上传
透明度(行为)
访问控制
云计算
计算机安全
计算机科学
块链
1998年数据保护法
互联网隐私
万维网
操作系统
作者
Zhen Yang,Yingying Chen,Yudong Huang,Xing Li
出处
期刊:Advances in Computers
日期:2021-01-01
卷期号:: 195-231
被引量:2
标识
DOI:10.1016/bs.adcom.2020.09.004
摘要
To protect personal sensitive data in cloud computing environment, certain issues need to be addressed, including data ownership, fine-grained access control, transparency and auditability. While many models have been explored to address these issues, among most of which, some components, such as Cloud Service Provider (CSP) are required to be trusted. In this chapter, we introduce a trust-free data access model for personal sensitive data protection in the cloud environment. In our model, an access control mechanism is constructed based on the Ethereum blockchain, which requires no trusted party. The smart contract enables fine-grained access control for cloud data based on the blockchain. Data operations including uploading, updating and downloading can be automated processed and logged in our model to ensure transparency and auditability. Comparisons between our model and existing models show that our trust-free model fulfills all requirements on personal sensitive data protection, and brings no extra security risks. Moreover, our model has less burden for data owner from both the computation perspective and communication perspective.
科研通智能强力驱动
Strongly Powered by AbleSci AI