| Great challenges of data security and privacy are arising along with data growing massively,computing clouding,and application complicating.It is especially important to understand privacy and implement dynamic privacy preserving.And there is still a huge challenge in achieving balance between privacy protection and data utility.The non-cryptographic-based privacy research fields mainly include three aspects,i.e.privacy definition and quantification,privacy analysis and inference,and privacy preserving mechanism.The solution of these issues can help the community to improve its basic theoretical foundation,and provide solid scientificity for privacy definition and measurement,privacy breach mechanism and privacy preserving,and then provide a route to balance privacy protection and data utility.To address the mentioned critical scientific challenges,this work focuses on data opening and sharing scenarios,and non-cryptographic privacy domain.We mainly conduct research on privacy quantification,privacy analysis attack,privacy preserving,and the balance between privacy protection and data utility by using information theory and game theory.Several specific advances aiming to achieve rational privacy preserving and its application are suggested.After proposing a unified privacy quantification model based on information communication model,attribute privacy inference attack models on independent sequence data and related sequence data are suggested respectively,and the breached privacy and strength of adversaries are quantified by our proposed privacy quantification model.Further,a risk adaptive based access control(Ra BAC)model for dynamic privacy preserving is proposed,And additionally,two rational privacy Ra BAC models are proposed by using extensive game and evolutionary game,respectively.During the rational privacy Ra BAC models,functions for estimating privacy risk value of access request and utility of data are suggested,and thus the balance between privacy protection and accessed data utility is achiein data opening and sharing scenario.More specific contributions of this thesis are as follows.1.A unified privacy communication model for measuring privacy definition and quantity,strength of privacy analysis attack,and strength of privacy preserving mechanism,is proposed by using Shannon information.Several privacy quantification models of scenarios such as privacy preserving with/without adversary,privacy preserving with multi-privacy resources,are suggested for the measuring requirements of privacy definition,privacy analysis attack and privacy preserving mechanism.Furthermore,methods for quantifying the strength of privacy analysis attack and privacy preserving mechanism are proposed,and these methods provide support to measure the quantity of privacy disclosure,the strength of privacy analysis attack and privacy preserving mechanism.2.A privacy analysis attack model based on probability inference is proposed for the privacy of independent genetic data attributes in sequential data sharing scenarios.The model analyzes the interrelationship between the individual gene sequence attribute values and constructs the adversary model of the target attribute value inference.Based on the pro-posed adversary model,genome sequence privacy analysis attack methods are proposed based on an improved hidden Markov model and regression convolutional neural net-work model,respectively.Based on the privacy quantification model,attribute privacy and quantification methods of sequence data are defined,and these definitions are applied to quantify attribute privacy leaks and adversary acquisition.Experiments show that the proposed method is better than the existing genome sequence attribute privacy analysis model and algorithm.The error rate and uncertainty of the attribute privacy of the ad-versary are reduced,and the amount of private information obtained by the adversary is more than the existing work.3.An attribute privacy probability inference model is constructed for family members’ associated gene sequence data sharing scenarios.This model constructs an attribute privacy adversary model based on family pedigree structure and belief propagation model.Based on the defined sequence data attribute privacy quantification method,we analyze the im-pact of individual’s sequence attribute privacy breached by using his family members sharing part of the private gene data.Experiments and comparisons show that family members sharing personal genome privacy data can seriously reveal the privacy of other family members.By publishing genetic data on the Internet and shared genetic data by family members,the gene attribute privacy of other family members can be attacked on a large scale.The proposed method is better than the results of the existing work,and the accuracy of the inferred attribute privacy is higher,the adversary has less uncertainty about genome attribute privacy,and acquires more genome privacy information.4.Aiming at the dynamic privacy protection requirements of data sharing applications,a risk adaptive based access control model for privacy preserving is proposed based on XACML.After proposing the privacy preserving access control adversary model,three components,namely risk estimation,session control and risk mitigation services are added to the standard XACML framework,and other components are enhanced.In the new components,definition and quantification method of access request risk are pro-posed by using Shannon information entropy.The access request type discriminating method is proposed by combing access control request risk and the user’s own risk.By using quantification of access request risk and credit card incentives,the system dy-namically and adaptively constrain user access behaviors.The comparison and analysis show that the proposed model and method are more dynamic than the existing work,and achieve privacy protection and better usability.5.A extensive game based rational privacy Ra BAC model is proposed by employing Shannon information and game theory.After defining the concept of privacy risk and privacy violation access,this thesis proposes a framework and workflow for privacy risk access control model based on game theory.Calculation methods of access request’s privacy risk and the user’s privacy risk are propsed by using Shannon information.The conflict and cooperation relationship between the user and data service provider in the Ra BAC of privacy protection is proposed by multi-stage two-player game.The analysis shows that there is a sub-game refining Nash equilibrium in stage game of the privacy Ra BAC,which can balance the privacy protection and access data utility by limiting the privacy violation access request.This method benefits more than the existing work.It has the advantage of requiring less auxiliary information and providing more risk adaptability and privacy preserving.6.A evolutionary game based rational Ra BAC model for privacy preserving is proposed.The model includes a new privacy risk estimation module and an evolutionary game module.Firstly,based on the amount of information,the privacy information of the data set of the access request is quantified,and the access request privacy risk function and the user privacy risk function are constructed.Secondly,the multi-participant access control evolutionary game model is constructed under the assumption of bounded rationality by using evolutionary game theory.The dynamic mechanism selection and evolution stable state formation mechanism in the game process are analyzed by the replication dynamic equation.The selection method of game evolution stability strategy is proposed.Simulation experiments and comparisons show that the proposed access control model can effectively and adaptively preserving private information,and has better privacy risk adaptability.The dynamic evolution of access policy selection of bounded rational participants is more in line with the actual scenario. |
PDF Full Text Request