服务组合安全隐私信息流静态分析方法  被引量：2

作　　者：彭焕峰[1,2] 黄志球[1] 刘林源[3] 李勇[1] 柯昌博[4] PENG Huan-Feng;HUANG Zhi-Qiu;LIU Lin-Yuan;LI Yong;KE Chang-Bo(College of Computer Science and Technology, Nanjing University of Aeronautics and Astronautics, Nanjing 211106, China;College of Computer Engineering, Nanjing Institute of Technology, Nanjing 211167, China;Department of E-Commerce, Nanjing Audit University, Nanjing 211815, China;College of Computer, Nanjing University of Posts and Telecommunications, Nanjing 210023, China)

机构地区：[1]南京航空航天大学计算机科学与技术学院,江苏南京211106 [2]南京工程学院计算机工程学院,江苏南京211167 [3]南京审计大学电子商务系,江苏南京211815 [4]南京邮电大学计算机学院,江苏南京210023

出　　处：《软件学报》2018年第6期1739-1755,共17页Journal of Software

基　　金：国家自然科学基金(61772270;61602262;61562087);国家高技术研究发展计划(863)(2015AA015303);江苏省自然科学基金(BK20150865;BK20130735);江苏省高校自然科学基金(15KJD520001;13KJB520011)~~

摘　　要：用户为使用服务组合提供的功能,需要提供必要的个人隐私数据.由于组合的业务逻辑对用户是透明的,且用户与成员服务之间缺乏隐私数据使用的相关协议,如何保证组合执行过程中不发生用户隐私信息的非法泄露,成为当前服务计算领域的研究热点之一.针对隐私保护特征,提出一种服务组合安全隐私信息流静态分析方法.首先,从服务信誉度、隐私数据使用目的及保留期限这3个维度提出一种面向服务组合的隐私信息流安全模型;其次,采用支持隐私信息流分析的隐私工作流网(privacy workflow net,简称PWF-net)构建服务组合模型,并通过静态分析算法分析组合执行路径,检测组合的执行是否会发生用户隐私信息的非法泄露;最后,通过实例分析说明了方法的有效性,并对方法性能进行了实验分析.与现有的相关工作相比,针对隐私保护特征提出了隐私信息流安全模型,且分析方法考虑了隐私数据项聚合问题,从而能够更为有效地防止用户隐私信息非法泄露.Many service composition scenarios involve the sharing of user＇s privacy data. Due to the transparency of composition＇s business logic and lack of privacy protocol between user and member service, how to prevent the leakage of user privacy information has become a hot research topic in the field of service-oriented computing. A static analysis method of secure privacy information flow for service composition is proposed in this article according to the characteristics of privacy protection. Firstly, a security model is developed to formalize the security policy of privacy information flow on three aspects： service reputation, retention and purpose. Then, the composition is modeled with privacy workflow net, which gives support to the analysis of privacy information flow, and the detection of privacy information leakage is performed by analyzing execution paths of composition. Finally, a case study is included to demonstrate the effectiveness of the proposed method, and the performance experiment is also presented. Compared with the existing relevant works, the security model proposed reflects the characteristics of privacy protection, and the analysis method is able to deal with issues caused by the aggregation of privacy data items. Therefore, the application of this method can prevent the information leakage more efficiently.

关 键 词：服务组合 隐私保护 信息流安全 安全模型 静态分析 工作流网 

分 类 号：TP311[自动化与计算机技术—计算机软件与理论]