ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2020, Vol. 57 ›› Issue (10): 2027-2051.doi: 10.7544/issn1000-1239.2020.20200614

所属专题: 2020密码学与数据隐私保护研究专题

• 信息安全 • 上一篇    下一篇

边缘计算隐私保护研究进展

周俊,沈华杰,林中允,曹珍富,董晓蕾   

  1. (上海市高可信计算重点实验室(华东师范大学) 上海 200062) (jzhou@sei.ecnu.edu.cn)
  • 出版日期: 2020-10-01
  • 基金资助: 
    上海市自然科学基金项目(20ZR1418400);国家自然科学基金项目(61632012,61672239,U1636216);中央高校基本科研业务费专项资金(40500-20104-222196);中国博士后科学基金项目(2017M611502)

Research Advances on Privacy Preserving in Edge Computing

Zhou Jun, Shen Huajie, Lin Zhongyun, Cao Zhenfu, Dong Xiaolei   

  1. (Shanghai Key Laboratory of Trustworthy Computing (East China Normal University), Shanghai 200062)
  • Online: 2020-10-01
  • Supported by: 
    This work was supported by the Shanghai Natural Science Foundation (20ZR1418400), the National Natural Science Foundation of China (61632012, 61672239, U1636216), the Fundamental Research Funds for the Central Universities (40500-20104-222196), and the China Postdoctoral Science Foundation (2017M611502).

摘要: 移动通信与大数据理论的广泛应用使得外包系统蓬勃发展,资源受限的本地用户将大批量的数据文件和开销巨大的计算任务外包给云服务器完成.然而,为了解决单一的云服务器容易成为敌手俘获攻击的目标导致单点失败,且在基于多输入输出的多用户、多任务场景中由于远离用户端易造成反馈延迟较大而成为外包系统瓶颈的问题,边缘计算应运而生.在边缘计算中,多个位于云服务器与用户端之间的边缘节点相互合作完成外包存储与外包计算任务,很大程度上解决了外包系统的实时性问题;但同时也带来了巨大的安全与隐私保护挑战.首先给出了边缘计算特有的网络模型与安全模型,并在此基础上从边缘计算的隐私保护数据聚合、隐私保护外包计算和包括隐私保护集合运算、隐私保护机器学习、隐私保护图像处理、隐私保护生物认证、隐私保护的密文搜索等面向应用的安全计算问题3方面出发,基于数据扰动、全同态加密、安全多方计算、全同态数据封装机制和可验证与可审计等密码技术,对边缘计算隐私保护领域的国内外最新研究成果进行了系统的阐述、总结与科学归类.最后,探讨了边缘计算隐私保护当前面临的挑战、未来潜在的研究方向及其解决思路,以期进一步推动边缘计算隐私保护研究的发展与应用.

关键词: 边缘计算, 隐私保护, 安全数据聚合, 安全外包计算, 安全多方计算

Abstract: The wide exploitation of the theory of mobile communication and big data has enabled the flourishment of the outsourced system, where resource-constrained local users delegate batch of files and time-consuming evaluation tasks to the cloud server for outsourced storage and outsourced computation. Unfortunately, one single cloud server tends to become the target of comprise attack and bring about huge delay in response to the multi-user and multi-task setting where large quantity of inputs and outputs are respectively fed to and derived from the function evaluation, owing to its long distance from local users. To address this bottleneck of outsourced system, edge computing emerges that several edge nodes located between the cloud server and users collaborate to fulfill the tasks of outsourced storage and outsourced computation, meeting the real-time requirement but incurring new challenging issues of security and privacy-preserving. This paper firstly introduces the unique network architecture and security model of edge computing. Then, the state-of-the-art works in the field of privacy preserving of edge computing are elaborated, classified, and summarized based on the cryptographic techniques of data perturbation, fully homomorphic encryption, secure multiparty computation, fully homomorphic data encapsulation mechanism and verifiability and accountability in the following three phases: privacy-preserving data aggregation, privacy-preserving outsourced computation and their applications including private set intersection, privacy-preserving machine learning, privacy-preserving image processing, biometric authentication and secure encrypted search. Finally, several open research problems in privacy-preserving edge computing are discussed with convincing solutions, which casts light on its development and applications in the future.

Key words: edge computing, privacy-preserving, secure data aggregation, secure outsourced computation, secure multiparty computation

中图分类号: