How to protect the privacy of cloud data in the era of big data?

There are a lot of economic and political interests hidden behind a lot of data, especially through the integration, analysis and mining of data, which shows that the power of data integration and control has far exceeded the past. Big data is like a double-edged sword. Society has benefited a lot from the use of big data, but there is nowhere to hide personal privacy. In recent years, cases of infringement of personal privacy have occurred from time to time, such as Google leaking personal privacy, Shanda Cloud losing data, Nate, one of the three major portals of 20 1 1 Korea, and social network "Saiwo" being hacked, resulting in information leakage of 35 million users, which seriously violated the legitimate rights and interests of users. A report of the World Economic Forum emphasizes the necessity of using high-tech means to protect people's privacy. Zhixin He Zhong Company has summarized the privacy protection measures of the following technical platforms through several case studies on the privacy protection measures of the cloud platform: 1, and the common privacy protection measures of the cloud platform (1) aseptic isolation "aseptic isolation" is mainly used for multi-group and batch data flow and processing. This method is like a biological isolation room, which can be operated by manipulator and remote control, but it will not directly touch the thing itself. Extending to the cloud platform, operators should use safe and effective operating tools (or management systems) that have been tested and verified to operate and manage data when giving instructions. The data flow in each system or subsystem should be "sterile and isolated", and personnel cannot directly contact the original data. The data flow is from system to system, and finally the data is output to the user department. Case: A mobile cloud platform in a province establishes a data mart system to handle data security. The data stream is pushed by the operator's instruction, and each subsystem receives the data pushed by the market platform. The whole data is "pollution-free". (2) After the black-and-white box strategy obtains data through aseptic isolation, the business personnel who ultimately operate and analyze the data should not know the implementation mechanism and principle, and the data has been stripped according to the predefined behavior. Usually, business personnel have low authority and high participation in stripping data. Case: After the Double Eleven incident, the data of an e-commerce website was aseptically isolated and entered the analysis system. Based on the black-and-white box strategy, business operators can only operate some stripped data for data summary and analysis, and the results will form summary statistics without revealing user privacy information. (3) Information Domain Management Information Domain is a collection of managed information, and its arrangement meets the following organizational requirements: divide the environment according to several functional purposes (or strategies), such as security, billing, fault management, etc. Or divide the environment according to each purpose, such as geography, technology or organizational structure. Different information domains store different contents, different information domains have different security levels, different information domains need different authorizations, and different information domains aim at different services. Case: A game system needs to be divided into multiple information domains, such as user account information domain, game server information domain, economic system information domain, props information domain and so on. Each information field can be lightly coupled or irrelevant, and the access threshold and authority system of each information field are different. (4) Information Fragments Management A number of information fragments form an information domain, and these fragments basically serve a business. Case: Taking the user account information domain as an example, the account-related information used for account authentication should be stored in different information domains and become multiple pieces of information. Schematic diagram of privacy protection means and levels: 2. The characteristics of cloud data management privacy protection The privacy protection means of cloud platform ensure the security of cloud data. Zhang Xiaokang, technical director of Zhixin He Zhong Company, pointed out that the privacy protection of cloud data management has three characteristics: (1) Cloud data management does not allow the existence of super administrators. Cloud data management needs to shield the existence of super administrators on system and technology platforms. The stronger the ability, the greater the responsibility. Not everyone has the characteristics of assuming a super administrator. (2) Data security will not reveal privacy. Data security refers to ensuring that data access is reasonably controlled through some technical or non-technical means to ensure that data will not be leaked or changed due to man-made or accidental destruction. From a non-technical point of view, the security of data can be guaranteed by laws or some rules and regulations; From a technical point of view, data security can be ensured by means of firewall, intrusion detection, security configuration, data encryption, access authentication, access control, data backup and so on. For any IT system, the data used and generated in the running life cycle is the core part of the whole system. We generally divide these system data into two types: public data and private data. Public data refers to data information that can be obtained from public resources, such as stock information and public financial information, which can be obtained and used by any IT system. Private data represents information that is exclusive to IT systems and cannot be shared with other IT systems. For public data, IT systems that use them do not need to handle security-related transactions. However, for private data, especially some sensitive private data, when building an it system, we need to consider how to ensure that the data will not be stolen or even modified. The traditional IT system is usually built in the customer's own data center, and the internal firewall of the data center ensures the security of the system data. Compared with traditional software, the biggest difference of cloud computing data is that all data will be maintained by the third party instead of the first party, and due to the characteristics of cloud computing architecture, these data may be stored in very scattered places and in plaintext. Although the firewall can provide a certain degree of protection against malicious external attacks, this architecture makes some key data may be leaked, whether unintentionally or maliciously. For example, due to the need of development and maintenance, employees of software providers can generally access the data stored on the cloud platform. Once these employee information is illegally obtained, hackers can access programs deployed on the cloud platform or obtain key data on the World Wide Web. This is totally unacceptable for enterprise applications with high security requirements. 3. Developers and managers are separated from actual managers. Developers can't control the management authority of the production system, and managers don't know the system architecture and operation mechanism. They can only operate through the tested and authorized management interface. How to ensure the security of cloud data? Through in-depth research on cloud data security related technologies, Zhixin He Zhong concluded that there are two steps to ensure the security of cloud data: the first step: identity authentication. Identity authentication, like the relationship between lock and key, needs to pay attention to three aspects. The first is the password. Each website has its own account and password. Ideally, the irreversible encryption password of each user in each website is unique. When an account is cracked on the same website, all other accounts are safe. You can't set the same password because the same user password reduces the security of other accounts. Then there is double authentication, that is, you need to log in to the website through two modes, not only the user name and password, but also a dynamic password. For example, if you send it to your mobile phone by SMS, you can log in only by entering the correct user name, password and dynamic password, which adds another lock to your account. Finally, let's pay attention to the logged-in terminal. Generally, we operate data through our own devices, but sometimes we log in to devices that don't belong to us. When other devices save information through the browser, it is easy to cause information leakage, so we need to operate in private mode or clean up the data after the operation is completed. Step 2: Platform environment. The security of the platform environment, like the bank's vault system, involves four levels: First, communication security. Just like the bank's vault system, whether others can enter the bank vault. First of all, there needs to be an information security channel. Technically, digital authentication and high-intensity stream encryption algorithm are needed to ensure the security of the channel and cannot be intercepted. Second: platform system security. Just like the bank's safe, the platform system consists of hardware and software. Ensure the stability of hardware level; At the operating system level, the software platform should always check whether there are loopholes in the system itself, scan and fix loopholes to prevent risks; On the application software level, it is necessary to prevent the existence of back doors and strengthen testing; Third: encryption system security. Just as the encryption lock of the bank safe is good enough and the encryption system is safe enough, all the entrances and exits and sensitive data in the system need to be encrypted and stored, even if the data is hacked, it cannot be cracked into plaintext; Fourth, prevent proliferation. Ensure that the loss will not expand after the safety accident, even if some data is leaked, it will not affect the whole.