ABSTRACT
This article proposes a novel approach to enabling privacy protection in cloud computing based on the idea of economics of information security in Anderson (2006), Nisan (2007). Anderson (2006) stated that the lacking of effective incentive and restraint mechanism can cause the security failure of many application systems. This article designs an effective mechanism that the rational and selfinterested service providers should be liable for their coalition to cause data privacy disclosure and bear the relevant punishment. However, if service providers abide by the agreement, they should get appropriate incentives. In order to balance the contradiction between data encryption and query performance, based on the idea of Agrawal (2005), the sensitive information is decomposed and allocated on different service providers without having to encrypt sensitive data. The general architecture
1 INTRODUCTION
Data security and query performance plays an important role in cloud computing, and they are a pair of contradiction. As customers upload their data to un-trusted external database servers, how to ensure the security of customers’ data is the key point for the cloud computing applications. Data security in cloud computing involves many aspects, such as data confidentiality, data privacy, data correctness and completeness. This article mainly focuses on the data privacy security in the perspective of game theory.
