摘要
数据时代,泛在共享环境下个人隐私信息面临的威胁十分广泛,如App频繁超范围采集个人信息、大数据杀熟等,跨系统交换的多方隐私计算需求迫切.因此,聚焦面向泛在共享环境下跨系统交换的多方隐私计算需求,以多方数据融合中隐私数据的安全共享和受控传播应用需求为切入点,从多方隐私计算、多方隐私信息共享控制、多方数据协同安全计算等方面梳理了现有相关工作,进行综述.分析了泛在共享环境下个人隐私信息保护的背景和研究现状.综述并对比分析了近年来多方隐私计算、多方隐私信息共享控制、多方数据协同安全计算等方面国内外最新研究成果,针对多方隐私计算,介绍了全生命周期隐私保护、隐私信息流转控制、敏感数据安全交换等技术;针对多方隐私信息共享控制,介绍了本地控制、延伸控制和脱敏控制三类技术;针对多方数据协同安全计算,介绍了学术界、产业界常用的技术.最后,对多方隐私计算面临的挑战和发展方向进行展望,传统的基于匿名、加扰、访问控制等技术的隐私脱敏方案、基于密码学的方案、基于联邦学习的方案等仍具有局限性,而隐私计算理论给出的面向全生命周期保护的计算框架和信息系统框架,需结合不同应用场景,践行隐私信息全生命周期保护.
Abstract
In the data era,threats to personal privacy information in ubiquitous sharing environments are wide-spread,such as apps frequently collecting personal information beyond scope,and big data-enabled price discrimi-nation against frequent customers.The need for multi-party privacy computing for cross-system exchanges is ur-gent.This work focused on the needs of multi-party privacy computing for cross-system exchanges in ubiquitous sharing environments,taking the security sharing and controlled dissemination of private data in multi-party data fusion applications as the starting point,and provided reviews of existing relevant work from the perspectives of multi-party privacy computing,multi-party privacy information sharing control,and multi-party data collaborative secure computing.First,the background and research status of personal privacy information protection in a ubiqui-tous sharing environment were analyzed.Then,the latest domestic and foreign research results in recent years re-garding multi-party privacy computing,multi-party privacy information sharing control,and multi-party data col-laborative security computing were reviewed and comparatively analyzed.Regarding multi-party privacy comput-ing,technologies such as full lifecycle privacy protection,privacy information flow control,and secure exchange of sensitive data were introduced.In terms of multi-party privacy information sharing control,localized control,ex-tended control,and anonymization control techniques were discussed.In the aspect of multi-party data collabora-tive secure computing,commonly used techniques in both academia and industry were discussed.Finally,the chal-lenges and development directions of multi-party privacy computing were prospected.There were still limitations for anonymity,scrambling,or access control-based traditional privacy desensitization measures,cryptography-based measures,and federated learning-based measures,while privacy computing theory provided a computational and information system framework for full-lifecycle protection,which needed to be combined with different appli-cation scenarios to implement full-lifecycle privacy information protection.
维普
万方数据