This paper aims to find a practical way of quantitatively representing the privacy of network data. A method of quantifying the privacy of network data anonymization based on similarity distance and entropy in the sce...This paper aims to find a practical way of quantitatively representing the privacy of network data. A method of quantifying the privacy of network data anonymization based on similarity distance and entropy in the scenario involving multiparty network data sharing with Trusted Third Party (TTP) is proposed. Simulations are then conducted using network data from different sources, and show that the measurement indicators defined in this paper can adequately quantify the privacy of the network. In particular, it can indicate the effect of the auxiliary information of the adversary on privacy.展开更多
Taxation,the primary source of fiscal revenue,has profound implications in guiding resource allocation,promoting economic growth,adjusting social wealth distribution,and enhancing cultural influence.The development of...Taxation,the primary source of fiscal revenue,has profound implications in guiding resource allocation,promoting economic growth,adjusting social wealth distribution,and enhancing cultural influence.The development of e-taxation provides a enhanced security for taxation,but it still faces the risk of inefficiency and tax data leakage.As a decentralized ledger,blockchain provides an effective solution for protecting tax data and avoiding tax-related errors and fraud.The introduction of blockchain into e-taxation protocols can ensure the public verification of taxes.However,balancing taxpayer identity privacy with regulation remains a challenge.In this paper,we propose a blockchain-based anonymous and regulatory e-taxation protocol.This protocol ensures the supervision and tracking of malicious taxpayers while maintaining honest taxpayer identity privacy,reduces the storage needs for public key certificates in the public key infrastructure,and enables selfcertification of taxpayers’public keys and addresses.We formalize the security model of unforgeability for transactions,anonymity for honest taxpayers,and traceability for malicious taxpayers.Security analysis shows that the proposed protocol satisfies unforgeability,anonymity,and traceability.The experimental results of time consumption show that the protocol is feasible in practical applications.展开更多
Vehicular Ad-hoc Network(VANET)is a platform that facilitates Vehicle-to-Everything(V2X)interconnection.However,its open communication channels and high-speed mobility introduce security and privacy vulnerabilities.An...Vehicular Ad-hoc Network(VANET)is a platform that facilitates Vehicle-to-Everything(V2X)interconnection.However,its open communication channels and high-speed mobility introduce security and privacy vulnerabilities.Anonymous authentication is crucial in ensuring secure communication and privacy protection in VANET.However,existing anonymous authentication schemes are prone to single points of failure and often overlook the efficient tracking of the true identities of malicious vehicles after pseudonym changes.To address these challenges,we propose an efficient anonymous authentication scheme for blockchain-based VANET.By leveraging blockchain technology,our approach addresses the challenges of single points of failure and high latency,thereby enhancing the service stability and scalability of VANET.The scheme integrates homomorphic encryption and elliptic curve cryptography,allowing vehicles to independently generate new pseudonyms when entering a new domain without third-party assistance.Security analyses and simulation results demonstrate that our scheme achieves effective anonymous authentication in VANET.Moreover,the roadside unit can process 500 messages per 19 ms.As the number of vehicles in the communication domain grows,our scheme exhibits superior messageprocessing capabilities.展开更多
In the era of big data,the growing number of real-time data streams often contains a lot of sensitive privacy information.Releasing or sharing this data directly without processing will lead to serious privacy informa...In the era of big data,the growing number of real-time data streams often contains a lot of sensitive privacy information.Releasing or sharing this data directly without processing will lead to serious privacy information leakage.This poses a great challenge to conventional privacy protection mechanisms(CPPM).The existing data partitioning methods ignore the number of data replications and information exchanges,resulting in complex distance calculations and inefficient indexing for high-dimensional data.Therefore,CPPM often fails to meet the stringent requirements of efficiency and reliability,especially in dynamic spatiotemporal environments.Addressing this concern,we proposed the Principal Component Enhanced Vantage-point tree(PEV-Tree),which is an enhanced data structure based on the idea of dimension reduction,and constructed a Distributed Spatio-Temporal Privacy Preservation Mechanism(DST-PPM)on it.In this work,principal component analysis and the vantage tree are used to establish the PEV-Tree.In addition,we designed three distributed anonymization algorithms for data streams.These algorithms are named CK-AA,CL-DA,and CT-CA,fulfill the anonymization rules of K-Anonymity,L-Diversity,and T-Closeness,respectively,which have different computational complexities and reliabilities.The higher the complexity,the lower the risk of privacy leakage.DST-PPM can reduce the dimension of high-dimensional information while preserving data characteristics and dividing the data space into vantage points based on distance.It effectively enhances the data processing workflow and increases algorithmefficiency.To verify the validity of the method in this paper,we conducted empirical tests of CK-AA,CL-DA,and CT-CA on conventional datasets and the PEV-Tree,respectively.Based on the big data background of the Internet of Vehicles,we conducted experiments using artificial simulated on-board network data.The results demonstrated that the operational efficiency of the CK-AA,CL-DA,and CT-CA is enhanced by 15.12%,24.55%,and 52.74%,respectively,when deployed on the PEV-Tree.Simultaneously,during homogeneity attacks,the probabilities of information leakage were reduced by 2.31%,1.76%,and 0.19%,respectively.Furthermore,these algorithms showcased superior utility(scalability)when executed across PEV-Trees of varying scales in comparison to their performance on conventional data structures.It indicates that DST-PPM offers marked advantages over CPPM in terms of efficiency,reliability,and scalability.展开更多
The increasing reliance on interconnected Internet of Things(IoT)devices has amplified the demand for robust anonymization strategies to protect device identities and ensure secure communication.However,traditional an...The increasing reliance on interconnected Internet of Things(IoT)devices has amplified the demand for robust anonymization strategies to protect device identities and ensure secure communication.However,traditional anonymization methods for IoT networks often rely on static identity models,making them vulnerable to inference attacks through long-term observation.Moreover,these methods tend to sacrifice data availability to protect privacy,limiting their practicality in real-world applications.To overcome these limitations,we propose a dynamic device identity anonymization framework using Moving Target Defense(MTD)principles implemented via Software-Defined Networking(SDN).In our model,the SDN controller periodically reconfigures the network addresses and routes of IoT devices using a constraint-aware backtracking algorithmthat constructs new virtual topologies under connectivity and performance constraints.This address-hopping scheme introduces continuous unpredictability at the network layer dynamically changing device identifiers,routing paths,and even network topology which thwarts attacker reconnaissance while preserving normal communication.Experimental results demonstrate that our approach significantly reduces device identity exposure and scan success rates for attackers compared to static networks.Moreover,the dynamic schememaintains high data availability and network performance.Under attack conditions it reduced average communication delay by approximately 60% vs.an unprotected network,with minimal overhead on system resources.展开更多
Attribute-based encryption(ABE)is a cryptographic framework that provides flexible access control by allowing encryption based on user attributes.ABE is widely applied in cloud storage,file sharing,e-Health,and digita...Attribute-based encryption(ABE)is a cryptographic framework that provides flexible access control by allowing encryption based on user attributes.ABE is widely applied in cloud storage,file sharing,e-Health,and digital rightsmanagement.ABE schemes rely on hard cryptographic assumptions such as pairings and others(pairingfree)to ensure their security against external and internal attacks.Internal attacks are carried out by authorized users who misuse their access to compromise security with potentially malicious intent.One common internal attack is the attribute collusion attack,in which users with different attribute keys collaborate to decrypt data they could not individually access.This paper focuses on the ciphertext-policy ABE(CP-ABE),a type of ABE where ciphertexts are produced with access policies.Our firstwork is to carry out the attribute collusion attack against several existing pairingfree CP-ABE schemes.As a main contribution,we introduce a novel attack,termed the anonymous key-leakage attack,concerning the context in which users could anonymously publish their secret keys associated with certain attributes on public platforms without the risk of detection.This kind of internal attack has not been defined or investigated in the literature.We then show that several prominent pairing-based CP-ABE schemes are vulnerable to this attack.We believe that this work will contribute to helping the community evaluate suitable CP-ABE schemes for secure deployment in real-life applications.展开更多
Dynamic publishing of social network graphs offers insights into user behavior but brings privacy risks, notably re-identification attacks on evolving data snapshots. Existing methods based on -anonymity can mitigate ...Dynamic publishing of social network graphs offers insights into user behavior but brings privacy risks, notably re-identification attacks on evolving data snapshots. Existing methods based on -anonymity can mitigate these attacks but are cumbersome, neglect dynamic protection of community structure, and lack precise utility measures. To address these challenges, we present a dynamic social network graph anonymity scheme with community structure protection (DSNGA-CSP), which achieves the dynamic anonymization process by incorporating community detection. First, DSNGA-CSP categorizes communities of the original graph into three types at each timestamp, and only partitions community subgraphs for a specific category at each updated timestamp. Then, DSNGA-CSP achieves intra-community and inter-community anonymization separately to retain more of the community structure of the original graph at each timestamp. It anonymizes community subgraphs by the proposed novel -composition method and anonymizes inter-community edges by edge isomorphism. Finally, a novel information loss metric is introduced in DSNGA-CSP to precisely capture the utility of the anonymized graph through original information preservation and anonymous information changes. Extensive experiments conducted on five real-world datasets demonstrate that DSNGA-CSP consistently outperforms existing methods, providing a more effective balance between privacy and utility. Specifically, DSNGA-CSP shows an average utility improvement of approximately 30% compared to TAKG and CTKGA for three dynamic graph datasets, according to the proposed information loss metric IL.展开更多
The rapid development of the industrial internet of things(IIoT)has brought huge benefits to factories equipped with IIoT technology,each of which represents an IIoT domain.More and more domains are choosing to cooper...The rapid development of the industrial internet of things(IIoT)has brought huge benefits to factories equipped with IIoT technology,each of which represents an IIoT domain.More and more domains are choosing to cooperate with each other to produce better products for greater profits.Therefore,in order to protect the security and privacy of IIoT devices in cross-domain communication,lots of cross-domain authentication schemes have been proposed.However,most schemes expose the domain to which the IIoT device belongs,or introduce a single point of failure in multi-domain cooperation,thus introducing unpredictable risks to each domain.We propose a more secure and efficient domain-level anonymous cross-domain authentication(DLCA)scheme based on alliance blockchain.The proposed scheme uses group signatures with decentralized tracing technology to provide domain-level anonymity to each IIoT device and allow the public to trace the real identity of the malicious pseudonym.In addition,DLCA takes into account the limited resource characteristics of IIoT devices to design an efficient cross-domain authentication protocol.Security analysis and performance evaluation show that the proposed scheme can be effectively used in the cross-domain authentication scenario of industrial internet of things.展开更多
As a future energy system,the smart grid is designed to improve the efficiency of traditional power systems while providing more stable and reliable services.However,this efficient and reliable service relies on colle...As a future energy system,the smart grid is designed to improve the efficiency of traditional power systems while providing more stable and reliable services.However,this efficient and reliable service relies on collecting and analyzing users’electricity consumption data frequently,which induces various security and privacy threats.To address these challenges,we propose a double-blockchain assisted secure and anonymous data aggregation scheme for fog-enabled smart grid named DA-SADA.Specifically,we design a three-tier architecture-based data aggregation framework by integrating fog computing and the blockchain,which provides strong support for achieving efficient and secure data collection in smart grids.Subsequently,we develop a secure and anonymous data aggregation mechanism with low computational overhead by jointly leveraging the Paillier encryption,batch aggregation signature and anonymous authentication.In particular,the system achieves fine-grained data aggregation and provides effective support for power dispatching and price adjustment by the designed double-blockchain and two-level data aggregation.Finally,the superiority of the proposed scheme is illustrated by a series of security and computation cost analyses.展开更多
In cyberspace security,the privacy in location-based services(LBSs) becomes more critical. In previous solutions,a trusted third party(TTP) was usually employed to provide disturbance or obfuscation,but it may become ...In cyberspace security,the privacy in location-based services(LBSs) becomes more critical. In previous solutions,a trusted third party(TTP) was usually employed to provide disturbance or obfuscation,but it may become the single point of failure or service bottleneck. In order to cope with this drawback,we focus on another important class,establishing anonymous group through short-range communication to achieve k-anonymity with collaborative users. Along with the analysis of existing algorithms,we found users in the group must share the same maximum anonymity degree,and they could not ease the process of preservation in a lower one. To cope with this problem,we proposed a random-QBE algorithm to put up with personalized anonymity in user collaboration algorithms,and this algorithm could preserve both query privacy and location privacy. Then we studied the attacks from passive and active adversaries and used entropy to measure user's privacy level. Finally,experimental evaluations further verify its effectiveness and efficiency.展开更多
Permissionless blockchain,as a kind of distributed ledger,has gained considerable attention because of its openness,transparency,decentralization,and immutability.Currently,permissionless blockchain has shown a good a...Permissionless blockchain,as a kind of distributed ledger,has gained considerable attention because of its openness,transparency,decentralization,and immutability.Currently,permissionless blockchain has shown a good application prospect in many fields,from the initial cryptocurrency to the Internet of Things(IoT)and Vehicular Ad-Hoc Networking(VANET),which is considered as the beginning of rewriting our digital infrastructure.However,blockchain confronts some privacy risks that hinder its practical applications.Though numerous surveys reviewed the privacy preservation in blockchain,they failed to reveal the latest advances,nor have they been able to conduct a unified standard comprehensive classification of the privacy protection of permissionless blockchain.Therefore,in this paper,we analyze the specific characteristics of permissionless blockchain,summarize the potential privacy threats,and investigate the unique privacy requirements of blockchain.Existing privacy preservation technologies are carefully surveyed and evaluated based on our proposed evaluation criteria.We finally figure out open research issues as well as future research directions from the perspective of privacy issues.展开更多
The aim of this paper is to focus on the ethical issues raised by the removal of anonymity from sperm donors. The increasing currency of a 'right to genetic truth' is clearly visible in the drive to revise the legis...The aim of this paper is to focus on the ethical issues raised by the removal of anonymity from sperm donors. The increasing currency of a 'right to genetic truth' is clearly visible in the drive to revise the legislation on donor anonymity in Western and European countries. The ethical debate is polarized between the 'right to privacy' of the donor or parent and the 'right to know' of the prospective child. However, it is evident that religious, social and cultural attitudes have an overarching impact on attitudes towards sperm donation generally and anonymity specifically. In Asian countries, the social and cultural heritage is hugely diverse and different from those of the West. This review considers the research exploring the complexity of ethical issues informing this debate, and argues that parent's decisions to reveal donor insemination origins to their children are highly complex and relate to a range of social and cultural attitudes that have not been addressed within the policy to remove anonymity from sperm donors.展开更多
Privacy-preserving data publishing (PPDP) is one of the hot issues in the field of the network security. The existing PPDP technique cannot deal with generality attacks, which explicitly contain the sensitivity atta...Privacy-preserving data publishing (PPDP) is one of the hot issues in the field of the network security. The existing PPDP technique cannot deal with generality attacks, which explicitly contain the sensitivity attack and the similarity attack. This paper proposes a novel model, (w,γ, k)-anonymity, to avoid generality attacks on both cases of numeric and categorical attributes. We show that the optimal (w, γ, k)-anonymity problem is NP-hard and conduct the Top-down Local recoding (TDL) algorithm to implement the model. Our experiments validate the improvement of our model with real data.展开更多
With the rapid development of IoT(Internet of Things),VANETs(Vehicular Ad-Hoc Networks)have become an attractive ad-hoc network that brings convenience into people’s lives.Vehicles can be informed of the position,dir...With the rapid development of IoT(Internet of Things),VANETs(Vehicular Ad-Hoc Networks)have become an attractive ad-hoc network that brings convenience into people’s lives.Vehicles can be informed of the position,direction,speed and other real-time information of nearby vehicles to avoid traffic jams and accidents.However,VANET environments could be dangerous in the absence of security protection.Because of the openness and self-organization of VANETs,there are plenty of malicious pathways.To guarantee vehicle security,the research aims to provide an effective VANET security mechanism that can track malicious vehicles as necessary.Therefore,this work focuses on malicious vehicles and proposes an anonymous authentication scheme in VANETs based on the fair blind signature to protect vehicle security.展开更多
In order to relvedy the security weaknesses of a robust user authentication framework for wireless sensor networks, an enhanced user authentication framework is presented. The enhanced scheme requires proof of the pos...In order to relvedy the security weaknesses of a robust user authentication framework for wireless sensor networks, an enhanced user authentication framework is presented. The enhanced scheme requires proof of the possession of both a password and a snort card, and provides more security guarantees in two aspects: 1) it addresses the untmceability property so that any third party accessing the communication channel cannot link two authentication sessions originated from the same user, and 2) the use of a smart card prevents offiine attacks to guess passwords. The security and efficiency analyses indicate that our enhanced scheme provides the highest level of security at reasonable computational costs. Therefore, it is a practical authentication scheme with attractive security features for wireless sensor networks.展开更多
The vehicular cloud computing is an emerging technology that changes vehicle communication and underlying trafc management applications.However,cloud computing has disadvantages such as high delay,low privacy and high...The vehicular cloud computing is an emerging technology that changes vehicle communication and underlying trafc management applications.However,cloud computing has disadvantages such as high delay,low privacy and high communication cost,which can not meet the needs of realtime interactive information of Internet of vehicles.Ensuring security and privacy in Internet of Vehicles is also regarded as one of its most important challenges.Therefore,in order to ensure the user information security and improve the real-time of vehicle information interaction,this paper proposes an anonymous authentication scheme based on edge computing.In this scheme,the concept of edge computing is introduced into the Internet of vehicles,which makes full use of the redundant computing power and storage capacity of idle edge equipment.The edge vehicle nodes are determined by simple algorithm of dening distance and resources,and the improved RSA encryption algorithm is used to encrypt the user information.The improved RSA algorithm encrypts the user information by reencrypting the encryption parameters.Compared with the traditional RSA algorithm,it can resist more attacks,so it is used to ensure the security of user information.It can not only protect the privacy of vehicles,but also avoid anonymous abuse.Simulation results show that the proposed scheme has lower computational complexity and communication overhead than the traditional anonymous scheme.展开更多
INTRODUCTIONOf the three cardinal manifestations of chronic pancreatitis-pain,diabetes mellitus and steatorrhea,it is pain thatbrings the patient to the physician and is the most difficultto manage.The intractabale pa...INTRODUCTIONOf the three cardinal manifestations of chronic pancreatitis-pain,diabetes mellitus and steatorrhea,it is pain thatbrings the patient to the physician and is the most difficultto manage.The intractabale pain that is quite展开更多
In order to solve the issue that existing direct anonymous attestation (DAA) scheme can not operate effectively in different domains,based on the original DAA scheme,a novel direct anonymous attestation protocol used ...In order to solve the issue that existing direct anonymous attestation (DAA) scheme can not operate effectively in different domains,based on the original DAA scheme,a novel direct anonymous attestation protocol used in multi domains environment is proposed and designed,in which,the certificate issuer located in outside of domain can be considered as a proxy server to issue the DAA certificate for valid member nodes directly.Our designed mechanism accords with present trusted computing group (TCG) international specification,and can solve the problems of practical authentication and privacy information protection between different trusted domains efficiently.Compared with present DAA scheme,in our protocol,the anonymity,unforgeability can be guaranteed,and the replay-attack also can be avoided.It has important referenced and practical application value in trusted computing field.展开更多
Electronic voting has partially solved the problems of poor anonymity and low efficiency associated with traditional voting.However,the difficulties it introduces into the supervision of the vote counting,as well as i...Electronic voting has partially solved the problems of poor anonymity and low efficiency associated with traditional voting.However,the difficulties it introduces into the supervision of the vote counting,as well as its need for a concurrent guaranteed trusted third party,should not be overlooked.With the advent of blockchain technology in recent years,its features such as decentralization,anonymity,and non-tampering have made it a good candidate in solving the problems that electronic voting faces.In this study,we propose a multi-candidate voting model based on the blockchain technology.With the introduction of an asymmetric encryption and an anonymity-preserving voting algorithm,votes can be counted without relying on a third party,and the voting results can be displayed in real time in a manner that satisfies various levels of voting security and privacy requirements.Experimental results show that the proposed model solves the aforementioned problems of electronic voting without significant negative impact from an increasing number of voters or candidates.展开更多
基金supported by the National Key Basic Research Program of China (973 Program) under Grant No. 2009CB320505the Fundamental Research Funds for the Central Universities under Grant No. 2011RC0508+2 种基金the National Natural Science Foundation of China under Grant No. 61003282China Next Generation Internet Project "Research and Trial on Evolving Next Generation Network Intelligence Capability Enhancement"the National Science and Technology Major Project "Research about Architecture of Mobile Internet" under Grant No. 2011ZX03002-001-01
文摘This paper aims to find a practical way of quantitatively representing the privacy of network data. A method of quantifying the privacy of network data anonymization based on similarity distance and entropy in the scenario involving multiparty network data sharing with Trusted Third Party (TTP) is proposed. Simulations are then conducted using network data from different sources, and show that the measurement indicators defined in this paper can adequately quantify the privacy of the network. In particular, it can indicate the effect of the auxiliary information of the adversary on privacy.
文摘Taxation,the primary source of fiscal revenue,has profound implications in guiding resource allocation,promoting economic growth,adjusting social wealth distribution,and enhancing cultural influence.The development of e-taxation provides a enhanced security for taxation,but it still faces the risk of inefficiency and tax data leakage.As a decentralized ledger,blockchain provides an effective solution for protecting tax data and avoiding tax-related errors and fraud.The introduction of blockchain into e-taxation protocols can ensure the public verification of taxes.However,balancing taxpayer identity privacy with regulation remains a challenge.In this paper,we propose a blockchain-based anonymous and regulatory e-taxation protocol.This protocol ensures the supervision and tracking of malicious taxpayers while maintaining honest taxpayer identity privacy,reduces the storage needs for public key certificates in the public key infrastructure,and enables selfcertification of taxpayers’public keys and addresses.We formalize the security model of unforgeability for transactions,anonymity for honest taxpayers,and traceability for malicious taxpayers.Security analysis shows that the proposed protocol satisfies unforgeability,anonymity,and traceability.The experimental results of time consumption show that the protocol is feasible in practical applications.
基金supported by the National Natural Science Foundation of China under Grant U2001213.
文摘Vehicular Ad-hoc Network(VANET)is a platform that facilitates Vehicle-to-Everything(V2X)interconnection.However,its open communication channels and high-speed mobility introduce security and privacy vulnerabilities.Anonymous authentication is crucial in ensuring secure communication and privacy protection in VANET.However,existing anonymous authentication schemes are prone to single points of failure and often overlook the efficient tracking of the true identities of malicious vehicles after pseudonym changes.To address these challenges,we propose an efficient anonymous authentication scheme for blockchain-based VANET.By leveraging blockchain technology,our approach addresses the challenges of single points of failure and high latency,thereby enhancing the service stability and scalability of VANET.The scheme integrates homomorphic encryption and elliptic curve cryptography,allowing vehicles to independently generate new pseudonyms when entering a new domain without third-party assistance.Security analyses and simulation results demonstrate that our scheme achieves effective anonymous authentication in VANET.Moreover,the roadside unit can process 500 messages per 19 ms.As the number of vehicles in the communication domain grows,our scheme exhibits superior messageprocessing capabilities.
基金supported by the Natural Science Foundation of Sichuan Province(No.2024NSFSC1450)the Fundamental Research Funds for the Central Universities(No.SCU2024D012)the Science and Engineering Connotation Development Project of Sichuan University(No.2020SCUNG129).
文摘In the era of big data,the growing number of real-time data streams often contains a lot of sensitive privacy information.Releasing or sharing this data directly without processing will lead to serious privacy information leakage.This poses a great challenge to conventional privacy protection mechanisms(CPPM).The existing data partitioning methods ignore the number of data replications and information exchanges,resulting in complex distance calculations and inefficient indexing for high-dimensional data.Therefore,CPPM often fails to meet the stringent requirements of efficiency and reliability,especially in dynamic spatiotemporal environments.Addressing this concern,we proposed the Principal Component Enhanced Vantage-point tree(PEV-Tree),which is an enhanced data structure based on the idea of dimension reduction,and constructed a Distributed Spatio-Temporal Privacy Preservation Mechanism(DST-PPM)on it.In this work,principal component analysis and the vantage tree are used to establish the PEV-Tree.In addition,we designed three distributed anonymization algorithms for data streams.These algorithms are named CK-AA,CL-DA,and CT-CA,fulfill the anonymization rules of K-Anonymity,L-Diversity,and T-Closeness,respectively,which have different computational complexities and reliabilities.The higher the complexity,the lower the risk of privacy leakage.DST-PPM can reduce the dimension of high-dimensional information while preserving data characteristics and dividing the data space into vantage points based on distance.It effectively enhances the data processing workflow and increases algorithmefficiency.To verify the validity of the method in this paper,we conducted empirical tests of CK-AA,CL-DA,and CT-CA on conventional datasets and the PEV-Tree,respectively.Based on the big data background of the Internet of Vehicles,we conducted experiments using artificial simulated on-board network data.The results demonstrated that the operational efficiency of the CK-AA,CL-DA,and CT-CA is enhanced by 15.12%,24.55%,and 52.74%,respectively,when deployed on the PEV-Tree.Simultaneously,during homogeneity attacks,the probabilities of information leakage were reduced by 2.31%,1.76%,and 0.19%,respectively.Furthermore,these algorithms showcased superior utility(scalability)when executed across PEV-Trees of varying scales in comparison to their performance on conventional data structures.It indicates that DST-PPM offers marked advantages over CPPM in terms of efficiency,reliability,and scalability.
基金supported by the National Key Research and Development Program of China(Project No.2022YFB3104300).
文摘The increasing reliance on interconnected Internet of Things(IoT)devices has amplified the demand for robust anonymization strategies to protect device identities and ensure secure communication.However,traditional anonymization methods for IoT networks often rely on static identity models,making them vulnerable to inference attacks through long-term observation.Moreover,these methods tend to sacrifice data availability to protect privacy,limiting their practicality in real-world applications.To overcome these limitations,we propose a dynamic device identity anonymization framework using Moving Target Defense(MTD)principles implemented via Software-Defined Networking(SDN).In our model,the SDN controller periodically reconfigures the network addresses and routes of IoT devices using a constraint-aware backtracking algorithmthat constructs new virtual topologies under connectivity and performance constraints.This address-hopping scheme introduces continuous unpredictability at the network layer dynamically changing device identifiers,routing paths,and even network topology which thwarts attacker reconnaissance while preserving normal communication.Experimental results demonstrate that our approach significantly reduces device identity exposure and scan success rates for attackers compared to static networks.Moreover,the dynamic schememaintains high data availability and network performance.Under attack conditions it reduced average communication delay by approximately 60% vs.an unprotected network,with minimal overhead on system resources.
文摘Attribute-based encryption(ABE)is a cryptographic framework that provides flexible access control by allowing encryption based on user attributes.ABE is widely applied in cloud storage,file sharing,e-Health,and digital rightsmanagement.ABE schemes rely on hard cryptographic assumptions such as pairings and others(pairingfree)to ensure their security against external and internal attacks.Internal attacks are carried out by authorized users who misuse their access to compromise security with potentially malicious intent.One common internal attack is the attribute collusion attack,in which users with different attribute keys collaborate to decrypt data they could not individually access.This paper focuses on the ciphertext-policy ABE(CP-ABE),a type of ABE where ciphertexts are produced with access policies.Our firstwork is to carry out the attribute collusion attack against several existing pairingfree CP-ABE schemes.As a main contribution,we introduce a novel attack,termed the anonymous key-leakage attack,concerning the context in which users could anonymously publish their secret keys associated with certain attributes on public platforms without the risk of detection.This kind of internal attack has not been defined or investigated in the literature.We then show that several prominent pairing-based CP-ABE schemes are vulnerable to this attack.We believe that this work will contribute to helping the community evaluate suitable CP-ABE schemes for secure deployment in real-life applications.
基金supported by the Natural Science Foundation of China(No.U22A2099)the Innovation Project of Guangxi Graduate Education(YCBZ2023130).
文摘Dynamic publishing of social network graphs offers insights into user behavior but brings privacy risks, notably re-identification attacks on evolving data snapshots. Existing methods based on -anonymity can mitigate these attacks but are cumbersome, neglect dynamic protection of community structure, and lack precise utility measures. To address these challenges, we present a dynamic social network graph anonymity scheme with community structure protection (DSNGA-CSP), which achieves the dynamic anonymization process by incorporating community detection. First, DSNGA-CSP categorizes communities of the original graph into three types at each timestamp, and only partitions community subgraphs for a specific category at each updated timestamp. Then, DSNGA-CSP achieves intra-community and inter-community anonymization separately to retain more of the community structure of the original graph at each timestamp. It anonymizes community subgraphs by the proposed novel -composition method and anonymizes inter-community edges by edge isomorphism. Finally, a novel information loss metric is introduced in DSNGA-CSP to precisely capture the utility of the anonymized graph through original information preservation and anonymous information changes. Extensive experiments conducted on five real-world datasets demonstrate that DSNGA-CSP consistently outperforms existing methods, providing a more effective balance between privacy and utility. Specifically, DSNGA-CSP shows an average utility improvement of approximately 30% compared to TAKG and CTKGA for three dynamic graph datasets, according to the proposed information loss metric IL.
文摘The rapid development of the industrial internet of things(IIoT)has brought huge benefits to factories equipped with IIoT technology,each of which represents an IIoT domain.More and more domains are choosing to cooperate with each other to produce better products for greater profits.Therefore,in order to protect the security and privacy of IIoT devices in cross-domain communication,lots of cross-domain authentication schemes have been proposed.However,most schemes expose the domain to which the IIoT device belongs,or introduce a single point of failure in multi-domain cooperation,thus introducing unpredictable risks to each domain.We propose a more secure and efficient domain-level anonymous cross-domain authentication(DLCA)scheme based on alliance blockchain.The proposed scheme uses group signatures with decentralized tracing technology to provide domain-level anonymity to each IIoT device and allow the public to trace the real identity of the malicious pseudonym.In addition,DLCA takes into account the limited resource characteristics of IIoT devices to design an efficient cross-domain authentication protocol.Security analysis and performance evaluation show that the proposed scheme can be effectively used in the cross-domain authentication scenario of industrial internet of things.
基金the National Natural Science Foundation of China(61971235,61871412,and 61771258)the Six Talented Eminence Foundation of Jiangsu Province(XYDXXJS-044)+4 种基金the China Postdoctoral Science Foundation(2018M630590)the 333 High-level Talents Training Project of Jiangsu Province,the 1311 Talents Plan of Nanjing University of Posts and Telecommunications(NUPT)the Open Research Fund of Jiangsu Engineering Research Center of Communication and Network Technology,NUPT(JSGCZX17011)the Scientific Research Foundation of NUPT(NY218058)the Open Research Fund of Anhui Provincial Key Laboratory of Network and Information Security(AHNIS2020001).
文摘As a future energy system,the smart grid is designed to improve the efficiency of traditional power systems while providing more stable and reliable services.However,this efficient and reliable service relies on collecting and analyzing users’electricity consumption data frequently,which induces various security and privacy threats.To address these challenges,we propose a double-blockchain assisted secure and anonymous data aggregation scheme for fog-enabled smart grid named DA-SADA.Specifically,we design a three-tier architecture-based data aggregation framework by integrating fog computing and the blockchain,which provides strong support for achieving efficient and secure data collection in smart grids.Subsequently,we develop a secure and anonymous data aggregation mechanism with low computational overhead by jointly leveraging the Paillier encryption,batch aggregation signature and anonymous authentication.In particular,the system achieves fine-grained data aggregation and provides effective support for power dispatching and price adjustment by the designed double-blockchain and two-level data aggregation.Finally,the superiority of the proposed scheme is illustrated by a series of security and computation cost analyses.
基金supported by the National Natural Science Foundation of China (Grant No.61472097)the Specialized Research Fund for the Doctoral Program of Higher Education(Grant No.20132304110017)+1 种基金the Natural Science Foundation of Heilongjiang Province of China (Grant No.F2015022)the Fujian Provincial Key Laboratory of Network Security and Cryptology Research Fund (Fujian Normal University) (No.15003)
文摘In cyberspace security,the privacy in location-based services(LBSs) becomes more critical. In previous solutions,a trusted third party(TTP) was usually employed to provide disturbance or obfuscation,but it may become the single point of failure or service bottleneck. In order to cope with this drawback,we focus on another important class,establishing anonymous group through short-range communication to achieve k-anonymity with collaborative users. Along with the analysis of existing algorithms,we found users in the group must share the same maximum anonymity degree,and they could not ease the process of preservation in a lower one. To cope with this problem,we proposed a random-QBE algorithm to put up with personalized anonymity in user collaboration algorithms,and this algorithm could preserve both query privacy and location privacy. Then we studied the attacks from passive and active adversaries and used entropy to measure user's privacy level. Finally,experimental evaluations further verify its effectiveness and efficiency.
基金The work is supported in part by the National Natural Science Foundation of China under Grants 61672410 and 61802293the Academy of Finland under Grants 308087,314203 and 335262+5 种基金the Key Lab of Information Network Security,Ministry of Public Security under grant No.C18614the open grant of the Tactical Data Link Lab of the 20th Research Institute of China Electronics Technology Group Corporation,P.R.China under grant CLDL-20182119the National Postdoctoral Program for Innovative Talents under grant BX20180238the Project funded by China Postdoctoral Science Foundation under grant 2018M633461the Shaanxi Innovation Team project under grant 2018TD-007the 111 project under grant B16037.
文摘Permissionless blockchain,as a kind of distributed ledger,has gained considerable attention because of its openness,transparency,decentralization,and immutability.Currently,permissionless blockchain has shown a good application prospect in many fields,from the initial cryptocurrency to the Internet of Things(IoT)and Vehicular Ad-Hoc Networking(VANET),which is considered as the beginning of rewriting our digital infrastructure.However,blockchain confronts some privacy risks that hinder its practical applications.Though numerous surveys reviewed the privacy preservation in blockchain,they failed to reveal the latest advances,nor have they been able to conduct a unified standard comprehensive classification of the privacy protection of permissionless blockchain.Therefore,in this paper,we analyze the specific characteristics of permissionless blockchain,summarize the potential privacy threats,and investigate the unique privacy requirements of blockchain.Existing privacy preservation technologies are carefully surveyed and evaluated based on our proposed evaluation criteria.We finally figure out open research issues as well as future research directions from the perspective of privacy issues.
文摘The aim of this paper is to focus on the ethical issues raised by the removal of anonymity from sperm donors. The increasing currency of a 'right to genetic truth' is clearly visible in the drive to revise the legislation on donor anonymity in Western and European countries. The ethical debate is polarized between the 'right to privacy' of the donor or parent and the 'right to know' of the prospective child. However, it is evident that religious, social and cultural attitudes have an overarching impact on attitudes towards sperm donation generally and anonymity specifically. In Asian countries, the social and cultural heritage is hugely diverse and different from those of the West. This review considers the research exploring the complexity of ethical issues informing this debate, and argues that parent's decisions to reveal donor insemination origins to their children are highly complex and relate to a range of social and cultural attitudes that have not been addressed within the policy to remove anonymity from sperm donors.
基金supported in part by Research Fund for the Doctoral Program of Higher Education of China(No.20120009110007)Program for Innovative Research Team in University of Ministry of Education of China (No.IRT201206)+3 种基金Program for New Century Excellent Talents in University(NCET-110565)the Fundamental Research Funds for the Central Universities(No.2012JBZ010)the Open Project Program of Beijing Key Laboratory of Trusted Computing at Beijing University of TechnologyBeijing Higher Education Young Elite Teacher Project(No. YETP0542)
文摘Privacy-preserving data publishing (PPDP) is one of the hot issues in the field of the network security. The existing PPDP technique cannot deal with generality attacks, which explicitly contain the sensitivity attack and the similarity attack. This paper proposes a novel model, (w,γ, k)-anonymity, to avoid generality attacks on both cases of numeric and categorical attributes. We show that the optimal (w, γ, k)-anonymity problem is NP-hard and conduct the Top-down Local recoding (TDL) algorithm to implement the model. Our experiments validate the improvement of our model with real data.
基金This project is supported by Internet innovation and open platform base of the education Ministry of China(No.KJRP1401)the cooperative education project of the education Ministry of China(No.201702113002)+2 种基金US-China Computer Science Research Centre of Nanjing University of Information Science and Technology(No.KJR16059)Hunan Natural Science Foundation(No.2018JJ2138)Education Department of Hunan Province(No.17B096).
文摘With the rapid development of IoT(Internet of Things),VANETs(Vehicular Ad-Hoc Networks)have become an attractive ad-hoc network that brings convenience into people’s lives.Vehicles can be informed of the position,direction,speed and other real-time information of nearby vehicles to avoid traffic jams and accidents.However,VANET environments could be dangerous in the absence of security protection.Because of the openness and self-organization of VANETs,there are plenty of malicious pathways.To guarantee vehicle security,the research aims to provide an effective VANET security mechanism that can track malicious vehicles as necessary.Therefore,this work focuses on malicious vehicles and proposes an anonymous authentication scheme in VANETs based on the fair blind signature to protect vehicle security.
基金This work was supported by the Program for Changjiang Scholars and Innovative Research Team in University under Grant No. IRT1078 the Key Program of NSFC-Guangdong Union Foundation under Grant No.U1135002+3 种基金 the Major National S&T Program under Grant No.2011ZX03005-002 the National Natural Science Foundation of China under Grants No. 61072066, No.61173135, No.61100230, No.61100233, No.61202389, No.61202390 the Natural Science Basic Research Plan in Shaanxi Province of China under Grants No.2012JQ8043, No. 2012JM8030, No. 2012JM8025, No2011JQ8003 the Fundamental Research Funds for the Central Universities under Cxants No. JY10000903001, No. K50511030004. The authors would like to thank the anonymous reviewers and the editor for their constructive comments that have helped us to improve this paper.
文摘In order to relvedy the security weaknesses of a robust user authentication framework for wireless sensor networks, an enhanced user authentication framework is presented. The enhanced scheme requires proof of the possession of both a password and a snort card, and provides more security guarantees in two aspects: 1) it addresses the untmceability property so that any third party accessing the communication channel cannot link two authentication sessions originated from the same user, and 2) the use of a smart card prevents offiine attacks to guess passwords. The security and efficiency analyses indicate that our enhanced scheme provides the highest level of security at reasonable computational costs. Therefore, it is a practical authentication scheme with attractive security features for wireless sensor networks.
基金The nancial support provided from the Cooperative Education Fund of China Ministry of Education(201702113002,201801193119)Hunan Natural Science Foundation(2018JJ2138)Degree and Graduate Education Reform Project of Hunan Province(JG2018B096)are greatly appreciated by the authors.
文摘The vehicular cloud computing is an emerging technology that changes vehicle communication and underlying trafc management applications.However,cloud computing has disadvantages such as high delay,low privacy and high communication cost,which can not meet the needs of realtime interactive information of Internet of vehicles.Ensuring security and privacy in Internet of Vehicles is also regarded as one of its most important challenges.Therefore,in order to ensure the user information security and improve the real-time of vehicle information interaction,this paper proposes an anonymous authentication scheme based on edge computing.In this scheme,the concept of edge computing is introduced into the Internet of vehicles,which makes full use of the redundant computing power and storage capacity of idle edge equipment.The edge vehicle nodes are determined by simple algorithm of dening distance and resources,and the improved RSA encryption algorithm is used to encrypt the user information.The improved RSA algorithm encrypts the user information by reencrypting the encryption parameters.Compared with the traditional RSA algorithm,it can resist more attacks,so it is used to ensure the security of user information.It can not only protect the privacy of vehicles,but also avoid anonymous abuse.Simulation results show that the proposed scheme has lower computational complexity and communication overhead than the traditional anonymous scheme.
文摘INTRODUCTIONOf the three cardinal manifestations of chronic pancreatitis-pain,diabetes mellitus and steatorrhea,it is pain thatbrings the patient to the physician and is the most difficultto manage.The intractabale pain that is quite
基金Acknowledgements This work was supported by Research Funds of Information Security Key Laboratory of Beijing Electronic Science & Technology Institute National Natural Science Foundation of China(No. 61070219) Building Together Specific Project from Beijing Municipal Education Commission.
文摘In order to solve the issue that existing direct anonymous attestation (DAA) scheme can not operate effectively in different domains,based on the original DAA scheme,a novel direct anonymous attestation protocol used in multi domains environment is proposed and designed,in which,the certificate issuer located in outside of domain can be considered as a proxy server to issue the DAA certificate for valid member nodes directly.Our designed mechanism accords with present trusted computing group (TCG) international specification,and can solve the problems of practical authentication and privacy information protection between different trusted domains efficiently.Compared with present DAA scheme,in our protocol,the anonymity,unforgeability can be guaranteed,and the replay-attack also can be avoided.It has important referenced and practical application value in trusted computing field.
基金This work was supported in part by Shandong Provincial Natural Science Foundation(ZR2019PF007)the National Key Research and Development Plan of China(2018YFB0803504)+2 种基金Basic Scientific Research Operating Expenses of Shandong University(2018ZQXM004)Guangdong Province Key Research and Development Plan(2019B010137004)the National Natural Science Foundation of China(U20B2046).
文摘Electronic voting has partially solved the problems of poor anonymity and low efficiency associated with traditional voting.However,the difficulties it introduces into the supervision of the vote counting,as well as its need for a concurrent guaranteed trusted third party,should not be overlooked.With the advent of blockchain technology in recent years,its features such as decentralization,anonymity,and non-tampering have made it a good candidate in solving the problems that electronic voting faces.In this study,we propose a multi-candidate voting model based on the blockchain technology.With the introduction of an asymmetric encryption and an anonymity-preserving voting algorithm,votes can be counted without relying on a third party,and the voting results can be displayed in real time in a manner that satisfies various levels of voting security and privacy requirements.Experimental results show that the proposed model solves the aforementioned problems of electronic voting without significant negative impact from an increasing number of voters or candidates.
