User Privacy Disclosure Research Articles

On Identity, Transaction, and Smart Contract Privacy on Permissioned and Permissionless Blockchain: A Comprehensive Survey

Blockchain is a decentralized distributed ledger that combines multiple technologies, including chain data structures, P2P networks, consensus algorithms, cryptography, and smart contracts. This gives the blockchain the characteristics of decentralization, immutability, and traceability. However, blockchain stores smart contracts and transactions in blocks publicly, which poses the risk of data leakage and misuse. For example, by mining and analyzing blockchain transaction information, attackers can correlate transactions with user information, resulting in the disclosure of user privacy. Many current reviews focus on the privacy of permissionless blockchains or cryptocurrencies, requiring more in-depth investigations and detailed categorical analysis. To fill this gap, this work comprehensively reviews the latest and traditional methods related to identity, transaction, and smart contract privacy within permissioned and permissionless blockchains. Additionally, we summarize the existing problems, threats, and challenges of data management in different blockchain architectures. Last, we discuss future research directions for blockchain privacy protection technology, which can offer feasible ideas for researchers to explore further.

PPBRFL: Privacy-Preserving Byzantine-Robust Federated Learning

Federated learning is a distributed machine learning approach that allows the neural network to be trained without exposing private user data. Despite its advantages, federated learning schemes still face two critical security challenges: user privacy disclosure and Byzantine robustness. The adversary may try to infer the private data from the trained local gradients or compromise the global model update. To tackle the above challenges, we propose PPBRFL, a privacy-preserving Byzantine-robust federated learning scheme. To resist Byzantine attacks, we design a novel Byzantine-robust aggregation method based on
 cosine similarity, which can guarantee the global model update and improve the model’s classification accuracy. Furthermore, we introduce a reward and penalty mechanism that considers users’ behavior to mitigate the impact of Byzantine users on the global model. To protect user privacy, we utilize symmetric homomorphic encryption to encrypt the users’ trained local models, which requires low computation cost while maintaining model accuracy. We conduct the experimental assessment of the performance of PPBRFL. The experimental results show that PPBRFL maintains model classification accuracy while ensuring privacy preservation and Byzantine robustness compared to traditional federated learning scheme.

FFEC: Fast and forward-secure equivalence-based ciphertext comparability for multiple users in cloud environment

With the expansion of cloud computing, an increasing amount of sensitive data is being encrypted and stored in public clouds to alleviate storage and management burdens. Secure equivalence-based retrieval of ciphertexts for multiple users is crucial in a cloud environment where diverse user data resides for processing purposes. Public key encryption with equality test (PKEET) has been introduced as a cryptographic tool to verify if two ciphertexts under different public keys contain the same message. However, existing PKEET schemes often face misuse of trapdoors due to their unlimited lifespan, potentially leading to unauthorized disclosure of user privacy. In this paper, we propose a novel approach called fast and forward-secure equivalence-based comparability (FFEC) for multiple users by employing a forward-secure PKEET (FS-PKEET). This restricts the retrieval process only to ciphertexts generated prior to the most recent trapdoor update. We present a concrete FS-PKEET scheme based on bilinear pairing and demonstrate its security using Bilinear Diffie–Hellman (BDH) assumption in the random oracle model. Comprehensive performance evaluation shows that our work has much efficiency of decryption, trapdoor generation and test execution thanks to greatly reducing the cost of trapdoor generation and thus is practical for the application of secure ciphertext information retrieval in cloud environment.

A Bibliometric Analysis of Enterprise Social Media in Digital Economy: Research Hotspots and Trends

With the rise of the digital economy, new business models have expedited the progress of corporate digital transformation. The mobile internet era has made enterprise social media a popular tool for employee communication. Summarizing the development and trends of enterprise social media research is beneficial for identifying future research topics. This paper analyzes the literature from the Web of Science core collection database and employs CiteSpace software to develop a scientific knowledge map, providing a visual analysis of the literature on enterprise social media in the context of the digital economy. The paper presents the research hotspots and evolutionary paths of enterprise social media, thereby clarifying the future development trends in this field. The study reveals that there is a relatively limited amount of literature on this topic, and collaboration among authors is not strong. Most research is conducted by higher education institutions in China and the United States. The research hotspots revolve around the theme of enterprise social media, covering topics such as knowledge sharing, communication, and performance. The research themes have undergone a transition from singularity to diversity. Finally, this paper proposes future research prospects in three areas: the human–computer collaborative model against the backdrop of artificial intelligence, user privacy disclosure and protection, and the impact of enterprise social media usage on the mental and physical health of employees. These prospects aim to provide valuable insights for subsequent research endeavors.

Determining factors affecting the user's intention to disclose privacy in online health communities: a dual-calculus model.

As a new type of medical service application for doctor-patient interaction, online health communities (OHCs) have alleviated the imbalance between the supply and demand of medical resources in different regions and the problems of "difficult and expensive access to medical care", but also raised the concern of patients about the risk of disclosure of their health privacy information. In this study, a dual-calculus model was developed to explore users' motivation and decision-making mechanism in disclosing privacy information in OHCs by combining risk calculus and privacy calculus theories. In OHCs, users' trust in physicians and applications is a prerequisite for their willingness to disclose health information. Meanwhile, during the privacy calculation, users' perceived benefits in OHCs had a positive effect on both trust in doctors and trust in applications, while perceived risks had a negative effect on both trusts in doctors and trust in applications. Furthermore, in the risk calculation, the perceived threat assessment in OHCs had a significant positive effect on perceived risk, while the response assessment had a significant negative effect on perceived risk, and the effect of users' trust in physicians far exceeded the effect of trust in applications. Finally, users' trust in physicians/applications is a mediating effect between perceived benefits/risks and privacy disclosure intentions. We combine risk calculus and privacy calculus theories to construct a dual-calculus model, which divides trust into trust in physicians and trust in applications, in order to explore the intrinsic motivation and decision-making mechanism of users' participation in privacy disclosure in OHCs. On the one hand, this theoretically compensates for the fact that privacy computing often underestimates perceived risk, complements the research on trust in OHCs, and reveals the influencing factors and decision transmission mechanisms of user privacy disclosure in OHCs. On the other hand, it also provides guidance for developing reasonable privacy policies and health information protection mechanisms for platform developers of OHCs.

Private and Secure Medical Data Transmission Using Wireless Network with QR Code

Abstract: In medical management, more and more information technology is applied to improve work efficiency. For example, the hospital information management system is used for basic information and medical management of patients, and the onedimensional and two-dimensional codes on the wrist are used for quick reading or inputting patient identification (ID), etc. Although computerization is more convenient, due to immature technology or management flaws, there are certain security risks in various typical scenarios, such as disclosure of user privacy through reporting transparency, lack of strict control over the consultation of confidential medical records, the absence of technical verification for the confirmation of the infusion, etc. Identity is easy to fake, payment is inconvenient, etc. Security issues are discussed in more detail below. Healthcare applications are considered a promising area for wireless sensor networks, where patients can be monitored using wireless medical networks (WMN). Current trends in WMN healthcare research focus on reliable patient communication, patient mobility, and energy-efficient delivery.

Private and Secure Medical Data Transmission Using Wireless Network with QR Code

Abstract: In medical management, more and more information technology is applied to improve work efficiency. For example, the hospital information management system is used for basic information and medical management of patients, and the onedimensional and two-dimensional codes on the wrist are used for quick reading or inputting patient identification (ID), etc. Although computerization is more convenient, due to immature technology or management flaws, there are certain security risks in various typical scenarios, such as disclosure of user privacy through reporting transparency, lack of strict control over the consultation of confidential medical records, the absence of technical verification for the confirmation of the infusion, etc. Identity is easy to fake, payment is inconvenient, etc. Security issues are discussed in more detail below. Healthcare applications are considered a promising area for wireless sensor networks, where patients can be monitored using wireless medical networks (WMN). Current trends in WMN healthcare research focus on reliable patient communication, patient mobility, and energy-efficient delivery.

Privacy protection methods of location services in big data

Abstract The rapid development of mobile communication technology not only brings convenience and fun to our life, but also brings a series of problems such as privacy disclosure. Therefore, it is very necessary to study the privacy protection method based on location service to strengthen the security of location privacy. The purpose of this work is to improve the security of location privacy and prevent the disclosure of user privacy by studying the characteristics of location services and privacy protection methods. This article first describes the characteristics of the important location privacy protection law, and then studies the structural characteristics and operation process of the location privacy protection law. This work evaluates the advantages and disadvantages of different methods, and finally compares the performance of several privacy protection algorithms through experimental analysis. Through the research of hiding space method, two-level cache method based on user grid, differential privacy protection method and experimental analysis of the algorithm, an effective privacy protection algorithm can be obtained. It can better protect the location privacy of users. For example, dual-active in the hidden space algorithm has the best privacy protection performance. Compared with other algorithms, the success rate of generating hidden space is increased by more than 10%, and the time of generating hidden space is shortened by about a quarter. The algorithm It has certain practical value and significance for use in the privacy protection of users.

Toward Smart Home Authentication Using PUF and Edge-Computing Paradigm

The smart home is a crucial embodiment of the internet of things (IoT), which can facilitate users to access smart home services anytime and anywhere. Due to the limited resources of cloud computing, it cannot meet users' real-time needs. Therefore, edge computing emerges as the times require, providing users with better real-time access and storage. The application of edge computing in the smart home environment can enable users to enjoy smart home services. However, users and smart devices communicate through public channels, and malicious attackers may intercept information transmitted through public channels, resulting in user privacy disclosure. Therefore, it is a critical issue to protect the secure communication between users and smart devices in the smart home environment. Furthermore, authentication protocols in smart home environments also have some security challenges. In this paper, we propose an anonymous authentication protocol that applies edge computing to the smart home environment to protect communication security between entities. To protect the security of smart devices, we embed physical unclonable functions (PUF) into each smart device. Real-or-random model, informal security analysis, and ProVerif are adopted to verify the security of our protocol. Finally, we compare our protocol with existing protocols regarding security and performance. The comparison results demonstrate that our protocol has higher security and slightly better performance.

Online Healthcare Privacy Disclosure User Group Profile Modeling Based on Multimodal Fusion

With the spread of COVID-19, online healthcare is rapidly evolving to assist the public with health, reduce exposure and avoid the risk of cross-infection. Online healthcare platform requires more information from patients than offline, and insufficient or incorrect information may delay or even mislead treatment. Therefore, it is valuable to predict users’ privacy disclosure behaviors while fully protecting their information, which can provide healthcare services for users accurately and realize a personalized online healthcare environment. Compared with the traditional static online healthcare platform user privacy disclosure behavior influence factor analysis, this paper uses multimodal fusion and group profile technology to build a user privacy disclosure model and lay the foundation for personalized online healthcare services. This paper proposes a cross-modal fusion modeling approach to address the problem that the information of each modality cannot be fully utilized in the current online healthcare privacy disclosure modeling. A multimodal user profile approach is used to construct personal and group profiles, and the privacy disclosure behavioral characteristics reflected by both are integrated to realize accurate personalized services for online healthcare. The case study shows that compared with the static unimodal privacy disclosure model, the accuracy of our method gains significant improvement, which is helpful for precision healthcare services and online healthcare platform development.

Evolutionary Game—Theoretic Approach for Analyzing User Privacy Disclosure Behavior in Online Health Communities

Privacy disclosure is one of the most common user information behaviors in online health communities. Under the premise of implementing privacy protection strategies in online health communities, promoting user privacy disclosure behavior can result in a “win–win” scenario for users and online health communities. Combining the real situation and evolutionary game theory, in this study, we first constructed an evolutionary game model of privacy disclosure behavior with users and online health communities as the main participants. Then, we solved the replication dynamic equations for both parties and analyzed the evolutionary stable strategies (ESSs) in different scenarios. Finally, we adopted MATLAB for numerical simulations to verify the accuracy of the model. Studies show that: (1) factors such as medical service support and community rewards that users receive after disclosing their private personal information affect user game strategy; and (2) the additional costs of the online health communities implementing the “positive protection” strategy and the expected loss related to the privacy leakage risk affect the online health communities’ game strategy. In this regard, this paper puts forward the following suggestions in order to optimize the benefits of both sets of participants: the explicit benefits of users should be improved, the internal environment of the communities should be optimized, the additional costs of the “positive protection” strategy should be reduced, and penalties for privacy leakages should be increased.

Reliable auxiliary communication of UAV via relay cache optimization

With the continuous reduction of drone costs and the miniaturization of equipment, many new applications have emerged in the civil and commercial fields. The remote sensing technology of Unmanned Aerial Vehicle (UAV) is used to manage and partition farmland accurately. Compared with the traditional field grid sampling method, UAV remote sensing technology can break through operating conditions, continuously collect data at low altitudes, monitor the area more flexibly, and significantly reduce labor and safety costs. Since UAVs can only provide data transmission services to users through wireless backhaul links established with ground base stations, the need to access the network is easy to lead to the disclosure of user privacy. The capacity of wireless backhaul links is limited, limiting the transmission rate of drones and reducing the user’s quality of service. Therefore, we apply edge caching technology to the assisted relay communication network to study the impact of caching technology on the performance of mobile relay systems. In particular, we propose the horizontal position design method in the buffer auxiliary relay single-user system, and the 3D position design method in the buffer auxiliary relay multi-user system. Position system, which can be reached by the maximum system average and the optimal speed, is designed. Besides, with the help of objective function conversion and classic derivation analysis method, the semi-closed expression of the optimal position of the UAV is obtained, and the intersection of the mobile relay end velocity and the user end velocity is used as the initial value. Meanwhile, the solution formula is substituted after continuous iteration so that the best advantage of local velocity can be obtained. In addition, mobile relay system is deployed to establish a two-hop wireless link to achieve reliable communication between Base Station (BS) and users security trust. The simulation experiment proves that compared with other methods, the method proposed in this paper has considerable performance improvement in power convergence, speed, trajectory path loss, and energy cost, which can provide higher-quality communication services for users in the system and better support for the broad application of drones.

RAP: A Light-Weight Privacy-Preserving Framework for Recommender Systems

In today's Internet, recommender systems play an indispensable role in helping users discover items of interests, such as products, books, movies and so on. However, a higher recommendation accuracy is commonly at the cost of more disclosure of user privacy. Thus, a wider adoption of recommender systems poses significant security and privacy concerns to users. In this article, we propose a light-weight privacy-preserving framework called <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">RAP</i> for recommender systems, which can protect user privacy while still ensuring a high recommendation accuracy. Instead of directly sending users’ private ratings to the recommender, users first conduct a local perturbation operation on private ratings, and then send the perturbed ratings to the recommender. The recommender can run recommendation algorithms directly over the perturbed ratings and return the results to users. Different from crypto-based methods, our perturbation and de-perturbation methods are linear operations. Thus, <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">RAP</i> is light-weight and highly efficient in privacy protection. To be more rigorous, we formally prove that the order of recommendation accuracy will not decrease when our <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">RAP</i> framework is applied to any MF (Matrix Factorization)-based recommender systems. We also derive the closed-form expression for the degree of privacy preservation of our framework. Finally, we conduct extensive evaluations using large-scale real-world datasets to verify the effectiveness of our <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">RAP</i> framework and compare with other baseline algorithms. The results show that our <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">RAP</i> framework can improve the degree of privacy preservation from zero to over 0.5 for the <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">Movielens</i> dataset and 4 for the <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">Jester</i> dataset, and still maintain the approaching level of recommendation accuracy.

KPDR : An Effective Method of Privacy Protection

To solve the problem of user privacy disclosure caused by attacks on anonymous areas in spatial generalization privacy protection methods, a K and P Dirichlet Retrieval (KPDR) method based on k-anonymity mechanism is proposed. First, the Dirichlet graph model is introduced, the same kind of information points is analyzed by using the characteristics of Dirichlet graph, and the anonymous set of users is generated and sent to LBS server. Second, the relationship matrix is generated, and the proximity relationship between the user position and the target information point is obtained by calculation. Then, the private information retrieval model is applied to ensure the privacy of users’ target information points. Finally, the experimental results show that the KPDR method not only satisfies the diversity of l 3 / 4 , but also increases the anonymous space, reduces the communication overhead, ensures the anonymous success rate of users, and effectively prevents the disclosure of user privacy.

Verifiable and privacy preserving federated learning without fully trusted centers

With the rise of neural network, deep learning technology is more and more widely used in various fields. Federated learning is one of the training types in deep learning. In federated learning, each user and cloud server (CS) cooperatively train a unified neural network model. However, in this process, the neural network system may face some more challenging problems exemplified by the threat of user privacy disclosure, the error of server’s returned results, and the difficulty of implementing the trusted center in practice. In order to solve the above problems simultaneously, we propose a verifiable federated training scheme that supports privacy protection over deep neural networks. In our scheme, the key exchange technology is used to remove the trusted center, the double masking protocol is used to ensure that the privacy of users is not disclosed, and the tag aggregation method is used to ensure the correctness of the results returned by the server. Formal security analysis and comprehensive performance evaluation indicate that the proposed scheme is secure and efficient.

Decentralized Privacy-Preserving Data Aggregation Scheme for Smart Grid Based on Blockchain.

As a next-generation power system, the smart grid can implement fine-grained smart metering data collection to optimize energy utilization. Smart meters face serious security challenges, such as a trusted third party or a trusted authority being attacked, which leads to the disclosure of user privacy. Blockchain provides a viable solution that can use its key technologies to solve this problem. Blockchain is a new type of decentralized protocol that does not require a trusted third party or a central authority. Therefore, this paper proposes a decentralized privacy-preserving data aggregation (DPPDA) scheme for smart grid based on blockchain. In this scheme, the leader election algorithm is used to select a smart meter in the residential area as a mining node to build a block. The node adopts Paillier cryptosystem algorithm to aggregate the user’s power consumption data. Boneh-Lynn-Shacham short signature and SHA-256 function are applied to ensure the confidentiality and integrity of user data, which is convenient for billing and power regulation. The scheme protects user privacy data while achieving decentralization, without relying on TTP or CA. Security analysis shows that our scheme meets the security and privacy requirements of smart grid data aggregation. The experimental results show that this scheme is more efficient than existing competing schemes in terms of computation and communication overhead.

Study on mobile trading mechanism based on blockchain Byzantine consensus algorithm

The central node of traditional mobile transactions is vulnerable to attack and causes user privacy disclosure. To solve this problem, blockchain and mobile transactions are combined to construct a...

Privacy-Preserving Outsourced Speech Recognition for Smart IoT Devices

Most of the current intelligent Internet of Things (IoT) products take neural network-based speech recognition as the standard human–machine interaction interface. However, the traditional speech recognition frameworks for smart IoT devices always collect and transmit voice information in the form of plaintext, which may cause the disclosure of user privacy. Due to the wide utilization of speech features as biometric authentication, the privacy leakage can cause immeasurable losses to personal property and privacy. Therefore, in this paper, we propose an outsourced privacy-preserving speech recognition framework (OPSR) for smart IoT devices in the long short-term memory (LSTM) neural network and edge computing. In the framework, a series of additive secret sharing-based interactive protocols between two edge servers are designed to achieve lightweight outsourced computation. And based on the protocols, we implement the neural network training process of LSTM for intelligent IoT device voice control. Finally, combined with the universal composability theory and experiment results, we theoretically prove the correctness and security of our framework.

Accountable Outsourcing Location-Based Services With Privacy Preservation

With the enhancement of the positioning function of mobile devices and the upgrade of communication networks, location-based service (LBS) has become an important application of mobile devices. Among the numerous researches on location privacy preservation, cloud-based location privacy preservation has become a hot topic, but it undoubtedly brings new problems such as data confidentiality and user privacy disclosure. This paper proposes an accountable outsourced LBS privacy-preserving scheme. In the outsourcing scenario, in order to make users interact with cloud server to obtain query data, firstly we construct location hierarchical index and attribute hierarchical index based on Bloom Filter, and secondly we divide one region into atomic regions using Hilbert Curve, both of which ensure the privacy of query and improve the efficiency of query. At last, we realize the sharing of encrypted data among different users by accountable proxy re-encryption (APRE) technology, which can effectively suppress the abuse of proxy re-encryption key. We demonstrate the correctness of the proposed scheme through security analysis, and show the effectiveness of the scheme through performance analysis.

A Keyword-Searchable ABE Scheme From Lattice in Cloud Storage Environment

Currently, the security situation of data security and user privacy protection is increasingly serious in cloud environment. Ciphertext data storage can prevent the risk of user's privacy disclosure. But how to search keyword on ciphertext data without revealing keyword information becomes a new challenge. Searchable encryption (SE) is put forward for this reason, which can be used to realize ciphertext-search directly. In terms of multi-user data sharing, public-key encryption with keywords search (PEKS) is more widely used than symmetric searchable encryption. PEKS has been widely studied and developed by researchers in recent years. However, the existing PEKS scheme often lacks flexible access policy. Therefore, combining the advantage of policy control on attribute-based encryption (ABE), and as that the bilinear pairing related assumption is fragile in post-quantum era, lattice-based cryptography is considered as one of secure encryption technology against quantum attack. With this background, in this paper, we give a keyword-searchable ABE scheme based on the hardness of lattice problems, our scheme supports flexible attribute control policy by integrating ABE and PEKS, and the security of new scheme is proved under the learning with errors (LWE) assumption. As lattice-based cryptographic technology is currently thought to be resistant to quantum attacks, so the new scheme has stronger security in a quantum era.