CN109800603B - Method, monitoring equipment and system for privacy protection processing of user information - Google Patents
Method, monitoring equipment and system for privacy protection processing of user information Download PDFInfo
- Publication number
- CN109800603B CN109800603B CN201910107562.9A CN201910107562A CN109800603B CN 109800603 B CN109800603 B CN 109800603B CN 201910107562 A CN201910107562 A CN 201910107562A CN 109800603 B CN109800603 B CN 109800603B
- Authority
- CN
- China
- Prior art keywords
- sensitivity
- information
- user
- data set
- record
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Alarm Systems (AREA)
- Measuring And Recording Apparatus For Diagnosis (AREA)
Abstract
The disclosure relates to a method, a monitoring device and a system for privacy protection processing of user information, wherein the method comprises the following steps: generating a first data set comprising a plurality of record entries based on the information, each record entry having an identifier field and/or a sensitivity attribute field; applying weights corresponding to the importance of the attributes of the fields to obtain a second data set; determining a first sensitivity of the sensitivity attribute field, and determining a second sensitivity of the corresponding record entry according to the first sensitivity; clustering the second data set based on the second sensitivity to make a set number of record entries in the group, and adding the record entries to the group when the number of the record entries in the group with the same second sensitivity is larger than the product of the second sensitivity and the set number; the centroid of the identifier field of each group replaces the identifier field of the corresponding group. The method for privacy protection processing of the user information can effectively protect the user information and the leakage of the user privacy.
Description
Technical Field
The present disclosure relates to the field of electronic technologies, and in particular, to a method, a monitoring device, and a system for privacy protection processing of user information.
Background
At present, along with the continuous development of the internet of things technology, electronic equipment is increasingly applied to life, for example, smart watches, smart bracelets, smart glasses and the like are increasingly widely applied to life, health care, sports and other fields. The existing electronic equipment can collect data such as identification information, physical condition information, position information and the like of a user in the using process of the user, but the situation that the privacy data of the user are not sufficiently protected can occur in the collecting and releasing processes of the data, so that the data are easy to steal, and the privacy of the user is leaked.
Disclosure of Invention
For the above technical problems in the prior art, embodiments of the present disclosure provide a method, a monitoring device, and a system for performing privacy protection processing on user information, which can efficiently protect the user information, and especially enhance protection on information with high importance and high sensitivity to avoid leakage of the user privacy.
According to a first aspect of the present disclosure, a method for privacy protection processing of information of a user is provided, where the information includes identification information and sign information, and the method includes: generating a first data set based on the information of the user, such that the first data set comprises a plurality of record entries, each record entry having a number of attributes, fields of each attribute being an identifier field and/or a sensitive attribute field; applying weights corresponding to the importance of the attributes of the fields of the record entries of the first data set to obtain a second data set; determining a first sensitivity of a sensitivity attribute field of each record entry of the first data set, and determining a second sensitivity of a corresponding record entry of the first data set accordingly; clustering the respective record entries of the second data set based on the determined second sensitivities of the respective record entries such that there are a set number of record entries in a group, wherein for each record entry, the record entry is added to the group if the number of record entries in the group having the same second sensitivity as the record entry is greater than the product of the second sensitivity and the set number; the identifier field of the respective packet is replaced by the centroid of the identifier field of the respective packet, resulting in a third data set.
In some embodiments, where each record entry of the first data set has a number of sensitivity attribute fields, the second sensitivity of the corresponding record entry of the first data set is determined by any one of: using a maximum of the first sensitivities of the respective sensitivity attribute fields of the respective record entries of the first data set as a second sensitivity of the corresponding record entries of the first data set; using an average of the first sensitivities of the respective sensitivity attribute fields of the respective record entries of the first data set as the second sensitivity of the corresponding record entries of the first data set; using the first sensitivity of any one of the sensitivity attribute fields of each record entry of the first data set as the second sensitivity of the corresponding record entry of the first data set.
In some embodiments, the first sensitivity of the sensitivity attribute field is defined such that: the lower the occurrence frequency of the sensitive attribute field is, the higher the first sensitivity is; and, the closer the value of the sensitivity attribute field is to the extremum of the sensitivity attribute field, the higher its first sensitivity.
In some embodiments, determining a first sensitivity of the sensitivity attribute field of each record entry of the first data set comprises: determining a smaller difference value of the difference value between the sensitive attribute field and the upper limit value thereof and the difference value between the sensitive attribute field and the lower limit value thereof, and obtaining a first reference sensitivity based on the weighted sum of the smaller difference value and the occurrence frequency of the sensitive attribute field; determining a larger number of the occurrence frequency of the sensitivity attribute field and the reciprocal of the set number as a second reference sensitivity; comparing the first reference sensitivity with the second reference sensitivity, and adopting a larger reference sensitivity as the first sensitivity.
In some embodiments, applying a weight corresponding to the importance of its attribute to each field of each record entry of the first data set comprises: determining an average value of the preset weights of the attributes in the corresponding record items as a first weight based on the preset weights of the attributes of the record items of the first data set; determining the information entropy of each attribute in the corresponding record item based on the preset weight of each attribute of each record item of the first data set; determining the proportion of the information entropy of each attribute in the corresponding record item to the sum of the information entropy of all the attributes as a second weight; determining a third weight for applying to the respective fields based on a weighted sum of the first and second weights.
According to a second aspect of the present disclosure, a monitoring device is provided, where the monitoring device includes a user information obtaining module, an information processing module, and a communication module, where the user information obtaining module is configured to obtain information of a user, the information includes identification information and sign information, the information processing module is configured to process the obtained information of the user, the communication module is configured to transmit the processed information, and the information processing module includes a privacy protection unit configured to execute the method for privacy protection processing of information of a user in any one of the embodiments of the present disclosure.
In some embodiments, the user information acquisition module comprises a sign information acquisition module, the sign information acquisition module at least comprising any one of the following components: a temperature sensor configured to sense a temperature of a user; a piezoelectric sensor configured to sense a respiration rate of the user; a pressure sensor configured to sense a blood pressure of the user; a heart rate monitoring unit configured to sense a heart rate of the user; an electrocardiogram monitoring unit configured to acquire an electrocardiogram signal of the user; the respiration monitoring unit comprises a wearable respiratory mask internally provided with a thermal flow sensor to sense the respiration signal of the user.
In some embodiments, the information processing module includes a sign evaluation unit configured to evaluate whether sign information of the user is abnormal, and if so, transmit a sign information abnormal signal; the monitoring device further comprises an alarm module, wherein the alarm module is configured to send out an alarm signal when the abnormal sign information signal from the sign evaluation unit is received; and the user information acquisition module, the communication module and the information processing module are integrated in the wearable device, at least except the privacy protection unit, the physical sign evaluation unit and the alarm module.
According to a third aspect of the present disclosure, there is provided a monitoring system, including a wearable device and a terminal, where the wearable device includes a sign information acquisition module, a first information processing module and a first communication module, the sign information acquisition module is configured to acquire sign information of a user, the first information processing module is configured to process the acquired sign information of the user, the first communication module is configured to transmit processed information, and the terminal includes: a second communication module configured to receive the processed vital sign information from the first communication module; and a second information processing module including a privacy protection unit configured to execute the method of privacy-protecting information of a user according to any one of the embodiments of the present disclosure.
In some embodiments, the terminal further comprises an output device configured to publish the third data set after the privacy preserving process, the output device comprising at least one of a display, a printer, and a communication interface.
Compared with the prior art, this disclosed beneficial effect lies in:
according to the method, the monitoring device and the system for privacy protection processing of the information including the identification information, the physical sign information and the like of the user, the weight and the sensitivity are applied to the data set in the process of privacy processing of the data set, so that the information of the user is protected efficiently, and particularly, the protection of the information with high importance and high sensitivity is enhanced, so that the privacy of the user is prevented from being leaked.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
This section provides a general summary of various implementations or examples of the technology described in this disclosure, and is not a comprehensive disclosure of the full scope or all features of the disclosed technology.
Drawings
To more clearly illustrate the technical solutions of the embodiments of the present disclosure, the drawings of the embodiments will be briefly introduced below, and it is apparent that the drawings in the following description relate only to some embodiments of the present disclosure and are not limiting to the present disclosure.
FIG. 1(a) is a flow diagram of a method of privacy preserving processing of information of a user according to an embodiment of the present disclosure;
FIG. 1(b) is a structural illustration of a record entry according to an embodiment of the present disclosure;
FIG. 2 is a flow diagram of a method of privacy preserving processing of information of a user according to an embodiment of the present disclosure;
FIG. 3 is a flow chart of an extended flow in a method of privacy preserving processing of information of a user according to an embodiment of the present disclosure;
FIG. 4 is a flow chart for determining a first sensitivity of a sensitivity attribute field of each record entry according to an embodiment of the present disclosure;
FIG. 5 is a flow chart of determining weights for various fields of various record entries according to an embodiment of the present disclosure;
FIG. 6 is a schematic structural diagram of a first example of a monitoring device according to an embodiment of the present disclosure;
FIG. 7 is a schematic structural diagram of a second example of a monitoring device according to an embodiment of the present disclosure;
fig. 8 is a schematic structural diagram of a monitoring system according to an embodiment of the present disclosure.
Description of reference numerals:
100-a monitoring device; 200-a user information acquisition module; 210-sign information acquisition module; 300-an information processing module; 310-privacy protecting unit; 320-sign evaluation unit; 400-a communication module; 500-an alarm module; 600-a monitoring system; 700-a wearable device; 800-a terminal; 810-output device.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present disclosure more clear, the technical solutions of the embodiments of the present disclosure will be described below clearly and completely with reference to the accompanying drawings of the embodiments of the present disclosure. It is to be understood that the described embodiments are only a few embodiments of the present disclosure, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the described embodiments of the disclosure without any inventive step, are within the scope of protection of the disclosure.
Unless otherwise defined, technical or scientific terms used herein shall have the ordinary meaning as understood by one of ordinary skill in the art to which this disclosure belongs. The word "comprising" or "comprises", and the like, means that the element or item listed before the word covers the element or item listed after the word and its equivalents, but does not exclude other elements or items. The terms "connected" or "coupled" and the like are not restricted to physical or mechanical connections, but may include electrical connections, whether direct or indirect. "upper", "lower", "left", "right", and the like are used merely to indicate relative positional relationships, and when the absolute position of the object being described is changed, the relative positional relationships may also be changed accordingly.
To maintain the following description of the embodiments of the present disclosure clear and concise, a detailed description of known functions and known components have been omitted from the present disclosure.
Fig. 1(a) shows a flowchart of a method for privacy protecting information of a user, which may include identification information, location information, physical sign information, and the like, according to an embodiment of the present disclosure. In the following, a method of performing privacy protection processing on information including both identification information and physical sign information of a user is described as an example, but it is to be understood that the method may be extended to information of other aspects of the user.
The method starts at step S101, and at step S101, a first data set is generated based on identification information and physical sign information of a user, such that the first data set includes a plurality of record entries, each record entry having a number of attributes, and a field of each attribute being an identifier field and/or a sensitive attribute field. Optionally, the identifier field in each record entry may be data capable of identifying the identity information of the user, such as a birth date, an identity ID, and the like, the sensitive attribute field may be data containing sensitive information of the user, such as a physical condition, an age, a social security card number, and the like of the user, and the identifier field and the sensitive attribute field may also overlap, that is, the identifier field may also be a sensitive attribute field, which is not limited specifically herein. Fig. 1(b) shows a structural diagram of a record entry of an embodiment of the present disclosure, which contains ID, gender, age, blood pressure, and temperature data of a user as shown in fig. 1(b), wherein, for example, the ID and gender data may be used as an identifier field and the age and blood pressure and temperature data may be used as a sensitivity attribute field.
In step S102, a weight corresponding to the importance of its attribute is applied to each field of each record entry of the first data set to obtain a second data set. Specifically, each attribute has different importance, and after each field is weighted according to the importance of the attribute, the difference between the data with different importance in the second data set is larger, so that the field with high importance is more conveniently distinguished from other fields, and the grouping considering the importance of the field is more reasonable.
In step S103, a first sensitivity of the sensitivity attribute field of each record entry of the first data set is determined, and a second sensitivity of the corresponding record entry of the first data set is determined accordingly. Specifically, the more sensitive data contains more information, the less frequently it occurs, and the more easily a data thief will steal enough information from the data, and the more important and sensitive data can be protected in consideration of the sensitivity of the record item in the method of privacy protection processing.
Next, in step S104, the respective record entries of the second data set are clustered and grouped based on the determined second sensitivities of the respective record entries so that there are a set number of record entries in the group, wherein for each record entry, the record entry is added to the group in the case that the number of record entries in the group having the same second sensitivity as the record entry is greater than the product of the second sensitivity and the set number. Specifically, the record entries in the second data set are clustered so that record entries with smaller differences form a group, and by setting the number of record entries in the group, the size of the group is made more uniform and the similarity of the record entries within the group is made higher.
In step S105, the identifier field of the corresponding packet is replaced with the centroid of the identifier field of each packet, thereby obtaining a third data set. Specifically, the centroid of the identifier field is substituted for the identification field of the corresponding group to hide the identification information related to the identity information of the user, for example, the centroids of the IDs of the users in the respective record entries in the first group are all substituted by the centroid value of the IDs of the users in the group, so that it is difficult for the data stealer to acquire the identity information of the user from the third data set.
According to the method for privacy protection processing of the information of the user, provided by the embodiment of the disclosure, the weight and the sensitivity are applied to the data set in the process of privacy processing of the data set, so that the information of the user can be efficiently protected, and especially, the protection of the information with high importance and high sensitivity is enhanced, so that the privacy of the user is prevented from being leaked.
In some embodiments, the first sensitivity of the sensitivity attribute field is defined such that: the lower the occurrence frequency of the sensitive attribute field is, the higher the first sensitivity is; and, the closer the value of the sensitivity attribute field is to the extremum of the sensitivity attribute field, the higher its first sensitivity. In some embodiments, where each record entry of the first data set has a number of sensitivity attribute fields, the second sensitivity of the corresponding record entry of the first data set is determined by any one of: using a maximum value of the first sensitivities of the respective sensitivity attribute fields of the respective record entries of the first data set as a second sensitivity of the corresponding record entries of the first data set; using an average of the first sensitivities of the respective sensitivity attribute fields of the respective record entries of the first data set as the second sensitivity of the corresponding record entries of the first data set; the first sensitivity of any one of the sensitivity attribute fields of the respective record entry of the first data set is used as the second sensitivity of the corresponding record entry of the first data set. Specifically, the data with higher sensitivity contains more information, the occurrence frequency is lower, a data thief can steal enough information from the data more easily, the second sensitivity corresponding to the corresponding record item is determined according to the first sensitivity of the sensitive attribute field, and the second sensitivity is added into the privacy protection processing method to protect more important and sensitive data.
Fig. 2 is a flowchart of a method for privacy protecting information of a user according to an embodiment of the present disclosure, and as shown in fig. 2, the method starts at step S201, and at step S201, a first data set is generated based on identification information and sign information of the user, so that the first data set includes a plurality of record entries, each of which includes an identifier field and a sensitive attribute field.
In step S202, weights corresponding to the importance of each field of each record entry of the first data set are applied to obtain a second data set.
In step S203, a distance matrix of the second data set is calculated.
In step S204, a first sensitivity of the sensitivity attribute field of each record entry of the first data set is determined, and a second sensitivity of the corresponding record entry of the first data set is determined based thereon. Although steps S202, S203 and S204 are executed in sequence in fig. 2, it should be understood that these steps may be executed in other sequences as long as step S202 and step S203 are executed in sequence.
In step S205, a center point of the second data set is calculated.
In step S206, it is determined whether there are K-1 record entries to be grouped, where K is the number of record entries in the set group. If so, the process proceeds to S207, otherwise, the process proceeds to the extended flow S213, so as to group the record entries to be grouped if the number of the record entries to be grouped is less than K-1.
In step S207, the record entry farthest from the center point of the second data set is selected, denoted as e.
In step S208, the point closest to e is selected with e as the center, and the packet is added.
In step S209, it is determined whether the number of recording entries having the same second sensitivity within the packet is smaller than the product of the second sensitivity and K. If yes, the process proceeds to S210, and if no, the process proceeds to S211.
In step S210, it is determined whether the number of record entries within the packet is greater than K. If yes, the process proceeds to S212, and if no, the process proceeds to S213.
In step S211, a record entry is added to the packet.
In step S212, a packet is newly created, and a record entry is added to the new packet.
In step S213, the flow is extended.
Next, at step S214, the identifier field of the corresponding packet is replaced with the centroid of the identifier field of each packet, thereby obtaining a third data set.
Fig. 3 is a flowchart of an extended flow of a method for performing privacy protection processing on information of a user according to an embodiment of the present disclosure, and as shown in fig. 3, the extended flow includes steps S301 to S306:
in step S301, it is determined whether there is a record entry to be grouped. If so, the process proceeds to S302.
In step S302, it is determined whether the record entry to be grouped meets the join condition of the group closest thereto. If yes, the process proceeds to S303, and if no, the process proceeds to S304.
In step S303, the record entry to be grouped is added to the group closest thereto.
In step S304, it is determined whether there is another packet. If not, the process proceeds to S305, and if yes, the process proceeds to S303.
In step S305, it is determined whether the record entry to be grouped conforms to the joining condition of the new group. If yes, the process proceeds to S306, and if no, the process proceeds to S304.
Next, in step S306, record entries to be grouped are added to the group.
In some embodiments, as shown in FIG. 4, determining a first sensitivity of the sensitivity attribute field of each record entry of the first data set includes steps S401 through S410, and at step S401, determining the frequency of occurrence f of the sensitivity attribute SD, the sensitivity attribute field SDx, and the sensitivity attribute field SDxSDxThat is, the data type of each record entry of the first data set having the sensitivity attribute SD and the sensitivity attribute field S corresponding to the sensitivity attribute SD are determinedDx, where x is the sequence number of 1, 2, 3 …, and the maximum value of x is the total number of the sensitive attribute fields SDx of the sensitive attribute SD. For example, the age of the user in the first data set is determined as the data type with the sensitive attribute, and the age of a certain user is 26 years, and 26 is the value of the sensitive attribute field.
In step S402, a determination is made as to whether SDx-SDmin is less than SDmax-SDx, i.e., whether the difference between the sensitive attribute field SDx and its upper limit value SDmax is smaller than the difference between it and its lower limit value SDmin is determined, and S403 is entered if SDx-SDmin is less than SDmax-SDx, and S404 is entered if SDx-SDmin is not less than SDmax-SDx.
In step S403, M is 1/2(SDx-SDmin) +1/2fSDxI.e., based on the smaller difference SDx-SDmin and the frequency of occurrence f of the sensitive attribute field SDxSDxTo obtain a first reference sensitivity M. In particular, when determining the first reference sensitivity M, the smaller difference SDx-SDmin is weighted and the frequency of occurrence f of the sensitivity attribute field SDxSDxThe weight of (3) can be set according to the actual situation, and is not limited specifically, for example, the weight of the smaller difference SDx-SDmin can be used to match the frequency f of occurrence of the sensitive attribute field SDxSDxThe weights of (a) and (b) are set to 0.5, respectively.
In step S404, M is 1/2(SDmax-SDx) +1/2fSDxI.e. based on the smaller difference value SDmax-SDx and the frequency of occurrence f of the sensitive attribute field SDxSDxTo obtain the first reference sensitivity M, and in particular, the weight of the smaller difference value SDmax-SDx and the frequency of occurrence f of the sensitivity attribute field SDx in determining the first reference sensitivity MSDxThe weight of (c) may be set according to the actual situation, and is not limited herein, for example, the weight of SDmax-SDx and f may be setSDxThe weights of (a) and (b) are set to 0.5, respectively.
In step S405, the frequency f of occurrence of the sensitive attribute field SDx is determinedSDxWhether or not it is greater than the reciprocal of the set number K, at fSDxIf it is larger than 1/K, the flow proceeds to step S406, where fSDxIf not more than 1/K, the process proceeds to S407.
In step S406, N ═ fSDxThat is, the frequency f of occurrence of the sensitive attribute field SDxSDxAs a second reference sensitivity N.
In step S407, N is 1/K, that is, the inverse of the set number K is taken as the second reference sensitivity N.
In step S408, it is determined whether M is greater than N, i.e., the first reference sensitivity M is compared with the second reference sensitivity N, and the process proceeds to S409 if M is greater than N, and proceeds to S410 if M is not greater than N.
In step S409, Si ═ M, the first reference sensitivity M is taken as the first sensitivity Si.
In step S410, N is 1/K, and the second reference sensitivity N is used as the first sensitivity Si, i.e., a larger reference sensitivity is used as the first sensitivity.
In some embodiments, as shown in FIG. 5, applying weights corresponding to the importance of its attributes to the fields of the record entries of the first data set comprises steps S501-S504:
in step S501, a weight variable ω is defined1And ω2The weighting coefficients α and β are preset weights for setting the attributes of the record items of the first data set, where α is a weight variable ω1Corresponding weight coefficient, beta being a weight variable omega2The corresponding weight coefficients. Specifically, the weight variable and the weight coefficient may be set according to actual conditions, and the number may be changed, which is not limited herein.
In step S502, ω is calculated1=∑(ω1i) N, where the sequence number i of the attribute is 1, 2, 3 …, and the maximum value of i is the total number of the attributes of each record entry, that is, the weight variable ω of each attribute of each record entry based on the first data set1Taking the average value of the weight variables of the respective attributes in the corresponding record entry as the first weight ω1。
In step S503, ω is calculated2=Hω2j/∑Hω2jThe maximum value of the sequence number j of the attribute is 1, 2, 3 …, and the maximum value of j is the total number of the attributes of each record entry, that is, the total number of the attributes of each record entry based on the first data setWeight ω of each attribute2Determining the information entropy H of each attribute in the corresponding record entryω2jAnd thereby determining the information entropy H of each attribute in the corresponding record entryω2jInformation entropy summation with all attributes ∑ Hω2jAs the second weight ω2。
In step S504, ω ═ α ω is calculated1+βω2I.e. based on the first weight ω1And a second weight ω2Determines a third weight for applying to the respective field.
Fig. 6 is a schematic structural diagram of a first example of a monitoring device according to an embodiment of the present disclosure, and as shown in fig. 6, an embodiment of the present disclosure further provides a monitoring device 100, where the monitoring device 100 includes a user information obtaining module 200 configured to obtain information of a user, where the information includes identification information and sign information, such as an ID, a gender, an age, an electrocardiogram, a blood pressure, and the like of the user, which is not specifically limited herein; an information processing module 300 configured to process the acquired identification information and physical sign information of the user, for example, remove noise, extract feature parameters, and the like, which is not specifically limited herein; a communication module 400 configured to transmit the processed information; optionally, the privacy protection unit 310 may perform privacy protection on the received original data of the identification information and the sign information of the user, or perform privacy protection on the identification information and the sign information of the user preprocessed by the information processing module 300, so as to prevent a data thief from stealing the information transmitted by the communication module 400. Specifically, the communication module 400 may be a wireless communication module, and the wireless communication module may be further configured to transmit the identification information and the physical sign information of the user, acquired by the user information acquisition module 200, to the information processing module 300, so that the monitoring device 100 does not need to be connected to a complex data transmission line, and is more convenient and faster to use.
The monitoring device 100 provided by the embodiment of the disclosure can conveniently monitor the health condition of the user, and can efficiently protect the information of the user by applying the weight and the sensitivity to the data set in the process of privacy processing on the data set, and particularly, the protection on the information with high importance and high sensitivity is enhanced to avoid the privacy leakage of the user. In some embodiments, as shown in fig. 7, the user information acquisition module 200 includes a sign information acquisition module 210, and the sign information acquisition module 210 includes at least any one of the following components (not shown in fig. 7): a temperature sensor configured to sense a temperature of a user wearing the monitoring device 100; a piezoelectric sensor configured to sense a respiration rate of a user; a pressure sensor configured to sense a blood pressure of a user; a heart rate monitoring unit configured to sense a heart rate of a user; the electrocardio monitoring unit is configured to acquire electrocardiosignals of a user; the breathing monitoring unit comprises a wearable breathing mask with an internal thermal flow sensor to sense the breathing signal of a user. Specifically, the temperature sensor may be a thermistor, and may be placed on a wrist, an armpit, or other body part of the user to sense the temperature of the user; the piezoelectric sensor is placed on the neck of a user to sense the breathing rate of the user; the pressure sensor is placed on the wrist of the user to sense the blood pressure of the user; the heart rate monitoring unit is placed on the wrist of a user and comprises a light emitting diode and a photodiode, specifically, the light emitting diode emits light to a fingertip artery of the wrist of the user, and the photodiode is used for measuring the variation of blood flow when the blood flow transmitted by the fingertip artery changes, so that heart rate data of the user can be obtained according to the variation of the blood flow; the electrocardio monitoring unit comprises an electrocardio electrode which is a flexible fabric electrode so as to be better attached to the skin of a user, and optionally can acquire short-term and/or long-term electrocardiosignals of the user so as to monitor the heart health condition of the user more comprehensively; the wearable respiratory mask with the internal thermal flow sensor is used for acquiring a respiratory signal of a user, specifically, the respiratory signal can be used for judging whether the user has an apnea syndrome during a sleep process, in one embodiment, the respiratory signal can be processed by an apnea algorithm of the information processing module 300 to obtain respiratory parameters of the user, such as respiratory frequency, respiratory flow and the like, in another embodiment, the respiratory signal can also be sent to a terminal through the communication module 400, and the terminal processes the respiratory signal to obtain the respiratory parameters.
In some embodiments, as shown in fig. 7, the information processing module 300 further includes a sign evaluation unit 320 configured to evaluate whether the sign information of the user is abnormal, and if so, transmit a sign information abnormal signal, specifically, the sign information has a normal preset range, the sign evaluation unit 320 is configured to compare the obtained sign information of the user with the preset range corresponding to the sign information, and if the sign information exceeds the preset range corresponding to the sign information, consider the sign information as abnormal information, transmit the sign information abnormal signal to an alarm module 500 in the monitoring device 100, and the alarm module 500 sends an alarm signal when receiving the sign information abnormal signal from the sign evaluation unit 320; moreover, at least the parts of the user information acquisition module 200, the communication module 400 and the information processing module 300, except for the privacy protection unit 310, the physical sign evaluation unit 320 and the alarm module 500, are integrated in the wearable device, and the wearable device can acquire identification information and various physical sign information of a user, process the information, and send processed data to a terminal, so as to realize real-time monitoring of the health condition of the user, which is convenient and fast.
Fig. 8 is a schematic structural diagram of a monitoring system according to an embodiment of the present disclosure, and as shown in fig. 8, an embodiment of the present disclosure further provides a monitoring system 600 including a wearable device 700 and a terminal 800, where the wearable device 700 includes a sign information collecting module, a first information processing module, and a first communication module (not shown in fig. 8), the sign information collecting module is configured to obtain and send sign information of a user to the first information processing module, the first information processing module processes the information and sends the processed information to the first communication module after processing is completed, the first communication module is configured to transmit the processed sign information and identification information of the user to the terminal 800, the terminal 800 includes a second communication module and a second information processing module (not shown in fig. 8), the second communication module is configured to receive the processed sign information from the first communication module, the second information processing module comprises a privacy protection unit configured to execute the method for privacy protection processing of the information of the user according to any one of the embodiments in the disclosure. Alternatively, the first communication module and the first communication module may be wireless communication modules, so that the wearable device 700 and the terminal 800 can perform wireless communication. The monitoring system 600 provided by the embodiment of the present disclosure can efficiently protect the user information by applying the weight and the sensitivity to the data set during the process of performing privacy processing on the data set, and particularly, enhances the protection of the information with high importance and high sensitivity, so as to avoid the privacy of the user being leaked when the terminal 800 publishes the user information.
In some embodiments, the terminal 800 further comprises an output device 810 configured to publish the privacy-protected third data set, wherein the output device 810 comprises at least one of a display, a printer, and a communication interface, so that the health of the user wearing the wearable device 700 can be known to the medical staff.
The above description is intended to be illustrative and not restrictive. For example, the above-described examples (or one or more versions thereof) may be used in combination with each other. For example, other embodiments may be used by those of ordinary skill in the art upon reading the above description. In addition, in the foregoing detailed description, various features may be grouped together to streamline the disclosure. This should not be interpreted as an intention that a disclosed feature not claimed is essential to any claim. Rather, the subject matter of the present disclosure may lie in less than all features of a particular disclosed embodiment. Thus, the following claims are hereby incorporated into the detailed description as examples or embodiments, with each claim standing on its own as a separate embodiment, and it is contemplated that these embodiments may be combined with each other in various combinations or permutations. The scope of the disclosure should be determined with reference to the appended claims, along with the full scope of equivalents to which such claims are entitled.
The above embodiments are merely exemplary embodiments of the present disclosure, which is not intended to limit the present disclosure, and the scope of the present disclosure is defined by the claims. Various modifications and equivalents of the disclosure may occur to those skilled in the art within the spirit and scope of the disclosure, and such modifications and equivalents are considered to be within the scope of the disclosure.
Claims (7)
1. A method for privacy protection processing of user information, wherein the information comprises identification information and sign information, the method comprising:
generating a first data set based on the information of the user, such that the first data set comprises a plurality of record entries, each record entry having a number of attributes, fields of each attribute being an identifier field and/or a sensitive attribute field;
applying weights corresponding to the importance of the attributes of the fields of the record entries of the first data set to obtain a second data set;
determining a first sensitivity of a sensitivity attribute field of each record entry of the first data set, and determining a second sensitivity of a corresponding record entry of the first data set accordingly;
clustering the respective record entries of the second data set based on the determined second sensitivities of the respective record entries such that at most a set number of record entries are in a group, wherein for each record entry, the record entry is added to the group if the number of record entries in the group having the same second sensitivity as the record entry is greater than the product of the second sensitivity and the set number;
replacing the identifier field of the respective group by the centroid of the identifier field of the respective group, thereby obtaining a third data set;
wherein, in case each record entry of the first data set has several sensitivity attribute fields, the second sensitivity of the corresponding record entry of the first data set is determined by any one of the following: using a maximum of the first sensitivities of the respective sensitivity attribute fields of the respective record entries of the first data set as a second sensitivity of the corresponding record entries of the first data set; using an average of the first sensitivities of the respective sensitivity attribute fields of the respective record entries of the first data set as the second sensitivity of the corresponding record entries of the first data set; using the first sensitivity of any one sensitivity attribute field of each record entry of the first data set as the second sensitivity of the corresponding record entry of the first data set;
the first sensitivity of the sensitive attribute field is defined such that: the lower the occurrence frequency of the sensitive attribute field is, the higher the first sensitivity is; the closer the value of the sensitive attribute field is to the extreme value of the sensitive attribute field, the higher the first sensitivity of the sensitive attribute field is;
determining a first sensitivity of a sensitivity attribute field of each record entry of the first data set comprises: determining a smaller difference value of the difference value between the sensitive attribute field and the upper limit value thereof and the difference value between the sensitive attribute field and the lower limit value thereof, and obtaining a first reference sensitivity based on the weighted sum of the smaller difference value and the occurrence frequency of the sensitive attribute field; determining a larger number of the occurrence frequency of the sensitivity attribute field and the reciprocal of the set number as a second reference sensitivity; comparing the first reference sensitivity with the second reference sensitivity, and adopting a larger reference sensitivity as the first sensitivity.
2. The method of claim 1, wherein applying a weight corresponding to the importance of its attribute to each field of each record entry of the first data set comprises:
determining an average value of the preset weights of the attributes in the corresponding record items as a first weight based on the preset weights of the attributes of the record items of the first data set;
determining information entropy of each attribute in a corresponding record item based on a preset weight of each attribute of each record item of the first data set;
determining the proportion of the information entropy of each attribute in the corresponding record item to the sum of the information entropy of all the attributes as a second weight;
determining a third weight for applying to the respective fields based on a weighted sum of the first and second weights.
3. A monitoring device comprising a user information acquisition module configured to acquire information of a user, the information comprising identification information and sign information, an information processing module configured to process the acquired information of the user, and a communication module configured to transmit the processed information, wherein the information processing module comprises a privacy protection unit configured to perform the method of privacy protection processing of information of a user according to claim 1 or 2.
4. The monitoring device of claim 3, wherein the user information acquisition module comprises a vital signs information acquisition module, the vital signs information acquisition module comprising at least any one of:
a temperature sensor configured to sense a temperature of a user;
a piezoelectric sensor configured to sense a respiration rate of the user;
a pressure sensor configured to sense a blood pressure of the user;
a heart rate monitoring unit configured to sense a heart rate of the user;
an electrocardiogram monitoring unit configured to acquire an electrocardiogram signal of the user;
the respiration monitoring unit comprises a wearable respiratory mask internally provided with a thermal flow sensor to sense the respiration signal of the user.
5. The monitoring device of claim 4, wherein the information processing module comprises a sign evaluation unit configured to evaluate whether the sign information of the user is abnormal, and if so, transmit a sign information abnormal signal;
the monitoring device further comprises an alarm module, wherein the alarm module is configured to send out an alarm signal when the abnormal sign information signal from the sign evaluation unit is received; and is
The user information acquisition module, the communication module and the information processing module are integrated in the wearable device, at least except the privacy protection unit, the physical sign evaluation unit and the alarm module.
6. A monitoring system, comprising a wearable device and a terminal, wherein the wearable device includes a sign information acquisition module, a first information processing module and a first communication module, the sign information acquisition module is configured to acquire sign information of a user, the first information processing module is configured to process the acquired sign information of the user, and the first communication module is configured to transmit the processed sign information and identification information of the user, the terminal comprising:
a second communication module configured to receive the processed vital sign information from the first communication module; and
a second information processing module comprising a privacy protecting unit configured to execute the method of privacy protecting processing of information of a user according to claim 1 or 2.
7. The monitoring system of claim 6, wherein the terminal includes an output device configured to publish the third set of data after privacy preserving processing, the output device including at least one of a display, a printer, and a communication interface.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910107562.9A CN109800603B (en) | 2019-02-02 | 2019-02-02 | Method, monitoring equipment and system for privacy protection processing of user information |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910107562.9A CN109800603B (en) | 2019-02-02 | 2019-02-02 | Method, monitoring equipment and system for privacy protection processing of user information |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109800603A CN109800603A (en) | 2019-05-24 |
| CN109800603B true CN109800603B (en) | 2021-08-31 |
Family
ID=66561885
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910107562.9A Active CN109800603B (en) | 2019-02-02 | 2019-02-02 | Method, monitoring equipment and system for privacy protection processing of user information |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109800603B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112307056B (en) * | 2019-07-31 | 2024-02-06 | 华控清交信息科技(北京)有限公司 | Data processing method and device for data processing |
| CN112329069B (en) * | 2020-11-30 | 2022-05-03 | 海南大学 | User difference privacy protection method across data, information and knowledge modes |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10296748B2 (en) * | 2016-02-25 | 2019-05-21 | Sas Institute Inc. | Simulated attack generator for testing a cybersecurity system |
| CN106940777B (en) * | 2017-02-16 | 2020-12-15 | 湖南宸瀚信息科技有限责任公司 | Identity information privacy protection method based on sensitive information measurement |
| CN107391980B (en) * | 2017-07-17 | 2020-09-29 | 上海众人网络安全技术有限公司 | Login verification method, device, equipment and storage medium based on equipment data |
-
2019
- 2019-02-02 CN CN201910107562.9A patent/CN109800603B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN109800603A (en) | 2019-05-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Sood et al. | A fog-based healthcare framework for chikungunya | |
| Chen et al. | A smart machine learning model for the detection of brain hemorrhage diagnosis based internet of things in smart cities | |
| CA2955625C (en) | Data permission management for wearable devices | |
| US20160132652A1 (en) | Communicable disease tracking | |
| US20190192010A1 (en) | Detection of flu using thermal imaging | |
| Kim et al. | Collecting health lifelog data from smartwatch users in a privacy-preserving manner | |
| US20160014129A1 (en) | User Control of Data De-Idenfication | |
| US20210401314A1 (en) | Illness Detection Based on Nervous System Metrics | |
| CN109800603B (en) | Method, monitoring equipment and system for privacy protection processing of user information | |
| KR20170031757A (en) | Data tagging | |
| US20160217260A1 (en) | System, method and computer program product for patient triage | |
| US20190008465A1 (en) | Generating an indicator of a condition of a patient | |
| CN115769302A (en) | Epidemic disease monitoring system | |
| CN115776866A (en) | Crowd disease identification using wearable blood glucose monitoring device | |
| Ahmed et al. | IoMT-based biomedical measurement systems for healthcare monitoring: A review | |
| Ganesan et al. | A novel based algorithm for the prediction of abnormal heart rate using Bayesian algorithm in the wireless sensor network | |
| Channa et al. | Managing COVID-19 global pandemic with high-tech consumer wearables: A comprehensive review | |
| Srivastava et al. | Supervision of Worldwide Healthcare through an IoT-Based System | |
| GB2504540A (en) | Pattern matching physiological parameters | |
| US20230088697A1 (en) | Trusted data provenance | |
| Abdulmalek et al. | IoT-Based Healthcare-Monitoring System to-wards Improving Quality of Life: A Review. Healthcare 2022, 10, 1993 | |
| Raad | A ubiquitous mobile telemedicine system for the elderly using RFID | |
| Misra et al. | i-avr: Iot-based ambulatory vitals monitoring and recommender system | |
| Tan et al. | Remote patient monitoring system | |
| US20210386360A1 (en) | Detecting an ictal of a subject |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |