Abstract. Serious privacy concern rises with the prosperity of social network applications. To prevent the privacy of vertices or edges associated with entities in a social network from getting re-identified through background information or queries,a novel clustering-based approach is proposed to anonymize vertices and edges. Concepts of vertex similarity matrix and the distance between a vertex and a cluster are defined, based on which a k -anonymized graph approach is presented. The effectiveness of the approach is verified Through experiments that compare the performance of our method with that of SASN, an existing anonymization algorithm .
Trajectory data contains rich spatio-temporal information of moving objects. Directly publishing it for mining and analysis will result in severe privacy disclosure problems. Most existing clustering-anonymity methods cluster trajectories according to either distance- or direction-based similarities, leading to a high information loss. To bridge this gap, in this paper, we present a clustering-anonymity approach considering both these two types of similarities. As trajectories may not be synchronized, we first design a trajectory synchronization algorithm to synchronize them. Then, two similarity metrics between trajectories are quantitatively defined, followed by a comprehensive one. Furthermore, a clustering-anonymity algorithm for trajectory data publishing with privacy-preserving is proposed. It groups trajectories into clusters according to the comprehensive similarity metric. These clusters are finally anonymized. Experimental results show that our algorithm is effective in preserving privacy with low information loss.
Task scheduling is the key to the full utilization of heterogeneous cloud capabilities for parallel processing of big graphs. Most graph processing systems adopt single-granularity scheduling mechanisms without considering the heterogeneity of the cloud, leading to poor performance. To alleviate it by learning from the excellent directed acyclic graph (DAG)-based scheduling techniques accumulated in traditional parallel computing, we first present a streaming DAG-construction heuristic. It transforms a big graph along with graph traversal algorithms to be carried out into a DAG. We then propose a three-phase heterogeneousaware cluster-scheduling algorithm to schedule the DAG into a heterogeneous cloud for parallel processing. In the first phase, we design a parallel linear clustering algorithm to cluster the DAG into a series of linear clusters with different granularities. In the second phase, we design a heterogeneous-aware load balancing algorithm to map these clusters to different computational nodes of the cloud. In the last phase, we design a task ordering algorithm to assigns these clusters as-early-as-possible start times. The experimental results show that our scheme can generate high-quality schedules and improve the efficiency and performance of parallel processing of big graphs in the heterogeneous cloud. INDEX TERMS Heterogeneous cloud, big graph traversal task, parallel processing, DAG, clusterscheduling, granularity.
As access control policies become more and more complex, the detection of access control vulnerabilities becomes more important. Previous research efforts have concentrated on access control vulnerabilities due to programming errors, while the privilege escalation caused by logic errors or abuse of privileges has seldom attracted researchers’ attention, which is also a kind of access control vulnerabilities. To investigate the property of privilege escalation, hierarchical RBAC model is used to describe complex relations between different roles that are represented by a directed role graph. Permissions are divided into multiple categories according to the inheritance of permissions in the role hierarchy. Three types of vulnerabilities, Upward Privilege Escalation, Downward Privilege Escalation and Horizonal Privilege Escalation, are defined and decided theorically based on the inheritance relations between roles in a role graph. Besides the three type, another type of privilege escalation that is not related to the hierarchy of roles is also studied. Finally, the decision theorems of three vulnerabilities are used to optimize the access control decision algorithm.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.