CN110765472B - A Location Privacy Protection Method Based on Blockchain and Distributed Storage - Google Patents

A Location Privacy Protection Method Based on Blockchain and Distributed Storage Download PDF

Info

Publication number
CN110765472B
CN110765472B CN201910939342.2A CN201910939342A CN110765472B CN 110765472 B CN110765472 B CN 110765472B CN 201910939342 A CN201910939342 A CN 201910939342A CN 110765472 B CN110765472 B CN 110765472B
Authority
CN
China
Prior art keywords
query request
user
noise
data segments
location service
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910939342.2A
Other languages
Chinese (zh)
Other versions
CN110765472A (en
Inventor
柳毅
邱英
凌捷
欧毓毅
罗玉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong University of Technology
Original Assignee
Guangdong University of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangdong University of Technology filed Critical Guangdong University of Technology
Priority to CN201910939342.2A priority Critical patent/CN110765472B/en
Publication of CN110765472A publication Critical patent/CN110765472A/en
Application granted granted Critical
Publication of CN110765472B publication Critical patent/CN110765472B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a location privacy protection method based on a block chain and distributed storage, which comprises the following steps: dividing a user query request into a plurality of data segments, and storing the plurality of data segments and user identification data by using a distributed storage network; randomly selecting one of the servers as a noise server, acquiring data segments positioned in other storage servers according to the user identification data to obtain a complete query request, and performing noise on the query request; all the position service providers together establish a alliance chain, and simultaneously establish an intelligent contract on the alliance chain; a user obtains a key pair comprising a public key and a private key through an encryption algorithm, and the public key is used for registering on a alliance chain; and the user selects a position service provider corresponding to the query request on the alliance chain, the noisy query request is sent to the selected position service provider, and the position service provider provides position service for the user according to the query request.

Description

一种基于区块链和分布式存储的位置隐私保护方法A Location Privacy Protection Method Based on Blockchain and Distributed Storage

技术领域technical field

本发明涉及隐私保护技术领域,特别涉及一种基于区块链和分布式存储的位置隐私保护方法。The invention relates to the technical field of privacy protection, in particular to a location privacy protection method based on blockchain and distributed storage.

背景技术Background technique

随着移动通信技术的不断发展以及手机、平板等智能产品的不断普及,基于位置的服务(Location-Based Service,LBS)已被广泛地应用到电子商务、卫生医疗和移动社交等领域,成为人们日常生活必不可少的重要组成。LBS是通过电信移动运营商的无线电通讯网络(如GSM网、CDMA网)或外部定位方式(如GPS)获取移动终端用户的位置信息(地理坐标,或大地坐标),在地理信息系统平台的支持下,为用户提供包括兴趣点查询、广告推送和娱乐游戏在内的增值服务。位置服务给生活带来极大便利的同时,也给用户的个人隐私带来了潜在的危险。LBS拥有用户的位置信息和查询内容,攻击者可以通过用户提交的位置、查询内容并结合其自身掌握的背景知识,推断出用户的个人隐私信息。随着用户对个人隐私的注重,位置隐私保护方法也得到广泛研究。With the continuous development of mobile communication technology and the continuous popularization of smart products such as mobile phones and tablets, location-based services (Location-Based Service, LBS) have been widely used in e-commerce, health care, and mobile social networking. An essential part of everyday life. LBS is to obtain the location information (geographical coordinates, or geodetic coordinates) of mobile terminal users through the radio communication network (such as GSM network, CDMA network) or external positioning method (such as GPS) of the telecom mobile operator, supported by the geographic information system platform It provides users with value-added services including point-of-interest inquiry, advertisement push and entertainment games. While location-based services bring great convenience to life, they also pose potential dangers to users' personal privacy. LBS has the user's location information and query content, and the attacker can infer the user's personal privacy information through the user's submitted location, query content and combined with their own background knowledge. As users pay more attention to personal privacy, location privacy protection methods have also been extensively studied.

传统位置隐私保护方法主要有假位置、位置K-匿名、加密方法等。假位置方法是指用户发送查询时,按照一定的策略生成假的位置发出查询。位置K-匿名方法是通过与其他K-1个用户位置一起发出的查询请求,从而模糊用户的空间位置信息以达到隐私保护的目的。空间加密采用某种加密协议来实现用户身份和位置的保护。以上三种隐私保护模型均无法提供一种有效且严格的方法来证明其隐私水平,因此2006年Dwork等人提出了一种更为严格的可证明隐私定义,即差分隐私保护方法。差分隐私保护方法无需考虑攻击者所拥有的任何可能的背景知识,其可实现在数据集中插入或删除某一条记录后,不会对输出结果产生显著影响的数据保护效果。Traditional location privacy protection methods mainly include fake location, location K-anonymity, and encryption methods. The fake location method means that when a user sends a query, a fake location is generated according to a certain strategy to send the query. The location K-anonymity method is to blur the user's spatial location information to achieve the purpose of privacy protection by sending a query request together with other K-1 user locations. Spatial encryption uses some kind of encryption protocol to realize the protection of user identity and location. None of the above three privacy protection models can provide an effective and strict method to prove their privacy level. Therefore, in 2006, Dwork et al. proposed a stricter definition of provable privacy, that is, differential privacy protection method. The differential privacy protection method does not need to consider any possible background knowledge owned by the attacker, and it can achieve a data protection effect that does not have a significant impact on the output result after a certain record is inserted or deleted in the data set.

LBS隐私保护技术一般通过3种系统结构实现:集中式、分布式和混合式。其中集中式和混合式都需要第三方匿名服务器参与。完全可信第三方匿名服务器在现实生活中并不可能存在,一旦第三方匿名服务器变得不可信,用户的位置隐私就会被泄露。因此设计有效的隐私保护方法来保护用户的个人隐私变得至关重要。LBS privacy protection technology is generally realized through three system structures: centralized, distributed and hybrid. Among them, both centralized and hybrid methods require the participation of third-party anonymous servers. A completely trusted third-party anonymous server does not exist in real life. Once the third-party anonymous server becomes untrustworthy, the user's location privacy will be leaked. Therefore, it is very important to design effective privacy protection methods to protect users' personal privacy.

发明内容Contents of the invention

本发明的目的是提供一种基于区块链和分布式存储的位置隐私保护方法,解决位置隐私保护过程中第三方匿名服务器半可信的问题。The purpose of the present invention is to provide a location privacy protection method based on blockchain and distributed storage to solve the semi-trusted problem of third-party anonymous servers in the location privacy protection process.

为了实现上述任务,本发明采用以下技术方案:In order to achieve the above tasks, the present invention adopts the following technical solutions:

一种基于区块链和分布式存储的位置隐私保护方法,包括:A location privacy protection method based on blockchain and distributed storage, including:

将用户查询请求分为多个数据段,用分布式存储网络存储所述多个数据段及用户标识数据;Dividing the user query request into multiple data segments, storing the multiple data segments and user identification data with a distributed storage network;

在存储所述多个数据段的多个服务器中,随机选取其中一个服务器作为加噪服务器,在加噪服务器上根据用户标识数据获取位于在其他存储服务器内的数据段而得到完整查询请求,并对查询请求进行加噪;Among the plurality of servers storing the plurality of data segments, one of the servers is randomly selected as a noise adding server, on the noise adding server, the data segments located in other storage servers are obtained according to the user identification data to obtain a complete query request, and Noise the query request;

所有位置服务提供商共同创建一条联盟链,同时在联盟链上创建一个智能合约;All location service providers jointly create a consortium chain and create a smart contract on the consortium chain;

用户通过加密算法得到一个包括公钥和私钥的密钥对,使用公钥在联盟链上注册;The user obtains a key pair including a public key and a private key through an encryption algorithm, and uses the public key to register on the alliance chain;

用户在联盟链上选择查询请求对应的位置服务提供商,将加噪后的查询请求发送给选择的位置服务提供商,位置服务提供商根据查询请求向用户提供位置服务。The user selects the location service provider corresponding to the query request on the alliance chain, and sends the noise-added query request to the selected location service provider, and the location service provider provides location service to the user according to the query request.

进一步地,所述的智能合约为当位置服务提供商为用户提供位置服务后,用户自动支付加密货币给位置服务提供商;Further, the smart contract is that when the location service provider provides the user with location service, the user automatically pays the cryptocurrency to the location service provider;

所述的使用公钥在联盟链上注册之后,还包括:After using the public key to register on the alliance chain, it also includes:

用户需要预先向联盟链中存入一定数量的加密货币;Users need to deposit a certain amount of cryptocurrency in the alliance chain in advance;

所述位置服务提供商根据查询请求向用户提供位置服务之后,还包括:After the location service provider provides the location service to the user according to the query request, it also includes:

智能合约自动运行用户支付加密货币给位置服务提供商。The smart contract automatically runs the user to pay the location service provider in cryptocurrency.

进一步地,所述的对查询请求进行加噪,包括:Further, said adding noise to the query request includes:

先产生服从Laplace分布的随机噪声,将噪声加入查询请求,计算方式如下:First generate random noise that obeys the Laplace distribution, and add the noise to the query request. The calculation method is as follows:

Qu'=Qu+Laplace(ΔF/ε)Qu'=Qu+Laplace(ΔF/ε)

其中,Qu'为加噪后的查询请求,Laplace(ΔF/ε)表示满足Laplace分布的噪声,ε代表Laplace噪声发布算法的差分隐私预算,ΔF代表Laplace噪声发布算法的差分隐私全局敏感度。Among them, Qu' is the query request after adding noise, Laplace(ΔF/ε) represents the noise satisfying the Laplace distribution, ε represents the differential privacy budget of the Laplace noise distribution algorithm, and ΔF represents the differential privacy global sensitivity of the Laplace noise distribution algorithm.

进一步地,所述的将用户查询请求分为多个数据段,用分布式存储网络存储所述多个数据段及用户标识数据,表示为:Further, the user query request is divided into multiple data segments, and the distributed storage network is used to store the multiple data segments and user identification data, expressed as:

将查询请求Qu分为{(Qu1,ID),(Qu2,ID),..(QuN,ID)}一共N个数据段,每个数据段(Quj,ID)中,Quj表示第j个数据段,j=1,2,…,N,ID为用户名等用户标识数据;对应地,用分布式存储网络中的N个服务器分别存储所述的N个数据段。Divide the query request Qu into {(Qu1,ID),(Qu2,ID),..(QuN,ID)}, a total of N data segments, in each data segment (Quj,ID), Quj represents the jth data Segment, j=1, 2, ..., N, ID is user identification data such as user name; correspondingly, use N servers in the distributed storage network to respectively store the N data segments.

进一步地,所述随机选取其中一个服务器作为加噪服务器,在加噪服务器上根据用户标识数据获取位于在其他存储服务器内的数据段而得到完整查询请求,包括:Further, the random selection of one of the servers as the noise-adding server, on the noise-adding server, according to the user identification data, obtains the data segment located in other storage servers to obtain a complete query request, including:

对于存储所述N个数据段的N个服务器,随机选择其中第i∈N个服务器作为加噪服务器,在该服务器中,根据ID找到存储的数据段(Qui,ID),然后在其他N-1个服务器上根据ID查询到其他的N-1个数据段,在加噪服务器上将这些数据段组合得到查询请求Qu。For the N servers that store the N data segments, randomly select the i∈N server as the noise adding server, in this server, find the stored data segment (Qui, ID) according to the ID, and then in other N- One server queries other N-1 data segments according to the ID, and combines these data segments on the noise adding server to obtain a query request Qu.

本发明与现有技术相比,具有如下优点和有益效果:Compared with the prior art, the present invention has the following advantages and beneficial effects:

现有的位置隐私保护系统结构存在一定的不可信问题和要求过于高的计算能力及存储空间,本发明采用区块链和分布式存储服务器协作的系统架构有以下优点:The existing location privacy protection system structure has certain untrustworthy problems and requires too high computing power and storage space. The present invention adopts the system architecture of blockchain and distributed storage server cooperation to have the following advantages:

1.解决单个第三方匿名服务器半可信的问题,并且不需要客户端拥有强大的的计算能力和存储空间。1. Solve the semi-trusted problem of a single third-party anonymous server, and does not require the client to have powerful computing power and storage space.

2.使用差分隐私保护方法,无需考虑攻击者所拥有的任何可能的背景知识,有严格的数学推导证明,隐私保护度更高。2. Using the differential privacy protection method, there is no need to consider any possible background knowledge owned by the attacker, and it is proved by strict mathematical derivation that the degree of privacy protection is higher.

3.联盟链的创建,使得用户交易信息只有联盟链创建者即服务提供商可见,用户的查询请求更不容易外泄,基于区块链的伪匿名,即用公钥作为用户的账户信息,用户的真实身份也难以被发现。3. The establishment of the alliance chain makes the user's transaction information only visible to the creator of the alliance chain, that is, the service provider, and the user's query request is less likely to be leaked. Based on the pseudo-anonymity of the blockchain, the public key is used as the user's account information. The real identity of the user is also difficult to discover.

附图说明Description of drawings

图1为本发明方法的流程示意图。Fig. 1 is a schematic flow chart of the method of the present invention.

具体实施方式Detailed ways

基于位置的服务为用户日常生活提供了极大的便利,例如通过手机的外卖APP查询当前位置有什么外卖,或利用导航软件进行导航过程中,均需要用到位置服务。本发明提出了一种基于区块链和分布式存储的位置隐私保护方法,通过此方法解决了位置隐私保护过程中第三方匿名服务器半可信的问题,Location-based services provide users with great convenience in their daily lives. For example, they need to use location-based services in the process of inquiring about take-out at the current location through a mobile phone's take-out app, or using navigation software for navigation. The present invention proposes a location privacy protection method based on blockchain and distributed storage, which solves the semi-trusted problem of third-party anonymous servers in the location privacy protection process.

本发明的方法主要分为两个阶段,具体步骤如下:Method of the present invention mainly is divided into two stages, and concrete steps are as follows:

一、分布式存储阶段1. Distributed storage stage

S11,将用户的查询请求Qu分割为多个数据段,表示为:Qu={(x,y),Con};用分布式存储网络存储所述多个数据段及用户标识数据;用户标识数据是指用户ID等。S11, the user's query request Qu is divided into multiple data segments, expressed as: Qu={(x, y), Con}; the multiple data segments and user identification data are stored in a distributed storage network; user identification data Refers to the user ID, etc.

其中:(x,y)为用户的经纬度坐标,Con为用户的查询内容;所述的查询请求的分割方法为等长分割,或者随机分割。Wherein: (x, y) is the longitude and latitude coordinates of the user, and Con is the query content of the user; the splitting method of the query request is equal-length splitting or random splitting.

例如,将查询请求Qu分为{(Qu1,ID),(Qu2,ID),..(QuN,ID)}一共N个数据段,每个数据段(Quj,ID)中,Quj表示第j个数据段,j=1,2,…,N,ID为用户名等用户标识数据;对应地,用分布式存储网络中的N个服务器分别存储所述的N个数据段。For example, the query request Qu is divided into {(Qu1, ID), (Qu2, ID), ... (QuN, ID)} a total of N data segments, in each data segment (Quj, ID), Quj represents the jth data segments, j=1, 2, ..., N, ID is user identification data such as user name; correspondingly, N servers in the distributed storage network are used to respectively store the N data segments.

分布式存储是将数据分散存储在多台独立的服务器上。将查询内容分成若干数据段用分布式存储网络存储在不同的服务器,是为了防止攻击者攻击其中一个服务器而得到用户完整信息。Distributed storage is to disperse and store data on multiple independent servers. Dividing the query content into several data segments and storing them in different servers with a distributed storage network is to prevent attackers from attacking one of the servers and obtain complete user information.

S12,在分布式网络存储所述多个数据段的多个服务器中,随机选取其中一个服务器作为加噪服务器,在加噪服务器上根据用户标识数据获取位于在其他存储服务器内的数据段而得到完整查询请求Qu,在所述加噪服务器上对查询请求Qu加噪。S12. Among the multiple servers storing the multiple data segments in the distributed network, randomly select one of the servers as the noise-adding server, and acquire the data segments located in other storage servers on the noise-adding server according to the user identification data to obtain To complete the query request Qu, add noise to the query request Qu on the noise adding server.

例如,对于存储所述N个数据段的N个服务器,随机选择其中第i∈N个服务器作为加噪服务器,在该服务器中,根据用户标识数据,即ID找到存储的数据段(Qui,ID),然后在其他N-1个服务器上根据ID查询到其他的N-1个数据段,在加噪服务器上将这些数据段组合得到查询请求Qu。For example, for the N servers that store the N data segments, randomly select the i∈N server as the noise adding server, and in this server, find the stored data segments (Qui, ID ), and then query other N-1 data segments according to the ID on other N-1 servers, and combine these data segments on the noise adding server to obtain a query request Qu.

随机选取一个服务器作为加噪服务器以获取完整请求是为了给用户请求加噪,若是直接给每个数据段加噪会造成大量计算开销,加噪的目的是不让位置服务提供商获取真实位置,是一个对用户信息进行匿名的过程,所以不需要去噪,加噪后的查询请求直接由用户发送给联盟链上的位置服务提供商。Randomly selecting a server as a noise adding server to obtain a complete request is to add noise to the user request. If adding noise directly to each data segment will cause a lot of computing overhead, the purpose of adding noise is to prevent the location service provider from obtaining the real location. It is a process of anonymizing user information, so denoising is not required, and the query request after adding noise is directly sent by the user to the location service provider on the alliance chain.

在所述加噪服务器上对查询请求Qu加噪;具体为:Adding noise to the query request on the adding noise server; specifically:

先产生服从Laplace分布的随机噪声,将噪声加入查询请求,计算方式如下:First generate random noise that obeys the Laplace distribution, and add the noise to the query request. The calculation method is as follows:

Qu'=Qu+Laplace(ΔF/ε)Qu'=Qu+Laplace(ΔF/ε)

其中,Qu'为加噪后的查询请求,Laplace(ΔF/ε)表示满足Laplace分布的噪声,ε代表Laplace噪声发布算法的差分隐私预算,ΔF代表Laplace噪声发布算法的差分隐私全局敏感度,全局敏感度表示更改数据集中任何数据记录时算法输出的变化。Among them, Qu' is the query request after adding noise, Laplace(ΔF/ε) represents the noise that satisfies the Laplace distribution, ε represents the differential privacy budget of the Laplace noise publishing algorithm, ΔF represents the differential privacy global sensitivity of the Laplace noise publishing algorithm, and the global Sensitivity represents the change in the output of the algorithm when any data record in the dataset is changed.

二、联盟链交易阶段2. Alliance chain transaction stage

S21,所有位置服务提供商共同创建一条联盟链,同时在联盟链上创建一个智能合约;所述智能合约为当位置服务提供商为用户提供位置服务后,用户自动支付货币给位置服务提供商。S21, all location service providers jointly create a consortium chain, and at the same time create a smart contract on the consortium chain; the smart contract is that when the location service provider provides the user with location service, the user automatically pays currency to the location service provider.

联盟链:只针对特定某个群体的成员和有限的第三方,内部指定多个预选的节点为记账人,每个块的生成由所有的预选节点共同决定,其他接入节点可以参与交易,但不过问记账过程,其他第三方可以通过该区块链开放的API进行限定查询。Consortium chain: only for members of a specific group and limited third parties, multiple pre-selected nodes are internally designated as bookkeepers, the generation of each block is jointly decided by all pre-selected nodes, and other access nodes can participate in transactions. But without asking about the bookkeeping process, other third parties can make limited inquiries through the open API of the blockchain.

智能合约:一套以数字形式定义的承诺,包括合约参与方可以执行这些承诺的协议。从程序角度来看,智能合约是编程在区块链上的程序语言,当满足某些指定条件时触发相关操作。Smart Contract: A set of promises defined in digital form, including an agreement by which parties to the contract can enforce those promises. From a program point of view, a smart contract is a program language programmed on the blockchain, which triggers relevant operations when certain specified conditions are met.

联盟链的创建,使得用户交易信息只有联盟链创建者即服务提供商可见,用户的查询请求更不容易外泄。The establishment of the alliance chain makes the user's transaction information only visible to the creator of the alliance chain, that is, the service provider, and the user's query request is less likely to be leaked.

S22,用户通过加密算法得到一个包括公钥和私钥的密钥对,使用公钥在联盟链上注册,用户需要预先向联盟链中存入一定数量的加密货币。S22. The user obtains a key pair including a public key and a private key through an encryption algorithm, and uses the public key to register on the alliance chain. The user needs to deposit a certain amount of cryptocurrency in the alliance chain in advance.

在该步骤中,公钥(Public Key)与私钥(Private Key)是通过加密算法得到的一个密钥对(即一个公钥和一个私钥),公钥是密钥对中公开的部分,私钥则是非公开的部分;其中加密算法可采用例如RSA等常用加密算法。In this step, the public key (Public Key) and the private key (Private Key) are a key pair obtained through an encryption algorithm (that is, a public key and a private key), and the public key is the public part of the key pair. The private key is a non-public part; the encryption algorithm can be a commonly used encryption algorithm such as RSA.

基于区块链的伪匿名,使用公钥作为用户的账户信息,用户的真实身份难以被发现。Based on the pseudo-anonymity of the blockchain, the public key is used as the user's account information, and the user's true identity is difficult to be discovered.

S23,用户在联盟链上选择查询请求对应的位置服务提供商,将加噪后的查询请求发送给选择的位置服务提供商,位置服务提供商根据查询请求向用户提供位置服务,智能合约自动运行用户支付加密货币给位置服务提供商。S23, the user selects the location service provider corresponding to the query request on the alliance chain, and sends the noise-added query request to the selected location service provider, and the location service provider provides location service to the user according to the query request, and the smart contract runs automatically Users pay cryptocurrency to location service providers.

所述的位置服务提供商是指对应于查询请求的位置服务提供商,例如查询当前位置周围的美食信息,所述的位置服务提供商可以选择高德地图、美团外卖、大众点评等。The location service provider refers to the location service provider corresponding to the query request, such as querying food information around the current location, and the location service provider can choose Gaode Map, Meituan Waimai, Dianping, etc.

应用实例:对于一个用户A,需要通过手机查询当前位置附近可入住的酒店,利用S11~S12将用户的查询请求加噪,利用S22在联盟链上生成一个账户信息,根据步骤S23,用户选择美团这一服务提供商,将加噪后的查询请求发送给美团,美团显示用户A位置附近可入住的酒店,智能合约随即运行将用户向美团支付货币。Application example: For a user A, it is necessary to query the available hotels near the current location through the mobile phone, use S11~S12 to add noise to the user's query request, and use S22 to generate an account information on the alliance chain. According to step S23, the user selects the hotel Tuan, a service provider, sends the query request after adding noise to Meituan, and Meituan displays the hotels that user A can stay near the location, and the smart contract runs immediately to pay the user to Meituan.

Claims (1)

1.一种基于区块链和分布式存储的位置隐私保护方法,其特征在于,包括:1. A location privacy protection method based on block chain and distributed storage, characterized in that, comprising: 将用户查询请求分为多个数据段,用分布式存储网络存储所述多个数据段及用户标识数据;Dividing the user query request into multiple data segments, storing the multiple data segments and user identification data with a distributed storage network; 在存储所述多个数据段的多个服务器中,随机选取其中一个服务器作为加噪服务器,在加噪服务器上根据用户标识数据获取位于在其他存储服务器内的数据段而得到完整查询请求,并对查询请求进行加噪;Among the plurality of servers storing the plurality of data segments, one of the servers is randomly selected as a noise adding server, on the noise adding server, the data segments located in other storage servers are obtained according to the user identification data to obtain a complete query request, and Noise the query request; 所有位置服务提供商共同创建一条联盟链,同时在联盟链上创建一个智能合约;All location service providers jointly create a consortium chain and create a smart contract on the consortium chain; 用户通过加密算法得到一个包括公钥和私钥的密钥对,使用公钥在联盟链上注册;The user obtains a key pair including a public key and a private key through an encryption algorithm, and uses the public key to register on the alliance chain; 用户在联盟链上选择查询请求对应的位置服务提供商,将加噪后的查询请求发送给选择的位置服务提供商,位置服务提供商根据查询请求向用户提供位置服务;The user selects the location service provider corresponding to the query request on the alliance chain, and sends the noise-added query request to the selected location service provider, and the location service provider provides location service to the user according to the query request; 所述的智能合约为当位置服务提供商为用户提供位置服务后,用户自动支付加密货币给位置服务提供商;The smart contract is that when the location service provider provides the user with the location service, the user automatically pays the encrypted currency to the location service provider; 所述的使用公钥在联盟链上注册之后,还包括:After using the public key to register on the alliance chain, it also includes: 用户需要预先向联盟链中存入一定数量的加密货币;Users need to deposit a certain amount of cryptocurrency in the alliance chain in advance; 所述位置服务提供商根据查询请求向用户提供位置服务之后,还包括:After the location service provider provides the location service to the user according to the query request, it also includes: 智能合约自动运行用户支付加密货币给位置服务提供商;The smart contract automatically runs the user to pay the cryptocurrency to the location service provider; 所述的对查询请求进行加噪,包括:The noise adding to the query request includes: 先产生服从Laplace分布的随机噪声,将噪声加入查询请求,计算方式如下:First generate random noise that obeys the Laplace distribution, and add the noise to the query request. The calculation method is as follows: Qu'=Qu+Laplace(ΔF/ε)Qu'=Qu+Laplace(ΔF/ε) 其中,Qu'为加噪后的查询请求,Laplace(ΔF/ε)表示满足Laplace分布的噪声,ε代表Laplace噪声发布算法的差分隐私预算,ΔF代表Laplace噪声发布算法的差分隐私全局敏感度;Among them, Qu' is the query request after adding noise, Laplace(ΔF/ε) represents the noise that satisfies the Laplace distribution, ε represents the differential privacy budget of the Laplace noise publishing algorithm, and ΔF represents the differential privacy global sensitivity of the Laplace noise publishing algorithm; 所述的将用户查询请求分为多个数据段,用分布式存储网络存储所述多个数据段及用户标识数据,表示为:The described user query request is divided into multiple data segments, and the distributed storage network is used to store the multiple data segments and user identification data, expressed as: 将查询请求Qu分为{(Qu1,ID),(Qu2,ID),..(QuN,ID)}一共N个数据段,每个数据段(Quj,ID)中,Quj表示第j个数据段,j=1,2,…,N,ID为用户标识数据;对应地,用分布式存储网络中的N个服务器分别存储所述的N个数据段;Divide the query request Qu into {(Qu1,ID),(Qu2,ID),..(QuN,ID)}, a total of N data segments, in each data segment (Quj,ID), Quj represents the jth data Segment, j=1,2,...,N, ID is user identification data; Correspondingly, store described N data segments respectively with N servers in the distributed storage network; 所述随机选取其中一个服务器作为加噪服务器,在加噪服务器上根据用户标识数据获取位于在其他存储服务器内的数据段而得到完整查询请求,包括:The random selection of one of the servers as the noise-adding server, on the noise-adding server, obtains the data segment located in other storage servers according to the user identification data to obtain a complete query request, including: 对于存储所述N个数据段的N个服务器,随机选择其中第i∈N个服务器作为加噪服务器,在该服务器中,根据ID找到存储的数据段(Qui,ID),然后在其他N-1个服务器上根据ID查询到其他的N-1个数据段,在加噪服务器上将这些数据段组合得到查询请求Qu。For the N servers that store the N data segments, randomly select the i∈N server as the noise adding server, in this server, find the stored data segment (Qui, ID) according to the ID, and then in other N- One server queries other N-1 data segments according to the ID, and combines these data segments on the noise adding server to obtain a query request Qu.
CN201910939342.2A 2019-09-30 2019-09-30 A Location Privacy Protection Method Based on Blockchain and Distributed Storage Active CN110765472B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910939342.2A CN110765472B (en) 2019-09-30 2019-09-30 A Location Privacy Protection Method Based on Blockchain and Distributed Storage

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910939342.2A CN110765472B (en) 2019-09-30 2019-09-30 A Location Privacy Protection Method Based on Blockchain and Distributed Storage

Publications (2)

Publication Number Publication Date
CN110765472A CN110765472A (en) 2020-02-07
CN110765472B true CN110765472B (en) 2023-02-03

Family

ID=69330069

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910939342.2A Active CN110765472B (en) 2019-09-30 2019-09-30 A Location Privacy Protection Method Based on Blockchain and Distributed Storage

Country Status (1)

Country Link
CN (1) CN110765472B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111414644B (en) * 2020-03-18 2023-01-17 支付宝(杭州)信息技术有限公司 Privacy protection query method based on block chain and block chain system
CN111782662B (en) * 2020-07-23 2022-02-11 深圳市富之富信息科技有限公司 User privacy information query realization method and device based on distributed reconstruction
CN112241434B (en) * 2020-09-24 2021-06-22 华中农业大学 A Consortium Blockchain System for Data Privacy Protection
CN115080872A (en) * 2021-03-15 2022-09-20 京东科技控股股份有限公司 Location-based service data processing method and device

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107292181B (en) * 2017-06-20 2020-05-19 无锡井通网络科技有限公司 Database system based on block chain and using method using system
CN108600304B (en) * 2018-03-14 2021-02-12 广东工业大学 Personalized position privacy protection method based on position k-anonymity
CN109345438B (en) * 2018-10-11 2021-09-28 北京理工大学 Privacy-protection alliance taxi taking method and system
CN109617877B (en) * 2018-12-12 2021-06-01 上海海事大学 Location privacy protection system and method based on differential privacy noise addition selection

Also Published As

Publication number Publication date
CN110765472A (en) 2020-02-07

Similar Documents

Publication Publication Date Title
CN110765472B (en) A Location Privacy Protection Method Based on Blockchain and Distributed Storage
Puttaswamy et al. Preserving location privacy in geosocial applications
US8392500B2 (en) Method and apparatus for location-based, just in time social networking
Saravanan et al. A novel approach of privacy protection of mobile users while using location-based services applications
CN107689950B (en) Data publication method, apparatus, server and storage medium
WO2007120387A2 (en) Methods and systems for sharing or presenting member information
Yang et al. Density-based location preservation for mobile crowdsensing with differential privacy
CN104581625B (en) A kind of location privacy protection method and system based on granularity control
CN102970652B (en) A kind of location privacy protection system of the inquiry perception towards road network
CN105792130A (en) A k-anonymous location privacy protection method for massive peer requests
CN105491519A (en) Privacy protection method based on continuous real time inquiry scene in position service
CN107204988A (en) A kind of location privacy protection method under the structure based on P2P
Buchanan et al. A privacy preserving method using privacy enhancing techniques for location based services
CN110062324A (en) A kind of personalized location method for secret protection based on k- anonymity
CN111858826A (en) Retrieval method, system, terminal device and storage medium for spatiotemporal trajectory
Zhang et al. Secure hitch in location based social networks
CN107135197B (en) A Chained k-Anonymous Location Privacy Protection Method Based on Grey Prediction
CN115052286A (en) User privacy protection and target query method and system based on location service
CN106453049A (en) Neighbor detection method capable of protecting position privacy
CN111786970A (en) Cache-based collaborative location fuzzing anonymous privacy protection method and system
Zeng et al. P3GQ: a practical privacy-preserving generic location-based services query scheme
Zhang et al. LPPS‐AGC: Location Privacy Protection Strategy Based on Alt‐Geohash Coding in Location‐Based Services
CN106888433A (en) A kind of same services request location privacy protection method based on Thiessen polygon
Niwa et al. An information platform for smart communities realizing data usage authentication and secure data sharing
Beach et al. Social-k: Real-time k-anonymity guarantees for social network applications

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant