计算机科学 ›› 2019, Vol. 46 ›› Issue (3): 164-169.doi: 10.11896/j.issn.1002-137X.2019.03.025
孙连山,欧阳晓通,徐艳艳,王艺星
SUN Lian-shan, OUYANG Xiao-tong, XU Yan-yan, WANG Yi-xing
摘要: 起源过滤是改造起源图,隐藏起源图中所蕴含的敏感信息的新兴技术。然而,现有的起源过滤研究大多关注节点过滤问题,很少关注边过滤问题,尚未关注并解决间接依赖过滤问题。首先,结合实例阐明过滤间接依赖的动机以及保持溯源效用的挑战,并形式地定义起源间接依赖过滤的目标和约束。其次,扩展针对边的“删除+修复”过滤机制,提出一种面向间接依赖的过滤方法。该方法采用最小代价决策法和贪婪算法设计删除策略,断开与间接依赖对应的所有连通路径,通过在被破坏的非敏感间接依赖端点之间引入非确定依赖关系来修复过滤视图的效用。最后,采用在线开放起源数据集开展模拟实验。实验结果表明,所提方法能在过滤敏感间接依赖的同时保持过滤视图的效用。
中图分类号:
[1]MING H,ZHANG Y,FU X H.Survey of Data Provenance [J].Journal of Chinese Computer Systems,2012,33(9):1917-1923.(in Chinese) 明华,张勇,符小辉.数据溯源技术综述[J].小型微型计算机系统,2012,33(9):1917-1923. [2]GURJAR K.Comparative Study of Evaluating Trustworthiness of Data Based on Data Provenance[J].Journal of Information Processing Systems,2016,12(2):234-248. [3]TAN A Y S,KO R K L,HOLMES G,et al.Provenance for cloud data accountability[M].The Cloud Security Ecosystem.2015:171 -185. [4]KOOP D.Versioning Version Trees:The Provenance of Actions that Affect Multiple Versions[C]∥International Provenance and Annotation Workshop(IPAW).Berlin:Springer International Publishing,2016:109-121. [5]SUN L S,QI Z B,HOU T.A UML model-based analysis approach for provenance-aware access control policies[J].Compu-ter Engineering & Science,2015,37(6):1114-1126.(in Chinese) 孙连山,祁志斌,侯涛.一种基于UML模型的起源感知访问控制策略分析方法[J].计算机工程与科学,2015,37(6):1114-1126. [6]BRAUN U,SHINNAR A,SELTZER M.Securing provenance [C]∥Proc of the 3rd USENIX Workshop on Hot Topics in Security.California:USENIX Association,2008:21-25. [7]DAVIDSON S B,ROY S.Provenance:Privacy and Security [M].Encyclopedia of Database Systems.Berlin:Springer,2017. [8]TORRA V,NAVARRO-ARRIBAS G,SANCHEZ-CHARLES D,et al.Provenance and Privacy[C]∥Modeling Decisions for Artificial Intelligence.Cham:Springer,2017:3-11. [9]CADENHEAD T,KHADILKAR V,KANTARCIOGLU M,et al.Transforming provenance using redaction[C]∥ACM Symposium on Access Control MODELS and Technologies.Innsbruck:ACM,2011:93-102. [10]SHI L B,SUN L S,WANG Y X.Survey of data provenance security [J].Application Research of Computers,2017,34(1):1-7.(in Chinese) 石丽波,孙连山,王艺星.数据起源安全研究综述[J].计算机应用研究,2017,34(1):1-7. [11]HASAN R,SION R,WINSLETT M.Introducing secure provenance:problems and challenges[C]∥ACM Workshop on Sto-rage Security and Survivability.Alexandria:ACM,2007:13-18. [12]DEY S C,ZINN D.PROPUB:towards a declarative approach for publishing customized,policy-aware provenance[C]∥International Conference on Scientific and Statistical Database Management.Portland:Springer,2011:225-243. [13]MISSIER P,BRYANS J,GAMBLE C,et al.ProvAbs:Model,policy,and tooling for abstracting PROV graphs[C]∥Proc of the 5th International Provenance and Annotation Workshop(IPAW) on Provenance and Annotation of Data and Processes.Cologne:Springer,2014:3-15. [14]HUSSEIN J,MOREAU L,SASSONE V.Obscuring Provenance Confidential Information via Graph Transformation[C]∥IFIP International Federation for Information Processing,IFIPTM 2015,IFIP AICT 454.2015:109-125. [15]NAGY N,MOKHTAR H M O,EL-SHARKAWI M E.A Comprehensive Sanitization Approach for Workflow Provenance Graphs[C]∥International Workshop on Privacy and Anonymity in the Information Society.Bordeaus:CEUR,2016:9-16. [16]WANG Y X,SUN L S,SHI L B.A Provenance Sanitization Mechanism for Highly Utility[J].Computer Engineering,2018,44(3):144-150.(in Chinese) 王艺星,孙连山,石丽波.一种高效用数据起源过滤机制[J].计算机工程,2018,44(3):144-150. [17]MISSIER P,BELHAJJAME K,CHENEY J.The W3C PROV family of specifications for modelling provenance metadata[C]∥Proc of the 16th International Conference on Extending Database Technology.Genoa:ACM,2013:773-776. [18]KWASNIKOWSKA N,MOREAU L,BUSSCHE J V D.A Formal Account of the Open Provenance Model[J].ACM Transactions on the Web,2015,9(2):1-44. [19]BLAUSTEIN B,CHAPMAN A,SELIGMAN L,et al.Surro- gate parenthood:protected and informative graphs[J].Procee-dings of the Vldb Endowment,2011,4(8):518-525. [20]CHEAH Y W,PLALE B,KENDALL-MORWICK J,et al.A Noisy 10GB Provenance Database[M].Business Process Ma-nagement Workshops.Berlin:Springer,2012:370-381. |
[1] | 刘凯祥, 谢永芳, 陈新, 吕飞, 刘俊矫. 基于DTMC的工业串行协议状态检测算法 Industrial Serial Protocol State Detection Algorithm Based on DTMC 计算机科学, 2022, 49(3): 301-307. https://doi.org/10.11896/jsjkx.210200078 |
[2] | 辜双佳, 刘万平, 黄东. 基于AES和QR的快递信息加密应用 Application of Express Information Encryption Based on AES and QR 计算机科学, 2021, 48(11A): 588-591. https://doi.org/10.11896/jsjkx.210100024 |
[3] | 李斌, 周清雷, 斯雪明, 陈晓杰. 基于FPGA集群的Office口令恢复优化实现 Optimized Implementation of Office Password Recovery Based on FPGA Cluster 计算机科学, 2020, 47(11): 32-41. https://doi.org/10.11896/jsjkx.200500040 |
[4] | 王辉, 周明明. 基于区块链的医疗信息安全存储模型 Medical Information Security Storage Model Based on Blockchain Technology 计算机科学, 2019, 46(12): 174-179. https://doi.org/10.11896/jsjkx.181102034 |
[5] | 詹雄, 郭昊, 何小芸, 刘周斌, 孙学洁, 陈红松. 国家电网边缘计算信息系统安全风险评估方法研究 Research on Security Risk Assessment Method of State Grid Edge Computing Information System 计算机科学, 2019, 46(11A): 428-432. |
[6] | 周艺华, 张冰, 杨宇光, 侍伟敏. 基于聚类的社交网络隐私保护方法 Cluster-based Social Network Privacy Protection Method 计算机科学, 2019, 46(10): 154-160. https://doi.org/10.11896/jsjkx.180901749 |
[7] | 丁庆洋,王秀利,朱建明,宋彪. 基于区块链的信息物理融合系统的信息安全保护框架 Information Security Framework Based on Blockchain for Cyber-physics System 计算机科学, 2018, 45(2): 32-39. https://doi.org/10.11896/j.issn.1002-137X.2018.02.006 |
[8] | 冷强, 杨英杰, 胡浩. 面向风险评估的专家权重自适应调整方法 Self-adaption Adjustment Method for Experts in Risk Assessment 计算机科学, 2018, 45(12): 98-103. https://doi.org/10.11896/j.issn.1002-137X.2018.12.015 |
[9] | 杜行舟, 张凯, 江坤, 马昊伯. 基于区块链的数字化指挥控制系统信息传输与追溯模式研究 Research on Blockchain-based Information Transmission and Tracing Pattern in Digitized Command-and-Control System 计算机科学, 2018, 45(11A): 576-579. |
[10] | 董贵山, 陈宇翔, 张兆雷, 白健, 郝尧. 基于区块链的身份管理认证研究 Research on Identity Management Authentication Based on Blockchain 计算机科学, 2018, 45(11): 52-59. https://doi.org/10.11896/j.issn.1002-137X.2018.11.006 |
[11] | 丁立彤,范九伦,刘意先. 基于灰色聚类的系统群安全评估方法 Method of Safety Evaluation for System Group Based on Grey Clustering 计算机科学, 2017, 44(Z11): 372-376. https://doi.org/10.11896/j.issn.1002-137X.2017.11A.078 |
[12] | 张亮亮,张翌维,梁洁,孙瑞一,王新安. 新量子技术时代下的信息安全 Information Security in New Quantum Technology Age 计算机科学, 2017, 44(7): 1-7. https://doi.org/10.11896/j.issn.1002-137X.2017.07.001 |
[13] | 齐法制,孙智慧. 基于特征阈值的恶意代码快速分析方法 Rapid Analysis Method of Malicious Code Based on Feature Threshold 计算机科学, 2016, 43(Z11): 342-345. https://doi.org/10.11896/j.issn.1002-137X.2016.11A.079 |
[14] | 张莉,栗青生,刘泉. 一种云端信息安全字形的生成模型 Chinese Character Generation Model for Cloud Information Security 计算机科学, 2016, 43(Z11): 417-421. https://doi.org/10.11896/j.issn.1002-137X.2016.11A.095 |
[15] | 束柬,梁昌勇. 基于DS理论的多源证据融合云安全信任模型 Dynamic Trust Model Based on DS Evidence Theory under Cloud Computing Environment 计算机科学, 2016, 43(8): 105-109. https://doi.org/10.11896/j.issn.1002-137X.2016.08.022 |
|