| The advent of the era of big data makes a variety of network services fill people's lives.While people are enjoying the convenience brought by Internet technology and the change of life style,the risks to data security also creep in.In order to provide a convenient service,it is very common for service providers to collect a large amount of user data including personal sensitive information before and during service delivery.In this process,the processing and use of large amounts of data collected brings a series of security and privacy problems,which causes people to worry about the security of personal privacy information.Privacy is different from other concepts or categories.It is closely related to the subjective thoughts of the subject and cannot uniformly define the scope and importance of privacy.Therefore,personalized privacy solution is the right direction to solve the privacy problem.Traditional privacy-based access control systems cannot provide personalized privacy protection solutions for data providers because they cannot accurately measure and control the privacy of protected data.With Internet users increasingly worried about privacy,a single privacy protocol cannot meet the demand.Access control is one of the important technologies to guarantee data security.It has become a common method to use access control to restrict the behavior of data visitors.The traditional access control model solves the problem of authorization of data access,prevents the access of illegal users and the illegal access of legitimate users,and ensures the authorized access of data in a secure and controllable environment.A privacy-oriented access control scheme is proposed to solve the privacy problem in the process of security authorization.Based on the personalized privacy modeling of access object,the personalized privacy policy is extracted and applied to the access control process to make the authorization process controllable to the content privacy.On the one hand,through personalized modeling,the access control system can improve the data perception ability,and enhance the service friendliness and flexibility.On the other hand,the dynamic privacy policy ADAPTS to the access behavior of the subject,effectively solves the problem of inferential attack by malicious access,strengthens the privacy security of access control system,protects the loss of object users and identifies malicious behaviors.The main research contents and results of this paper are as follows:(1)proposed the ontology-based personalized inference quantitative calculation algorithm.Based on the concept of abstract sensitivity,traversal calculation and weight assignment are carried out for the structural concept in the knowledge graph,so as to obtain the leakage degree of the group abstract concept related to the path to the sensitive concept.Starting from limited sensitive information,this paper expands a small number of privacy sensitive requirements into a quantitative privacy description containing a large amount of knowledge,and forms a scientific abstract concept model.(2)propose a personalized privacy model for access objects.Combined with the abstract concept model provided by the inference algorithm,the data content is analyzed and perceived,and the abstract concept is materialized.Generate a content privacy-oriented quantitative model that meets the needs of personalization.It lays a foundation for dynamically generating the policy of reading object privacy model in access control stage.(3)a history-driven dynamic access control model is proposed.According to the historical authorization records of access subjects and the data privacy applied for authorization,access policies are dynamically generated and an access control model for authorization decisions is generated.This model monitors the behavior of the object user from the perspective of the subject,and manages the authorization of the sensitive content of the access object driven by the historical authorization record.(4)put forward the Semantic Inference Based Access Control for Privacy Protection(SIBAC).The validity and feasibility of the model are verified by experiments.The superiority of the model is verified by the comparison experiment.On the basis of experiment,the prototype system is completed and realized.The experimental results show that the SIBAC based on semantic inference can effectively identify the privacy content of text data and build a personalized privacy model,and finally be used for access control authorization management.It effectively solves the concern of privacy disclosure in access control process and improves the privacy sensitivity and the effectiveness of resource sharing in access control process. |
PDF Full Text Request