Research On Access Control And Application Of Personal Privacy Disclosure

Traditional access control models are hard to restrain the malicious behavior of authorized users.The data storage platform that makes use of this kind of access control mechanism faces the risk of privacy leakage.With the rapid development of big data, Hadoop platform has become one of the most popular big data processing platform, which uses the Kerberos mechanism for access control is also facing the risk of privacy leaks. In this paper, we mainly study the dynamic access control based on risk and the improvement of access control mechanism for the Hadoop platform, and implement a risk access control model based on Hadoop platform for privacy protection. Specific research content can be divided into the following three parts:(1) In this paper, a model of access control based on risk is proposed. Consider the risk of late behavior of users, a risk function of information entropy and dynamic alocation of risk threshold is designed from users' historical behavior based on setting the tag of subject and object. Furthermore, we present the tracking chain of risk and adjust the users' access authority dynamically according to the risk value and its volatility.(2) A detailed analysis of the Hadoop data platform Kerberos access control model based on the existing HDFS, namely access strategy and YARN access strategy, points out the existing problems of privacy access control mechanism:In the authentication token, Users have access to the masterKey can not belong to their own access to the scope of the data. In the authorization token, Clear text transmission is easy to leak personal privacy. In this paper, based on fine-grained access control to improve the authentication token(Delegation_Token), and through symmetric encryption to encrypt the authorized token(Block_Access_Token) encryption.(3) This paper gives the design and implementation of privacy risk access control system, and the overall risk of the access control framework based on medical data privacy protection scene design; Then the whole system is realized based on Spark, Streaming Oozie and other technologies; Finally, based on the honest and curious doctor's access behavior record, compare the risk value of both sides and test the overall performance of the system.