计算机科学 ›› 2022, Vol. 49 ›› Issue (10): 291-296.doi: 10.11896/jsjkx.210900233
刘明达1, 拾以娟1, 饶翔1, 范磊2
LIU Ming-da1, SHI Yi-juan1, RAO Xiang1, FAN Lei2
摘要: 针对高敏数据上云后造成数据孤岛,从而导致数据无法互相搜索、互相发现,进而无法共享的问题,提出了一种分布式的隐私保护数据搜索方案,该方案实现了分布式场景下数据和搜索条件双向保密,并能够建立可信的搜索存证。首先对数据模型进行定义,明确了方案保护的目标和应用场景;其次提出了方案的设计框架和协议流程,重点对基于区块链的可信数据交互通道、可信密钥共享模块和密文搜索引擎3个部分的整体性流程进行描述;然后提出了一种基于可信执行环境的密文态下的全文搜索引擎Tantivy-SGX,重点对原理和实现方法进行详细分析;最后对整体流程和核心部分进行实现与验证。实验结果表明,该方案高效可行,能够有效增强分布式环境下的数据发现与搜索安全。
中图分类号:
[1]LIU Z Y,HE Z J,LIU J L,et al.Technology research and construction scheme of unified data lake[J].Telecommunications Science,2021,37(1):121-128. [2]GOYAL R,GOYAL V.Overcoming cryptographic impossibility results using blockchains[C]//Theory of Cryptography Confe-rence.Cham:Springer,2017:529-561. [3]YUAN Y,NI X C,ZENG S,et al.Blockchain Consensus Algorithms:The State of the Art and Future Trends[J].Acta Automatica Sinica,2018,44(11):93-104. [4]ZHU L H,GAO F,SHEN M,et al.Survey on Privacy Preserving Techniques for Blockchain[J].Journal of Computer Research and Development,2017,54(10):2170-2186. [5]SCHUSTER F,COSTRA M,FOURNET C,et al.VC3:Trustworthy data analytics in the cloud using SGX[C]//2015 IEEE Symposium on Security and Privacy.IEEE,2015:38-54. [6]YUAN R,XIA Y B,CHEN H B,et al.ShadowEth:PrivateSmart Contract on Public Blockchain[J].Journal of Computer Science and Technology,2018,33(3):542-556. [7]CHENG R,ZHANG F,KOS J,et al.Ekiden:A Platform for Confidentiality-Preserving,Trustworthy,and Performant Smart Contract Execution[C]//Proceedings of the IEEE European Symposium on Security and Privacy.Stockholm,Sweden,2019:185-200. [8]POPA R A,REDFIELD C M S,ZELDOVICH N,et al.CryptDB:Protecting Confidentiality with Encrypted Query Processing[C]//Proceedings of the 23rd ACM Symposium on Operating Systems Principles 2011(SOSP 2011).Cascais,Portugal,ACM,2011:23-26. [9]PRIEBE C,VASWANI K,COSTA M.Enclavedb:A secure database using SGX[C]//2018 IEEE Symposium on Security and Privacy(SP).IEEE,2018:264-278. [10]VINAYAGAMURTHY D,GRIBOV A,GORBUNOV S.Steal-thdb:a scalable encrypted database with full SQL query support[J].Proceedings on Privacy Enhancing Technologies,2019,2019(3):370-388. [11]REN K,GUO Y,LI J,et al.Hybridx:New hybrid index for vo-lume-hiding range queries in data outsourcing services[C]//2020 IEEE 40th International Conference on Distributed Computing Systems(ICDCS).IEEE,2020:23-33. [12]ANTONOPOULOS P,ARASU A,SINGH K D,et al.Azure SQL Database Always Encrypted[C]//Proceedings of the 2020 ACM SIGMOD International Conference on Management of Data.2020:1511-1525. [13]SUN Y,WANG S,LI H,et al.Building enclave-native storage engines for practical encrypted databases[J].Proceedings of the VLDB Endowment,2021,14(6):1019-1032. [14]PASS R,SHI E,TRAMER F.Formal abstractions for attested execution secure processors[C]//Annual International Conference on the Theory and Applications of Cryptographic Techniques.Cham:Springer,2017:260-289. [15]tantivy-search/tantivy [EB/OL].(2017-03-30) [2021-09-27].https://github.com/tantivy-search/tantivy. [16]MesaTEE[EB/OL].(2019-08-08) [2021-09-27].https://anquan.baidu.com/article/854. |
[1] | 王子凯, 朱健, 张伯钧, 胡凯. 区块链与智能合约并行方法研究与实现 Research and Implementation of Parallel Method in Blockchain and Smart Contract 计算机科学, 2022, 49(9): 312-317. https://doi.org/10.11896/jsjkx.210800102 |
[2] | 傅丽玉, 陆歌皓, 吴义明, 罗娅玲. 区块链技术的研究及其发展综述 Overview of Research and Development of Blockchain Technology 计算机科学, 2022, 49(6A): 447-461. https://doi.org/10.11896/jsjkx.210600214 |
[3] | 高健博, 张家硕, 李青山, 陈钟. RegLang:一种面向监管的智能合约编程语言 RegLang:A Smart Contract Programming Language for Regulation 计算机科学, 2022, 49(6A): 462-468. https://doi.org/10.11896/jsjkx.210700016 |
[4] | 毛典辉, 黄晖煜, 赵爽. 符合监管合规性的自动合成新闻检测方法研究 Study on Automatic Synthetic News Detection Method Complying with Regulatory Compliance 计算机科学, 2022, 49(6A): 523-530. https://doi.org/10.11896/jsjkx.210300083 |
[5] | 李博, 向海昀, 张宇翔, 廖浩德. 面向食品溯源场景的PBFT优化算法应用研究 Application Research of PBFT Optimization Algorithm for Food Traceability Scenarios 计算机科学, 2022, 49(6A): 723-728. https://doi.org/10.11896/jsjkx.210800018 |
[6] | 周航, 姜河, 赵琰, 解相朋. 适用于各单元共识交易的电力区块链系统优化调度研究 Study on Optimal Scheduling of Power Blockchain System for Consensus Transaction ofEach Unit 计算机科学, 2022, 49(6A): 771-776. https://doi.org/10.11896/jsjkx.210600241 |
[7] | 王思明, 谭北海, 余荣. 面向6G可信可靠智能的区块链分片与激励机制 Blockchain Sharding and Incentive Mechanism for 6G Dependable Intelligence 计算机科学, 2022, 49(6): 32-38. https://doi.org/10.11896/jsjkx.220400004 |
[8] | 孙浩, 毛瀚宇, 张岩峰, 于戈, 徐石成, 何光宇. 区块链跨链技术发展及应用 Development and Application of Blockchain Cross-chain Technology 计算机科学, 2022, 49(5): 287-295. https://doi.org/10.11896/jsjkx.210800132 |
[9] | 阳真, 黄松, 郑长友. 基于区块链与改进CP-ABE的众测知识产权保护技术研究 Study on Crowdsourced Testing Intellectual Property Protection Technology Based on Blockchain and Improved CP-ABE 计算机科学, 2022, 49(5): 325-332. https://doi.org/10.11896/jsjkx.210900075 |
[10] | 任畅, 赵洪, 蒋华. 一种量子安全拜占庭容错共识机制 Quantum Secured-Byzantine Fault Tolerance Blockchain Consensus Mechanism 计算机科学, 2022, 49(5): 333-340. https://doi.org/10.11896/jsjkx.210400154 |
[11] | 冯了了, 丁滟, 刘坤林, 马科林, 常俊胜. 区块链BFT共识算法研究进展 Research Advance on BFT Consensus Algorithms 计算机科学, 2022, 49(4): 329-339. https://doi.org/10.11896/jsjkx.210700011 |
[12] | 王鑫, 周泽宝, 余芸, 陈禹旭, 任昊文, 蒋一波, 孙凌云. 一种面向电能量数据的联邦学习可靠性激励机制 Reliable Incentive Mechanism for Federated Learning of Electric Metering Data 计算机科学, 2022, 49(3): 31-38. https://doi.org/10.11896/jsjkx.210700195 |
[13] | 张潆藜, 马佳利, 刘子昂, 刘新, 周睿. 以太坊Solidity智能合约漏洞检测方法综述 Overview of Vulnerability Detection Methods for Ethereum Solidity Smart Contracts 计算机科学, 2022, 49(3): 52-61. https://doi.org/10.11896/jsjkx.210700004 |
[14] | 杨昕宇, 彭长根, 杨辉, 丁红发. 基于演化博弈的理性拜占庭容错共识算法 Rational PBFT Consensus Algorithm with Evolutionary Game 计算机科学, 2022, 49(3): 360-370. https://doi.org/10.11896/jsjkx.210900110 |
[15] | 陈静, 李志淮, 高冬雪, 李敏. 利用状态归约的分片负载均衡方法 Shard Load Balancing Method Using State Reduction 计算机科学, 2022, 49(11): 302-308. https://doi.org/10.11896/jsjkx.210800109 |
|