面向“互联网+”的公有云数据安全

王永建; 宋爱波; 叶亚伟; 姜海波

doi:10.11959/j.issn.1000-0801.2017241

您当前的位置：

首页 >

文章列表页 >

面向“互联网+”的公有云数据安全

研究与开发 | 更新时间：2024-06-05

- 面向“互联网+”的公有云数据安全
- Data security for internet plus in public cloud
- 电信科学 2017年33卷第10期页码：71-80
- 作者机构：
  
  1. 东南大学计算机科学与工程学院，江苏南京 211189
  2. 中国通信建设集团设计院有限公司，北京 100079
  3. 国网河南省电力公司检修公司，河南郑州 450052
- 作者简介：
  
  [ "王永建（1981-），男，东南大学计算机科学与工程学院博士生，主要研究方向为云安全、大数据处理。" ]
  [ "宋爱波（1970-），男，博士，东南大学计算机科学与工程学院教授、博士生导师，主要研究方向为云计算、大数据处理。" ]
  [ "叶亚伟（1981-），男，中国通信建设集团设计院有限公司工程师，主要研究方向为云计算。" ]
  [ "姜海波（1981-），男，国网河南省电力公司检修公司高级工程师，主要研究方向为电网系统数据安全。" ]
- 基金信息：
  
  国家自然科学基金资助项目;The National Natural Science Foundation of China(61173138)
- DOI：10.11959/j.issn.1000-0801.2017241
  中图分类号： TN919.8
- 网络出版日期：2017-10，
  
  纸质出版日期：2017-10-20
- 稿件说明：
移动端阅览
王永建, 宋爱波, 叶亚伟, 等. 面向“互联网+”的公有云数据安全[J]. 电信科学, 2017,33(10):71-80.

Yongjian WANG, Aibo SONG, Yawei YE, et al. Data security for internet plus in public cloud[J]. Telecommunications science, 2017, 33(10): 71-80.
王永建, 宋爱波, 叶亚伟, 等. 面向“互联网+”的公有云数据安全[J]. 电信科学, 2017,33(10):71-80. DOI： 10.11959/j.issn.1000-0801.2017241.

Yongjian WANG, Aibo SONG, Yawei YE, et al. Data security for internet plus in public cloud[J]. Telecommunications science, 2017, 33(10): 71-80. DOI： 10.11959/j.issn.1000-0801.2017241.

摘要

“互联网+”催生了许多新的经济形态与商业模式，公有云面临着严峻的安全挑战。研究了公有云数据安全问题，并提出了研究思路。首先，分析了同态加密的概念、加法同态加密与乘法同态加密的特点以及当前的研究成果和需要解决的难题。然后，根据乘法同态加密算法、散列表和相似性理论，提出了一种数据安全保护方案，并阐述了具体实现流程，采用欧氏距离检验公有云中加密数据的相似性与完整性。最后，理论分析了该方案的正确性与安全性。仿真实验验证了该方案的可行性与有效性。

Abstract

“Internet plus” has given birth to many new economic forms and business models

the public cloud faces a serious security challenges.The security of public cloud data was studied and the research ideas were put forward.Firstly

the concept of homomorphic encryption

the characteristics of additive homomorphic encryption and multiplicative homomorphic encryption

and the current research results and difficult problems to be solved were analyzed.Then

based on the multiplicative homomorphic encryption algorithm

hash table and similarity theory

a data security protection scheme was proposed

and the concrete realization process was described.The similarity and completeness of the encrypted data in the public cloud were tested by Euclidean distance.Finally

the correctness and security of the scheme were analyzed by theory.The simulation results verify the feasibility and validity of the scheme.

关键词

Keywords

references

MCMILLAN R . Cloud computing a ‘security nightmare’,says Cisco CEO [EB/OL ] .(2014-07-02)[2016-10-09 ] . http://www.networkworld.comnews/2009/042309-cloud-computing-a-securitynightmare.html http://www.networkworld.comnews/2009/042309-cloud-computing-a-securitynightmare.html .

HARAUZ J , KAUFMAN L M , POTTER B . Data security in the world of cloud computing [J ] . IEEE Security ＆ Privacy , 2009 , 7 ( 4 ): 61 - 64 .

GUO F D , ZHANG M , ZHANG Y , et al . Study on cloud computing security [J ] . Journal of Software , 2011 , 22 ( 1 ): 71 - 83 .

王笑帝 , 张云勇 , 刘镝 , 等 . 云计算虚拟化安全技术研究 [J ] . 电信科学 , 2015 , 31 ( 6 ): 8 - 12 ,24.

WANG X D , ZHANG Y Y , LIU D , et al . Research on security of virtualization on cloud computing [J ] . Telecommunications Science , 2015 , 31 ( 6 ): 8 - 12 ,24.

张逢喆 . 公共云计算环境下用户数据的隐私性与安全性保护 [D ] . 上海:复旦大学 , 2010 .

ZHANG F Z . Privacy and security protection of user data in public cloud computing environment [D ] . Shanghai:Fudan University , 2010 .

CHOI S G , HWANGY K W , KATZ J , et al . Secure multi-party computation of boolean circuits with applications to privacy in online marketplaces [M ] . Berlin : Springer Berlin HeidelbergPress , 2012 .

AGRAWAL R , SRIKANT R . Privacy-preserving data mining [J ] . Application Research of Computers , 2000 , 29 ( 2 ): 439 - 450 .

LOFTUS J , SMART N P . Secure outsourced computation [M ] . Berlin : Springer Berlin HeidelbergPress , 2010 .

TOFT T , . Secure data structures based on multi-party computation [C ] // The 30th Annual ACM SIGACT-SIGOPS Symposium on Principles of Distributed Computing,June 6-8,2011,San Jose,California,USA . New York:ACM Press , 2011 : 291 - 292 .

刘明辉 , 张尼 , 张云勇 , 等 . 云环境下的敏感数据保护技术研究 [J ] . 电信科学 , 2014 , 30 ( 11 ): 2 - 8 .

LIU M H , ZHANG N , ZHANG Y Y , et al . Research on sensitive data protection technology on cloud computing [J ] . Telecommunications Science , 2014 , 30 ( 11 ): 2 - 8 .

李浪 , 余孝忠 , 杨娅琼 , 等 . 同态加密研究进展综述 [J ] . 计算机应用研究 , 2015 ( 11 ): 3209 - 3214 .

LI L , YU X Z , YANG Y Q , et al . Survey on homomorphic encryption technology [J ] . Application Research of Computers , 2015 ( 11 ): 3209 - 3214 .

李顺东 , 窦家维 , 王道顺 . 同态加密算法及其在云安全中的应用 [J ] . 计算机研究与发展 , 2015 , 52 ( 6 ): 1378 - 1388 .

LI S D , DOU J W , WANG D S . Survey on homomorphic encryption and its applications to cloud security [J ] . Journal of Computer Research and Development , 2015 , 52 ( 6 ): 1378 - 1388 .

RIVEST R , ADLEMAN L , DERTOUZOS M . On data banks and privacy homomorphisms [J ] . Foundations of Secure Computation , 1978 , 4 ( 11 ): 169 - 180 .

任福乐 , 朱志祥 , 王雄 . 基于全同态加密的云计算数据安全方案 [J ] . 西安邮电大学学报 , 2013 , 18 ( 3 ): 92 - 95 .

REN F L , ZHU Z X , WANG X . A cloud computing security solution based on fully homomorphic encryption [J ] . Journal of Xi’an University of Post and Telecom , 2013 , 18 ( 3 ): 92 - 95 .

王辉 . 同态加密的分析与优化 [D ] . 杭州:杭州电子科技大学 , 2012 .

WANG H . Homomorphic encryption:analysis and optimization [D ] . Hangzhou:Hangzhou Dianzi University , 2012 .

ELGAMAL T . A public-key cryptosystem and a signature scheme based on discrete logarithms [J ] . IEEE Transactions on Information Theory , 1985 , 31 ( 4 ): 469 - 472 .

PAILLIER P , . Public-key cryptosystems based on composite degree residuosity classes [C ] // The 17th international conference on Theory and application of cryptographic techniques,May 2-6,1999,Prague,Czech Republic . New York:ACM Press , 1999 : 223 - 238 .

BENALOH J . Verifiable scret-ballot elections [D ] . New Haven:Yale University , 1988 .

OKAMOTO T , UCHIYAMA S . A new public-key cryptosystem as secure as factoring [C ] // International Conference on the Theory ＆ Applications of Cryptographic Techniques,May 31-June 4,1998,Espoo,Finland . Berlin:Springer , 1998 : 308 - 318 .

NACCACHE D , STERN J . A new public key cryptosystem based on higher residues [C ] // The 5th ACM Conference on Computer and Communications Security,November 2-5,1998,San Francisco,California,USA . New York:ACM Press , 1998 : 59 - 66 .

DAN B , GOH E J , NISSIM K . Evaluating 2-DNF formulas on cipher texts [C ] // The 2nd International Conference on Theory of Cryptography,February 10-12,2005,Cambridge,England . Berlin:Springer , 2005 : 325 - 341 .

FELLOWS M , KOBLITZ N . Combinatorial cryptosystems galore [J ] . Contemporary Mathematics , 1994 ( 1 ): 51 - 61 .

GENTRY C , . Fully homomorphic eneryption using ideal lattices [C ] // The 41st Annual ACM Symposium on Theory of Computing,May 31-June 2,2009,Bethesda,MD,USA . New York:ACM Press , 2009 : 169 - 178 .

GENTRY C . A fully homomorphic encryption scheme [D ] . Stanford:Stanford University , 2009 .

DIJK M V , GENTRY C , HALEVI S , et al . Fully homomorphic encryption over the integers [C ] // The 29th Annual international conference on Theory and Applications of Cryptographic Techniques,May 30-June 3,2010,French Riviera,France . New York:ACM Press , 2010 : 24 - 43 .

STEHLE D , STEINFELD R . Faster fully homomorphic encryption [C ] // The l6th Int Conf on the Theory and Application of Cryptology and Information Security,December 5-9,2010,Singapore . Berlin:Springer , 2010 : 377 - 394 .

CORON J S , MANDAL A , NACCACHE D , et al . Fully homomorphic encryption over the integers with shorter public keys [C ] // Conference on Advances in Cryptology,August 14-18,2011,Santa Barbara,CA,USA . New York:ACM Press , 2011 : 487 - 504 .

BRAKERSKI Z , GENTRY C . Fully homomorphic encryption without boot-strapping [J ] . ACM Transactions on Computation Theory , 2015 , 6 ( 3 ): 1 - 36 .

BRAKERSKI Z . Fully homomorphic encryption without modulus switching from classical GapSVP [M ] . Berlin : Springer Berlin HeidelbergPress , 2012 .

GENTRY C , SAHAI A , WATERS B . Homomorphic encryption from learning with errors conceptually-simper,asymptotically-faster,attribute-based [M ] . Berlin : Springer Berlin HeidelbergPress , 2013 .

BRAKERSKI Z , VAIKUNTANATHAN V . Efficient fully homomorphic encryption from (standard) LWE [J ] . SIAM Journal on Computing , 2014 , 43 ( 2 ): 831 - 871 .

WANG T , YU J P , YANG Y J . Linear homomorphic encryption scheme for privacy protection of cloud storage [J ] . Journal of Signal Processing , 2013 , 29 ( 11 ): 1463 - 1469 .

汤殿华 , 祝世雄 , 王林 , 等 . 基于RLWE的全同态加密方案 [J ] . 通信学报 , 2014 , 35 ( 1 ): 173 - 182 .

TANG D H , ZHU S X , WANG L , et al . Fully homomorphic encryption scheme from RLWE [J ] . Journal on Communications , 2014 , 35 ( 1 ): 173 - 182 .

LIANG M . Quantum fully homomorphic encryption scheme based on universal quantum circuit [J ] . Quantum Information Processing , 2014 , 14 ( 8 ): 1 - 11 .

DULEK Y , SCHAFFNER C , SPEELMAN F . Quantum homomorphic encryption for polynomial-sized circuits [M ] . Berlin : Springer Berlin HeidelbergPress , 2016 .

陈智罡 , 宋新霞 , 赵秀凤 . 一个LWE上的短公钥多位全同态加密方案 [J ] . 计算机研究与发展 , 2016 , 53 ( 10 ): 2216 - 2223 .

CHEN Z G , SONG X X , ZHAO X F . A multi-bit fully homomorphic encryption with better key size from LWE [J ] . Journal of Computer Research and Development , 2016 , 53 ( 10 ): 2216 - 2223 .

刘立坤 . 基于噪音添加和欧几里德距离的隐私保护数据挖掘方法 [D ] . 长春:吉林大学 , 2011 .

LIU L K . Privacy-preserving data mining method based on noise additive and Euclidean distance [D ] . Changchun:Jilin University , 2011 .

YANG D X , LIU L M , YANG B . Secure Euclidean distance computation in the presence of malicious adversaries [J ] . Computer Engineering and Applications , 2015 , 51 ( 24 ): 109 - 113 .

KIKUCHI H , NAGAI K , OGATA W , et al . Privacy-preserving similarity evaluation and application to remote biometrics authentication [J ] . Soft Computing , 2014 ( 5 ): 529 - 536 .

BARNI M , BIANCHI T , CATALANO D , et al . Privacy-preserving fingercode authentication [C ] // The 12th ACM workshop on Multimedia and security,September 9-10,2010,Roma,Italy . New York:ACM Press , 231 - 240 .

YANG B , LI S D , ZHOU S F . Privacy-preserving online transaction scheme based on El Gamal signature [J ] . Application Research of Computers , 2014 , 31 ( 12 ): 3707 - 3710 .

ZHANG C . Realization of information hiding using picture as carrier [J ] . Journal of Mudanjiang Normal University (Sci.＆Tech.) , 2008 ( 1 ): 20 - 21 .

HOWGRAVE-GRAHAM N . Approximate integer common divisors [M ] . Berlin : Springer Berlin HeidelbergPress , 2001 : 51 - 66 .

DIJK M V , GENTRY C , HALEVI S , et al . Fully homomorphic encryption over the integers [C ] // International Conference on Theory＆ Applications of Cryptographic Techniques,May 30-June 3,2010,French Riviera,France . New York:ACM Press , 2010 : 24 - 43 .

何文才 , 杜敏 , 刘培鹤 , 等 . 基于 Paillier 同态的无线自组网组密钥管理方案 [J ] . 计算机科学 , 2013 , 40 ( 10 ): 114 - 118 .

HE W C , DU M , LIU P H , et al . Wireless Ad-hoc network group key management scheme based on Paillier homomorphic [J ] . Computer Science , 2013 , 40 ( 10 ): 114 - 118 .

程帅 , 姚寒冰 . 基于同态加密的密文全文检索技术的研究 [J ] . 计算机科学 , 2015 , 42 ( 6A ): 413 - 416 .

CHENG S , YAO H B . Study of cipher text retrieval based on homomorphic encryption [J ] . Computer Science , 2015 , 42 ( 6A ): 413 - 416 .

HOWGRAVE-GRAHAM N . Approximate inter commondivisors [M ] . Berlin : Springer Berlin HeidelbergPress , 2001 .

LI J , CHEN S C , SONG D J . Security structure of cloud storage based on homomorphic encryption scheme [C ] // IEEE International Conference on Cloud Computing ＆ Intelligent Systems,Oct 30-Nov 1,2012,Hangzhou,China . New Jersey:IEEE Press , 2012 : 224 - 227 .

浏览量

957

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

公有云大规模资源池部署SDN的应用

虚拟化安全——公有云安全的核心关键问题

移动社会网络中用户相似性计算的隐私保护研究