Privacy Computing: Concept, Computing Framework And Future Development Trends

Abstract With the rapid development of information technology and the continuous evolution of personalized services, huge amounts of data are accumulated by large internet companies in the process of serving users. Moreover, dynamic data interactions increase the intentional/unintentional persistence of private information in different information systems. However, problems such as the cask principle of preserving private information among different information systems and the difficulty of tracing the source of privacy violations are becoming increasingly serious. Therefore, existing privacy-preserving schemes cannot provide systematic privacy preservation. In this paper, we examine the links of the information life-cycle, such as information collection, storage, processing, distribution, and destruction. We then propose a theory of privacy computing and a key technology system that includes a privacy computing framework, a formal definition of privacy computing, four principles that should be followed in privacy computing, algorithm design criteria, evaluation of the privacy-preserving effect, and a privacy computing language. Finally, we employ four application scenarios to describe the universal application of privacy computing, and discuss the prospect of future research trends. This work is expected to guide theoretical research on user privacy preservation within open environments.

[1]  Xiaodong Lin,et al.  FINE: A fine-grained privacy-preserving location-based service framework for mobile devices , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[2]  Jinjun Chen,et al.  Cyberspace-Oriented Access Control: A Cyberspace Characteristics-Based Model and its Policies , 2019, IEEE Internet of Things Journal.

[3]  Ashwin Machanavajjhala,et al.  l-Diversity: Privacy Beyond k-Anonymity , 2006, ICDE.

[4]  Ang Li,et al.  HideMe: Privacy-Preserving Photo Sharing on Social Networks , 2019, IEEE INFOCOM 2019 - IEEE Conference on Computer Communications.

[5]  Jan-Erik Ekberg,et al.  Mandatory Access Control for Mobile Devices , 2008 .

[6]  Qinghua Li,et al.  Achieving k-anonymity in privacy-aware location-based services , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[7]  Ting Yu,et al.  Conservative or liberal? Personalized differential privacy , 2015, 2015 IEEE 31st International Conference on Data Engineering.

[8]  Carmela Troncoso,et al.  Protecting location privacy: optimal strategy against localization attacks , 2012, CCS.

[9]  Bhavani Thuraisingham Mandatory Access Control , 2009 .

[10]  Xiaohui Liang,et al.  EPPA: An Efficient and Privacy-Preserving Aggregation Scheme for Secure Smart Grid Communications , 2012, IEEE Transactions on Parallel and Distributed Systems.

[11]  Hui Li,et al.  Efficient and Privacy-Preserving Polygons Spatial Query Framework for Location-Based Services , 2017, IEEE Internet of Things Journal.

[12]  Philippe Cudré-Mauroux,et al.  Privacy-Preserving Social Media Data Publishing for Personalized Ranking-Based Recommendation , 2019, IEEE Transactions on Knowledge and Data Engineering.

[13]  Qinghua Li,et al.  Enhancing privacy through caching in location-based services , 2015, 2015 IEEE Conference on Computer Communications (INFOCOM).

[14]  Masatoshi Yoshikawa,et al.  Quantifying Differential Privacy in Continuous Data Release Under Temporal Correlations , 2017, IEEE Transactions on Knowledge and Data Engineering.

[15]  Daniel Slamanig Dynamic Accumulator Based Discretionary Access Control for Outsourced Storage with Unlinkable Access - (Short Paper) , 2012, Financial Cryptography.

[16]  Paul W. Cuff,et al.  Differential Privacy as a Mutual Information Constraint , 2016, CCS.

[17]  Yuchen Zhao,et al.  On the Strength of Privacy Metrics for Vehicular Communication , 2019, IEEE Transactions on Mobile Computing.

[18]  Brent Waters,et al.  Homomorphic Encryption from Learning with Errors: Conceptually-Simpler, Asymptotically-Faster, Attribute-Based , 2013, CRYPTO.

[19]  Stefan Berger,et al.  Shamon: A System for Distributed Mandatory Access Control , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[20]  Keun Ho Ryu,et al.  PRBAC: an extended role based access control for privacy preserving data mining , 2005, Fourth Annual ACIS International Conference on Computer and Information Science (ICIS'05).

[21]  David K. Y. Yau,et al.  On Information-theoretic Measures for Quantifying Privacy Protection of Time-series Data , 2015, AsiaCCS.

[22]  Mao Ye,et al.  Exploiting geographical influence for collaborative point-of-interest recommendation , 2011, SIGIR.

[23]  Jie Wu,et al.  SAFE: Secure and Big Data-Adaptive Framework for Efficient Cross-Domain Communication , 2014, PSBD '14.

[24]  Jiming Chen,et al.  REAP: An Efficient Incentive Mechanism for Reconciling Aggregation Accuracy and Individual Privacy in Crowdsensing , 2017, IEEE Transactions on Information Forensics and Security.

[25]  Fenghua Li,et al.  A Novel Cyberspace-Oriented Access Control Model , 2015, IACR Cryptol. ePrint Arch..

[26]  Li Xu,et al.  Cost-Effective Authentic and Anonymous Data Sharing with Forward Security , 2015, IEEE Transactions on Computers.

[27]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[28]  Ninghui Li,et al.  Discretionary Access Control , 2011, Encyclopedia of Cryptography and Security.

[29]  Xiao Liu,et al.  Predictable Privacy-Preserving Mobile Crowd Sensing: A Tale of Two Roles , 2019, IEEE/ACM Transactions on Networking.

[30]  Ronald L. Rivest,et al.  ON DATA BANKS AND PRIVACY HOMOMORPHISMS , 1978 .

[31]  Fady Alajaji,et al.  Notes on information-theoretic privacy , 2014, 2014 52nd Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[32]  Rinku Dewri,et al.  Local Differential Perturbations: Location Privacy under Approximate Knowledge Attackers , 2013, IEEE Transactions on Mobile Computing.

[33]  Craig Gentry,et al.  A fully homomorphic encryption scheme , 2009 .

[34]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[35]  Ninghui Li,et al.  t-Closeness: Privacy Beyond k-Anonymity and l-Diversity , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[36]  Ravi S. Sandhu,et al.  How to do discretionary access control using roles , 1998, RBAC '98.

[37]  Carmela Troncoso,et al.  Back to the Drawing Board: Revisiting the Design of Optimal Location Privacy-preserving Mechanisms , 2017, CCS.

[38]  Srdjan Capkun,et al.  Quantifying Web-Search Privacy , 2014, CCS.

[39]  Qiang Ni,et al.  Game Theory Based Correlated Privacy Preserving Analysis in Big Data , 2017, IEEE Transactions on Big Data.

[40]  Hugo Krawczyk,et al.  Authenticating Mandatory Access Controls and Preserving Privacy for a High-Assurance Smart Card , 2003, ESORICS.

[41]  Aaron Roth,et al.  A learning theory approach to non-interactive database privacy , 2008, STOC.

[42]  David J. DeWitt,et al.  Incognito: efficient full-domain K-anonymity , 2005, SIGMOD '05.

[43]  Kunal Talwar,et al.  Mechanism Design via Differential Privacy , 2007, 48th Annual IEEE Symposium on Foundations of Computer Science (FOCS'07).

[44]  Craig Gentry,et al.  (Leveled) fully homomorphic encryption without bootstrapping , 2012, ITCS '12.

[45]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[46]  Vinod Vaikuntanathan,et al.  On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption , 2012, STOC '12.

[47]  Milind Tambe,et al.  Approximation methods for infinite Bayesian Stackelberg games: modeling distributional payoff uncertainty , 2011, AAMAS.

[48]  Tingting Zhang,et al.  Location Privacy Protection: A Power Allocation Approach , 2019, IEEE Transactions on Communications.

[49]  Jin Li,et al.  Secure attribute-based data sharing for resource-limited users in cloud computing , 2018, Comput. Secur..

[50]  Kien A. Hua,et al.  Query l-diversity in Location-Based Services , 2009, 2009 Tenth International Conference on Mobile Data Management: Systems, Services and Middleware.

[51]  Josep Domingo-Ferrer,et al.  From t-Closeness-Like Privacy to Postrandomization via Information Theory , 2010, IEEE Transactions on Knowledge and Data Engineering.

[52]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[53]  Jean-Yves Le Boudec,et al.  Quantifying Location Privacy , 2011, 2011 IEEE Symposium on Security and Privacy.

[54]  Rongxing Lu,et al.  Efficient and Privacy-Preserving Proximity Detection Schemes for Social Applications , 2018, IEEE Internet of Things Journal.

[55]  E. Bayer-Fluckiger A Panorama in Number Theory or The View from Baker's Garden: Ideal Lattices , 2002 .

[56]  Chen Wang,et al.  P3-LOC: A Privacy-Preserving Paradigm-Driven Framework for Indoor Localization , 2018, IEEE/ACM Transactions on Networking.

[57]  Cynthia Dwork,et al.  Differential Privacy: A Survey of Results , 2008, TAMC.

[58]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..