项目名称: 移动云服务中的隐私保护与安全保障机制研究
项目编号: No.U1401258
项目类型: 联合基金项目
立项/批准年度: 2015
项目学科: 管理科学
项目作者: 须成忠
作者单位: 中国科学院深圳先进技术研究院
项目金额: 240万元
中文摘要: 移动云服务为用户数据的高效存储和便捷使用提供了新的解决方案。然而,移动云服务环境下终端用户缺乏对数据的直接控制,数据的隐私保护和安全保障成为用户关心的热点问题。移动云服务的数据资源规模巨大,终端用户隐私需求各异且具有高度动态性,这给安全和隐私带来巨大挑战。本项目拟对移动云服务中的隐私保护和安全保障机制进行研究。构建移动云服务中数据全生命周期的安全模型,研究数据的安全存储、安全动态更新和安全销毁方法。研究移动云服务中的轻量级数据安全保障机制,设计安全高效的数据加密、验证及访问控制策略,有效保证数据的私密性和完整性。采用模型检测和最优化理论研究隐私保护策略验证与调整,增强移动云服务的隐私保护水平。研究合适的可用性评估模型,评价各安全措施的实施对系统可用性带来的影响,对安全隐私保护方案进行多目标平衡和优化。本项目的研究将为移动云服务中的隐私保护和安全保障提供新的理论和方法。
中文关键词: 移动云服务;隐私保护;安全保障
英文摘要: The mobile cloud service provides a new solution for the efficeint storage and convenient use of user data. However, terminal users lack direct control of data in mobile cloud service environment, which makes data privacy and security protection become the main concern of terminal users. In mobile cloud service, data resources are huge and the privacy requirements of the terminal users are different and highly dynamic, which brings great challenges to the security and privacy protection in mobile cloud service. This project intends to study the theory and technology of security and privacy in mobile cloud service. We will build the full life-cycle security model of data in mobile cloud service, and study security storage, the secure dynamic update and destruction methods of data. We will study lightweight data security mechanism in mobile cloud service and design safe and efficient data encryption, authentication and access control policies to effectively guarantee the privacy and integrity of the data in mobile cloud service. We will employ model checking and optimization thoery to study the verification and adjustment of privacy protection policies, enhancing the privacy protection standard in mobile cloud service. We will present utility assessment model and evaluate the impact on system availability brought by enforcement of the security countermeasures, achieving multi-objective balance and optimazation of security privacy protection scheme. The research of this project will provide new theories and methods for privacy and security protection in mobile cloud service, and provide technical support for the application and promotion of mobile cloud service.
英文关键词: mobile cloud service;privacy protection;security insurance