中文摘要：

软件即服务（SaaS）模式下,业务应用和数据库部署在非完全可信的服务运营商的平台上,租户数据的隐私保护成为SaaS模式应用和推广中一个极大的问题和挑战.基于明文状态下不同SaaS数据属性组合泄露隐私程度的不同,提出一种面向SaaS应用的数据组合隐私保护机制.该隐私保护机制支持租户自定制隐私约束,用来描述数据组合隐私保护需求,将SaaS数据属性切分到不同的数据分块中,利用可信第三方实现数据切片间关联关系的混淆和重构,并基于伪造数据,确保同一数据分块内部数据切片分布的均衡化,实现SaaS数据组合隐私保护和实用性的有效结合.通过分析,证明了隐私保护机制的合理性,并通过实验验证了该隐私保护机制的实用性.

英文摘要：

In Software-as-a-Service（SaaS）model,business applications and databases are both deployed at the platform of untrustworthy service providers.Data privacy leakage has become the biggest problem and challenge hindering application and adoption of SaaS model.Based on the privacy leakage degree of different plainx data combination in SaaS model,this paper proposes a data combination privacy preservation mechanism for SaaS.This mechanism supports customizing privacy constraint,which is used to describe the requirements of data combination privacy,and fragments the SaaS data attribute into the different data chunks.Based on the trusted third party,association between data shares from different data chunks could be hidden and reconstructed,fake data are also used to assure the balancing of the data shares in data chunks,which combines data privacy preservation and data usability.It is proven that the privacy preservation mechanism is effective and feasible through analysis and experiments.