图像云存储平台因其信息共享方便、价格低廉、节省本地存储空间以及弹性可扩充等技术性优势逐渐显现出其应用价值。但云存储的环境下，图像的隐私问题十分突出。将具有丰富视觉意义的原始图像转化为无任何视觉意义的经典加密方案能够缓和隐私担忧，但这种方式放弃了图像在云端的视觉可用性，迫使用户在隐私性与可用性之间做出选择。研究者提出了能够在图像隐私性与可用性之间达成平衡的加密图像新范式，即缩略图保持加密(thumbnail-preserving encryption,TPE)。在TPE方案中，原始图像中精细的视觉信息被抹去以保护隐私，而粗略的视觉信息被保留以保持可用。同时，TPE考虑了隐私具有因人而异、因事而论的主观性和动态性，允许用户通过简单操作来改变隐私性与可用性之间的平衡。鉴于国内外尚无关于TPE的研究进展或者综述，为了有助于TPE研究的进一步发展，本文对TPE的研究进行系统性总结。首先简述TPE的研究背景与意义，以客观视角对TPE方案进行全面总结与回顾，同时展望潜在的研究方向。本文将TPE方案根据密文图像和解密图像的视觉质量分为理想TPE与近似TPE两类，这是第一次对TPE进行系统性分类的研究进展，并分别对现有技术方案进行细致阐述，从技术原理角度给出了各方案的优缺点以及可能改进的方向。同时，利用实验手段对相关具有代表性的技术方案进行了对比测试。最后，细致地探究了TPE可能的应用场景，并提出了有助于TPE进一步发展的研究重点和现存问题。总体来说，本文工作对现有的TPE方案进行归纳整理、分析提炼，从而反映该领域的研究现状和发展趋势，填补了国内外TPE尚无系统性总结工作这一空白。

Image cloud storage platform has been developing intensively in recent years in relevant to its features of information sharing, cost efficiency, less local storage space and elastic scalability. It has led to the growth of uploading images to the cloud. However, cloud storage is risky for its convenience. It has caused a number of privacy concerns. For example, the Hollywood pornographic photo scandal broke out in iCloud in 2014 because Hollywood actresses uploaded nude photos directly to the cloud. The iCloud is hacked to obtain these images after that. Rich visual meaning original images are converted by classical image encryption schemes into visual meaningless images, as well as salt and pepper-resembled noises can alleviate privacy concerns. However, the visual usability of the image in the cloud is ignored since users cannot obtain any useful visual information via browsing images in the cloud, and users is forced to choose it in following between image privacy and usability. Meanwhile, users have to download and decrypted the encrypted image continuously until they find the required one. In some cases, users may have to download and decrypt all encrypted images stored in the cloud if they need one image only. It is equivalent to ignore most of the usability of the cloud and preserving only the storage function, which may be one of the reasons why image encryption is rare in the cloud. The balancing issue of privacy and usability has been challenging in the field of multimedia research currently. The emerging thumbnail-preserving encryption (TPE) can balance image privacy and usability in terms of preserving the original thumbnail in the encrypted image recently. The visual effect-preserved in the encrypted image is equivalent to the original thumbnail-preserved. That is, visual information is larger than the thumbnail, and visual information is smaller than thumbnail-preserved. Users can configure and browse visual information only to identify images for usability. First, all TPE schemes are oriented to segmenting the image into thumbnail blocks and the block size is determined by the user. The visual information larger than the thumbnail block is preserved in the encrypted image, but the visual information is smaller than the deleted thumbnail block. The larger of the size is, the privacy protection is better and the usability is worse. Conversely, the size is smaller, the privacy protection is worse and the usability is better. Hence, users can adjust the balance between privacy and usability by resizing as needed, i.e., balance tunability, which allows users with different privacy sensitivities to choose the balance point to satisfy themselves. In fact, privacy has the characteristics of complexity and subjectivity that vary from person to person and from time to time. As long as users think it is in privacy, it should be protected. Therefore, privacy protection needs to give users the right option to decide, that is, let them adjust the degree of protection. In other words, TPE can yield users to adjust the protection level by changing one parameter simply, i.e., block size. Then, the pixels in each thumbnail block are encrypted and the premise is focused on the sum of pixel values in the block before and after encryption preserves unchanged. The closer the sum of the pixel values of the encrypted block is concerned of the sum of the corresponding original block, the higher quality of the thumbnail is preserved in the encrypted image, i.e., the visual quality is better for the encrypted image. The aims and objects of TPE research is briefly introduced in this paper. Furthermore, we summarize and review TPE schemes quantitatively, and potential research directions and possible applicable scenarios are predicted. The existing TPE schemes are classified into two types in terms of the visual quality of encrypted and decrypted images: 1) ideal TPE and 2) approximate TPE. For the former one, the thumbnail of the encrypted image is identical to the thumbnail of the original one, and the decrypted image is exactly the same as the original one simultaneously. For the latter one, the thumbnail of the encrypted image is the approximate version of the thumbnail of the original one despite of similarity-perceptual between the both, some pixels have changed slightly although there may no perceptible difference between the decrypted image and the original image in visual effect. The existing TPE schemes are described in detail in the context of its key techniques, framework, and security. Meanwhile, the pros and cons and potential directions of each scheme are given in terms of technical mechanism. In addition, to demonstrate the features of the relevant schemes, the representative TPE schemes are fully compared and tested by experiments, such as visual quality evaluation, size expansion evaluation, face detection evaluation, and user experiment. All experiments are equipped with the same machine and its key parameters are i7-8700 CPU@ 3.2 GHz, 16 GB RAM, and Window 10, while most experiments are configured with MATLAB 2016b. Finally, the synthesized open problems of TPE schemes and the future directions can predict for improving the existing schemes. To sum up, the existing TPE schemes are reviewed literately. The summary of TPE is carried out systematically on the basis of research status and development trend-relevant analysis.