面向云大数据信息聚合推导与控制技术研究

项目名称： 面向云大数据信息聚合推导与控制技术研究

项目编号： No.61502531

项目类型： 青年科学基金项目

立项/批准年度： 2016

项目学科： 自动化技术、计算机技术

项目作者： 曹利峰

作者单位： 中国人民解放军战略支援部队信息工程大学

项目金额： 20万元

中文摘要： 随着云计算服务的应用,海量数据正在以前所未有的规模聚集,大数据已经成为当今信息技术关注的焦点.但是,由于云大数据存在着类型多、关系复杂及敏感度不同等特点,致使云环境下存在着由于数据聚合而引起信息泄露的问题.针对这一问题,本项目将从两个方面着手研究.一是通过分析大数据类型、关联关系,结合云模型,研究大数据在特征级、数据级以及决策级聚合推导分析方法,推演出数据客体聚合推导出更高级别信息的可能性,进而研究主体共谋攻击,降低授权主体合谋推导高级别信息的风险.二是通过研究安全标签与数据客体、虚拟机、网络数据流的绑定方法, 构建基于多维控制的云数据流控制模型,实现租户数据的相互隔离,实施用户对数据的多级安全控制, 以降低云大数据聚合泄露的风险.本项目期望在云大数据聚合推导控制方面取得进展，其成果将有助于云大数据的控制与管理,为大数据化境下个人隐私安全、国家安全提供必要的理论与技术支撑.

中文关键词： 云计算；大数据；聚合推导；安全标签绑定；访问控制

英文摘要： With the use of cloud computing services, massive data is gathered in amazing scale. Big data is already central issue in information technology. But big data in cloud computing has the characteristics of multi types, complex relationship and different sensitivity etc., information leakage by data object aggregation is in cloud computing. To solve this problem, this project will be research on the two aspects. Firstly, aggregation inference on feature level, data level and decision level is studied by analyzing type and relationship of big data, the aim of which is to compute probability of higher level information inferred by aggregation. According to the probability, restricted access of data objects is accomplished, and the defense of collusion attack among subjects is studied in order to reduce the risk of Authorized subject collusion derived high level information. Secondly, the binding between secure label and data object, virtual machine and data stream is studied, the aim of which is accomplish mutual isolation among tenant data and multi-level security control. Then, the model about data stream control in cloud computing based multidimensional control is established in order to reduce the risk on aggregation leakage of big data. This project is expected to be having some progress with aggregation inference control. Its scientific research fruition may contribute to big data control and management, and theoretical and technical support for privacy security and national security in big data environment.

英文关键词： cloud computing;big data;aggregation inferrence;seucre label binding;access control