高级检索

    一种基于分块混淆的动态数据隐私保护机制

    A Privacy Protection Mechanism for Dynamic Data Based on Partition-Confusion

    • 摘要: 云计算环境下,基于分块混淆的隐私保护机制通过对租户个性化隐私保护需求及应用性能的有效结合,实现了隐私信息在明文状态下的保护.然而随着云端多租户应用的持续运行,一方面,租户数据的插入、删除和修改等业务操作将会影响底层数据存储的分布状态,使分块间的关联关系因数据分布的不均匀而面临极大的泄露风险;另一方面,攻击者仍然可以通过局部时间内各分块的操作日志以及对应的数据快照分析出部分隐私信息.针对上述挑战,在三方安全交互模型的基础上,提出一种面向分块混淆的动态数据隐私保护机制.该机制通过可信第三方对新插入和修改的数据进行缓存并在满足条件时将数据进行分组和存储;通过保留关键分片来保证删除操作中被删数据和剩余数据的隐私安全;通过伪造数据回收机制实现存储资源消耗的降低和应用性能的优化.通过实验证明,提出的动态数据隐私保护机制具有较好的可行性和实用性.

       

      Abstract: Under the cloud computing environment, the privacy protection in the plaintext state can be realized, by the partition-confusion-based privacy protection mechanism which effectively combines tenants personalized privacy protection requirements and application performance. However, as the multi-tenant applications continue to run, on the one hand, the insertion, deletion, modification and other business operations of the tenant data can affect the distribution of the underlying data storage, making the relationships between the chunks in a significant risk of leakage due to the uneven data distribution; on the other hand, the attacker can still analyze a part of private information by the operation log of every chunk and the snapshot of the corresponding data in the local time. In response to these challenges, the present paper proposes a dynamic data privacy protection mechanism for partition confusion on the basis of the tripartite security interaction model. This mechanism can cache the data newly inserted and modified by a trusted third party and then group and upload it under the proper conditions; retaining key fragmentation in the deletion operation can ensure the privacy of the deleted and remained data; the falsifying data collection mechanism can achieve lower consumption of resources storage and optimize the application performance. The experimental result proves that the dynamic data privacy protection mechanism proposed in this paper has better feasibility and practicality.

       

    /

    返回文章
    返回