Privacy Protection Scheme Research Articles

Geohash coding location privacy protection scheme based on entropy weight TOPSIS

Geohash coding location privacy protection scheme based on entropy weight TOPSIS

Research on Blockchain Interactive Zero Knowledge Proof Privacy Protection Scheme Based on Improved Paillier Homomorphic Encryption

In the context of the digital age, data privacy and security issues are increasingly prominent. Blockchain technology plays an important role in data sharing due to its transparency and immutability, but it also brings the risk of privacy leakage. Zero knowledge proof technology provides a solution for verifying data correctness without exposing data content, which is particularly important for blockchain as it can ensure the validity and compliance of transactions while protecting user privacy. Although zero knowledge proof is quite mature in theory, its application in blockchain systems still faces challenges such as computational efficiency, complexity of smart contracts, and system compatibility. This study aims to propose a privacy protection scheme that supports interactive zero knowledge proof by improving the homomorphic encryption Paillier algorithm, in order to enhance the privacy protection capability of blockchain systems and maintain system efficiency and security. The study will adopt an interdisciplinary approach, combining cryptography, computer science, and network security theory, to deeply analyze the application effect of zero knowledge proof technology in blockchain, explore its optimization space and applicability.

WF-LDPSR: A local differential privacy mechanism based on water-filling for secure release of trajectory statistics data

Open Data Processing Services are used to solve the bottleneck of big data storage and operation. At the same time, massive trajectory data is generated, and the basic information of users’ spatio-temporal historical data is provided, including points of interest and movement patterns. Improving the availability of published trajectory statistics data without compromising user privacy is critical. Differential privacy technology is a standard technology to realize the secure release of trajectory statistics data. Several research efforts have focused on secure publication of trajectory statistics data in a central environment by adding noise to a trusted third-party server. However, this central approach is vulnerable to privacy breaches, where adversaries can access real data by locking down the third-party server. The local differential privacy, based on a distributed architecture, overcomes this form of attack by allowing users to scramble personal data records before they are sent to third-party server. However, the existing distributed privacy protection schemes still have the balance problem of poor availability of data when ensuring privacy, as well as the problem of excessive operation cost. Therefore, a local differential privacy mechanism based on water-filling for secure release of trajectory statistics data (WF-LDPSR) is proposed in this paper. Firstly, in order to protect user privacy individually, a user automatic personalized segmentation method is proposed to determine the effective user sensitivity level automatically. Secondly, a distributed privacy protection model based on local differential privacy is designed to resist the attacks on the third-party server. Finally, in order to achieve the optimal allocation of privacy budget, the water-filling theorem in the field of communication is introduced. An adaptive privacy budget allocation algorithm based on water-filling theorem is proposed to realize the adaptive privacy budget allocation. In addition, to further improve data availability, a group processing idea based on user set sampling is proposed, which divides users into multiple disjoint subsets randomly, thus reducing the differential privacy noise effectively. Experiments prove that compared with other advanced mechanisms, the WF-LDPSR mechanism can improve the availability of published data by 84.92% while protecting user privacy.

Supervised and Revocable Decentralized Identity Privacy Protection Scheme

Decentralized identity represents an innovative approach based on blockchain to achieve effective identity management. This method utilizes decentralized identifiers and verifiable credential to enable trusted authentication, free circulation of identity information, and self-sovereign control over identity data functionalities. The current decentralized identity systems rely on entirely anonymous identifiers, lacking robust identity regulation. Furthermore, they face challenges such as identity attribute leakage during verifiable credential presentation and the issuers' struggle to reliably revoke credentials. To address these issues, efficient and practical schemes have been designed based on BBS signature, zero-knowledge proof, dynamic accumulator and blockchain technology: one for decentralized identifiers management and the other for verifiable credential privacy protection, both of which are supervised and revocable. The former ensures the privacy of subject identity while achieving regulatability and revocability of identity data by regulator. The latter facilitates selective disclosure of anonymous credentials and reliable revocation. A security analysis shows that the proposed scheme meets anonymity, non-forgeability, regulatory reliability, and revocability reliability, and offers comprehensive and effective privacy protection measures. The experimental results demonstrate that the algorithms designed operate at a millisecond level, which satisfies the demands of blockchain identity management scenarios.

A privacy protection scheme to resist ring selection attack in peer-to-peer double auction V2V electricity transaction for charging stations

With the development of Electric Vehicles (EVs), the number of public charging piles cannot meet the immediate charging needs of EV users sometimes. The charging stations provide flexible electricity transaction schemes for users by managing charging piles and Vehicle-to-Vehicle (V2V). Users can freely choose transaction partners and submit transaction plans to multiple charging stations. The mobility of EVs results in users randomly selecting rings multiple times, which may cause them to appear in different rings. Attackers can link multiple transaction plans and infer user privacy information. The leakage of transaction information may threaten the fairness of transactions. Aiming at the above situations, a privacy protection scheme to resist ring selection attack in Peer-to-Peer double auction V2V electricity transaction for charging stations is proposed. Firstly, the ring signcryption algorithm is improved to resist ring selection attack. Secondly, a real identity verification algorithm is designed to track malicious users. Theoretical analysis proves that the security of the proposed privacy protection scheme. The elliptic curve point multiplication is used in the scheme to improve computational efficiency. Experiments show that this scheme has low computational and communication costs. Verification cost increases slowly with the increase of the number of ring members.

Decoupling Online Ride-Hailing Services: A Privacy Protection Scheme Based on Decentralized Identity

Online ride-hailing services have become a vital component of urban transportation worldwide due to their convenience and flexibility. However, the expansion of their user base has dramatically heightened the risks of user privacy information leakage. Among these risks, the privacy leakage problem caused by the direct correlation between user (driver and passenger) identity information and location-based ride information is of particular concern. This paper proposes a novel privacy protection scheme for ride-hailing services. In this scheme, decentralized identities are employed for user authentication, separating the identity registration service from the ride-hailing platform, thereby preventing the platform from obtaining user privacy data. The scheme also employs a fuzzy matching strategy based on location Points of Interest (POI) and a ciphertext-policy attribute-based hybrid encryption algorithm to hide the user’s precise location and restrict access to location information. Crucially, the scheme achieves the complete decoupling of identity registration services and location-based ride services on the ride-hailing platform, ensuring that users’ real identities and ride data cannot be directly associated, effectively protecting user privacy. Within the decoupled architecture, regulatory authorities are established to handle emergencies within ride-hailing services. Through simulation experiments and security analysis, this scheme is demonstrated to be both feasible and practical, providing a new privacy protection solution for the ride-hailing industry.

Secure and Efficient k-anonymous Trajectory Privacy Protection Method based on Differential Privacy

The Location-based service scheme have already involved in every aspect of People's daily life and are increasingly used in various industries. Aiming at the problem of the security and efficiency of mobile terminal users’ trajectory privacy protection in location-based service, we propose a k-anonymous trajectory privacy protection scheme based on differential privacy. This scheme adopts differential privacy technology to add Laplace noise to the user's trajectory many times to generate 2k noise trajectory, and then according to the trajectory similarity to determine k-1 noise users whose trajectory are similar to the user trajectory, and sets them and the real user as an anonymous user group, and then uses the anonymous user group to request LBS services. Security analysis shows that the scheme satisfies the security features of anonymity, unforgeability, and anti-counterfeiting attack. The simulation results show that the scheme not only guarantees the similarity between the false trajectory and the real trajectory but also has higher execution efficiency.

PQSF: post-quantum secure privacy-preserving federated learning

In federated learning, secret sharing is a key technology to maintain the privacy of participants’ local models. Moreover, with the rapid development of quantum computers, existing federated learning privacy protection schemes based on secret sharing will no longer be able to guarantee the data security of participants in the post-quantum era. In addition, existing privacy protection methods have the problem of high communication and computational overhead. Although the multi-stage secret sharing scheme proposed by Pilaram et al. is one of the effective solutions to the above problems, existing studies have proven the privacy leakage risk of this scheme. This paper firstly designs a new lattice-based multi-stage secret sharing scheme Improved-Pilaram to solve the security problem, which allows participants to use public vectors to reconstruct different secret values without changing the secret sharing. Based on Improved-Pilaram, this article proposes a post-quantum secure federated learning scheme PQSF. PQSF uses double masking technology to encrypt model parameters and achieves mask reconstruction through secret sharing. Since Improved-Pilaram is multi-stage, participants do not need to update their local secret shares frequently during training. Analysis and experimental results show that the PQSF proposed in this paper reduces the communication complexity between participants and reduces the computational overhead by about 20% compared with existing solutions.

Assessing the Recreational Fishers and their Catches based on Social Media Platforms: Privacy and Ethical Data Analysis Considerations

Social Media (SM) can offer insights to track recreational Fishing (Rf); Many Limitations Hinder Its Practical Application. The proportion and characteristics of RFs that share their catches remain unidentified. The objective was to enhance the surveillance abilities of RF by utilizing SM information. This study focuses on the sharing economy information transmission, network optimization of SM platforms, and privacy protection issues during data transmission. The study starts with the data transmission characteristics in SM platforms, analyzes the data ethics in SM information transmission from the perspectives of natural and economic data attributes, and then focuses on the privacy protection principles in network information transmission. Then, a privacy protection scheme based on a locally sensitive hash algorithm is constructed, and finally, an information transmission scheme and method optimization based on a network optimization module are proposed. The research gathered data using physical (face-to-face) surveys and digital (email) surveys to define marine RF that post catches on online platforms (“sharers”), together with additional demographic and fishing data. A comparative analysis was conducted on the computational convergence and accuracy of different privacy protection methods, and the optimal rule framework for data privacy protection was discussed. The observation results show that the efficiency of information transmission using the Minhash-SSNR method is slightly inferior to that using the OSNR-SSNR method. Minhash technology is based on a similarity comparison of dimensionality-reduced data. This leads to data causing the initially highly similar two sets of lists to be misjudged as not having enough similarity, thereby reducing some potential information dissemination opportunities and affecting the efficacy of information transmission. It can be seen that the Minhash-SSNR strategy can effectively send information to nodes with high similarity, preventing excessive information duplication within the system. Although the Minhash-SSNR strategy has a certain degree of decline in information transmission efficiency, it accounts for only about 5% compared to the OSNR-SSNR strategy, ensuring the essential operational stability of SM opportunity networks without significant impact. With few learning and training times, the network information transmission optimization module proposed in this study quickly achieved a lower exponential error. As the number of training sessions gradually increases, the exponential error of the network information transmission optimization module in this study is small, and the prediction accuracy of the method is high. RFs who captured a prize, iconic, or symbolic species tended to discuss their catches more. This research signifies significant progress in incorporating SM information to oversee RFs.

Design of energy management strategies for shared energy storage microgrid based on smart contracts under privacy protection

Park microgrids, valued for their efficiency and flexibility, require privacy-conscious energy management to ensure a trusted scheduling and trading environment. This paper, focusing on park microgrids with shared energy storage, designs an energy management strategy that comprehensively considers shared energy storage, scheduling transparency, and privacy security. First, a blockchain-based energy management platform is established, forming an energy dispatch consensus committee to execute decentralized scheduling management and decision-making. Next, an optimized energy scheduling smart contract for park microgrids is designed, considering Time-of-Use (ToU) pricing and storage arbitrage to formulate the day-ahead electricity purchase and sales plans as well as the shared energy storage operation plans. Then, a privacy protection strategy based on the Shamir secret sharing scheme is proposed, effectively preventing data leakage during blockchain interactions. Finally, through case analysis, the superiority of the proposed method in microgrid optimized scheduling, data tamper-resistance, and privacy protection is demonstrated.

Privacy Protection in Mobile Big Data: Challenges and Solutions

The pervasive use of mobile big data has profoundly altered daily life, providing unprecedented convenience and efficiency. However, with the proliferation of mobile devices and the explosive growth of data volume, the issue of user privacy protection has become increasingly severe. Location information and semantic information, as the two core components of mobile big data, can directly reflect users’ behavioral trajectories and thought dynamics, underscoring the importance of privacy protection. Although existing technologies can protect user data to a certain extent, traditional methods struggle to address increasingly sophisticated attack techniques in the face of evolving privacy threats. A comprehensive privacy protection scheme for mobile big data was proposed in this study, with a focus on two main areas: the privacy protection of location-based and semantic-based mobile big data. For location information protection, an uncertain graph model was employed to effectively resist combined attacks by jointly protecting the user layer and the location layer. For semantic information protection, a hypergraph clustering method was used to structurally protect the user layer and the semantic layer, enhancing the privacy security of semantic information. This study not only addresses existing gaps but also provides new solutions for mobile big data privacy protection, offering significant theoretical and practical value.

Anonymous group structure algorithm based on community structure.

A social network is a platform that users can share data through the internet. With the ever-increasing intertwining of social networks and daily existence, the accumulation of personal privacy information is steadily mounting. However, the exposure of such data could lead to disastrous consequences. To mitigate this problem, an anonymous group structure algorithm based on community structure is proposed in this article. At first, a privacy protection scheme model is designed, which can be adjusted dynamically according to the network size and user demand. Secondly, based on the community characteristics, the concept of fuzzy subordinate degree is introduced, then three kinds of community structure mining algorithms are designed: the fuzzy subordinate degree-based algorithm, the improved Kernighan-Lin algorithm, and the enhanced label propagation algorithm. At last, according to the level of privacy, different anonymous graph construction algorithms based on community structure are designed. Furthermore, the simulation experiments show that the three methods of community division can divide the network community effectively. They can be utilized at different privacy levels. In addition, the scheme can satisfy the privacy requirement with minor changes.

Effective Privacy Protection Strategies for Pregnancy and Gestation Information From Electronic Medical Records: Retrospective Study in a National Health Care Data Network in China.

Pregnancy and gestation information is routinely recorded in electronic medical record (EMR) systems across China in various data sets. The combination of data on the number of pregnancies and gestations can imply occurrences of abortions and other pregnancy-related issues, which is important for clinical decision-making and personal privacy protection. However, the distribution of this information inside EMR is variable due to inconsistent IT structures across different EMR systems. A large-scale quantitative evaluation of the potential exposure of this sensitive information has not been previously performed, ensuring the protection of personal information is a priority, as emphasized in Chinese laws and regulations. This study aims to perform the first nationwide quantitative analysis of the identification sites and exposure frequency of sensitive pregnancy and gestation information. The goal is to propose strategies for effective information extraction and privacy protection related to women's health. This study was conducted in a national health care data network. Rule-based protocols for extracting pregnancy and gestation information were developed by a committee of experts. A total of 6 different sub-data sets of EMRs were used as schemas for data analysis and strategy proposal. The identification sites and frequencies of identification in different sub-data sets were calculated. Manual quality inspections of the extraction process were performed by 2 independent groups of reviewers on 1000 randomly selected records. Based on these statistics, strategies for effective information extraction and privacy protection were proposed. The data network covered hospitalized patients from 19 hospitals in 10 provinces of China, encompassing 15,245,055 patients over an 11-year period (January 1, 2010-December 12, 2020). Among women aged 14-50 years, 70% were randomly selected from each hospital, resulting in a total of 1,110,053 patients. Of these, 688,268 female patients with sensitive reproductive information were identified. The frequencies of identification were variable, with the marriage history in admission medical records being the most frequent at 63.24%. Notably, more than 50% of female patients were identified with pregnancy and gestation history in nursing records, which is not generally considered a sub-data set rich in reproductive information. During the manual curation and review process, 1000 cases were randomly selected, and the precision and recall rates of the information extraction method both exceeded 99.5%. The privacy-protection strategies were designed with clear technical directions. Significant amounts of critical information related to women's health are recorded in Chinese routine EMR systems and are distributed in various parts of the records with different frequencies. This requires a comprehensive protocol for extracting and protecting the information, which has been demonstrated to be technically feasible. Implementing a data-based strategy will enhance the protection of women's privacy and improve the accessibility of health care services.

Face privacy protection scheme by security-enhanced encryption structure and nonlinear dynamics

This article proposes a secure communication enhancement scheme based on face detection and chaotic partition permutation. The scheme uses edge detection technology to detect facial information, which is then used as an encryption object. The hash value of the plaintext image is extracted as the secret key to the chaotic sequence generated by the chaotic system. Then a series of encryption operations are performed on the face image to obtain the final ciphertext image. In this article, two chaotic systems are used to generate pseudo-random chaotic sequences for different encryption steps. The initial key is computed by combining the hash function of the image and external parameters. The experimental results and security analysis show that the algorithm has excellent encryption effectiveness and security performance against various typical attacks.

A Smart Approach to Electric Vehicle Optimization via IoT-Enabled Recommender Systems

Electric vehicles (EVs) are becoming of significant interest owing to their environmental benefits; however, energy efficiency concerns remain unsolved and require more investigation. A major issue is a lack of EV charging infrastructure, which can lead to operational difficulties. Effective infrastructure development, including well-placed charging stations (CS), is critical to enhancing connectivity. To overcome this, consumers want real-time data on charging station availability, neighboring station locations, and access times. This work leverages the Distance Vector Multicast Routing Protocol (DVMRP) to enhance the information collection process for charging stations through the Internet of Things (IoT). The evolving IoT paradigm enables the use of sensors and data transfer to give real-time information. Strategic sensor placement helps forecast server access to neighboring stations, optimize vehicle scheduling, and estimate wait times. A recommender system is designed to identify stations with more rapidly charging rates, along with uniform pricing. In addition, the routing protocol has a privacy protection strategy to prevent unauthorized access and safeguard EV data during exchanges between charging stations and user locations. The system is simulated with MATLAB 2020a, and the data are controlled and secured in the cloud. The predicted algorithm’s performance is evaluated using several kinds of standards, including power costs, vehicle counts, charging costs, energy consumption, and optimization values.

Multi-AUV Collaboration-Assisted Location Privacy Protection Scheme in Unknown Marine Environments

Multi-AUV Collaboration-Assisted Location Privacy Protection Scheme in Unknown Marine Environments

APPS: Authentication-enabled privacy protection scheme for secure data transfer in Internet of Things

The Internet of Things (IoT) is an emerging field that encompasses several heterogeneous devices and smart objects that are integrated with the network. In open platforms, these objects are deployed to present advanced services in numerous applications. Innumerable security-sensitive data is generated by the IoT device and therefore, the security of these devices is an important task. This work formulates a secure data transfer technique in IoT, named Authentication enabled Privacy Protection (APPS) scheme for resource-constrained IoT devices. The proposed scheme demonstrates resilience against various attacks; such as resisting reply attacks, device anonymity, untracebility, session key establishment, quantum attacks and resisting MITM attacks. For the privacy protection scheme, the secured data transfer is initiated between the entities, like IoT devices, servers, and registration centers, by using various phases, namely registration phase, key generation phase, data encryption, authentication, verification, and data retrieval phase. Here, a mathematical model is designed for protecting data privacy using hashing, encryption, secret keys, etc. Finally, performance of proposed APPS model is analyzed; wherein the outcomes reveal that the proposed APPS model attained the maximum detection rate of 0.85, minimal memory usage of 0.497MB, and minimal computational time of 112. 79 sec and minimal turnaround time 131.91 sec.

Image privacy protection scheme based on high-quality reconstruction DCT compression and nonlinear dynamics

The protection of digital image privacy in Big Data environment is a hot issue of increasing concern. To address the contradiction between efficiency and security for privacy protection, this paper proposes a high-quality restored image privacy protection scheme based on Discrete Cosine Transform (DCT) frequency domain compression and nonlinear dynamics. First, the RGB space of the color image is converted to YCbCr domain with 4:2:0 sampling. Then, the image is divided into sub-blocks in the spatial domain, followed by block-wise DCT and quantization into frequency domain information. Next, both Alternating Current (AC) and Direct Current (DC) coefficients of all sub-blocks are individually extracted and subjected to compression encoding. Finally, a Rubik’s Cube permutation and filtering diffusion encryption algorithm based on a nonlinear dynamical chaotic system is designed. Moreover, a mechanism for generating dynamic chaotic sequences associated with plaintext is introduced to effectively counter cryptographic attacks. The combined approach of compression and encryption significantly reduces computational complexity while improving encryption efficiency. Through experimental simulation results, the compression encryption scheme demonstrates high compression ratios as well as excellent image recovery quality while providing enhanced security against common cryptographic attacks. The work in this paper provides a preferred joint compression and encryption technical solution for digital image privacy protection in Big Data network.

A Self-Sovereign Identity Privacy-Preserving Scheme for Logistics Transportation Based on One-Time-Use Tokens

The advancement of the logistics industry has fostered the enhancement of operational efficacy within the socioeconomic domain. However, the current inevitable privacy leaks in the process of logistics transportation have seriously affected the development of the industry, which led to a crisis of consumer trust and even caused economic recession. This paper proposes a self-sovereign identity privacy protection scheme tailored specifically for logistics transportation contexts. First, the scheme entails furnishing users with one-time-use tokens while establishing decentralized identities capable of concealing identity information and ensuring the secure transmission of data. Furthermore, the scheme integrates fuzzy identity-based encryption to encrypt identity information, thereby guaranteeing the confidentiality and integrity of logistics user identities along with their associated data. Compared with other schemes, this scheme exhibits superior security in the realm of logistics transportation. Its targeted encryption technology and self-sovereignty strategies address the critical issue of privacy leakage, thereby safeguarding consumer privacy rights and interests while facilitating the sustainable development of the logistics industry.

Blockchain-enabled privacy protection and access control scheme towards sensitive digital assets management

Blockchain-enabled privacy protection and access control scheme towards sensitive digital assets management