Data Privacy Protection Research In Cloud Computing Environment

Cloud computing supplies dynamic, extensible large-scale computing and storage services for remote cloud users in a simple, transparent way, has become a research hotspot in the field of information nowadays.However, since the user’s data and applications are storage and executed in a not fully trusted cloud service, the problem of data security and privacy protection problem in cloud environment is increasingly outstanding.First of all, in the current cloud services market, with the various kind and uneven quality of services, the services’ capability of data privacy protection is difficult to quantify. Thus, it is difficult for users to select a cloud services with a high capability of data privacy protection. Second, in the cloud environment, except the protection need of sensitivity data, users also need to prevent the reveal of its identity and attribute privacy from malicious cloud service providers or the attacker by monitoring the user action or attribute correlation analysis methods. Finally, the access control policy of private information is also storage and perform in the "cloud", the attacker is still likely to tamper with it, and user is difficult to ensure that the cloud service provider is faithfully abide by the policy.Aiming at these problems, this paper, based on existing research, builds a framework of data privacy protection in cloud environment, which aims at to ensure the security of user privacy from the aspects of cloud services selection, access control and strategy implementation.The main research work are as follows:1. This paper puts forward a privacy-aware cloud service selection method toward data life-cycle. The method adopts a third party and analysis the security mechanism which effect the cloud service’s capability of privacy protection base on the data life-cycle, and gives a cloud service selection evaluation index system. Then based on the evaluation index system, it uses analytic hierarchy process(AHP) and fuzzy comprehensive evaluation methods to analysis and quantify the cloud services’ capability of data privacy protection, finally calculate the capability of each service and recommend to users with the best one. An example analysis is given, and with the comparison of baseline method, the validity and efficiency of the proposed method is proved.2. This paper proposes an anonymous access control method based on attribute fuzzy grouping in the cloud environment. Face to the three stagesuser registration, data creation and data access, this method supplies direct or anonymous access modes, and transform access entity, policy and user requests based on trusted third party by attribute fuzzy grouping technique. Meanwhile, this method uses access control interactive protocol standardized the interaction behavior among the user, trust third part and cloud service. And a billing solution is given in view of the existing researches can’t solve the problem of anonymous billing. Finally, instance, performance and security analysis proves the safety and efficiency of themethod.3. This paper presents a trusted execution method of privacy policy in cloud computing environment. To satisfy the data privacy protection need under the condition of diversified and multi-tenant cloud environment, this part gives privacy policy distributed execution method based on the idea of policy-driven, which is more advantageous to implement the flexibility of privacy protection. In addition, by combining with the trusted computing technology, a privacy policy implementation and guarantee method is put forward to ensure the credibility and integrity of each distributed node’s code in execution, so as to guarantee the reliable implementation of privacy policy.