN108632237A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • H04L63/0421Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1466Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/52Network services specially adapted for the location of the user terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Telephonic Communication Services (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a kind of position service methods based on the anonymity of more Anonymizers, include the following steps:Mobile terminal carries out authentication to CA and obtains assumed name;Shamir threshold schemes are utilized simultaneously, and user's inquiry content is divided into n one's share of expenses for a joint undertaking information;It is anonymous that step 2, mobile terminal select n different Anonymizers to carry out user, and n one's shares of expenses for a joint undertaking information is sent to LBS service device through these Anonymizers;Step 3, LBS service device, which polymerize first from n Anonymizer, receives t parts of information, and recovering user according to Shamir threshold schemes inquires content, then according to the POIs for including in the inquiry content search anonymity region in LBS databases;Step 4, LBS service device randomly choose w different Anonymizers and forward encrypted candidate result collection to mobile terminal;Step 5, mobile terminal obtain accurate query result by filtering refinement.Present invention enhances user trajectory secret protections, efficiently solve the single point failure risk of single Anonymizer.

Description

A kind of position service method based on the anonymity of more Anonymizers
Technical field
The present invention relates to Computer Science and Technology field, more particularly to a kind of location-based service based on the anonymity of more Anonymizers Method.
Background technology
With quickly universal, mobile Internet and location technology the rapid development of intelligent terminal, taken based on position The mobile social networking APP of business (Location Based Service, LBS) is also used widely, such as Foursquare, Twitter and Loopt etc..These APP bring great convenience to people's life, and typical application includes:Communication navigation, It was found that nearest cinema, hospital etc..In the APP applications of LBS, user need to send the position of oneself and inquiry content to LBS servers, to obtain expected query result, however people are also faced with personal quick while enjoying LBS and offering convenience Feel the risk of information leakage.Attacker inquires according to the LBS that user continuously transmits, and can track the daily behavior rail of user Mark, and the sensitive information of specific user may be analyzed, such as living habit, work address and social relationships, this will give and use Family individual privacy brings great security risk.Therefore, science has been caused based on the protecting track privacy problem in location-based service The extensive concern on boundary and industrial quarters, and it is in the urgent need to address.
To reduce based on the track privacy leakage in location-based service, domestic and foreign scholars have proposed some protecting track privacy sides Method, they mainly use two kinds of basic structures:Based on point-to-point structure and it is based on trusted third party (Fully-Trusted Third Party, TTP) central server structure.It is mutually credible between user in based on point-to-point structure, they After forming anonymous domain by way of cooperation, then sends and inquire to LSP.Chow etc. is put forward for the first time the point-to-point anonymity of user collaboration Algorithm, mobile subscriber find other K-1 neighbour users by single-hop or multihop routing, and it includes K user to form one Anonymous domain re-sends to LSP inquiries.During finding user, this method will produce compared with large overhead.Generally, in point It needs to carry out certain anonymity or conversion process before sending inquiry to mobile subscriber in structure, this will generate mobile terminal Larger computing cost, while it is not avoided that the attack of malicious user.
In based on TTP central server structures, a credible Anonymizer is introduced, as the centre between user and LSP Body is responsible for and query result refinement anonymous to user location.It is the central server knot based on trusted third party as shown in Figure 1 Composition.Inquiry request is sent to Anonymizer by user first in the structure, and then the service request of user is pressed user by Anonymizer Privacy requirements form one and include the anonymous domain of K user, and send it to LSP and inquired, obtain query results It returns again to Anonymizer, last credible Anonymizer carries out refinement according to user demand to candidate result collection, and precise results are returned Back to user.But the central server structure based on trusted third party has three:(a) Anonymizer knows that user's is accurate Position, if it is broken through by attacker, it will bring serious security threat.(b) it is heavy to carry anonymity, refinement etc. for Anonymizer Calculating task, easily become the performance bottleneck in the structure.(c) in reality, it is also difficult to find one completely believable the Tripartite's entity.
Therefore, it is necessary to design a kind of method that can solve drawbacks described above.
Invention content
Technical problem solved by the invention is, for defect existing for TTP structural models, it is proposed that one kind is based on hideing more The position service method of name device anonymous (Anonymity Based on Multi-Anonymizer, AMA), strengthens to user The protection of track privacy also efficiently solves the problems, such as the single point failure risk and performance bottleneck of single Anonymizer.
Position service system based on the anonymity of more Anonymizers is as shown in Figure 2.According to role different in system and function, it is System is mainly made of 4 class entities:Mobile terminal, authentication center, more Anonymizers and the LSP that user carries.
The mobile terminal that user carries:With global location, storage and wireless communication function are calculated, a variety of sides can be passed through Formula (Wi-Fi or 3G/4G mobile communication networks) is linked into mobile network, and the solicited message of different moments is continually transmitted to LBS is inquired, to be serviced expected from acquisition.It also has the function of some other basic handlings in this programme simultaneously, such as produces Raw key is converted inquiry content and key, is divided and aggregation information etc..
Authentic authentication center:It is a trusted entity, and major function is responsible for the identity registration of user and LSP and tests Card signs and issues the certificate of energy a user bound public key and user identifier for them.It also has publication user's assumed name in this programme And certificate function, user can randomly choose different assumed names in each inquiry, make attacker that cannot identify use in Anonymizer The real trace and inquiry content at family.
More Anonymizers:More Anonymizers are multiple parallel Anonymizer entities between user and LSP, they all have pair User location carries out anonymous and forwarding user's inquiry request and result effect.In each inquiry, user can be at random from more It selects an Anonymizer to carry out user location in a Anonymizer anonymous, prevents attacker from single Anonymizer from obtaining user's rail Mark.
LSP:It is an online location based service provider (such as public comment, Baidu map and ooze capable), he Possess largely with the relevant service of location-based service and information resources, various data services can be provided to the user.When LBS service device is received After inquiry request being sent out to service user, the POIs that it is specified in database search service user, and service user need will be met The query result asked returns to service user.In the present solution, LSP is recovered according to Shamir threshold schemes in user's inquiry first Hold, then search for the POIs of user in the database according to the inquiry content, result set is finally divided into n parts of candidate result collection, And return to user through n Anonymizer.
A kind of position service method based on the anonymity of more Anonymizers, includes the following steps:
Step 1, user by the mobile terminal of carrying to authentic authentication center CA (Certificate Authority) into Row identity registration;After identity registration passes through, CA is generated for user multiple assumed names and certificate and returns to user;Meanwhile user takes The mobile terminal of band utilizes Shamir threshold schemes, and the inquiry content of user is divided into n one's share of expenses for a joint undertaking information;
Step 2, user randomly choose from N number of Anonymizer n different Anonymizers by the mobile terminal of carrying, and n≤ N;And a sub-information and a randomly selected assumed name are sent to one of Anonymizer, it is responsible for user by the Anonymizer Anonymity is carried out, re-sending to LBS service device behind the anonymous region of formation is inquired;Meanwhile other n-1 one's shares of expenses for a joint undertaking information being sent out respectively It is sent to other n-1 Anonymizers and re-sends to LBS service device;
Step 3, LBS service device, which polymerize first from n Anonymizer, receives t parts of information, is restored according to Shamir threshold schemes Go out the inquiry content of user, then according to the POIs for including in the inquiry content search anonymity region in LBS databases, wherein n≥t;
Query result is divided into w candidate result collection by step 4, LBS service device, and is carried out respectively to it using user key Encryption, w≤N;Then LBS service device randomly chooses w different Anonymizer from N number of Anonymizer, and forwards the w respectively by them The mobile terminal that encrypted candidate result collection is carried to user;
The mobile terminal that step 5, user carry after w Anonymizer obtains w candidate result collection, is asked respectively by filtering Essence obtains accurate query result.
The basic thought of Shamir threshold schemes:If t, n is positive integer, and t≤n.If a secret S is decomposed into n One's share of expenses for a joint undertaking secret s1,s2,...,sn, then give it to n participant P respectively1,P2,...,PnDistribute a sub-secret si (1≤i ≤ n), then at least need t participant P1,P2,...,PtIt is used together t one's share of expenses for a joint undertaking secrets siPolymerization, could obtain secret S, and lack In t participant PiSecret S cannot be then calculated, then the program is referred to as (t, n) threshold schemes, and t is threshold value.
Shamir threshold schemes are realized based on Lagrange interpolation formulas.
Shamir threshold schemes are broadly divided into the following three stage:
(1) it is prime number to initialize secret distributor and select a finite field gf (p), wherein p.Meanwhile in finite field with Machine selectes n non-zero and mutually different element xj(j=1,2 ..., n), xiValue is open;Initialization threshold value is t;
(2) secret distribution one t-1 rank multinomial F (x) of random configuration, and shared secret S is the polynomial constant term, That is F (0)=S:
F (x)=(S+m1x+m2x2+…+mt-1xt-1)mod q (1)
Wherein:m1,m2,...,mt-1It is the randomly selected t-1 element in GF (p), and t is less than or equal to the whole of n Number.
Then by xjIt substitutes into multinomial F (x) and calculates F (xj), and by (xj,F(xj)) sent respectively as a sub-secret To n participant, by n participant P1,P2,...,PnHold, participant PjTo the F (x heldj) secrecy.
(3) secret reconstruct is only equal in n participant or extra t participant holds corresponding sub-secret (xj, F(xj)), secret S could be recovered by Lagrange interpolation formulas, and the sub-secret held less than t participant just can not Multinomial is recovered, and then cannot get secret S.
Position service method based on the anonymity of more Anonymizers is broadly divided into 5 steps:User's inquiry request, Anonymizer are hidden Name, server inquiry, Anonymizer forwarding are with user's refinement as a result, following will respectively be introduced it.Symbol in AMA methods Definition and description are as shown in table 1.
Symbol definition in 1 AMA methods of table and description
Step 1:User's inquiry request
A, thresholding splicing mechanism
Before user sends out inquiry, he needs to carry out the key usage threshold splicing mechanism for inquiring content and user's generation Segmentation.Since threshold secret sharing scheme can only handle numerical information, user must be first according to specific language ring before segmentation Border selects suitable coding mode (Unicode, ANSI or ASCII etc.) to turn the character information that user needs to inquire in content q It is changed to numerical information.Then, user will inquire content q using Shamir threshold schemes, and randomly generate key k and be divided into n respectively Number value information.The step the specific implementation process is as follows:
T-1 element m is arbitrarily selected in GF (p)i(i=1,2 ..., t-1) constitute t-1 rank multinomials:
Wherein:P is a Big prime, and p>S needs the information S=F (0) divided;Then, user can pass through formula (3) n sub-information is generated:
Content q will be inquired as the S in formula (3), select n non-zero and mutually different element at random in finite field qj(j=1,2 ..., n) as the x in formula (3)j(j=1,2 ..., n) substitutes into formula (3), obtained F (xj), as F (qj);Thus n subquery content { [q is obtained1, F (q1)],[q2,F(q2)],…,[qn,F(qn)], enable Qj=[qj,F (qj)], n subquery content is abbreviated as { Q1,Q2,…,Qn};
Using key k as the S in formula (3), n non-zero and mutually different element k are selected at random in finite fieldj (j=1,2 ..., n) as the x in formula (3)j(j=1,2 ..., n) substitutes into formula (3), obtained F (xj), as F (kj); Thus n sub-key { [k is obtained1,F(k1)],[k2,F(k2)],…,[kn,F(kn)], enable Kj=[kj,F(kj)], by n son Key is abbreviated as { K1,K2,…,Kn};
Thus n sub-information { (Q is obtained1,K1),(Q2,K2),…,(Qn,Kn)};
B, dynamic assumed name mechanism
During continuous-query, user is taken using different assumed names to anonymity every time by continuous dynamic mapping assumed name Business sends out forwarding inquiries request, and attacker cannot obtain the true identity of user from single Anonymizer, can not obtain user Trace information.The symbol that assumed name mechanism is used is as shown in table 2, and the process that user obtains assumed name mainly has following three step:
2 this section symbol of table and description
1) user service registration user is when first logging into system, need with the identity information of oneself to authentic authentication center into Row registration.User selects a random number r first1As its temporary key, and by itself and User Identity IDuTogether into Row asymmetric encryption, the login request message of generationIt is then forwarded to CA.Then, CA is that the user generates a pair Public and private key is to PKuAnd SKu, and use the key r of the user1To IDu、PKuAnd SKuSymmetric cryptography is carried out, returning for user is generated Multiple messageIt returns again to user.Finally, user is with key r1Decrypt messageObtain PKuAnd SKuPublic and private key pair.
2) when user needs to apply for certificate to CA, he uses the private key SK of oneself first for user service certificationuTo user Identity IDuIt is signed to obtainAnd by oneself identity IDu, to IDuDigital signatureAnd it is raw At random temporary key r2It is used together the public key PK of CACAAsymmetric encryption is carried out, the request message of user is generatedAnd send it to CA.Then, its private key SK of CACADecoding request messageAnd use client public key PKuVerify his digital signatureI.e. using use Family public key PKuTo user identity IDuIt is digitally signed to obtainIfThen test It demonstrate,proves successfully.Assumed name can just be generated for user when being only proved to be successful, and distribute assumed name and certificate.
3) user's assumed name and credential distribution CA are that user randomly chooses two Hash seed HS firstu,1、HSu,2, and by they With user identity IDuThe common record information for generating user<IDu,HSu,1,HSu,2>, while M assumed name is also generated for user in CA
H1,i=hashi(HSu,1) (5)
H2,M+1-i=hashM+1-i(HSu,2) (6)
Wherein,Indicate XOR operation;M >=L, L indicate the number of user's continuous-query on motion track, the value of L by User is specified, and purpose herein is to avoid reusing assumed name using different assumed names when user being allowed to inquire every time;H1,iWith H2,M+1-iIt is user's Hash seed HS respectivelyu,1、HSu,2Ith and the obtained hash chain of the M+1-i times Hash operation;Then, The CA public key PK of oneselfCATo assumed nameIt is digitally signed to obtain corresponding certificate And use user key r2Symmetric cryptographyWithGenerate assumed name messageReturn to user;Finally, user is with key r2DecryptionObtain assumed nameWith assumed name certificate
C, Random Maps mechanism
N number of Anonymizer A is shared in AMA track privacy models1,A2,…,AN, Random Maps mechanism is used when user inquires, N the sub-information { (Q that user has been divided1,K1),(Q2,K2),…,(Qn,Kn) it is separately dispensed into n selected at random difference Anonymizer is handled, and N >=n.Use the q in each sub-informationjAnd kjAs variable, constructs a hash function and N is taken Mould, to obtain the Anonymizer number l that the sub-information is mapped to:
L=Hash (qj+kj) modN (j=1,2 ..., n, l ∈ 1,2 ..., N }) (7)
In the above process, when being mapped to the identical Anonymizer of number if there is different sub-informations, it just will produce conflict; To solve the problems, such as this, this programme is handled using the method that quadratic probing hashes again, if Anonymizer number has conflict, is passed through Formula (8) is calculated:
L=(Hash (qj+kj)+v) modN (v=1,2 ..., N-1) (8)
It is 1 that v values are first taken in the formula, conflicts if the Anonymizer number obtained also has, enables v=v+1, until solving to rush Until prominent.Thus a mapping table is constructed, sub-information is separately dispensed into different Anonymizers.
End user selects j-th of Anonymizer by random allocation mechanism in the mapping table, for sending inquiry request, and By the first one's share of expenses for a joint undertaking information (Q1,K1), randomly selected user's assumed nameAnd certificateWith Anonymizer public keyEncryption User current location afterwardsQuery identifier Qid, time threshold T, anonymity degree K and query context radius R shape together At inquiry request message, it is sent to j-th of Anonymizer, request message is:
User is by query identifier Q simultaneouslyidWith other n-1 sub-informations
{[(Q2,K2),Qid],[(Q3,K3),Qid],…,[(Qn,Kn),Qid], according to Random Maps mechanism, pass through safety Channel is sent to n-1 different Anonymizers.
Step 2:Anonymizer is anonymous
After user's query messages are sent to j-th of Anonymizer, decrypted first with its private keyObtain user location Loc, then for the Anonymizer according to other K-1 users near user location loc, anonymity degree K selection users, it includes K to be formed The corresponding query region of user【Each corresponding query region of user is centered on the position of the user, and R is the circle of radius Region】Anonymous region region.In the anonymity region, the probability that attacker can guess out user only has 1/K, and therefore, K values are got over Greatly, anonymous degree is higher.By using assumed name mechanism, attacker cannot obtain the inquiry track of user from the Anonymizer, simultaneously Anonymizer does not know that user inquires content q.Finally, the Anonymizer by region withMiddle other information composition is new to be looked into Ask request messageIt is sent to LBS service device.
Meanwhile other Anonymizers are also respectively by query identifier QidWith n-1 sub-information { [(Q2,K2),Qid],[(Q3, K3),Qid],…,[(Qn,Kn),Qid] it is transmitted to LBS service device.
Step 3:Server is inquired
After LBS service device receives the inquiry request message of Anonymizer transmission, first by user's assumed name thereinAnd certificateIt is sent to CA and carries out legitimate verification, the CA private key SK of oneselfCATo user's assumed nameIt is digitally signed to obtainIfThen pass through verification.Only when user's assumed nameWhen legal, LBS Server can just provide inquiry service to the user, otherwise stop service.Verify it is legal after, LBS service device is first in time threshold T Polymerizeing t has same queries identifier QidSub-information { (Q1,K1),(Q2,K2),…,(Qt,Kt) (t≤n), it then will wherein N subquery content { Q1,Q2,…,Qn, i.e. { [q1,F(q1)],[q2,F(q2)],…,[qn,F(qn)] and n sub-key {K1,K2,…,Kn, i.e. { [k1,F(k1)],[k2,F(k2)],…,[kn,F(kn)] respectively as [xj,F(xj)] it is updated to formula (11) in, multinomial F (x)=(S+m is recovered respectively1x+m2x2+…+mt-1xt-1) modq, then F (0)=S is taken to calculate separately out The inquiry content q and key k of user.
Wherein, ∏ indicates to be multiplied;
It can also be by { [q1,F(q1)],[q2,F(q2)],…,[qn,F(qn)] and { [k1,F(k1)],[k2,F (k2)],…,[kn,F(kn)] formula (12) is substituted into respectively, directly obtain S, i.e. the inquiry content q and key k of user.
After the inquiry content q for obtaining user, LBS service device can inquire what user needed according to anonymous region region POIs, POIs searching algorithm are as shown in algorithm 1.
User can be obtained by algorithm 1 and needs the interest point set Re inquired, while being w candidate result collection by Re points {Re1,Re2,…,Rew, and they are encrypted to obtain En using symmetric encipherment algorithm DES and key k respectivelyk(Rei)(i =1,2 ..., w), w≤N.Finally, LBS service device randomly chooses w Anonymizer from N number of Anonymizer and is carried out to candidate result collection Forwarding, the message for being transmitted to Anonymizer are:
Step 4:Anonymizer forwards and user's refinement result
W Anonymizer receives the forwarding request message of LBS service deviceAfterwards, user is forwarded it to respectively.It is anonymous The message that device is transmitted to user is:
User receives what w Anonymizer forwardedAfterwards, key k is used to decrypt w En firstk(Rei), owned Candidate result collection;Then exact position (the x of each POIs is concentrated according to all candidate resultsj,yj), user, which calculates, to be included in certainly Own query region【Centered on user location loc, R is the border circular areas of radius】Within POIs, obtain accurate query result.
The safety analysis of the present invention
In terms of the research of location privacy protection, according to the sensitive information that attacker obtains, at present than more typical attack Model mainly has strong attacker's challenge model and weak two class of attacker's challenge model.In strong challenge model, attacker can monitor The behavior record of specific user in whole system, it usually has many characteristics, such as of overall importance, passivity and time chronicity.This method Middle Anonymizer and LSP are likely to become potential strong attacker.In weak challenge model, there is attacker seldom user context to know Know, the attack of the type usually has many characteristics, such as locality, initiative and time transience.Usual attacker is by intercepting uneasiness Full wireless channel, it is intended to eavesdrop information and be inferred to the sensitive information of some users and attack.
The particular attack how Main Analysis AMA position service methods are resisted to attacker below, to obtain to user's rail The secret protection of mark.LSP and Anonymizer are thought of as strong attacker in this method, listener-in is weak attacker.Concrete analysis is such as Under:
1) attack of single Anonymizer is resisted
Challenge:Multiple Anonymizers are responsible for carrying out the position of user's difference query point between user and LBS service device Anonymity, and the information such as inquiry request, query result are forwarded.Anonymizer attempts as strong attacker from these data of user In be inferred to some sensitive informations, to disclose the movement locus of user.If single Anonymizer can definitely know user Inquiry content and the corresponding track of user, then the Anonymizer will win this game.
Theorem 1.AMA position service methods can resist the inference attack of single Anonymizer.
It proves:This method is divided into n one's shares of expenses for a joint undertaking respectively by shamir threshold schemes, by the inquiry content q of user and key k Information { Q1,Q2,...,Qn}、{K1,K2,...,Kn, then from N number of Anonymizer randomly choose n difference Anonymizers to they into Row forwarding.During this, as long as this n Anonymizer is not conspired, single Anonymizer cannot obtain user inquiry content q and Key k.However even if multiple Anonymizers are conspired, attacker can obtain the inquiry content q and key k of user, but hair every time Before sending inquiry, user can dynamically select user's assumed nameTherefore, in attacker cannot equally inquire user Hold the true identity ID of q and useruIt is associated.
User is sending inquiry requestWhen to Anonymizer,In contain the current assumed name of userUser location loc, the inquiry content of a share and key (Q1,K1) etc. relevant informations, send them to random selection An Anonymizer carry out it is anonymous.In this process, only there are one Anonymizers to be responsible for hideing to user location in N number of anonymity Name, attacker cannot obtain user trajectory from single Anonymizer.In query result returns to user procedures, w result subset Enk(Rei) be all encrypted using key k, Anonymizer does not have user key k, cannot decrypt the query results for obtaining user Re。
Therefore, from the above analysis, single Anonymizer is not sure to guess the inquiry content of user and corresponding Movement locus.
2) attack of LSP is resisted
Challenge:LSP manages the inquiry data of all users, and LSP attempts to inquire data from these users as strong attacker Some sensitive informations about user are inferred to, to disclose the exact position of user.If LSP can successfully guess finger The exact position for determining perhaps corresponding user in the inquiry of user, then LSP will win this game.
Theorem 2.AMA position service methods can resist the inference attack of LSP.
It proves:In AMA, the inquiry request message that user is transmitted to LSP through Anonymizer isIn Including user's assumed nameAnonymous region region, sub-information (Q1,K1), inquiry mark Qid, time threshold T and inquiry half Diameter R, from these information, LSP cannot obtain the exact position of user.Although LSP knows the position of user in the anonymity region In region, but in the anonymity region include at least K user, LSP can guess be some user probability at most only 1/K.
When LSP receives t sub-information (Qi,Ki) when, so that it may it is inquired with recovering user using Lagrange interpolation polynomials Content q, and the result set Re for obtaining point of interest is inquired according to q, region and the R.During this, LSP also just knows that the use Family needs the content q that inquires, and due to the use of assumed name mechanism, it can not be associated with specific user, at the same LSP according to Region can not obtain the specific location of user.Therefore, the data inquired by these users, LSP not can determine that user's The user for not measuring and needing corresponding to inquiry content is also guessed in exact position.
Therefore, from the above analysis, LSP cannot guess the inquiry content of designated user and its corresponding user's rail Mark.
3) attack of listener-in is resisted
Challenge:Weak attacker is by intercepting unsafe wireless channel, it is intended to some users are inferred to from these data Sensitive information, the query result of user is distorted in exact position or even attacker to disclose user intentionally.If weak attack Person knows the exact position of user or can successfully distort the query result of user, then weak attacker will win this game.
Theorem 3.AMA position service methods can resist the attack of listener.
It proves:The message that user is sent to Anonymizer isIt includes user's assumed nameUse Anonymizer Public keyEncrypted user current locationSub-information (Q1,K1) and the relevant informations such as anonymity degree K.From this In a little information, weak attacker does not have the private key of AnonymizerIt just cannot get the exact position of user.Meanwhile according to Shamir Limit scheme, weak attacker fromA sub-information (Q1,K1) in cannot restore the inquiry content of user.Even if it is logical The communication channel intercepted between other N-1 users and Anonymizer is crossed, the inquiry content of user can be recovered, but AMA schemes make With dynamic assumed name mechanism, it can not determine the real user corresponding to inquiry content.
In Anonymizer forwarding inquiries request messageDuring to LBS service device, weak attacker can only obtain use Family assumed nameOr recover user and need the content q inquired, it can not equally determine true corresponding to inquiry content User.
The results messages of user are returned in query resultIn, query results { Re1, Re2,…,RewEncrypted respectively using symmetric encipherment algorithm DES and key k, weak attacker does not have the key k of user, it The query results En for obtaining user cannot be decryptedk(Rei), useful information can not be obtained.
Therefore, from the above analysis, weak attacker can neither obtain the exact position of user, can not guess specified The inquiry content of user.
Advantageous effect:
The present invention proposes a kind of position service method based on the anonymity of more Anonymizers, and this method passes through in user and LSP Between dispose multiple Anonymizers, make user each continuous query point can be transferred through different Anonymizer carry out it is anonymous, simultaneously In conjunction with Shamir threshold schemes, dynamic assumed name mechanism and Random Maps mechanism, the position to user's continuous-query point is strengthened With the secret protection of inquiry content.Safety analysis shows that this method can resist the privacy of LSP, single Anonymizer and listener-in and attack It hits.User, by the way that AMA methods and Gedik, Hwang are carried out emulation experiment comparison, demonstrates the party in query process simultaneously Method has lower inquiry computing cost on single Anonymizer, and efficiently solves the single point failure and performance bottle of single Anonymizer Neck problem.The main advantages of the present invention as follows:
(1) by disposing multiple Anonymizers between user and LSP, random selection is different respectively hides for each query point Name device carries out anonymous.Attacker can not obtain the movement locus of user, strengthen and exist to user trajectory from single Anonymizer Secret protection in Anonymizer.
(2) the inquiry content of user is divided into n parts using Shamir threshold schemes, and Random Maps are sent to n difference LSP inquiries are relayed to after Anonymizer processing, and single Anonymizer does not know the inquiry content of user, strengthens and inquires user The secret protection of content.
(3) dynamic assumed name mechanism is utilized to reinforce user identity privacy.When user inquires every time, pass through continuous dynamic mapping vacation Name sends out forwarding inquiries request to Anonymizer, and attacker cannot obtain the true identity of user from single Anonymizer, even if multiple Anonymizer is conspired, and can not be obtained the true track of user, can not be obtained the trace information of user.
(4) anonymity is carried out by disposing multiple Anonymizers, in query result return course, result set passes through random selection N Anonymizer return to user.The failure of single Anonymizer can't influence the operation of whole system, single Anonymizer All anonymous processing during user's continuous-query will not be undertaken, the anonymity in TTP central server structures is efficiently solved Device single point failure risk and performance bottleneck problem.
Description of the drawings
Fig. 1 is the central server structure chart based on trusted third party
Fig. 2 is illustraton of model of the present invention
Fig. 3 is the present invention and Anonymizer performance comparison in existing method, and Fig. 3 (a) is time overhead, and Fig. 3 (b) is that communication is opened Pin.
Specific implementation mode
The present invention is described in more detail below in conjunction with the drawings and specific embodiments.
The invention discloses a kind of position service methods based on the anonymity of more Anonymizers, include the following steps:Mobile terminal Authentication, which is carried out, to authentic authentication center CA obtains assumed name;Shamir threshold schemes are utilized simultaneously, by the inquiry content of user It is divided into n one's share of expenses for a joint undertaking information;N step 2, mobile terminal random selection different Anonymizers carry out anonymity to user, and n one's shares of expenses for a joint undertaking are believed Breath is sent to LBS service device;Step 3, LBS service device, which polymerize first from n Anonymizer, receives t parts of information, according to Shamir Limit scheme recovers the inquiry content of user, then in LBS databases according to including in the inquiry content search anonymity region POIs;Step 4, LBS randomly choose w different Anonymizers and forward encrypted candidate result collection to mobile terminal;Step 5 is moved Dynamic terminal obtains accurate query result by filtering refinement.Present invention enhances user trajectory secret protections, also efficiently solve The single point failure risk of single Anonymizer.
Experiment and interpretation of result
This part mainly by experimental verification user's continuous-query when, AMA schemes relevant parameter variation under, to average meter The influence of evaluation time and communication overhead;And on the average calculation times of Anonymizer and average communication expense, with credible The Gedik schemes and Hwang schemes of tripartite's TTP structures carry out Experimental comparison.Experiment is used and is given birth to by Brinkhoff mobile objects It grows up to be a useful person, and using German Oldenburg city transportation network figure (region is 23.57Km × 26.92Km) as input, generates 10000 A mobile subscriber, searching user integrated data are random distributions.Experiment parameter setting is as shown in table 3.The hardware environment of experiment is: Intel (R) Core (TM) i5-4590 CPU@3.30GHz 3.30GHz, 4.00GB memories, operating system Microsoft Windows 7 is realized using MyEclipse development platforms with Java programming languages.
3 AMA experiment parameters of table are arranged
Parameter Description Value
m Difference inquiry number of users 10000
K Anonymous degree 10-100
POIs Point of interest number 5000-15000
N Anonymizer number 100
n Sub-information number 10-100
R Inquire radius 0.5-1.5km
Anonymizer performance comparison
This section is mainly from the average calculation times and communication overhead of single Anonymizer, and in trusted third party model Gedik, Hwang scheme carry out emulation experiment comparison.
As R=1, POIs=10000, n=50 and N=100, by change anonymity degree K, compare AMA methods and Influence of Gedik, Hwang method in single Anonymizer performance.From the figure 3, it may be seen that on the time and communication overhead of Anonymizer, AMA has less calculating and communication overhead relative to Gedik, Hwang, while as K values increase, AMA methods have apparent Advantage.Because user, in each query process, AMA methods are to randomly choose n Anonymizer from N number of Anonymizer to be jointly processed by The inquiry of user, and in Gedik, Hwang method, it only handles user's inquiry by an Anonymizer, so single anonymous On the average calculation times and communication overhead of device, AMA methods have great advantage relative to Gedik, Hwang method of TTP structures.

Claims (9)

1. a kind of position service method based on the anonymity of more Anonymizers, which is characterized in that include the following steps:
Step 1, user carry out identity registration by the mobile terminal of carrying to authentic authentication center CA;After identity registration passes through, CA is generated for user multiple assumed names and certificate and returns to user;Meanwhile the mobile terminal that user carries utilizes Shamir thresholdings The inquiry content of user is divided into n one's share of expenses for a joint undertaking information by scheme;
Step 2, user randomly choose n different Anonymizers, n≤N by the mobile terminal of carrying from N number of Anonymizer;And A sub-information and a randomly selected assumed name are sent to one of Anonymizer, are responsible for carrying out user by the Anonymizer Anonymity forms behind anonymous region and re-sends to LBS service device and inquired;Meanwhile other n-1 one's shares of expenses for a joint undertaking information being separately sent to Other n-1 Anonymizers re-send to LBS service device;
Step 3, LBS service device, which polymerize first from n Anonymizer, receives t parts of information, and use is recovered according to Shamir threshold schemes The inquiry content at family, then in LBS databases according to the POIs for including in the inquiry content search anonymity region, wherein n >= t;
Query result is divided into w candidate result collection by step 4, LBS service device, and is added respectively to it using user key It is close, w≤N;Then LBS service device randomly chooses w different Anonymizer from N number of Anonymizer, and forwards the w to add respectively by them The mobile terminal that close candidate result collection is carried to user;
The mobile terminal that step 5, user carry is respectively after w Anonymizer obtains w candidate result collection, by filtering refinement, Obtain accurate query result.
2. the position service method according to claim 1 based on the anonymity of more Anonymizers, which is characterized in that the step 1 In, user obtains assumed name and includes the following steps:
1) user service is registered, and when user uses position enquiring to service for the first time, is noted to CA by the mobile terminal of its carrying Volume:A random number r is selected first1As temporary key, and by itself and User Identity IDuIt is used together the public key of CA PKCACarry out asymmetric encryption, the login request message of generationIt is then forwarded to CA;Then, CA decrypts the note Volume request message, and a pair of of public and private key is generated to PK for the useruAnd SKu, and use the temporary key r of the user1To IDu、 PKuAnd SKuSymmetric cryptography is carried out, replying message for user is generatedIt returns again to and carries to user Mobile terminal;Finally, the mobile terminal temporary key r that user carries1Decrypt messageIt obtains PKuAnd SKuPublic and private key pair;
2) user service certification:User uses the private key SK of oneself first by the mobile terminal of its carryinguTo user identity IDu It is digitally signed to obtainAnd by oneself identity IDu, to IDuDigital signatureAnd it is random raw At temporary key r2It is used together the public key PK of CACAAsymmetric encryption is carried out, the request message of user is generatedAnd send it to CA;Then, its private key SK of CACADecoding request messageAnd use client public key PKuTo user identity IDuIt is digitally signed to obtainIfThen it is proved to be successful;
3) user's assumed name and certificates constructing and distribution:After being proved to be successful, CA randomly chooses two Hash seed HS firstu,1With HSu,2, and by they and user identity IDuThe common record information for generating user<IDu,HSu,1,HSu,2>, it is generated for user simultaneously M assumed name
H1,i=hashi(HSu,1)
H2,M+1-i=hashM+1-i(HSu,2)
Wherein,Indicate XOR operation;M >=L, L indicate the number of user's continuous-query on motion track;H1,iAnd H2,M+1-iRespectively It is user's Hash seed HSu,1、HSu,2Ith and the obtained hash chain of the M+1-i times Hash operation;
Then, the CA public key PK of oneselfCATo assumed nameIt is digitally signed to obtain corresponding certificateI.e.And use the temporary key r of user2Symmetric cryptographyWithGenerate assumed name messageReturn to user;Finally, user is with key r2DecryptionObtain assumed nameWith assumed name certificate
3. the position service method according to claim 1 based on the anonymity of more Anonymizers, which is characterized in that the step 1 In, the mobile terminal that user carries utilizes Shamir threshold schemes, and it includes following that the inquiry content of user, which is divided into n one's share of expenses for a joint undertaking information, Step:
First, it is a prime number to select a finite field gf (p), wherein p, and p > S;T-1 member is arbitrarily selected in GF (p) Plain mi(i=1,2 ..., t-1) constitutes t-1 rank multinomial F (x) as coefficient, which divides Information S, i.e. S=F (0);
Then, using inquiry content q as S, n non-zero and mutually different element q are selected at random in finite fieldjDistinguish as x Multinomial is substituted into, j=1,2 ..., n obtain n subquery content { [q1,F(q1)],[q2,F(q2)],…,[qn,F(qn)], Enable Qj=[qj,F(qj)], n subquery content is abbreviated as { Q1,Q2,…,Qn};
Using key k as S, n non-zero and mutually different element k are selected at random in finite fieldjIt is substituted into respectively as x above-mentioned Formula, j=1,2 ..., n obtain n sub-key { [k1,F(k1)],[k2,F(k2)],…,[kn,F(kn)], enable Kj=[kj,F (kj)], n sub-key is abbreviated as { K1,K2,…,Kn};
Thus n one's share of expenses for a joint undertaking information { (Q is obtained1,K1),(Q2,K2),…,(Qn,Kn)}。
4. the position service method according to claim 3 based on the anonymity of more Anonymizers, which is characterized in that the step 2 In, user is by mobile terminal from N number of Anonymizer A1,A2,…,ANThe method of middle random selection n different Anonymizers is:
Use the q in each sub-informationjAnd kjAs variable, constructs a hash function and to N modulus, reflected with obtaining the sub-information The Anonymizer number l being mapped to:
L=Hash (qj+kj) mod N (j=1,2 ..., n, l ∈ 1,2 ..., N })
In the above process, when being mapped to the identical Anonymizer of number if there is different sub-informations, it just will produce conflict;If hideing Name device number has conflict, then enables v=1, the Anonymizer number l that respective information MAP arrives is recalculated by following formula:
L=(Hash (qj+kj)+v) mod N (v=1,2 ..., N-1)
Conflict if the Anonymizer number obtained also has, enables v=v+1, continue through the formula and recalculate each self-information and reflect The Anonymizer number l being mapped to, until conflict is not present in obtained Anonymizer number.
5. the position service method according to claim 4 based on the anonymity of more Anonymizers, which is characterized in that the step 2 In, sub-information sending method is:
User in n different Anonymizers, randomly chooses j-th of Anonymizer by the mobile terminal of carrying, for user Carry out it is anonymous, and by the first one's share of expenses for a joint undertaking information (Q1,K1), randomly selected user's assumed nameAnd certificateIt is hidden with j-th The public key of name deviceEncrypted user current locationQuery identifier Qid, time threshold T, anonymity degree K and Inquiry radius R forms inquiry request message togetherIt is sent to j-th of Anonymizer;Simultaneously by query identifier QidWith Other n-1 sub-information { [(Q2,K2),Qid],[(Q3,K3),Qid],…,[(Qn,Kn),Qid] it is separately sent to other n-1 Different Anonymizers;
J-th of Anonymizer receives inquiry request messageAfterwards, it is decrypted first with its private keyObtain user position Loc is set, then according to other K-1 users near user current location loc, anonymity degree K selection users, is formed comprising K use The anonymous region region of the corresponding query region in family, finally by region withMiddle other information forms new inquiry Request messageIt is sent to LBS service device;Meanwhile other Anonymizers are also respectively by query identifier QidWith n-1 son Information { [(Q2,K2),Qid],[(Q3,K3),Qid],…,[(Qn,Kn),Qid] it is transmitted to LBS service device.
6. the position service method according to claim 5 based on the anonymity of more Anonymizers, which is characterized in that the step 3 In, LBS service device receives the inquiry request message of Anonymizer transmissionAfterwards, first by user's assumed nameAnd certificateIt is sent to CA to be verified, the CA private key SK of oneselfCATo user's assumed nameIt is digitally signed to obtainIfThen it is verified;Only when user's assumed nameWhen being verified, LBS service device just provides inquiry service to the user, otherwise stops service.
7. the position service method according to claim 6 based on the anonymity of more Anonymizers, which is characterized in that the step 3 In, after being verified, LBS service device first polymerize t in time threshold T has same queries identifier QidSub-information { (Q1, K1),(Q2,K2),…,(Qt,Kt) (t≤n), then by n subquery content { Q therein1,Q2,…,Qn, i.e. { [q1,F (q1)],[q2,F(q2)],…,[qn,F(qn)] it is used as n coordinate [xj,F(xj)], the multinomial in step 1 is recovered, this is more The constant term S of Xiang Shizhong is the inquiry content q of user;By n sub-key { K therein1,K2,…,Kn, i.e. { [k1,F (k1)],[k2,F(k2)],…,[kn,F(kn)] it is used as n coordinate [xj,F(xj)] multinomial in step 1 is recovered, this is more The constant term S of Xiang Shizhong is the key k of user.
8. the position service method according to claim 7 based on the anonymity of more Anonymizers, which is characterized in that the step 4 In, after the inquiry content q for obtaining user, LBS service device is searched first using anonymous region as query context in query context POIs, need the interest point set Re that inquires to obtain user;Then it is w candidate result collection { Re by Re points1,Re2,…, Rew, and they are encrypted to obtain En using symmetric encipherment algorithm and key k respectivelyk(Rei), wherein i=1,2 ..., w, w <N;Finally, LBS service device randomly chooses w Anonymizer from N number of Anonymizer, respectively by w Enk(Rei) be transmitted to user and take The mobile terminal of band.
9. the position service method according to claim 8 based on the anonymity of more Anonymizers, which is characterized in that the step 3 In, in the step 5, the mobile terminal that user carries obtains w En from w Anonymizer respectivelyk(Rei) after, key k is used first It is decrypted, all candidate result collection are obtained;Then position (the x of each POIs is concentrated according to all candidate resultsj,yj), The POIs being included within oneself query region is calculated, accurate query result is obtained.
CN201710829864.8A 2017-09-15 2017-09-15 A kind of position service method based on the anonymity of more Anonymizers Pending CN108632237A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710829864.8A CN108632237A (en) 2017-09-15 2017-09-15 A kind of position service method based on the anonymity of more Anonymizers

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710829864.8A CN108632237A (en) 2017-09-15 2017-09-15 A kind of position service method based on the anonymity of more Anonymizers

Publications (1)

Publication Number Publication Date
CN108632237A true CN108632237A (en) 2018-10-09

Family

ID=63705806

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710829864.8A Pending CN108632237A (en) 2017-09-15 2017-09-15 A kind of position service method based on the anonymity of more Anonymizers

Country Status (1)

Country Link
CN (1) CN108632237A (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110069945A (en) * 2019-04-11 2019-07-30 西华大学 A kind of method, apparatus and system of privacy of user protection
CN110191105A (en) * 2019-05-13 2019-08-30 南京赛宁信息技术有限公司 OpenStack encrypted link realization method and system
CN110543782A (en) * 2019-07-10 2019-12-06 暨南大学 Method and system for realizing desensitization of data set based on k-anonymity algorithm
CN110602145A (en) * 2019-09-30 2019-12-20 哈尔滨工程大学 Track privacy protection method based on location-based service
CN113032833A (en) * 2021-04-14 2021-06-25 同盾控股有限公司 User query method and device, storage medium and electronic equipment
CN113038360A (en) * 2019-12-23 2021-06-25 中移(苏州)软件技术有限公司 Information processing method, terminal equipment, server and storage medium
CN113051598A (en) * 2021-05-31 2021-06-29 统信软件技术有限公司 File access control method, file encryption method and computing device
CN115631529A (en) * 2022-12-16 2023-01-20 成方金融科技有限公司 Face feature privacy protection method, face recognition method and device
CN116015738A (en) * 2022-12-05 2023-04-25 北京航空航天大学 Privacy-protected anonymous network node query method, device, equipment and medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103618995A (en) * 2013-12-04 2014-03-05 西安电子科技大学 Position privacy protection method based on dynamic pseudonyms
WO2014126390A1 (en) * 2013-02-13 2014-08-21 아주대학교산학협력단 Safe monitoring technique for moving k-nearest queries in road network
CN104618896A (en) * 2015-01-07 2015-05-13 上海交通大学 Method and system for protecting location service privacy based on grid density
CN106059988A (en) * 2015-12-16 2016-10-26 湖南科技大学 Track privacy protection method for location-based service
CN106954182A (en) * 2017-03-13 2017-07-14 步步高电子商务有限责任公司 A kind of anonymous region generation method and location privacy protection method
CN107079025A (en) * 2014-11-12 2017-08-18 英特尔公司 Secure network asks anonymization

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014126390A1 (en) * 2013-02-13 2014-08-21 아주대학교산학협력단 Safe monitoring technique for moving k-nearest queries in road network
CN103618995A (en) * 2013-12-04 2014-03-05 西安电子科技大学 Position privacy protection method based on dynamic pseudonyms
CN107079025A (en) * 2014-11-12 2017-08-18 英特尔公司 Secure network asks anonymization
CN104618896A (en) * 2015-01-07 2015-05-13 上海交通大学 Method and system for protecting location service privacy based on grid density
CN106059988A (en) * 2015-12-16 2016-10-26 湖南科技大学 Track privacy protection method for location-based service
CN106954182A (en) * 2017-03-13 2017-07-14 步步高电子商务有限责任公司 A kind of anonymous region generation method and location privacy protection method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
SHAOBO ZHANG,GUOJUN WANG,QIN LIU: ""A Dual Privacy Preserving Scheme in Continuous Location-Based Services"", 《2017 IEEE TRUSTCOM/BIGDATASE/ICESS》 *

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110069945A (en) * 2019-04-11 2019-07-30 西华大学 A kind of method, apparatus and system of privacy of user protection
CN110069945B (en) * 2019-04-11 2021-02-26 西华大学 Method, device and system for protecting user privacy
CN110191105A (en) * 2019-05-13 2019-08-30 南京赛宁信息技术有限公司 OpenStack encrypted link realization method and system
CN110543782A (en) * 2019-07-10 2019-12-06 暨南大学 Method and system for realizing desensitization of data set based on k-anonymity algorithm
CN110543782B (en) * 2019-07-10 2022-03-29 暨南大学 Method and system for realizing desensitization of data set based on k-anonymity algorithm
CN110602145A (en) * 2019-09-30 2019-12-20 哈尔滨工程大学 Track privacy protection method based on location-based service
CN113038360A (en) * 2019-12-23 2021-06-25 中移(苏州)软件技术有限公司 Information processing method, terminal equipment, server and storage medium
CN113038360B (en) * 2019-12-23 2022-07-01 中移(苏州)软件技术有限公司 Information processing method, terminal equipment, server and storage medium
CN113032833A (en) * 2021-04-14 2021-06-25 同盾控股有限公司 User query method and device, storage medium and electronic equipment
CN113051598A (en) * 2021-05-31 2021-06-29 统信软件技术有限公司 File access control method, file encryption method and computing device
WO2022252449A1 (en) * 2021-05-31 2022-12-08 统信软件技术有限公司 File access control method, file encryption method, and computing device
CN116015738A (en) * 2022-12-05 2023-04-25 北京航空航天大学 Privacy-protected anonymous network node query method, device, equipment and medium
CN116015738B (en) * 2022-12-05 2024-04-12 北京航空航天大学 Privacy-protected anonymous network node query method, device, equipment and medium
CN115631529A (en) * 2022-12-16 2023-01-20 成方金融科技有限公司 Face feature privacy protection method, face recognition method and device
CN115631529B (en) * 2022-12-16 2023-04-28 成方金融科技有限公司 Face feature privacy protection method, face recognition method and device

Similar Documents

Publication Publication Date Title
CN108632237A (en) A kind of position service method based on the anonymity of more Anonymizers
Zhang et al. A trajectory privacy-preserving scheme based on a dual-K mechanism for continuous location-based services
Cho et al. Contact tracing mobile apps for COVID-19: Privacy considerations and related trade-offs
Eltayieb et al. A blockchain-based attribute-based signcryption scheme to secure data sharing in the cloud
Ni et al. Providing task allocation and secure deduplication for mobile crowdsensing via fog computing
Sun et al. User-defined privacy location-sharing system in mobile online social networks
Eskandarian et al. Express: Lowering the cost of metadata-hiding communication with cryptographic privacy
Wang et al. Panda: Public auditing for shared data with efficient user revocation in the cloud
Feng et al. An efficient privacy-preserving authentication model based on blockchain for VANETs
CN109039578A (en) Secret protection encryption method, information data processing terminal based on homomorphic cryptography
Sun et al. Towards privacy preservation for “check-in” services in location-based social networks
CN104219245B (en) System and method for location based service-orientated user privacy protection
Horng et al. An identity-based and revocable data-sharing scheme in VANETs
Yadav et al. Efficient and secure location-based services scheme in VANET
JP2009529714A (en) Method and system for decryptable and searchable encryption
CN107659580A (en) A kind of method for protecting track privacy based on double K mechanism
CN105933357A (en) Grid cell identifier matching based location-based service method
CN113905047A (en) Space crowdsourcing task allocation privacy protection method and system
Li et al. PROS: A privacy-preserving route-sharing service via vehicular fog computing
Hasan et al. WORAL: A witness oriented secure location provenance framework for mobile devices
WO2019179625A1 (en) Distributed data storage network nodes and methods
CN107767281A (en) A kind of friend-making matching method for secret protection and system based on two degree of human connections of mobile social networking
Wu et al. Dynamical credibility assessment of privacy-preserving strategy for opportunistic mobile crowd sensing
Ou et al. An Efficient and Privacy‐Preserving Multiuser Cloud‐Based LBS Query Scheme
Nisha et al. A novel privacy protection scheme for location-based services using collaborative caching

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20181009

WD01 Invention patent application deemed withdrawn after publication