Research On Privacy Preserving Based On Trusted Computing Technology

ABSTRACT: With the infiltration of network technology in people's lives and works, privacy preserving gain increasing wide public attention. This thesis applies the technol-ogy of trusted computing, analyzes the privacy disclosure problems in information sys-tems, proposes a remote anonymous attestation scheme between platforms and raises a role-based and time-bound access control model on the basis of constructing trusted com-puting platform on terminal. Finally, we discuss the potential privacy and security issues of EHR system, which has particular privacy requirements, and put forward a three-tier security model for access and management of EHR data and related security and privacy techniques of each tier. Specifically, the contributions of this thesis are mainly reflected as follows:(1) The establishment of trusted computing environment is the prerequisite for guaran-teeing security of information system. Building trusted computing platform starts with constructing trusted chain, and as the trusted moves forward, trusted hard-ware configuration, trusted operating system and trusted applications are complet-ed. According to the trusted computing specifications of our country, this thesis builds trusted chain on the EFI environment with TPCM. Therefore, it minimizes the "root of trust" and greatly improves the security of trusted platform and the whole system, and prevents information disclosure caused by malicious code. In addition, this thesis gives formal analysis of establishment of trusted chain and poses a theoretical model.(2) Remote attestation is the premise of secure communication in distributed networks. The shortcoming of popular binary attestation is leaking platform information in-cluding hardware and software configuration information and identity of platform. Therefore, this method violates the privacy of the terminal platform and makes it more vulnerable to various attacks. Moreover, the relevant specifications of trust-ed platform also have not considered privacy preserving of platform configuration. This thesis proposes a remote automatic anonymous attestation scheme based on TPCM which is used in the trusted computing platform specifications of our coun-try. This scheme builds on the trusted network connection and applies ring signa-ture, hidden attribute credential and trust negotiation to achieve remote automatic anonymous attestation between platforms. Compared with existing remote attesta-tion schemes, it not only effectively prevents exposure of privacy information, but also has higher efficiency, since it does not require the involvement of trusted third party in negotiation process and has no additional zero-knowledge proof.(3) Data should be encrypted stored in sensitive information systems or outsourced database. However, access this kind of systems with existing access control meth-ods data will increase the risk of information leakage. In addition, improper access control policy will lead to information disclosure caused by unauthorized access. To solve above problems, this thesis proposes an RBTBAC model, which combines role-based access control and time-bound key management scheme. This model achieves authorized access from both time and space dimensions and prevents in-formation disclosure of system. Further more, RBTBAC improves the efficiency of time-bound key management scheme using "time tree" structure to calculate time parameters.(4) EHR system is the future trend of medical information systems. It allows users ac-cess to electronic medical records in anytime at anywhere. Currently, EHR system is still in its infancy, and security and privacy issues are important problems when implementing EHR system. The thesis analyzes related security and privacy issues in EHR system, and proposes a practical three-tier security model based on an EHR usage instance. Finally, it gives detailed security and privacy analysis of each sub-tier and then discusses solutions for those security and privacy issues including the proposed remote anonymous attestation scheme and RBTBAC model.