ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2015, Vol. 52 ›› Issue (4): 879-888.doi: 10.7544/issn1000-1239.2015.20131906

• 系统结构 • 上一篇    下一篇

云计算环境下隐私需求的描述与检测方法

柯昌博1,2,3,黄志球2   

  1. 1(南京邮电大学计算机学院、软件学院 南京 210023); 2(南京航空航天大学计算机科学与技术学院 南京 210016); 3(江苏省无线传感网高技术研究重点实验室 南京 210003) (brobo.ke@njupt.edu.cn)
  • 出版日期: 2015-04-01
  • 基金资助: 
    基金项目:南京邮电大学引进人才科研启动基金资助(NY214164);国家自然科学基金项目(61272083);南京航空航天大学博士学位论文创新与创优基金项目(BCXJ12-14);中央高校基本科研业务费专项资金

Privacy Requirement Description and Checking Method in Cloud Computing

Ke Changbo1,3, Huang Zhiqiu2   

  1. 1(School of Computer Science & Technology, School of Software, Nanjing University of Posts and Telecommunications, Nanjing 210023); 2(College of Computer Science and Technology, Nanjing University of Aeronautics and Astronautics, Nanjing 210016); 3(Jiangsu High Technology Research Key Laboratory for Wireless Sensor Networks, Nanjing 210003)
  • Online: 2015-04-01

摘要: 云计算已经成为一种计算范型为用户提供服务,但其开放性、虚拟化和服务外包化的特点使得用户的隐私信息难以控制和保护.以描述逻辑为基础,提出了一种云计算环境下面向语义的隐私需求描述与检测方法.首先,对用户隐私需求与服务提供者的隐私策略进行描述;其次,对两者之间是否存在冲突进行检测,发现满足用户隐私需求的服务;最后,利用Protégé本体建模工具对用户的隐私需求和服务提供者的隐私策略进行建模,并利用Pellet推理机进行了实验,分别对本体模型中的概念进行一致性检测和对概念与逻辑公理之间的可满足性进行检验,从而证明了此检测方法的正确性与可行性.

关键词: 云计算, 描述逻辑, 隐私属性, 隐私策略, 隐私偏好

Abstract: Cloud computing has been a computing paradigm to provide services for users. However, it is difficult to control and protect personal privacy information because of its opening, virtualization, multi-tenancy and service outsourcing characters. Therefore, how to prevent user privacy information from being used and propagated in cloud computing illegally has become a research focus. In this work, we propose a semantic-oriented privacy requirement description method and checking mechanism. First of all, we describe the user privacy requirement and privacy policy of service provider based on description logic. Secondly, we address the privacy requirement checking framework. Namely, we build the knowledge base through privacy disclosure assertion of user map to TBox and privacy disclosure assertion of service provider map to ABox, and then reason the TBox and ABox by taking advantage of the Tableau algorithm. In the end, we check whether there are the conflicts between user privacy requirement and privacy policy of service provider through experiment and case analysis. Namely, we build the privacy requirement checking model with Protégé of Stanford University, and prove the consistency of conceptions in model and the satisfiability between the conceptions and the logic axioms with Pellet reasonor. Thereby, the correctness and feasibility of our method is certified.

Key words: cloud computing, description logic, privacy property, privacy policy, privacy preference

中图分类号: