An effective approach for the protection of user commodity viewing privacy in e-commerce website

Abstract Along with the rapid development of network technologies, the server-side of an e-commerce website is becoming more and more untrustworthy. Thus, how to prevent the disclosure of users’ behavior privacy in online business activities has attracted people’s wide attention. Aiming at the protection of users’ commodity viewing privacy in a commercial website, this paper proposes to construct a group of dummy requests on a trusted client, then, which are submitted together with a user commodity viewing request to the untrusted server-side, so as to confuse and cover up the user preferences. First, we define a privacy model for a user commodity viewing service, in which we introduce a concept called entropy for commodity viewing probability to measure the confusion effect of dummy requests on user requests, and we introduce a concept called regional distance among commodity categories to measure the cover-up effect of dummy requests on users’ commodity viewing preferences. Second, we design an implementation algorithm to generate a group of ideal dummy requests that can meet the constraints formulated in the privacy model. Finally, both theoretical analysis and experimental evaluation demonstrate the effectiveness of the proposed approach, i.e., which can improve the security of users’ commodity viewing privacy on the untrusted server-side, without compromising the availability of an e-commerce website. In this paper, we present a valuable research attempt to the protection of users’ behavior privacy in a commercial website, which is of positive significance for building a privacy-preserving e-commerce platform.

[1]  Iqbal H. Sarker,et al.  Individualized Time-Series Segmentation for Mining Mobile Phone User Behavior , 2018, Comput. J..

[2]  Christian Fernando Libaque Saenz,et al.  The role of privacy policy on consumers' perceived privacy , 2018, Gov. Inf. Q..

[3]  Joris Demmers,et al.  Handling Consumer Messages on Social Networking Sites: Customer Service or Privacy Infringement? , 2018, Int. J. Electron. Commer..

[4]  Rinku Dewri,et al.  Mobile local search with noisy locations , 2016, Pervasive Mob. Comput..

[5]  Zongda Wu,et al.  An effective approach for the protection of privacy text data in the CloudDB , 2018, World Wide Web.

[6]  Privacy Preservation for Location-Based Services , 2020, Encyclopedia of Wireless Networks.

[7]  Bofeng Zhang,et al.  Mix-zones optimal deployment for protecting location privacy in VANET , 2014, Peer-to-Peer Networking and Applications.

[8]  Gautam Srivastava,et al.  Privacy-Preserving Multiobjective Sanitization Model in 6G IoT Environments , 2021, IEEE Internet of Things Journal.

[9]  Xianxian Li,et al.  移动商务推荐系统中的一种基于P2P的隐私保护策略 (P2P-based Privacy Protection Strategy in Mobile-commerce Recommender System) , 2017, 计算机科学.

[10]  Ruoming Jin,et al.  k-CoRating: Filling Up Data to Obtain Privacy and Utility , 2014, AAAI.

[11]  Qinghua Li,et al.  Achieving k-anonymity in privacy-aware location-based services , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[12]  Reza Shokri,et al.  Synthesizing Plausible Privacy-Preserving Location Traces , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[13]  Philippe Fournier-Viger,et al.  Hiding sensitive itemsets with multiple objective optimization , 2019, Soft Computing.

[14]  Ruixuan Li,et al.  Blockchain-based accountability for multi-party oblivious RAM , 2020, J. Parallel Distributed Comput..

[15]  Zongda Wu,et al.  Executing multi-dimensional range query efficiently and flexibly over outsourced ciphertexts in the cloud , 2018, Inf. Sci..

[16]  K. Furtak,et al.  Community-Level Physiological Profiles of Microorganisms from Different Types of Soil That are Characteristic to Poland—a Long-Term Microplot Experiment , 2018, Sustainability.

[17]  Zongda Wu,et al.  Covering the Sensitive Subjects to Protect Personal Privacy in Personalized Recommendation , 2018, IEEE Transactions on Services Computing.

[18]  Takahiro Hara,et al.  A dummy-based anonymization method based on user trajectory with pauses , 2012, SIGSPATIAL/GIS.

[19]  Erman Ayday,et al.  A Demonstration of Privacy-Preserving Aggregate Queries for Optimal Location Selection , 2018, 2018 IEEE 19th International Symposium on "A World of Wireless, Mobile and Multimedia Networks" (WoWMoM).

[20]  Philip S. Yu,et al.  Constructing plausible innocuous pseudo queries to protect user query intention , 2015, Inf. Sci..

[21]  Christopher P. Holland,et al.  A Taxonomy of SME E-Commerce Platforms Derived from a Market-Level Analysis , 2018, Int. J. Electron. Commer..

[22]  Lin Xiang-long Schnorr signature-based privacy protection online ordering scheme , 2013 .

[23]  Gang Chen,et al.  Supporting Privacy Protection in Personalized Web Search , 2014, IEEE Transactions on Knowledge and Data Engineering.

[24]  Eyal Kushilevitz,et al.  Private information retrieval , 1998, JACM.

[25]  Khadija Ali Vakeel,et al.  Do security and privacy policies in B2B and B2C e-commerce differ? A comparative study using content analysis , 2017, Behav. Inf. Technol..

[26]  Jianfeng Ma,et al.  TrPF: A Trajectory Privacy-Preserving Framework for Participatory Sensing , 2013, IEEE Transactions on Information Forensics and Security.

[27]  Se-Hak Chun,et al.  E-Commerce Liability and Security Breaches in Mobile Payment for e-Business Sustainability , 2019, Sustainability.

[28]  Qin Hu,et al.  Privacy Preservation in Location-Based Services , 2018, IEEE Communications Magazine.

[29]  Jiang Han,et al.  An Efficient 1-out-of-n Oblivious Transfer Protocol with Full Simulation , 2016 .

[30]  Jie Tang,et al.  Trust Relationship Prediction in Alibaba E-Commerce Platform , 2020, IEEE Transactions on Knowledge and Data Engineering.

[31]  Hareton K. N. Leung,et al.  Enhancing the Description-to-Behavior Fidelity in Android Apps with Privacy Policy , 2018, IEEE Transactions on Software Engineering.