高级检索
    张正昊, 李勇, 张振江. 可控、可追责的敏感数据共享方案[J]. 计算机研究与发展, 2022, 59(12): 2750-2759. DOI: 10.7544/issn1000-1239.20210587
    引用本文: 张正昊, 李勇, 张振江. 可控、可追责的敏感数据共享方案[J]. 计算机研究与发展, 2022, 59(12): 2750-2759. DOI: 10.7544/issn1000-1239.20210587
    Zhang Zhenghao, Li Yong, Zhang Zhenjiang. Controllable and Accountable Sensitive Data Sharing Scheme[J]. Journal of Computer Research and Development, 2022, 59(12): 2750-2759. DOI: 10.7544/issn1000-1239.20210587
    Citation: Zhang Zhenghao, Li Yong, Zhang Zhenjiang. Controllable and Accountable Sensitive Data Sharing Scheme[J]. Journal of Computer Research and Development, 2022, 59(12): 2750-2759. DOI: 10.7544/issn1000-1239.20210587

    可控、可追责的敏感数据共享方案

    Controllable and Accountable Sensitive Data Sharing Scheme

    • 摘要: 在大数据时代下,海量数据之间的共享是充分挖掘数据价值的前提.对涉及用户隐私的敏感数据,需要对其共享过程特别关注,而传统的数据共享方式存在数据流向不明确、难以追责等缺陷.针对这些问题,基于区块链提出了一种支持监管的敏感数据可控共享方案.通过使用动态累加器技术实现敏感数据的访问控制,数据拥有方可以灵活地授予或者撤销其他参与方对数据的访问权限,实现数据拥有方对数据的可控性.设置监管方对数据请求过程进行审核,监管方将为通过审核的数据请求方颁发监管凭证,只有拥有监管凭证且获得数据拥有方授权的数据请求方才能获得数据.为保护数据请求方的隐私,通过强指定验证者签名技术,使无关第三方无法获得数据请求方的身份信息.使用区块链技术记录数据的请求和响应情况,该记录只有监管方可以读取,从而实现了监管方对数据共享全流程的可监管性.安全性分析表明,方案满足数据请求方隐私性、数据拥有方可控性、可监管性,仿真实验验证了方案的可行性.

       

      Abstract: In the era of big data, the sharing of massive amounts of data is a prerequisite for fully mining the value of data. Some of these data are sensitive data involving user privacy, and special attention should be paid to the data sharing process. However, traditional data sharing methods have defects such as unclear data flow and difficulty in accountability. To solve these problems, a blockchain-based sensitive data controllable sharing solution that supports regulation is proposed. By using the dynamic accumulator technology to achieve access control of sensitive data, the data owner can flexibly grant or revoke the access rights of other participants to the data and realize the controllability of the data by the data owner. A regulator is set up to check the data request process. The regulator will issue a regulatory certificate to the data requester after the check is approved. Only the data requester who has the regulatory certificate and is authorized by the data owner can get the data. To protect the privacy of the data requester, unrelated third parties cannot obtain the identity information of the data requester by using strong designated verifier signature (SDVS). Blockchain technology is used to record data requests and responses. The record can only be read by the regulator, which realizes the regulation of the whole data sharing process. The security analysis proves that the scheme satisfies the privacy of the data requester, the controllability of the data owner, and accountability. The simulation experiment proves the feasibility of the scheme.

       

    /

    返回文章
    返回