بحث ها و چالش ها در مورد حفاظت از حریم خصوصی در رایانش ابری
Abstract
1- Introduction
2- Privacy security of cloud computing
3- Access control in cloud computing
4- ABE in cloud computing
5- Searchable encryption
6- Combination technologies in cloud privacy
7- Challenges and future directions
8- Summary
References
Abstract
With the development of cloud computing, privacy security issues have become increasingly prominent, which is of concern to industry and academia. We review the research progress on privacy security issues from the perspective of several privacy security protection technologies in cloud computing. First, we introduce some privacy security risks of cloud computing and propose a comprehensive privacy security protection framework. Second, we show and discuss the research progress of several technologies, such as access control; ciphertext policy attribute-based encryption (CP-ABE); key policy attribute-based encryption (KP-ABE); the fine-grain, multi-authority, revocation mechanism; the trace mechanism; proxy re-encryption (PRE); hierarchical encryption; searchable encryption (SE); and multi-tenant, trust, and a combination of multiple technologies, and then compare and analyze the characteristics and application scope of typical schemes. Last, we discuss current challenges and highlight possible future research directions.
Challenges
Via analysis and contrast, we observe that cloud computing security protection work has achieved satisfactory research results. However, many problems remain, which prompt the consideration of a variety of security factors and continuous improvements in defense technology and security strategies. 1 All kinds of attacks are generally based on the defects of cloud infrastructure in a system management program. Different attack methods are adopted to enhance the operation authority or steal sensitive data. 2 To better defend cross-virtual machine side channel attacks, researchers should pay more attention to the forms of virtual machine attacks in the process of cloud migration, such as malicious theft of privacy information. 3 Design a security defense policy that can be independent of CSP to effectively limit the abuse of rights. In the process of security defense, researchers should also pay attention to the negative impact of defense schemes on the performance of public clouds. 4 The protection degree of sharing algorithms to a user's identity privacy needs improvement. The unidirectional and transitive characteristics of the proxy re-encryption algorithm need to be further investigated, while the efficiency of an attribute encryption algorithm in dynamic permission management is usually poor. 5 Recyclability proves that prevention of the illegal deletion of file level or block level cloud data and improved audit efficiency in the case of data updates are urgent. 6 Privacy requirements and service level agreements (SLAs). Hidden dangers of unintentional or malicious disclosure of user privacy exist in an SLA. Therefore, privacy modeling and verification, consistency detection, privacy description, and implementation are the key issues to be solved.