Research On Several Key Issues Of Privacy Protection In Mobile Internet Services

The continuous development of wireless communication technologies has made mobile Internet,which combines mobile communications with Internet,become an indispensable part of daily life.The current mobile Internet,especially the upcoming 5G mobile network,not only is a communication tool that provides message and voice services to consumers,but also acts as supports for various vertical industries and integrates information technology into the physical world.Therefore,the future mobile network will carry more private information of users,making the users' demands for privacy protection more prominent in mobile Internet services.According to mobile Internet services architecture that consists of data layer and application layer,this paper investigates data access control and location-based service(LBS)privacy protection,based on the security challenges faced by diverse layers and the user's demands for privacy protection.The schemes proposed herein effectively protects users' private information to meet their demands on a daily basis.Moreover,these schemes can ensure the healthy development of mobile Internet and its applications and help realize the strategic deployment of “Internet Plus”,which are of great significance for social harmony and stability.Our main contributions are shown as follows.1.Due to the lack of a reference model as the guidance,the designer cannot restrict the selfishness of rational users completely,which leads that the fairness of rational secret reconstruction becomes difficult to achieve in the existing schemes.To address this problem,this paper proposes a new methodology for designing rational secret reconstruction protocols.In the proposal,rational secret reconstruction game is first formalized,and based on the definitions of security,fairness and correctness of rational secret sharing,the expected goal about this game is then discussed from the perspective of a designer.Finally,by combing with mechanism design,a reference model for designing rational secret reconstruction protocols is proposed.Theoretical analysis shows that the presented reference model not only is universal,but also can guarantee that the expected strategy profile is stable and the obtained secret is correct.2.The existing data access control schemes for cloud storage and existing rational secret sharing schemes cannot realize that the data stored in cloud are inaccessible unless some users are present simultaneously.To address this problem,based on the devised rational secret reconstruction mechanism design model,this paper proposes a fair data access control scheme towards rational users for cloud storage.In the proposal,a large number of fake keys are generated to confuse the decryption key of shared data.During the exchange of shares,a user is required to first send his/her shares when he/she deviates from the prescribed scheme.Through this punishment the users' selfishness is restricted effectively,therefore,they can together access the data stored in cloud.Theoretical analysis shows that,in the presented scheme,the Nash equilibrium is that all of the users always send their shares,making them reconstruct the decryption key fairly.Extensive experiments indicate that the proposal is able to control the data access policies efficiently.3.The existing distributed K-anonymity privacy protection schemes do not consider the location leaking and cheating behaviors during the construction of anonymous cloaking region,which leads that these schemes cannot protect the users' location privacy when initiating query at a crowded area.To address this problem,this paper first formalizes the location leaking attack and the forged location attack in accordance with the location leaking and cheating behaviors,and gives the security definition of distributed K-anonymity.Afterwards,by analyzing the strategies and utilities of the request user and cooperative user during the construction of anonymity cloaking region,an incentive cooperation request recording mechanism is devised to restrict their selfishness.Finally,based on the devised mechanism,a novel distributed K-anonymity privacy preserving scheme is proposed by means of blockchain.Security analysis and extensive experiments indicate that the proposed scheme is able to construct the anonymous cloaking region efficiently and protect the request user and cooperative users' location privacy effectively.4.When the existing dummy-based schemes are adopted directly in consecutive requests,the adversary can identify some of dummies,because the submitted neighboring location sets and full location set sequence always have a close spatiotemporal correlation.Consequently,these schemes cannot protect the user's location privacy completely.To address this problem,this paper proposes a spatiotemporal correlation-aware dummy-based scheme.In the presented scheme,the spatiotemporal correlation attack model is first formalized from three aspects,namely time reachability,direction similarity and in-degree/out-degree,and the security of dummy-based privacy protection is then defined by analyzing the user's movement model in consecutive requests.Finally,we adopt existing dummy-based schemes to generate initial dummies and filter out them which can be identified by means of spatiotemporal correlation.Security analysis shows that the proposed scheme successfully perturbs spatiotemporal correlation not only between neighboring location sets but also on the full location set sequence,therefore,it is infeasible for adversary to distinguish the user's real location from dummies.Finally,extensive experiments indicate that the proposed scheme protects the user's location privacy effectively and efficiently when enjoying location-based services at a crowd sparse area.