Data Chunks Adjustment Mechanism for Privacy Protection

In the cloud computing environment, the data of the tenant are divided into several data chunks and these data chunks are stored on different data nodes by means of the privacy protection mechanism based on chunk-confusion, in order to realize the privacy protection of data. Although this method can realize the privacy protection of the tenant's data in the plaintext state, due to tenant's privacy needs and data demands are variable, the underlying data chunks structure and storage location in the cloud will change, which makes there still exist a risk of leakage of privacy under the privacy protection mechanism based on chunk-confusion. For example, the store mode of data chunk is {post-code, age, disease}, which means that these three properties can be placed together and it will not reveal the privacy of the tenant' data. When the tenant suddenly adds a new attribute (the worker number) in the store mode of data chunk, if an attacker gets information about this chunk and happens to know an patient's the worker number, then this attacker may know the patient's condition, which is what tenant do not want to see. Therefore, based on chunk-confusion based the mechanism of privacy protection, the paper proposed a kind of mechanism of data chunks adjustment for privacy protection. In the first place, according to the privacy constraints updated by the tenant, the mechanism splits data chunks that go against the privacy constraints in the original privacy protection strategy. In the process of splitting data chunks, the data storage structure of data chunks is kept unchanged as far as possible based on the less dynamic principle to reduce the cost of data transfer and the adjustment cost of privacy protection strategy. In the second place, combined with the privacy constraints, data chunks that do not violate the privacy constraints are reassembled into the new data chunks to enhance the processing efficiency of data and to generate the privacy protection adjusting strategy. In addition, because of the diversity of the data chunks segmentation results, the resulting feasible privacy strategies are not unique. Therefore, considering the privacy requirements, performance requirements, load demands and unequal equalization, the paper proposed an optimal algorithm to select the optimal adjustment strategy to meet all requirements, realizing when the data chunks are adjusted, it can not only reduce the performance and load capacity of the system, but also enhance the effect of privacy protection. Finally, the adjustment mechanism completes the data migration and placement according to the optimized adjustment strategy of privacy protection. In order to verify the effectiveness and performance of the adjustment mechanism of data chunks based on privacy protection proposed in this paper, we designed the simulation experiment from the point of view of the accuracy and privacy of optimal privacy protection strategy, system performance and load, etc. Experimental results prove that the privacy protection adjustment mechanism proposed in this paper can not only find an optimal strategy for privacy protection, but also meet the system's performance and load requirements, and enhances the privacy protection effect of the tenant's data. © 2017, Science Press. All right reserved.