面向社交网络的隐私保护方案

吕志泉; 洪澄; 张敏; 冯登国; 陈开渠

doi:10.3969/j.issn.1000-436x.2014.08.004

您当前的位置：

首页 >

文章列表页 >

面向社交网络的隐私保护方案

学术论文 | 更新时间：2024-10-11

- 面向社交网络的隐私保护方案
- Privacy-perserving scheme for social networks
- 通信学报 2014年35卷第8期页码：15-22
- 作者机构：
  
  1. 中国科学院软件研究所可信计算与信息保障实验室，北京 100190
  2. 中国科学院大学，北京 100049
  3. 国家超级计算深圳中心，广东深圳 518055
- 作者简介：
  
  [ "吕志泉（1986-），男，湖北赤壁人，中国科学院博士生，主要研究方向为数据库与云计算安全。" ]
  [ "洪澄（1985-），男，江西余干人，博士，中国科学院助理研究员，主要研究方向为数据库安全理论与技术。" ]
  [ "张敏（1975-），女，安徽萧县人，博士，中国科学院副研究员、硕士生导师，主要研究方向为数据安全与隐私保护。" ]
  [ "冯登国（1965-），男，陕西靖边人，博士，中国科学院研究员、博士生导师，主要研究方向为密码学与信息安全。" ]
  [ "陈开渠（1976-），男，福建泉州人，硕士，国家超级计算深圳中心高级工程师，主要研究方向为网络安全、云计算安全。" ]
- 基金信息：
  
  国家自然科学基金资助项目;The National Natural Science Foundation of China(61232005);国家自然科学基金资助项目;The National Natural Science Foundation of China(61100237);国家自然科学基金资助项目;The National Natural Science Foundation of China(91118006);深圳市战略新兴产业发展专项资金基金资助项目;Shenzhen Special Funds for Development of New Industries(CXZZ20120831113048965)
- DOI：10.3969/j.issn.1000-436x.2014.08.004
  中图分类号： TP309
- 网络出版日期：2014-08，
  
  纸质出版日期：2014-08-25
- 稿件说明：
移动端阅览
吕志泉, 洪澄, 张敏, 等. 面向社交网络的隐私保护方案[J]. 通信学报, 2014,35(8):15-22.

Zhi-quan LV, Cheng HONG, Min1 ZHANG, et al. Privacy-perserving scheme for social networks[J]. Journal on communications, 2014, 35(8): 15-22.
吕志泉, 洪澄, 张敏, 等. 面向社交网络的隐私保护方案[J]. 通信学报, 2014,35(8):15-22. DOI： 10.3969/j.issn.1000-436x.2014.08.004.

Zhi-quan LV, Cheng HONG, Min1 ZHANG, et al. Privacy-perserving scheme for social networks[J]. Journal on communications, 2014, 35(8): 15-22. DOI： 10.3969/j.issn.1000-436x.2014.08.004.

摘要

针对社交网络的隐私安全问题，提出了一种新的社交网络隐私保护方案。首先设计了带陷门的属性加密算法，由属性权威机构与数据属主协同完成用户私钥的生成与分发，有效降低了数据属主的密钥管理代价。然后，通过令牌树机制控制用户对属性陷门的获取，实现了高效的属性撤销。安全性分析表明，该方案能够避免社交网络服务提供商与系统内部非授权用户的合谋攻击，且不泄漏用户的任何属性信息。实验结果证实，该方案在计算代价、存储代价等方面比现有方案更有优越性。

Abstract

The security and privacy issues in SNS were studied and a privacy-preserving scheme PPSNS was proposed. PPSNS utilizes attribute-based encryption

allowing the SNS user to set up an enforcement of fine-grained access control upon the data he owns

thus the potential threats from unauthorized parties or even the SNS provider itself could be avoided. A token system in PPSNS is included to address the challenging issue of efficient attribute revocation. In addi-tion

the users in PPSNS don't have to manage as much information as they do in other encryption-based solutions

achieving a much lower cost in the client side. Analyses show that PPSNS is secure

and gives a better performance in computing and storage costs compared to most related works.

关键词

Keywords

references

KWAK H , LEE C , PARK H , et al . What is Twitter, a social network or a news media [A ] . Proceedings of the 19th International Conference on World Wide Web [C ] . Raleigh, NC, USA , 2010 . 591 - 600 .

FOGEL J , NEHMAD E . Internet social network communities: risk taking, trust, and privacy concerns [J ] . Computers in Human Behavior , 2009 , 25 ( 1 ): 153 - 160 .

LUCAS M , BORISOV N . Flybynight: mitigating the privacy risks of social networking [A ] . Proceedings of the 7th ACM Workshop on Pri-vacy in the Electronic Society [C ] . Alexandria, VA, USA , 2008 . 1 - 8 .

GUHA S , TANG K , FRANCIS P . NOYB: privacy in online social networks [A ] . Proceedings of the First Workshop on Online Social Networks [C ] . Seattle, WA, USA , 2008 . 49 - 54 .

LUO W , XIE Q , HENGARTNER U . Facecloak: an architecture for user privacy on social networking sites [A ] . Proceedings of the 12th International Conference on Computational Science and Engineering (CSE 2009) [C ] . Vancouver, BS, Canada , 2009 . 26 - 33 .

SUN J , ZHU X , FANG Y . A privacy-preserving scheme for online social networks with efficient revocation [A ] . Proceedings of the 29th International Conference on Computer Communications (INFOCOM 2010) [C ] . SanDiego, CA, USA , 2010 . 1 - 9 .

BADEN R , BENDER A , SPRING N , et al . Persona: an online social network with user-defined privacy [A ] . Proceedings of the ACM SIGCOMM 2009 Conference on Data Communication (SIGCOMM 2009) [C ] . Barcelona, Spain , 2009 . 135 - 146 .

JAHID S , MITTAL P , BORISOV N . EASiER: encryption-based ac-cess control in social networks with efficient revocation [A ] . Proceed-ings of the 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2011) [C ] . HongKong, China , 2011 . 411 - 415 .

LIANG X , LI X , LU R , et al . An efficient and secure user revocation scheme in mobile social networks [A ] . Proceedings of International Conference on Global Telecommunications Conference (GLOBECOM 2011) [C ] . Houston, TX, USA , 2011 . 1 - 5 .

BETHENCOURT J , SAHAI A , WATERS B . Ciphertext-policy attrib-ute-based encryption [A ] . Proceedings of the 28th International Sym-posium on Security and Privacy (S＆P 2007) [C ] . Berkeley, CA, USA , 2007 . 321 - 334 .

HUR J , NOH D . Attribute-based access control with efficient revoca-tion in data outsourcing systems [J ] . IEEE Transactions on Parallel and Distributed Systems , 2011 , 22 ( 7 ): 1214 - 1221 .

LV Z , HONG C , ZHANG M , et al . A secure and efficient revocation scheme for fine-grained access control in cloud storage [A ] . Proceedings of the 4th International Conference on Cloud Computing Technology and Science (CloudCom 2012) [C ] . Taiwan, China , 2012 . 545 - 550 .

吕志泉，张敏，冯登国 . 云存储密文访问控制方案 [J ] . 计算机科学与探索 2011 , 5 ( 9 ): 835 - 844 .

LV Z Q , ZHANG M , FENG D G . Cryptographic access control scheme for cloud storage [J ] . Journal of Frontiers Computer Science and Tech-nology , 2011 , 5 ( 9 ): 835 - 844 .

孙国梓，董宇，李云 . 基于CP-ABE 算法的云存储数据访问控制 [J ] . 通信学报 2011 , 32 ( 7 ): 146 - 152 .

SUN G Z , DONG Y , LI Y . CP-ABE based data access control for cloud storage [J ] . Journal on Communications , 2011 , 32 ( 7 ): 146 - 152 .

YU S , WANG C , REN K , et al . Attribute based data sharing withattribute revocation [A ] . Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2010) [C ] . Beijing, China , 2010 . 261 - 270 .

王鹏翩，冯登国，张立武 . 一种支持完全细粒度属性撤销的CP-ABE方案 [J ] . 软件学报 2012 , 23 ( 10 ): 2805 - 2816 .

WANG P P , FENG D G , ZHANG L W . CP-ABE scheme supporting fully fine-grained attribute revocation [J ] . Journal of Software , 2012 , 23 ( 10 ): 2805 - 2816 .

BONEH D , FRANKLIN M . Identity-based encryption from the Weil pairing [A ] . Proceedings of the 21th Annual International Cryptology (CRYPTO 2001) [C ] . Santa Rarbara, California, USA , 2001 . 213 - 29 .

BEIMEL A . Secure Schemes for Secret Sharing and Key Distribution [D ] . Proceedings of the 21th Annual International Cryptology (CRYPTO 2001) [C ] . PhD thesis, Israel Institute of Technology, Technion, Haifa, Israel , 1996 .

WATERS B . Ciphertext-policy attribute-based encryption: an expres-sive, efficient, and provably secure realization [A ] . Proceedings of the 14th IACR International Conference on Practice and Theory of Public Key Cryptography (PKC 2011) [C ] . Taormina, Italy , 2011 . 53 - 70 .

KALLAHALLA M , RIEDEL E , SWAMINATHAN R , et al . Plutus:scalable secure file sharing on untrusted storage [A ] . Proceedings of the 2nd USENIX Conference on File and Storage Technologies [C ] . San Francisco, CR, USA , 2003 . 29 - 42 .

FU K . Group Sharing and Random Access in Cryptographic Storage File Systems [D ] . Massachusetts Institute of Technology , 1999 .

The functional encryption library [EB/OL ] . http://code.google.com/p/libfenc/ http://code.google.com/p/libfenc/ .

LI J , ZHAO G , CHEN X , et al . Fine-grained data access control sys-tems with user accountability in cloud computing [A ] . Proceedings of the 2th International Conference on Cloud Computing Technology and Science (CloudCom 2010) [C ] . Indianapolis, IN, USA , 2010 . 89 - 96 .

LI J , REN K , ZHU B , et al . Privacy-Aware Attribute-Based Encryp-tion with User Accountability [M ] . Information Security , Ber-lin Heidelberg , 2009 . 347 - 362 .

CHASE M , CHOW S . Improving privacy and security in multi- au-thority attribute-based encryption [A ] . Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS 2009) [C ] . Chicago, IL, USA , 2009 . 121 - 130 .

浏览量

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

基于位置服务中时空关联的隐私保护方案

移动社交网络中跨域代理重加密朋友发现隐私保护方案研究

基于同态密文转换的隐私保护卷积神经网络推理方案

基于多级代理许可区块链的联邦边缘学习模型

区块链架构下具有条件隐私的车辆编队跨信任域高效群组认证研究