CAJ | 학술논문

为云计算提供有效的租户数据安全保护,提出一个第三方租户数据安全保护模型,解决租户数据的存储和检索安全问题.模型采用隐藏数据间关系的方法,对租户数据进行切片,利用单向函数混淆切片关系;结合租户对数据的隐私需求和安全等级定义,给出租户数据的分级方法;依据安全等级对分割后的子表内容进行局部加密或匿名,实现云端数据存储安全;结合私有信息检索技术,利用云端加密数据的关键字检索算法,隐藏租户搜索请求,保护云端数据的检索安全.实验表明,该模型能满足租户数据在未知云环境中的存储和检索安全要求.
위운계산제공유효적조호수거안전보호,제출일개제삼방조호수거안전보호모형,해결조호수거적존저화검색안전문제.모형채용은장수거간관계적방법,대조호수거진행절편,이용단향함수혼효절편관계;결합조호대수거적은사수구화안전등급정의,급출조호수거적분급방법;의거안전등급대분할후적자표내용진행국부가밀혹닉명,실현운단수거존저안전;결합사유신식검색기술,이용운단가밀수거적관건자검색산법,은장조호수색청구,보호운단수거적검색안전.실험표명,해모형능만족조호수거재미지운배경중적존저화검색안전요구.
In order to provide effective security protection for tenants’ data in cloud computing applications,a third-party security tenant’s data protection model is proposed to solve the security problems of cloud tenants data storage and retrieval.Data relationship hiding method is conducted in this model,that is to say the tenants’ data is firstly sliced and then one-way function is employed to confuse the relationship between these different data slices.According to the demand for data privacy as well as the security grade definition,a data security grading scheme is further proposed,and the data storage security can be guaranteed by utilizing some encryption and anonymization on the data in sub-tables segmented by the security grading scheme.Combining with private information retrieval method,a keyword retrieval algorithm on the encrypted data is also proposed to protect the cloud data demand privacy security from tenants.The experimental results show the proposed model can well meet the security requirements of tenants’ data storage and retrieval in cloud.