ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2016, Vol. 53 ›› Issue (10): 2137-2151.doi: 10.7544/issn1000-1239.2016.20160684

所属专题: 2016网络空间共享安全研究进展专题

• 信息安全 • 上一篇    下一篇



  1. 1(华东师范大学计算机科学与软件工程学院密码与网络安全系 上海 200062); 2(上海交通大学计算机科学与工程系 上海 200240) (
  • 出版日期: 2016-10-01
  • 基金资助: 
    国家自然科学基金项目(61373154,61371083,61632012,61672239,61602180);高等学校博士学科点专项科研基金优先发展计划项目(20130073130004);上海市高科技项目(16511101400);上海市自然科学基金项目(16ZR1409200) This work was supported by the National Natural Science Foundation of China (61373154, 61371083, 61632012, 61672239, 61602180), the Prioritized Development Projects Through the Specialized Research Fund for the Doctoral Program of Higher Education of China (20130073130004), Shanghai High-Tech Field Project (16511101400), and the Natural Science Foundation of Shanghai (16ZR1409200).

Research Advances on Big Data Security and Privacy Preserving

Cao Zhenfu1, Dong Xiaolei1, Zhou Jun1, Shen Jiachen1, Ning Jianting2, Gong Junqing2   

  1. 1(Department of Cryptography and Network Security, School of Computer Science and Software Engineering, East China Normal University, Shanghai 200062); 2(Department of Computer Science and Engineering, Shanghai Jiao Tong University, Shanghai 200240)
  • Online: 2016-10-01

摘要: 当前,用户数据的安全与隐私保护无疑成为大数据环境中最为重要的问题之一,而其最彻底的解决方式是通过加密所有数据来完成.因此,新的加密技术和在密文域上探索高效的大数据处理新模式是国内外当前的研究热点.在贯穿于整个数据生命周期中,密文域上的计算、访问控制和数据聚合(分别称为密文计算、密文访问控制和密文数据聚合)等问题已成为该领域的核心问题.主要针对密文计算、密文访问控制和密文数据聚合等当前国内外研究的现状进行综述,指出其存在的问题与不足.在此基础上,重点介绍了文章作者团队在大数据安全与隐私保护方面的最新研究成果.在密文计算方面,提出了通过减少公钥加密使用次数来设计高效的隐私保护外包计算的新方法,并设计了不依赖于公钥(全)同态加密,仅需一次离线计算任意单向陷门置换来实现安全外包计算的新方案.在密文访问控制方面,提出了支持大属性集合的、短密文的高效可追踪、可撤销属性基加密方案.在密文数据聚合方面,提出了不依赖于加法同态加密的、保护个体数据隐私且仅由授权接收方可成功解密聚合结果的高效隐私保护外包聚合方案.最后,还指出了该领域当前研究中需要解决的公开问题和未来的发展趋势.

关键词: 大数据安全, 隐私保护, 密文计算, 密文访问控制, 密文数据聚合

Abstract: Nowadays, data security and privacy preserving have been definitely becoming one of the most crucial issues in the big data setting, where data encryption plays the most important role to achieve these goals. Therefore, to explore new data encryption techniques and new modes of big data processing has emerged as one of the most popular research topics all over the world. During the whole life cycle of data, the problems of computation, access control and data aggregation in the ciphertext domain (ciphertext computation, ciphertext access control and ciphertext data aggregation) are three critical issues in this research field. In this paper, we firstly review the state-of-the-art in the field of ciphertext computation, ciphertext access control and ciphertext data aggregation by identifying their inappropriateness. Based on it, a series of recent results in this research field are presented. In the aspect of ciphertext computation, a new method of designing efficient privacy preserving outsourced computation by reducing the usage times of public key encryption is proposed, with the implementation of a concrete construction which is realized by one time offline computation of any one-way trapdoor permutation without exploiting the technique of public key (fully) homomorphic encryption. In the aspect of ciphertext access control, a short ciphertext size traceable and revocable attribute-based encryption supporting flexible attributes is proposed. In the aspect of ciphertext data aggregation, an efficient privacy preserving data aggregation protocol with both input privacy and output privacy is devised without exploiting public key additive homomorphic encryption. Finally, we also suggest several interesting open research issues and the trend in the future.

Key words: big data security, privacy preserving, ciphertext computation, ciphertext access control, ciphertext data aggregation