CN109446836A - A kind of social networks personal information propagation access control method - Google Patents

A kind of social networks personal information propagation access control method Download PDF

Info

Publication number
CN109446836A
CN109446836A CN201811171337.3A CN201811171337A CN109446836A CN 109446836 A CN109446836 A CN 109446836A CN 201811171337 A CN201811171337 A CN 201811171337A CN 109446836 A CN109446836 A CN 109446836A
Authority
CN
China
Prior art keywords
role
node
access control
social networks
good friend
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201811171337.3A
Other languages
Chinese (zh)
Other versions
CN109446836B (en
Inventor
潘理
吴宇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Jiaotong University
Original Assignee
Shanghai Jiaotong University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Jiaotong University filed Critical Shanghai Jiaotong University
Priority to CN201811171337.3A priority Critical patent/CN109446836B/en
Publication of CN109446836A publication Critical patent/CN109446836A/en
Application granted granted Critical
Publication of CN109446836B publication Critical patent/CN109446836B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Systems or methods specially adapted for specific business sectors, e.g. utilities or tourism
    • G06Q50/01Social networking
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Economics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Databases & Information Systems (AREA)
  • Computing Systems (AREA)
  • Medical Informatics (AREA)
  • Software Systems (AREA)
  • Human Resources & Organizations (AREA)
  • Marketing (AREA)
  • Primary Health Care (AREA)
  • Strategic Management (AREA)
  • Tourism & Hospitality (AREA)
  • General Business, Economics & Management (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention discloses a kind of social networks personal information to propagate access control method, is related to social networks secret protection field.Characterized by comprising the following steps: S0, selected center user;S1, the related data for obtaining all good friends of central user simultaneously pre-process;S2, corresponding role set is obtained to the automatic network progress clustering of the central user using role's mining algorithm;S3, it is based on permission maximization principle using the transmission capacity of role as access control factor using authority distribution management method and automation authority distribution is implemented to corresponding role;Final authority distribution result and RBAC model described in S4, S3 blend, and obtain access control policy, realize that personal information propagates access control.The present invention can either ensure the basic privacy requirements of user, additionally it is possible to promote sharing exchange behavior safer in social networks.

Description

A kind of social networks personal information propagation access control method
Technical field
The present invention relates to social networks secret protection field more particularly to the social networks of role-base access control frame Personal information propagates access control method.
Background technique
As one of the core content in the field social network analysis (Online Social Network Analysis), society The secret protection for handing over personal data in network is always heat subject.With the information splitting glass opaque of user and day in social networks All to increase, the spread scope of personal information becomes more extensively, to cause highest attention of the user to personal data secret protection.So And the spread scope of shared information be for users it is unforeseen, this is caused to the user of privacy aware to a certain degree Very big puzzlement.Therefore it needs according to user demand using access control technology come restricted information spread scope.
For the relevant research of social networks secret protection at this stage, the access control technology towards online social networks It is to solve the most common means of Privacy Protection, however use the existing access control technology towards online social networks simultaneously It not can solve the above problem, be mainly faced with two difficult points: first is that as the main body quantity for needing to manage is more and more huger Greatly, how tactful automatic configuration and management easily to be carried out;Second is that suitable controlling element how is chosen, so that access control Strategy can quantify the spread scope of shared information, to meet the privacy aware demand of user.Therefore, it is necessary to design a kind of adaptation In the method for information dynamic communication, letter can be limited using corresponding access control technology according to the privacy aware demand of user Cease spread scope.
The invention proposes a kind of, and the social networks personal information towards secret protection propagates access control method, realizes The information of role-base access control propagates management framework, and solves two critical issues of its application: first is that how Suitable role set is obtained, and weighs its granularity and applicability;Second is that how the licensing scheme of design science, with generate be based on The access control policy that constraint information is propagated.
Summary of the invention
In view of the above drawbacks of the prior art, the technical problem to be solved by the present invention is to how obtain suitable role Collection, and weigh its granularity and applicability;How the licensing scheme of design science, to generate the access propagated based on constraint information Control strategy.
User forms principal contradiction to the secret protection conscious need of information sharing and the non-intellectual of information spread scope, In order to solve above-mentioned contradiction, the present invention passes through Role-based access control model (RBAC:Role Based Access Control), propose a kind of frame realized social network user information and propagate management: privacy aware personal information propagates pipe It manages frame (PPIPM:Privacy-aware Personal Information Propagation Management), the frame Frame measures privacy of user consciousness from the angle of information spread scope, and then realizes based on the information sharing privacy for propagating constraint Protection, meets privacy of user conscious need.
To achieve the above object, access control method is propagated the present invention provides a kind of social networks personal information to propose The innovative approach of two cores: role's mining algorithm (RMPM:Role Mining for Propagation Management), And accordingly based on the authority distribution management method (MAPM:Maximum-permission based on permission maximization principle Authorization for Propagation Management)。
In better embodiment of the invention, the above-mentioned social networks towards secret protection is realized by following steps Personal information propagates access control method:
S0, selected center user;
S1, the related data for obtaining all good friends of central user simultaneously pre-process;
S2, corresponding role is obtained to the automatic network progress clustering of the central user using role's mining algorithm Collection;
S3, it is maximum to be based on using the transmission capacity of role as access control factor using authority distribution management method for permission Change principle and automation authority distribution is implemented to corresponding role;
Final authority distribution result and RBAC model described in S4, S3 blend, and obtain access control policy, realize a People's information propagates access control.
Further, central user v described in S1, automatic network (Ego Network) are Gv=(Vv,Ev), to each good Friendly node u ∈ Vv, the related data of acquisition.Wherein, VvThe node set being made of all good friends of center user v, EvFor in The line set that connection relationship between all good friends of heart user v is constituted.
Further, the related data includes:
1) side connection relationship set: Edgeu={ edgeuw=0or 1 | w ≠ u, w, u ∈ Vv,
Wherein, edgeuwFor the direct connection relationship of node u and w, w is node set VvIn arbitrary node in addition to u, u For currently assigned good friend's node;
2) attributive character set: Attru={ attrui| i ∈ [1, K] },
Wherein, attruiFor the ith attribute value of good friend's node u, i is attributive character sequence subscript, and K is attributive character Total quantity;
3) adjacent node set: Egou=w | w ≠ v, w ∈ Vu, wherein VuIt is the corresponding automatic network G of node uuIn section Point set, w are node set VvIn arbitrary node in addition to u.
Further, role's mining algorithm described in S2 is RMPM, the attributive character of comprehensive consideration good friend's node, side connection Topological structure and propagation characteristic carry out clustering for the automatic network of central user, complete role and excavate.
Further, it is strong association and weak rigidity by good friend's Node:
Strong association (StrongAssociation), with the side connection relationship between social networks topological structure interior joint come Characterization, for two good friend's node u, w ∈ V, V are as follows: front VvWrite a Chinese character in simplified form, if indicate good friend's node set edgeuw==1, then For Qiang Guanlian.
Weak rigidity (WeakAssociation), is described with weighted association degree, is that attributes similarity is similar with propagation characteristic The weighted metric of degree, for two good friend u, w ∈ V, weighted association degree is weightuw=α * Jacuw+(1-α)*Comuw, wherein α is related coefficient,
RMPM role's mining algorithm, for good friend node u ∈ V, side connection relationship set Edgeu={ edgeuw= 0or1 | w ≠ u, w ∈ V } characterization and the strong incidence relations of other nodes, weighted association degree set Weightu={ weightuw|w≠ U, w ∈ V } characterization and the weak rigidity degree of other nodes;Each role role defines corresponding degree of association setTo characterize the weak rigidity degree between role.
Further, the clustering includes the following steps:
S21, it will be provided with being associated with by force and two nodes of weak rigidity to a certain degree are combined, obtain matched node pair Pair (u, w), set are denoted as PairsV, and form corresponding initial roles rolei,i∈[1,||PairsV| |], it is remaining Isolated node also respectively constitutes corresponding initial roles rolej,j∈[1,||V||-||PairsV| |], wherein V are as follows: front Vv's It writes a Chinese character in simplified form, indicates good friend's node set, finally obtain role set under pretreated original state:
Roles0={ role1 0,role2 0,...,rolei 0,rolei+1 0,...,rolei+j 0};
S22, the Roles under current statetTwo role role are taken out in role's set of (original state t=0)i t, rolej t, it is assumed that they separately include m, and n node takes respectivelyDegree of association set Rweight in preceding n (m) , it is denoted asWith
If S23, role rolei t,rolej tIn at least respectively there is half node to be belonging respectively toWithI.e. Meet:AndS24 is so executed, S22 is otherwise come back to;
S24, by rolei t,rolej tMerge, obtains new roleAnd it is added to set Rolest, simultaneously willIt removes, updates set RolestIn all role roletDegree of association set Rweight, into NextState t= t+1;
S25, S22 is repeated back to, terminated when role's set Roles no longer changes.
Further, authority distribution management method is MAPM in S3.
Further, permission maximization principle (Maximum-permission Principle) in S3 are as follows:
For the information of central user publication, under the constraint for meeting privacy of user conscious need, good friend is carried out automatic Change authority distribution, more suitable good friend's nodes is allowed to possess the permission for accessing the information, so that complying with social networks shares exchange Main trend.
Further, specifically automation authority distribution process includes:
The social network environment of S31, the information issued according to central user, selected information propagation model, and it is based on the mould Type calculates the transmission capacity of all roles in role set:
Successively using good friend's node representated by each role as subset, calculates the information after these activate subset and pass The range broadcast, and by each role roleiSpread scope InfiIt is normalized, the transmission capacity as corresponding role Value.
Assuming that the spread scope being calculated is Inf when nodes all in automatic network are simultaneously activatedupper, then roleiCorresponding transmission capacity RPCiFor
S32, using the transmission capacity RPC of role as access control factor, authority distribution problem form is turned to optimization The problem of:
s.t.∑RPCi*xi≤δm
Wherein, ScoreiFor role roleiScore value (total quantity etc. of the included good friend of standards of grading such as role), xiFor indicator variable, role role is indicatediWhether it is authorized to, δmIt is center user for the privacy aware degree for the m that gives out information Value;
S33, solve above-mentioned optimization problem, which belongs to NP-Complete problem, be a kind of Combinatorial Optimization class most Optimization problem selects dynamic programming algorithm to obtain approximate optimal solution;
Specifically, the dynamic programming algorithm can find out globally optimal solution, but be converted into above-mentioned optimization from former problem When problem, constraint condition has been carried out micro process (make its can calculating), thus the optimal solution found out be former problem it is approximate most Excellent solution.
S34, according to the approximate optimal solution, licensing scheme based on RBAC carries out role-security distribution.
Further, authority distribution result described in S4 is blended with RBAC model, the access control plan formalized Slightly, implement distributed information and propagate control, meet privacy of user conscious need.
Compared with prior art, the invention has the following advantages:
1, management framework PPIPM is propagated using the information of role-base access control, it can be by access control main body by a People is changed into role, so that the theme quantity controlled is needed to greatly reduce, reduces tactical management complexity;And its authorization machine System, can express arbitrarily complicated control strategy relatively simplely, and the privacy aware for being adapted to user's complexity under varying environment needs It asks;
2, using a kind of novel role's mining algorithm (RMPM), which not only allows for the attributive character and Bian Lian of node Topological structure is connect, the propagation characteristic of node is also incorporated into division factor, so that division result is more applicable for passing based on information The management framework PPIPM broadcast.
3, the authority distribution administrative mechanism (MAPM) based on permission maximization principle, can either ensure the basic privacy of user Demand, additionally it is possible to promote sharing exchange behavior safer in social networks, to comply with social networks high speed development, so that a The benefiting from property that people's information propagates access control method is more extensive.
It is described further below with reference to technical effect of the attached drawing to design of the invention, specific structure and generation, with It is fully understood from the purpose of the present invention, feature and effect.
Detailed description of the invention
Fig. 1 is that the social networks personal information of a preferred embodiment of the invention propagates access control method flow chart;
Fig. 2 is an actual propagation control ability comparison diagram between preferred embodiment and the prior art of the invention;
Fig. 3 is an authority distribution management benefit comparison diagram between preferred embodiment and the prior art of the invention.
Specific embodiment
Multiple preferred embodiments of the invention are introduced below with reference to Figure of description, keep its technology contents more clear and just In understanding.The present invention can be emerged from by many various forms of embodiments, and protection scope of the present invention not only limits The embodiment that Yu Wenzhong is mentioned.
As shown in Figure 1, the social networks personal information for present embodiments providing a kind of role-base access control frame passes Access control method is broadcast, this method comprises the following steps:
S0, selected center user;
The selected central user of S1, basis, obtains the related data of its all good friend and pre-processes;
Central user v, automatic network (Ego Network) are Gv=(Vv,Ev), to each good friend's node u ∈ Vv, obtain Related data.
Further, the related data includes:
1) side connection relationship set: Edgeu={ edgeuw=0or 1 | w ≠ u, w, u ∈ Vv};
2) attributive character set: Attru={ attrui| i ∈ [1, K] }, wherein K is the total quantity of attributive character;
3) adjacent node set: Egou=w | w ≠ v, w ∈ Vu, wherein VuIt is the corresponding automatic network G of node uuIn section Point set.
S2, the automatic network progress clustering of central user is obtained using RMPM role's mining algorithm proposed by the present invention To corresponding role set;
Attributive character, side connection topological structure and the propagation spy of RMPM role's mining algorithm comprehensive consideration good friend's node Property, clustering is carried out for the automatic network of central user, role is completed and excavates.It is strong association and weak pass by good friend's Node Connection:
Strong association (Strong Association), with the side connection relationship between social networks topological structure interior joint come Characterization, for two good friend's node u, w ∈ V, if edgeuw==1 is then Qiang Guanlian.
Weak rigidity (WeakAssociation), is described with weighted association degree, is that attributes similarity is similar with propagation characteristic The weighted metric of degree, for two good friend u, w ∈ V, weighted association degree is weightuw=α * Jacuw+(1-α)*Comuw,
Wherein
RMPM role's mining algorithm, for good friend node u ∈ V, side connection relationship set Edgeu={ edgeuw= 0or1 | w ≠ u, w ∈ V } characterization and the strong incidence relations of other nodes, weighted association degree set Weightu={ weightuw|w≠ U, w ∈ V } characterization and the weak rigidity degree of other nodes;Each role role defines corresponding degree of association setTo characterize the weak rigidity degree between role.
Further, the clustering includes the following steps:
S21, it will be provided with being associated with by force and two nodes of weak rigidity to a certain degree are combined, obtain matched node pair Pair (u, w), set are denoted as PairsV, and form corresponding initial roles rolei,i∈[1,||PairsV| |], it is remaining Isolated node also respectively constitutes corresponding initial roles rolej,j∈[1,||V||-||PairsV||].It finally obtains pretreated Role set Roles under original state0={ role1 0,role2 0,...,rolei 0,rolei+1 0,...,rolei+j 0};
S22, the Roles under current statetTwo role role are taken out in role's set of (original state t=0)i t, rolej t, it is assumed that they separately include m, and n node takes respectivelyDegree of association set Rweight in preceding n (m) , it is denoted asWith
If S23, role rolei t,rolej tIn at least respectively there is half node to be belonging respectively toWithI.e. Meet:AndS24 is so executed, S22 is otherwise come back to;
S24, by rolei t,rolej tMerge, obtains new roleAnd it is added to set Rolest, simultaneously willIt removes, updates set RolestIn all role roletDegree of association set Rweight, into NextState t= t+1;
S25, S22 is repeated back to, terminated when role's set Roles no longer changes.
S3, using MAPM authority distribution management method proposed by the present invention, using the transmission capacity of role as access control Factor implements automatically authority distribution to corresponding role based on permission maximization principle;
Permission maximization principle (Maximum-permission Principle) are as follows:
For the information of central user publication, under the constraint for meeting privacy of user conscious need, good friend is carried out automatic Change authority distribution, more suitable good friend's nodes is allowed to possess the permission for accessing the information, so that complying with social networks shares exchange Main trend.
Further, specifically automation authority distribution process includes:
The social network environment of S31, the information issued according to central user, selected information propagation model, and it is based on the mould Type calculates the transmission capacity of all roles in role set:
Successively using good friend's node representated by each role as subset, calculates the information after these activate subset and pass The range broadcast, and by each role roleiSpread scope InfiIt is normalized, the transmission capacity as corresponding role Value.
Assuming that the spread scope being calculated is Inf when nodes all in automatic network are simultaneously activatedupper, then roleiCorresponding transmission capacity RPCiFor
S32, using the transmission capacity RPC of role as access control factor, asked so that authority distribution problem form is turned to The problem of solution optimizes:
s.t.∑RPCi*xi≤δm
Wherein, it indicates whether authorized for indicator variable expression role roleiWhether it is authorized to;
S33, solve above-mentioned optimization problem, which belongs to NP-Complete problem, be a kind of Combinatorial Optimization class most Optimization problem selects dynamic programming algorithm to obtain approximate optimal solution;
Specifically, the dynamic programming algorithm can find out globally optimal solution, but be converted into above-mentioned optimization from former problem When problem, constraint condition has been carried out micro process (make its can calculating), thus the optimal solution found out be former problem it is approximate most Excellent solution.
S34, according to the approximate optimal solution, licensing scheme based on RBAC carries out role-security distribution.
S4, according to final authority distribution as a result, obtain the access control policy based on RBAC, realize that personal information is propagated Control, meets privacy of user conscious need;
Authority distribution result is blended with RBAC model, the access control policy formalized, implements distributed information Control is propagated, privacy of user conscious need is met.
The validity of the present embodiment can be further illustrated by following emulation experiment.It should be noted that experiment The parameter of middle application does not influence generality of the invention.
1) simulated conditions:
CPU:CoreTMI52.80GHz, RAM6.00GB, operating system Ubuntu14.04LTS, design of Simulation language Say Java, C++.
2) emulation content:
The data set that simulation process uses is the Facebook data set that SNAP is provided, this data set is by Facebook's " circle " (or " list of friends ") composition.APP carries out associated user and investigates collection in the practical Facebook of the data set It arrives, contains nodal community feature, topological structure and EgoNetwork of user etc..The network constructed by the data set Share 4039 nodes and 88234 sides.
Herein in entire experiment, user v centered on one of node is had chosen, and obtain its EgoNetwork (including 66 good friend's nodes).About related data of good friend's node, such as attributive character, topological structure, propagation characteristic etc., It needs to carry out processing calculating to data set in advance.
In experimentation, for the ease of measuring user to the privacy aware of information sharing from dynamic propagation angle, we are false The user that centers has issued 9 message ms respectively1,m2,...,m9, corresponding privacy aware degree is respectively as follows: δm1=0.1, δm2= 0.2,...,δm9=0.9.Role's excavation is first carried out using automatic network of the RMPM algorithm to central user, obtains corresponding role Collection.Then the OSN propagation model for utilizing independent cascade model, quantifies the transmission capacity of these roles, and as RBAC's Governing factor considers user in different privacy aware degree δmIn the case of, corresponding access control policy is respectively obtained, and divide Analyse the restriction effect that the information actually generated is propagated.
Experiment, which is had chosen over, has the prediction models of several classics in work as a comparison: circle of friends partitioning algorithm SCCluster, community discovery algorithm CESNA.It devises following comparative experiments: RMPM and SCCluster is compared, verifying will section Point propagation characteristic is included in the validity of calculating;RMPM and CESNA is compared, the applicability of PPIPM frame is assessed.Therefore respectively will Above two algorithm is input in PPIPM frame automatic network division result as role set, generates corresponding access control plan Slightly, by comparing the binding effect of actual information spread scope, the validity of role's mining algorithm RMPM is verified, and assess entire The applicability of frame.
Fig. 2 illustrates actual propagation range (figure line Standard indicates threshold value), and Fig. 3 illustrates authorization good friend's ratio.From From the point of view of the transmission capacity quantized result of role, the average propagation ability that three kinds of algorithms correspond to role set is close, is respectively as follows:Show that the transmission capacity of the good friend of the user is lower , or it is too conservative for Communications Propensity.In Fig. 2 the results show that for the different messages that user issues, the reality of user sharing information Border spread scope is under the constraint of corresponding access control policy without departing from threshold value, it was confirmed that the feasibility of PPIPM.It is tied in Fig. 3 Fruit shows, (removes δ under nearly all different privacy of user degree of consciousnessm=0.3), the corresponding authorization number ratio of RMPM is high In SC Cluster and CESNA, it is more in line with permission maximization principle.By comparing in Fig. 2,3 as a result, discovery CESNA with Relatively, and SC Cluster ratio RMPM is far short of what is expected, especially works as δ by RMPMmWhen=0.5~0.9, SC Cluster and threshold Value δmDeviation is too big.It was noted that working as δmWhen=0.3, CESNA is corresponded in result, and actual propagation range is very close to threshold value In the case of, donor, which counts, has showed steep increasing situation, and this unstability can bring information spread scope in practical application to exceed The risk of privacy of user conscious need.
In summary experimental contrast analysis, the final effect ratio RMWP algorithm using the algorithm of SC Cluster is far short of what is expected, RMWP algorithm of the invention is shown more suitable for PPIPM frame;Although CESNA algorithm is stablized not as good as RMWP, general effect It is more close, it illustrates that the frame has preferable applicability, can be selected according to demand not when practical application is disposed With role's mining algorithm, it was demonstrated that the model, which propagates control to personal information, has higher accuracy and well extension Property.
The preferred embodiment of the present invention has been described in detail above.It should be appreciated that the ordinary skill of this field is without wound The property made labour, which according to the present invention can conceive, makes many modifications and variations.Therefore, all technician in the art Pass through the available technology of logical analysis, reasoning, or a limited experiment on the basis of existing technology under this invention's idea Scheme, all should be within the scope of protection determined by the claims.

Claims (10)

1. a kind of social networks personal information propagates access control method, which comprises the following steps:
S0, selected center user;
S1, the related data for obtaining all good friends of central user simultaneously pre-process;
S2, corresponding role set is obtained to the automatic network progress clustering of the central user using role's mining algorithm;
S3, it is maximized based on permission former using authority distribution management method using the transmission capacity of role as access control factor Automation authority distribution then is implemented to corresponding role;
Final authority distribution result and RBAC model described in S4, S3 blend, and obtain access control policy, realize personal letter Breath propagates access control.
2. social networks personal information as described in claim 1 propagates access control method, which is characterized in that use at the center Family v, automatic network (Ego Network) are Gv=(Vv,Ev), to each good friend's node u ∈ Vv, the related data is obtained, In, VvThe node set being made of all good friends of center user v, EvConnection between all good friends of center user v is closed It is constituted line set.
3. social networks personal information as claimed in claim 1 or 2 propagates access control method, which is characterized in that the phase Closing data includes:
1) side connection relationship set: Edgeu={ edgeuw=0 or 1 | w ≠ u, w, u ∈ Vv,
Wherein, edgeuwFor the direct connection relationship of node u and w, w is node set VvIn arbitrary node in addition to u, u is to work as Preceding specified good friend's node;
2) attributive character set: Attru={ attrui| i ∈ [1, K] },
Wherein, attruiFor the ith attribute value of good friend's node u, i is attributive character sequence subscript, and K is the sum of attributive character Amount;
3) adjacent node set: Egou=w | w ≠ v, w ∈ Vu, wherein VuIt is the corresponding automatic network G of node uuIn node collection It closes, w is node set VvIn arbitrary node in addition to u.
4. social networks personal information as claimed in claim 3 propagates access control method, which is characterized in that the role digs Pick algorithm is RMPM algorithm, and the RMPM algorithm synthesis considers the attributive character of good friend's node, side connection topological structure and biography Characteristic is broadcast, clustering is carried out for the automatic network of central user, completes role and excavate.
5. social networks personal information as claimed in claim 4 propagates access control method, which is characterized in that good friend's section Point is converted into strong association and weak rigidity:
Strong association (StrongAssociation), is characterized with the side connection relationship between social networks topological structure interior joint, For two good friend's node u, w ∈ V, if edgeuw==1 is then Qiang Guanlian;
Weak rigidity (WeakAssociation), is described with weighted association degree, is attributes similarity and propagation characteristic similarity Weighted metric, for two good friend u, w ∈ V, wherein V VvWrite a Chinese character in simplified form, indicate good friend's node set, weighted association degree is weightuw=α * Jacuw+(1-α)*Comuw,
Wherein, α is related coefficient,
6. social networks personal information as described in claim 1 propagates access control method, which is characterized in that the angle RMPM Color mining algorithm, for good friend node u ∈ V, wherein V VvWrite a Chinese character in simplified form, indicate good friend's node set, side connection relationship set Edgeu={ edgeuw=0 or 1 | w ≠ u, w ∈ V } characterization and the strong incidence relations of other nodes, weighted association degree set Weightu={ weightuw| w ≠ u, w ∈ V } characterization and the weak rigidity degree of other nodes;Each role role, definition are opposite The degree of association set answeredTo characterize the weak rigidity degree between role.
7. social networks personal information as claimed in claim 4 propagates access control method, which is characterized in that the cluster is drawn Divide and includes the following steps:
S21, it will be provided with being associated with by force and two nodes of weak rigidity to a certain degree are combined, obtain matched node to Pair (u, w), set are denoted as PairsV, and form corresponding initial roles rolei,i∈[1,||PairsV| |], it is remaining isolated Node also respectively constitutes corresponding initial roles rolej,j∈[1,||V||-||PairsV| |], wherein V VvWrite a Chinese character in simplified form, indicate Good friend's node set finally obtains role set under pretreated original state:
Roles0={ role1 0,role2 0,...,rolei 0,rolei+1 0,...,rolei+j 0};
S22, two role role are taken out from role's set of Rolest (original state t=0) under current statei t,rolej t, It is assumed that they separately include m, n node takes respectivelyDegree of association set Rweight in preceding n (m) item, note MakeWith
If S23, role rolei t,rolej tIn at least respectively there is half node to be belonging respectively toWithIt is i.e. full Foot:AndS24 is so executed, S22 is otherwise come back to;
S24, by rolei t,rolej tMerge, obtains new roleAnd it is added to set Rolest, simultaneously willIt moves It removes, updates set RolestIn all role roletDegree of association set Rweight, into NextState t=t+1;
S25, S22 is repeated back to, terminated when role's set Roles no longer changes.
8. social networks personal information as described in claim 1 propagates access control method, which is characterized in that the permission point It is MAPM with management method.
9. social networks personal information as claimed in claim 8 propagates access control method, which is characterized in that the permission is most Bigization principle are as follows: for the information of central user publication, under the constraint for meeting privacy of user conscious need, good friend is saved Point carries out automation authority distribution.
10. social networks personal information as described in claim 1 or 9 propagates access control method, which is characterized in that it is described from Dynamicization authority distribution process includes:
The social network environment of S31, the information issued according to central user, selected information propagation model, and count based on this model Calculate the transmission capacity of all roles in role set:
Successively using good friend's node representated by each role as subset, calculate what the information after these activate subset was propagated Range, and by each role roleiSpread scope InfiIt is normalized, the transmission capacity value as corresponding role.
Assuming that the spread scope being calculated is Inf when nodes all in automatic network are simultaneously activatedupper, then roleiIt is right The transmission capacity RPC answerediFor
S32, using the transmission capacity RPC of role as access control factor, authority distribution problem form is turned to asking for optimization Topic:
s.t.∑RPCi*xi≤δm
Wherein, ScoreiFor role roleiScore value (total quantity etc. of the included good friend of standards of grading such as role), xiFor Indicator variable indicates role roleiWhether it is authorized to, δmIt is center user for the privacy aware degree value for the m that gives out information;
S33, above-mentioned optimization problem is solved, it is a kind of optimization of Combinatorial Optimization class which, which belongs to NP-Complete problem, Problem selects dynamic programming algorithm to obtain approximate optimal solution;
Specifically, the dynamic programming algorithm can find out globally optimal solution, but be converted into above-mentioned optimization problem from former problem When, constraint condition has been carried out micro process (make its can calculating), thus the optimal solution found out is the approximate optimal solution of former problem.
S34, according to the approximate optimal solution, licensing scheme based on RBAC carries out role-security distribution.
CN201811171337.3A 2018-10-09 2018-10-09 Social network personal information propagation access control method Active CN109446836B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811171337.3A CN109446836B (en) 2018-10-09 2018-10-09 Social network personal information propagation access control method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811171337.3A CN109446836B (en) 2018-10-09 2018-10-09 Social network personal information propagation access control method

Publications (2)

Publication Number Publication Date
CN109446836A true CN109446836A (en) 2019-03-08
CN109446836B CN109446836B (en) 2022-02-15

Family

ID=65545595

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811171337.3A Active CN109446836B (en) 2018-10-09 2018-10-09 Social network personal information propagation access control method

Country Status (1)

Country Link
CN (1) CN109446836B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110347933A (en) * 2019-06-12 2019-10-18 西安交通大学 A kind of ego network social intercourse circle recognition methods
CN111064800A (en) * 2019-12-26 2020-04-24 杭州云象网络技术有限公司 Block chain technology-based safe vehicle contact social network construction method

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106202614A (en) * 2016-06-24 2016-12-07 四川大学 The method that anomalous structure evolution in dynamic network finds
US20170169095A1 (en) * 2015-12-15 2017-06-15 Yahoo! Inc. Method and system for mapping notable entities to their social profiles

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170169095A1 (en) * 2015-12-15 2017-06-15 Yahoo! Inc. Method and system for mapping notable entities to their social profiles
CN106202614A (en) * 2016-06-24 2016-12-07 四川大学 The method that anomalous structure evolution in dynamic network finds

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
章迪 等: "基于社交圈的信息分享策略研究", 《通信技术》 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110347933A (en) * 2019-06-12 2019-10-18 西安交通大学 A kind of ego network social intercourse circle recognition methods
CN111064800A (en) * 2019-12-26 2020-04-24 杭州云象网络技术有限公司 Block chain technology-based safe vehicle contact social network construction method
CN111064800B (en) * 2019-12-26 2022-04-19 杭州云象网络技术有限公司 Block chain technology-based safe vehicle contact social network construction method

Also Published As

Publication number Publication date
CN109446836B (en) 2022-02-15

Similar Documents

Publication Publication Date Title
Lin et al. ELECTRE II method to deal with probabilistic linguistic term sets and its application to edge computing
Tang et al. Iot passport: A blockchain-based trust framework for collaborative internet-of-things
Du et al. Resource pricing and allocation in MEC enabled blockchain systems: An A3C deep reinforcement learning approach
Cui et al. An efficient and compacted DAG-based blockchain protocol for industrial Internet of Things
Zhang et al. A trust model for multimedia social networks
CN105025012B (en) Towards the access control system and its access control method of cloud storage service platform
CN111125779A (en) Block chain-based federal learning method and device
Marudhadevi et al. A trust evaluation model for cloud computing using service level agreement
Cho Dynamics of uncertain and conflicting opinions in social networks
Alexopoulos et al. Towards secure distributed trust management on a global scale: An analytical approach for applying distributed ledgers for authorization in the IoT
Esposito et al. Trust management for distributed heterogeneous systems by using linguistic term sets and hierarchies, aggregation operators and mechanism design
CN109446836A (en) A kind of social networks personal information propagation access control method
Gai et al. Trust chain driven bidirectional feedback mechanism in social network group decision making and its application in Metaverse virtual community
CN104009993A (en) Trust evaluation method based on fuzzy filtration
Yu et al. User-centric heterogeneous-action deep reinforcement learning for virtual reality in the metaverse over wireless networks
Jain et al. Blockchain based smart contract for cooperative spectrum sensing in cognitive radio networks for sustainable beyond 5G wireless communication
De Salve et al. A privacy-aware framework for decentralized online social networks
Mezzetti A socially inspired reputation model
Din et al. Swarmtrust: A swarm optimization-based approach to enhance trustworthiness in smart homes
Fu et al. Preferential information dynamics model for online social networks
Kim Behavioral learning game for socio-physical IoT connections
Liu et al. A trust evaluation model for dynamic authorization
Ren et al. Complex social contagions on weighted networks considering adoption threshold heterogeneity
Jacob et al. Polarization in social media: A virtual worlds-based approach
Cheng et al. SECHO: A deep reinforcement learning-based scheme for secure handover in mobile edge computing

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant