通信学报 ›› 2013, Vol. 34 ›› Issue (12): 158-166.doi: 10.3969/j.issn.1000-436X.2013.12.018
李瑞轩,董新华,辜希武,周湾湾,王聪
出版日期:
2013-12-25
发布日期:
2017-07-05
基金资助:
Rui-xuan LI,Xin-hua DONG,Xi-wu GU,Wan-wan ZHOU,Cong WANG
Online:
2013-12-25
Published:
2017-07-05
Supported by:
摘要:
移动云服务相比传统云具有移动互联、灵活终端应用和便捷数据存取等特点。然而,丰富的移动云服务应用也带来了更多的安全与隐私泄露问题。在阐述移动云服务的基本概念、应用与安全问题的基础上,给出了其安全与隐私保护体系结构,主要围绕安全协议与认证、访问控制、完整性验证、移动可信计算和基于加密、匿名、混淆的隐私保护等关键技术,分析其研究现状,论述已有技术的优势和不足,并探讨了未来的研究方向。
李瑞轩,董新华,辜希武,周湾湾,王聪. 移动云服务的数据安全与隐私保护综述[J]. 通信学报, 2013, 34(12): 158-166.
Rui-xuan LI,Xin-hua DONG,Xi-wu GU,Wan-wan ZHOU,Cong WANG. Overview of the data security and privacy-preserving of mobile cloud services[J]. Journal on Communications, 2013, 34(12): 158-166.
[1] | 中国互联网络信息中心. 第31次中国互联网络发展状况统计报告[R]. 北京:中国互联网络信息中心, 2012.4-5.China Internet Network Information Center. The 31th Statistical Re-port of China Internet Network Development State[R]. Beijing:China Internet Network Information Center, 2012.4-5. |
[2] | 吴吉义, 沈千里, 沈千里 等. 云计算:从云安全到可信云[J]. 计算机研究与发展, 2011,48(Suppl):229-233. WU J Y , SHEN Q L , ZHANG J L , et al. Cloud computing:cloud se-curity to trusted cloud[J]. Journal of Computer Research and Devel-opment, 2011,48(Suppl):229-233. |
[3] | 冯登国, 张敏, 张妍 等. 云计算安全研究[J]. 软件学报, 2011,22(1):71-83. FENG D G , ZHANG M , ZHANG Y , et al. Study on cloud computing security[J]. Journal of Software, 2011,22(1):71-83. |
[4] | 房秉毅, 张云勇, 徐雷 . 移动互联网环境下云计算安全浅析[J]. 移动通信, 2011,9:25-28. FANG B Y , ZHANG Y Y , XU L . Briefly discuss on the secu ity of cloud computing in the mobile internet environment[J]. Mobile Com-munications, 2011,9:25-28. |
[5] | 吕慧, 袁杰, 肖悦 等. 改进的基于椭圆曲线加密的3G 认证与密钥协商协议[J]. 计算机应用, 2012,32(1):58-60. LV H , YUAN J , XIAO Y , et al. Improved ECC-based authentication and key agreement protocol for 3G communication[J]. Journal of Computer Applications, 2012,32(1):58-60. |
[6] | 傅建庆, 陈健, 范容 等. 基于代理签名的移动通信网络匿名漫游认证协议[J]. 电子与信息学报, 2011,33(1):156-162. FU J Q , CHEN J , FAN R , et al. A delegation-based protocol for ano-nymous roaming authentication in mobile communication network[J]. Journal of Electronics & Information Technology, 2011,33(1):156-162. |
[7] | LEE C , LI C , CHANG R . A simple and efficient authentication scheme for mobile satellite communication systems[J]. ternational Journal of Satellite Communications and Networking, 2012,30(1):29-38. |
[8] | CHOW R , JAKOBSSON M , MASUOKA R , et al. Authentication in the clouds:a framework and its application to mobile sers[A]. Pro-ceedings of the 2010 ACM Workshop on Cloud Computing Security Workshop (CCSW)[C]. Chicago,USA, 2010.1-6. |
[9] | 刘宴兵, 刘飞飞 . 基于云计算的智能手机社交认证系统[J]. 通信学报, 2012,33(Z1):28-34. LIU Y B , Y B F F . Cloud computing based smartphone social authen-tication system[J]. Journal on Communications, 2012,33(Z1):28-34. |
[10] | YU S , WANG C , REN K , et al. Attribute based data sharing with attribute revocation[A]. Proceedings of the 5th ACM Symposium on Information,Computer and Communications Security (ASI, Beijing,China, 2010.261-270. |
[11] | LI J , ZHAO G , CHEN X , et al. Fine-grained data access control sys-tems with user accountability in cloud computing[A]. Proceedings of the 2th International Conference on Cloud Computing (C udCom)[C]. Indianapolis,USA, 2010.89-96. |
[12] | 邵俊 . 代理重密码的研究[D]. 上海:上海交通大学, 2007. SHAO J . Proxy Re-cryptography Revisited[D]. Shanghai:Shanghai Jiaotong University, 2007. |
[13] | ECHEVERRIA V , LIEBROCK L M , SHIN D . Permission manage-ment system:permission as a service in cloud computin[A]. The 34th Annual IEEE Computing Software and Applications Conference Workshops (COMPSAC)[C]. Seoul,South Korea, 2010.371-375. |
[14] | 熊庭刚, 卢正鼎, 张家宏 . 移动自组网的访问控制技术研究[J]. 计算机科学, 2011,38(4):72-75. XIONG T G , LU Z D , ZHANG J H . Research on access control tech-nology on mobile ad-hoc networks[J]. Computer Science, 2011,38(4):72-75. |
[15] | UNAL D , CAGLAYAN M U . A formal role-based access control model for security policies in multi-domain mobile networks[J]. Computer Networks, 2013,57(1):330-350. |
[16] | SHIN J , KIM Y , PARK W , et al. DFCloud:a TPM-based secure data access control method of cloud storage in mobile devices[A]. The 4th IEEE International Conference on Cloud Computing Technology and Science Proceedings (CloudCom)[C]. 2012. |
[17] | YUN A , SHI C , KIM Y . On protecting integrity and confidentiality of cryptographic file system for outsourced storage[A]. Proceedings of the first ACM Cloud Computing Security Workshop (CCSW)[C]. Chicago,USA, 2009.67-76. |
[18] | 杨翠, 谭成翔 . 远端非可信平台 agent 完整性保护机制研究与设计[J]. 计算机应用, 2009,(11):3001-3004. YANG C , TAN C X . Research and design of agent integrity protection mechanism on remote untrusted platform[J]. Journal of Computer Ap-plications, Journal of Computer Ap-plications |
[19] | JUELS A , KALISKI J B S . Pors:proofs of retrievability for large files[A]. ACM Conference on Computer and Communications Securi-ty (CCS)[C]. Virginia,USA, 2007.584-597. |
[20] | ATENIESE G , BURNS R , CURTMOLA R , et al. Provable data pos-session at untrusted stores[A]. ACM Conference on Comp Communications Security (CCS)[C]. Virginia,USA, 2007.598-609. |
[21] | ATENIESE G , DIPIETRO R , MANCINI L V , et al. Scalable and efficient provable data possession[A]. Proceedings of the 4th Interna-tional Conference on Security and Privacy in Communication Net-works (SecureComm'08)[C]. ACM:NewYork,NY,USA, 2008.1-10. |
[22] | ZENG K . Publicly verifiable remote data integrity[A]. 10th Inter-national Conference on Information and Communication Securit (ICICS)[C]. Birmingham,UK, 2008.419-434. |
[23] | 李涛, 胡爱群 . 可信模块与强制访问控制结合的安全防护方案[J]. 东南大学学报:自然科学版, 2011,41(3):513-517. LI T , HU A Q . Security protection scheme using mobile usted mod-ule and mandatory access control[J]. Journal of Southeast University (Natural Science Edition), 2011,41(3):513-517. |
[24] | 李磊, 侯方勇, 陈建勋 . 移动可信平台的发展与研究[J]. 电脑知识与技术, 2010(8):1833-1835. LI L , HOU F Y , CHEN J X . The development and research f mobile trusted platform[J]. Computer Knowledge and Technology, 2010(8):1833-1835. |
[25] | SENY K , KRISTIN L . Cryptographic cloud storage[A]. Proceedings of the 14th International Conference on Financial cryptograpy and Data Security[C]. Canary Islands,Spain, 2010.136-149. |
[26] | CRAIG G . Fully homomorphic encryption using ideal lattices[A]. Proceedings of the 41th Annual ACM Symposium on Theory of Computing (STOC)[C]. Bethesda,MD,USA, 2009.169-178. |
[27] | ANANTHI S , SENDIL M S , KARTHIK S . Privacy preserving key-word search over encrypted cloud data[A]. Advances in Computing and Communications[C]. 2011.480-487. |
[28] | HU H , XU J , REN C , et al. Processing private queries over untrusted data cloud through privacy homomorphism[A]. Proc of the 27th IEEE International Conference on Data Engineering (ICDE)[C]. Hannover,Germany, 2011. |
[29] | CAO N , WANG C , LI M , et al. Privacy-preserving multi-keyword ranked search over encrypted cloud data[A]. Proc of the 30th IEEE International Conference on Computer Com munications (INFO-COM)[C]. Shanghai,China, 2011.829-837 |
[30] | 侯清铧, 武永卫, 郑祎民 等. 一种保护云存储平台上用户数据私密性的方法[J]. 计算机研究与发展, 2011,48(7):1146-1154. HOU Q H , WU Y W , ZHENG W M , et al. A method on protection of user data privacy in cloud storage platform[J]. Journa of Computer Research and Development, 2011,48(7):1146-1154. |
[31] | 黄汝维, 桂小林, 余思 等. 云环境中支持隐私保护的可计算加密方法[J]. 计算机学报, 2011,34(12):2391-2402. HUANG R W , GUI X L , YU S , et al. Privacy-preserving computable encryption scheme of cloud compute[J]. Chinese Journa of Comput-ers, 2011,34(12):2391-2402. |
[32] | WANG W , LI Z , OWENS R , et al. Secure and efficient access to outsourced data[A]. Proceedings of the 2009 ACM Workshop on Cloud Computing Security (CCSW)[C]. Chicago,USA, 2009.55-65. |
[33] | ZHOU Z , HUANG D . Efficient and secure data storage operations for mobile cloud computing[A]. 2012 8th International Conference on Network and Service Management (CNSM)[C]. Las Vegas,USA, 2012.37-45. |
[34] | TYSOWSKI P K , HASAN M A . Re-encryption-based key manage-ment towards secure and scalable mobile applications i clouds[R]. IACR Cryptology ePrint Archive, 2011. |
[35] | SHIN Y , SHIN S , KIM M , et al. A secure self-encryption scheme for re-source limited mobile devices[A]. Proc of the International Conference on IT Convergence and Security[C]. Pyeong Chang,Korea, 2013.121-129. |
[36] | SAMARATI P , SWEENEY L . Protecting privacy when disclosing information:k-anonymity and its enforcement through generalization and suppression[J]. International Journal on Uncertainty,Fuzziness and Knowledge-based Systems, 2002,10(5):557-570. |
[37] | WONG R C , LI J , FU A W , et al. (ɑ,k)-anonymity:an enhanced K-anonymity model for privacy-preserving data publishing[A]. Pro-ceedings of the ACM SlGKDD International Conference on Know-ledge Discovery and Data Mining(SIGKDD)[C]. Philadelphia,PA,USA, 2006.754-759. |
[38] | MACHANAVAJJHALA A , GEHRKE J , KIFER D , et al. L-diversity:privacy beyond k-anonymity[J]. ACM Trans on Knowledge Discovery from Data (TKDD), 2007,1(1):24-33. |
[39] | NINGHUI L , TIANCHENG L , VENKATASUBRAMANIAN S . t-closeness:privacy beyond k-anonymity and l-diversity[A]. Proceed-ings of the 23rd International Conference on Data Engi Istanbul, Turkey, 2007.106-115. |
[40] | LUPER D , CAMERON D , MILLER J A , et al. Spatial and temporal target association through semantic analysis and GPS data min-ing[A]. Proceedings of the 2007 International Conference on Informa-tion & Knowledge Engineering (IKE)[C]. Las Vegas, 2007.251-257. |
[41] | ZHANG G , YANG Y , YUAN D , et al. A trust-based noise injection strategy for privacy protection in cloud[J]. Software:Practice and Ex-perience, 2012,42(4):431-445. |
[42] | CHENG H S , ZHANG D , TAN J G . Protection of privacy in pervasive computing environments[A]. IEEE Computer Society[C]. Las Vegas,USA, 2005. |
[43] | 倪巍伟, 徐立臻, 崇志宏 . 基于邻域属性熵的隐私保护数据干扰方法[J]. 计算机研究与发展, 2009,46(3):498-504. NI W W , XU L Z , CHONG Z H , et al. A privacy-preserving data per-turbation algorithm based on neighborhood entropy[J]. urnal of Computer Research and Development, 2009,46(3):498-504. |
[44] | 徐小龙, 周静岚, 杨庚 . 一种基于数据分割与分级的云存储数据隐私保护机制[J]. 计算机科学, 2013,40(2):98-102. XU X L , ZHOU J L , YANG G . Data privacy protection mechani m for cloud storage based on data partition and classificati[J]. Computer Science, 2013,40(2):98-102. |
[1] | 马玲, 樊漆亮, 许婷, 郭冠琛, 张圣林, 孙永谦, 张玉志. 基于强化学习的在线离线混部云环境下的调度框架[J]. 通信学报, 2023, 44(6): 90-102. |
[2] | 马鑫迪, 李清华, 姜奇, 马卓, 高胜, 田有亮, 马建峰. 面向Non-IID数据的拜占庭鲁棒联邦学习[J]. 通信学报, 2023, 44(6): 138-153. |
[3] | 冯涛, 陈李秋, 方君丽, 石建明. 基于本地化差分隐私和属性基可搜索加密的区块链数据共享方案[J]. 通信学报, 2023, 44(5): 224-233. |
[4] | 夏莹杰, 朱思雨, 刘雪娇. 区块链架构下具有条件隐私的车辆编队跨信任域高效群组认证研究[J]. 通信学报, 2023, 44(4): 111-123. |
[5] | 胡柏吉, 张晓娟, 李元诚, 赖荣鑫. 支持多功能的V2G网络隐私保护数据聚合方案[J]. 通信学报, 2023, 44(4): 187-200. |
[6] | 徐明, 张保俊, 伍益明, 应晨铎, 郑宁. 面向网络攻击和隐私保护的多智能体系统分布式共识算法[J]. 通信学报, 2023, 44(3): 117-127. |
[7] | 余晟兴, 陈钟. 基于同态加密的高效安全联邦学习聚合框架[J]. 通信学报, 2023, 44(1): 14-28. |
[8] | 张学旺, 黎志鸿, 林金朝. 基于公平盲签名和分级加密的联盟链隐私保护方案[J]. 通信学报, 2022, 43(8): 131-141. |
[9] | 王继锋, 王国峰. 边缘计算模式下密文搜索与共享技术研究[J]. 通信学报, 2022, 43(4): 227-238. |
[10] | 封化民, 史瑞, 袁峰, 李艳俊, 杨旸. 高效的强隐私保护和可转让的属性票据方案[J]. 通信学报, 2022, 43(3): 63-75. |
[11] | 于海宁, 张宏莉, 余翔湛, 曲家兴, 葛蒙蒙. 隐私保护的轨迹相似度计算方法[J]. 通信学报, 2022, 43(11): 1-13. |
[12] | 彭滔, 钟文韬, 王国军, 罗恩韬, 熊金波, 刘忆宁, Hao Wang. 移动社交网络中面向隐私保护的精确好友匹配[J]. 通信学报, 2022, 43(11): 90-103. |
[13] | 史瑞, 封化民, 谢惠琴, 史国振, 刘飚, 杨旸. 基于带智能卡的移动终端实现的隐私保护的属性票据方案[J]. 通信学报, 2022, 43(10): 26-41. |
[14] | 熊金波, 周永洁, 毕仁万, 万良, 田有亮. 边缘协同的轻量级隐私保护分类框架[J]. 通信学报, 2022, 43(1): 127-137. |
[15] | 晏燕, 丛一鸣, Adnan Mahmood, 盛权政. 基于深度学习的位置大数据统计发布与隐私保护方法[J]. 通信学报, 2022, 43(1): 203-216. |
阅读次数 | ||||||
全文 |
|
|||||
摘要 |
|
|||||
|