Cyber-physical systems (CPS) data privacy protection during sharing, aggregating, and publishing is a challenging problem. Several privacy protection mechanisms have been developed in the literature to protect sensitive data from adversarial analysis and eliminate the risk of re-identifying the original properties of shared data. However, most of the existing solutions have drawbacks, such as (i) lack of a proper vulnerability characterization model to accurately identify where privacy is needed, (ii) ignoring data providers privacy preference, (iii) using uniform privacy protection which may create inadequate privacy for some provider while overprotecting others, and (iv) lack of a comprehensive privacy quantification model assuring data privacy-preservation. To address these issues, we propose a personalized privacy preference framework by characterizing and quantifying the CPS vulnerabilities as well as ensuring privacy. First, we introduce a standard vulnerability profiling library (SVPL) by arranging the nodes of an energy-CPS from maximum to minimum vulnerable based on their privacy loss. Based on this model, we present our personalized privacy framework (PDP) in which Laplace noise is added based on the individual node's selected privacy preferences. Finally, combining these two proposed methods, we demonstrate that our privacy characterization and quantification model can attain better privacy preservation by eliminating the trade-off between privacy, utility, and risk of losing information.
翻译:在共享、汇总和出版过程中保护网络-物理系统数据隐私是一个具有挑战性的问题。文献中已经制定了若干保护隐私的机制,以保护敏感数据不受对抗性分析的影响,并消除重新确定共享数据原有特性的风险;然而,大多数现有解决办法都存在缺陷,例如:(一) 缺乏适当的脆弱性特征描述模型,无法准确确定需要隐私的地点;(二) 忽视数据提供者对隐私的偏好;(三) 使用统一的隐私保护,这可能对某些提供者造成不适当的隐私,而过度保护其他人;(四) 缺乏全面的隐私量化模型,确保数据隐私得到保护;为解决这些问题,我们提出个人化隐私偏好框架,对CPS脆弱性进行定性和量化,并确保隐私。首先,我们采用标准的脆弱性特征描述图书馆(SVPL),根据隐私损失,从最大到最低程度安排能源-CPS节点。基于这一模式,我们介绍了个人化隐私框架,其中增加的噪音以个人节点为基础,确保数据隐私得到保护。最后,我们提出个人化隐私偏好地处理隐私的隐私,将这两种拟议隐私量化方法结合起来。