摘要
针对租户对云数据库服务模式下数据隐私保护的需求,提出了一种基于分解与加密的云数据库隐私保护机制。租户根据自身的隐私保护需求定义隐私约束,由云服务提供商平台的可信数据隐私保护模块根据隐私约束完成最少加密属性分解,并对分解结果中一部分属性的数据值加密实现数据隐私保护,从而建立了基于分解与加密的云数据库隐私保护模型。对该隐私保护模型进行了扩展,实现了防止数据分布隐私泄漏、减小服务提供商平台负载和对可排序属性进行范围查询的目的。
To protect data privacy of cloud databases, a privacy-preserving mechanism based on fragmentation and encryption is proposed. By adopting the mechanism, tenants could customize their own privacy constraints. The cloud service provider (CSP) implements the least encrypted-attributes fragmentation according to tenant' s privacy constraints, and encrypts the data of a part of the frag- mented results. A privacy-preserving model including CSP, tenants, users and trusted third party (TTP) is established. To prevent privacy leakage through data distribution, reduce the CSP workload, and support range query on ordered attributes, the model is extended in three aspects.
出处
《信息工程大学学报》
2012年第3期376-384,共9页
Journal of Information Engineering University
关键词
属性分解
加密
隐私保护
云计算
attributes fragmentation
encryption
privacy preservation
cloud computing