面向版式文档的细粒度隐私操作控制方法

尹沛捷; 李凤华; 牛犇; 罗海洋; 邝彬; 张玲翠

doi:10.11959/j.issn.1000-436x.2023083

您当前的位置：

首页 >

文章列表页 >

面向版式文档的细粒度隐私操作控制方法

学术论文 | 更新时间：2024-06-06

- 面向版式文档的细粒度隐私操作控制方法
- Fine-grained privacy operation control method for layout documents
- 通信学报 2023年44卷第5期页码：94-109
- 作者机构：
  
  1. 中国科学院信息工程研究所，北京 100085
  2. 中国科学院大学网络空间安全学院，北京 100049
- 作者简介：
  
  [ "尹沛捷（1995- ），女，陕西汉中人，中国科学院信息工程研究所博士生，主要研究方向为隐私计算、隐私保护" ]
  [ "李凤华（1966- ），男，湖北浠水人，博士，中国科学院信息工程研究所研究员、博士生导师，主要研究方向为网络与系统安全、信息保护、隐私计算" ]
  [ "牛犇（1984- ），男，陕西西安人，博士，中国科学院信息工程研究所研究员、博士生导师，主要研究方向为数据安全、隐私计算" ]
  [ "罗海洋（1997- ），男，湖南娄底人，中国科学院信息工程研究所博士生，主要研究方向为隐私计算、隐私保护" ]
  [ "邝彬（2000- ），男，湖南永州人，中国科学院信息工程研究所博士生，主要研究方向为隐私计算、隐私保护" ]
  [ "张玲翠（1986- ），女，河北故城人，博士，中国科学院信息工程研究所高级工程师、硕士生导师，主要研究方向为网络与系统安全、数据安全" ]
- 基金信息：
  
  国家重点研发计划基金资助项目(2021YFB3101301);国家自然科学基金资助项目(61932015);国家社科基金重大项目(22＆ZD147)
- DOI：10.11959/j.issn.1000-436x.2023083
  中图分类号： TN92
- 网络出版日期：2023-05，
  
  纸质出版日期：2023-05-25
- 稿件说明：
移动端阅览
尹沛捷, 李凤华, 牛犇, 等. 面向版式文档的细粒度隐私操作控制方法[J]. 通信学报, 2023,44(5):94-109.

Peijie YIN, Fenghua LI, Ben NIU, et al. Fine-grained privacy operation control method for layout documents[J]. Journal on communications, 2023, 44(5): 94-109.
尹沛捷, 李凤华, 牛犇, 等. 面向版式文档的细粒度隐私操作控制方法[J]. 通信学报, 2023,44(5):94-109. DOI： 10.11959/j.issn.1000-436x.2023083.

Peijie YIN, Fenghua LI, Ben NIU, et al. Fine-grained privacy operation control method for layout documents[J]. Journal on communications, 2023, 44(5): 94-109. DOI： 10.11959/j.issn.1000-436x.2023083.

摘要

针对隐私信息频繁交换场景下不可控转发导致的隐私信息泄露问题，提出了一种面向版式文档的细粒度隐私操作控制方法，可实现隐私信息在分享过程中按分享者的要求进行差异化细粒度的隐私操作控制。对接收到的多模态版式文档提取已有隐私操作控制策略，结合当前分享者使用属性、接收者隐私保护能力等因素，迭代生成隐私操作控制策略，并给出了抽象化的控制策略生成算法框架；基于迭代隐私操作控制策略，结合具体操作场景，对不同模态的信息分量进行差异化脱敏控制、交换边界控制和本地使用控制，并给出了抽象化的隐私操作控制算法框架。实验开发了 OFD 的隐私操作控制前后台原型系统，并对上述方法进行了验证，在即时通信系统中实现了基于好友关系的迭代隐私操作控制策略生成与传递，以及 OFD 的差异化脱敏控制、交换边界控制和本地使用控制。

Abstract

In view of the problem of privacy information disclosure caused by uncontrolled forwarding in the context of frequent exchange of privacy information

a fine-grained privacy operation control method for layout documents was proposed

which could achieve differentiated fine-grained privacy operation control according to the requirements of the sharer during the sharing process of privacy information.For the received multimodal layout document

the existing privacy operation control strategy was extracted

which combined the current sharer’s use attribute and the receiver’s privacy protection ability and other factors.The privacy operation control strategy was generated iteratively

and an abstract control strategy generation algorithm framework was given.Based on the iterative privacy operation control strategy and combined with specific operation scenarios

the differentiated data-masking control

exchange boundary control and local use control were carried out for different modes of information components

and the abstract privacy operation control algorithm framework was given.A prototype system for privacy operation control of OFD (open fixed-layout document) was developed to verify the above algorithms.The generation and delivery of iterative privacy operation control strategy based on friendship

as well as the differential data-masking control

exchange boundary control and local use control of OFD were implemented in the instant messaging system.

关键词

Keywords

references

FRAGKOS G , JOHNSON J , TSIROPOULOU E E . Dynamic role-based access control policy for smart grid applications:an offline deep reinforcement learning approach [J ] . IEEE Transactions on Human-Machine Systems , 2022 , 52 ( 4 ): 761 - 773 .

ZHANG Q K , ZHU L , ZHAO K Y , et al . Dynamic permission access control model based on privacy protection [J ] . Telecommunication Systems , 2022 , 81 ( 2 ): 191 - 205 .

LIN H , KAUR K , WANG X D , et al . Privacy-aware access control in IoT-enabled healthcare:a federated deep learning approach [J ] . IEEE Internet of Things Journal , 2023 , 10 ( 4 ): 2893 - 2902 .

SANTOS D R D , MARINHO R , SCHMITT G R , et al . A framework and risk assessment approaches for risk-based access control in the cloud [J ] . Journal of Network and Computer Applications , 2016 , 74 : 86 - 97 .

SANTOS D R D , WESTPHALL C M , WESTPHALL C B . A dynamic risk-based access control architecture for cloud computing [C ] // Proceedings of 2014 IEEE Network Operations and Management Symposium (NOMS) . Piscataway:IEEE Press , 2014 : 1 - 9 .

NING J T , CAO Z F , DONG X L , et al . Auditable σ time outsourced attribute-based encryption for access control in cloud computing [J ] . IEEE Transactions on Information Forensics and Security , 2018 , 13 ( 1 ): 94 - 105 .

YAN Z , LI X Y , WANG M J , et al . Flexible data access control based on trust and reputation in cloud computing [J ] . IEEE Transactions on Cloud Computing , 2017 , 5 ( 3 ): 485 - 498 .

KARJOTH G , SCHUNTER M , WAIDNER M . Platform for enterprise privacy practices:privacy-enabled management of customer data [C ] // Privacy Enhancing Technologies Symposium . Berlin:Springer , 2003 : 69 - 84 .

PEARSON S , MONT M C , KOUNGA G . Enhancing accountability in the cloud via sticky policies [C ] // FTRA International Conference on Secure and Trust Computing,Data Management,and Application . Berlin:Springer , 2011 : 146 - 155 .

SPYRA G , BUCHANAN W J , EKONOMOU E . Sticky policies approach within cloud computing [J ] . Computers ＆ Security , 2017 , 70 : 366 - 375 .

NIU B , LI Q H , WANG H Y , et al . A framework for personalized location privacy [J ] . IEEE Transactions on Mobile Computing , 2022 , 21 ( 9 ): 3071 - 3083 .

CHEN K K , LIU L . Privacy preserving data classification with rotation perturbation [C ] // Proceedings of Fifth IEEE International Conference on Data Mining (ICDM’05) . Piscataway:IEEE Press , 2005 : 589 - 592 .

WANG L , NEAR J P , SOMANI N , et al . Data capsule:a new paradigm for automatic compliance with data privacy regulations [C ] // Heterogeneous Data Management,Polyestrous,and Analytics for Healthcare . Berlin:Springer , 2019 : 3 - 23 .

WANG L , KHAN U , NEAR J , et al . PrivGuard:privacy regulation compliance made easier [C ] // 2022 USENIX Security Symposium (USENIX Security) . Berkeley:USENIX Association , 2022 : 3753 - 3770 .

李凤华 , 李晖 , 牛犇 . 隐私计算理论与技术 [M ] . 北京 : 人民邮电出版社 , 2021 .

LI F H , LI H , NIU B . Privacy computing theory and technology [M ] . Beijing : Posts ＆ Telecom Press , 2021 .

李凤华 , 孙哲 , 吕梦凡 , 等 . 社交照片隐私保护机制研究进展 [J ] . 信息安全学报 , 2018 , 3 ( 2 ): 41 - 61 .

LI F H , SUN Z , LYU M F , et al . Research progress of photo privacy-preserving mechanisms in online social network [J ] . Journal of Cyber Security , 2018 , 3 ( 2 ): 41 - 61 .

李凤华 , 孙哲 , 牛犇 , 等 . 跨社交网络的隐私图片分享框架 [J ] . 通信学报 , 2019 , 40 ( 7 ): 1 - 13 .

LI F H , SUN Z , NIU B , et al . Privacy-preserving photo sharing framework cross different social network [J ] . Journal on Communications , 2019 , 40 ( 7 ): 1 - 13 .

LI F H , SUN Z , NIU B , et al . An extended control framework for privacy-preserving photo sharing across different social networks [C ] // Proceedings of 2019 International Conference on Computing,Networking and Communications (ICNC) . Piscataway:IEEE Press , 2019 : 390 - 394 .

LI F H , SUN Z , LI A , et al . HideMe:privacy-preserving photo sharing on social networks [C ] // Proceedings of IEEE Conference on Computer Communications . Piscataway:IEEE Press , 2019 : 154 - 162 .

李凤华 , 王彦超 , 殷丽华 , 等 . 面向网络空间的访问控制模型 [J ] . 通信学报 , 2016 , 37 ( 5 ): 9 - 20 .

LI F H , WANG Y C , YIN L H , et al . Novel cyberspace-oriented access control model [J ] . Journal on Communications , 2016 , 37 ( 5 ): 9 - 20 .

LI F H , LI H , NIU B , et al . Privacy computing:concept,computing framework,and future development trends [J ] . Engineering , 2019 , 5 ( 6 ): 1179 - 1192 .

电子文件存储与交换格式:LD/T 50.5-2016 [S ] . GB/T 33190-2016 , 2016 .

Electronic files storage and exchanges formats—fixed layout documents [S ] . GB/T 33190-2016 , 2016 .

SWEENEY L . K-anonymity:a model for protecting privacy [J ] . International Journal of Uncertainty,Fuzziness and Knowledge-Based Systems , 2002 , 10 ( 5 ): 557 - 570 .

MACHANAVAJJHALA A , GEHRKE J , KIFER D , et al . L-diversity:privacy beyond k-anonymity [C ] // Proceedings of 22nd International Conference on Data Engineering (ICDE’06) . Piscataway:IEEE Press , 2006 :24.

DWORK C . Differential privacy:a survey of results [C ] // International Conference on Theory and Applications of Models of Computation . Berlin:Springer , 2008 : 1 - 19 .

MCSHERRY F , TALWAR K . Mechanism design via differential privacy [C ] // Proceedings of 48th Annual IEEE Symposium on Foundations of Computer Science (FOCS’07) . Piscataway:IEEE Press , 2007 : 94 - 103 .

WU G Q , XIA X Y , HE Y P . Extending differential privacy for treating dependent records via information theory [J ] . arXiv Preprint,arXiv:1703.07474 , 2017 .

彭长根 , 丁红发 , 朱义杰 , 等 . 隐私保护的信息熵模型及其度量方法 [J ] . 软件学报 , 2016 , 27 ( 8 ): 1891 - 1903 .

PENG C G , DING H F , ZHU Y J , et al . Information entropy models and privacy metrics methods for privacy protection [J ] . Journal of Software , 2016 , 27 ( 8 ): 1891 - 1903 .

浏览量

239

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

暂无数据