研究生: |
吳雨辰 Wu, Yu-Chen |
---|---|
論文名稱: |
應用於數位雙生服務之隱私保護資訊暴露控制機制 A Privacy-Preserving Information Exposure Control Mechanism for Digital Twin Services |
指導教授: |
郭耀煌
Kuo, Yau-Hwang |
學位類別: |
碩士 Master |
系所名稱: |
電機資訊學院 - 資訊工程學系 Department of Computer Science and Information Engineering |
論文出版年: | 2024 |
畢業學年度: | 112 |
語文別: | 英文 |
論文頁數: | 117 |
中文關鍵詞: | 隱私保護數位雙生服務 、同態加密 、差分隱私 、泛函加密 、資訊暴露控制 |
外文關鍵詞: | Privacy-Preserving Digital Twin Services, Homomorphic Encryption, Differential Privacy, Functional Encryption, Information Exposure Control |
相關次數: | 點閱:65 下載:0 |
分享至: |
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
近年來,隨著數位雙生技術的持續發展,因其服務使用了敏感資料進而導致隱私外洩的疑慮也逐漸受到重視。傳統隱私保護技術通常嚴重限縮了服務的可用性,因此如何在保護隱私的同時妥善的授權使用資料以控制資訊暴露的程度就成為一個重要的議題。一般來說,數位雙生服務的生命週期包含了訓練與應用兩個階段,各自面臨了不同的隱私問題。在訓練階段,除了保護資料與模型的隱私外也要兼顧模型的強健性,使其能抵抗應用階段的推理攻擊。而在應用階段則要在保護模型隱私的同時進行應用授權,並控制資訊暴露程度。然而,現有解決方案不但沒有辦法同時保護兩階段的資料與模型隱私,還由於無法對數位雙生的產出進行存取控制,造成資訊過度暴露。
因此,本論文提出一種應用於數位雙生服務之隱私保護資訊暴露控制機制。該機制針對數位雙生服務在訓練與應用兩階段各自提供適合的運作環境以滿足所有隱私需求。在訓練環境中,基於同態加密之穩健性保證模型訓練方法可以在保證資料機密性與模型隱私性的同時訓練出具備模型強健性的數位雙生核心。而在應用環境中,基於泛函加密之多層模型推理方法與基於內積之資訊暴露控制方法可以在保證模型隱私性的情形下對數位雙生應用進行授權與運算,並控制資訊暴露的程度。
最後,本論文提供安全分析來說明所提出的隱私保護資訊暴露控制機制能滿足前述隱私需求,並另外推導出一安全量化標準來評估各方法的隱私保護程度。此外,透過實驗分析可以得知,本機制在相同隱私保護程度下比其他方法具備更好的效能,並且能以較少的模型準確度損失來取得更穩健的模型。因此,利用本論文提出的隱私保護資訊暴露控制機制可以真正實現完整的隱私保護數位雙生服務。
Recently, with the development of digital twin services, concerns about privacy leakage due to the use of sensitive data gradually emerged. Traditional privacy-preserving techniques usually have the limited usability of services, and therefore, properly authorizing data to control information exposure while preserving privacy becomes a critical issue. Generally, the lifecycle of digital twin services is composed of two phases, training phase and inference phase, and each of them confronts diverse threats to privacy. In the training phase, it is essential to protect the privacy of both data and models while ensuring the model robustness to defend against inference attacks during the inference phase. Moreover, in the inference phase, properly authorizing digital twin services to access data while protecting model privacy and controlling information exposure is necessary. However, existing solutions cannot protect data and model privacy in both phases. In addition, they fail to provide appropriate access control on the results of digital twin services leading to excessive information exposure.
Therefore, this thesis proposes a privacy-preserving information exposure control mechanism for digital twin services. This mechanism provides applicable environments, which meet all privacy requirements, for digital twin services to operate in both training and inference phases, respectively. In the environment for the training phase, the proposed HE-Based Robustness Guaranteed Model Training Method ensures data confidentiality and model privacy while training a robust digital twin core entity. In the environment for the inference phase, the proposed FE-Based Multi-Layer Model Inference Method and Inner Product-Based Information Exposure Control Method protect model privacy while authorizing digital twin services to operate under an acceptable degree of information exposure.
Finally, this thesis provides a series of security analyses to demonstrate that the proposed mechanism meets all privacy requirements of digital twin services, followed by the proposed security evaluation to assess the security level of privacy protection for each method. In addition, experiment results show that the proposed mechanism has better performance than other methods under the same security level of privacy protection while achieving better model robustness without a significant decrease in accuracy. Consequently, the proposed privacy-preserving information exposure control mechanism can realize comprehensive privacy-protected digital twin services.
[1] "Digital Twin Market Size, Share, Statistics and Industry Growth Analysis Report by Application(Predictive Maintenance, Business Optimization, Performance Monitoring, Inventory Management), Industry(Automotive & Transportation, Healthcare, Energy & Utilities), Enterprise and Geography - Global Growth Driver and Industry Forecast to 2028." https://www.marketsandmarkets.com/Market-Reports/digital-twin-market-225269522.html (accessed July 1, 2024).
[2] "Smart Manufacturing Market Size, Share, Statistics and Industry Growth Analysis Report by Technology (3D printing, Al in Manufacturing, Automated guided vehicle, Condition Monitoring, Cybersecurity, Digital Twin, HMI, Machine Vision, MES, PAM, Robot, Sensor), Industry, Region - Global Forecast to 2028 " https://www.marketsandmarkets.com/Market-Reports/smart-manufacturing-market-105448439.html (accessed July 1, 2024).
[3] Microsoft SEAL (release 4.1). (2023). [Online]. Available: https://github.com/Microsoft/SEAL
[4] M. Abadi, A. Chu, I. Goodfellow, H. B. McMahan, I. Mironov, K. Talwar, and L. Zhang, "Deep learning with differential privacy," in Proceedings of the 2016 ACM SIGSAC conference on computer and communications security, 2016, pp. 308-318.
[5] M. Abdalla, F. Bourse, A. De Caro, and D. Pointcheval, "Simple functional encryption schemes for inner products," in IACR International Workshop on Public Key Cryptography, 2015: Springer, pp. 733-751.
[6] A. Acar, H. Aksu, A. S. Uluagac, and M. Conti, "A survey on homomorphic encryption schemes: Theory and implementation," ACM Computing Surveys (Csur), vol. 51, no. 4, pp. 1-35, 2018.
[7] P. Aggarwal, B. Narwal, S. Purohit, and A. K. Mohapatra, "BPADTA: Blockchain-based privacy-preserving authentication scheme for digital twin empowered aerospace industry," Computers and Electrical Engineering, vol. 111, p. 108889, 2023.
[8] S. Agrawal, B. Libert, and D. Stehlé, "Fully secure functional encryption for inner products, from standard assumptions," in Annual International Cryptology Conference, 2016: Springer, pp. 333-362.
[9] C. E. Z. Baltico, D. Catalano, D. Fiore, and R. Gay, "Practical functional encryption for quadratic functions with applications to predicate encryption," in Annual International Cryptology Conference, 2017: Springer, pp. 67-98.
[10] D. J. Bernstein and T. Lange, "Computing small discrete logarithms faster," in Progress in Cryptology-INDOCRYPT 2012: 13th International Conference on Cryptology in India, Kolkata, India, December 9-12, 2012. Proceedings 13, 2012: Springer, pp. 317-338.
[11] J. Bethencourt, A. Sahai, and B. Waters, "Ciphertext-policy attribute-based encryption," in 2007 IEEE symposium on security and privacy (SP'07), 2007: IEEE, pp. 321-334.
[12] D. Boneh and M. Franklin, "Identity-based encryption from the Weil pairing," in Annual international cryptology conference, 2001: Springer, pp. 213-229.
[13] D. Boneh, A. Sahai, and B. Waters, "Functional encryption: Definitions and challenges," in Theory of Cryptography: 8th Theory of Cryptography Conference, TCC 2011, Providence, RI, USA, March 28-30, 2011. Proceedings 8, 2011: Springer, pp. 253-273.
[14] J. W. Bos, K. Lauter, J. Loftus, and M. Naehrig, "Improved security for a ring-based fully homomorphic encryption scheme," in Cryptography and Coding: 14th IMA International Conference, IMACC 2013, Oxford, UK, December 17-19, 2013. Proceedings 14, 2013: Springer, pp. 45-64.
[15] Z. Brakerski, "Fully homomorphic encryption without modulus switching from classical GapSVP," in Annual cryptology conference, 2012: Springer, pp. 868-886.
[16] Z. Brakerski, C. Gentry, and V. Vaikuntanathan, "(Leveled) fully homomorphic encryption without bootstrapping," ACM Transactions on Computation Theory (TOCT), vol. 6, no. 3, pp. 1-36, 2014.
[17] H. Burkert, "Privacy-enhancing technologies: Typology, critique, vision," Technology and privacy: The new landscape, vol. 125, 1997.
[18] Y. Chen and Q. Yan, "Privacy-Preserving Diffusion Model Using Homomorphic Encryption," arXiv preprint arXiv:2403.05794, 2024.
[19] J. H. Cheon, A. Kim, M. Kim, and Y. Song, "Homomorphic encryption for arithmetic of approximate numbers," in Advances in Cryptology–ASIACRYPT 2017: 23rd International Conference on the Theory and Applications of Cryptology and Information Security, Hong Kong, China, December 3-7, 2017, Proceedings, Part I 23, 2017: Springer, pp. 409-437.
[20] J. H. Cheon, K. Han, A. Kim, M. Kim, and Y. Song, "Bootstrapping for approximate homomorphic encryption," in Advances in Cryptology–EUROCRYPT 2018: 37th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tel Aviv, Israel, April 29-May 3, 2018 Proceedings, Part I 37, 2018: Springer, pp. 360-384.
[21] R. Chourasia, J. Ye, and R. Shokri, "Differential privacy dynamics of langevin diffusion and noisy gradient descent," Advances in Neural Information Processing Systems, vol. 34, pp. 14771-14781, 2021.
[22] Z. Chu, J. He, D. Peng, X. Zhang, and N. Zhu, "Differentially Private Denoise Diffusion Probability Models," IEEE Access, 2023.
[23] T. Dockhorn, T. Cao, A. Vahdat, and K. Kreis, "Differentially private diffusion models," arXiv preprint arXiv:2210.09929, 2022.
[24] C. Dwork, "Differential privacy," in International colloquium on automata, languages, and programming, 2006: Springer, pp. 1-12.
[25] C. Dwork, F. McSherry, K. Nissim, and A. Smith, "Calibrating noise to sensitivity in private data analysis," in Theory of Cryptography: Third Theory of Cryptography Conference, TCC 2006, New York, NY, USA, March 4-7, 2006. Proceedings 3, 2006: Springer, pp. 265-284.
[26] C. Dwork, "Differential privacy: A survey of results," in International conference on theory and applications of models of computation, 2008: Springer, pp. 1-19.
[27] C. Dwork, G. N. Rothblum, and S. Vadhan, "Boosting and differential privacy," in 2010 IEEE 51st annual symposium on foundations of computer science, 2010: IEEE, pp. 51-60.
[28] C. Dwork and A. Roth, "The algorithmic foundations of differential privacy," Foundations and Trends® in Theoretical Computer Science, vol. 9, no. 3–4, pp. 211-407, 2014.
[29] J. Fan and F. Vercauteren, "Somewhat practical fully homomorphic encryption," Cryptology ePrint Archive, 2012.
[30] CiFEr - Functional Encryption library. (2018). [Online]. Available: https://github.com/fentec-project/CiFEr
[31] C. Gentry, "Fully homomorphic encryption using ideal lattices," in Proceedings of the forty-first annual ACM symposium on Theory of computing, 2009, pp. 169-178.
[32] R. Gilad-Bachrach, N. Dowlin, K. Laine, K. Lauter, M. Naehrig, and J. Wernsing, "Cryptonets: Applying neural networks to encrypted data with high throughput and accuracy," in International conference on machine learning, 2016: PMLR, pp. 201-210.
[33] J. Jordon, J. Yoon, and M. Van Der Schaar, "PATE-GAN: Generating synthetic data with differential privacy guarantees," in International conference on learning representations, 2018.
[34] J.-W. Lee, H. Kang, Y. Lee, W. Choi, J. Eom, M. Deryabin, E. Lee, J. Lee, D. Yoo, and Y.-S. Kim, "Privacy-preserving machine learning with fully homomorphic encryption for deep neural network," IEEE Access, vol. 10, pp. 30039-30054, 2022.
[35] A. Lewko, T. Okamoto, A. Sahai, K. Takashima, and B. Waters, "Fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption," in Advances in Cryptology–EUROCRYPT 2010: 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, French Riviera, May 30–June 3, 2010. Proceedings 29, 2010: Springer, pp. 62-91.
[36] B. Li and D. Micciancio, "On the security of homomorphic encryption on approximate numbers," in Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2021: Springer, pp. 648-677.
[37] F. Luo and K. Wang, "Verifiable decryption for fully homomorphic encryption," in International Conference on Information Security, 2018: Springer, pp. 347-365.
[38] V. Lyubashevsky, C. Peikert, and O. Regev, "On ideal lattices and learning with errors over rings," in Advances in Cryptology–EUROCRYPT 2010: 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, French Riviera, May 30–June 3, 2010. Proceedings 29, 2010: Springer, pp. 1-23.
[39] P. Panzade and D. Takabi, "Towards faster functional encryption for privacy-preserving machine learning," in 2021 Third IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA), 2021: IEEE, pp. 21-30.
[40] R. L. Rivest, L. Adleman, and M. L. Dertouzos, "On data banks and privacy homomorphisms," Foundations of secure computation, vol. 4, no. 11, pp. 169-180, 1978.
[41] T. Ryffel, D. Pointcheval, F. Bach, E. Dufour-Sans, and R. Gay, "Partially encrypted deep learning using functional encryption," Advances in Neural Information Processing Systems, vol. 32, 2019.
[42] R. Sahal, S. H. Alsamhi, and K. N. Brown, "Personal digital twin: a close look into the present and a step towards the future of personalised healthcare industry," Sensors, vol. 22, no. 15, p. 5918, 2022.
[43] N. Samardzic, A. Feldmann, A. Krastev, S. Devadas, R. Dreslinski, C. Peikert, and D. Sanchez, "F1: A fast and programmable accelerator for fully homomorphic encryption," in MICRO-54: 54th Annual IEEE/ACM International Symposium on Microarchitecture, 2021, pp. 238-252.
[44] S. Son, D. Kwon, J. Lee, S. Yu, N.-S. Jho, and Y. Park, "On the design of a privacy-preserving communication scheme for cloud-based digital twin environments using blockchain," IEEE Access, vol. 10, pp. 75365-75375, 2022.
[45] Automation systems and integration — Digital twin framework for manufacturing, ISO 23247-2:2021, I. O. f. Standardization, 2021. [Online]. Available: https://www.iso.org/standard/78743.html
[46] H. T. Tavani and J. H. Moor, "Privacy protection, control of information, and privacy-enhancing technologies," ACM Sigcas Computers and Society, vol. 31, no. 1, pp. 6-11, 2001.
[47] G. Thakur, P. Kumar, S. Jangirala, A. K. Das, and Y. Park, "An effective privacy-preserving blockchain-assisted security protocol for cloud-based digital twin environment," IEEE Access, vol. 11, pp. 26877-26892, 2023.
[48] Y. Wang, Z. Su, S. Guo, M. Dai, T. H. Luan, and Y. Liu, "A survey on digital twins: Architecture, enabling technologies, security and privacy, and future prospects," IEEE Internet of Things Journal, vol. 10, no. 17, pp. 14965-14987, 2023.
[49] B. Weggenmann, V. Rublack, M. Andrejczuk, J. Mattern, and F. Kerschbaum, "DP-VAE: Human-readable text anonymization for online reviews with differentially private variational autoencoders," in Proceedings of the ACM Web Conference 2022, 2022, pp. 721-731.
[50] C. Xu, J. Ren, D. Zhang, Y. Zhang, Z. Qin, and K. Ren, "GANobfuscator: Mitigating information leakage under GAN via differential privacy," IEEE Transactions on Information Forensics and Security, vol. 14, no. 9, pp. 2358-2371, 2019.
[51] R. Xu, J. B. Joshi, and C. Li, "Cryptonn: Training neural networks over encrypted data," in 2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS), 2019: IEEE, pp. 1199-1209.
[52] Z. Yang, Z. Dai, Y. Yang, J. Carbonell, R. R. Salakhutdinov, and Q. V. Le, "Xlnet: Generalized autoregressive pretraining for language understanding," Advances in neural information processing systems, vol. 32, 2019.