云服务环境下知识发现与数据挖掘的安全与隐私保护关键技术

With the development of knowledge economy, information and knowledge is becoming a strategic resource for an organization as well as for a nation. Employing knowledge discovery and data mining technology to transform data into useful information and knowledge and securing such a strategic resource has been an important means for an organization to maintain and strengthen its competitiveness. The radical expansion of the internet, the exponential growth of data in volume, and the ever changing information technology, make it hard for an organization to cope with the radical development. More and more businesses are outsourcing their data storage and data mining services to a third party, i.e., resorting to cloud computation, which however is suffering from security and privacy threats and attacks, which can be categorized into security and privacy threats with respect to the content, and privacy threats with respect to the behavioural patterns of individuals. Such threats have been ever emerging and have not been well addressed yet. ..This research aims at proposing a suite of mechanisms to security and privacy protection for data mining services using cloud computing. In particular, this research considers three groups of parties, namely cloud service providers, data owners, and data users as well as three categories of components, namely cloud data storage, data mining services, and query services. Techniques based on the homomorphic encryption for addressing security threats with respect to the content, and algorithms for directly mining encrypted data will be studied. Privacy threats with respect to the content of business data, information, and knowledge will be further analyzed. Protection principles that allow a flexible trade-off between privacy and utility will be investigated. Privacy preserving techniques with high data utility that directly operate on encrypted data will be proposed. Principles for protecting the privacy with respect to the behavioural patterns of data owners and data users, and techniques based on anonymous channel, blind signature, and oblivious attribute certificate will also be investigated. Hopefully, the findings of this research will provide insights that are beneficial to the application of cloud computing in general.

随着知识经济时代的到来，运用数据挖掘和知识发现技术将各种数据转换成信息与知识并保障其安全，已成为提高一个组织乃至国家竞争力的核心。互联网规模急剧膨胀、应用数据量爆炸性增长、信息技术日益复杂，使得企业一方面更加重视数据挖掘与知识发现，另一方面因难以驾驭复杂的技术转而向云服务商外包数据存储与数据挖掘服务。这种基于云计算的知识发现与数据挖掘服务，在内容安全、内容隐私、行为隐私三个方面受到非常严峻的威胁。.针对由云服务商、数据所有者、用户三方以及云数据存储、云数据挖掘服务、云数据查询服务三大构件组成的架构，研究基于同态密码的内容安全技术、针对同态加密数据的挖掘算法；评估各类数据和挖掘结果的内容隐私风险，探讨灵活的保护原则，研究高效用的过滤技术，设计基于同态加密的内容隐私过滤算法；研究数据所有者和用户行为隐私保护原则，探讨基于密码协议的行为隐私保护技术。为基于云计算的数据挖掘服务提供关键技术。

随着知识经济时代的到来，运用数据挖掘和知识发现技术将各种数据转换成信息与知识并保障其安全，已成为提高一个组织乃至国家竞争力的核心。互联网规模急剧膨胀、应用数据量爆炸性增长、信息技术日益复杂，使得企业一方面更加重视数据挖掘与知识发现，另一方面因难以驾驭复杂的技术转而向云服务商外包数据存储与数据挖掘服务。这种基于云计算的知识发现与数据挖掘服务，在信息安全和隐私保护方面受到非常严峻的威胁。.本项目围绕云服务环境下开展知识发现与数据挖掘服务的问题，针对由云服务商、数据所有者、数据使用者三方以及云数据存储、云数据挖掘服务、云数据查询服务三大构件组成的架构，分别对基于云的数据挖掘服务、知识发现与数据挖掘的隐私保护、基于同态加密的信息安全与隐私保护、云端身份安全认证问题进行了深入研究，主要包括以下工作。.第一、构建云服务环境下知识发现与数据挖掘服务的计算平台模型。对基于云平台的数据挖掘模型进行深入探讨，设计挖掘频繁模式、高效用模式的基于云计算模型的算法。.第二、在前期研究的基础上，针对云计算环境下的内容隐私保护的多样性进行理论分析，探讨灵活的隐私保护原则，提出针对多值集合型的隐私保护算法，并设计实现基于云的全域隐私保护算法。.第三、对同态密码理论进行深入分析，提出以加密形式在云端存储数据、在加密形式下直接进行数据挖掘的同态算法，提出基于全同态加密和全域泛化的云端匿名处理方案。.第四、分析多种身份安全认证技术，设计应用同态加密的保护隐私的数据采集协议，提出适用于基于云的远程信息系统的安全认证协议和方案。