Privacy Requirement Description and Checking Method in Cloud Computing
-
Graphical Abstract
-
Abstract
Cloud computing has been a computing paradigm to provide services for users. However, it is difficult to control and protect personal privacy information because of its opening, virtualization, multi-tenancy and service outsourcing characters. Therefore, how to prevent user privacy information from being used and propagated in cloud computing illegally has become a research focus. In this work, we propose a semantic-oriented privacy requirement description method and checking mechanism. First of all, we describe the user privacy requirement and privacy policy of service provider based on description logic. Secondly, we address the privacy requirement checking framework. Namely, we build the knowledge base through privacy disclosure assertion of user map to TBox and privacy disclosure assertion of service provider map to ABox, and then reason the TBox and ABox by taking advantage of the Tableau algorithm. In the end, we check whether there are the conflicts between user privacy requirement and privacy policy of service provider through experiment and case analysis. Namely, we build the privacy requirement checking model with Protégé of Stanford University, and prove the consistency of conceptions in model and the satisfiability between the conceptions and the logic axioms with Pellet reasonor. Thereby, the correctness and feasibility of our method is certified.
-
-