大数据安全高效搜索与隐私保护机制展望

doi:10.11959/j.issn.2096-109x.2016.00041

摘要/Abstract

摘要：

随着信息产业的飞速发展，围绕大数据搜索展开的服务已渗透到人们生活的方方面面。相关技术领域也正在经历深刻变革，如数据融合的隐私保护、场景感知的搜索意图理解、统计概率式的搜索模式等。结合国内外最新研究进展，对大数据安全高效搜索与隐私保护问题进行了研究展望：首先，从多源数据发布、用户搜索需求感知及隐私感知的智慧解答3个视角凝练了大数据安全搜索与隐私保护的科学问题；其次，提出了面向大数据的信息融合与知识萃取技术、粒度化的知识表示与推演技术、支持平台与用户互动的搜索任务表示模型、基于用户体验驱动的任务管理技术、效用与代价平衡的粒度化搜索技术和基于差分隐私的安全搜索机制等研究内容；最后，对相关的技术路线进行了展望。

关键词: 大数据, 安全搜索, 隐私保护, 多源融合

Abstract:

With rapid development of information industry,services related to big data search have permeated into almost every aspect of human lives.Relevant technologies are undergoing profound changes,such as privacy pres-ervation for data fusion,context-aware search intention comprehending and statistic search pattern.The issues of secure-efficient search and privacy-preserving for big data were studied and looked ahead.Firstly,three chief scien-tific problems were refined from the aspects of multi-source data publication,awareness of users’ search require-ments and privacy-aware wise solutions,respectively.Secondly,main research contents were proposed,including big data oriented information fusion and knowledge extraction,granular knowledge representation and inference,interactive representation of search task,user experience driven task management,granular search pattern balancing utility with cost,and secure search mechanism based on differential privacy.Lastly,several promising techniques in future were discussed.

Key words: big data, secure search, privacy preservation, multi-source information fusion

中图分类号:

TP393

李尚,周志刚,张宏莉,余翔湛. 大数据安全高效搜索与隐私保护机制展望[J]. 网络与信息安全学报, 2016, 2(4): 21-32.

Shang LI,Zhi-gang ZHOU,Hong-li ZHANG,Xiang-zhan YU. Prospect of secure-efficient search and privacy-preserving mechanism on big data[J]. Chinese Journal of Network and Information Security, 2016, 2(4): 21-32.

图/表 3

参考文献 57

[1]	SWEENEY L . K-anonymity:a model for protecting privacy[J]. International Journal on Uncertainty,Fuzziness and Knowl-edge-Based Systems, 2002,10(5):557-570.
[2]	MACHANAVAJJHALA A , KIFER D , GEHRKE J , et al. L-diversity:privacy beyond k-anonymity[J]. ACM Transactions on Knowledge Discovery from Data, 2007,1(1):1-47.
[3]	LI N , LI T , VENKATASUBRAMANIAN S . Closeness:a new privacy measure for data publishing[J]. IEEE Transactions on Knowledge and Data Engineering, 2010,22(7):943-956.
[4]	周水庚, 李丰, 陶宇飞 , 等. 面向数据库应用的隐私保护研究综述[J]. 计算机学报, 2009,32(5):847-861.
	ZHOU S G , LI F , TAO Y F , et al. Privacy preservation in database applications:a survey[J]. Chinese Journal of Computers, 2009,32(5):847-861.
[5]	XIAO X K , TAO Y F . M-invariance:towards privacy preserving republication of dynamic datasets[C]// International Conference on Sigmod , New York. c2007:689-700.
[6]	JIANG W , CLIFTON C . A secure distributed framework for achieving anonymity[J]. The International Journal on Very Large Data Bases, 2006,15(4):316-333.
[7]	CLIFTON C , KANTARCIOGLU , VAIDYA J . Tools for privacy preserving distributed data mining[J]. ACM Sigkdd Explorations Newsletter, 2010,4(2):1-7.
[8]	MOHAMMED N , FUNG B C M , DEBBABI M . Anonymity meets game theory:secure data integration with malicious participants[J]. VLDB Journal, 2011,20(4):567-588.
[9]	MOHAMMED N , FUNG B C M , et al. Centralized and distributed anonymization for high-dimensional healthcare data[J]. ACM Transactions on Knowledge Discovery from Data, 2010,4(4):885-900.
[10]	JIANG W , CLIFTON C , KANTARCIOGLU M . Transforming semi-honest protocols to ensure accountability[C]// IEEE Interna-tional Conference on Data Mining Workshops (ICDM)， c2006:524-529.
[11]	DU W , HAN Y S , CHEN S . Privacy-preserving multivariate statis-tical analysis:linear regression and classification[C]// The SIAM International Conference on Data Mining,Florida. c2004:222-223.
[12]	PINKAS B . Cryptographic techniques for privacy-preserving data mining[J]. ACM Sigkdd Explorations Newsletter, 2003,4(2):12-19.
[13]	VAIDYA J , CLIFTON C . Privacy-preserving k-means clustering over vertically partitioned data[C]// ACM Sigkdd International Conference on Knowledge Discovery ＆ Data Mining. c2003:206-215.
[14]	BRODER A Z , FONTOURA M , GABRILOVICH E , et al. Robust classification of rare queries using web knowledge[C]// The 30th Annual International ACM SIGIR Conference on Research and Development in Information Retrieval. c2007:231-238.
[15]	KOHLSCHüTTER C , CHIRITA P A , NEJDL W . Using link analy-sis to identify aspects in faceted web search[J]. Sigir Faceted Search Workshop. 2006.
[16]	SHEN D , PAN R , SUN J T , et al. Query enrichment for web-query classification[J]. ACM Transactions on Information Systems, 2006,24(3):320-352.
[17]	TEEVAN J , KARLSON A , AMINI S , et al. Understanding the importance of location,time,and people in mobile local search be-havior[C]// International Conference on Human Computer Interac-tion with Mobile Devices ＆ Services. c2011:77-80.
[18]	BRODER A , FONTOURA M , JOSIFOVSKI V , et al. A semantic approach to contextual advertising[C]// The International ACM SIGIR Conference on Research and Development in Information Retrieval,Amsterdam,the Netherlands. c2007:559-566.
[19]	SARKAS N , PAPARIZOS S , TSAPARAS P . Structured annotations of Web queries[C]// ACM SIGMOD International Conference on Management of Data. c2010:771-782.
[20]	STANKOVIC J A . Research directions for the internet of things[J]. Internet of Things Journal, 2014,1(1):3-9.
[21]	MAEKAWA T , YANAGISAWA Y , SAKURAI Y , et al. Con-text-aware Web search in ubiquitous sensor environments[J]. ACM Transactions on Internet Technology, 2012,11(3):1-23.
[22]	YAO L , SHENG Q Z , FALKNER N J G , et al. ThingsNavi:finding most-related things via multi-dimensional modeling of human-thing interactions[C]// The 11th International Conference on Mobile and Ubiquitous Systems:Computing,Networking and Services. c2014:20-29.
[23]	OSTERMAIER B , ROMER K , MATTERN F , et al. A real-time search engine for the web of things[C]// 2010 Internet of Things (IOT). c2010:1-8.
[24]	CHRISTOPHE B , VERDOT V , TOUBIANA V . Searching the ‘web of things’[C]// The 5th International Conference on Semantic Com-puting. c2011:308-315.
[25]	Smart. Search engine for multimedia environment generated con-tent[EB/OL]. .
[26]	HAN X , LIU X , LI J , GAO H . TDEP:efficiently processing top-k dominating query on massive data[J]. Knowledge ＆ Information Systems, 2014,43(3):689-718.
[27]	HAN X , LI J , GAO H , YANG C . SEPT:an efficient skyline join algorithm on massive data[J]. Knowledge ＆ Information Systems, 2015,43(2):355-388.
[28]	HAN X , LI J , YANG D . PI-join:efficiently processing join queries on massive data[J]. Knowledge ＆ Information Systems, 2012,32(3):527-557.
[29]	CHAUDHURI S , DAS G , SRIVASTAVA U . Effective use of block-level sampling in statistics estimation[C]// ACM SIGMOD International Conference on Management of Data,Paris. c2004:287-298.
[30]	DOUCET A , BRIERS M , SNCAL S . Efficient block sampling strategies for sequential monte carlo methods[J]. Journal of Compu-tational and Graphical Statistics, 2006,15(3):693-711.
[31]	CONDIE T , CONWAY N , ALVARO P , et al. Online aggregation and continuous query support in MapReduce[C]// ACM SIGMOD International Conference on Management of Data. c2010:1115-1118.
[32]	LAPTEV N , ZENG K , ZANIOLO C . Early accurate results for advanced analytics on MapReduce[J]. The VLDB Endowment, 2012,5(10):1028-1039.
[33]	HERODOTOU H , DONG F , BABU S . MapReduce program-ming and cost-based optimization? crossing this chasm with star-fish[J]. The VLDB Endowment, 2011(4):1446-1449.
[34]	HERODOTOU H , BABU S . Profiling,what-if analysis,and cost-based optimization of mapreduce programs[J]. The VLDB En-dowment, 2011(4):111-1122.
[35]	YU S , REN K , LOU W . FDAC:toward fine-grained distributed data access control in wireless sensor networks[J]. IEEE Transac-tions on Parallel and Distributed Systems, 2011,22(4):673-686.
[36]	ZHANG R , ZHANG Y , et al. Distributed privacy-preserving access control in sensor networks[J]. IEEE Transactions on Parallel and Distributed Systems, 2012,23(8):1427-1438.
[37]	FRIAS-MARTINEZ V , SHERRICK J , STOLFO S J , et al. A net-work access control mechanism based on behavior profiles[C]// Annual Computer Security Applications Conference. c2009:3-12.
[38]	GOYAL V , PANDEY O , SAHAI A , et al. Attribute-based encryp-tion for fine-grained access control of encrypted data[C]// The 13th ACM CCS. c2006:89-98.
[39]	YANG K , JIA X . Expressive,efficient,and revocable data access control for multi-authority cloud storage[J]. IEEE Transactions on Parallel and Distributed Systems, 2014,25(7):1735-1744.
[40]	CAMENISCH J , LEHMANN A , NEVEN G , et al. Pri-vacy-preserving auditing for attribute-based credentials[C]// Com-puter Security-ESORICS. c2014:109-127.
[41]	MAJI H . Attribute-based signatures:achieving attribute-privacy and collusion-resistance[J]. IACR Cryptology ePrint Archive, 2008,(4):1-23.
[42]	BUGIEL S , HEUSER S , SIT F . Flexible and fine-grained manda-tory access control on android for diverse security and privacy poli-cies[C]// Usenix Conference on Security. c2013:131-46.
[43]	ROHRER F , ZHANG Y , CHITKUSHEV L , et al. DR BACA:dynamic role based access control for android[C]// The 29th Annual Computer Security Applications Conference. c2013:299-308.
[44]	SINGH K . Practical context-aware permission control for hybrid mobile applications[M]// Research in Attacks,Intrusions,and De-fenses.Berlin Heidelberg:Springer, 2013:307-327.
[45]	AVE S . Auto-FBI:a user-friendly approach for secure access to sensitive content on the Web[C]// The 29th Annual Computer Secu-rity Applications Conference. c2015:349-358.
[46]	HU H , AHN G , et al. Multiparty access control for online social networks:model and mechanisms[J]. IEEE Transactions on Knowl-edge and Data Engineering, 2013,25(7):1614-1627.
[47]	DWORK C , NAOR M , VADHAN S . The privacy of the analyst and the power of the state[C]// IEEE 53rd Annual Symposium on Foundations of Computer Science. c2012:400-409.
[48]	MARIAS G F , DELAKOURIDIS C , KAZATZOPOULOS L , et al. Location privacy through secret sharing techniques[C]// The 6th IEEE International Symposium on a World of Wireless Mobile and Multimedia Networks. c2005:614-620.
[49]	WERNKE M , DURR F . PShare:position sharing for location pri-vacy based on multi-secret sharing[C]// IEEE International Confer-ence on Pervasive Computing and Communications. c2012:153-161.
[50]	SANTOS V , BAI?O F , TANA A . An architecture to support infor-mation sources discovery through semantic search[C]// IEEE Inter-national Conference on Information Reuse＆Integration. c2011:276-282.
[51]	ZHANG B , ROSS B , TRIPATHI S , et al. Network-aware data caching and prefetching for cloud-hosted metadata retrieval[C]// The Third International Workshop on Network-aware Data Man-agement. c2013:1-10.
[52]	SABRINA D C D V , FORESTI S , JAJODIA S , et al. On informa-tion leakage by indexes over data fragments[C]// The 29th Interna-tional Conference on Data Engineering Workshops,IEEE. c2013:94-98.
[53]	BETHENCOURT J , SAHAI A , WATERS B . Ciphertext-policy attribute-based encryption[C]// IEEE Symposium on Security and Privacy. c2007:321-334.
[54]	YANG K , JIA X , REN K , ZHANG B . DAC-MACS:Effective data access control for multi-authority cloud storage systems[J]. IEEE Transactions on Information Forensics ＆ Security, 2014,8(11):2895-2903.
[55]	SANKAR L , RAJAGOPALAN S R , POOR H V . A theory of utility and privacy of data sources[J]. IEEE International Symposium on Information Theory, 2010,41(3):2642-2646.
[56]	GUO S , CHEN K . Mining privacy settings to find optimal pri-vacy-utility tradeoffs for social network services[C]// International Conference on Privacy,Security,Risk and Trust. c2012:656-665.
[57]	GU Y , WU W . A quantifying method for trade-off between privacy and utility[C]// The International Conference on Information and Communications Technologies. c2013:270-273.