边缘计算数据安全与隐私保护研究综述

doi:10.11959/j.issn.1000-436x.2018037

通信学报 ›› 2018, Vol. 39 ›› Issue (3): 1-21.doi: 10.11959/j.issn.1000-436x.2018037

所属专题：边缘计算

• 论文Ⅰ：物联网与安全 • 下一篇

边缘计算数据安全与隐私保护研究综述

张佳乐,赵彦超(),陈兵,胡峰,朱琨

南京航空航天大学计算机科学与技术学院，江苏南京 211106

修回日期:2018-02-07 出版日期:2018-03-01 发布日期:2018-04-02
作者简介:张佳乐（1994-），男，安徽蚌埠人，南京航空航天大学博士生，主要研究方向为边缘计算、数据安全和应用密码学。|赵彦超（1985-），男，江苏连云港人，南京航空航天大学副教授，主要研究方向为计算机网络、智能感知计算、无线网络、感知数据处理等。|陈兵（1970-），男，江苏南通人，南京航空航天大学教授、博士生导师，主要研究方向为计算机网络、认知无线电、无线通信、下一代网络及信息安全等。|胡峰（1987-），男，江苏扬州人，南京航空航天大学博士生，主要研究方向为无线网络、移动网络和认知无线电。|朱琨（1984-），男，安徽合肥人，南京航空航天大学教授、博士生导师，主要研究方向为下一代无线通信网络（5G）、自组织网络、D2D通信及无线虚拟化技术等。
基金资助:
国家自然科学基金资助项目(61672283);国家自然科学基金资助项目(61602238);国家重点研发计划基金资助项目(2017YFB0802303);江苏省自然科学基金资助项目(BK20160805)

Survey on data security and privacy-preserving for the research of edge computing

Jiale ZHANG,Yanchao ZHAO(),Bing CHEN,Feng HU,Kun ZHU

College of Computer Science and Technology,Nanjing University of Aeronautics and Astronautics,Nanjing 211106,China

Revised:2018-02-07 Online:2018-03-01 Published:2018-04-02
Supported by:
The National Natural Science Foundation of China(61672283);The National Natural Science Foundation of China(61602238);The National Key Research and Development Program of China(2017YFB0802303);The Natural Science Foundation of Jiangsu Province(BK20160805)

摘要/Abstract

摘要：

随着物联网、大数据和 5G 网络的快速发展和广泛应用，传统的云计算无法处理网络边缘设备所产生的海量数据，因此，边缘计算应运而生。然而，由于边缘计算的内容感知、实时计算、并行处理等开放特性，使在云计算环境下就已经存在的数据安全与隐私问题变得更加突出。阐述了边缘计算中数据安全与隐私保护的研究背景，提出以数据安全为中心的研究体系架构。围绕数据安全、访问控制、身份认证和隐私保护等关键技术，综述了近年来提出的可能适用于边缘计算数据安全与隐私保护的最新研究成果，并就方案的可扩展性和适用性进行分析讨论。此外，介绍了一些目前比较适用的边缘计算实例。最后，指出一些重要的研究方向和研究建议。

关键词: 边缘计算, 万物互联, 数据安全, 访问控制, 身份认证, 隐私保护

Abstract:

With the rapid development and extensive application of the Internet of things (IoT),big data and 5G network architecture,the massive data generated by the edge equipment of the network and the real-time service requirements are far beyond the capacity if the traditional cloud computing.To solve such dilemma,the edge computing which deploys the cloud services in the edge network has envisioned to be the dominant cloud service paradigm in the era of IoT.Meanwhile,the unique features of edge computing,such as content perception,real-time computing,parallel processing and etc.,has also introduced new security problems especially the data security and privacy issues.Firstly,the background and challenges of data security and privacy-preserving in edge computing were described,and then the research architecture of data security and privacy-preserving was presented.Secondly,the key technologies of data security,access control,identity authentication and privacy-preserving were summarized.Thirdly,the recent research advancements on the data security and privacy issues that may be applied to edge computing were described in detail.Finally,some potential research points of edge computing data security and privacy-preserving were given,and the direction of future research work was pointed out.

Key words: edge computing, internet of everything, data security, access control, authentication, privacy-preserving

中图分类号:

TP309

张佳乐,赵彦超,陈兵,胡峰,朱琨. 边缘计算数据安全与隐私保护研究综述[J]. 通信学报, 2018, 39(3): 1-21.

Jiale ZHANG,Yanchao ZHAO,Bing CHEN,Feng HU,Kun ZHU. Survey on data security and privacy-preserving for the research of edge computing[J]. Journal on Communications, 2018, 39(3): 1-21.

图/表 9

图1

图2

图3

表1

表2

表3

现有可搜索加密方案比较与分析"

研究文献	分类	方案	技术方法	对称性	安全模型	功能性	可扩展性
文献[40]		云数据的安全排名关键字搜索	保序对称加密、反向映射	对称	无	排名搜索	中等
文献[41]	安全排名关键字搜索方案	多关键字排名搜索	协调匹配、内积相似度	对称	无	多关键字	中等
文献[42]		移动云环境下多关键字排名搜索	K-最近邻、盲存储	对称	无	多关键字	高
文献[43]		移动云环境下高效的排名搜索	计算迁移技术	对称	无	高效搜索	高
文献[44]		支持关键字搜索的CP-ABE方案	属性加密、秘密共享	非对称	无	搜索控制	高
文献[45]	基于属性的加密搜索方案	基于属性的可验证加密搜索	属性加密	非对称	无	可验证性	高
文献[46]		基于KP-ABE的可搜索加密	属性加密、公钥加密	非对称	离线猜测攻击	可验证性	中等
文献[47]		支持用户撤销的可搜索加密	属性加密、代理重加密	非对称	不可区分性选择关键字攻击	搜索授权	高
文献[48]		动态可搜索对称加密	动态可搜索对称加密、随机掩码技术	对称	适应性选择关键字攻击	动态搜索	中等
文献[49]		并行的动态可搜索对称加密	红黑树索引结构	对称	适应性选择关键字攻击	动态搜索	高
文献[50]	支持动态更新的可搜索加密	可验证的动态连接关键字搜索	双线性映射累加器	非对称	通用可组合	动态搜索	高
文献[51]		动态多关键字排名搜索	K-最近邻、贪心深度搜索算法	非对称	唯密文攻击	动态搜索多关键字排名搜索	高
文献[52]		基于动态属性的关键字搜索	属性加密、代理重加密	非对称	选择关键字攻击	动态搜索	中等
文献[53]		支持关键字搜索的代理重加密	代理重加密	非对称	选择密文攻击	代理搜索	高
文献[54]	可搜索代理重加密	支持连接关键字搜索的单跳代理重加密	代理重加密	非对称	弱选择密文攻击	连接关键字搜索	中等
文献[55]		支持关键字搜索的条件代理重加密	条件代理重加密	非对称	选择密文攻击	代理搜索	高
文献[56]		支持关键字搜索的属性代理重加密	属性加密、代理重加密、线性秘密共享	非对称	选择关键字攻击	代理搜索	高

表3

表4

表5

表6

参考文献 92

[1]	施巍松, 孙辉, 曹杰 ,等. 边缘计算:万物互联时代新型计算模型[J]. 计算机研究与发展, 2017,54(5): 907-924.
	SHI W S , SUN H , CAO J ,et al. Edge computing-an emerging compu-ting model for the Internet of everything era[J]. Journal of Computer Research and Development, 2017,54(5): 907-924.
[2]	Cisco cloud index supplement. Cloud readiness regional details white paper[R]. 2017.
[3]	EVANS D . The Internet of everything:how more relevant and valuable connections will change the world[J]. Cisco IBSG, 2012: 1-9.
[4]	LOPEZ P G , MONTRESOR A , EPEMA D ,et al. Edge-centric computing:vision and challenges[J]. ACM Sigcomm Computer Communication Review, 2015,45(5): 37-42.
[5]	MAO Y Y , YOU C S , ZHANG J ,et al. A survey on mobile edge computing:the communication perspective[J]. IEEE Communications Surveys ＆ Tutorials, 2017,PP(99):1.
[6]	SHI W S , CAO J , ZHANG Q ,et al. Edge computing:vision and challenges[J]. IEEE Internet of Things Journal, 2016,3(5): 637-646.
[7]	ORSINI G , BADE D , LAMERSDORF W . Computing at the mobile edge:designing elastic android applications for computation offloading[C]// The 9th Conference on the Joint IFIP Wireless and Mobile Networking (WMNC’16). 2016: 112-119.
[8]	DINH H T , LEE C , NIYATO D ,et al. A survey of mobile cloud computing:architecture,applications,and approaches[J]. Wireless Communications ＆ Mobile Computing, 2013,13(18): 1587-1611.
[9]	BONOMI F , MILITO R , ZHU J ,et al. Fog computing and its role in the internet of things[C]// The First Edition of the MCC Workshop on Mobile Cloud Computing.ACM (MCC@SIGCOMM’12). 2012: 13-16.
[10]	ABBAS N , ZHANG Y , TAHERKORDI A ,et al. Mobile edge computing:a surrey[J]. IEEE Internet of Things Journal, 2017,5(1): 450-465.
[11]	ROMAN R , LOPEZ J , MAMBO M. . Mobile edge computing,fog et al.:a survey and analysis of security threats and challenges[J]. Future Generation Computer Systems, 2018,PP(78): 680-698.
[12]	SAHAI A , WATERS B . Fuzzy identity-based encryption[C]// The 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT’05). 2005: 457-473.
[13]	GOYAL V , PANDEY O , SAHAI A ,et al. Attribute-based encryption for fine-grained access control of encrypted data[C]// The 13th ACM Conference on Computer and Communications Security (CCS’06). 2006: 89-98.
[14]	WATERS B , . Ciphertext-policy attribute-based encryption:an expressive,efficient,and provably secure realization[C]// The 14th International Conference on Practice and Theory in Public Key Cryptography (PKC’11). 2011: 53-70.
[15]	WANG S L , ZHOU J W , LIU J K ,et al. An efficient file hierarchy attribute-based encryption scheme in cloud computing[J]. IEEE Transactions on Information Forensics ＆ Security, 2016,11(6): 1265-1277.
[16]	YANG Y J , LIU J K , LIANG K T ,et al. Extended proxy-assisted approach:achieving revocable fine-grained encryption of cloud data[C]// The 20th European Symposium on Research in Computer Security. 2015: 146-166.
[17]	ZUO C , SHAO J , WEI G Y ,et al. CCA-secure ABE with outsourced decryption for fog computing[J]. Future Generation Computer Systems, 2018,PP(78): 730-738.
[18]	BLAZE M , BLEUMER G , STRAUSS M . Divertible protocols and atomic proxy cryptography[C]// The 17th Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT’98). 1998: 127-144.
[19]	GREEN M , ATENISES G . Identity-based proxy re-encryption[C]// The 5th Applied Cryptography and Network Security (ACNS’07). 2007: 288-306.
[20]	WENG J , DENG R H , DING X H ,et al. Conditional proxy re-encryption secure against chosen-ciphertext attack[C]// The 4th International Symposium on Information,Computer,and Communications Security (ASIACCS’09). 2009: 322-332.
[21]	LIANG K T , MAN H A , LIU J K ,et al. A secure and efficient ciphertext-policy attribute-based proxy re-encryption for cloud data sharing[J]. Future Generation Computer Systems, 2015,52(C): 95-108.
[22]	YANG Y J , ZHU H Y , LU H B ,et al. Cloud based data sharing with fine-grained proxy re-encryption[J]. Pervasive ＆ Mobile Computing, 2015,28(C): 122-134.
[23]	SHAO J , LU R X , LIN X D ,et al. Secure bidirectional proxy re-encryption for cryptographic cloud storage[J]. Pervasive ＆ Mobile Computing, 2016,28(C): 113-121.
[24]	KHAN A N , KIAH M L M , ALI M ,et al. A cloud-manager-based re-encryption scheme for mobile users in cloud environment:a hybrid approach[J]. Journal of Grid Computing, 2015,13(4): 1-25.
[25]	KHAN A N , ALI M , KHAN A U R ,et al. A comparative study and workload distribution model for re-encryption schemes in a mobile cloud computing environment[J]. International Journal of Communication Systems, 2017,30(16):e3308.
[26]	RIVEST R L , ADLEMAN L , DERTOUZOS M L . On data banks and privacy homomorphisms[J]. Foundations of Secure Computation, 1978: 169-179.
[27]	GENTRY C , . Fully homomorphic encryption using ideal lattices[C]// The 41th ACM Symposium on Theory of Computing (STOC’09). 2009: 169-178.
[28]	DIJK M V , GENTRY C , HALEVI S ,et al. Fully homomorphic encryption over the integers[C]// The 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT’10). 2010: 24-43.
[29]	BRAKERSKI Z , VAIKUNTANATHAN V . Efficient fully homomorphic encryption from (standard) LWE[C]// Foundations of Computer Science. 2011: 97-106.
[30]	GENTRY C , SAHAI A , WATERS B . Homomorphic encryption from learning with errors:conceptually-simpler,asymptotically-faster,attribute-based[C]// The 33th Annual Cryptology Conference (CRYPTO’13). 2013: 75-92.
[31]	LOUK M , LIM H . Homomorphic encryption in mobile multi cloud computing[C]// The 25th International Conference on Information Networking (ICOIN’15). 2015: 493-497.
[32]	BAHARON M R , SHI Q, LLEWELLYN-JONES D . A new lightweight homomorphic encryption scheme for mobile cloud computing[C]// 2015 IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications;Dependable,Autonomic and Secure Computing; Pervasive Intelligence and Computing (CIT/IUCC/DASC/PICOM’15). 2015: 618-625.
[33]	YANG K , JIA X H . Data storage auditing service in cloud computing:challenges,methods and opportunities[J]. World Wide Web, 2012,15(4): 409-428.
[34]	WANG C , WANG Q , REN K ,et al. Privacy-preserving public auditing for data storage security in cloud computing[C]// The 29th IEEE Annual International Conference on Computer Communications (INFOCOM’10). 2010: 1-9.
[35]	WANG Q , WANG C , REN K ,et al. Enabling public auditability and data dynamics for storage security in cloud computing[J]. IEEE Transactions on Parallel and Distributed Systems, 2011,22(5): 847-859.
[36]	YANG K , JIA X H . An efficient and secure dynamic auditing protocol for data storage in cloud computing[J]. IEEE Transactions on Parallel and Distributed Systems, 2013,24(9): 1717-1726.
[37]	SOOKHAK M , GANI A , KHAN M K ,et al. Dynamic remote data auditing for securing big data storage in cloud computing[J]. Information Sciences, 2017,380(C): 101-116.
[38]	LI J T , ZHANG L , LIU J K ,et al. Privacy-preserving public auditing protocol for low-performance end devices in cloud[J]. IEEE Transactions on Information Forensics and Security, 2016,11(11): 2572-2583.
[39]	LIN C , SHEN Z D , CHEN Q ,et al. A data integrity verification scheme in mobile cloud computing[J]. Journal of Network and Computer Applications, 2017,77(C): 146-151.
[40]	WANG C , CAO N , REN K ,et al. Enabling secure and efficient ranked keyword search over outsourced cloud data[J]. IEEE Transactions on Parallel and Distributed Systems, 2012,23(8): 1467-1479.
[41]	CAO N , WANG C , LI M ,et al. Privacy-preserving multi-keyword ranked search over encrypted cloud data[J]. IEEE Transactions on parallel and distributed systems, 2014,25(1): 222-233.
[42]	LI H W , LIU D X , DAI Y S ,et al. Enabling efficient multi-keyword ranked search over encrypted mobile cloud data through blind storage[J]. IEEE Transactions on Emerging Topics in Computing, 2015,3(1): 127-138.
[43]	LI J , MA R H , GUAN H B . Tees:an efficient search scheme over encrypted data on mobile cloud[J]. IEEE Transactions on Cloud Computing, 2017,5(1): 126-139.
[44]	WANG C J , LI W T , LI Y ,et al. A ciphertext-policy attribute-based encryption scheme supporting keyword search function[C]// The 5th International Symposium on Cyberspace Safety and Security (CSS’13). 2013: 377-386.
[45]	ZHENG Q J , XU S H , ATENIESE G . VABKS:verifiable attribute-based keyword search over outsourced encrypted data[C]// The 33th Annual IEEE International Conference on Computer Communications (INFOCOM’14). 2014: 522-530.
[46]	LIU P L , WANG J F , MA H ,et al. Efficient verifiable public key encryption with keyword search based on KP-ABE[C]// The 9th International Conference on Broadband and Wireless Computing,Communication and Applications (BWCCA’14). 2014: 584-589.
[47]	SUN W H , YU S C , LOU W J ,et al. Protecting your right:verifiable attribute-based keyword search with fine-grained owner-enforced search authorization in the cloud[J]. IEEE Transactions on Parallel and Distributed Systems, 2016,27(4): 1187-1198.
[48]	KAMARA S , PAPAMANTHOU C , ROEDER T . Dynamic searchable symmetric encryption[C]// The 19th ACM Conference on Computer and Communications Security (CCS’12). 2012: 965-976.
[49]	KAMARA S , PAPAMANTHOU C . Parallel and dynamic searchable symmetric encryption[C]// The 17th International Conference on Financial Cryptography and Data Security (FC’13). 2013: 258-274.
[50]	SUN W H , LIU X F , LOU W J ,et al. Catch you if you lie to me:efficient verifiable conjunctive keyword search over large dynamic encrypted cloud data[C]// The 34th Annual IEEE International Conference on Computer Communications (INFOCOM’15). 2015: 2110-2118.
[51]	XIA Z H , WANG X H , SUN X M ,et al. A secure and dynamic multi-keyword ranked search scheme over encrypted cloud data[J]. IEEE Transactions on Parallel and Distributed Systems, 2016,27(2): 340-352.
[52]	HU B S , LIU Q , LIU X H ,et al. DABKS:dynamic attribute-based keyword search in cloud computing[C]// 2017 IEEE International Conference on Communications (ICC’17). 2017: 1-6.
[53]	SHAO J , CAO Z F , LIANG X H ,et al. Proxy re-encryption with keyword search[J]. Information Sciences, 2010,180(13): 2576-2587.
[54]	WANG X A , HUANG X Y , YANG X Y ,et al. Further observation on proxy re-encryption with keyword search[J]. Journal of Systems and Software, 2012,85(3): 643-654.
[55]	FANG L M , SUSILO W , GE C P ,et al. Chosen-ciphertext secure anonymous conditional proxy re-encryption with keyword search[J]. Theoretical Computer Science, 2012,462: 39-58.
[56]	SHI Y F , LIU J Q , HAN Z ,et al. Attribute-based proxy re-encryption with keyword search[J]. PloS One, 2014,9(12):e116325.
[57]	LIU H , NING H S , XIONG Q X ,et al. Shared authority based privacy-preserving authentication protocol in cloud computing[J]. IEEE Transactions on Parallel and Distributed Systems, 2015,26(1): 241-251.
[58]	TSAI J L , LO N W . A privacy-aware authentication scheme for distributed mobile cloud computing services[J]. IEEE Systems Journal, 2015,9(3): 805-815.
[59]	JIANG Q , MA J F , WEI F S . On the security of a privacy-aware authentication scheme for distributed mobile cloud computing services[J]. IEEE Systems Journal, 2017,PP(99): 1-4.
[60]	HE D B , KUMAR N , KHAN M K ,et al. Efficient privacy-aware authentication scheme for mobile cloud computing services[J]. IEEE Systems Journal, 2017,PP(99): 1-11.
[61]	LO N W , TSAI J L . An efficient conditional privacy-preserving authentication scheme for vehicular sensor networks without pairings[J]. IEEE Transactions on Intelligent Transportation Systems, 2016,17(5): 1319-1328.
[62]	MAHMOOD K , CHAUDHRY S A , NAQVI H ,et al. An elliptic curve cryptography based lightweight authentication scheme for smart grid communication[J]. Future Generation Computer Systems, 2017,PP(81): 557-565.
[63]	TOOSI A N , CALHEIROS R N , BUYYA R . Interconnected cloud computing environments:challenges,taxonomy,and survey[J]. ACM Computing Surveys (CSUR), 2014,47(1):7.
[64]	TOUCEDA D S , CAMARA J M S , ZEADALLY S ,et al. Attribute-based authorization for structured peer-to-peer (P2P) networks[J]. Computer Standards ＆ Interfaces, 2015,42(C): 71-83.
[65]	YANG Y , ZHENG X H , LIU X M ,et al. Cross-domain dynamic anonymous authenticated group key management with symptom-matching for e-health social system[J]. Future Generation Computer Systems, 2017,PP(99): 1-7.
[66]	YANG X , HUANG X Y , LIU J K . Efficient handover authentication with user anonymity and untraceability for mobile cloud computing[J]. Future Generation Computer Systems, 2016,62(C): 190-195.
[67]	MCCARTHY D , MALONE P , HANGE J ,et al. Personal cloudlets:implementing a user-centric datastore with privacy aware access control for cloud-based data platforms[C]// The First International Work shop on TEchnical and LEgal aspects of data pRIvacy. 2015: 38-43.
[68]	HE D B , ZEADALLY S , WU L B ,et al. Analysis of handover authentication protocols for mobile wireless networks using identity-based public key cryptography[J]. Computer Networks, 2017,PP(28): 154-163.
[69]	YU S C , WANG C , REN K ,et al. Achieving secure,scalable,and fine-grained data access control in cloud computing[C]// The 29th Annual IEEE International Conference on Computer Communications (INFOCOM’10). 2010: 1-9.
[70]	XUE K P , XUE Y J , HONG J N ,et al. RAAC:robust and auditable access control with multiple attribute authorities for public cloud storage[J]. IEEE Transactions on Information Forensics and Security, 2017,12(4): 953-967.
[71]	JIN Y , TIAN C , HE H ,et al. A secure and lightweight data access control scheme for mobile cloud computing[C]// The 5th International Conference on Big Data and Cloud Computing (BDCloud’15). 2015: 172-179.
[72]	ZHANG P , CHEN Z H , LIU J K ,et al. An efficient access control scheme with outsourcing capability and attribute update for fog computing[J]. Future Generation Computer Systems, 2018,PP(78): 753-762.
[73]	HUANG Q L , YANG Y X , WANG L C . secure data access control with ciphertext update and computation outsourcing in fog computing for internet of things[J]. IEEE Access, 2017,5(99): 12941-12950.
[74]	ZHOU L , VARADHARAJAN V , HITCHENS M . Achieving secure role-based access control on encrypted data in cloud storage[J]. IEEE Transactions on Information Forensics and Security, 2013,8(12): 1947-1960.
[75]	CHEN H C , . A hierarchical virtual role assignment for negotiation-based RBAC scheme[C]// The 10th International Conference on Broadband and Wireless Computing,Communication and Applications (BWCCA’15). 2015: 538-543.
[76]	KUHN D R , COYNE E J , WEIL T R . Adding attributes to role-based access control[J]. Computer, 2010,43(6): 79-81.
[77]	LI H J , WANG S , TIAN X X ,et al. A survey of extended role-based access control in cloud computing[C]// The 4th International Conference on Computer Engineering and Networks (CENeT’14). 2015: 821-831.
[78]	ALMUTAIRI A , SARFRAZ M , BASALAMAH S ,et al. A distributed access control architecture for cloud computing[J]. IEEE Software, 2012,29(2): 36-44.
[79]	CHEN L Q , URIAN R . DAA-A:direct anonymous attestation with attributes[C]// The 8th International Conference on Trust and Trustworthy Computing (TRUST’15). 2015: 228-245.
[80]	PASUOULETI S K , RAMALINGAM S , BUYYA R . An efficient and secure privacy-preserving approach for outsourced data of resource constrained mobile devices in cloud computing[J]. Journal of Network and Computer Applications, 2016,64(C): 12-22.
[81]	BAHRAMI M , SINGHAL M . A light-weight permutation based method for data privacy in mobile cloud computing[C]// The 3th International Conference on Mobile Cloud Computing,Services,and Engineering (MobileCloud’15). 2015: 189-198.
[82]	LI J W , LI J , CHEN X F ,et al. Privacy-preserving data utilization in hybrid clouds[J]. Future Generation Computer Systems, 2014,30(1): 98-106.
[83]	CHEN M , LI W Z , LI Z ,et al. Preserving location privacy based on distributed cache pushing[C]// 2014 IEEE Wireless Communications and Networking Conference (WCNC’14). 2014: 3456-3461.
[84]	WEI W , XU F Y , LI Q . Mobishare:flexible privacy-preserving location sharing in mobile online social networks[C]// The 31th Annual IEEE International Conference on Computer Communications (INFOCOM’12). 2012: 2616-2620.
[85]	NIU B , LI Q H , ZHU X Y ,et al. Enhancing privacy through caching in location-based services[C]// The 34th Annual IEEE International Conference on Computer Communications (INFOCOM’15). 2015: 1017-1025.
[86]	FAWAZ K , HUAN F , SHIN K G . Anatomization and protection of mobile apps’ location privacy threats[C]// The 24th USENIX Conference on Security Symposium (USENIX SEC’15). 2015: 753-768.
[87]	KHALIL I , KHREISHAH A , AZEEM M . Consolidated identity management system for secure mobile cloud computing[J]. Computer Networks, 2014,65(2): 99-110.
[88]	KHAN A N , KIAH M L M , MADANI S A ,et al. Enhanced dynamic credential generation scheme for protection of user identity in mobile-cloud computing[J]. The Journal of Supercomputing, 2013,66(3): 1687-1706.
[89]	PARK I S , LEE Y D , JEONG J . Improved identity management protocol for secure mobile cloud computing[C]// The 46th Hawaii International Conference on System Sciences (HICSS’13). 2013: 4958-4965.
[90]	GUPTA H , DASTJERDI A V , GHOSH S K ,et al. iFogSim:a toolkit for modeling and simulation of resource management techniques in internet of things,edge and fog computing environments[J]. Software Practice ＆ Experience, 2017,47(9): 1275-1296.
[91]	BELLIFEMINE F L , CAIRE G , Greenwood D . Developing multi-agent systems with JADE[M]. New York: John Wiley ＆ SonsPress, 2007.
[92]	ROSADO T , BERNARDINO J . An overview of openstack architecture[C]// The 18th International Database Engineering ＆ Applications Symposium (IDEAS’14). 2014: 366-367.

文献	分类	方案	技术方法	安全模型	安全特性	可扩展性
文献[15]		基于文件分层结构的属性加密方案	基于密文的属性加密、分层访问树	选择明文攻击	数据保密性、细粒度数据共享	高
文献[16]	属性加密	支持用户属性撤销的属性加密方案	基于密文的属性加密、全或无原则	选择明文攻击	数据保密性、支持用户属性撤销、抵抗合谋攻击	中等
文献[17]		支持外包解密的属性加密方案	属性加密方法	选择密文攻击	数据保密性、安全存储	高
文献[21]		基于密文策略的属性代理重加密方案	基于密文的属性加密、代理重加密	不可区分性选择密文攻击	细粒度数据共享	高
文献[22]		基于密文策略的属性条件代理重加密方案	基于密文的属性加密、条件代理重加密	选择明文攻击	支持用户属性撤销、细粒度数据共享	中等
文献[23]	代理重加密	固定密文长度的双向代理重加密方案	双向代理重加密	可重放选择密文攻击	安全存储、抵抗合谋攻击	高
文献[24]		基于云和代理的双重加密方案	代理重加密	无	数据保密性、计算迁移	中等
文献[25]		基于重加密的工作负载分配模型	代理重加密	无	数据保密性、计算迁移	高
文献[31]	全同态加密	移动多云计算环境下的同态加密构造方案	全同态加密	无	数据保密性、安全存储	高
文献[32]		轻量级同态加密算法	全同态加密	蛮力攻击	数据保密性、安全存储	高

研究文献	分类	方案	技术方法	应用场景	安全特性	可扩展性
文献[34]	批量审计	保护隐私的批量数据审计系统	同态认证器、随机掩码、双线性聚合签名	云计算	批量审计、隐私保护	高
文献[35]	动态审计	支持动态审计的安全云存储方案	Merkle散列树、数据持有性证明	云计算	动态审计、安全存储	高
文献[36]	动态审计	高效隐私保护的动态审计方案	远程数据审计技术	云计算	动态审计、隐私保护	中等
文献[37]	动态审计	动态远程数据审计方案	远程数据审计、分治表	大数据存储	动态审计、低复杂度	中等
文献[38]	批量审计	适用于资源受限终端的隐私保护审计方案	在线/离线签名方法	移动云计算	批量审计、隐私保护、低复杂度	高
文献[39]	动态审计	移动数据可持有性证明方案	可持有性证明、BLS 短签名	移动云计算	动态审计、低复杂度	高

研究文献	分类	方案	技术方法	应用场景	安全特性	可扩展性
文献[57]		基于共享权限的隐私保护认证协议	属性加密、代理重加密	安全云存储	隐私保护、匿名认证	高
文献[58]		保护隐私的匿名身份认证方案	双线性密码系统	分布式移动云计算	匿名认证、密钥交换、不可追踪性	中等
文献[60]	单一域内身份认证	基于身份签名的隐私感知认证方案	双线性密码系统	移动云计算	匿名认证、隐私保护、不可追踪性	高
文献[61]		基于条件隐私的身份认证方案	椭圆曲线密码系统	车辆传感器网络	匿名认证、可追溯性、批量签名验证	高
文献[62]		基于轻量级ECC的身份认证方案	椭圆曲线密码系统	智能电网系统	双向认证、低计算和通信成本	高
文献[64]		基于属性的认证授权框架	分布式证书撤销	结构化P2P网络	隐私保护、证书撤销	中等
文献[65]	跨域认证	跨域动态匿名组密钥管理认证系统	椭圆曲线密码系统	电子医疗系统	匿名认证、密钥撤销、隐私保护	中等
文献[66]		基于身份的切换认证协议	椭圆曲线密码系统	异构移动云计算网络	匿名认证、隐私保护、不可追踪性	高
文献[68]	切换认证	隐私保护的批量切换认证协议	椭圆曲线密码系统	移动无线网络	隐私保护、批量认证	高

研究文献分类	方案	技术方法	应用场景	可扩展性
文献[69]	细粒度的访问控制方案	属性加密、代理重加密	云计算	中等
文献[70]	支持多属性授权访问控制的异构框架	基于密文的属性加密	大规模云存储服务	高
文献[71]基于属性的访问控制	安全和轻量级的属性访问控制方案	基于密文的属性加密	移动云计算	高
文献[72]	具有外包能力和属性更新的访问控制策略	基于密文的属性加密	雾计算	高
文献[73]	具有计算外包和密文更新的访问控制方案	基于密文的属性加密、基于属性的签名方法	雾计算	中等
文献[74]	基于角色加密的混合云存储架构	基于角色的加密方法	云存储服务	中等
文献[75]	基于层次虚拟角色分配的协商RBAC方案	层次加密、角色分层结构	大规模信息系统	高
文献[76]基于角色的访问控制	基于角色-属性的访问控制方案	属性加密、角色加密	分布式云计算架构	高
文献[78]	基于角色的分布式访问控制	基于角色的加密方法	分布式云计算架构	高
文献[79]TPM	带有属性协议的直接匿名认证方案	椭圆曲线密码系统、零知识证明	边缘计算	高

研究文献	分类	方案	技术方法	应用场景	可扩展性
文献[80]		外包云数据的高效隐私保护方案	概率公钥加密系统	云计算	高
文献[81]	数据隐私保护	轻量级数据隐私保护方案	伪随机置换法	移动多云计算	中等
文献[82]		隐私保护的数据利用技术	可信私有云代理	混合云计算环境	中等
文献[83]		基于分布式缓存的位置隐私保护方案	分布式缓存代理	分布式位置服务	高
文献[84]		隐私保护的位置共享系统	基于位置服务	移动在线社交网络	中等
文献[85]	位置隐私保护	基于缓存感知的虚拟选择算法	位置混淆、隐私度量	位置服务	高
文献[86]		LP-Doctor	位置匿名、信任管理	移动位置应用	中等
文献[87]		综合第三方身份管理协议	第三方数字证书管理	移动云计算	中等
文献[88]	身份隐私保护	基于动态凭证的轻量级身份隐私保护方案	第三方动态凭证管理	移动云计算	高
文献[89]		改进的身份管理协议	完美隐私PGP算法	移动互联网应用服务	高

边缘计算数据安全与隐私保护研究综述

Survey on data security and privacy-preserving for the research of edge computing

在线阅读

PDF下载

可视化

被引次数

摘要/Abstract

引用本文

使用本文

图/表 9

参考文献 92

相关文章 15

Metrics

推荐阅读 0

[1]	马鑫迪, 李清华, 姜奇, 马卓, 高胜, 田有亮, 马建峰. 面向Non-IID数据的拜占庭鲁棒联邦学习[J]. 通信学报, 2023, 44(6): 138-153.
[2]	冯涛, 陈李秋, 方君丽, 石建明. 基于本地化差分隐私和属性基可搜索加密的区块链数据共享方案[J]. 通信学报, 2023, 44(5): 224-233.
[3]	鲁蔚锋, 李宁, 徐佳, 徐力杰, 徐建. 多接入边缘计算中相关性任务的联合调度算法[J]. 通信学报, 2023, 44(4): 87-98.
[4]	夏莹杰, 朱思雨, 刘雪娇. 区块链架构下具有条件隐私的车辆编队跨信任域高效群组认证研究[J]. 通信学报, 2023, 44(4): 111-123.
[5]	苏新, 张桂福, 行鸿彦, Zenghui Wang. 基于平衡生成对抗网络的海洋气象传感网入侵检测研究[J]. 通信学报, 2023, 44(4): 124-136.
[6]	胡柏吉, 张晓娟, 李元诚, 赖荣鑫. 支持多功能的V2G网络隐私保护数据聚合方案[J]. 通信学报, 2023, 44(4): 187-200.
[7]	谢人超, 文雯, 唐琴琴, 刘云龙, 谢高畅, 黄韬. 轨道交通移动边缘计算网络安全综述[J]. 通信学报, 2023, 44(4): 201-215.
[8]	余雪勇, 邱礼翔, 宋家宁, 朱洪波. 无人机辅助边缘计算中安全通信与能效优化策略[J]. 通信学报, 2023, 44(3): 45-54.
[9]	徐明, 张保俊, 伍益明, 应晨铎, 郑宁. 面向网络攻击和隐私保护的多智能体系统分布式共识算法[J]. 通信学报, 2023, 44(3): 117-127.
[10]	范伟, 彭诚, 朱大立, 王雨晴. 移动边缘计算网络下基于静态贝叶斯博弈的入侵响应策略研究[J]. 通信学报, 2023, 44(2): 70-81.
[11]	赵庶旭, 韦萍, 王小龙. 多任务并发边缘计算环境中最优联盟结构生成策略[J]. 通信学报, 2023, 44(2): 172-184.
[12]	余晟兴, 陈钟. 基于同态加密的高效安全联邦学习聚合框架[J]. 通信学报, 2023, 44(1): 14-28.
[13]	龙隆, 刘子辰, 陆在旺, 张玉成, 李蕾. 移动边缘网络下服务缓存与资源分配联合优化策略[J]. 通信学报, 2023, 44(1): 64-74.
[14]	金伟, 李凤华, 余铭洁, 郭云川, 周紫妍, 房梁. 面向HDFS的密钥资源控制机制[J]. 通信学报, 2022, 43(9): 27-41.
[15]	张学旺, 黎志鸿, 林金朝. 基于公平盲签名和分级加密的联盟链隐私保护方案[J]. 通信学报, 2022, 43(8): 131-141.