Research On Data Privacy Protection And Secure Data Search Technology In Cloud Environment

With the rapid development of technologies such as cloud computing,Internet of things(Io T)and mobile Internet,the opening up of industries,interconnection and cross-domain integration have given birth to the era of big data.Big data comes from organic integration of data from all walks of life(such as medical data,social information,meteorological data,etc.).Different enterprises can widely access and utilize these data to assist their own business development.For small and mediumsized enterprises,it is often very complex and expensive to integarate,store and analyze the vast amounts of information.Therefore,it is crucial to find the right data outsourcing services.As a novel data outsourcing model,data as a service(Daa S)is essentially based on centralized data management(for example,cloud computing platform is responsible for multi-party data fusion storage),allowing users to gather in the analysis and use of data.However,it causes the separation of data ownership and storage rights,which brings about new security risks.In addition,the features of big data,such as multisources,high dimensions and dynamic updates,also lead to the fact that traditional data privacy protection technologies are mostly difficult to apply.It poses new challenges for protecting privacy and preventing the disclosure of sensitive information.This dissertation takes the DaaS,the most popular data outsourcing service model,as an example,gives the analysis of the security issues in the release,storage and search phases of the big data life cycle,and puts forward appropriate solutions.The main work and contributions in this dissertation include:First,in view of the existing privacy protection mechanism is not suitable for the issue of privacy-preserving high-dimensional sparse data publishing,we study the characteristics of big data and the new data release model,understand the users' need for data privacy protection and data availability,and analyze the potential risks of data privacy leak.Based on the general bybrid cloud architecture,we propose a k~m-anonymity-based data segmentation technology,and design a complete data anonymization scheme to solve the balance between data privacy and usability when set-valued data is released.Second,in view of the privacy leakage faced by multi-party data fusion in Daa S model,we analyze the new data security risk brought by Daa S model compared with the previous scenario that just contains the relationship between data owner and authorized users.We study the data privacy protection strategy in the process of data fusion,and the verification methods of the consistency and integrity for data outsouced to the cloud.Based on attacker's motivation and hazard rating envisaged,we propose an anonymous strategy with multiple rounds of iterative refinement.This strategy prevents each party from learning more knowledge than the final integrated data when multiple parties are involved in data integration.Moreover,by defining the semihonest(curious)service model and malicious service model,we propose a two-level privacy-preserving mechanism for Daa S applications which offer different levels of privacy protection.Third,due to the multi-level and large-scale search needs of big data,we propose an incremental data-indexing strategy based on concept lattice granularity deduction.It synthetically considers user's search authority and the accuracy of the search result view,building a system architecture that completely supports for differentiated data retrieval service.This framework is compatible with the Map Reduce model and the current access control research works.It supports similarity search,fuzzy search and other practical search models.In addition,to protect big data search from the onions attack and implied attack,a privacy protection strategy based on hybrid cloud and maximized information view is proposed.Compared with the existing work,in the aspect of privacy protection,two types of inference analysis attacks caused by redundant data transmission are completely blocked.In terms of search efficiency,due to the construction of the partial ordering relationship between index deduction and search requirements,the communication overhead for transmitting redundant data is greatly reduced,and the search overhead is relatively constant.Fourth,according to multi-dimensional data search demands from multiple parties,we propose a uniform metric(?,?)-language that integrates accuracy,efficiency and privacy-preserving granularity.Based on this,we give an approximate search framework that balances the multi-target query requirements from users,data platform and data owner.Then,we propose a quick response mechanism to deal with the homogeneous query and discuss the reusage of the results when big data incremental appending.We give the strict proof of the reusable boundaries of the historical results.Finally,to improve the search efficiency,we adopt bootstrap method to accelerate the data sampling process,and explore the conditions of speeding up searches by using bootstrap method.