面向大数据的非结构化数据安全保障技术研究
|
摘要
针对大数据的非结构化数据安全问题,基于数据类型和数据敏感度级别,提出了一种保障非结构化数据安全的方法.首先,通过数据分析获取所需数据类型和敏感度级别,并构建数据库的数据节点.其次,为数据节点提供安全算法,这些安全算法与数据节点交互形成安全套件.再次,通过接口的调度算法为非结构化数据提供足够的安全性,以及降低系统的开销和提高访问效率.最后,通过实验表明该方法在能够充分地保障大数据安全的前提下,系统的时间开销不超过传统方法的52.85%.
Aiming at the problem of unstructured data security, a method to guarantee unstructured data security is proposed by considering types of data and their sensitivity levels. Firstly, types of data and their sensitivity levels are obtained through different analysis methods of data, and then the data nodes of the database are constructed. Secondly, security algorithms are designed for data nodes. These security algorithms interact with data nodes to form security suites. Thirdly, the security suite provides enough security for unstructured datathrough the scheduling algorithm of the interface, as well as reducing the overhead of the system and improving access efficiency. Finally, the experiment shows that this method can guarantee the security of large data fully, and the time cost of the system does not exceed 52.85% of the traditional processing time.
Aiming at the problem of unstructured data security, a method to guarantee unstructured data security is proposed by considering types of data and their sensitivity levels. Firstly, types of data and their sensitivity levels are obtained through different analysis methods of data, and then the data nodes of the database are constructed. Secondly, security algorithms are designed for data nodes. These security algorithms interact with data nodes to form security suites. Thirdly, the security suite provides enough security for unstructured datathrough the scheduling algorithm of the interface, as well as reducing the overhead of the system and improving access efficiency. Finally, the experiment shows that this method can guarantee the security of large data fully, and the time cost of the system does not exceed 52.85% of the traditional processing time.
引文
[1] ITANI W,KAYSSI A,CHEHAB A.Privacy as a Service:Privacy-Aware Data Storage and Processing in Cloud Computing Architectures[C]//The 8th IEEE International Symposium on Dependable,Autonomic and Secure Computing.Washington DC,USA:IEEE Computer Society,2009:711-716.
[2] CREESE S,HOPKINIS P,PEARSON S.Data Protection-Aware Design for Cloud Services[M].Germany:Springer Berlin Heidelberg,2014.
[3] PARAKH A,KAK S.Space efficient secret sharing for implicit data security[J].Information Science,2011,181(2):335-341.
[4] CATELANO D.Paillier's Cryptosystem Revisited[C]//In Proceedings of the 8th ACM conference on Computer and Communications Security.Philadelphia,PA,USA:Association for Computing Machinery,2001:206-214.
[5] BENDLIN R,DAMGARD I.Semi-Homomorphic Encryption and Multiparty Computation[M].Mrmany:Springer Berlin Heidelberg,2011:302-310.
[6] GENTRY C.A Fully Homomorphic Encryption Scheme[D].Virginia:Standford University,2009:120-131.
[7] 王杰,陈志刚,钱漫匀,等.面向云隐私保护的5A问责制协议设计[J].南京邮电大学学报(自然科学版),2018,38(6):68-76.
[8] 刘莎,谭良.Hadoop 云平台中基于信任的访问控制模型[J].计算机科学,2014,41(5):155-163.
[9] 张敬伦,张永生,高丽琴.基于内网数据安全防护引擎的安全架构设计[J].通信技术,2017,50(1):158-161.
[2] CREESE S,HOPKINIS P,PEARSON S.Data Protection-Aware Design for Cloud Services[M].Germany:Springer Berlin Heidelberg,2014.
[3] PARAKH A,KAK S.Space efficient secret sharing for implicit data security[J].Information Science,2011,181(2):335-341.
[4] CATELANO D.Paillier's Cryptosystem Revisited[C]//In Proceedings of the 8th ACM conference on Computer and Communications Security.Philadelphia,PA,USA:Association for Computing Machinery,2001:206-214.
[5] BENDLIN R,DAMGARD I.Semi-Homomorphic Encryption and Multiparty Computation[M].Mrmany:Springer Berlin Heidelberg,2011:302-310.
[6] GENTRY C.A Fully Homomorphic Encryption Scheme[D].Virginia:Standford University,2009:120-131.
[7] 王杰,陈志刚,钱漫匀,等.面向云隐私保护的5A问责制协议设计[J].南京邮电大学学报(自然科学版),2018,38(6):68-76.
[8] 刘莎,谭良.Hadoop 云平台中基于信任的访问控制模型[J].计算机科学,2014,41(5):155-163.
[9] 张敬伦,张永生,高丽琴.基于内网数据安全防护引擎的安全架构设计[J].通信技术,2017,50(1):158-161.