CN108416227A - Big data platform secret protection evaluation method and device based on Dare Information Entropy - Google Patents

Abstract

The invention discloses a privacy protection evaluation method and device of a big data platform based on the Del entropy method, constructs a privacy protection hierarchical analysis model based on probability statistics, and solves the privacy protection evaluation index of privacy protection data; according to the privacy protection obtained in step 1 To protect the evaluation index, establish a privacy protection fuzzy comprehensive evaluation model based on the Del entropy method;) Obtain the comprehensive evaluation score of the privacy protection fuzzy comprehensive evaluation model, and obtain the final evaluation result according to the score and grade standard. The present invention establishes a privacy protection fuzzy comprehensive evaluation model and a privacy protection hierarchical analysis model, obtains the overall evaluation index value and evaluation parameter value of the data distribution after privacy protection through two-stage backtracking hierarchical analysis, and calculates the value according to the evaluation index and evaluation parameter value The single-factor evaluation vector reduces the interference of human factors, improves the accuracy and fairness of the weight distribution of evaluation indicators, and realizes the visual evaluation of the privacy protection method for block obfuscation.

Description

Big data platform privacy protection evaluation method and device based on Del entropy method

technical field

The invention relates to the technical field of data security, in particular to a privacy protection evaluation method and device for a big data platform based on the Del entropy method.

Background technique

With the continuous development of information technology and society, as well as the further enrichment of mobile Internet, Internet of Things, and cloud computing applications, data has grown exponentially, and the era of big data has quietly arrived. In recent years, big data technology has become more and more mature, and there are more and more big data applications. While people pay attention to the storage, processing and migration of big data, they also gradually begin to pay attention to the privacy protection of big data.

Data privacy protection has always been a hot research issue, and scholars have proposed many data privacy protection methods. Although many privacy protection methods can protect the privacy of data to a certain extent, they still have some shortcomings for the privacy protection of big data: the reconstruction cost of encryption method is high, and it is difficult to process ciphertext; differential protection is difficult to remove noise, and data Easy to be distorted; obfuscation method, data processing efficiency is not high, and reconstruction speed is slow; k anonymity, it is easy to cause part of the data to be missing, and cannot be reconstructed.

In order to improve the privacy effect of big data, a privacy protection method based on block obfuscation is proposed. This method first constructs a three-party (trusted third party, cloud service provider and tenant) trusted interaction model, and then divides the data into Multiple data blocks, and confuse the relationship between data blocks and data fragments, and finally store the data relationship to a trusted third party to quickly reconstruct the data. The block obfuscation method can not only protect the user's data privacy in the plaintext state, but also ensure the integrity of the data and improve the efficiency of data processing.

Although the privacy protection method of block obfuscation can realize the protection of the privacy of big data in the plaintext state, the effect of privacy protection needs further verification. At present, the research on privacy protection evaluation has made a lot of achievements, and some privacy evaluation methods have been proposed one after another. However, these evaluation methods cannot evaluate the privacy protection effect of block obfuscation privacy protection method well.

Contents of the invention

In order to overcome the deficiencies of the above-mentioned prior art, the present invention provides a privacy protection evaluation method and device for a big data platform based on the Del entropy method, which realizes the visual privacy evaluation of the block obfuscation technology, and establishes a method based on the Del entropy method. The privacy protection fuzzy comprehensive evaluation model and the privacy protection hierarchy analysis model based on probability statistics, through the two-stage backtracking hierarchy analysis, the overall evaluation index value and evaluation parameter value of the data distribution after privacy protection are obtained, and calculated according to the evaluation index and evaluation parameter value The single-factor evaluation vector reduces the interference of human factors. At the same time, it integrates and improves the Delphi method based on subjective judgment and the entropy method based on objective judgment, which improves the accuracy and fairness of the weight distribution of evaluation indicators, and realizes the confusion of blocks. The visual evaluation of the privacy protection method provides a theoretical basis and direction for the further optimization of the block obfuscation privacy protection method.

The technical scheme adopted in the present invention is:

A method for evaluating the privacy protection of big data platforms based on the Del entropy method, the method comprising the following steps:

(1) Construct a privacy protection hierarchical analysis model based on probability and statistics, and solve the privacy protection evaluation index of privacy protection data;

(2) According to the privacy protection evaluation index obtained in step 1, establish a privacy protection fuzzy comprehensive evaluation model based on Del entropy method;

(3) Obtain the comprehensive evaluation score of the privacy protection fuzzy comprehensive evaluation model, and obtain the final evaluation result according to the score and grade standard.

Further, said probabilistic-statistic-based privacy protection hierarchical analysis model includes:

(1-1) Input layer, user data to be evaluated for privacy protection;

(1-2) The data storage mode layer, which takes the user data to be evaluated for privacy protection as input, and stores the user data to be evaluated for privacy protection in the Different data storage modes in DSM;

(1-3) The data block layer divides the tenant data in each data storage mode into different data blocks;

(1-4) user layer, user data stored in each data storage mode DSM and data block;

(1-5) The privacy protection evaluation index layer, which defines the privacy protection evaluation index and its calculation formula;

(1-6) The inversion layer, through the two-stage inversion from the user layer to the data storage mode layer, and from the data storage mode layer to the input layer, calculates the total evaluation index and evaluation parameter value of the privacy protection data.

Further, the two-stage inversion from the user layer to the data storage mode layer and from the data storage mode layer to the input layer is used to calculate the total evaluation index and evaluation parameter value of the privacy protection data, including:

According to the definition of the privacy protection evaluation index and its calculation formula, the privacy protection evaluation index value of each user under each DSM is calculated, and then based on the privacy protection evaluation index values of all users, the privacy protection evaluation index and the privacy protection evaluation index of each DSM are calculated. Evaluation parameter values. Finally, based on the evaluation indicators and evaluation parameter values of all DSMs, the total privacy protection evaluation indicators and evaluation parameter values of the privacy protection data are calculated.

Further, the privacy protection evaluation index includes privacy attribute leakage probability, privacy attribute leakage ratio, privacy attribute value entropy and block deviation; evaluation parameter value includes privacy attribute leakage probability, privacy attribute leakage ratio, privacy attribute value entropy and block deviation mean and variance of degrees.

Further, the establishment of a privacy protection fuzzy comprehensive evaluation model based on the Del entropy method includes:

(2-1) Determine the evaluation factor set and comment set of the privacy protection evaluation object, and set the classification standard for the classification of privacy protection evaluation levels;

(2-2) Carry out single factor evaluation to each evaluation index, obtain the evaluation vector of each evaluation index, construct evaluation matrix according to the evaluation vector of each evaluation index;

(2-3) Using the comprehensive weight determination method based on the Delphi method and the entropy method to obtain the weight of each privacy protection evaluation index;

(2-4) Obtain fuzzy comprehensive evaluation scores and evaluation results by using fuzzy matrix composite operations.

Further, the evaluation factor set of the privacy protection evaluation object includes privacy attribute leakage probability, privacy attribute leakage ratio, privacy attribute value entropy and block deviation; the comment set includes very good, good, general and poor.

Further, the comprehensive weight determination method based on the Delphi method and the entropy value method is used to obtain the weight of each evaluation index, including:

Select m times from a number of review experts to form m groups. The number of people drawn each time is fixed but different, and the scores of m group evaluation indicators are obtained;

Use the scoring of m group evaluation indicators to construct a decision matrix;

Based on the decision matrix, calculate the sum of the total evaluation scores of all groups under each privacy protection evaluation index;

The scores of each group under each privacy protection evaluation index are compared with the total evaluation scores of all groups to obtain the contribution value of each group score under each privacy protection evaluation index;

Based on the contribution value of each group score under each privacy protection evaluation index, calculate the entropy value of all group scores to index values under each privacy protection evaluation index;

Calculate the importance of each privacy protection evaluation index, and compare the importance of each privacy protection evaluation index with the total importance to obtain the weight of each privacy protection evaluation index.

Further, the fuzzy comprehensive evaluation score and evaluation results are obtained by using fuzzy matrix composite operations, including:

Combining the evaluation matrix of each evaluation index and the weight of each evaluation index to obtain the evaluation vector;

The evaluation vector is normalized, and the weighted average operation is used to obtain the fuzzy comprehensive evaluation score.

According to the fuzzy comprehensive evaluation score and grade standard, the final evaluation result is obtained.

A computer device for privacy protection data analysis and evaluation, comprising a memory, a processor, and a computer program stored on the memory and operable on the processor, and the processor implements the following steps when executing the program, including:

Construct a privacy protection hierarchical analysis model based on probability and statistics, and solve the privacy protection evaluation index of privacy protection data;

According to the privacy protection evaluation index obtained above, a fuzzy comprehensive evaluation model of privacy protection based on Del entropy method is established;

Obtain the comprehensive evaluation score of the privacy protection fuzzy comprehensive evaluation model, and obtain the final evaluation result according to the score and grade standard.

A computer-readable storage medium, on which a computer program for privacy protection data analysis and evaluation is stored, and when the program is executed by a processor, the following steps are implemented:

Construct a privacy protection hierarchical analysis model based on probability and statistics, and solve the privacy protection evaluation index of privacy protection data;

According to the privacy protection evaluation index obtained above, a fuzzy comprehensive evaluation model of privacy protection based on Del entropy method is established;

Obtain the comprehensive evaluation score of the privacy protection fuzzy comprehensive evaluation model, and obtain the final evaluation result according to the score and grade standard.

Compared with prior art, the beneficial effect of the present invention is:

(1) The present invention has established the privacy protection hierarchical analysis model based on probability statistics and the privacy protection fuzzy comprehensive evaluation model based on Del entropy value method, obtains the overall evaluation index value and the overall data distribution after privacy protection through two-stage backtracking hierarchical analysis Evaluate the parameter value, calculate the single-factor evaluation vector according to the evaluation index and the evaluation parameter value, and reduce the interference of human factors;

(2) The present invention synthesizes and improves the Delphi method based on subjective judgment and the entropy value method of objective judgment, improves the accuracy and fairness of the evaluation index weight distribution, and realizes the visual evaluation of the block confusion privacy protection method;

(3) The privacy protection evaluation method proposed by the present invention can not only objectively show the evaluation effect of privacy protection, but also prove the effectiveness of the block obfuscation privacy protection method, which provides a good data privacy protection in the big data application support platform theoretical support.

Description of drawings

The accompanying drawings constituting a part of the present application are used to provide further understanding of the present application, and the schematic embodiments and descriptions of the present application are used to explain the present application, and do not constitute improper limitations to the present application.

Figure 1 is a flow chart of a privacy protection evaluation method for a big data platform based on the Del entropy method;

Figure 2 is a privacy protection architecture diagram based on block obfuscation;

Fig. 3 is a schematic diagram of a hierarchical analysis model of privacy protection based on probability statistics;

Figure 4 shows the distribution of the privacy attribute leakage probability of the three algorithms;

Figure 5 shows the distribution of privacy attribute leakage ratios under the three algorithms;

Figure 6 shows the change of privacy attribute value entropy under the three algorithms;

Figure 7 shows the distribution of block deviation degrees under the three algorithms;

Figure 8a is a comparative analysis of the weight accuracy of the Del entropy method;

Figure 8b is a comparative analysis of the weight accuracy of actual measured values;

Figure 8c is a comparative analysis of the weight accuracy of the Delphi method;

Figure 9 is the relationship between privacy evaluation effect and time;

Figure 10 shows the relationship between the privacy evaluation effect and the number of attributes.

Detailed ways

The present invention will be further described below in conjunction with the accompanying drawings and embodiments.

It should be pointed out that the following detailed description is exemplary and intended to provide further explanation to the present application. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs.

It should be noted that the terminology used here is only for describing specific implementations, and is not intended to limit the exemplary implementations according to the present application. As used herein, unless the context clearly dictates otherwise, the singular is intended to include the plural, and it should also be understood that when the terms "comprising" and/or "comprising" are used in this specification, they mean There are features, steps, operations, means, components and/or combinations thereof.

As introduced in the background technology, there are deficiencies in the prior art that the privacy protection effect of the block obfuscation privacy protection method cannot be well evaluated. In order to solve the above technical problems, this application proposes a large Data platform privacy protection evaluation method and device.

In a typical implementation of the present application, as shown in Figure 1, in the big data application support platform, the privacy protection method based on block obfuscation divides the original data into several data blocks and confuses the relationship between the data to realize However, this privacy protection mechanism cannot intuitively show the privacy protection effect of data to users. On the basis of the privacy protection method based on block obfuscation, the present invention provides a privacy protection evaluation method for big data platforms based on the Del entropy method, which realizes the visual evaluation of privacy protection for big data, and at the same time proves that The privacy protection effect of block obfuscation method on big data provides a theoretical support for the in-depth study of big data privacy protection.

1. Define privacy protection evaluation indicators

(1) Sub Tuple (Sub Tuple, ST), a data record DR={DA ₁ , DA ₂ ,...,DA _n }, DA represents the name of the data attribute, and according to privacy constraints, DR is divided into multiple fragments, namely DR={(DA ₁ , DA ₃ , DA ₆ ), (DA ₅ , DA ₈ , DA _n ), ..., (DA ₄ , DA ₉ , DA ₁₁ )}, each segment is a sub-tuple ST, For any sub-tuples ST _i and ST _j , ST _i ∩ ST _j =φ.

(2) Privacy Attribute Leakage Probability (PALP): From the privacy-protected data block set, the probability of obtaining a piece containing the correct tuple identifier and a privacy attribute is the privacy attribute leakage probability.

The privacy attribute leakage probability of privacy attribute PA _i in data block i is:

Among them, N _N is the data record with the same name as the main attribute in the data block, N _V is the value value of a certain privacy attribute PA _i in the data block i, R _i represents the total number of data items in the data block i; R _NVj is The number of data pieces whose attribute PA value is j in the data block i;

Assuming _that PALP does not exceed the standard value λ, the leakage probability vector P ₁ of all privacy attributes = [PALP _PA1 , _{PALP PA2 , .}

(3) Privacy Attribute Leakage Ratio (PALR), assuming that there are P ₁ privacy attributes in the data storage mode DMS ₁ , among which there are P ₂ attributes that leak privacy, then PALR=P ₁ /P ₂ .

(4) Privacy Attribute Value Entropy (PAVE), assuming that the privacy attribute PA _i (1≤i≤n) in data block i has N _PAi attribute values {V ₁ , V ₂ ,..., V _NPAi }, the ratio of each value is VR _j (1≤j≤N _PAi ), then the privacy attribute value entropy PAVE _i of PA _i is:

Among them, VR _j is the value ratio of the privacy attribute PA _i in the data block i;

The larger the value of PAVE, the more dispersed the ratio of privacy attribute values, and the better the privacy protection effect; the smaller the value of PAVE, the more concentrated the distribution of privacy attribute value ratios, and the worse the privacy protection effect.

(5) Chunk Deviation Degree (CDD), in a DSM, the sample is first randomly added, deleted and modified, and the changed tuples in each data block in the sample are recorded after each operation number; then calculate the gap between the data blocks, and calculate the average value of the gap of each data block; finally calculate the average value of the average value of the gap of all data blocks as the block deviation degree of DSM. For example, there are N _c data blocks in DSM ₁ , and the change tuple data of each data block is DC ₁ , DC ₂ , ..., DC _Nc , then the calculation formula of CDD is as follows:

Among them, N _c is the number of data blocks in DSM ₁ ; DC _i is the number of change tuples of data block i; DC _j is the number of change tuples of data block j;

The smaller the CDD, the smaller the data change distance between data blocks, the smaller the difference in data block operations, and the worse the privacy protection; the larger the CDD, the larger the data change distance between data blocks, and the smaller the data block operation. The greater the difference, the better the privacy protection.

2. Privacy protection technology based on block obfuscation

The privacy protection mechanism based on block obfuscation realizes the protection of data privacy of tenants in plain text by constructing a trusted interaction model of three parties (trusted third parties, cloud service providers and tenants), as shown in Figure 2.

First, according to the privacy constraints customized by the tenants, the data submitted by the tenants is divided into multiple data blocks, so that the combined privacy attributes in the same privacy constraints are distributed into different data blocks, that is, the tenant identity information and sensitive information are separated, and at the same time Split and convert single privacy attributes; secondly, the privacy protection module cooperates with third parties to generate a data slice identifier for data slices in different data blocks of the same record through multiplicative homomorphic encryption, thereby confusing the relationship between data blocks , and store these relationships in a trusted third party for subsequent data reconstruction; it is difficult for an attacker to find the corresponding relationship recorded in different data blocks after obfuscation again, but when the data in the data block is unevenly distributed, the attack Therefore, we propose three equalization mechanisms α, β and γ. By adding falsified data, the probability of data privacy leakage will not exceed max(1/ n, β ^k , γ ^k ); Finally, according to the computing power, storage capacity and load capacity of each data node, store the data block on the node.

3. A Hierarchical Analysis Model for Privacy Protection Based on Probability and Statistics

Construct a privacy protection hierarchical analysis model based on probability and statistics to solve the evaluation index, as shown in Figure 3. The top layer of the model is the privacy-preserving data after the final evaluation object. According to the differences in tenant requirements, SaaS application requirements, and the interests of cloud service providers and other factors, data storage is divided into multiple data storage modes DSM, as shown in the second layer in Figure 3. In each data storage mode, the corresponding privacy protection block strategy is different, as shown in the third layer in Figure 3. Each DSM and data block can store data of multiple tenants or a single tenant, as shown in the fourth layer of Figure 4. The fifth layer is the privacy protection evaluation index, including privacy attribute leakage probability, privacy attribute leakage ratio, privacy attribute value entropy and block deviation degree. The sixth layer is inversion. First, according to the definition and calculation method of the privacy protection evaluation index, calculate the evaluation index value of each tenant under each DSM from the perspective of tenants; then calculate the value of each DSM based on the evaluation indexes of all tenants. The evaluation index; finally, based on the evaluation index of all DSMs, the evaluation index of the entire data storage is calculated. The detailed calculation process includes two steps, as follows:

3.1. The tenant layer returns to the DSM layer

Assuming that there are N ₁ tenants in the data storage mode DSM ₁ , in order to measure the privacy protection evaluation index in this mode, we select X ₁ groups from the N ₁ tenants, and the number of tenants in each group is N ₂ (N ₂ <N ₁ ), each group is regarded as a sample X, then DSM ₁ can be regarded as a population Y composed of countless individual samples, that is, the research object, so it can be estimated by studying the characteristics of privacy protection evaluation indicators of multiple samples The privacy protection evaluation index of the overall Y is obtained, and the detailed calculation process is as follows.

(1) Privacy attribute leakage probability

By analyzing and studying the PALP of sample X, evaluate the PALP of DSM ₁ , the steps are as follows:

① Calculate the privacy attribute disclosure probability vector of all samples X, that is, XPP _t = [PALP _PA1 , PALP _PA2 , ..., PALP _PANp ], 0<t≤X ₁

② Calculate the mean value of XPP

In the formula, X ₁ is the number of samples X; N _Vi is the number of attribute values of the ith privacy attribute PA _i in data block i; R _i is the total number of data pieces of data block i; R _NVj is the number of data blocks The total number of data pieces of NV _j ; is the number of attribute values of the _NPth privacy attribute PA _i in data block i; R _Np is the total number of data pieces of data block _NP .

③ Calculate the variance of XPP

(2) Privacy attribute leakage ratio

The privacy attribute leakage ratio PALR can be calculated according to XP _t (0<t≤X ₁ ), and the detailed process is as follows:

① For each XP _t ∈ XPP, if XP _t > λ, the privacy attribute leakage ratio is PALR _t

② Calculate the mean value of PALR

③ Calculate the variance of PALR

(3) Privacy attribute value entropy

Through the PAVE of the sample, evaluate the PAVE of DSM _1. The evaluation process is as follows:

① Calculate the entropy vector XPE of all privacy attribute values of X, that is, XPE _t = [PAVE _PA1 , PAVE _PAi , ..., PAVE _PANp ], 0<t≤X ₁

② Calculate the mean value of XPE

③ Calculate the variance of XPE

(4) Block deviation

① For each grouping in X ₁ , add, delete and modify each N _u times;

② Calculate the number of tuple changes of each data block in each group;

③ Calculate the CDD of each group according to formula 3;

④ Calculate the mean value of CDD

⑤ Calculate the variance of CDD

3.2, DSM layer reverses to the top layer

During the inversion process from the tenant layer to the DSM layer, the evaluation indicators and evaluation parameter values of the DSM layer are obtained through statistical analysis of the data of the tenant layer. The evaluation indicators include the privacy attribute leakage probability, the privacy attribute leakage ratio, and the Value entropy and block deviation; evaluation parameter values include privacy attribute leakage probability, privacy attribute leakage ratio, privacy attribute value entropy, and the mean and variance of block deviation; then, according to the evaluation index information of all DSM layers, continue to reverse to the highest layer .

(1) Privacy attribute leakage probability

①Calculate the mean value of PALP for each DSM

Among them, N _pi is the number of tenants in each DSM;

② Calculate the mean value of DSM_PALP

③ Calculate the variance of DSM_PALP

(2) Privacy attribute leakage ratio

① Calculate the mean value of DSM_PALR

② Calculate the variance of DSM_PALR

(3) Privacy attribute value entropy

①Calculate the mean value of PAVE for each DSM

② Calculate the mean value of DSM_PAVE

③ Calculate the variance of DSM_PAVE

(4) Block deviation

①Calculate the average CDD of each DSM

② Calculate the mean value of DSM_CDD

③ Calculate the variance of DSM_CDD

Through the two-stage inversion from the tenant layer to the DSM layer and from the DSM layer to the top layer, the evaluation indicators and evaluation parameter values of the overall distribution of privacy protection data are calculated to provide support for the comprehensive evaluation of privacy protection.

4. Fuzzy comprehensive evaluation of privacy protection based on Del entropy method

According to the above evaluation indicators, a privacy protection fuzzy comprehensive evaluation model is established, and the process is as follows:

(1) Determine the evaluation factor set of the evaluation object

The evaluation object of the privacy-preserving fuzzy comprehensive evaluation model is the privacy-preserving data after block obfuscation processing, so the evaluation factor set ES={privacy attribute leakage probability, privacy attribute leakage ratio, privacy attribute value entropy, block deviation degree}.

(2) Determine the set of comments

The comment set CS={very good, good, general, bad} of this privacy protection fuzzy comprehensive evaluation model, the evaluation standards are shown in Table 1, in addition to the standards given in the table, it is also necessary to ensure that the fluctuation range of the evaluation index λ ₄ % belongs to the same level as the evaluation index value, or even belongs to a higher level. λ, λ ₁ , λ ₂ , λ ₃ , λ ₄ are the standard values negotiated and signed between service providers and tenants, where λ ₂ is related to the number of types of values for each privacy attribute.

Table 1 Evaluation Criteria

(3) Single factor evaluation

The present invention adopts the privacy protection hierarchical analysis model based on probability statistics to calculate the evaluation index value and evaluation parameter value required by the privacy protection fuzzy comprehensive evaluation model, and calculates the fluctuation range of the evaluation index value based on the required evaluation index value and evaluation parameter value , by comparing the evaluation index value and fluctuation range with the evaluation criteria in Table 1, determine which grade it belongs to, and obtain the evaluation vector of each evaluation index, and combine these evaluation vectors to form the evaluation matrix EM.

(4) Comprehensive evaluation

In the fuzzy comprehensive evaluation, there are two important factors, one is the evaluation matrix EM, and the other is the weight W. Through the above steps, the evaluation matrix EM can be obtained, and then how to obtain the weight of the evaluation index is introduced. The methods to determine the weight W mainly include subjective method and objective method. The subjective method is relatively simple, but the human factor is too strong; the objective method solves the interference of human factors, but it is too dependent on the sample data, and the influence of sample data changes on the weight very big. Therefore, the present invention proposes a comprehensive weight determination method based on the Delphi method and the entropy method.

In order to make the weight of the evaluation index more accurate, the Delphi method is improved. The original Delphi is to conduct multiple rounds of inquiries to a group of evaluation experts to unify the opinions, and finally obtain the weight of each evaluation index. In the present invention, m extractions are performed from n evaluation experts to form m groups. The number of each extraction is fixed but different, so that the scores of m evaluation indicators can be obtained to form a decision matrix. The results are shown in Table 2.

Table 2 Decision matrix table

Based on the decision matrix, the entropy method is used to obtain the weight of each privacy protection evaluation index. The process is as follows:

Calculate the sum Score of the total evaluation scores of all groups under the jth privacy protection evaluation index, Among them, X _ij is the evaluation score of group i under the jth index;

Calculate the contribution value P _ij of the i-th group score under the j-th privacy protection evaluation index,

Calculate the entropy value E _j of all group scores to the privacy protection evaluation index value, In the present invention, the constant K is set as K=1/ln(m), which can ensure that 0≤E _j ≤1, so it can be seen that when all group scores under a certain evaluation index are completely equal, E _j is equal to 1 , at this time the weight of this attribute is 0, and this attribute can be ignored in decision analysis.

Calculate the importance D _j of the j-th privacy protection evaluation index, D _j = 1-E _j ; D _j represents the importance of the j-th index, the greater the difference in index values, the smaller the entropy value E _j , and the higher the value of D _j Larger means that the jth index has a greater impact on the evaluation.

Calculate the weight W _j of the jth privacy protection evaluation index,

The weight W of each privacy protection evaluation index = (W ₁ , W ₂ , W ₃ , W ₄ ).

After obtaining the evaluation matrix and evaluation index weights, the evaluation vector S can be calculated. Because of the fuzzy operator It can clearly reflect the role of weights, has a strong degree of comprehensiveness, and can make full use of the information of the evaluation matrix EM, so this section uses this operator to calculate and solve the evaluation vector S, as shown in formula 25.

S=W·EM(25)

In addition, in the present invention, the evaluation effect is converted into scores, and the classification standard for privacy protection evaluation levels is set, as shown in Table 3.

Table 3 Correspondence between comments and scores

comments very good it is good generally Difference Fraction 100-75 75-50 50-25 25-0

Finally, the comprehensive evaluation method of privacy protection is as follows:

Calculate the evaluation vector S, S＝(S ₁ S ₂ S ₃ S ₄ )

Perform normalization processing, S'=(S ₁ /(S ₁ +S ₂₊ S ₃ +S ₄ )S ₂ /(S ₁ +S ₂₊ S ₃ +S ₄ )S ₃ /(S ₁ +S ₂₊ S ₃ +S ₄ )S ₄ /(S ₁ +S ₂₊ S ₃ +S ₄ ));

The weighted average is used to obtain the fuzzy comprehensive evaluation score, among which, the fuzzy comprehensive evaluation score ER=(100*S ₁ '+75*S ₂ '+50*S ₃ '+25*S ₄ ')/(S ₁ '+S ₂ ' ₊ S ₃ '+S ₄ '), according to the ER value and grade standard, the final evaluation result is obtained.

5. Experimental evaluation

5.1 Experimental environment

In order to verify the evaluation effect of the privacy protection evaluation method based on the delta entropy method proposed by the present invention, we have evaluated and verified the original block confusion algorithm PPCC, privacy protection adjustment algorithm SAG and data relationship hiding algorithm HMDR through simulation experiments.

Experimental environment: a server is used as a data node, and the system uses Red Hat Enterprise Linux6.2 version; Apache Tomcat is used as an application server, configured as a 4-core CPU Inter(R)Xeon(R) 2.40GHz, 10GB memory, 500G hard disk; the test database uses 5.5.25MySQL Community Server (GPL); Eclipse-SDK-4.3-win64 is selected as the programming environment, and Java 1.7 is the programming language; the data set used in the experiment is the 1990 U.S. census data set released by UCI, and the original data set contains 68 Attributes, 2.5 million pieces of data.

5.2 Result analysis

5.2.1 Evaluation indicators

In order to verify whether the evaluation index proposed by the present invention can correctly evaluate the privacy protection effect of the block obfuscation method, a simulation experiment was designed to verify the difference of the four evaluation indexes under the three algorithms. Experiment 1 selected 1.5 million pieces of data from the data set, 60 attributes, including 20 privacy attributes, set 15 storage modes, and allocated 100,000 pieces to each storage mode. Assuming that each mode has 20 tenants, each 15 of them will be drawn once, for a total of 30 draws. First, use the PPCC algorithm to process the data in all storage modes, and perform arbitrary addition, deletion, and modification operations 50 times each, adjust privacy requirements 15 times, and calculate all required evaluation indicators according to formulas 1 to 25; then the data Restore the original appearance, then use the PPCC and HMDR algorithms to process the data successively, repeat the above steps of data operation and calculation of evaluation indicators; finally restore the data to its original appearance, use the three algorithms to process the data successively, and repeat the above steps of data operation and calculation of evaluation indicators , the experimental results are shown in Figures 4, 5, 6 and 7.

Figure 4 shows the distribution of the privacy attribute leakage probability of 15 modes under the three algorithms, and it is stipulated that PALP does not exceed 0.2 as the safe range. It can be seen from Figure 4 that under PPCC, PALP is mainly distributed between 0.05-0.3, of which 66.7% probability distribution is between 0.05-0.2; due to changes in data operations and privacy requirements, there is a 33.3% probability of privacy Property leaks. Under HMDR, PALP is mainly distributed between 0.00-0.25, and 80% of the probability distribution is between 0.05-0.2. The privacy protection effect is slightly improved compared with PPCC, but there is still a 20% probability of privacy attribute leakage. Under the SAG algorithm, PALP is mainly distributed between 0.00-0.2, which meets the privacy protection requirements, but there is also a 6.7% probability of privacy attribute leakage. Therefore, from the perspective of PALP, there is still room for improvement in the effect of privacy protection.

Figure 5 shows the distribution of the privacy attribute leakage ratios of 15 modes under the three algorithms, and it is stipulated that the PALR does not exceed 0.3 as the safe range. It can be seen from Figure 5 that there is a 26.6% probability of PALR in the PPCC algorithm, but there is still a 66.6% probability of better privacy protection effect; compared with PPCC, HMDR has only a 6.7% probability of PALR, and a 73.3% probability It has a good privacy protection effect and significantly improves the protection effect; compared with the previous two algorithms, although SAG has only a 13.3% probability of PALR, it has a very good privacy protection effect with a probability of 80%.

Figure 6 shows the changes in the privacy attribute value entropy PAVE under the three algorithms. It can be seen from Figure 6 that under the three algorithms, the greater the number of privacy attribute values, the greater the entropy, and the better the corresponding privacy protection effect. For example, when the number of privacy attribute values is 32, the entropy values of the three algorithms are all the same as 5 is close, and 5 is the entropy value under the ideal state; when the number of privacy attribute values is 4, the entropy values of the three algorithms are relatively far from the ideal value 2, because the more the number of privacy attribute values, the corresponding The larger the PAVE, the wider the distribution of the probability of the privacy attribute value, and the better the privacy protection effect. The entropy value of SAG is higher than that of HMDR and PPCC, and the entropy value of HMDR is slightly higher than that of PPCC. This trend is in line with our expected results.

Figure 7 shows the degree of deviation between data blocks in 15 modes under the three algorithms, and it is stipulated that the degree of deviation of the block is greater than 2, which belongs to the safe range. As shown in Figure 7, under the PPCC algorithm, there is a 40% probability that the block deviation degree falls between 0 and 2, which shows that the correlation between data blocks is very large, and the influence of data operations on each data block is not different. Obviously, the effect of privacy protection is not good; under the other two algorithms, more than 50% of the probability falls between 2-5, which has a good effect, and about 13% of the probability falls between 8-5. Between 10, SAG has only 6.7% probability of privacy leakage, and HNDR has 13.3% probability of privacy leakage. In summary, compared with PPCC, these two algorithms have enhanced the effect of privacy protection.

5.2.2 Comprehensive comparative evaluation

Through the above experiments, it can be seen that the four evaluation indicators under the three algorithms have obvious changes, and the change trend is consistent with the real situation. Experiment 2 is designed to comprehensively evaluate and classify the three algorithms. In Experiment 2, 2 million pieces of data were selected and stored in 10 modes, each mode allocated 200,000 pieces, and each mode was set to store 30 tenants, and the data of 20 tenants was extracted each time, divided into 100 groups Draw, draw 50 times for each group respectively. Suppose λ=0.2, λ ₁ =0.3, λ ₂ =|log ₂ (1/N _PAi )|, λ ₃ =2, λ ₄ =80, i=1, 2, 3, . . . , N _p . The data in the 10 modes are sequentially processed by three algorithms, and after each processing, add, delete, modify, and adjust the privacy requirements 50 times each, and record the data before and after each processing, and calculate Output the evaluation index value and evaluation parameter value. After processing the data obtained through the experiment, the data shown in Table 4 are obtained.

Table 4 Frequency Allocation Table of Privacy Protection Levels

The evaluation matrix of the three algorithms can be calculated from Table 4, as follows:

In Experiment 2, 15 researchers in the same group were selected and divided into 8 groups successively. 10 people were selected from each group, and multiple rounds of inquiries were conducted to score the evaluation indicators. The results are shown in Table 5.

Table 5 Decision matrix table based on 10 experts scoring

According to the decision matrix Table 5 and Algorithm 2, the contribution of each group is calculated, as shown in Table 6.

Table 6 Contribution table

0.111111 0.093023 0.111111 0.127660 0.126984 0.116279 0.129630 0.127660 0.142857 0.186047 0.074074 0.106383 0.079365 0.139535 0.185185 0.170213 0.142857 0.186047 0.092593 0.085106 0.142857 0.046512 0.148148 0.127660 0.095238 0.116279 0.185185 0.063830 0.158730 0.116279 0.074074 0.191489

There are 8 groups in the experiment, so the constant K in Algorithm 2=1/(ln(8)=0.481, from which the entropy value E=(-0.96343, -0.98427, -0.97425, -0.96949) of the price index is calculated, The importance of the evaluation index D=(0.036574, 0.015729, 0.025753, 0.030505), so the weight W=(0.34, 0.14, 0.24, 0.28) of the evaluation index is finally obtained. According to the formula 26, the three algorithms after normalization are obtained Evaluation vector S _PPCC =W·EM _PPCC =(0.0976, 0.2666, 0.4108, 0.2550), similarly _SHMDR =(0.2260, 0.3896, 0.3004, 0.084), S _SAG =(0.3288, 0.3896, 0.2212, 0.0604). Finally The scores of the three algorithms calculated by the weighted average method are 56.67, 68.94 and 74.67 respectively. It can be seen from Table 4 that the privacy protection effects of the three algorithms are at a good level, but from the point of view of the scores, the effect of SAG is better than that of HMDR. The effect is better than that of PPCC, which is in line with the actual situation. It can be seen that from the perspective of privacy protection level, the three algorithms have better privacy protection effect, but from the point of view of score, the privacy protection effect needs to be further enhanced and optimized.

5.2.3 Index weight analysis

In order to verify the effect of the improved comprehensive weight calculation method proposed by the present invention, experiment three was designed: respectively use the Delphi entropy method and the Delphi method to calculate the evaluation index weight, and then compare the two according to the actual measured value, the experiment The conditions and environment are the same as those of the above-mentioned experimental conditions and environment, and the results are shown in Figures 8a, 8b, and 8c.

It can be seen from Figures 8a, 8b, and 8c that the value of CDD in Figure 8a is 28%, the value in Figure 8c is 12%, and the actual measured value is 23%, which is closer to Figure 8a; similarly, other indicators Compared with the value under the Delphi method, the weight value under the Delphi entropy method has a smaller distance from the actual measured value and a better effect. The Delphi method mainly relies on human sensory judgment, which is too subjective. As can be seen from Figure c, some evaluation indicators have too much weight distribution, and some weight distribution is too little. Although the Delphi entropy method also partially relies on subjective judgment, it passes The entropy method reduces the interference of human factors to a certain extent, making the weight distribution more reasonable.

5.2.4 Evaluation effect analysis

In order to verify the effectiveness and continuity of the privacy protection evaluation method based on the Del entropy method proposed by the present invention, experiment 4 was designed: under the protection of the optimized block obfuscation method, the data was monitored and evaluated, and the evaluation indicators and The weight remains unchanged; in the experiment, the data is evaluated once every other week, and a total of four evaluations are carried out. The evaluation process is similar to the comprehensive comparison evaluation process; during the non-evaluation period, the daily data operation and business processing are simulated; the experimental results As shown in Figures 9 and 10.

It can be seen from Figure 9 that, with the change of time, the evaluation scores generally have an upward trend, but the fluctuation range is not too large. In the third week, it dropped slightly; from the perspective of privacy level, the first week and the second week And the fourth week belongs to a very good state, while the third week belongs to a good state. Overall, the evaluation effect is relatively stable. It can be seen from Figure 10 that with the increase in the number of data attributes, the evaluation score is relatively stable in the early stage, with little fluctuation, sometimes higher and sometimes lower, but when the number of attributes reaches 100, the evaluation score appears relatively large This is because as the number of data attributes increases, the number of data blocks increases, but the number of data nodes is limited, so some data blocks that cannot be put together are placed on the same node. As a result, the probability of privacy leakage is increased, and the evaluation score is reduced. It can be seen from the experiment that although the block obfuscation privacy protection method has a good privacy protection effect, it needs to be further improved.

In the big data platform, although the privacy protection method based on block obfuscation can realize the privacy protection of data, for tenants, the privacy protection effect of this method cannot be seen intuitively. Therefore, the present invention proposes a method to solve the above problems A privacy protection evaluation method based on the Del entropy method, which realizes the visual privacy evaluation of block obfuscation technology, establishes a privacy protection fuzzy comprehensive evaluation model based on the Del entropy method and a privacy protection hierarchical analysis model based on probability statistics, through The two-stage backtracking hierarchical analysis obtains the overall evaluation index value and evaluation parameter value of the data distribution after privacy protection, and calculates the single-factor evaluation vector according to the evaluation index and evaluation parameter value to reduce the interference of human factors, and at the same time synthesize and improve the subjective The Delphi method of judgment and the entropy method of objective judgment have improved the accuracy and fairness of the weight distribution of evaluation indicators, realized the visual evaluation of the block obfuscation privacy protection method, and provided a basis for further optimization of the block obfuscation privacy protection method. The theoretical basis and direction are clarified; finally, the present invention verifies the effectiveness of the evaluation index and evaluation method through experiments.

Another typical embodiment of the present application provides a computer device for privacy protection data analysis, including a memory, a processor, and a computer program stored in the memory and operable on the processor, the processor executes The following steps are implemented during the procedure, including:

Construct a privacy protection hierarchical analysis model based on probability and statistics, and solve the privacy protection evaluation index of privacy protection data;

According to the privacy protection evaluation index obtained above, a fuzzy comprehensive evaluation model of privacy protection based on Del entropy method is established;

Obtain the comprehensive evaluation score of the privacy protection fuzzy comprehensive evaluation model, and obtain the final evaluation result according to the score and grade standard.

Another typical implementation of the present application provides a computer-readable storage medium on which is stored a computer program for privacy-protected data analysis, which is characterized in that, when the program is executed by a processor, the following steps are implemented:

Construct a privacy protection hierarchical analysis model based on probability and statistics, and solve the privacy protection evaluation index of privacy protection data;

According to the privacy protection evaluation index obtained above, a fuzzy comprehensive evaluation model of privacy protection based on Del entropy method is established;

Obtain the comprehensive evaluation score of the privacy protection fuzzy comprehensive evaluation model, and obtain the final evaluation result according to the score and grade standard.

Although the specific implementation of the present invention has been described above in conjunction with the accompanying drawings, it does not limit the protection scope of the present invention. Those skilled in the art should understand that on the basis of the technical solution of the present invention, those skilled in the art do not need to pay creative work Various modifications or variations that can be made are still within the protection scope of the present invention.

Claims (10)

1. a kind of big data platform secret protection evaluation method based on Dare Information Entropy, characterized in that this method includes following Step：

(1) the secret protection Analytic Hierarchy Process Model based on probability statistics is built, the secret protection for solving secret protection data is commented Valence index；

(2) according to the secret protection evaluation index obtained in step 1, the secret protection fuzzy synthesis based on Dare Information Entropy is established Evaluation model；

(3) the overall merit score of secret protection model of fuzzy synthetic evaluation is obtained, and is obtained most according to score and classification standard Whole evaluation result.

2. the big data platform secret protection evaluation method according to claim 1 based on Dare Information Entropy, characterized in that The secret protection Analytic Hierarchy Process Model based on probability statistics, including：

(1-1) input layer, the user data after secret protection to be evaluated；

(1-2) data model storage layer is input with the user data after secret protection to be evaluated, according to the difference of user demand Different, SaaS application demands and cloud service provider advantage factors, difference is stored in by the user data after secret protection to be evaluated Data model storage DSM in；

User data in each data model storage is divided into different data blocks by (1-3) deblocking layer；

(1-4) client layer is stored in each data model storage DSM and data user data in the block；

(1-5) secret protection evaluation index layer defines secret protection evaluation index and its calculation formula；

(1-6) returns inverse layer, is returned to data model storage layer, data model storage layer to the two benches of input layer by client layer It is inverse, calculate the total evaluation index of secret protection data and evaluation parameter value.

3. the big data platform secret protection evaluation method according to claim 2 based on Dare Information Entropy, characterized in that It is described inverse to data model storage layer, data model storage layer to the two benches of input layer time by tenant's layer, calculate privacy The evaluation index and evaluation parameter value for protecting data total, including：

According to the definition of secret protection evaluation index and its calculation formula, calculates privacy of each user at each DSM and protect Evaluation index value is protected, the secret protection evaluation index value of all users is then based on, the secret protection evaluation for calculating each DSM refers to Mark and evaluation parameter value, are finally based on the evaluation index and evaluation parameter value of all DSM, calculate total hidden of secret protection data Private assessment indicators of protection and evaluation parameter value.

4. the big data platform secret protection evaluation method according to claim 2 based on Dare Information Entropy, characterized in that The secret protection evaluation index includes that private attribute leakage probability, private attribute leakage ratio, private attribute value entropy and block are inclined From degree；Evaluation parameter value includes private attribute leakage probability, private attribute leakage ratio, private attribute value entropy and block irrelevance Mean value and variance.

5. the big data platform secret protection evaluation method according to claim 1 based on Dare Information Entropy, characterized in that The secret protection model of fuzzy synthetic evaluation of the foundation based on Dare Information Entropy, including：

(2-1) determines that the factor of evaluation collection and Comment gathers of secret protection evaluation object, setting secret protection assessment grade divide Classification standard；

(2-2) carries out single factor evaluation to each evaluation index, the evaluation vector of each evaluation index is obtained, according to each evaluation index Evaluation vector build evaluations matrix；

(2-3) determines method using the comprehensive weight based on Delphi method and Information Entropy, obtains each secret protection evaluation criterion weight；

(2-4) uses fuzzy matrix compound operation, obtains fuzzy overall evaluation score and evaluation result.

6. the big data platform secret protection evaluation method according to claim 5 based on Dare Information Entropy, characterized in that The factor of evaluation collection of the secret protection evaluation object includes private attribute leakage probability, private attribute leakage ratio, privacy category Property value entropy and block irrelevance；The Comment gathers include very good, good, general and poor.

7. the big data platform secret protection evaluation method according to claim 5 based on Dare Information Entropy, characterized in that The comprehensive weight using based on Delphi method and Information Entropy determines method, obtains each evaluation criterion weight, including：

M extraction is carried out from several evaluation experts, forms m group, the number extracted every time is certain but different, obtains m The marking of a group of evaluation index；

Using the marking of m group evaluation index, decision matrix is built；

Based on decision matrix, the sum of the overall merit score of all groupings under each secret protection evaluation index is calculated；

The overall merit score by every group of scoring and all groupings under each secret protection evaluation index is quotient respectively, obtains each privacy and protects Protect the contribution margin of every group of scoring under evaluation index；

Based on the contribution margin of every group of scoring under each secret protection evaluation index, all groupings under each secret protection evaluation index are calculated The entropy to score to index value；

The significance level for calculating each secret protection evaluation index, by the significance level of each secret protection evaluation index and always important Degree is compared, and the weight of each secret protection evaluation index is obtained.

8. the big data platform secret protection evaluation method according to claim 5 based on Dare Information Entropy, characterized in that It is described to use fuzzy matrix compound operation, fuzzy overall evaluation score and evaluation result are obtained, including：

The weight of the evaluations matrix of each evaluation index and each evaluation index is subjected to synthesis operation, obtains evaluation vector；

Evaluation vector is normalized, using weighted mean operation, obtains fuzzy overall evaluation score,

Final evaluation result is obtained according to fuzzy overall evaluation score and classification standard.

9. a kind of computer installation, it to be used for secret protection data analysis and evaluation, including memory, processor and is stored in storage On device and the computer program that can run on a processor, feature are being, the processor realized when executing described program with Lower step, including：

The secret protection Analytic Hierarchy Process Model based on probability statistics is built, the secret protection evaluation for solving secret protection data refers to Mark；

According to secret protection evaluation index obtained above, the secret protection fuzzy overall evaluation mould based on Dare Information Entropy is established Type；

The overall merit score of secret protection model of fuzzy synthetic evaluation is obtained, and is obtained finally according to score and classification standard Evaluation result.

10. a kind of computer readable storage medium is stored thereon with the computer journey for secret protection data analysis and evaluation Sequence, characterized in that the program realizes following steps when being executed by processor：

The secret protection Analytic Hierarchy Process Model based on probability statistics is built, the secret protection evaluation for solving secret protection data refers to Mark；

According to secret protection evaluation index obtained above, the secret protection fuzzy overall evaluation mould based on Dare Information Entropy is established Type；

The overall merit score of secret protection model of fuzzy synthetic evaluation is obtained, and is obtained finally according to score and classification standard Evaluation result.