移动展业平台中的隐私保护技术研究

发布时间：2018-04-01 03:39

本文选题：移动展业　切入点：隐私保护　出处：《武汉理工大学》2015年硕士论文

【摘要】：移动互联网时代的到来改变了人们工作、生活的方式,也给保险行业带来了新的机遇和挑战。利用移动终端开展保险业务成为一种新的保险营销模式,它能帮助代理人快速完成保险产品推荐、投保、查勘、理赔等一系列保险流程。然而,移动应用在带来方便的同时也存在诸多安全隐患,其中用户隐私泄露问题尤其严重。学术界对隐私保护问题的研究由来已久,一般集中在数据库应用领域,包括基于数据挖掘和数据发布的隐私保护技术,相关的理论如k-匿名模型、信息损失度等已经较为成熟。然而,当前隐私保护技术大多还停留在理论研究上,并没有被广泛运用到实际应用中,这一方面是由于相关的法律要求还不够完善,另一方面在于用户、应用开发商对隐私保护不够重视。因此,如何针对具体的应用在已有的安全和隐私保护技术基础上进行改进与创新,使其满足实际应用的需求更具有现实意义。本文以移动展业平台项目为背景,介绍了传统的数据发布中隐私保护相关理论和技术,并对Android移动平台及其数据隐私保护技术进行了简要描述,然后针对移动展业应用的具体需求设计了一套细粒度的隐私保护方案,包括隐私文件的备份、基于Hash加盐的密码保护以及面向数据发布的个性化匿名模型和算法。针对移动展业应用中的客户资料等本地隐私数据的备份需求,设计了一种基于文件字节拆分和重组的备份方法,该方法将原始文件拆分成多份密文,并依次进行本地备份和云备份。由于字节变换的过程比传统加密算法简单,而且不需要管理密钥,因此在性能上较之传统的安全备份方法更加适用于移动应用。针对保险公司可能将用户的保单数据对外发布或共享的情况,在现有的匿名模型的基础上提出了改进的个性化(α,L)匿名模型和基于聚类的实现算法,并运用公开数据集对其进行了实验,结果表明该算法在时间性能和数据信息损失度方面较之已有的聚类匿名算法效果更好。最后,对本文的工作进行了总结,指出下一步需要从文件备份的安全性、面向动态数据集的隐私保护等方向对本文的方案进行改进。
[Abstract]:The advent of mobile Internet has changed the way people work and live, and has brought new opportunities and challenges to the insurance industry.Using mobile terminal to carry out insurance business has become a new insurance marketing model, which can help agents to complete a series of insurance processes such as insurance product recommendation, insurance, investigation, claim settlement and so on.However, mobile applications not only bring convenience, but also have a lot of security risks, among which, the problem of user privacy disclosure is especially serious.The research on privacy protection in academic circles has a long history. It is generally concentrated in the application field of database, including privacy protection technology based on data mining and data publishing. Related theories such as k- anonymity model, information loss degree and so on have been more mature.However, most of the current privacy protection technologies remain in the theoretical research, and have not been widely used in practical applications, this is due to the relevant legal requirements are not perfect, on the other hand, the user,Application developers pay less attention to privacy protection.Therefore, how to improve and innovate the existing security and privacy protection technologies in order to meet the needs of practical applications has more practical significance.Based on the mobile exhibition platform project, this paper introduces the traditional theory and technology of privacy protection in data release, and briefly describes the Android mobile platform and its data privacy protection technology.Then a set of fine-grained privacy protection schemes are designed to meet the specific needs of mobile exhibition applications, including backup of privacy files, password protection based on Hash salt, and personalized anonymous model and algorithm for data publishing.Aiming at the backup requirement of local privacy data such as customer data in mobile exhibition application, a backup method based on file byte splitting and recombination is designed, which divides the original file into several ciphertext.And then local backup and cloud backup.Because the process of byte transformation is simpler than the traditional encryption algorithm and the management key is not required, it is more suitable for mobile applications than the traditional secure backup method.Aiming at the situation that the insurance company may publish or share the user's policy data, an improved personalized (伪 -L-based) anonymous model and a clustering based implementation algorithm are proposed on the basis of the existing anonymous model.The experimental results show that the proposed algorithm is more effective than the existing clustering anonymous algorithm in terms of time performance and loss of data information.Finally, the work of this paper is summarized, and it is pointed out that the next step is to improve the scheme from the aspects of file backup security, privacy protection for dynamic data sets, and so on.
【学位授予单位】：武汉理工大学
【学位级别】：硕士
【学位授予年份】：2015
【分类号】：TP309

【参考文献】