计算机科学 ›› 2015, Vol. 42 ›› Issue (8): 185-189.

• 信息安全 • 上一篇    下一篇

基于用户行为记录的云服务隐私保护体系和算法

季正波,白光伟,沈 航,曹 磊,朱 荣   

  1. 南京工业大学电子与信息工程学院 南京210009,南京工业大学电子与信息工程学院 南京210009;南京理工大学高维信息智能感知与系统教育部重点实验室 南京210094,南京理工大学高维信息智能感知与系统教育部重点实验室 南京210094,南京工业大学电子与信息工程学院 南京210009,南京工业大学电子与信息工程学院 南京210009
  • 出版日期:2018-11-14 发布日期:2018-11-14
  • 基金资助:
    本文受国家自然科学基金项目(60673185,7),江苏省自然科学基金项目(BK2010548),江苏省科技支撑计划(工业)项目(BE2011186),江苏省普通高校研究生科研创新计划项目(CXLX11_0262,CXZZ12_0425),江苏省六大高峰人才基金资助

Privacy-preserving Framework for Cloud Services Based on User Behavior

JI Zheng-bo, BAI Guang-wei, SHEN Hang, CAO Lei and ZHU Rong   

  • Online:2018-11-14 Published:2018-11-14

摘要: 针对移动云服务中用户的行为记录影响隐私安全的问题,提出一种基于第三方接入控制的环身份框架。在用户身份注册部分,身份接入控制端为用户提供环身份证书,来确保云服务不能跟踪用户的虚拟身份;在用户数据检测部分,数据接入控制端对数据进行调度和行为记录整合,来防止关键数据存储位置泄露,并且为用户群生成环数字签名,使用户的隐私身份对云服务工作人员保密。 对所提出的机制进行了安全性验证与评价,理论分析结果表明,提出的方案能够很好地解决用户行为记录对关键数据位置以及用户身份隐私的泄露问题。

关键词: 移动云计算,隐私,身份认证,环签名,接入控制,用户行为

Abstract: In response to the issue that user behaviors threaten security and privacy in mobile cloud computing,a ring-identity mechanism based on the third party was proposed in this paper.The access control of user’s identity ensures that it can not be able to track user’s virtual identity by providing user with ring identity certificate.The focus of data auditing is on how to schedule data records and generate ring signature so as to avoid leaking position of critical data and to protect user’s privacy.Theoretical analysis shows that our framework achieves good security and privacy perfor-mance considering the threat of user’s behavior records.

Key words: Mobile cloud computing,Privacy,Identity authentication,Ring signatures,Access control,User behavior

[1] 林闯,苏文博,孟坤,等.云计算安全:架构,机制与模型评价[J].计算机学报,2013,36(9):1765-1784 Ling Chuang,Su Wen-bo,Meng Kun,et al.Cloud Computing Security:Architecture,Mechanism and Modeling [J].Journal of Computers,2013,36(9):1765-1784
[2] 李瑞轩,董新华,辜希武,等.移动云服务的数据安全与隐私保护综述[J].通信学报,2013,34(12):158-166 Li Rui-xuan,Dong Xin-hua,Gu Xi-wu,et al.Overview of the data security and privacy-preserving of mobile cloud services [J].Journal of communications,2013,34(12):158-166
[3] Dou W,Zhang X,Liu J,et al.HireSome-II:Towards privacy-aware cross-cloud service composition for big data applications[J].IEEE Transactions on Parallel and Distributed Systems,2013,26(2):455-466
[4] Wang B,Li B,Li H.Oruta:Privacy-preserving public auditing for shared data in the cloud[C]∥Proc.of IEEE 5th InternationalConference on Cloud Computing(CLOUD).2012:295-302
[5] Zissis D,Lekkas D.Addressing cloud computing security issues [J].Future Generation Computer Systems,2012,28(3):583-592
[6] Camenisch J,Lysyanskaya A.A signature scheme with efficient protocols [M]∥Security in communication networks.Springer Berlin Heidelberg,2003:268-289
[7] Wang C,Chow S S M,Wang Q,et al.Privacy-preserving public auditing for secure cloud storage [J].IEEE Transactions on Computers,2013,62(2):362-375
[8] Wang C,Cao N,Ren K,et al.Enabling secure and efficientranked keyword search over outsourced cloud data [J].IEEE Transactions on Parallel and Distributed Systems,2012,23(8):1467-1479
[9] Sundareswaran S,Squicciarini A,Lin D.Ensuring distributed accountability for data sharing in the cloud [J].IEEE Transactions on Dependable and Secure Computing,2012,9(4):556-568
[10] Liu X,Zhang Y,Wang B,et al.Mona:secure multi-owner data sharing for dynamic groups in the cloud[J].IEEE Transactions on Parallel and Distributed Systems,2013,24(6):1182-1191
[11] Bohli J,Gruschka N,JensenM,et al.Security and Privacy Enhancing Multi-Cloud Architectures[J].IEEE Transactions on Dependable and Secure Computing,2013,0(4):212-224
[12] Zhu Y,Xu R,Takagi T.Secure k-NN computation on encrypted cloud data without sharing key with query users [C]∥Procee-dings of 2013 International Workshop on Security in Cloud Computing.ACM,2013:55-60
[13] Ren K,Wang C,Wang Q.Toward secure and effective data utilization in public cloud [J].IEEE Networks,2012,26(6):69-74
[14] Wang C,Wang Q,Ren K,et al.Toward secure and dependable storage services in cloud computing [J].IEEE Transactions on Services Computing,2012,5(2):220-232
[15] Wang H,Wu S,Chen M,et al.Security protection between users and the mobile media cloud [J].IEEE Communications Magazine,2014,52(3):73-79
[16] Liu C,Zhang X,Yang C,et al.CCBKE—Session key negotiation for fast and secure scheduling of scientific applications in cloud computing[J].Future Generation Computer Systems,2013,29(5):1300-1308

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!