计算机应用 ›› 2020, Vol. 40 ›› Issue (8): 2268-2273.DOI: 10.11772/j.issn.1001-9081.2020010113

• 网络空间安全 • 上一篇    下一篇

云计算环境下的双通道数据动态加密策略

吕佳玉1,2, 竺智荣1,2, 姚志强1,2   

  1. 1. 福建师范大学 数学与信息学院, 福州 350108;
    2. 福建省公共服务大数据挖掘与应用工程技术研究中心(福建师范大学), 福州 350108
  • 收稿日期:2020-02-10 修回日期:2020-04-10 出版日期:2020-08-10 发布日期:2020-04-16
  • 通讯作者: 吕佳玉(1995-),女,辽宁盖州人,硕士研究生,主要研究方向:云安全与隐私;854633543@qq.com
  • 作者简介:竺智荣(1992-),男,福建三明人,硕士研究生,主要研究方向:应用密码学;姚志强(1967-),男,福建莆田人,教授,博士,CCF高级会员,主要研究方向:信息安全。
  • 基金资助:
    国家自然科学基金资助项目(61872090,61972096)。

Two-channel dynamic data encryption strategy in cloud computing environment

LYU Jiayu1,2, ZHU Zhirong1,2, YAO Zhiqiang1,2   

  1. 1. College of Mathematics and Informatics, Fujian Normal University, Fuzhou Fujian 350108, China;
    2. Fujian Engineering Research Center of Public Service Big Data Mining and Applications(Fujian Normal University), Fuzhou Fujian 350108, China
  • Received:2020-02-10 Revised:2020-04-10 Online:2020-08-10 Published:2020-04-16
  • Supported by:
    This work is partially supported by the National Natural Science Foundation of China (61872090,61972096).

摘要: 在移动端设备性能有限的情况下,针对数据传输效率与隐私保护之间的矛盾,提出基于贪心算法的双通道动态加密策略(TDES)对数据包进行选择性加密,旨在有限时间内最大化数据包隐私权重总和。首先,根据数据包的隐私权重将数据包大致分为两类;然后,针对不同类别数据包的隐私权重和加密时间分别计算权重排序表并降序排列,两类数据包对应两个传输通路,对隐私权重最大的数据包进行加密传输,直至传输时间结束;最后,检查通道内部剩余时间,调整部分数据包的传输通路,直至剩余时间不足以对任何数据包进行加密传输。在仿真数据包传输实验中,分别与D2ES和贪心算法进行比较,在相同时间限制下,所提策略的总隐私权重分别提高了9.5%和10.3%,运行时间分别降低了10.8%和8.5%。实验结果表明,TDES的计算时间更短,效率更高,能够很好地平衡数据安全和设备性能。

关键词: 隐私保护, 时间限制, 传输效率, 数据包隐私权重, 云计算

Abstract: In the case of limited mobile device performance, a Two-channel Dynamic Encryption Strategy (TDES) based on greedy algorithm was proposed to perform selective encryption to the data packet, so as to maximize the total privacy weight of packets in a limited time. First, the data packets were roughly classified into two categories according to the privacy weight of the data packets. Then, the weight ranking table was calculated by the privacy weight and the encryption time of the different data packets and sorted in descending order.The two types of data packets corresponded to two transmission channels, and the packet with the maximum privacy weight was encrypted for transmission until at the end of the transmission time. Finally, the remaining time inside the channel was checked, and the transmission channels of some packets were adjusted until the remaining time was less than the encryption time of any packet. The simulation of packet transmission tests shows that compared with Dynamic Data Encryption Strategy (D2ES) and greedy algorithm under the same time limit, the total privacy weight of the proposed strategy was increased by 9.5% and 10.3%, and the running time of the proposed strategy was reduced by 10.8% and 8.5%. Experimental results verify that the proposed TDES has shorter computation time and higher efficiency, which can well balance data security and equipment performance.

Key words: privacy protection, time constraint, transmission efficiency, packet privacy weight, cloud computing

中图分类号: