1. NCCU Academic Hub
  2. Publications
  3. College of Informatics
  4. Theses
  5. Item

Publications-Theses

Article View/Open

Publication Export

Google ScholarTM

NCCU Library

Citation Infomation

Related Publications in TAIR

題名 在語意式雲端環境上資料交換的保護 -以醫療病例為例
Data exchange protection in the semantic data cloud-medical health record as an example
作者 黃雅玲
Huang, Ya Ling
貢獻者 胡毓忠
Hu, Yuh Jong
黃雅玲
Huang, Ya Ling
關鍵詞 語意網
資料交換
雜湊函數
日期 2012
上傳時間 1-Apr-2013 14:39:07 (UTC+8)
摘要 近年來,隨著網路資訊的普及和個人隱私意識的提升,個人識別資料的分享和保護已經變成重要網路研究議題之ㄧ。資料存放在雲端環境上,因不同資料來源之間結構上的差異,我們將會面臨到如何建立PII的分享和保護準則,以確保滿足資料擁有者的隱私偏好。
本研究使用雲端運算做為多個資料源執行資料交換的環境,其好處在於擁有大量的網路存放空間、大幅降低了資料管理成本。舉例來說,我們可在雲端環境上存放大量的醫療資料,當使用者欲查詢不同來源的醫療資料時,可透過資料交換的方式從單一入口取得,不需兩端分別進行查詢,並利用雜湊函數的方式來處理個人資料匿名性的辨識,主要是在不揭露個人資料的狀況下,仍然可以判斷資料是否為同一筆資料。
另外,由於本研究以個人隱私資料做為研究之情境,所以在隱私保護上會以存取控管規範(Access Control Policy,ACP)、資料處理規範(Data Handling Policy,DHP)和資料釋放規範(Data Release Policy,DRP),三種規範來說明資料保護、資料交換和資料揭露的過程。
最後,本研究主要是使用具有語意化技術本體論和規則的知識表達來解決跨資料源的資料交換,除了理論塑模之外並且利用兩家醫院的情境來加以展示。
Personal Identifiable Information (PII) sharing and protection have become one of the most important research issues for the Internet, especially for cloud computing infrastructure because of its widespread services. The challenge of sharing structured PII data in the cloud is to address the structure differences between data sources. In addition, we face the problem for how to establish the PII sharing and protection principles to ensure that its disclosure criteria are satisfied with the data owners` privacy policies.
In this study, we use cloud computing simulated environment as a multiple data sources exchange platform because of its spacious and cost-effective reasons. For example, we can outsource tremendous amount of electronic health record (EHR) administration services in the cloud without too much cost. Besides, data exchange provides a single point of data access instead of having accessed in a separate entry. We apply hash function of de-identifiable partial PII to enable record linkage services between data sources for data exchange without losing data owners` privacy.
Three types of privacy protection policies are proposed to achieve the data exchange and protection objectives in the multiple sources data cloud. They are Access Control Policy (ACP), Data Handling Policy (DHP), and Data Releasing Policy (DRP). These policies are represented as OWL-based ontologies and enforced as Logic-Program (LP)-based rules. We demonstrate the privacy protection policy concepts for medical record exchange between two hospitals.
參考文獻 [1] Eberhart, A. et al., "Semantic Technologies and Cloud Computing." In Foundations for the Web of Information and Services, Fensel, D., Ed.; Springer, 2011, pp. 239–251.
[2] 新北市政府資訊中心,新北市打造雲端檔案櫃省紙減碳節省公帑千萬,2012
http://www.imc.ntpc.gov.tw/web/News?command=showDetail&postId=262250
[3] Bill Claybrook. "Differences Explained: Private vs. Public vs. Hybrid Cloud Computing." Sponsored by: HP & INTEL, 2011.
[4] R. Fagin , et al.," Data Exchange: Semantics and Query Answering", Lecture Notes in Computer Science, vol.2572, pp.207-224, 2003.
[5] A. Hernich, et al.," Logic and Data Exchange: Which Solutions Are “Good” Solutions?", Lecture Notes in Computer Science, vol.6006,pp.61-85, 2010.
[6] A. Y. Levy, et al., "Querying Heterogeneous Information Sources Using Source Descriptions," Presented at the Proceedings of the 22th International Conference on Very Large Data Bases, 1996.
[7] R. Herold, "European Union (EU) Data Protection Directive of 1995 Frequently Asked Questions " Computer Security Institute,2002.
[8] R. Popp, et al.," Countering Terrorism Through Information and Privacy Protection Technologies", IEEE Security and Privac, vol.4,pp.18-27, 2006.
[9] V. Ciriani, S. Capitani di Vimercati, et al., "Microdata Protection," in Secure Data Management in Decentralized Systems. vol. 33, 2007, pp. 291-321.
[10] L. Sweeney, et al.," k-Anonymity: A Model for Protecting Privacy", International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems,vol.10,pp.557-570,2002.
[11] D. Calvanese and G. D. Giacomo, "Data Integration: A Logic-Based Perspective," AI Magazine, vol. 26, pp. 59-70, 2005.
[12] Y. Kalfoglou and M. Schorlemmer, "Ontology Mapping: The State of The Art", The Knowledge Engineering Review, vol. 18, pp. 1-31, 2003.
[13] J. Euzenat and P. Valtchev, "Similarity-Based Ontology Alignment in OWL-Lite", ECAI , 2004.
[14] N. F. Noy and M. A. Musen, "The PROMPT Suite: Interactive Tools for Ontology Merging and Mapping," International Journal of Human-Computer Studies, vol. 59, pp. 983-1024, 2003.
[15] R.L.Rivest.," The MD5 message digest algorithm ", RFC 1321, 1992.
[16] L. Sweeney, "Achieving k-anonymity privacy protection using generalization and suppression." International Journal on Uncertainty, Fuzziness and Knowledge-based Systems, 2002.
[17] 鄭國平, "雲端委外語意式資料保護," 碩士, 資訊科學學系,國立政治大學,2013.
[18] C.A. Ardagna, et al., "A Privacy-Aware Access Control System∗," J. Comput. Secur., vol. 16, pp. 369-397, 2008.
[19] C. A. Ardagna, J. Camenisch, et al., "Exploiting cryptography for privacy-enhanced access control: A result of the PRIME Project," J. Comput. Secur., vol. 18, pp. 123-160, 2010.
[20] Ian Horrocks, Peter F. Patel-Schneider, Harold Boley, Said Tabet , Benjamin Grosof , Mike Mike Mike Dean(2004). ”SWRL: A Semantic Web Rule Language Combining OWL and RuleML”,
http://www.w3.org/Submission/SWRL/
[21] OECD定義Quasi-identifiers
http://stats.oecd.org/glossary/detail.asp?ID=6961
[22] 楊竣展, "整合資料在雲端環境上的分享與隱私保護-以電子病歷資料為例," 碩士, 資訊科學學系,國立政治大學,2011.
[23] J. Mateo-Sanz, A. Martínez-Ballesté, et al., "Fast Generation of Accurate Synthetic Microdata," in Privacy in Statistical Databases. vol. 3050, 2004, pp. 298-306.
[24] Knublauch, H., M. A. Musen, and A. L. Rector(2004). “Editing description logics ontologies with the Protégé OWL plugin”, International Workshop on Description Logics., Vol.104.
描述 碩士
國立政治大學
資訊科學學系
99753026
101
資料來源 http://thesis.lib.nccu.edu.tw/record/#G0099753026
資料類型 thesis
dc.contributor.advisor 胡毓忠zh_TW
dc.contributor.advisor Hu, Yuh Jongen_US
dc.contributor.author (Authors) 黃雅玲zh_TW
dc.contributor.author (Authors) Huang, Ya Lingen_US
dc.creator (作者) 黃雅玲zh_TW
dc.creator (作者) Huang, Ya Lingen_US
dc.date (日期) 2012en_US
dc.date.accessioned 1-Apr-2013 14:39:07 (UTC+8)-
dc.date.available 1-Apr-2013 14:39:07 (UTC+8)-
dc.date.issued (上傳時間) 1-Apr-2013 14:39:07 (UTC+8)-
dc.identifier (Other Identifiers) G0099753026en_US
dc.identifier.uri (URI) http://nccur.lib.nccu.edu.tw/handle/140.119/57581-
dc.description (描述) 碩士zh_TW
dc.description (描述) 國立政治大學zh_TW
dc.description (描述) 資訊科學學系zh_TW
dc.description (描述) 99753026zh_TW
dc.description (描述) 101zh_TW
dc.description.abstract (摘要) 近年來,隨著網路資訊的普及和個人隱私意識的提升,個人識別資料的分享和保護已經變成重要網路研究議題之ㄧ。資料存放在雲端環境上,因不同資料來源之間結構上的差異,我們將會面臨到如何建立PII的分享和保護準則,以確保滿足資料擁有者的隱私偏好。
本研究使用雲端運算做為多個資料源執行資料交換的環境,其好處在於擁有大量的網路存放空間、大幅降低了資料管理成本。舉例來說,我們可在雲端環境上存放大量的醫療資料,當使用者欲查詢不同來源的醫療資料時,可透過資料交換的方式從單一入口取得,不需兩端分別進行查詢,並利用雜湊函數的方式來處理個人資料匿名性的辨識,主要是在不揭露個人資料的狀況下,仍然可以判斷資料是否為同一筆資料。
另外,由於本研究以個人隱私資料做為研究之情境,所以在隱私保護上會以存取控管規範(Access Control Policy,ACP)、資料處理規範(Data Handling Policy,DHP)和資料釋放規範(Data Release Policy,DRP),三種規範來說明資料保護、資料交換和資料揭露的過程。
最後,本研究主要是使用具有語意化技術本體論和規則的知識表達來解決跨資料源的資料交換,除了理論塑模之外並且利用兩家醫院的情境來加以展示。		zh_TW
dc.description.abstract (摘要) Personal Identifiable Information (PII) sharing and protection have become one of the most important research issues for the Internet, especially for cloud computing infrastructure because of its widespread services. The challenge of sharing structured PII data in the cloud is to address the structure differences between data sources. In addition, we face the problem for how to establish the PII sharing and protection principles to ensure that its disclosure criteria are satisfied with the data owners` privacy policies.
In this study, we use cloud computing simulated environment as a multiple data sources exchange platform because of its spacious and cost-effective reasons. For example, we can outsource tremendous amount of electronic health record (EHR) administration services in the cloud without too much cost. Besides, data exchange provides a single point of data access instead of having accessed in a separate entry. We apply hash function of de-identifiable partial PII to enable record linkage services between data sources for data exchange without losing data owners` privacy.
Three types of privacy protection policies are proposed to achieve the data exchange and protection objectives in the multiple sources data cloud. They are Access Control Policy (ACP), Data Handling Policy (DHP), and Data Releasing Policy (DRP). These policies are represented as OWL-based ontologies and enforced as Logic-Program (LP)-based rules. We demonstrate the privacy protection policy concepts for medical record exchange between two hospitals.		en_US
dc.description.tableofcontents 摘要 3
第一章、導論 10
1.1研究動機 10
1.2研究目的 11
1.3各章節概述 11
第二章、研究背景 12
2.1雲端運算 12
2.2資料交換 vs.資料整合 12
2.3個人資料查詢的合理使用 14
2.4本體論 16
2.5資料整合-資料庫vs.本體論 16
2.6雜湊函數 18
第三章、相關研究 20
3.1 隱私還原保護 20
3.2雲端委外語意式資料保護 21
3.3 隱私資料的存取控管機制 21
第四章、研究方法與架構 23
4.1研究情境與架構 23
4.2本體論建構 25
4.2.1 ACP、DHP和DRP設計 25
4.2.2 ACP設計 26
4.2.3 DHP設計 28
4.2.4 DRP設計 38
4.2.5查詢結果說明 42
4.3不同資料來源的分析與優勢 43
4.3.1 SBQ分析與優勢 43
4.3.2 PBQ分析與優勢 44
第五章、模擬驗證 47
5.1模擬架構 47
5.2模擬驗證之環境需求 47
5.3 Protégé實作本體論與規則 48
第六章、結論與未來展望 51
參考資料: 52		zh_TW
dc.language.iso en_US-
dc.source.uri (資料來源) http://thesis.lib.nccu.edu.tw/record/#G0099753026en_US
dc.subject (關鍵詞) 語意網zh_TW
dc.subject (關鍵詞) 資料交換zh_TW
dc.subject (關鍵詞) 雜湊函數zh_TW
dc.title (題名) 在語意式雲端環境上資料交換的保護 -以醫療病例為例zh_TW
dc.title (題名) Data exchange protection in the semantic data cloud-medical health record as an exampleen_US
dc.type (資料類型) thesisen
dc.relation.reference (參考文獻) [1] Eberhart, A. et al., "Semantic Technologies and Cloud Computing." In Foundations for the Web of Information and Services, Fensel, D., Ed.; Springer, 2011, pp. 239–251.
[2] 新北市政府資訊中心,新北市打造雲端檔案櫃省紙減碳節省公帑千萬,2012
http://www.imc.ntpc.gov.tw/web/News?command=showDetail&postId=262250
[3] Bill Claybrook. "Differences Explained: Private vs. Public vs. Hybrid Cloud Computing." Sponsored by: HP & INTEL, 2011.
[4] R. Fagin , et al.," Data Exchange: Semantics and Query Answering", Lecture Notes in Computer Science, vol.2572, pp.207-224, 2003.
[5] A. Hernich, et al.," Logic and Data Exchange: Which Solutions Are “Good” Solutions?", Lecture Notes in Computer Science, vol.6006,pp.61-85, 2010.
[6] A. Y. Levy, et al., "Querying Heterogeneous Information Sources Using Source Descriptions," Presented at the Proceedings of the 22th International Conference on Very Large Data Bases, 1996.
[7] R. Herold, "European Union (EU) Data Protection Directive of 1995 Frequently Asked Questions " Computer Security Institute,2002.
[8] R. Popp, et al.," Countering Terrorism Through Information and Privacy Protection Technologies", IEEE Security and Privac, vol.4,pp.18-27, 2006.
[9] V. Ciriani, S. Capitani di Vimercati, et al., "Microdata Protection," in Secure Data Management in Decentralized Systems. vol. 33, 2007, pp. 291-321.
[10] L. Sweeney, et al.," k-Anonymity: A Model for Protecting Privacy", International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems,vol.10,pp.557-570,2002.
[11] D. Calvanese and G. D. Giacomo, "Data Integration: A Logic-Based Perspective," AI Magazine, vol. 26, pp. 59-70, 2005.
[12] Y. Kalfoglou and M. Schorlemmer, "Ontology Mapping: The State of The Art", The Knowledge Engineering Review, vol. 18, pp. 1-31, 2003.
[13] J. Euzenat and P. Valtchev, "Similarity-Based Ontology Alignment in OWL-Lite", ECAI , 2004.
[14] N. F. Noy and M. A. Musen, "The PROMPT Suite: Interactive Tools for Ontology Merging and Mapping," International Journal of Human-Computer Studies, vol. 59, pp. 983-1024, 2003.
[15] R.L.Rivest.," The MD5 message digest algorithm ", RFC 1321, 1992.
[16] L. Sweeney, "Achieving k-anonymity privacy protection using generalization and suppression." International Journal on Uncertainty, Fuzziness and Knowledge-based Systems, 2002.
[17] 鄭國平, "雲端委外語意式資料保護," 碩士, 資訊科學學系,國立政治大學,2013.
[18] C.A. Ardagna, et al., "A Privacy-Aware Access Control System∗," J. Comput. Secur., vol. 16, pp. 369-397, 2008.
[19] C. A. Ardagna, J. Camenisch, et al., "Exploiting cryptography for privacy-enhanced access control: A result of the PRIME Project," J. Comput. Secur., vol. 18, pp. 123-160, 2010.
[20] Ian Horrocks, Peter F. Patel-Schneider, Harold Boley, Said Tabet , Benjamin Grosof , Mike Mike Mike Dean(2004). ”SWRL: A Semantic Web Rule Language Combining OWL and RuleML”,
http://www.w3.org/Submission/SWRL/
[21] OECD定義Quasi-identifiers
http://stats.oecd.org/glossary/detail.asp?ID=6961
[22] 楊竣展, "整合資料在雲端環境上的分享與隱私保護-以電子病歷資料為例," 碩士, 資訊科學學系,國立政治大學,2011.
[23] J. Mateo-Sanz, A. Martínez-Ballesté, et al., "Fast Generation of Accurate Synthetic Microdata," in Privacy in Statistical Databases. vol. 3050, 2004, pp. 298-306.
[24] Knublauch, H., M. A. Musen, and A. L. Rector(2004). “Editing description logics ontologies with the Protégé OWL plugin”, International Workshop on Description Logics., Vol.104.		zh_TW