摘要
在云计算环境下,通过分块混淆的隐私保护机制,将租户的数据分成多个数据块,并且存储到不同的数据节点上,以此实现数据的隐私保护.虽然该方法可以实现在明文状态下保护租户数据的隐私安全,但在实际环境中,由于租户的隐私需求、数据需求是可变的,导致云端底层的数据块结构和存储位置发生变化,因此在这种隐私保护机制下依然存在隐私泄露的风险.所以该文基于分块混淆隐私保护方法,提出一种面向隐私保护的数据块调整机制.该机制首先根据租户更新后的隐私约束,基于少动性原则,对原始的隐私保护策略中违背隐私约束的数据块进行分割;然后再结合隐私约束,重组数据块,并生成隐私保护调整策略;由于数据块分割结果的多样性,导致最终生成的可行隐私保护策略并不唯一,所以该文最后综合隐私需求、性能需求、负载需求和不对等均衡,提出了一种基于全局最优的隐私保护策略选择算法,实现从多种可行策略中筛选出满足所有要求的最优调整策略.实验结果表明,该文提出的数据块调整机制,可以找到一种最优的隐私保护调整策略,并且满足系统的性能和负载要求,增强租户数据的隐私保护效果.
In the cloud computing environment,the data of the tenant are divided into several data chunks and these data chunks are stored on different data nodes by means of the privacy protection mechanism based on chunk confusion,in order to realize the privacy protection of data.Although this method can realize the privacy protection of the tenant’s data in the plaintext state,due to tenant’s privacy needs and data demands are variable,the underlying data chunks structure and storage location in the cloud will change,which makes there still exist a risk of leakage of privacy under the privacy protection mechanism based on chunk confusion.For example,the store mode of data chunk is{post code,age,disease},which means that these three properties can be placed together and it will not reveal the privacy of the tenant’data.When the tenant suddenly adds a new attribute(the worker number)in the store mode of data chunk,if an attacker gets information about this chunk and happens to know an patient’s the worker number,then this attacker may know the patient’s condition,which is what tenant do not want to see.Therefore,based on chunk confusion based the mechanism of privacy protection,the paper proposed a kind of mechanism of data chunks adjustment for privacy protection.In the first place,according to the privacy constraints updated by the tenant,the mechanism splits data chunks that go against the privacy constraints in the original privacy protection strategy.In the process of splitting data chunks,the data storage structure of data chunks is kept unchanged as far as possible based on the less dynamic principle to reduce the cost of data transfer and the adjustment cost of privacy protection strategy.In the second place,combined with the privacy constraints,data chunks that do not violate the privacy constraints are reassembled into the new data chunks to enhance the processing efficiency of data and to generate the privacy protection adjusting strategy.In addition,because of the diversity of the data chunks segment
作者
史玉良
陈玉
孙世彬
崔立真
SHI Yu-Liang;CHEN Yu;SUN Shi-Bin;CUI Li-Zhen(School of Computer Science and Technology,Shandong University,Jinan250101)
出处
《计算机学报》
EI
CSCD
北大核心
2017年第12期2719-2733,共15页
Chinese Journal of Computers
基金
山东省泰山产业领军人才工程专项经费(tscy20150305)
山东省重点研发计划(2016GGX101008
2016ZDJS01A09)
山东省自然科学基金重大基础研究项目(ZR2017ZB0419)资助~~
关键词
云计算
数据块
隐私保护
数据调整
负载能力
最优调整策略
cloud computing
data chunk
privacy protection
data adjustment
load capacity
optimal adjustment strategy
