[go: up one dir, main page]

CN114828006B - User location information sharing method and system - Google Patents

User location information sharing method and system Download PDF

Info

Publication number
CN114828006B
CN114828006B CN202210343556.5A CN202210343556A CN114828006B CN 114828006 B CN114828006 B CN 114828006B CN 202210343556 A CN202210343556 A CN 202210343556A CN 114828006 B CN114828006 B CN 114828006B
Authority
CN
China
Prior art keywords
user
information
location information
location
certificate issuing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210343556.5A
Other languages
Chinese (zh)
Other versions
CN114828006A (en
Inventor
彭海朋
佟承蔚
李丽香
李海涛
陈俊
戴一挥
丁一航
姚俊先
杨方
刘济舟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong Federation Of Rural Credit Cooperatives
Beijing University of Posts and Telecommunications
Original Assignee
Guangdong Federation Of Rural Credit Cooperatives
Beijing University of Posts and Telecommunications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangdong Federation Of Rural Credit Cooperatives, Beijing University of Posts and Telecommunications filed Critical Guangdong Federation Of Rural Credit Cooperatives
Priority to CN202210343556.5A priority Critical patent/CN114828006B/en
Publication of CN114828006A publication Critical patent/CN114828006A/en
Application granted granted Critical
Publication of CN114828006B publication Critical patent/CN114828006B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/043Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
    • H04W12/0431Key distribution or pre-distribution; Key agreement
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information
    • H04W4/029Location-based management or tracking services

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Telephonic Communication Services (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Storage Device Security (AREA)

Abstract

本发明提供一种用户位置信息共享方法及系统,包括:向证书签发机构发送位置信息请求,接收所述证书签发机构验证所述位置信息请求后发送的临时会话密钥;利用所述临时会话密钥对基于混沌算法输出的匿名区域进行加密,得到加密位置信息,向接收用户发送所述加密位置信息;待所述接收用户通过所述证书签发机构和位置服务提供商对所述加密位置信息进行验证和解密后,所述接收用户获取共享位置信息。本发明通过在用户位置数据的匿名化中引入混沌,实现移动社交网络中的P2P位置共享,减少了通信开销,降低了系统架构成本,兼顾了位置匿名及位置共享方案中数据的可用性以及系统的高效性。

The present invention provides a method and system for sharing user location information, including: sending a location information request to a certificate issuing authority, receiving a temporary session key sent by the certificate issuing authority after verifying the location information request; using the temporary session key to encrypt an anonymous area based on a chaotic algorithm output to obtain encrypted location information, and sending the encrypted location information to a receiving user; after the receiving user verifies and decrypts the encrypted location information through the certificate issuing authority and a location service provider, the receiving user obtains the shared location information. The present invention introduces chaos into the anonymization of user location data to achieve P2P location sharing in a mobile social network, thereby reducing communication overhead, reducing system architecture costs, and taking into account both the availability of data in location anonymity and location sharing schemes and the efficiency of the system.

Description

User position information sharing method and system
Technical Field
The present invention relates to the field of network security technologies, and in particular, to a method and a system for sharing user location information.
Background
The mobile social network (Mobile Social Networks, MSNs) is a complex network featuring both the traditional online social network (Online Social Networks, OSNs) and the Location-Based social network (Location-Based Social Networks, LBSNs), and with the rapid development of the mobile social network, location-Based Services (LBS) have also been developed more greatly, which greatly facilitates the life of users. Users enjoy many of the benefits of these applications, as well as their own privacy protection is also a significant security threat.
The existing common mode of revealing the position information is mainly divided into the following 3 types, namely 1) a position server reveals the position privacy of a user. Since the user seeks location services from the location service provider, the location server first transmits its own location and demand to the location server, and then the location server provides the corresponding services to the user. In this case, the location server contains information such as the location of the user and shared content, so that immeasurable loss is caused once an attacker obtains the location information of the user through the attack server, and 2) the user actively shares the location and leaks the location privacy. The user can directly share the own position information on social media such as a friend circle, a QQ space or a microblog, so that the position privacy of the user can be revealed. An attacker may indirectly use some location service application to infer the user's true location and action trajectory, e.g., weChat sports or other applications that support searching for nearby friends, such functions may be exploited by the attacker to infer the user's true location, 3) location trajectory data reveal the user's privacy. An attacker obtains sensitive information of individuals, such as personal hobbies, behavior habits, life style and the like through mining and analyzing historical track data, and possibly combines information on payment records, social networks and the like to infer the identity of the user. The aim of the position privacy protection is to prevent others from acquiring the past or present position or track information of a user when the user is unknowing, and specific targets can be expressed as 1) increasing the uncertainty of the user identity, hiding the user identity or encrypting the user identity so that an attacker cannot determine the user identity, 2) increasing the uncertainty of the position, hiding the position information or encrypting the position information so that the attacker cannot determine the specific position of the user, and 3) eliminating the relevance between the user identity and the position so that the attacker cannot relate the user and the position accessed by the attacker. There are two privacy concepts in mobile social networks, weak location privacy and strong location privacy. The former means that an attacker can infer that a user is located in a certain privacy zone, but cannot determine the exact location of the user, and solutions are generally based on location perturbation, spatial anonymity and spatial conversion, while the latter means that an attacker cannot infer the specific location of the user at all, and the solutions are often combined with encryption technology. In order to cope with the threat of the position privacy of the user, the conventional position privacy protection mechanism is mainly divided into three types of (1) a k-anonymity-based scheme, (2) a confusion-based scheme and (3) a differential privacy-based scheme.
The above scheme has the problem that a typical location privacy protection algorithm is mostly proposed based on a centralized architecture, and anonymization is realized by introducing a Single Trusted third party (Single Trusted THIRD PARTY, STTP), namely an anonymization server. While it provides great convenience to some extent for location privacy protection, the presence of the trusted third party anonymous server itself poses a threat to 1) the STTP recording the exact location information of all users, which is an attractive target for the attacker. Once an attacker breaks the STTP server successfully, the attacker can access all user information processed by the server, 2) all queries submitted by the user end pass through the STTP server, which not only causes the increase of communication overhead, but also becomes a central fault point, forming a performance bottleneck, and 3) in reality, a completely trusted entity is difficult to find.
In summary, the existing privacy protection mechanism generally needs to add a complex algorithm to the original system to process the identity and location data of the user, and this approach improves the protection degree of the location privacy of the user, but reduces the availability of the data and the high efficiency of the system.
Disclosure of Invention
The invention provides a user position information sharing method and a system, which are used for solving the defects that in the prior art, a complex algorithm is required to be added when user information is shared, and the availability of data and the high efficiency of a system are easy to reduce.
In a first aspect, the present invention provides a method for sharing user location information, including:
Sending a location information request to a certificate issuing mechanism, and receiving a temporary session key sent after the certificate issuing mechanism verifies the location information request;
Encrypting the anonymous zone output based on the chaotic algorithm by utilizing the temporary session key to obtain encryption position information, and sending the encryption position information to a receiving user;
After the receiving user verifies and decrypts the encrypted position information through the certificate issuing mechanism and the position service provider, the receiving user obtains shared position information.
According to the method for sharing user location information provided by the invention, the method for sending the location information request to the certificate issuing mechanism, receiving the temporary session key sent by the certificate issuing mechanism after verifying the location information request, comprises the following steps:
and after the certificate issuing mechanism verifies the association relationship between the shared user and the receiving user, receiving the temporary session key issued by the certificate issuing mechanism.
According to the user location information sharing method provided by the invention, the anonymous region output based on the chaotic algorithm is encrypted by using the temporary session key to obtain encrypted location information, and the encrypted location information is sent to a receiving user, and the method comprises the following steps:
Determining a position precision value, a user position coordinate and a chaotic random coefficient, wherein the position precision value is positioned in a preset precision interval, and the chaotic random coefficient is positioned in a preset chaotic area;
Acquiring an initial value of the user position coordinate, and determining a chaotic function based on the position precision value and the user position coordinate;
Substituting the initial value of the user position coordinate into the chaotic function, and iterating 2k steps to obtain 2k position values;
determining a user position coordinate value based on the positive determination coefficient, the negative determination coefficient and the 2k position values;
Generating a query area based on the query radius and the user position coordinate values, screening out position values positioned in the query area from the 2k position values, and iterating the k steps again if the number of the screened position values is less than k until the number of the screened position values is at least k;
dividing the query area into n multiplied by n cells, calculating the historical query probability of each cell according to the historical query times of the cells, and arranging the screened position values in a descending order based on the historical query probability to determine k-1 position values before ranking;
Generating the anonymous region by adopting a k-anonymization algorithm through the k-1 position values before ranking and the user position coordinate values;
And determining query request content, encrypting the anonymous region, the query request content, the query radius, the chaotic random coefficient and the position accuracy value by adopting the temporary session key to obtain the encrypted position information, and transmitting the encrypted position information to the receiving user.
In a second aspect, the present invention provides a user location information sharing method, including:
A user to be shared sends a position information request to a certificate issuing mechanism, and a temporary session key sent after the certificate issuing mechanism verifies the position information request is received;
Receiving encryption position information obtained after the sharing user encrypts an anonymous region output based on a chaotic algorithm by utilizing the temporary session key;
and verifying and decrypting the encrypted position information through the certificate issuing mechanism and the position service provider to obtain the shared position information.
According to the method for sharing user location information provided by the invention, after verifying and decrypting the encrypted location information by the certificate issuing mechanism and the location service provider, the method for sharing the location information comprises the following steps:
decrypting the encrypted position information by adopting the temporary session key to obtain decrypted position information, and acquiring the initial position of the sharing user based on the decrypted position information;
sending a pseudonym registration request to the certificate issuing mechanism, and receiving a pseudonym, a certificate period and a key returned by the certificate issuing mechanism;
Encrypting the pseudonym, the certificate deadline and the secret key by adopting a public key of the location service provider to obtain inquiry request information, and sending the inquiry request information to the location service provider;
the location service provider decrypts the query request information by adopting a private key, verifies the validity of the pseudonym through the certificate issuing mechanism, and if the pseudonym is valid, the certificate issuing mechanism sends the key to the location service provider;
The location service provider obtains location interest point information in a service database based on the anonymous area, the query request content and the query radius, and symmetrically encrypts the location interest point information by adopting the key to obtain encrypted location interest point information;
And receiving the encryption position interest point information, and obtaining the sharing position information based on the encryption position interest point information.
According to the method for sharing user location information provided by the invention, the initial location of the sharing user is obtained based on the decryption location information, and the method comprises the following steps:
calculating a position set after iterating nk times when each position in the anonymous region is taken as an initial value based on the chaotic random coefficient, the position precision value and the k value in the decryption position information, wherein n is greater than 1;
and if the positions in the anonymous areas all belong to the position set, determining the initial value as the initial position of the sharing user.
In a third aspect, the present invention also provides a user location information sharing system, including:
The sending module is used for sending a position information request to the certificate issuing mechanism and receiving a temporary session key sent after the certificate issuing mechanism verifies the position information request;
The encryption module is used for encrypting the anonymous zone output based on the chaotic algorithm by utilizing the temporary session key to obtain encryption position information, and sending the encryption position information to a receiving user;
And the acquisition module is used for acquiring the shared position information by the receiving user after the receiving user verifies and decrypts the encrypted position information through the certificate issuing mechanism and the position service provider.
In a fourth aspect, the present invention also provides a user location information sharing system, including:
The first receiving module is used for sending a position information request to a certificate issuing mechanism by a user to be shared and receiving a temporary session key sent after the certificate issuing mechanism verifies the position information request;
the second receiving module is used for receiving encryption position information obtained after the sharing user encrypts the anonymous region output based on the chaotic algorithm by utilizing the temporary session key;
And the processing module is used for obtaining the shared position information after verifying and decrypting the encrypted position information through the certificate issuing mechanism and the position service provider.
In a fifth aspect, the present invention further provides an electronic device, including a memory, a processor, and a computer program stored on the memory and executable on the processor, where the processor implements any one of the above methods for sharing user location information when executing the program.
In a sixth aspect, the present invention also provides a non-transitory computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements a user location information sharing method as described in any of the above.
In a seventh aspect, the present invention also provides a computer program product comprising a computer program which when executed by a processor implements a user location information sharing method as described in any of the above.
According to the user position information sharing method and system, chaos is introduced into anonymization of user position data, P2P position sharing in a mobile social network is achieved, communication overhead is reduced, system architecture cost is lowered, and availability of data in a position anonymization and position sharing scheme and high efficiency of the system are considered.
Drawings
In order to more clearly illustrate the invention or the technical solutions of the prior art, the following description will briefly explain the drawings used in the embodiments or the description of the prior art, and it is obvious that the drawings in the following description are some embodiments of the invention, and other drawings can be obtained according to the drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic flow chart of a user location information sharing method according to the present invention;
FIG. 2 is a diagram of a user anonymity scheme architecture provided by the present invention;
Fig. 3 is a P2P location sharing scheme architecture diagram provided by the present invention;
FIG. 4 is a schematic diagram of a user location information protection method provided by the present invention;
FIG. 5 is a second flowchart of a method for sharing user location information according to the present invention;
FIG. 6 is a schematic diagram of a user location information sharing system according to the present invention;
FIG. 7 is a second schematic diagram of a system for sharing user location information according to the present invention;
Fig. 8 is a schematic structural diagram of an electronic device provided by the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the present invention more apparent, the technical solutions of the present invention will be clearly and completely described below with reference to the accompanying drawings, and it is apparent that the described embodiments are some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Aiming at the defects in the prior art, the invention provides the user position information sharing, which realizes anonymity by utilizing the characteristics of the chaotic system, avoids the introduction of a third-party anonymity server, further realizes P2P position sharing in a mobile social network, and improves the data availability and the system efficiency.
Fig. 1 is a flow chart of a user location information sharing method provided by the present invention, where a corresponding execution subject is a sharing user, as shown in fig. 1, including:
step 101, sending a location information request to a certificate issuing mechanism, and receiving a temporary session key sent after the certificate issuing mechanism verifies the location information request;
102, encrypting an anonymous region output based on a chaotic algorithm by using the temporary session key to obtain encrypted position information, and sending the encrypted position information to a receiving user;
Step 103, after the receiving user verifies and decrypts the encrypted location information through the certificate issuing mechanism and the location service provider, the receiving user obtains the shared location information.
It should be noted that, the anonymization scheme in the invention is realized based on a P2P architecture design without third party participation, the architecture model is shown in fig. 2, and mainly comprises two entities, namely a mobile User terminal User and a location service provider LSP, no anonymization server participates, and anonymization operation is realized by calculation of the User terminal. By adopting the architecture, the potential safety hazard that the third party server possibly leaks the private information of the user is eliminated, and the performance bottleneck caused by single-point faults in the TTP architecture is avoided.
The mobile User terminal User/Client-the User may be an operating device with wireless communication, computing and storage capabilities, but more importantly with positioning capabilities. In the model of the present invention, the user terminal performs various functions such as calculation, location prediction, selection of virtual locations, caching, and refinement of query results.
Location service provider LSP-LSP is an online location service solution provider, such as Twitter, foursquare or Google Maps, operating some LBS servers with location service related resources to provide comprehensive location-based services for mobile subscribers. In the model of the present invention, an LSP is considered an honest but curious entity that may reveal sensitive user information as well.
As shown in fig. 3, a certificate issuing mechanism CA is added on the basis of fig. 2, so as to form a P2P location sharing scheme.
Certificate issuing authorities CA-this entity is fully trusted and its main function is to register different users and LSPs. In our model, the CA may also issue a pseudonym and corresponding certificates, keys to the user.
In summary, in this model, the certificate issuing authority CA and the User are considered to be fully trusted entities. Further, it is assumed that both communication channels between the CA and the User and between the CA and the LSP are secure. Meanwhile, the existing security authentication technology, such as two-factor identity authentication and multi-factor identity authentication, can be used to ensure that the user and LSP perform identity authentication at the CA.
Specifically, the sharing user can be generally understood as a sender, sends a location information request to the certificate issuing authority, and the sharing user and the receiving user jointly receive a temporary session key sent after the certificate issuing authority verifies the location information request;
after the sharing user calculates an anonymous area by adopting a chaos algorithm, encrypting the anonymous area by adopting the temporary session key, and sending encrypted encryption position information to a receiving user;
the receiving user obtains the shared location information of the sending shared user from the location service provider after verifying and encrypting the certificate issuing authority and the location service provider.
According to the invention, chaos is introduced into anonymization of user position data, so that P2P position sharing in a mobile social network is realized, communication overhead is reduced, system architecture cost is reduced, and availability of data in a position anonymization and position sharing scheme and high efficiency of a system are considered.
Based on the above embodiment, step 101 includes:
and after the certificate issuing mechanism verifies the association relationship between the shared user and the receiving user, receiving the temporary session key issued by the certificate issuing mechanism.
Specifically, after the sharing user sends a request to the certificate issuing authority CA, the CA will verify the friend relationship between the sharing user and the receiving user, and after the verification, send temporary session keys SK AB to the sharing user and the receiving user.
The invention verifies the rights of the two sharing parties through the certificate issuing mechanism, and adopts the unified temporary session key, thereby facilitating the subsequent unified decryption and encryption operation of the position information.
Based on the above embodiment, step 102 includes:
Determining a position precision value, a user position coordinate and a chaotic random coefficient, wherein the position precision value is positioned in a preset precision interval, and the chaotic random coefficient is positioned in a preset chaotic area;
Acquiring an initial value of the user position coordinate, and determining a chaotic function based on the position precision value and the user position coordinate;
Substituting the initial value of the user position coordinate into the chaotic function, and iterating 2k steps to obtain 2k position values;
determining a user position coordinate value based on the positive determination coefficient, the negative determination coefficient and the 2k position values;
Generating a query area based on the query radius and the user position coordinate values, screening out position values positioned in the query area from the 2k position values, and iterating the k steps again if the number of the screened position values is less than k until the number of the screened position values is at least k;
dividing the query area into n multiplied by n cells, calculating the historical query probability of each cell according to the historical query times of the cells, and arranging the screened position values in a descending order based on the historical query probability to determine k-1 position values before ranking;
Generating the anonymous region by adopting a k-anonymization algorithm through the k-1 position values before ranking and the user position coordinate values;
And determining query request content, encrypting the anonymous region, the query request content, the query radius, the chaotic random coefficient and the position accuracy value by adopting the temporary session key to obtain the encrypted position information, and transmitting the encrypted position information to the receiving user.
Specifically, any shared user u i defines a position accuracy value m (m e 0, 3) according to privacy requirements, and user position coordinates (x i,yi),xi and y i respectively represent longitude and latitude of a position where the user is located, for example, according to an API provided by a high-level map, it can be known that the position of a park is (117.149437,39.010107).
It should be noted that, the chaotic system refers to a deterministic system in which seemingly random irregular motion exists, and the behavior of the chaotic system is shown as uncertainty, unrepeatable and unpredictable, which is a chaotic phenomenon. The logistic mapping is a nonlinear dynamic discrete chaotic mapping system which is most widely applied at present, and the chaotic function of the mapping is as follows:
x(n+1)=λx(n)(1-x(n))
wherein, the parameter lambda epsilon (0, 4) and x (n) epsilon (0, 1), when 3.5699< lambda less than or equal to 4, the system is in a chaotic state.
Further, 2k positions are generated according to the chaotic function, and according to the position (x i,yi) of the user u i, the initial value x i(0),yi (0) of the user position coordinate is calculated, and then:
And substituting x i(0),yi (0) as an initial value into the chaotic function, and iterating for 2k steps to obtain (x i(1),yi(1)),(xi(2),yi(2)),...,(xi(2k),yi (2 k)).
From the iteration values obtained, 2k positions are found, and the coordinates of the nth position are (Lx i(n),Lyi (n)), and the calculation procedure is as follows:
Wherein c x and c y are positive and negative determination coefficients, if x i is a positive number, then c x =1, and if x i is a negative number, then c x = -1.
And generating a region Reg with the radius R by the Client according to the position (x i,yi) and the query radius R, and screening the position positioned in the Reg from the calculated 2k positions. If the number of the screened positions is less than k, iterating the k steps again, and repeating the process until at least k positions are screened.
And then selecting the position, assuming that Reg is divided into n multiplied by n cells, calculating the historical query probability of each cell according to the times of historical query in the cells, arranging the positions screened in the last step in a descending order according to the historical query probability corresponding to each position, selecting the first k-1 positions, forming regions by the k-1 positions and the user positions (x i,yi), and sending the regions to a position service provider LSP to realize k-anonymity.
The sharing user (i.e., alice in fig. 4) forms an anonymous zone Region of k locations including its own location (x A,yA) according to the anonymization scheme described above, sends { Region, Q, R, λ, m } to the recipient user (i.e., bob in fig. 4), and encrypts with SK AB. Wherein Q is query request content finally sent to LSP, R is query radius, lambda is randomly generated chaos coefficient, and m is Alice self-defined position accuracy.
According to the invention, an anonymous area of a shared user is obtained by adopting a chaos-based anonymization algorithm, P2P position sharing is realized by using chaos, and the proposed chaos-based lightweight position anonymization and P2P position sharing scheme can better utilize chaos characteristics to realize k-anonymity, is applied to P2P position sharing, and improves the data availability and system efficiency of the anonymization and position sharing scheme in a mobile social network.
Fig. 5 is a second flowchart of a user location information sharing method provided by the present invention, where a corresponding execution body is a receiving user, as shown in fig. 5, and includes:
Step 201, a user to be shared sends a location information request to a certificate issuing mechanism, and receives a temporary session key sent after the certificate issuing mechanism verifies the location information request;
Step 202, receiving encryption position information obtained after the sharing user encrypts an anonymous region output based on a chaotic algorithm by using the temporary session key;
And 203, verifying and decrypting the encrypted location information through the certificate issuing mechanism and the location service provider to obtain the shared location information.
Specifically, the sharing user can be generally understood as a sender, sends a location information request to the certificate issuing authority, and the sharing user and the receiving user jointly receive a temporary session key sent after the certificate issuing authority verifies the location information request;
after the sharing user calculates an anonymous area by adopting a chaos algorithm, encrypting the anonymous area by adopting the temporary session key, and sending encrypted encryption position information to a receiving user;
the receiving user obtains the shared location information of the sending shared user from the location service provider after verifying and encrypting the certificate issuing authority and the location service provider.
According to the invention, chaos is introduced into anonymization of user position data, so that P2P position sharing in a mobile social network is realized, communication overhead is reduced, system architecture cost is reduced, and availability of data in a position anonymization and position sharing scheme and high efficiency of a system are considered.
Based on the above embodiment, step 203 includes:
decrypting the encrypted position information by adopting the temporary session key to obtain decrypted position information, and acquiring the initial position of the sharing user based on the decrypted position information;
sending a pseudonym registration request to the certificate issuing mechanism, and receiving a pseudonym, a certificate period and a key returned by the certificate issuing mechanism;
Encrypting the pseudonym, the certificate deadline and the secret key by adopting a public key of the location service provider to obtain inquiry request information, and sending the inquiry request information to the location service provider;
the location service provider decrypts the query request information by adopting a private key, verifies the validity of the pseudonym through the certificate issuing mechanism, and if the pseudonym is valid, the certificate issuing mechanism sends the key to the location service provider;
The location service provider obtains location interest point information in a service database based on the anonymous area, the query request content and the query radius, and symmetrically encrypts the location interest point information by adopting the key to obtain encrypted location interest point information;
And receiving the encryption position interest point information, and obtaining the sharing position information based on the encryption position interest point information.
Wherein the obtaining the initial position of the sharing user based on the decryption position information includes:
calculating a position set after iterating nk times when each position in the anonymous region is taken as an initial value based on the chaotic random coefficient, the position precision value and the k value in the decryption position information, wherein n is greater than 1;
and if the positions in the anonymous areas all belong to the position set, determining the initial value as the initial position of the sharing user.
Specifically, when Bob receives information sent by Alice, decrypting the information with SK AB to obtain { Region, Q, R, λ, m }, and calculating each position in the Region according to λ, m and k as an initial value, iterating a set R of positions after nk (where n is an integer greater than 1) times, and if all the positions in the Region belong to R, determining that the initial position is the position where Alice is located.
Bob sends a request to CA to register a pseudonym. Then encrypting with the public key of LSP and sending information to LSP
Upon receiving the query request message MSG B2S, the LSP decrypts using its own private key SK S and verifies the validity of the user's pseudonym through the CA. If it is valid, the CA sends the user key to the LSP
LSP requests content Q and query radius R based on anonymous zone Region, queries POIs in service database, and then uses user keySymmetrically encrypt these POIs to obtainFinally, the LSP sends the result to Bob.
The invention carries out multiple authentications on the shared position information through the certificate issuing mechanism and the position service provider, effectively ensures the privacy protection of the shared position information and enhances the usability of the data.
The user location information sharing system provided by the invention is described below, and the user location information sharing system described below and the user location information sharing method described above can be referred to correspondingly.
Fig. 6 is a schematic diagram of a structure of a user location information sharing system provided by the present invention, as shown in fig. 6, including a sending module 61, an encrypting module 62, and an obtaining module 63, where:
The sending module 61 is used for sending a location information request to a certificate issuing mechanism, receiving a temporary session key sent after the certificate issuing mechanism verifies the location information request, the encrypting module 62 is used for encrypting an anonymous zone output based on a chaotic algorithm by utilizing the temporary session key to obtain encrypted location information, sending the encrypted location information to a receiving user, and the obtaining module 63 is used for obtaining shared location information after the receiving user verifies and decrypts the encrypted location information through the certificate issuing mechanism and a location service provider.
According to the invention, chaos is introduced into anonymization of user position data, so that P2P position sharing in a mobile social network is realized, communication overhead is reduced, system architecture cost is reduced, and availability of data in a position anonymization and position sharing scheme and high efficiency of a system are considered.
Fig. 7 is a second schematic diagram of a structure of the user location information sharing system provided by the present invention, as shown in fig. 7, including a first receiving module 71, a second receiving module 72, and a processing module 73, where:
the first receiving module 71 is used for sending a location information request to a certificate issuing mechanism by a user to be shared, receiving a temporary session key sent after the certificate issuing mechanism verifies the location information request, the second receiving module 72 is used for receiving encrypted location information obtained after the shared user encrypts an anonymous zone output based on a chaotic algorithm by using the temporary session key, and the processing module 73 is used for obtaining shared location information after verifying and decrypting the encrypted location information through the certificate issuing mechanism and a location service provider.
According to the invention, chaos is introduced into anonymization of user position data, so that P2P position sharing in a mobile social network is realized, communication overhead is reduced, system architecture cost is reduced, and availability of data in a position anonymization and position sharing scheme and high efficiency of a system are considered.
Fig. 8 illustrates a physical schematic diagram of an electronic device, which may include a processor 810, a communication interface (Communications Interface) 820, a memory 830, and a communication bus 840, as shown in fig. 8, where the processor 810, the communication interface 820, and the memory 830 perform communication with each other via the communication bus 840. The processor 810 may invoke logic instructions in the memory 830 to perform a method for sharing location information of a user, where the method includes sending a location information request to a certificate issuing authority, receiving a temporary session key sent after the certificate issuing authority verifies the location information request, encrypting an anonymous zone output based on a chaotic algorithm using the temporary session key to obtain encrypted location information, and sending the encrypted location information to a receiving user, where the receiving user obtains the shared location information after the receiving user verifies and decrypts the encrypted location information through the certificate issuing authority and a location service provider.
Further, the logic instructions in the memory 830 described above may be implemented in the form of software functional units and may be stored in a computer-readable storage medium when sold or used as a stand-alone product. Based on this understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present invention. The storage medium includes a U disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk, an optical disk, or other various media capable of storing program codes.
In another aspect, the present invention further provides a computer program product, where the computer program product includes a computer program, where the computer program is capable of being stored on a non-transitory computer readable storage medium, and where the computer program, when executed by a processor, is capable of executing a user location information sharing method provided by the above methods, where the method includes sending a location information request to a certificate issuing mechanism, receiving a temporary session key sent after the certificate issuing mechanism verifies the location information request, encrypting an anonymous area output based on a chaotic algorithm using the temporary session key to obtain encrypted location information, and sending the encrypted location information to a receiving user, where the receiving user obtains shared location information after verifying and decrypting the encrypted location information by the certificate issuing mechanism and a location service provider.
In yet another aspect, the present invention further provides a non-transitory computer readable storage medium, on which a computer program is stored, the computer program when executed by a processor is implemented to perform the method for sharing user location information provided by the above methods, the method including sending a location information request to a certificate issuing authority, receiving a temporary session key sent after the certificate issuing authority verifies the location information request, encrypting an anonymous region output based on a chaotic algorithm using the temporary session key to obtain encrypted location information, and sending the encrypted location information to a receiving user, and after the receiving user verifies and decrypts the encrypted location information through the certificate issuing authority and a location service provider, the receiving user obtains the shared location information.
The apparatus embodiments described above are merely illustrative, wherein the elements illustrated as separate elements may or may not be physically separate, and the elements shown as elements may or may not be physical elements, may be located in one place, or may be distributed over a plurality of network elements. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment. Those of ordinary skill in the art will understand and implement the present invention without undue burden.
From the above description of the embodiments, it will be apparent to those skilled in the art that the embodiments may be implemented by means of software plus necessary general hardware platforms, or of course may be implemented by means of hardware. Based on this understanding, the foregoing technical solution may be embodied essentially or in a part contributing to the prior art in the form of a software product, which may be stored in a computer readable storage medium, such as ROM/RAM, a magnetic disk, an optical disk, etc., including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method described in the respective embodiments or some parts of the embodiments.
It should be noted that the above-mentioned embodiments are merely for illustrating the technical solution of the present invention, and not for limiting the same, and although the present invention has been described in detail with reference to the above-mentioned embodiments, it should be understood by those skilled in the art that the technical solution described in the above-mentioned embodiments may be modified or some technical features may be equivalently replaced, and these modifications or substitutions do not make the essence of the corresponding technical solution deviate from the spirit and scope of the technical solution of the embodiments of the present invention.

Claims (10)

1. A user location information sharing method, comprising:
Sending a location information request to a certificate issuing mechanism, and receiving a temporary session key sent after the certificate issuing mechanism verifies the location information request;
Encrypting the anonymous zone output based on the chaotic algorithm by utilizing the temporary session key to obtain encryption position information, and sending the encryption position information to a receiving user;
After the receiving user verifies and decrypts the encrypted position information through the certificate issuing mechanism and the position service provider, the receiving user acquires shared position information;
The anonymous region output based on the chaos algorithm is obtained by the following modes:
Determining a position precision value, a user position coordinate and a chaotic random coefficient, wherein the position precision value is positioned in a preset precision interval, and the chaotic random coefficient is positioned in a preset chaotic area;
Acquiring an initial value of the user position coordinate, and determining a chaotic function based on the position precision value and the user position coordinate;
Substituting the initial value of the user position coordinate into the chaotic function, and iterating 2k steps to obtain 2k position values;
determining a user position coordinate value based on the positive determination coefficient, the negative determination coefficient and the 2k position values;
Generating a query area based on the query radius and the user position coordinate values, screening out position values positioned in the query area from the 2k position values, and iterating the k steps again if the number of the screened position values is less than k until the number of the screened position values is at least k;
dividing the query area into n multiplied by n cells, calculating the historical query probability of each cell according to the historical query times of the cells, and arranging the screened position values in a descending order based on the historical query probability to determine k-1 position values before ranking;
And generating the anonymous region by adopting a k-anonymization algorithm through the top k-1 position values and the user position coordinate values.
2. The method for sharing location information of a user according to claim 1, wherein the sending a location information request to a certificate issuing authority, receiving a temporary session key sent after the certificate issuing authority verifies the location information request, comprises:
and after the certificate issuing mechanism verifies the association relationship between the shared user and the receiving user, receiving the temporary session key issued by the certificate issuing mechanism.
3. The method for sharing user location information according to claim 1, wherein encrypting the anonymous zone output based on the chaotic algorithm by using the temporary session key to obtain encrypted location information, and transmitting the encrypted location information to a receiving user, comprises:
And determining query request content, encrypting the anonymous region, the query request content, the query radius, the chaotic random coefficient and the position accuracy value by adopting the temporary session key to obtain the encrypted position information, and transmitting the encrypted position information to the receiving user.
4. A user location information sharing method, comprising:
After a sharing user sends a position information request to a certificate issuing mechanism, a receiving user receives a temporary session key sent after the certificate issuing mechanism verifies the position information request;
receiving encryption position information obtained by the user after the sharing user encrypts an anonymous region output based on a chaotic algorithm by utilizing the temporary session key;
The shared location information is obtained after the encrypted location information is verified and decrypted by the certificate issuing mechanism and the location service provider;
The anonymous region output based on the chaos algorithm is obtained by the following modes:
Determining a position precision value, a user position coordinate and a chaotic random coefficient, wherein the position precision value is positioned in a preset precision interval, and the chaotic random coefficient is positioned in a preset chaotic area;
Acquiring an initial value of the user position coordinate, and determining a chaotic function based on the position precision value and the user position coordinate;
Substituting the initial value of the user position coordinate into the chaotic function, and iterating 2k steps to obtain 2k position values;
determining a user position coordinate value based on the positive determination coefficient, the negative determination coefficient and the 2k position values;
Generating a query area based on the query radius and the user position coordinate values, screening out position values positioned in the query area from the 2k position values, and iterating the k steps again if the number of the screened position values is less than k until the number of the screened position values is at least k;
dividing the query area into n multiplied by n cells, calculating the historical query probability of each cell according to the historical query times of the cells, and arranging the screened position values in a descending order based on the historical query probability to determine k-1 position values before ranking;
And generating the anonymous region by adopting a k-anonymization algorithm through the top k-1 position values and the user position coordinate values.
5. The method for sharing location information of a user according to claim 4, wherein the obtaining shared location information after verifying and decrypting the encrypted location information by the certificate issuing authority and location service provider comprises:
decrypting the encrypted position information by adopting the temporary session key to obtain decrypted position information, and acquiring the initial position of the sharing user based on the decrypted position information;
sending a pseudonym registration request to the certificate issuing mechanism, and receiving a pseudonym, a certificate period and a key returned by the certificate issuing mechanism;
Encrypting the pseudonym, the certificate deadline and the secret key by adopting a public key of the location service provider to obtain inquiry request information, and sending the inquiry request information to the location service provider;
the location service provider decrypts the query request information by adopting a private key, verifies the validity of the pseudonym through the certificate issuing mechanism, and if the pseudonym is valid, the certificate issuing mechanism sends the key to the location service provider;
The location service provider obtains location interest point information in a service database based on the anonymous area, the query request content and the query radius, and symmetrically encrypts the location interest point information by adopting the key to obtain encrypted location interest point information;
And receiving the encryption position interest point information, and obtaining the sharing position information based on the encryption position interest point information.
6. The user location information sharing method of claim 5, wherein the obtaining the initial location of the sharing user based on the decrypted location information comprises:
calculating a position set after iterating nk times when each position in the anonymous region is taken as an initial value based on the chaotic random coefficient, the position precision value and the k value in the decryption position information, wherein n is greater than 1;
and if the positions in the anonymous areas all belong to the position set, determining the initial value as the initial position of the sharing user.
7. A user location information sharing system, comprising:
The sending module is used for sending a position information request to the certificate issuing mechanism and receiving a temporary session key sent after the certificate issuing mechanism verifies the position information request;
The encryption module is used for encrypting the anonymous zone output based on the chaotic algorithm by utilizing the temporary session key to obtain encryption position information, and sending the encryption position information to a receiving user;
The acquisition module is used for acquiring shared position information after the receiving user verifies and decrypts the encrypted position information through the certificate issuing mechanism and the position service provider;
The transmitting module, the encrypting module and the acquiring module cooperate with each other to execute the user position information sharing method according to any one of claims 1 to 3.
8. A user location information sharing system, comprising:
The first receiving module is used for sending a position information request to a certificate issuing mechanism by a user to be shared and receiving a temporary session key sent after the certificate issuing mechanism verifies the position information request;
the second receiving module is used for receiving encryption position information obtained after the sharing user encrypts the anonymous region output based on the chaotic algorithm by utilizing the temporary session key;
The processing module is used for obtaining shared position information after verifying and decrypting the encrypted position information through the certificate issuing mechanism and the position service provider;
The first receiving module, the second receiving module and the processing module cooperate with each other to execute the user location information sharing method according to any one of claims 4 to 6.
9. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the user location information sharing method according to any of claims 1 to 6 when executing the program.
10. A non-transitory computer readable storage medium having stored thereon a computer program, wherein the computer program when executed by a processor implements the user location information sharing method of any of claims 1 to 6.
CN202210343556.5A 2022-03-31 2022-03-31 User location information sharing method and system Active CN114828006B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210343556.5A CN114828006B (en) 2022-03-31 2022-03-31 User location information sharing method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210343556.5A CN114828006B (en) 2022-03-31 2022-03-31 User location information sharing method and system

Publications (2)

Publication Number Publication Date
CN114828006A CN114828006A (en) 2022-07-29
CN114828006B true CN114828006B (en) 2025-02-25

Family

ID=82533028

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210343556.5A Active CN114828006B (en) 2022-03-31 2022-03-31 User location information sharing method and system

Country Status (1)

Country Link
CN (1) CN114828006B (en)

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8732091B1 (en) * 2006-03-17 2014-05-20 Raj Abhyanker Security in a geo-spatial environment
CN104283899B (en) * 2014-10-30 2017-10-13 西安电子科技大学 User anonymity identity identifying method based on k assumed name set in wireless network
CN108632237A (en) * 2017-09-15 2018-10-09 湖南科技大学 A kind of position service method based on the anonymity of more Anonymizers
CN111447053B (en) * 2020-03-24 2022-09-23 重庆邮电大学 Method and system for secure data transmission
CN113194213B (en) * 2021-04-08 2022-05-20 安徽大学 A PNG image information hiding and restoration method based on secret sharing and chaotic mapping

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
面向移动社交网络的位置隐私保护方法研究;佟承蔚;《中国优秀硕士论文电子期刊网》;20240115;第4章 *

Also Published As

Publication number Publication date
CN114828006A (en) 2022-07-29

Similar Documents

Publication Publication Date Title
Zhang et al. SMAKA: Secure many-to-many authentication and key agreement scheme for vehicular networks
Yuan et al. PriRadar: A privacy-preserving framework for spatial crowdsourcing
Zhang et al. Data security and privacy-preserving in edge computing paradigm: Survey and open issues
Jiang et al. P 2 AE: preserving privacy, accuracy, and efficiency in location-dependent mobile crowdsensing
Yu et al. PGRide: Privacy-preserving group ridesharing matching in online ride hailing services
CN106899700B (en) Privacy protection method of location sharing system in mobile social network
Yu et al. Identity privacy-preserving public auditing with dynamic group for secure mobile cloud storage
CN108632237A (en) A kind of position service method based on the anonymity of more Anonymizers
EP2805298B1 (en) Methods and apparatus for reliable and privacy protecting identification of parties&#39; mutual friends and common interests
CN109039578A (en) Secret protection encryption method, information data processing terminal based on homomorphic cryptography
Guo et al. Enabling privacy-preserving geographic range query in fog-enhanced IoT services
Li et al. Secure data deduplication protocol for edge-assisted mobile crowdsensing services
Liu et al. LVAP: Lightweight V2I authentication protocol using group communication in VANET s
CN104219245A (en) User privacy protection system and method for location-based services
Al‐Balasmeh et al. Framework of data privacy preservation and location obfuscation in vehicular cloud networks
CN107767281B (en) Friend-making matching privacy protection method and system based on second-degree connections of mobile social network
Kamil et al. A secure and privacy-preserving lightweight authentication protocol for wireless communications
Cheng et al. Efficient CP-ABE scheme resistant to key leakage for secure cloud-fog computing
Zhu et al. Blockchain‐Enabled Privacy‐Preserving Location Sharing Scheme for LBSNs
Liu et al. Enabling efficient and distributed access control for pervasive edge computing services
Chen et al. Conditional Identity-Based Broadcast Proxy Re-Encryption With Anonymity and Revocation
Wang et al. Secure content sharing protocol for D2D users based on profile matching in social networks
CN114828006B (en) User location information sharing method and system
Peng et al. A User‐Defined Location‐Sharing Scheme with Efficiency and Privacy in Mobile Social Networks
Guo et al. Privacy-preserving attribute-based friend search in geosocial networks with untrusted servers

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant