针对管理型SaaS(software as a service)中两个租户公平共享隐私数据的问题,提出一种跨隐私数据库加密数据等值连接共享协议.在该协议中:两个租户通过服务提供方(service provider,SP)用可交换加密函数交换某共有属性的全集,实现属性值交集共享;SP用该属性值生成的密钥加密对应元组其他属性值后向对方租户分发;租户用交集生成的密钥解密;组合双方属性交集中等值元素的元组,实现两个租户通过不可信SP公平共享隐私数据.完备性、安全性证明和效率分析结果表明,在半诚实模型下,协议安全可证,满足最少必要信息共享条件,计算代价和通信代价分别是用AGRAWAL协议实现公平共享的57%和75%.%A protocol of encrypted data equijoin sharing across private database is proposed for the problem of fair sharing the private data between two tenants in management-type software as a service. The protocol realizes the sharing of the intersection on a mutual attribute with the help of service provider and using a commutative encryption function to exchange the universal set of the attribute between two tenants. The service provider encrypts other attributes using the key that is generated by the value of attribute, and then sends them to counterpart. Each tenant decrypts them with the key that is generated by intersection. Then the equijoin of private data is shared fairly by assembling both parties' tuples of equivalent elements in the intersection. Analyzing results for completeness, security and efficiency in a semi-honest model show that the protocol is proved safely, and meets the minimal necessary information sharing, and that the computation and the communication costs are 57% and 75% of those in utilizing the fair sharing information by AGRAWAL's protocol.
展开▼
