共查询到20条相似文献,搜索用时 15 毫秒
1.
2.
近年来,智能终端和无线网络的快速发展使电力物联网终端设备和数据量呈指数级增长。这些数据资源已成为电力企业的重要资产,能够显著提升电网的智能感知、内控能力和客户服务效率。但作为国家关键基础设施的核心要素,电力数据极易成为网络攻击目标,一旦泄露会带来重大安全风险和经济损失。因此,电力企业需加强数据安全防护,解决数据交换共享和数据挖掘中的安全问题。本文提出一种云边协同的智能电网数据安全共享方案,通过结合零知识证明技术与秘密共享方案,实现细粒度访问控制和用户访问需求隐私保护。仿真结果表明,本文进行分布式数据访问验证所需时间不超过48 ms,该算法具有较好的性能。 相似文献
3.
针对企业迁入云中面临的资源管理的有效性和安全性问题,提出了专门针对私有云下的全面的身份与管理解决方案。方案从身份管理、隐私保护、单点登录以及访问控制角度出发,分别使用数据同步服务、多重手段认证、SAML2.0规范引入以及XACML协议与RBAC模型相结合等技术手段实现云环境下集成化、一站式的身份与访问安全管理。该方案结合多种技术手段,有效解决了企业迁入云中后面临的安全管理风险,提高了企业的资源管理效率。 相似文献
4.
5.
在如今以服务为导向的各种信息系统中,跨域访问已经变得越来越普及,现存的一些跨域访问模型要么不实用,要么不适合Web Service。通过提出一种易于扩展的轻量级跨域访问控制框架实现RESTful Web服务构架的跨域访问控制和代理,达到了跨域访问交互双方无需预定义信任关系,该框架还结合已有的Web安全技术实现扩展安全策略执行,并以微小系统开销实现跨域交互的隐私保护。最后实现了一个原型演示系统证实了该框架在SOA构架中跨域访问的可行性。 相似文献
6.
7.
Web services collaborative environments are highly automatic, dynamic, and heterogeneous. These characteristics always lead to high risks of services for interaction participants. Hence, it becomes one of the most important things to guarantee that the private information in cross-domain services is not illegally collected, used, disclosed or stored when the Web services are required to combine secure composition. This paper proposes the privacy-aware role based access control model for Web services composition (WSC-PRBAC), which provides protection for private data of users in composite service. The element services are divided into local services and outside services. Because the local service is authorized by users, it is exactly different from other services in the composition. To avoid sending private information to other outside services directly, we define global roles to help access these data in local service. Using global roles can realize a more strict control of the private data. In the end, the experiment and analysis of the proposed model show its and efficiency. 相似文献
8.
在信息收集频繁化、普遍化的今天,由用户制定隐私策略、自主控制个人信息访问的方式,可以最大程度满足用户的隐私保护需求。构建的隐私本体,客观反映了隐私保护领域普遍认可的知识,体现了用户最根本的隐私保护需求。基于隐私本体的个性化访问控制模型采用基于隐私本体的通用策略与个性策略相结合的模式,通过多级链式激活的方式实现用户不同粒度、灵活多变的个性化隐私保护需求。 相似文献
9.
Because of the requirements of stringent latency, high‐connection density, and massive devices concurrent connection, the design of the security and efficient access authentication for massive devices is the key point to guarantee the application security under the future fifth Generation (5G) systems. The current access authentication mechanism proposed by 3rd Generation Partnership Project (3GPP) requires each device to execute the full access authentication process, which can not only incur a lot of protocol attacks but also result in signaling congestion on key nodes in 5G core networks when sea of devices concurrently request to access into the networks. In this paper, we design an efficient and secure privacy‐preservation access authentication scheme for massive devices in 5G wireless networks based on aggregation message authentication code (AMAC) technique. Our proposed scheme can accomplish the access authentication between massive devices and the network at the same time negotiate a distinct secret key between each device and the network. In addition, our proposed scheme can withstand a lot of protocol attacks including interior forgery attacks and DoS attacks and achieve identity privacy protection and group member update without sacrificing the efficiency. The Burrows Abadi Needham (BAN) logic and the formal verification tool: Automated Validation of Internet Security Protocols and Applications (AVISPA) and Security Protocol ANimator for AVISPA (SPAN) are employed to demonstrate the security of our proposed scheme. 相似文献
10.
针对主动毫米波成像安检系统的个人隐私保护问题,提出了一种不受身高、站姿影响的毫米波人体图像隐私保护算法.通过预处理将毫米波图像背景噪声弱化,增加人体目标边缘细节.使用二值化和形态学处理进一步区分背景与人体目标,根据身高划分的人体部位比例与像素点遍历求最值法实现隐私部位的初步定位,可以满足标准站姿下不同身高受检人的隐私部位定位需求.算法所包含的定位复查校准模块通过对隐私位置条件的循环判断与调整,解决了非标准站姿下隐私部位的定位.最后,根据已定位的坐标进行模糊化处理,实现保护受检人隐私的功能.算法已应用于实际产品,与常规隐私保护算法相比,可移植性高,运行速度快,定位准确 相似文献
11.
While providing plenty of convenience for users in daily life, the increasingly popular location-based ser-vice(LBS) posed a serious threat to users' privacy. The research about privacy-preserving techniques for LBS is becoming a hot spot, and there are a large number of research results. First, background information of privacy protection for LBS was introduced, including application scenarios of LBS, the LBS framework, objects of privacy protection and system architectures of privacy protection. Second, adversary models and metrics for privacy protection in LBS was discussed. Third, four types of privacy-preserving techniques based on generalization and obfuscation for LBS were analyzed and summarized thoroughly. Finally, the potential research directions for privacy-preserving techniques for LBS in the future were shown. 相似文献
12.
由于社会分工和资源共享的必然,公共云平台必将成为和电网、互联网等同等重要的国家基础设施。云计算面临的安全问题制约着云计算的广泛使用。数据安全在云计算中尤为重要,如何保证数据的安全性是云计算安全的核心。从数据的隐私保护计算、数据处理结果的完整性认证、数据访问权限控制以及数据的物理安全4个方面对已有研究工作进行了分类和总结,为后续云计算中数据的安全性研究提供参照。 相似文献
13.
14.
15.
YING Zuobin SI Yuanping MA Jianfeng JIANG Wenjie XU Shengmin LIU Ximeng 《电子学报:英文版》2021,30(2):219-231
Electronic health record (EHR), as the core of the e-healthcare system, is an electronic version of patient medical history, which records personal health-related information. EHR embodies the value of disease monitoring through large-scale sharing via the Cloud service provider (CSP). However, the health data-centric feature makes EHR more preferable to the adversaries compared with other outsourcing data. Moreover, there may even be malicious users who deliberately leak their access privileges for benefits. An e-healthcare system with a black-box traceable and robust data security mechanism is presented for the first time. Specifically, we propose an effective P2HBT, which can perform fine-grained access control on encrypted EHRs, prevent the leakage of privacy contained in access policies, and support tracing of traitors. Under the standard model, the scheme is proved fully secure. Performance analysis demonstrates that P2HBT can achieve the design goals and outperform existing schemes in terms of storage and computation overhead. 相似文献
16.
17.
基于PBAC模型和IBE的医疗数据访问控制方案 总被引:1,自引:0,他引:1
医疗卫生领域形成的医疗大数据中包含了大量的个人隐私信息,面临着外部攻击和内部泄密的潜在安全隐患。传统的访问控制模型没有考虑用户访问目的在侧重数据隐私的访问控制中的重要作用,现有的对称、非对称加密技术又都存在密钥管理、证书管理复杂的问题。针对这些问题,提出了综合应用PBAC模型和IBE加密技术的访问控制方案,支持针对医疗数据密文的灵活访问控制。通过加入条件目的概念对PBAC模型进行扩展,实现了对目的树的全覆盖;以病患ID、条件访问位和预期目的作为IBE身份公钥进行病患数据加密,只有通过认证并且访问目的符合预期的用户才能获得相应的私钥和加密数据,从而实现对病患信息的访问。实验结果证明,该方案达到了细粒度访问控制和隐私保护的目的,并具有较好的性能。 相似文献
18.
19.
LI En-ling SONG Lin-hong YANG Dang-qiang XUE Ying CHU MengScience School Xi'an University of Technology Xi'an P.R. China 《中国邮电高校学报(英文版)》2006,13(1):71-74
1IntroductionThe demandfor portable wireless communication sys-temsis driven bythe expansion of personal andcommer-cial wireless services[1~4].As a result,the design ofportable handsetsfollows trends that includelower cost,longer battery life,smaller size… 相似文献
20.
Aiming at the problem that in the private sensitive date centralized and opening information systems,a fine-grained and self-adaptive access control model for privacy preserving is desperately needed,thus the balance between privacy preserving and data access utility should be achieved,a rational multi-player risk-adaptive based access control model for privacy preserving was proposed.Firstly,the privacy risk values of access request and requester were formulized by the private information quantity of the requested dataset,and by using Shannon information.Secondly,a risk-adaptive based access control evolutionary game model was constructed by using evolutionary game under the supposing of bounded rational players.Furthermore,dynamic strategies of participants were analyzed by using replicator dynamics equation,and the method of choosing evolutionary stable strategy was proposed.Simulation and comparison results show that,the proposed model is effective to dynamically and adaptively preserve privacy and more risk adaptive,and dynamic evolutionary access strategies of the bounded rational participants are more suitable for practical scenarios. 相似文献