面向云计算的新型生物密钥技术研究

Cloud computing has been widely applied as a new computing paradigm. However, it is more difficult to keep the security of data stored in cloud computing because of its open access property. As a result, new security challenges arise in cloud computing environment and traditional security techniques cannot be secure enough, including personal passwords and other security techniques. The biological key extracts the key from users' unique biometric features, without requirement of memory and ease to use. However, the traditional bio-key's stability and the strength is low. Thus, it cannot replace personal password to enhance cloud computing security. This proposal focuses on the new high-intensity bio-key generation technology, including: 1) Research on biometric spatial generation algorithm, based on deep network and other models to analyze the biological characteristics of deep information, design more stable feature space generation method. 2) Study the biometric spatial order and capacity expansion algorithm, mining the blind alignment and large-capacity key extraction space by means of signal intelligent alignment and multi-mode fusion optimization. 3) Study of biological key generation theory, the bio-key generation theory model is proposed to realize the biometric precision projection control, effective separation and key stability extraction by means of characteristic nonlinear clustering and high dimensional space projection separation. 4) To study the bio-key management for cloud computing application, and constructs various bio-key-based cloud security protocols using techniques such as random mapping and structural rearrangement. Through the research of this project, it aims to promote bio-key cloud computing application and enhance cloud system security.

云计算作为一种新型的计算模式已得到广泛应用，然而其开放访问等特点使用户存储数据易被泄露，导致个人口令等安全措施在云环境下面临严峻的安全挑战。生物密钥从用户独有的生物特征中提取密钥，具有无需记忆、易使用等优点，然而传统生物密钥稳定性差及强度低等弱点，无法有效替代个人口令增强云计算安全。本课题围绕面向云计算的新型高强度生物密钥生成技术进行研究，具体包括：1）基于深网等模型分析生物特征深层信息，设计更稳定的生物特征空间生成算法；2）研究生物特征空间次序化与容量扩展算法，运用信号智能对齐及多模融合优化等方法挖掘盲对齐、大容量密钥提取空间；3）提出生物密钥生成理论与算法，通过高维空间投影等方法实现生物特征精确投影控制、有效分离和密钥稳定提取；4）研究面向云计算的生物密钥应用，利用随机映射和结构重排等技术构造各种基于生物密钥的云安全协议。通过课题的研究成果，推动生物密钥云计算应用，增强云环境系统安全。

随着人们信息安全意识的增强，安全地身份认证、随时随地的泛在加密需求日趋强烈。高强度、可撤销的生物密钥生成技术有望同时解决以上两个问题，即用户无需记忆，由自身的生物特征直接生成高强度密钥> 1024bit，随机性优良，使得口令猜测攻击成功概率几乎为0。本项目围绕生物密钥泛在加密技术及网络流量安全检测进行研究，具体包括：1）生物特征高维空间投影研究；2）高准确、高强度生物密钥生成研究；3）自然语言语义密钥生成及基于生物密钥、语义密钥的泛在加密技术研究；4）基于语义变换的网络流量入侵检测技术研究。通过项目的研究，提出了高强度、高稳定生物密钥生成理论与技术，给出了生物密钥生成模型。并基于生物密钥技术，提出了语义密钥生成模型与技术，泛在加密概念与技术。研发了初级的人脸生物密钥生成原型系统，后续将继续研究把生物密钥泛在加密技术实用化，推动云端数据安全共享应用，增强网络环境隐私安全。