CN106899700A - A kind of method for secret protection of the position shared system in mobile social networking - Google Patents
A kind of method for secret protection of the position shared system in mobile social networking Download PDFInfo
- Publication number
- CN106899700A CN106899700A CN201710287904.0A CN201710287904A CN106899700A CN 106899700 A CN106899700 A CN 106899700A CN 201710287904 A CN201710287904 A CN 201710287904A CN 106899700 A CN106899700 A CN 106899700A
- Authority
- CN
- China
- Prior art keywords
- user
- assumed name
- social
- location
- lookup
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/52—Network services specially adapted for the location of the user terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/062—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/107—Network architectures or network communication protocols for network security for controlling access to devices or network resources wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The present invention searches the technical problem of the location privacy protection of service for the nearby friends in Mobile Online's social networks and stranger, proposes a kind of method for secret protection for realizing the position shared system in a kind of mobile social networking that nearby friends are searched, stranger searches.The present invention considers nearby friends lookup, stranger and searches particularity of the service relative to traditional location Based service, and the social networks privacy of user can be protected in addition to the location privacy to user is protected.In the present invention, user is using nearby friends when being searched, neighbouring stranger searching this position shared service, the object that position can be selected shared, that is, allow user to select for the position of oneself to be exposed to a part of good friend, rather than all of good friend.Preservation tactics proposed by the present invention are more efficient than existing method for secret protection, can more quickly find neighbouring good friend, stranger.
Description
Technical field
The invention belongs to mobile communication technology field, and in particular to a kind of position shared system in mobile social networking
Secret protection.
Background technology
It is traditional with mobile communication technology, the popularization developed rapidly with high-performance Intelligent mobile equipment of social networks
Location-based service and social networks are constantly merged, and form Mobile Online's social networks.Mobile Online's social networks provides more
Position shared service, user can not only search neighbouring good friend and stranger, can also carry out the service of registering.It is mobile social
Be combined for actual position service and virtual community by network, enriches the social mode of people.However, when user is enjoying position
Service band come it is convenient when, they also take on the risk of sensitive information leakage.
When user sends location service request, attacker can not only associate position with the identity information of user
Come, and can be inferred that more privacy informations of user, such as health status etc..Meanwhile, attacker can also be using continuous
Location service request information according to the time formed user track, by the trajectory analysis to user, it is not only possible to find use
The past and present position in family, but also the possible home address of user, job site and rule of life can be analyzed, or even
Can be inferred that the information such as behavior pattern and the habits and customs of the daily life track of user.If mobile social networking is constantly received
Collect the position of user, then the position of user may be betrayed and give third party businessman by it because of commercial interest.
The Privacy Protection that nearby friends and stranger in Mobile Online's social networks search service can be decomposed into
Social identity protection problem in location privacy protection problem and location server in social network server.
Position encryption is the main method for solving the problems, such as the location privacy protection in social network server.User by
Terminal is sent to social network server after actual position is encrypted, social network server does not have corresponding decruption key, because
This can not obtain the actual position of user.The location privacy of user is guaranteed at social network server end.Dynamic subscriber is false
Name is the main method for solving the problems, such as the social identity protection in location server.User performs nearby friends and stranger every time
When searching service, social network server all can at random generate user's assumed name for user, and what location server was obtained is only to use
User's assumed name at family also has the social buddy list of user.Therefore location server cannot obtain the social identity of user.In order to
The social privacy of identities protection of enhancing, false social identity can be increased in the buddy list of user at random.User's is social good
Friendly list good friend inquire about in can change at random, therefore location server can not by user's assumed name of user, user it is social good
Social identity of the friendly list association to user.But in the encryption of above-mentioned position and social identity protection strategy, asymmetrical position
AES computation complexity and calculating time are higher, and user terminal needs more computing resource.Meanwhile, dynamic subscriber's assumed name
Not completely random, user's assumed name content contains the true social identity of user, therefore user identity is likely to be taken by position
Business device is deduced, then the social identity information of user is exposed.
A kind of system for solving social privacy of identities and location privacy includes social network server and multiple positions
Server.Position AES, dynamic subscriber's assumed name technology are introduced in the system and increases false social activity identity.User sends out every time
Rise and can at random generate user's assumed name when finding that nearby friends, stranger are asked, this ensure that location server cannot be by user
The true social Identity Association of assumed name information and user gets up.Consider to increase in buddy list simultaneously false social activity identity and
Buddy list is randomly divided into many points, multiple location servers is sent respectively to so that location server cannot close buddy list
It is linked to the real social identity of user.Location privacy encrypts the position for social network server is obtained user.On
The method stated not only realizes the location privacy protection of user, while realizing the social privacy of identities protection of user.But its
Still there are following defects:(1) the true social identity information of user is contained in dynamic subscriber's assumed name, location server can be with
The historical position of user is deduced according to historic user assumed name.(2) computing resource of user terminal is limited, often finds a good friend
Or stranger will carry out asymmetric encryption to its position, the time is calculated almost with good friend's number and stranger's number into just
Than.In the case where good friend's number and stranger's number are more, it is necessary to the more calculating time.(3) the method causes user only
Can not accounted in practical application with all good friend's sharing positions, user may simultaneously distrust all good friends, only want to and portion
Divide good friend's sharing position.
Another kind is used to solve social privacy of identities and the scheme of location privacy:Position based on trusted third party's server
Shared system is put, the system includes trusted third party's server and position social interaction server device.Position social interaction server device can provide with
Position and socially relevant service.User sends before discovery nearby friends, stranger are asked, it is necessary to position is sent to every time
Can third-party server, third-party server deduce user and arrive according to the historical position of user plus the position of current request
The sensitive position crossed.User stops sending possible to position social interaction server device according to the result of calculation of trusted third party's server
Reveal the request of sensitive position.The system and algorithm effectively realize the secret protection of the sensitive position of user.But there is also
Following shortcoming:(1) system needs trusted third party's server, once attacker's successful attack server, then it is all
The historical position of user all can be compromised.(2) location privacy protection here refers mainly to the secret protection of sensitive position, does not examine
Considering other positions can expose the individual privacy of some users, such as zone of action, movement track etc..
The content of the invention
Nearby friends and stranger in Mobile Online's social networks are searched in service, not only to prevent social networks from taking
Business device obtains the actual position of user, also to prevent location server from obtaining the social identity information of user, while also have preventing
Unauthorized user accesses the position of user.Therefore it is attached during traditional location privacy protection algorithm is for Mobile Online's social networks
Nearly good friend and stranger search and service and do not apply to.The present invention is for the nearby friends in Mobile Online's social networks and stranger
The technical problem of the location privacy protection of service is searched, the user that a kind of nearby friends are searched, stranger is searched in service is proposed
Location privacy protection and social networks method for secret protection.The present invention has considered nearby friends lookup, stranger and has searched clothes
It is engaged in relative to the particularity of traditional location Based service, can be to user in addition to the location privacy to user is protected
Social networks privacy protected.In view of the computing resource pretty valuable of terminal, Preservation tactics of the present invention are than existing
Some method for secret protection are more efficient, can more quickly find neighbouring good friend, stranger.In the present invention, use
Family can select the object that position is shared when being searched using nearby friends, neighbouring stranger searching this position shared service,
User is allowed to select for the position of oneself to be exposed to a part of good friend, rather than all of good friend.
The method for secret protection of the position shared system in mobile social networking of the invention, comprises the following steps:
A kind of method for secret protection of the position shared system in mobile social networking, comprises the following steps:
Step 1:Online social network server is that user terminal generates user's assumed name, and user terminal is on location server
Enter row positional information based on user's assumed name to log in:
101:User terminal initiates the generation request of user's assumed name to online social network server:
User terminal generates random key pair, and using private key when registering social activity identity ID as key, to social identity ID
Asymmetric encryption is carried out with timestamp and generate the first digital signature, and will be signed comprising social identity ID, timestamp, the first numeral
Name, user's assumed name generation request of the public key of random key pair are sent to online social network server;
102:Online social network server carries out social identity ID checkings to user terminal:By user's registration social activity identity
Public key during ID is decrypted and verifies social identity ID to the first digital signature for receiving;
Online social network server is to generate user's assumed name at random and return to user terminal by the user for verifying, while
The public key of active user's assumed name and random key pair from user terminal is sent to location server;And update local social
User's assumed name of current social activity identity ID in network data base, wherein social network database include that social identity ID, user are false
Name, the social identity ID of good friend;
103:User terminal is based on active user's assumed name and generates login location information and be sent to location server, wherein position
Logon information include user's assumed name, timestamp, the second digital signature, customer location, by lookup distance, second digital signature
For:Asymmetric encryption generation is carried out to active user's assumed name and timestamp as key using the private key of current random key pair;Quilt
Searching distance includes:The distance that customer location is searched by good friend, stranger;
104:Location server carries out user's assumed name checking to user terminal, and safeguards local position data storehouse:
User's assumed name is verified:Based on the public key of the random key pair matched with user's assumed name, the second digital signature is carried out
Decrypt and verify user's assumed name;
Safeguard in local position data storehouse:Local position data storehouse will be saved in by the login location information verified;Institute
Stating location database includes:Customer location, searched distance, the public key of current random key pair and user's assumed name;
Step 2:Location lookup request is processed:
201:User terminal sends the first search request to online social network server, and first search request includes:
Social identity ID, lookup type, social identity access rights, wherein social identity access rights are:Allow to access this end subscriber
Buddy list;
202:Online social network server is based on lookup type and carries out lookup treatment:
If lookup type is good friend, the social identity ID and user's assumed name of the good friend of social identity access rights will be met
Return to user terminal;
If lookup type is stranger, holding fix server sends second user assumed name set, when receiving the second use
During the assumed name set of family, the good friend that social network server will belong to the user of currently transmitted first search request uses from described second
After being deleted in the assumed name set of family, then the set of second user assumed name, corresponding social identity ID are returned into user terminal;
203:User terminal sends the second search request to location server, and second search request includes:User's assumed name,
Type, seeking scope, position access control are searched, wherein position access control is:Whether the customer location of this end subscriber is shown;
204:Location server is based on lookup type and carries out lookup treatment:
If lookup type is good friend, location server is searched and meets query context and all users vacation by lookup distance
Name, obtains initial lookup set;And based on whether be transmitted across show this end-user locations position access control, to initial lookup
Set is divided:If not being transmitted across, the first subset is divided into;Otherwise it is divided into yield in the second subset;By the user of the first subset
User's assumed name and customer location of assumed name and yield in the second subset return to user terminal;
If lookup type is stranger, location server is searched and meets seeking scope and all users by lookup distance
Assumed name, obtains second user assumed name set, and the second user assumed name set is returned into user terminal, and is sent to online society
Hand over the webserver;
205:User terminal is matched to the return information of online social network server and location server, is searched
As a result.
In sum, by adopting the above-described technical solution, the beneficial effects of the invention are as follows:
(1) location privacy protection.The present invention has taken into full account that user is searched using nearby friends, stranger searches this position
Location privacy protection problem that may be present during shared service is put, online social network server and location server can be reached
On customer location secret protection.
(2) social networks secret protection.The present invention has taken into full account the social pass of user on online social network server
It is Privacy Protection, user social contact relation secret protection on location server can be reached.
(3) high efficiency.Privacy preserving algorithms proposed by the invention, contrast and traditional symmetrical/rivest, shamir, adelman
It is more efficient.
Brief description of the drawings
Fig. 1 is position update flow figure of the invention;
Fig. 2 is Fellow searching flow chart of the invention;
Fig. 3 is that stranger of the invention searches flow chart;
Wherein, LS represents location server, and SNS represents online social network server, and ID represents the social activity of social user
Identity, pid represents that SNS is user's assumed name of user's generation.
Specific embodiment
To make the object, technical solutions and advantages of the present invention clearer, with reference to implementation method and accompanying drawing, to this hair
It is bright to be described in further detail.
The implementation process of the method for secret protection of position shared system proposed by the present invention is as follows:
(1) position shared system
For realizing that position shared system of the invention mainly includes three parts:Terminal, location server, online social network
Network server.User initiates the request of the good friend, stranger of inquiry specified range by the terminal (abbreviation user terminal) for carrying.
Terminal can be communicated with location server and online social network server.Online social network server management is social to be used
The social identity information (User Identity) at family, buddy list info and authentication etc..Social network server is online
User provides the online social networking service based on social identity.Location server manages user's assumed name of all users, right
The position answered and authentication, and provide position related service.
(2) lookup method is set
Lookup, the matching treatment being related in this specific embodiment are using red-black balance search tree as data knot
Structure, button is searched.
(3) privacy protection policy
Three steps can be divided into:User's registration, location updating and request are submitted to.
(3.1) user logs in
In the present invention, the different coordinate positions of user correspond to different user's assumed names respectively, when customer location changes
When, then need to initiate the request of generation user's assumed name to online social network server first, then based on current user's assumed name
Logged on location server so that location server energy real time record customer location.
Logged in on location server including being logged on online social network server.
Logged on online social networks:
Online social network server stores ID and corresponding buddy list.Such as online social network server
The social network database of user is safeguarded in the form of { (ID, pid, G, PK) }.Wherein user social network diagram G=(V,
E), V represents the summit of social network diagram, and E represents the side of social network diagram, and (PK, SK) is user in online social networking service
The key pair during social activity identity ID is registered on device, usually third-party digital certificate server generation, for carrying out user's
Social identity ID, in order to distinguish different user, PK represents public key, and SK represents private key, can be entered by the subscript with user identifier
Row is distinguished, such as PKID、SKID。
When user initiates the generation of user's assumed name to social network server every time, user terminal can generate random key pair
User identity (user's assumed name) certification that (pk, sk) is used on location server, wherein pk is Public Key, and sk is privately owned close
Key, in order to distinguish the random key pair of different user, can be made a distinction by the subscript with user identifier, such as (pkID,
skID)。
User is by social identity ID checking requests (ID, ts, SigSKID(ID, ts), pk) it is sent to online social networks clothes
Business device, wherein SigSKID(ID, ts) is user by ID and timestamp ts with registering private key SK during social activity identity IDIDAs
The digital signature of asymmetric encryption (such as RSA public key encryptions) generation of key, i.e. the first digital signature.
Public key PK when online social network server is by user's registration social activity identity IDIDIt is decrypted, and once
The validity of the social identity ID of checking is demonstrated, online social network server will at random generate user's assumed name for user
Pid, and the pid is unique, in order to identify the corresponding relation of user's assumed name and user, can be by the subscript with user identifier
Make a distinction, such as ID, corresponding user's assumed name is then pidID.Final online social network server will be current
User's assumed name pid of generation is sent to user, while (pid, pk) is sent into location server.
Logged on location server:
Location server carrys out maintenance position database in the form of { (pid, pk, (x, y), dif, s) }.Wherein pid is represented
User's assumed name, pk represents that public key for certification user's assumed name, (x, y) represent that customer location, dif represent that pid is looked into by its good friend
The distance looked for, s represents the distance that pid is searched by stranger.The user verified by social identity ID is sent to location server
Login location information (pid, ts, Sigsk (pid, ts), (x, y), difID,sID), wherein Sigsk (pid, ts) is user to work as
Preceding sk carries out the digital signature of asymmetric encryption generation as key to user's assumed name pid and timestamp ts, i.e., the second numeral is signed
Name, dif represents the distance that customer location can be inquired about by good friend, and s represents the distance that customer location can be inquired about by stranger,
(x, y) represent customer location, in order to distinguish different user apart from dif, apart from s and position, by with user identifier
Subscript makes a distinction, and the customer location of such as correspondence social activity identity ID is (xID,yID), the customer location can be by good friend, stranger
The distance of inquiry is respectively difID、sID.Location server using from online social network server and with active user's assumed name
The public key pk of the random key pair of matching, the legitimacy of checking signature Sigsk (pid, ts).To be believed by the login location verified
Breath is saved in local position data storehouse.
In the present invention, different customer location one user's assumed names of correspondence, when user position update, its handling process
Processing mode with new position log-on message is identical, referring to Fig. 1, user terminal firstly generate for verify user's assumed name with secret
Key is to after (pk ', sk '), then social identity ID checkings are carried out on SNS (online social network server), will while checking
The public key pk ' of the random key pair being currently generated is sent to SNS;SNS is that the user verified by social identity ID is regenerated
User assumed name pid ', and user's assumed name is unique.Meanwhile, SNS update user social network database (ID, pid ',
G, pk) }, and pid ' is sent to user, while will (pid ', pk ') it is sent to LS.
User by login location information (pid ', Sigsk ' Sigsk ' (pid ', ts), (x ', y '), dif s) is sent to LS,
After LS pk ' are decrypted and are verified the validity of active user's assumed name pid ', new customer location (x ', y ') will with (pid ',
Form pk ', (x ', y '), dif, s) } is saved in location database.
(3.3) search request is submitted to and processed
It is currently to complete corresponding authentication, wherein SNS on SNS, LS that user can submit the premise of search request to
On be complete to the first digital signature (SigSKID(ID, ts)) verification process, that is, verify that the decryption of first digital signature is obtained
Whether ID is consistent with the ID for receiving;It is to complete to the verification process of the second digital signature Sigsk (pid, ts) on LS, that is, verifies the
Whether the pid that the decryption of two digital signature is obtained is consistent with the pid for receiving.
Search request includes that friend location search request, stranger's location lookup are asked.
Referring to Fig. 2, friend location search request flow is:
After user terminal currently completes corresponding authentication on SNS, LS, user terminal sends the first lookup to SNS please
Ask, wherein the first search request includes:Social identity ID, lookup type (good friend), social identity access rights, wherein social body
Part access rights can use field " Y/N/<friends-set>" mode be configured, wherein Y is represented allows all good friends to visit
Its customer location is asked, N represents that the ID of user allows good friend to access but customer location refuses accessed, and the default symbol of Y/N is NULL,
<friends-set>Represent the good friend for allowing its position of access that user specifies.
Such as NULL/NULL/<friends-set>Represent and only allow<friends-set>(user is false for the good friend for specifying
Name) this end subscriber (sending the user of the first search request) customer location is accessed, it is non-<friends-set>The good friend for specifying allows
Access the social identity ID but denied access customer location of this end subscriber;NULL/N/NULL represents the use for not showing this end subscriber
The social identity ID of family position, i.e. this end subscriber allows good friend to access but customer location refuses accessed.
Because current lookup type is good friend, therefore SNS will directly meet the social body of the good friend of social identity access rights
Part ID and user's assumed name return to user terminal:
SNS devices manage the buddy list and its corresponding user's assumed name of user, and the social identity ID based on lookup side is in society
Inquiry obtains the buddy list of lookup side and its SNS lookup results of user's assumed name in handing over network data base, uses Friend-Set
SNS lookup results are represented, then Friend-Set={ (ID1,pid1),…,(IDi,pidi),…,(IDn,pidn)}.Again will
The element for allowing the side of lookup to access customer location in Friend-Set is divided into set Friend-Set '.Finally, SNS will
Friend-Set ' is sent to lookup side.
Meanwhile, user terminal sends the second search request to LS, wherein the second search request includes:User's assumed name, lookup class
Type (good friend), seeking scope, position access control, wherein position access control is:Whether the customer location of this end subscriber is shown,
The customer location for not showing this end subscriber is for example represented with field Y/N/NULL, field Y/NULL/NULL represents that display local terminal is used
The customer location at family.
To the user being verified by user's assumed name, LS is searched and is met query context and all users by lookup distance
Assumed name, obtains initial lookup set.For example when the preceding search request condition (pid, l, Y/N/NULL) sent to LS, wherein letter
L represents the seeking scope of the friend location that user specifies, then LS is searched with the position (x, y) of user's assumed name pid as the center of circle, and l is
Meet by all user's assumed names apart from dif of Fellow searching in the circle of radius, obtain initial lookup collection and share PID0, wherein
PID0={ pid1,…,pidi,…,pidn, wherein i (i=1 ..., n), then PID0In all user's assumed names should meet
Following condition:
dis((x,y),(xi,yi))≤min(l,difi)
Wherein dis () represents distance function, that is, calculate the distance between any two customer location, and min () represents meter
Calculate the function of minimum value.
Because current lookup type is good friend, whether LS is transmitted across N according to user terminal, and (i.e. position access control is set to:No
Show the customer location of this end subscriber), when type is searched to search good friend, by set PID0In user's assumed name be divided into two
Point, if active user's assumed name is transmitted across N to LS, active user's assumed name will be divided into subclass PID1In (be rejected
Access its customer location), otherwise it is divided into subclass PID2(allowing to access customer location);
Based on the division result to initial lookup set, by subclass PID1, subclass PID2And its corresponding user's assumed name
It is sent to user terminal.
User terminal is matched the information from SNS and LS, matching process:Belong to PID for any1User it is false
Name pidiIf, pidiBelong to Friend-Set ', then user gets pidiCorresponding social identity ID.Belong to for any
PID2User's assumed name pidiIf, pidiBelong to Friend-Set ', then user gets pidiCorresponding social identity IDi
And position (xi,yi)。
Referring to Fig. 3, stranger's location lookup request flow is:
After user terminal currently completes corresponding authentication on SNS, LS, user terminal sends the to user terminal to SNS
One search request, i.e. user verify whether social identity ID is effective on SNS.Wherein the first search request includes:Social identity
ID, lookup type (stranger), social identity access rights.
Because current lookup type is stranger, SNS waits LS to send user's assumed name set.
User terminal sends the second search request to LS, wherein the second search request includes:User's assumed name, lookup type (footpath between fields
Stranger), seeking scope, position access control (when search type be stranger when, location fix control can be with default setting).
For example when the preceding search request condition sent to LS is (pid, d, s), wherein d represents the stranger that lookup side specifies
Location lookup scope.Then LS is searched and is met seeking scope and all user's assumed names by lookup distance simultaneously, and it is false to form user
PID is sent to user by name set PID, LS.
For example inquire about the user's assumed name collection for obtaining and be combined into PID={ (pid1,(x1,y1)),…,(pidi,(xi,yi)),…,
(pidn,(xn,yn)), the element in all PID meets following condition:
dis((x,y),(xi,yi))≤min(d,si)
In order to further enhance location privacy protection, LS randomly chooses some user's assumed name (units in PID before non-addition
Element) increase to user's assumed name set PID for obtaining of inquiry, then PID is sent in SNS.Therefore SNS cannot distinguish between set
Which user's assumed name in PID meets the seeking scope (i.e. the access distance of the side of lookup) of current lookup side, therefore further increases
The strong secret protection of user.
The element of user's assumed name for belonging to user good friend in the set PID that SNS will be received removes, then again by PID and its
The corresponding social identity ID of all elements is with { (ID1,pid1),…,(IDi,pidi),…,(IDn,pidn) form be sent to
User.
After user receives the message from SNS and LS, it is matched, matching process:Belong to set for any
User's assumed name pid of PIDiIf, pidiBelong to PID2, then user obtains pidiCorresponding social identity information IDiAnd position
(xi,yi)。
The above, specific embodiment only of the invention, any feature disclosed in this specification, except non-specifically
Narration, can alternative features equivalent by other or with similar purpose replaced;Disclosed all features or all sides
Method or during the step of, in addition to mutually exclusive feature and/or step, can be combined in any way.
Claims (2)
1. the method for secret protection of the position shared system in a kind of mobile social networking, it is characterised in that comprise the following steps:
Step 1:Online social network server is that user terminal generates user's assumed name, and user terminal is based on location server
User's assumed name enters row positional information and logs in:
101:User terminal initiates the generation request of user's assumed name to online social network server:
User terminal generates random key pair, and using private key when registering social activity identity ID as key, to social identity ID and when
Between stamp carry out asymmetric encryption and generate the first digital signature, and will comprising social activity identity ID, timestamp, the first digital signature, with
User's assumed name generation request of the public key of secret key pair is sent to online social network server;
102:Online social network server carries out social identity ID checkings to user terminal:During by user's registration social activity identity ID
Public key to receive the first digital signature be decrypted and verify social identity ID;
Online social network server is to generate user's assumed name at random and return to user terminal by the user for verifying, while ought
The public key of preceding user's assumed name and the random key pair from user terminal is sent to location server;And update local social networks
User's assumed name of current social activity identity ID in database, wherein social network database include social identity ID, user's assumed name, good
The social identity ID of friend;
103:User terminal is based on active user's assumed name and generates login location information and be sent to location server, wherein login location
Information include user's assumed name, timestamp, the second digital signature, customer location, by lookup distance, second digital signature is:
Asymmetric encryption generation is carried out to active user's assumed name and timestamp as key using the private key of current random key pair;Searched
Distance includes:The distance that customer location is searched by good friend, stranger;
104:Location server carries out user's assumed name checking to user terminal, and safeguards local position data storehouse:
User's assumed name is verified:Based on the public key of the random key pair matched with user's assumed name, the second digital signature is decrypted
And verify user's assumed name;
Safeguard in local position data storehouse:Local position data storehouse will be saved in by the login location information verified;Institute's rheme
Putting database includes:Customer location, searched distance, the public key of current random key pair and user's assumed name;
Step 2:Location lookup request is processed:
201:User terminal sends the first search request to online social network server, and first search request includes:It is social
Identity ID, lookup type, social identity access rights, wherein social identity access rights are:Allow to access the good of this end subscriber
Friendly list;
202:Online social network server is based on lookup type and carries out lookup treatment:
If lookup type is good friend, the social identity ID and user's assumed name that will meet the good friend of social identity access rights are returned
To user terminal;
If lookup type is stranger, holding fix server sends second user assumed name set, false when second user is received
During name set, the good friend that social network server will belong to the user of currently transmitted first search request is false from the second user
After being deleted in name set, then the set of second user assumed name, corresponding social identity ID are returned into user terminal;
203:User terminal sends the second search request to location server, and second search request includes:User's assumed name, lookup
Type, seeking scope, position access control, wherein position access control is:Whether the customer location of this end subscriber is shown;
204:Location server is based on lookup type and carries out lookup treatment:
If lookup type is good friend, location server is searched and meets query context and all user's assumed names by lookup distance,
Obtain initial lookup set;And based on whether be transmitted across show this end-user locations position access control, to initial lookup collection
Conjunction is divided:If not being transmitted across, the first subset is divided into;Otherwise it is divided into yield in the second subset;The user of the first subset is false
User's assumed name and customer location of name and yield in the second subset return to user terminal;
If lookup type is stranger, location server is searched and meets seeking scope and all users vacation by lookup distance
Name, obtains second user assumed name set, and the second user assumed name set is returned into user terminal, and is sent to online social activity
The webserver;
205:User terminal is matched to the return information of online social network server and location server, obtains searching knot
Really.
2. the method for claim 1, it is characterised in that in step 204, when it is stranger to search type, position clothes
Business device is then forwarded to online social networking service after the random multiple user's assumed names of addition in the second user assumed name set
Device, wherein in second user assumed name set of the user's assumed name for adding not before addition.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710287904.0A CN106899700B (en) | 2017-04-27 | 2017-04-27 | Privacy protection method of location sharing system in mobile social network |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710287904.0A CN106899700B (en) | 2017-04-27 | 2017-04-27 | Privacy protection method of location sharing system in mobile social network |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106899700A true CN106899700A (en) | 2017-06-27 |
CN106899700B CN106899700B (en) | 2020-01-14 |
Family
ID=59197552
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710287904.0A Active CN106899700B (en) | 2017-04-27 | 2017-04-27 | Privacy protection method of location sharing system in mobile social network |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106899700B (en) |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108390865A (en) * | 2018-01-30 | 2018-08-10 | 南京航空航天大学 | A kind of fine-grained access control mechanisms and system based on privacy driving |
CN108494666A (en) * | 2018-04-01 | 2018-09-04 | 王勇 | Internet chat tool |
CN109348413A (en) * | 2018-11-26 | 2019-02-15 | 苏州达家迎信息技术有限公司 | Location information sharing method, device, equipment and storage medium |
CN110166350A (en) * | 2019-06-06 | 2019-08-23 | 深圳市加农炮网络技术有限公司 | A kind of open social network communication agreement |
CN110569413A (en) * | 2019-08-16 | 2019-12-13 | 湖北工业大学 | Indexing system and method for protecting member privacy in social network |
CN110602631A (en) * | 2019-06-11 | 2019-12-20 | 东华大学 | Processing method and processing device for location data for resisting conjecture attack in LBS |
CN110650113A (en) * | 2018-04-24 | 2020-01-03 | 物联智慧股份有限公司 | Data encryption and decryption method and system, networking device and data encryption and decryption method thereof |
CN110933050A (en) * | 2019-11-18 | 2020-03-27 | 湖北工业大学 | Privacy protection position sharing system and method |
CN111061919A (en) * | 2019-08-29 | 2020-04-24 | 上海岚孜网络科技有限公司 | Edge randomization algorithm and authority control method for social network group |
CN112800458A (en) * | 2021-01-26 | 2021-05-14 | 华南理工大学 | Track privacy protection method based on relationship strength among users in social network |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140143241A1 (en) * | 2012-11-19 | 2014-05-22 | Daniel Dee Barello | Internet news platform and related social network |
CN103984764A (en) * | 2014-05-30 | 2014-08-13 | 石家庄铁道大学 | Individuation privacy protection method for sensing semantic query based on road network |
CN104219245A (en) * | 2014-09-19 | 2014-12-17 | 西安电子科技大学 | System and method for location based service-orientated user privacy protection |
CN104836789A (en) * | 2015-03-20 | 2015-08-12 | 湖南科技大学 | Location privacy protection scheme based on space region anonymity |
CN105721433A (en) * | 2016-01-18 | 2016-06-29 | 河南科技大学 | Access control method of user private data of online social networks |
US20170099133A1 (en) * | 2015-10-01 | 2017-04-06 | Pitney Bowes Inc. | Method and system for privacy-friendly location-based advertising |
-
2017
- 2017-04-27 CN CN201710287904.0A patent/CN106899700B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140143241A1 (en) * | 2012-11-19 | 2014-05-22 | Daniel Dee Barello | Internet news platform and related social network |
CN103984764A (en) * | 2014-05-30 | 2014-08-13 | 石家庄铁道大学 | Individuation privacy protection method for sensing semantic query based on road network |
CN104219245A (en) * | 2014-09-19 | 2014-12-17 | 西安电子科技大学 | System and method for location based service-orientated user privacy protection |
CN104836789A (en) * | 2015-03-20 | 2015-08-12 | 湖南科技大学 | Location privacy protection scheme based on space region anonymity |
US20170099133A1 (en) * | 2015-10-01 | 2017-04-06 | Pitney Bowes Inc. | Method and system for privacy-friendly location-based advertising |
CN105721433A (en) * | 2016-01-18 | 2016-06-29 | 河南科技大学 | Access control method of user private data of online social networks |
Cited By (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108390865A (en) * | 2018-01-30 | 2018-08-10 | 南京航空航天大学 | A kind of fine-grained access control mechanisms and system based on privacy driving |
CN108494666A (en) * | 2018-04-01 | 2018-09-04 | 王勇 | Internet chat tool |
CN110650113A (en) * | 2018-04-24 | 2020-01-03 | 物联智慧股份有限公司 | Data encryption and decryption method and system, networking device and data encryption and decryption method thereof |
CN109348413B (en) * | 2018-11-26 | 2020-10-02 | 苏州达家迎信息技术有限公司 | Position information sharing method, device, equipment and storage medium |
CN109348413A (en) * | 2018-11-26 | 2019-02-15 | 苏州达家迎信息技术有限公司 | Location information sharing method, device, equipment and storage medium |
CN110166350A (en) * | 2019-06-06 | 2019-08-23 | 深圳市加农炮网络技术有限公司 | A kind of open social network communication agreement |
CN110166350B (en) * | 2019-06-06 | 2021-08-03 | 雷雨 | Open social network communication method |
CN110602631A (en) * | 2019-06-11 | 2019-12-20 | 东华大学 | Processing method and processing device for location data for resisting conjecture attack in LBS |
CN110569413A (en) * | 2019-08-16 | 2019-12-13 | 湖北工业大学 | Indexing system and method for protecting member privacy in social network |
CN110569413B (en) * | 2019-08-16 | 2022-11-18 | 湖北工业大学 | Indexing system and method for protecting member privacy in social network |
CN111061919A (en) * | 2019-08-29 | 2020-04-24 | 上海岚孜网络科技有限公司 | Edge randomization algorithm and authority control method for social network group |
CN110933050A (en) * | 2019-11-18 | 2020-03-27 | 湖北工业大学 | Privacy protection position sharing system and method |
CN110933050B (en) * | 2019-11-18 | 2022-04-01 | 湖北工业大学 | Privacy protection position sharing system and method |
CN112800458A (en) * | 2021-01-26 | 2021-05-14 | 华南理工大学 | Track privacy protection method based on relationship strength among users in social network |
Also Published As
Publication number | Publication date |
---|---|
CN106899700B (en) | 2020-01-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106899700A (en) | A kind of method for secret protection of the position shared system in mobile social networking | |
Liu et al. | A survey on secure data analytics in edge computing | |
Sun et al. | User-defined privacy location-sharing system in mobile online social networks | |
Wei et al. | Mobishare: Flexible privacy-preserving location sharing in mobile online social networks | |
Dong et al. | Secure friend discovery in mobile social networks | |
Zhu et al. | An efficient privacy-preserving location-based services query scheme in outsourced cloud | |
Puttaswamy et al. | Preserving location privacy in geosocial applications | |
Kapadia et al. | AnonySense: Opportunistic and privacy-preserving context collection | |
Li et al. | A secure chaotic maps and smart cards based password authentication and key agreement scheme with user anonymity for telecare medicine information systems | |
Khaliq et al. | A secure and privacy preserved parking recommender system using elliptic curve cryptography and local differential privacy | |
EP2805298B1 (en) | Methods and apparatus for reliable and privacy protecting identification of parties' mutual friends and common interests | |
Shen et al. | An efficient and privacy-preserving location sharing mechanism | |
Hasan et al. | WORAL: A witness oriented secure location provenance framework for mobile devices | |
Zhuo et al. | Privacy-preserving verifiable proximity test for location-based services | |
CN109818729A (en) | Secret protection average distance querying method based on Paillier homomorphic cryptography | |
Nisha et al. | A novel privacy protection scheme for location-based services using collaborative caching | |
Gope | Anonymous mutual authentication with location privacy support for secure communication in M2M home network services | |
CA2768362C (en) | Trusted query network systems and methods | |
Lv et al. | A highly reliable cross-domain identity authentication protocol based on blockchain in edge computing environment | |
Komninos et al. | Privacy preserving attribute based encryption for multiple cloud collaborative environment | |
KR101760600B1 (en) | A Trustless Broker Based Protocol to Discover Friends in Proximity-Based Mobile Social Network and System Therefor | |
Al-Nazzawi et al. | Toward privacy protection for location based recommender systems: a survey of the state-of-the-art | |
Barriga A et al. | Enhancement to the privacy-aware authentication for wi-fi based indoor positioning systems | |
Teerakanok et al. | A privacy-preserving framework for location-based service: a review of structural design and analysis | |
Alzaabi et al. | Ensuring anonymity for LBSs in smartphone environment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |