CN112866992A - Position privacy protection method and system - Google Patents

Position privacy protection method and system Download PDF

Info

Publication number
CN112866992A
CN112866992A CN202110084925.9A CN202110084925A CN112866992A CN 112866992 A CN112866992 A CN 112866992A CN 202110084925 A CN202110084925 A CN 202110084925A CN 112866992 A CN112866992 A CN 112866992A
Authority
CN
China
Prior art keywords
information
anonymous
cellid
node
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110084925.9A
Other languages
Chinese (zh)
Other versions
CN112866992B (en
Inventor
吴帆
刘雨杰
李肯立
唐卓
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hunan University
Original Assignee
Hunan University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hunan University filed Critical Hunan University
Priority to CN202110084925.9A priority Critical patent/CN112866992B/en
Publication of CN112866992A publication Critical patent/CN112866992A/en
Application granted granted Critical
Publication of CN112866992B publication Critical patent/CN112866992B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention discloses a position privacy protection method and a position privacy protection system, and belongs to the technical field of positioning. The method comprises the following steps: acquiring an anonymous request of a target user, wherein the anonymous request at least carries longitude and latitude information of the current position of the target user, and acquiring a corresponding CellID according to the longitude and latitude information of the current position of the target user; inquiring in a database according to the CellID, acquiring corresponding anonymous space information, and replacing longitude and latitude information with the anonymous space information to be used as the current position of a target user; the database is of a tree structure and is a node level divided based on the grid division of the anonymous space, and a node on each node level corresponds to one anonymous space. The adopted google-s2 algorithm adopts Hilbert space filling curve to effectively reduce dimension of multidimensional space so as to divide the space of geographic position information, and uses tree structure to store CellID obtained by latitude and longitude dimension reduction, thereby improving searching efficiency.

Description

Position privacy protection method and system
Technical Field
The invention belongs to the technical field of positioning, and particularly relates to a position privacy protection method and system.
Background
With the rapid development of mobile internet and mobile devices, increasingly precise positioning technology is provided. Many services in daily life require hooking to the location of the mobile user. When using the related service, the user needs to send the precise position of the user to the service provider so as to obtain the related service. However, in this process, if the location and the content of the query are obtained by the attacker, serious consequences will be caused.
Researchers at home and abroad in recent years put forward a plurality of location privacy protection means and technologies, such as a traditional encryption algorithm, a fake data method and a k-anonymity algorithm. Among them, the k-anonymization algorithm is widely used. The K-anonymity algorithm is to form an anonymity set by searching other suitable K users around the request initiator, and to replace the user with the anonymity set to initiate the request to the service provider, thereby reducing the probability of being identified. The Interval Cloak algorithm using the third-party credible anonymous server is proposed on the basis, and mainly uses a quadtree structure to recursively divide a designated region into equal quarter spaces until the final cell area meets the minimum space area required by an anonymous system. When a service request is initiated, a node where a user is located is searched first, then whether the number of the users in the space corresponding to the node at the moment is larger than k is judged, if yes, the space corresponding to the node is returned, and if not, the space corresponding to the node is searched to a parent node until the node is a root node.
The later proposed Casper anonymization algorithm was optimized on the basis of the k-anonymization algorithm, i.e. before finding the parent node, a quadtree was used as a spatial index to query neighboring nodes to see if the condition is met, and if so, the merging returns. However, this method uses the quadtree as a spatial index, and the operation cost becomes very high when the data size is large, and the required storage space is large because the node information of the quadtree needs to be maintained; in addition, the quadtree needs to predict the coverage area of the spatial target, resulting in poor service expansibility.
Disclosure of Invention
In view of the above defects or improvement requirements of the prior art, the present invention provides a location privacy protection method, and aims to solve the technical problems that in the existing Casper anonymization algorithm, the required storage space is large due to the need to maintain the node information of the quadtree, and the service expansibility is poor due to the need to predict the coverage area of the space target.
To achieve the above object, according to a first aspect of the present invention, there is provided a location privacy protecting method including the steps of:
obtaining an anonymous request of a target user, wherein the anonymous request at least carries longitude and latitude information of the current position of the target user, converting the longitude and latitude information into radian information, converting the radian information into spherical coordinate information, projecting the spherical surface to each surface of an external tangent cube from the spherical center, converting the spherical coordinate information into projection surface coordinate information on a projection surface of the external tangent cube according to a projection result, correcting the projection surface coordinate information, performing point-to-coordinate axis point interconversion on the corrected projection surface coordinate information to obtain coordinate axis point information, performing interconversion on the coordinate axis point information and CellID on a Hilbert curve to obtain corresponding CellID, and using the corresponding CellID as CellID corresponding to the longitude and latitude information; wherein, CellID represents the corresponding identification of the anonymous space;
inquiring in a database according to the CellID, acquiring corresponding anonymous space information, and replacing longitude and latitude information with the anonymous space information to be used as the current position of a target user; the database is of a tree structure and is a node level divided based on the grid division of the anonymous space, and a node on each node level corresponds to one anonymous space.
Preferably, the method further comprises the following steps before querying the database according to the CellID and acquiring the corresponding anonymous spatial information:
acquiring respective real-time user information of different users, and constructing a database according to the respective real-time user information of the different users; for any user, the real-time user information of any user at least comprises the user identification of any user and the CellID determined based on the longitude and latitude information of any user.
Preferably, for any user, the real-time user information of any user further includes acquisition time information when acquiring longitude and latitude information of any user;
accordingly, the method further comprises the following steps after constructing the database according to the respective real-time user information of the different users:
according to the acquisition time information when the longitude and latitude information of any user is acquired, if the update request of the real-time user information of any user is not detected within the preset time length, the real-time user information of any user and the node information corresponding to any user are deleted in the database.
Preferably, the database is a B + tree structure;
correspondingly, the process of obtaining corresponding anonymous space information according to the query of the CellID in the database comprises the following steps:
and searching a node corresponding to the CellID in the B + tree, and if the node corresponding to the CellID is searched and the number of active users in the anonymous space corresponding to the searched node is not less than a preset threshold value, using the anonymous space information of the anonymous space corresponding to the searched node as the anonymous space information corresponding to the CellID.
Preferably, the process of obtaining the corresponding anonymous spatial information according to the query of CellID in the database further includes:
if the node corresponding to the CellID is found, and the number of active users in the anonymous space corresponding to the found node is smaller than a preset threshold value, counting the number of active users in the anonymous space corresponding to the found node and each of brother nodes of the found node, and if the counting result is not smaller than the preset threshold value, taking the anonymous space information of the anonymous space corresponding to the found node and the brother nodes of the found node as the anonymous space information corresponding to the CellID.
Preferably, the process of obtaining the corresponding anonymous spatial information according to the query of CellID in the database further includes:
if the statistical result is smaller than the preset threshold value, performing statistics upwards along the B + tree based on the searched node until the node meeting the preset condition is found, and taking the anonymous space information of the anonymous space corresponding to the node meeting the preset condition as the anonymous space information corresponding to the CellID; the preset condition comprises that the number of active users in the anonymous space corresponding to the node is not less than a preset threshold value.
Preferably, the anonymity request also includes a maximum trellis stage acceptable to the target user; correspondingly, the preset condition further includes that the mesh level corresponding to the node is smaller than the maximum mesh level.
Preferably, before the anonymous spatial information is substituted for the latitude and longitude information, the method further includes: and filtering the anonymous space information based on the position and longitude and latitude information corresponding to the anonymous space information.
According to a second aspect of the present invention, there is provided a location privacy protection system comprising:
the system comprises a first module, a second module and a third module, wherein the first module is used for acquiring an anonymous request of a target user, and the anonymous request at least carries longitude and latitude information of the current position of the target user;
the second module is used for converting the longitude and latitude information into radian information and converting the radian information into spherical coordinate information;
the third module is used for projecting each surface of the spherical surface outwards cut into a square from the center of the sphere;
the fourth module is used for converting the spherical coordinate information into projection surface coordinate information on the circumscribed cube projection surface according to the projection result and correcting the projection surface coordinate information;
the fifth module is used for performing point-to-coordinate axis point interconversion on the corrected projection plane coordinate information to obtain coordinate axis point information, performing interconversion on the coordinate axis point information and CellID on a Hilbert curve to obtain corresponding CellID, and using the CellID as CellID corresponding to longitude and latitude information; wherein, CellID represents the corresponding identification of the anonymous space.
According to a third aspect of the present invention, there is provided an electronic apparatus comprising:
at least one processor; and
at least one memory communicatively coupled to the processor, wherein:
the memory stores program instructions executable by the processor, the processor invoking the program instructions to perform the method for location privacy protection as provided by any of the various possible implementations provided by the first aspect.
Compared with the prior art, the position privacy protection method and the position privacy protection system provided by the embodiment of the invention have the following beneficial effects that:
(1) because the google-s2 algorithm is adopted when the corresponding CellID is obtained according to the longitude and latitude information of the current position of the target user, and the google-s2 algorithm adopts the Hilbert space filling curve to effectively reduce the dimension of the multidimensional space so as to divide the space of the geographic position information, the searching efficiency when the anonymous space meeting the requirements is searched is improved.
(2) Because the database adopts the tree structure, and the CellID obtained by latitude and longitude dimensionality reduction is stored through the tree structure, the searching efficiency can be further improved during subsequent inquiry.
(3) In addition, compared with the traditional model of the Casper anonymization algorithm which uses the quadtree for space division, the traditional model recursively divides the appointed region into equal quarter spaces until the final cell area meets the minimum space area required by the anonymization system, the google-s2 algorithm adopted by the embodiment of the invention carries out three-dimensional to two-dimensional conversion through projection, and adopts the Hilbert space filling curve to effectively reduce the dimension of the multidimensional space, so that the efficiency of inquiring the appointed number of users around the user is improved, and the generation speed of the anonymization space is improved. Meanwhile, the storage pressure of the anonymous server of the third party is relieved, and the problem of large storage space in the prior art is solved.
(4) Because the space is subjected to grid division by the google-s2 algorithm adopted by the embodiment of the invention, the division range does not need to be specified, and thus compared with the traditional quadtree, the range of the geographic space needs to be determined in advance, the space expansion is easier to realize, and the service expansibility is higher.
Drawings
Fig. 1 is a schematic diagram of an implementation environment corresponding to a location privacy protection method according to an embodiment of the present invention;
fig. 2 is a schematic flow chart of a location privacy protection method according to an embodiment of the present invention;
FIG. 3 is a schematic diagram of a process for cutting a cube by a sphere sleeve provided by an embodiment of the present invention;
FIG. 4 is a schematic projection diagram of a sphere projected from the center of the sphere to each surface of an cube;
fig. 5 is a 8 x 8 hilbert curve trellis diagram provided by an embodiment of the present invention;
FIG. 6 is a graph of a 2 nd order Hilbert plot provided in accordance with an embodiment of the present invention;
fig. 7 is a schematic structural diagram of a location privacy protecting system according to an embodiment of the present invention;
fig. 8 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention. In addition, the technical features involved in the embodiments of the present invention described below may be combined with each other as long as they do not conflict with each other.
At present, the Interval Cloak algorithm using the third-party trusted anonymous server mainly uses a quadtree structure to recursively divide a designated region into equal quarter spaces until the final cell area meets the minimum space area required by the anonymous system. When a service request is initiated, a node where a user is located is searched first, then whether the number of the users in the space corresponding to the node at the moment is larger than k is judged, if yes, the space corresponding to the node is returned, and if not, the space corresponding to the node is searched to a parent node until the node is a root node. However, when the quadtree is used as the spatial index, the operation cost becomes very high when the data size is large, and the storage space required is large because the node information of the quadtree needs to be maintained. Based on the existing problems, the embodiment of the invention provides a location privacy protection method.
Before explaining the method provided by the embodiment of the present invention, an implementation environment corresponding to the method provided by the embodiment of the present invention is now explained. The method provided by the embodiment of the invention can adopt a third-party anonymous Service type framework, and consists of terminal equipment of a user, a third-party anonymous server and an LBS (Location Based Service) server, and can be specifically shown in figure 1.
The terminal device can be responsible for collecting the position information, converting the position information into the CellID through the google 2 coding module, and sending the CellID and related information to the anonymous server in the form of user request. The anonymous server is responsible for constructing an anonymous interval meeting the condition that the number of users is more than k from the CellID transmitted by the terminal equipment, and transmitting the anonymous interval to the LBS server in an anonymous query mode. And the LBS server is responsible for searching out corresponding results according to the transmitted anonymous interval and the query condition and returning the corresponding results to the anonymous server. With reference to the foregoing implementation environment, as shown in fig. 2, a location privacy protection method provided in an embodiment of the present invention includes: 201. obtaining an anonymous request of a target user, wherein the anonymous request at least carries longitude and latitude information of the current position of the target user, converting the longitude and latitude information into radian information, converting the radian information into spherical coordinate information, projecting the spherical surface to each surface of an external tangent cube from the spherical center, converting the spherical coordinate information into projection surface coordinate information on a projection surface of the external tangent cube according to a projection result, correcting the projection surface coordinate information, performing point-to-coordinate axis point interconversion on the corrected projection surface coordinate information to obtain coordinate axis point information, performing interconversion on the coordinate axis point information and CellID on a Hilbert curve to obtain corresponding CellID, and using the corresponding CellID as CellID corresponding to the longitude and latitude information; wherein, CellID represents the corresponding identification of the anonymous space; 202. inquiring in a database according to the CellID, acquiring corresponding anonymous space information, and replacing longitude and latitude information with the anonymous space information to be used as the current position of a target user; the database is of a tree structure and is a node level divided based on the grid division of the anonymous space, and a node on each node level corresponds to one anonymous space.
The target user refers to a user with a position privacy protection requirement, and the target user can send an anonymity request to an anonymity server through a terminal device. And the latitude and longitude information of the current position of the target user in the anonymous request is the query condition. The anonymous server can construct an anonymous interval in advance based on the CellID transmitted by the terminal equipment, and transmits the query condition and the anonymous space to the LBS server, and the LBS server is responsible for finding out a corresponding result according to the transmitted anonymous interval and the query condition and returning the result to the anonymous server, so that the position privacy protection of the target user is realized.
In step 201, the terminal device may convert the latitude and longitude of the current location of the target user into the CellID string in google-s2, and send the CellID string together with the unique user identifier of the target user, the latitude and longitude information of the current location, and the anonymity request to the anonymity server of the third party. In step 202, the tree structure of the database may be a B + tree, which is not specifically limited in this embodiment of the present invention.
Specifically, the google-s2 algorithm is to change the latitude and longitude information of the current location of the target user through 6 steps, and finally convert the latitude and longitude information into CellID on the hilbert curve. The 6 steps are specifically as follows:
the first step is as follows: the longitude and latitude are converted into radian;
the second step is that: converting spherical coordinates;
the third step: changing the spherical surface into a plane;
the fourth step: correcting spherical rectangular projection;
the fifth step: the point and the coordinate axis point are converted with each other;
and a sixth step: the coordinate points are interconverted with CellID on the hilbert curve.
That is, the google-s2 algorithm converts the longitude and latitude into the radian, and then converts the spherical coordinate and the rectangular coordinate. And then converting the three-dimensional spherical surface into a two-dimensional plane, and correcting the rectangular projection of the spherical surface. Then, the plane points and the hubert coordinate axis points are converted to each other. Finally, the coordinate axis points are converted to CellID on the hilbert curve.
Specifically, in the first step, the latitude and longitude can be represented by the formula: the angle pi/180 translates into radians. In the second step, the spherical coordinates S (lat, lng) are converted to rectangular coordinates f (x, y, z), and in the google-S2 algorithm, the earth radius is set to 1, so that the range of (x, y, z) is 1 to 1. The process of the sphere sleeving the cube can refer to fig. 3, and the projection of the sphere from the center of the sphere to each surface of the cube can refer to fig. 4.
In a third step, the rectangular coordinates f (x, y, z) are converted into g (face, u, v), where six faces of a cube are projected outward from the center of the sphere, face represents the second face, and (u, v) represents the coordinates on the second face. In the fourth step, due to the difference of angles on the spherical surface, the areas of the rectangles are not much the same even if the rectangles are projected on the same surface, so that g (face, u, v) needs to be corrected and converted into h (face, u, v). Wherein the correction function is a quadratic transformation, and the value range of the corrected (u, v) is 0 to 1.
In the fifth step, since the google-s2 algorithm defaults to divide Cell level to 30, i.e. divide a square into 2^30 × 2^30 small squares, this step needs to convert H (face, u, v) to H (face, u, v). Wherein the value range of (u, v) is 0 to 2^ 30-1.
In the sixth step, H (face, u, v) is mapped into one small lattice on the hilbert curve, that is, CellID, and the number of each small lattice is indicated. It should be noted that the n-th order hilbert curve generated in the embodiment of the present invention may be fixed, that is, both generation of the 5 th order hilbert curve and generation of the 8 th order hilbert curve are fixed. Specifically, referring to fig. 5 and fig. 6, fig. 5 is a 8 × 8 hilbert curve trellis diagram, and fig. 6 is a 2-step hilbert curve graph. Taking a 2-step hilbert curve as an example, the position of the opening is marked as 0, and 1, 2, and 3 are marked in the counterclockwise direction in order. Accordingly, other n-th order Hilbert curves are similarly labeled and formed.
The method provided by the embodiment of the invention can bring the following beneficial effects:
(1) because the google-s2 algorithm is adopted when the corresponding CellID is obtained according to the longitude and latitude information of the current position of the target user, and the google-s2 algorithm adopts the Hilbert space filling curve to effectively reduce the dimension of the multidimensional space so as to divide the space of the geographic position information, the searching efficiency when the anonymous space meeting the requirements is searched is improved.
(2) Because the database adopts the tree structure, and the CellID obtained by latitude and longitude dimensionality reduction is stored through the tree structure, the searching efficiency can be further improved during subsequent inquiry.
(3) In addition, compared with the traditional model of the Casper anonymization algorithm which uses the quadtree for space division, the traditional model recursively divides the appointed region into equal quarter spaces until the final cell area meets the minimum space area required by the anonymization system, the google-s2 algorithm adopted by the embodiment of the invention carries out three-dimensional to two-dimensional conversion through projection, and adopts the Hilbert space filling curve to effectively reduce the dimension of the multidimensional space, so that the efficiency of inquiring the appointed number of users around the user is improved, and the generation speed of the anonymization space is improved. At the same time, the storage pressure of the third party's anonymity server is relieved.
(4) Because the space is subjected to grid division by the google-s2 algorithm adopted by the embodiment of the invention, the division range does not need to be specified, and thus compared with the traditional quadtree, the range of the geographic space needs to be determined in advance, the space expansion is easier to realize, and the service expansibility is higher. Based on the content of the foregoing embodiment, as an alternative embodiment, the method provided in the embodiment of the present invention further includes the following steps before querying the database according to the CellID to obtain corresponding anonymous space information: acquiring respective real-time user information of different users, and constructing a database according to the respective real-time user information of the different users; for any user, the real-time user information of any user at least comprises the user identification of any user and the CellID determined based on the longitude and latitude information of any user.
Specifically, for a certain user, if it is detected that the real-time user information of the user is registered in the anonymous server for the first time, the real-time user information can be added to the database. Taking the B + tree with the database as a 4-way tree as an example, when the grid is divided in the front, the spherical surface is projected to 6 faces of the cube, and the square of each face is divided into four equal parts, so as shown in fig. 6, four small squares divided in fig. 6 correspond to the database, that is, four nodes in the B + tree structure, and the square divided into the four small squares corresponds to the parent node of the four nodes in the B + tree structure. Thus, the manner in which data is stored in the B + tree structure may be as follows. Each node in the B + tree structure corresponds to a divided square, i.e., a divided grid. Each node may correspond to an actual real space, and information of a user existing in the actual real space may be stored through a user table of the node, and the specifically stored entry content may include a user identifier and latitude and longitude information of the user, which is not specifically limited in the embodiment of the present invention.
Based on the content of the above embodiment, as an optional embodiment, for any user, the real-time user information of any user further includes acquisition time information when acquiring longitude and latitude information of any user; correspondingly, after the database is constructed according to the respective real-time user information of different users, the method provided by the embodiment of the invention further comprises the following steps: according to the acquisition time information when the longitude and latitude information of any user is acquired, if the update request of the real-time user information of any user is not detected within the preset time length, the real-time user information of any user and the node information corresponding to any user are deleted in the database.
Specifically, taking the database as a B + tree structure as an example, the representation content of the user table may be expressed as < user ID, longitude, latitude, time >. The user ID is a user identifier, the longitude and the latitude represent the obtained longitude and latitude information of the user, and the time represents the time information obtained when the longitude and latitude information of the user is obtained. Taking the database as a B + tree structure as an example, if the user does not update information for a long time, the anonymous system will consider that the user is offline, and will delete the corresponding node information in the B + tree and the information in the user table in sequence.
Based on the content of the above embodiment, as an alternative embodiment, the database is a B + tree structure; correspondingly, according to the query of the CellID in the database, corresponding anonymous space information is obtained, which includes: and searching a node corresponding to the CellID in the B + tree, and if the node corresponding to the CellID is searched and the number of active users in the anonymous space corresponding to the searched node is not less than a preset threshold value, using the anonymous space information of the anonymous space corresponding to the searched node as the anonymous space information corresponding to the CellID.
The preset threshold may be set according to actual requirements, which is not specifically limited in the embodiment of the present invention. It should be noted that a preset threshold needs to be set, and when the number of active users in the anonymous space corresponding to the searched node is smaller than the preset threshold, it indicates that the anonymous space users are too sparse and are easily identified by an attacker, so that the anonymous space range needs to be further expanded. If not, the anonymous space is stated to meet the condition, which is enough to provide protection for the location privacy of the user.
It should be noted that, when searching for a node corresponding to CellID in a B + tree, because the grid is divided according to the earth, that is, any user on the earth falls into the divided grid, after the database is accumulated and operated for a long time, the node corresponding to CellID in the B + tree is not found. If it is not found in practice, the CellID can be registered in the anonymous server and relevant information can be added to the user table.
Based on the content of the foregoing embodiment, as an alternative embodiment, the process of querying the database according to the CellID to obtain the corresponding anonymous spatial information further includes: if the node corresponding to the CellID is found, and the number of active users in the anonymous space corresponding to the found node is smaller than a preset threshold value, counting the number of active users in the anonymous space corresponding to the found node and each of brother nodes of the found node, and if the counting result is not smaller than the preset threshold value, taking the anonymous space information of the anonymous space corresponding to the found node and the brother nodes of the found node as the anonymous space information corresponding to the CellID.
Specifically, with reference to the content of the foregoing embodiment, taking a preset threshold as k and a B + tree as a 4-branch tree as an example, if the number of active users in the anonymous space corresponding to the searched node is less than k, it indicates that the anonymous space users are too sparse and are easily identified by an attacker, and thus it is necessary to further expand the anonymous space range, that is, query the anonymous space corresponding to the current node and the anonymous spaces corresponding to the other three sibling nodes, that is, query the current grid and the other three sibling grids, and sequentially calculate whether the number of active users can be not less than k after merging the sibling grids, and if not, directly return the anonymous grid and the sibling grids as the anonymous space.
Based on the content of the foregoing embodiment, as an alternative embodiment, the process of querying the database according to the CellID to obtain the corresponding anonymous spatial information further includes: if the statistical result is smaller than the preset threshold value, performing statistics upwards along the B + tree based on the searched node until the node meeting the preset condition is found, and taking the anonymous space information of the anonymous space corresponding to the node meeting the preset condition as the anonymous space information corresponding to the CellID; the preset condition comprises that the number of active users in the anonymous space corresponding to the node is not less than a preset threshold value.
Specifically, with reference to the content of the foregoing embodiment, if the statistical result is still smaller than the preset threshold, it indicates that even if the anonymous spaces of the current node and the sibling nodes thereof are merged, the users in the merged anonymous space are still too sparse, so that the range can be further expanded, that is, the foregoing steps are continued on the basis of the parent mesh until the number of the users is not smaller than k. At this time, the node corresponding to the parent mesh is the parent node of the current node, and the parent node also has its own parent node upward, so that the process can be iterated until it is ensured that the number of active users in the anonymous space corresponding to one node can be found is not less than a preset threshold k.
Based on the above embodiments, as an alternative embodiment, the anonymity request further includes a maximum grid level that the target user can accept; correspondingly, the preset condition further includes that the mesh level corresponding to the node is smaller than the maximum mesh level.
In particular, the maximum trellis level may be denoted by s. It should be noted that, a content needs to be additionally set for the preset condition, because the user needs privacy protection, but most importantly, the service provider needs location service, that is, it needs to ensure that the difference between the actual location of the user and the anonymous space of privacy protection is not too large, that is, the area of the anonymous space is not too large, so that the accuracy of location is greatly reduced. In the above embodiment, the process of continuously iterating and searching for a node meeting the preset condition exists, and the anonymous space is excessively enlarged, so that the positioning accuracy is reduced, and thus the mesh level is limited, that is, the minimum mesh is iterated upwards during iteration, and the level which cannot be iterated finally is excessively high, so that the anonymous space is excessively large. Therefore, a limitation is added to the secondary preset condition, that is, the mesh level of the node found in the last iteration cannot be too high, that is, the mesh level corresponding to the node should be smaller than the maximum mesh level s. If the mesh level corresponding to the node should not be less than the maximum mesh level s, the query accuracy of the LBS server is reduced due to an excessively large mesh area, and anonymity failure is caused.
Based on the content of the foregoing embodiment, as an optional embodiment, before replacing the latitude and longitude information with the anonymous spatial information, the method further includes: and filtering the anonymous space information based on the position and longitude and latitude information corresponding to the anonymous space information.
It should be noted that the filtering of the anonymous space information is required in the embodiments of the present invention, because in the above embodiments, when a suitable anonymous space is found, a plurality of anonymous spaces may be found. The corresponding actual positions of the anonymous spaces on the earth may be far away from the actual positions of the users, and a large error exists in the positioning precision. Therefore, in the embodiment of the invention, the actual positions of the anonymous spaces on the earth can be determined according to the anonymous space information corresponding to the found anonymous spaces, and the anonymous spaces are compared with the longitude and latitude information of the user needing privacy protection, namely the actual position of the user, so that the anonymous spaces with larger position difference are filtered out, and the positioning accuracy is ensured while the privacy protection is ensured. After filtering the anonymous space information, the correct result of the selection can be returned to the target user.
Based on the content of the foregoing embodiments, an embodiment of the present invention provides a location privacy protection system, where the system is configured to execute the location privacy protection method provided in the foregoing method embodiment. Referring to fig. 7, the system includes:
a first module 701, configured to obtain an anonymous request of a target user, where the anonymous request at least carries latitude and longitude information of a current location of the target user;
a second module 702, configured to convert longitude and latitude information into radian information, and convert the radian information into spherical coordinate information;
a third module 703, configured to project the spherical surface to each surface of the cube cut outward from the center of the sphere;
a fourth module 704, configured to convert the spherical coordinate information into projection plane coordinate information on a circumscribed cube projection plane according to the projection result, and correct the projection plane coordinate information;
a fifth module 705, configured to perform point-to-coordinate axis point interconversion on the corrected projection plane coordinate information to obtain coordinate axis point information, perform interconversion on the coordinate axis point information and CellID on the hilbert curve to obtain corresponding CellID, and use the corresponding CellID as the CellID corresponding to the longitude and latitude information; wherein, CellID represents the corresponding identification of the anonymous space.
Fig. 8 illustrates a physical structure diagram of an electronic device, and as shown in fig. 8, the electronic device may include: a processor (processor)810, a communication Interface 820, a memory 830 and a communication bus 840, wherein the processor 810, the communication Interface 820 and the memory 830 communicate with each other via the communication bus 840. The processor 810 may call logic instructions in the memory 830 to perform the following method: acquiring an anonymous request of a target user, wherein the anonymous request at least carries longitude and latitude information of the current position of the target user, and acquiring a corresponding CellID according to the longitude and latitude information of the current position of the target user; inquiring in a database according to the CellID, acquiring corresponding anonymous space information, and replacing longitude and latitude information with the anonymous space information to be used as the current position of a target user; the database is of a tree structure and is a node level divided based on the grid division of the anonymous space, and a node on each node level corresponds to one anonymous space.
In addition, the logic instructions in the memory 830 may be implemented in software functional units and stored in a computer readable storage medium when the logic instructions are sold or used as independent products. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, an electronic device, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
It will be understood by those skilled in the art that the foregoing is only a preferred embodiment of the present invention, and is not intended to limit the invention, and that any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the scope of the present invention.

Claims (10)

1. A method of location privacy protection, comprising:
obtaining an anonymous request of a target user, wherein the anonymous request at least carries longitude and latitude information of the current position of the target user, converting the longitude and latitude information into radian information, converting the radian information into spherical coordinate information, projecting a spherical surface to each surface of an external tangent cube from a spherical center, converting the spherical coordinate information into projection surface coordinate information on a projection surface of the external tangent cube according to a projection result, correcting the projection surface coordinate information, performing point-to-coordinate axis point interconversion on the corrected projection surface coordinate information to obtain coordinate axis point information, performing interconversion on the coordinate axis point information and CellID on a Hilbert curve to obtain corresponding CellID, and using the coordinate axis point information and the CellID as the CellID corresponding to the longitude and latitude information; wherein, CellID represents the corresponding identification of the anonymous space;
inquiring in a database according to the CellID, acquiring corresponding anonymous space information, and replacing the latitude and longitude information with the anonymous space information to be used as the current position of the target user; the database is of a tree structure and is a node level divided based on the grid division of the anonymous space, and each node on the node level corresponds to one anonymous space.
2. The method of claim 1, wherein the method further comprises the following steps before obtaining corresponding anonymous spatial information according to the CellID query in the database:
acquiring respective real-time user information of different users, and constructing the database according to the respective real-time user information of the different users; for any user, the real-time user information of the user at least comprises a user identifier of the user and the CellID determined based on the longitude and latitude information of the user.
3. The method of location privacy protection as claimed in claim 2,
for any user, the real-time user information of any user further comprises acquisition time information when the longitude and latitude information of any user is acquired;
correspondingly, the method further comprises the following steps after the database is constructed according to the respective real-time user information of different users:
according to the acquisition time information when the longitude and latitude information of any user is acquired, if the update request of the real-time user information of any user is not detected within a preset time length, deleting the real-time user information of any user and the node information corresponding to any user in the database.
4. The method of location privacy protection as claimed in claim 1,
the database is of a B + tree structure;
correspondingly, the process of acquiring corresponding anonymous space information according to the query of the CellID in the database comprises the following steps:
and searching a node corresponding to the CellID in the B + tree, and if the node corresponding to the CellID is searched and the number of active users in an anonymous space corresponding to the searched node is not less than a preset threshold value, using the anonymous space information of the anonymous space corresponding to the searched node as the anonymous space information corresponding to the CellID.
5. The method of claim 4, wherein the step of obtaining corresponding anonymous spatial information according to the query of the CellID in the database further comprises:
if the node corresponding to the CellID is found, and the number of active users in the anonymous space corresponding to the found node is smaller than a preset threshold value, counting the number of active users in the anonymous space corresponding to the found node and each of brother nodes of the found node, and if the counting result is not smaller than the preset threshold value, taking the anonymous space information of the anonymous space corresponding to the found node and the brother nodes of the found node as the anonymous space information corresponding to the CellID.
6. The method of claim 5, wherein the step of obtaining corresponding anonymous spatial information according to the CellID query in the database further comprises:
if the statistical result is smaller than the preset threshold value, performing statistics upwards along the B + tree based on the searched node until the node meeting the preset condition is found, and taking the anonymous space information of the anonymous space corresponding to the node meeting the preset condition as the anonymous space information corresponding to the CellID; the preset condition comprises that the number of active users in the anonymous space corresponding to the node is not less than a preset threshold value.
7. The location privacy protection method of claim 6, wherein the anonymity request further includes a maximum grid level acceptable to the target user; correspondingly, the preset condition further includes that the mesh level corresponding to the node is smaller than the maximum mesh level.
8. The method of claim 1, wherein before replacing the latitude and longitude information with the anonymous spatial information, further comprising:
and filtering the anonymous space information based on the position corresponding to the anonymous space information and the latitude and longitude information.
9. A location privacy protection system, comprising:
the system comprises a first module, a second module and a third module, wherein the first module is used for acquiring an anonymous request of a target user, and the anonymous request at least carries longitude and latitude information of the current position of the target user;
the second module is used for converting the longitude and latitude information into radian information and converting the radian information into spherical coordinate information;
the third module is used for projecting each surface of the spherical surface outwards cut into a square from the center of the sphere;
the fourth module is used for converting the spherical coordinate information into projection surface coordinate information on a circumscribed cube projection surface according to a projection result and correcting the projection surface coordinate information;
the fifth module is used for performing point-to-coordinate axis point interconversion on the corrected projection plane coordinate information to obtain coordinate axis point information, performing interconversion on the coordinate axis point information and CellID on a Hilbert curve to obtain corresponding CellID, and using the corresponding CellID as CellID corresponding to the longitude and latitude information; wherein, CellID represents the corresponding identification of the anonymous space.
10. An electronic device, comprising:
at least one processor; and
at least one memory communicatively coupled to the processor, wherein:
the memory stores program instructions executable by the processor, the processor calling the program instructions to perform the method of any of claims 1 to 8.
CN202110084925.9A 2021-01-22 2021-01-22 Position privacy protection method and system Active CN112866992B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110084925.9A CN112866992B (en) 2021-01-22 2021-01-22 Position privacy protection method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110084925.9A CN112866992B (en) 2021-01-22 2021-01-22 Position privacy protection method and system

Publications (2)

Publication Number Publication Date
CN112866992A true CN112866992A (en) 2021-05-28
CN112866992B CN112866992B (en) 2022-04-22

Family

ID=76009065

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110084925.9A Active CN112866992B (en) 2021-01-22 2021-01-22 Position privacy protection method and system

Country Status (1)

Country Link
CN (1) CN112866992B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113360586A (en) * 2021-06-03 2021-09-07 深圳前海微众银行股份有限公司 Address aggregation degree query method, device and equipment and computer readable storage medium
CN113556731A (en) * 2021-07-21 2021-10-26 河南工业大学 Negative investigation-based crowdsourcing user position privacy protection method in position service

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140090023A1 (en) * 2012-09-27 2014-03-27 Hong Kong Baptist University Method and Apparatus for Authenticating Location-based Services without Compromising Location Privacy
CN105578412A (en) * 2015-12-21 2016-05-11 东北大学 Position anonymization method based on position service and system
CN105610898A (en) * 2015-11-30 2016-05-25 苏州大学 Grid-based location privacy protection method
CN106899936A (en) * 2017-01-19 2017-06-27 安徽师范大学 A kind of gridding location privacy protection method and device based on Geohash
CN107204984A (en) * 2017-06-22 2017-09-26 石家庄铁道大学 A kind of location privacy protection method and system
WO2017193783A1 (en) * 2016-05-10 2017-11-16 北京京东尚科信息技术有限公司 Method and device for protecting user location information
CN108280162A (en) * 2018-01-18 2018-07-13 中南大学 A kind of location privacy protection method based on caching
CN108600304A (en) * 2018-03-14 2018-09-28 广东工业大学 A kind of personalized location method for secret protection based on position k- anonymities
CN110287215A (en) * 2019-05-20 2019-09-27 湖南大学 Large-scale area target real-time searching method based on hibert curve
CN111427983A (en) * 2020-03-23 2020-07-17 携程旅游信息技术(上海)有限公司 Service method, system, device and storage medium based on geographic information retrieval

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140090023A1 (en) * 2012-09-27 2014-03-27 Hong Kong Baptist University Method and Apparatus for Authenticating Location-based Services without Compromising Location Privacy
CN105610898A (en) * 2015-11-30 2016-05-25 苏州大学 Grid-based location privacy protection method
CN105578412A (en) * 2015-12-21 2016-05-11 东北大学 Position anonymization method based on position service and system
WO2017193783A1 (en) * 2016-05-10 2017-11-16 北京京东尚科信息技术有限公司 Method and device for protecting user location information
CN106899936A (en) * 2017-01-19 2017-06-27 安徽师范大学 A kind of gridding location privacy protection method and device based on Geohash
CN107204984A (en) * 2017-06-22 2017-09-26 石家庄铁道大学 A kind of location privacy protection method and system
CN108280162A (en) * 2018-01-18 2018-07-13 中南大学 A kind of location privacy protection method based on caching
CN108600304A (en) * 2018-03-14 2018-09-28 广东工业大学 A kind of personalized location method for secret protection based on position k- anonymities
CN110287215A (en) * 2019-05-20 2019-09-27 湖南大学 Large-scale area target real-time searching method based on hibert curve
CN111427983A (en) * 2020-03-23 2020-07-17 携程旅游信息技术(上海)有限公司 Service method, system, device and storage medium based on geographic information retrieval

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113360586A (en) * 2021-06-03 2021-09-07 深圳前海微众银行股份有限公司 Address aggregation degree query method, device and equipment and computer readable storage medium
CN113360586B (en) * 2021-06-03 2024-05-03 深圳前海微众银行股份有限公司 Address aggregation degree query method, device, equipment and computer readable storage medium
CN113556731A (en) * 2021-07-21 2021-10-26 河南工业大学 Negative investigation-based crowdsourcing user position privacy protection method in position service

Also Published As

Publication number Publication date
CN112866992B (en) 2022-04-22

Similar Documents

Publication Publication Date Title
CN108009979B (en) Three-dimensional point cloud compression storage method and system based on space-time data fusion
CN112866992B (en) Position privacy protection method and system
CN102289466B (en) K-nearest neighbor searching method based on regional coverage
CN111782742B (en) Large-scale geographic space data oriented storage and retrieval method and system thereof
US10034141B2 (en) Systems and methods to identify home addresses of mobile devices
CN112802204B (en) Target semantic navigation method and system for three-dimensional space scene prior in unknown environment
CN110321443B (en) Three-dimensional live-action model database construction method and device and data service system
CN108595608B (en) Road network communication scene oriented neighboring object index query method
WO2017211150A1 (en) Processing method and device for storing fingerprint data in library
CN106899936B (en) Geohash-based gridding position privacy protection method and device
WO2021168989A1 (en) Method and apparatus for constructing multi-source spatial database for transmission line corridor
CN104539750A (en) IP locating method and device
CN104080081A (en) Space anonymization method suitable for mobile terminal position privacy protection
US8868106B2 (en) System and method for large-scale and near-real-time search of mobile device locations in arbitrary geographical boundaries
CN114048204A (en) Beidou grid space indexing method and device based on database inverted index
CN106991149A (en) A kind of magnanimity spatial object storage method for merging coding and multi-edition data
Demirbas et al. An in-network querying framework for wireless sensor networks
CN114398459A (en) Space-time grid and tree fusion storage method for ship positioning data
CN112214485B (en) Power grid resource data organization planning method based on global subdivision grid
CN115858713B (en) Data management method and data management system for agricultural condition geographic information
CN101477561B (en) Large-scale space vector data management method based on content access network
CN115408382A (en) Vector space information gridding storage management method for large-scale satellite data
CN110297952B (en) Grid index-based parallelization high-speed railway survey data retrieval method
CN116010677B (en) Spatial index method and device and electronic equipment thereof
CN113032405A (en) Spatio-temporal data management method, system, host and computer readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB03 Change of inventor or designer information

Inventor after: Li Kenli

Inventor after: Liu Yujie

Inventor after: Wu Fan

Inventor after: Tang Zhuo

Inventor before: Wu Fan

Inventor before: Liu Yujie

Inventor before: Li Kenli

Inventor before: Tang Zhuo

CB03 Change of inventor or designer information
GR01 Patent grant
GR01 Patent grant