面向智能移动终端的隐私保护技术研究

发布时间：2018-06-18 02:36

本文选题：移动互联网 + 智能移动终端　；参考：《华中科技大学》2016年博士论文

【摘要】：移动互联网将信息技术的发展带入了一个新时代,对人类的发展有着极为深刻的意义,已经影响到了人类生产生活的各个领域。然而,人们在享受移动互联网带来便利的同时,也更多地将自己的信息参与到网络之中,使得个人信息的隐私度降低,从而面临着隐私方面的安全威胁。用户所使用的移动终端往往包含大量的用户隐私信息,一旦用户隐私数据泄露,若不采取相应的保护措施,则其产生的后果及造成的经济损失是无法估量的。随着隐私的安全问题的渐渐凸显,用户对自身的隐私的关注度也逐渐提高。目前国内外对隐私保护机制的研究方兴未艾,对于智能移动终端的隐私保护技术尚存在一些亟待深入研究的问题。首先,移动终端应用程序过度获取用户隐私的问题。传统方法中允许或者阻止应用程序或者服务访问用户隐私数据比较简单直接,但是可能会对实时性和可用性产生影响。另外,传统的移动终端隐私保护主要研究阻止隐私泄露的方法,而缺少研究基于粒度为基础的隐私策略定制问题；其次,智能移动终端可能存在的传感器隐私泄露问题。目前移动终端涉及传感器泄露隐私的方式越来越多,但是其对应的保护方法往往治标不治本,并且有些保护方案并不能面面俱到,可能会给移动用户带来新的威胁：最后,当前移动终端隐私保护研究主要关注如何保护用户隐私数据,而忽视了移动终端本身。智能移动终端的遗失作为用户担心最多的隐私泄露渠道,传统的追溯系统存在严重的隐私问题,持续的接收设备的位置会导致用户认为在被持续监控,因此产生严重的心理障碍。首先,基于位置粒度的移动终端隐私保护机制,能够解决移动终端应用程序过度获取用户位置隐私的问题。该机制能够根据用户制定LBS(Location Based Services)应用的隐私策略,将精确位置信息模糊化处理为不同精确级的位置数据并返回给上层应用,以达到在不依赖第三方的情况下,最大限度地维持LBS应用的可用性,并且实时高效地保护用户位置隐私数据。其次,针对移动终端可能存在的传感器隐私泄露防护问题,传感器隐私订制策略的概念被提出来,目的在于让用户对智能手机中所有的感知应用程序设置隐私策略,控制它们访问传感器的权限。以传感器隐私订制策略为基础,基于传感器的移动终端隐私保护机制,能够解决智能手机上的传感器可能被恶意者利用来窃取用户的隐私信息的问题。该机制其能够让用户根据自己的需求为智能手机上的应用程序定制传感器隐私策略,并且在运行时阻止恶意程序对传感器的非法访问,同时维持合理的开销。最后,基于云存储的保密追溯机制能够有效缓解智能移动终端遗失追溯中的隐私问题,该机制不仅能让用户充分享受云存储带来的服务,而且可以最大限度的保护用户位置隐私信息不被泄露。在智能移动终端引入云计算能够解决智能移动终端计算能力和存储能力不足的问题,通过使用云存储设施之一的网络硬盘作为存储设施,采用基于位置感应的数据采集方式收集设备的位置信息,以及适用于移动设备的加密算法对位置信息进行加密发送,从而克服了对可信第三方的依赖,保护了用户的位置隐私,节省了数据流量并且提高了位置追踪的效率。综上所述,通过使用面向智能移动终端隐私保护机制,可以为智能移动终端应用程序提供不同粒度的隐私保护,也可以根据用户需求,为应用程序制定隐私策略,全面保护位置信息以及传感器信息等隐私,也可以使用基于云存储的保密追溯机制在不泄露隐私的情况下找回遗失的智能移动终端。
[Abstract]:The mobile Internet has brought the development of information technology into a new era, which has a profound significance to the development of human beings. It has already affected all fields of human production and life. However, while people are enjoying the convenience of the mobile Internet, they are also more involved in the network, making the personal information hidden. There is a security threat to privacy. The mobile terminal used by the user often contains a large number of user privacy information. Once the user's privacy data is leaked, the consequences and economic losses caused by the user's privacy data are immeasurable. With the security of privacy, the problem of security is becoming more and more important. The attention of users to their privacy is also increasing. At present, the research on the privacy protection mechanism at home and abroad is in the ascendant, and there are still some problems to be deeply studied for the privacy protection technology of the intelligent mobile terminal. First, the problem of overtaking the privacy of the users by the mobile terminal applications is allowed or prevented from the traditional methods. Accessing user privacy data with programs or services is simple and direct, but it may have an impact on real time and availability. In addition, traditional mobile terminal privacy protection mainly studies methods to prevent privacy disclosure, but lacks research on granularity based privacy policy customization. Secondly, intelligent mobile terminals may exist. At present, there are more and more ways for mobile terminals to disclose privacy of sensors, but their corresponding protection methods often do not run the rule, and some protection schemes are not available, which may bring new threats to mobile users. Finally, the current research on the privacy protection of mobile terminals is mainly concerned. How to protect the user's privacy data, but ignore the mobile terminal itself. The loss of the smart mobile terminal is the most worrying privacy leak channel for the user. The traditional traceability system has serious privacy problems. The location of the continuous receiving device will lead to the users think that it is constantly monitored. The location granularity mobile terminal privacy protection mechanism can solve the problem of excessive access to user location privacy by mobile terminal applications. This mechanism can make LBS (Location Based Services) application of privacy policy based on users, and fuzzification of precise location information into different precise level of location data and return to the upper application. To maximize the availability of LBS applications without relying on third parties, and to protect user location privacy data in real time and efficiently. Secondly, the concept of sensor privacy policy is proposed in view of the potential privacy disclosure protection problems of mobile terminals. All of the perceived applications set up privacy policies to control their access to the sensor. Based on sensor privacy reservation strategy and sensor based mobile terminal privacy protection mechanism, it can solve the problem that sensors on a smartphone may be exploited by malicious users to steal user privacy information. Users customize the privacy policy for the applications on the smartphone based on their own needs, and prevent the malicious access of the malicious program to the sensor at run time, while maintaining a reasonable cost. Finally, the secret tracing mechanism based on cloud storage can effectively alleviate the privacy problems in the traceability of the intelligent mobile terminal. It can not only allow users to fully enjoy the services brought by the cloud storage, but also maximize the protection of user location privacy information. The introduction of cloud computing in intelligent mobile terminals can solve the problem of insufficient computing power and storage capacity of intelligent mobile terminals, by using a network hard disk as one of the cloud storage facilities as a storage device. By using the location based data collection method, the location information of the equipment is collected, and the encryption algorithm suitable for mobile devices is used to encrypt the location information, thus overcoming the dependence on the trusted third party, protecting the user's location privacy, saving the data flow and improving the efficiency of location tracking. Through the use of intelligent mobile terminal privacy protection mechanism, it can provide different granularity privacy protection for intelligent mobile terminal applications. It can also make privacy policies for applications, protect location information and sensor information in an all-round way according to user needs, and can also use cloud storage based privacy tracing mechanism. Find the lost smart mobile terminal without revealing the privacy.
【学位授予单位】：华中科技大学
【学位级别】：博士
【学位授予年份】：2016
【分类号】：TP309

【相似文献】