基于敏感等级的云租户数据安全保护模型研究

为云计算提供有效的租户数据安全保护，提出一个第三方租户数据安全保护模型，解决租户数据的存储和检索安 全问题. 模型采用隐藏数据间关系的方法，对租户数据进行切片，利用单向函数混淆切片关系；结合租户对数 据的隐私需求和安全等级定义，给出租户数据的分级方法；依据安全等级对分割后的子表内容进行局部加密或匿名，实 现云端数据存储安全；结合私有信息检索技术，利用云端加密数据的关键字检索算法，隐藏租户搜索请求，保护云端数据 的检索安全. 实验表明，该模型能满足租户数据在未知云环境中的存储和检索安全要求.

Cloud tenants-oriented data security protection model based on data sensitivity grading

In order to provide effective security protection for tenants' data in cloud computing applications, a third-party security tenant's data protection model is proposed to solve the security problems of cloud tenants data storage and retrieval. Data relationship hiding method is conducted in this model, that is to say the tenants' data is firstly sliced and then one-way function is employed to confuse the relationship between these different data slices. According to the demand for data privacy as well as the security grade definition, a data security grading scheme is further proposed, and the data storage security can be guaranteed by utilizing some encryption and anonymization on the data in sub-tables segmented by the security grading scheme. Combining with private information retrieval method, a keyword retrieval algorithm on the encrypted data is also proposed to protect the cloud data demand privacy security from tenants. The experimental results show the proposed model can well meet the security requirements of tenants' data storage and retrieval in cloud.