Journal articles on the topic 'Secure Outsourced Computation'
To see the other types of publications on this topic, follow the link: Secure Outsourced Computation.
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'Secure Outsourced Computation.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Olakanmi, Oladayo Olufemi, and Adedamola Dada. "An Efficient Privacy-preserving Approach for Secure Verifiable Outsourced Computing on Untrusted Platforms." International Journal of Cloud Applications and Computing 9, no. 2 (April 2019): 79–98. http://dx.doi.org/10.4018/ijcac.2019040105.
Full textAbstract:
In outsourcing computation models, weak devices (clients) increasingly rely on remote servers (workers) for data storage and computations. However, most of these servers are hackable or untrustworthy, which makes their computation questionable. Therefore, there is need for clients to validate the correctness of the results of their outsourced computations and ensure that servers learn nothing about their clients other than the outputs of their computation. In this work, an efficient privacy preservation validation approach is developed which allows clients to store and outsource their computations to servers in a semi-honest model such that servers' computational results could be validated by clients without re-computing the computation. This article employs a morphism approach for the client to efficiently perform the proof of correctness of its outsourced computation without re-computing the whole computation. A traceable pseudonym is employed by clients to enforce anonymity.
2
Blanton, Marina, and Mehrdad Aliasgari. "Secure outsourced computation of iris matching." Journal of Computer Security 20, no. 2-3 (June 12, 2012): 259–305. http://dx.doi.org/10.3233/jcs-2012-0447.
Full text
3
Sun, Yi, Qiaoyan Wen, Yudong Zhang, Hua Zhang, Zhengping Jin, and Wenmin Li. "Two-Cloud-Servers-Assisted Secure Outsourcing Multiparty Computation." Scientific World Journal 2014 (2014): 1–7. http://dx.doi.org/10.1155/2014/413265.
Full textAbstract:
We focus on how to securely outsource computation task to the cloud and propose a secure outsourcing multiparty computation protocol on lattice-based encrypted data in two-cloud-servers scenario. Our main idea is to transform the outsourced data respectively encrypted by different users’ public keys to the ones that are encrypted by the same two private keys of the two assisted servers so that it is feasible to operate on the transformed ciphertexts to compute an encrypted result following the function to be computed. In order to keep the privacy of the result, the two servers cooperatively produce a custom-made result for each user that is authorized to get the result so that all authorized users can recover the desired result while other unauthorized ones including the two servers cannot. Compared with previous research, our protocol is completely noninteractive between any users, and both of the computation and the communication complexities of each user in our solution are independent of the computing function.
4
Shao, Jun, and Guiyi Wei. "Secure Outsourced Computation in Connected Vehicular Cloud Computing." IEEE Network 32, no. 3 (May 2018): 36–41. http://dx.doi.org/10.1109/mnet.2018.1700345.
Full text
5
Treiber, Amos, Andreas Nautsch, Jascha Kolberg, Thomas Schneider, and Christoph Busch. "Privacy-preserving PLDA speaker verification using outsourced secure computation." Speech Communication 114 (November 2019): 60–71. http://dx.doi.org/10.1016/j.specom.2019.09.004.
Full text
6
Yang, Yang, Xindi Huang, Ximeng Liu, Hongju Cheng, Jian Weng, Xiangyang Luo, and Victor Chang. "A Comprehensive Survey on Secure Outsourced Computation and Its Applications." IEEE Access 7 (2019): 159426–65. http://dx.doi.org/10.1109/access.2019.2949782.
Full text
7
Hong, Jun, Tao Wen, Quan Guo, and Zhengwang Ye. "Secure kNN Computation and Integrity Assurance of Data Outsourcing in the Cloud." Mathematical Problems in Engineering 2017 (2017): 1–15. http://dx.doi.org/10.1155/2017/8109730.
Full textAbstract:
As cloud computing has been popularized massively and rapidly, individuals and enterprises prefer outsourcing their databases to the cloud service provider (CSP) to save the expenditure for managing and maintaining the data. The outsourced databases are hosted, and query services are offered to clients by the CSP, whereas the CSP is not fully trusted. Consequently, the security shall be violated by multiple factors. Data privacy and query integrity are perceived as two major factors obstructing enterprises from outsourcing their databases. A novel scheme is proposed in this paper to effectuate k-nearest neighbors (kNN) query and kNN query authentication on an encrypted outsourced spatial database. An asymmetric scalar-product-preserving encryption scheme is elucidated, in which data points and query points are encrypted with diverse encryption keys, and the CSP can determine the distance relation between encrypted data points and query points. Furthermore, the similarity search tree is extended to build a novel verifiable SS-tree that supports efficient kNN query and kNN query verification. It is indicated from the security analysis and experiment results that our scheme not only maintains the confidentiality of outsourced confidential data and query points but also has a lower kNN query processing and verification overhead than the MR-tree.
8
Yang, Guangcan, Jiayang Li, Yunhua He, Ke Xiao, Yang Xin, Hongliang Zhu, and Chen Li. "A Security-Enhanced Query Result Verification Scheme for Outsourced Data in Location-Based Services." Applied Sciences 12, no. 16 (August 13, 2022): 8126. http://dx.doi.org/10.3390/app12168126.
Full textAbstract:
Location-based services (LBSs) facilitate people’s lives; location-based service providers (LBSPs) usually outsource services to third parties to provide better services. However, the third party is a dishonest entity that might return incorrect or incomplete query results under the consideration of saving storage space and computation resources. In this paper, we propose a security-enhanced query result verification scheme (SEQRVS) for the outsourced data in a LBS. Specifically, while retaining fine-grained query result verification, we improve the construction process of verification objects to enhance the security of the outsourced data. To prevent the third party from deducing the knowledge of the outsourced data stored in itself (statistically), our scheme designs a novel storage structure to enhance the ability of privacy preservation for the outsourced data. Furthermore, based on the secure keyword search and query result verification mode proposed in our scheme, the user cannot only verify the correctness and completeness of the query result but also achieve consistency verification by the blockchain. Finally, the security analysis and extensive simulation results show the security and practicality of the proposed scheme.
9
Zhu, Youwen, Xingxin Li, Jian Wang, Yining Liu, and Zhiguo Qu. "Practical Secure Naïve Bayesian Classification Over Encrypted Big Data in Cloud." International Journal of Foundations of Computer Science 28, no. 06 (September 2017): 683–703. http://dx.doi.org/10.1142/s0129054117400135.
Full textAbstract:
Cloud can provide much convenience for big data storage and analysis. To enjoy the advantage of cloud service with privacy preservation, huge data is increasingly outsourced to cloud in encrypted form. Unfortunately, encryption may impede the analysis and computation over the outsourced dataset. Naïve Bayesian classification is an effective algorithm to predict the class label of unlabeled samples. In this paper, we investigate naïve Bayesian classification on encrypted large-scale dataset in cloud, and propose a practical and secure scheme for the challenging problem. In our scheme, all the computation task of naïve Bayesian classification are completed by the cloud, which can dramatically reduce the burden of data owner and users. We give a formal security proof for our scheme. Based on the theoretical proof, we can strictly guarantee the privacy of both input dataset and output classification results, i.e., the cloud can learn nothing useful about the training data of data owner and the test samples of users throughout the computation. Additionally, we not only theoretically analyze our computation complexity and communication overheads, but also evaluate our implementation cost by leveraging extensive experiments over real dataset, which shows our scheme can achieve practical efficiency.
10
Song, Mingyang, and Yingpeng Sang. "Secure Outsourcing of Matrix Determinant Computation under the Malicious Cloud." Sensors 21, no. 20 (October 14, 2021): 6821. http://dx.doi.org/10.3390/s21206821.
Full textAbstract:
Computing the determinant of large matrix is a time-consuming task, which is appearing more and more widely in science and engineering problems in the era of big data. Fortunately, cloud computing can provide large storage and computation resources, and thus, act as an ideal platform to complete computation outsourced from resource-constrained devices. However, cloud computing also causes security issues. For example, the curious cloud may spy on user privacy through outsourced data. The malicious cloud violating computing scripts, as well as cloud hardware failure, will lead to incorrect results. Therefore, we propose a secure outsourcing algorithm to compute the determinant of large matrix under the malicious cloud mode in this paper. The algorithm protects the privacy of the original matrix by applying row/column permutation and other transformations to the matrix. To resist malicious cheating on the computation tasks, a new verification method is utilized in our algorithm. Unlike previous algorithms that require multiple rounds of verification, our verification requires only one round without trading off the cheating detectability, which greatly reduces the local computation burden. Both theoretical and experimental analysis demonstrate that our algorithm achieves a better efficiency on local users than previous ones on various dimensions of matrices, without sacrificing the security requirements in terms of privacy protection and cheating detectability.
11
Zong, Haoran, Hai Huang, and Shufang Wang. "Secure Outsourced Computation of Matrix Determinant Based on Fully Homomorphic Encryption." IEEE Access 9 (2021): 22651–61. http://dx.doi.org/10.1109/access.2021.3056476.
Full text
12
Aloufi, Asma, Peizhao Hu, Yongsoo Song, and Kristin Lauter. "Computing Blindfolded on Data Homomorphically Encrypted under Multiple Keys: A Survey." ACM Computing Surveys 54, no. 9 (December 31, 2022): 1–37. http://dx.doi.org/10.1145/3477139.
Full textAbstract:
With capability of performing computations on encrypted data without needing the secret key, homomorphic encryption (HE) is a promising cryptographic technique that makes outsourced computations secure and privacy-preserving. A decade after Gentry’s breakthrough discovery of how we might support arbitrary computations on encrypted data, many studies followed and improved various aspects of HE, such as faster bootstrapping and ciphertext packing. However, the topic of how to support secure computations on ciphertexts encrypted under multiple keys does not receive enough attention. This capability is crucial in many application scenarios where data owners want to engage in joint computations and are preferred to protect their sensitive data under their own secret keys. Enabling this capability is a non-trivial task. In this article, we present a comprehensive survey of the state-of-the-art multi-key techniques and schemes that target different systems and threat models. In particular, we review recent constructions based on Threshold Homomorphic Encryption (ThHE) and Multi-Key Homomorphic Encryption (MKHE). We analyze these cryptographic techniques and schemes based on a new secure outsourced computation model and examine their complexities. We share lessons learned and draw observations for designing better schemes with reduced overheads.
13
Zou, Ying, Zhen Zhao, Sha Shi, Lei Wang, Yunfeng Peng, Yuan Ping, and Baocang Wang. "Highly Secure Privacy-Preserving Outsourced k-Means Clustering under Multiple Keys in Cloud Computing." Security and Communication Networks 2020 (March 9, 2020): 1–11. http://dx.doi.org/10.1155/2020/1238505.
Full textAbstract:
Data clustering is the unsupervised classification of data records into groups. As one of the steps in data analysis, it has been widely researched and applied in practical life, such as pattern recognition, image processing, information retrieval, geography, and marketing. In addition, the rapid increase of data volume in recent years poses a huge challenge for resource-constrained data owners to perform computation on their data. This leads to a trend that users authorize the cloud to perform computation on stored data, such as keyword search, equality test, and outsourced data clustering. In outsourced data clustering, the cloud classifies users’ data into groups according to their similarities. Considering the sensitive information in outsourced data and multiple data owners in practical application, it is necessary to develop a privacy-preserving outsourced clustering scheme under multiple keys. Recently, Rong et al. proposed a privacy-preserving outsourced k-means clustering scheme under multiple keys. However, in their scheme, the assistant server (AS) is able to extract the ratio of two underlying data records, and key management server (KMS) can decrypt the ciphertexts of owners’ data records, which break the privacy security. AS can even reduce all data records if it knows one of the data records. To solve the aforementioned problem, we propose a highly secure privacy-preserving outsourced k-means clustering scheme under multiple keys in cloud computing. In this paper, noncolluded cloud computing service (CCS) and KMS jointly perform clustering over the encrypted data records without exposing data privacy. Specifically, we use BCP encryption which has additive homomorphic property and AES encryption to double encrypt data records, where the former cryptosystem prevents CCS from obtaining any useful information from received ciphertexts and the latter one protects data records from being decrypted by KMS. We first define five protocols to realize different functions and then present our scheme based on these protocols. Finally, we give the security and performance analyses which show that our scheme is comparable with the existing schemes on functionality and security.
14
Wei, Weiming, Chunming Tang, and Yucheng Chen. "Efficient Privacy-Preserving K-Means Clustering from Secret-Sharing-Based Secure Three-Party Computation." Entropy 24, no. 8 (August 18, 2022): 1145. http://dx.doi.org/10.3390/e24081145.
Full textAbstract:
Privacy-preserving machine learning has become an important study at present due to privacy policies. However, the efficiency gap between the plain-text algorithm and its privacy-preserving version still exists. In this paper, we focus on designing a novel secret-sharing-based K-means clustering algorithm. Particularly, we present an efficient privacy-preserving K-means clustering algorithm based on replicated secret sharing with honest-majority in the semi-honest model. More concretely, the clustering task is outsourced to three semi-honest computing servers. Theoretically, the proposed privacy-preserving scheme can be proven with full data privacy. Furthermore, the experimental results demonstrate that our proposed privacy version reaches the same accuracy as the plain-text one. Compared to the existing privacy-preserving scheme, our proposed protocol can achieve about 16.5×–25.2× faster computation and 63.8×–68.0× lower communication. Consequently, the proposed privacy-preserving scheme is suitable for secret-sharing-based secure outsourced computation.
15
Sun, Xiaoqiang, Zhiwei Sun, Ting Wang, Jie Feng, Jiakai Wei, and Guangwu Hu. "A Privacy-Preserving Reinforcement Learning Approach for Dynamic Treatment Regimes on Health Data." Wireless Communications and Mobile Computing 2021 (November 23, 2021): 1–16. http://dx.doi.org/10.1155/2021/8952219.
Full textAbstract:
Based on the clinical states of the patient, dynamic treatment regime technology can provide various therapeutic methods, which is helpful for medical treatment policymaking. Reinforcement learning is an important approach for developing this technology. In order to implement the reinforcement learning algorithm efficiently, the computation of health data is usually outsourced to the untrustworthy cloud server. However, it may leak, falsify, or delete private health data. Encryption is a common method for solving this problem. But the cloud server is difficult to calculate encrypted health data. In this paper, based on Cheon et al.’s approximate homomorphic encryption scheme, we first propose secure computation protocols for implementing comparison, maximum, exponentiation, and division. Next, we design a homomorphic reciprocal of square root protocol firstly, which only needs one approximate computation. Based on the proposed secure computation protocols, we design a secure asynchronous advantage actor-critic reinforcement learning algorithm for the first time. Then, it is used to implement a secure treatment decision-making algorithm. Simulation results show that our secure computation protocols and algorithms are feasible.
16
Sookhak, Mehdi, Adnan Akhunzada, Abdullah Gani, Muhammad Khurram Khan, and Nor Badrul Anuar. "Towards Dynamic Remote Data Auditing in Computational Clouds." Scientific World Journal 2014 (2014): 1–12. http://dx.doi.org/10.1155/2014/269357.
Full textAbstract:
Cloud computing is a significant shift of computational paradigm where computing as a utility and storing data remotely have a great potential. Enterprise and businesses are now more interested in outsourcing their data to the cloud to lessen the burden of local data storage and maintenance. However, the outsourced data and the computation outcomes are not continuously trustworthy due to the lack of control and physical possession of the data owners. To better streamline this issue, researchers have now focused on designing remote data auditing (RDA) techniques. The majority of these techniques, however, are only applicable for static archive data and are not subject to audit the dynamically updated outsourced data. We propose an effectual RDA technique based on algebraic signature properties for cloud storage system and also present a new data structure capable of efficiently supporting dynamic data operations like append, insert, modify, and delete. Moreover, this data structure empowers our method to be applicable for large-scale data with minimum computation cost. The comparative analysis with the state-of-the-art RDA schemes shows that the proposed scheme is secure and highly efficient in terms of the computation and communication overhead on the auditor and server.
17
Fan, Kai, Tingting Liu, Kuan Zhang, Hui Li, and Yintang Yang. "A secure and efficient outsourced computation on data sharing scheme for privacy computing." Journal of Parallel and Distributed Computing 135 (January 2020): 169–76. http://dx.doi.org/10.1016/j.jpdc.2019.09.008.
Full text
18
Wang, Qihua, Huaqun Wang, Yufeng Wang, and Rui Guo. "A Distributed Access Control with Outsourced Computation in Fog Computing." Security and Communication Networks 2019 (July 8, 2019): 1–10. http://dx.doi.org/10.1155/2019/6782753.
Full textAbstract:
With the rapid development of information technology and the Internet of Things Technology (IOT), data security and healthy privacy are getting a lot of attention. In order to store, access, and share electronic health records, storage of this data is transferred to a third-party-cloud server. The security and privacy of electronic health records stored at date center or cloud server are not guaranteed. Before being sent to date center or cloud server, this data should be encrypted. Designing an efficient and secure fine-grained access control strategy for personal health records is facing enormous challenges. Security and privacy for electronic health records are very important because the electronic health data which plays an important role in medical server and treatment is directly associated with a particular patient. Attribute-based encryption (ABE) can effectively achieve fine-grained access control. However, the computation of bilinear pairings requires a large amount of computation overhead in ABE scheme. In order to decrease the computational overhead and ensure the confidentiality of electronic health records, a distributed fine-grained access control scheme with outsourced computation for IOT is proposed in this paper. Little calculation is executed by the receiver and sender in our proposed scheme. Outsourcing computing reduces the computing burden. The analyses of safety and performance show that our proposed scheme is safe and effective compared with previous schemes.
19
Wang, Huawei, Ye Li, Yingnan Jiao, and Zhengping Jin. "An efficient outsourced attribute-based encryption scheme in the device-to-device mobile network." International Journal of Distributed Sensor Networks 15, no. 7 (July 2019): 155014771986550. http://dx.doi.org/10.1177/1550147719865507.
Full textAbstract:
Device-to-device communication is considered as one of the hopeful technologies for proximal communication, which plays a vital role in the wireless systems and 5G cellular networks. The outsourced attribute-based encryption scheme is convinced to be very suitable for secure device-to-device communication since it allows not only fine-grained sharing of encrypted data but also achieves high efficiency in the decryption of general attribute-based encryption schemes. However, almost all existing outsourced attribute-based encryption schemes can hardly be applied directly in the device-to-device communication because many heavy computation operations, such as pairing and modular exponentiations, cannot be taken on the mobile devices in the device-to-device network. In this article, we propose a concept of outsourcing threshold decryption for attribute-based encryption and design a new efficient outsourcing threshold decryption scheme for ciphertext-policy attribute-based encryption. In our definition of outsourcing threshold decryption, the decryption, which is a computationally expensive operation, is outsourced to multiple semi-trusted and lightweight computing devices determined by an access structure and can be jointly taken by these devices. Our scheme supports proxy re-encryption which enables the decryption delegation. Finally, security and efficiency analyses of our proposed method indicate that our proposal guarantees strong security against chosen plaintext attacks and requires less outsourced computation and communication cost than the existing outsourced attribute-based encryption schemes.
20
Masood, Raziqa, Nitin Pandey, and Q. P. Rana. "Towards an efficient and secure computation over outsourced encrypted data using distributed hash table." International Journal of Cloud Computing 11, no. 3 (2022): 217. http://dx.doi.org/10.1504/ijcc.2022.124152.
Full text
21
Pandey, Nitin, Q. P. Rana, and Raziqa Masood. "Towards an efficient and secure computation over outsourced encrypted data using distributed hash table." International Journal of Cloud Computing 11, no. 3 (2022): 217. http://dx.doi.org/10.1504/ijcc.2022.10048901.
Full text
22
Banu, Dr Sameena, and Bibi Hajra Umm E Hani. "Mobile Finger Print Verification and Automatic Log in Platform Using Blockchain." International Journal for Research in Applied Science and Engineering Technology 10, no. 11 (November 30, 2022): 737–41. http://dx.doi.org/10.22214/ijraset.2022.47256.
Full textAbstract:
Abstract: Biometric identification has become increasingly popular in recent years. With the development of cloud computing, database owners are motivated to outsource the large size of biometric data and identification tasks to the cloud to get rid of the expensive storage and computation costs, which however brings potential threats to users’ privacy. In this paper, we propose an efficient and privacy-preserving biometric identification outsourcing scheme. Specifically, the biometric data is encrypted and outsourced using Block Chain. To execute a biometric identification, the database owner encrypts the query data and submits it to the cloud. The Block Chain performs identification operations over the encrypted database and returns the result to the database owner. A thorough security analysis indicates the proposed scheme is secure even if attackers can forge identification requests and collude with the cloud
23
Babenko, Mikhail, Andrei Tchernykh, Bernardo Pulido-Gaytan, Arutyun Avetisyan, Sergio Nesmachnow, Xinheng Wang, and Fabrizio Granelli. "Towards the Sign Function Best Approximation for Secure Outsourced Computations and Control." Mathematics 10, no. 12 (June 10, 2022): 2006. http://dx.doi.org/10.3390/math10122006.
Full textAbstract:
Homomorphic encryption with the ability to compute over encrypted data without access to the secret key provides benefits for the secure and powerful computation, storage, and communication of resources in the cloud. One of its important applications is fast-growing robot control systems for building lightweight, low-cost, smarter robots with intelligent brains consisting of data centers, knowledge bases, task planners, deep learning, information processing, environment models, communication support, synchronous map construction and positioning, etc. It enables robots to be endowed with secure, powerful capabilities while reducing sizes and costs. Processing encrypted information using homomorphic ciphers uses the sign function polynomial approximation, which is a widely studied research field with many practical results. State-of-the-art works are mainly focused on finding the polynomial of best approximation of the sign function (PBAS) with the improved errors on the union of the intervals [−1,−ϵ]∪[ϵ,1]. However, even though the existence of the single PBAS with the minimum deviation is well known, its construction method on the complete interval [−1,1] is still an open problem. In this paper, we provide the PBAS construction method on the interval [−1,1], using as a norm the area between the sign function and the polynomial and showing that for a polynomial degree n≥1, there is (1) unique PBAS of the odd sign function, (2) no PBAS of the general form sign function if n is odd, and (3) an uncountable set of PBAS, if n is even.
24
Kumar, Dilip, Manoj Kumar, and Gaurav Gupta. "An Outsourced Decryption ABE Model using ECC in Internet of Things." International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems 29, no. 06 (December 2021): 949–64. http://dx.doi.org/10.1142/s0218488521500422.
Full textAbstract:
Internet of Things (IoT) is a modern technology that is applicable almost everywhere nowadays. Everything is connected to the Internet in the modern digital era. IoT is a collection of things that are interconnected to share information. Devices connected to IoT networks have some limitations in performing heavy computational tasks because of the availability of less computational and battery power. Attribute Based Encryption (ABE) is a modern public-key cryptographic technique that provides privacy with access control. The bilinear map is an expensive operation that is used in most of the ABE schemes. Elliptic Curve Cryptography (ECC) is an alternative for bilinear pairing to reduce the computation of encryption and decryption in ABE schemes. The process of encryption and decryption of ABE is a heavy computational task for resource-constrained devices. In this paper, an outsourcing-based decryption of ABE using ECC is proposed to reduce the decryption overhead of devices that have limited computational resources. Our scheme divides the computation of the decryption of ABE into two stages: first, the partial decryption of ciphertext in the cloud server, and second, the final decryption of partially decrypted ciphertext by the data user to retrieve the original message. This scheme is secure against the malicious cloud server by adding a blinding factor into the secret to be shared. The blinding factor is shared with intended users through attribute authority. The experimental results demonstrate that our scheme can reduce the decryption complexity and save the computational time of devices, compared to the existing schemes. Thus the proposed scheme is applicable for lightweight devices used in IoT.
25
Hou, Gaopan, Jianfeng Ma, Jiayi Li, and Chen Liang. "Audit Outsourced Data in Internet of Things." Security and Communication Networks 2021 (May 8, 2021): 1–11. http://dx.doi.org/10.1155/2021/6662135.
Full textAbstract:
With the increase in network transmission rates, the Internet of Things (IoT) has gradually become a trend. Users can upload the data generated by the device to the cloud database to save local storage space, thereby reducing local storage costs. Because uploading data to the cloud loses physical control of the data, an audit is required. Traditional audit protocols are not completely suitable for lightweight devices in the IoT. This paper proposes a new type of audit protocol suitable for lightweight devices with weak computing power. This protocol transfers part of the computation of data tags to a cloud storage provider (CSP) with strong computing power, thereby reducing the introduction of computing entities. Our scheme supports the dynamic operation of data and guarantees the effectiveness of challenge response by blockchain. Compared with existing schemes, our scheme is more secure and effective.
26
Yang, Changsong, Yueling Liu, and Xiaoling Tao. "Assure deletion supporting dynamic insertion for outsourced data in cloud computing." International Journal of Distributed Sensor Networks 16, no. 9 (September 2020): 155014772095829. http://dx.doi.org/10.1177/1550147720958294.
Full textAbstract:
With the rapid development of cloud computing, an increasing number of data owners are willing to employ cloud storage service. In cloud storage, the resource-constraint data owners can outsource their large-scale data to the remote cloud server, by which they can greatly reduce local storage overhead and computation cost. Despite plenty of attractive advantages, cloud storage inevitably suffers from some new security challenges due to the separation of outsourced data ownership and its management, such as secure data insertion and deletion. The cloud server may maliciously reserve some data copies and return a wrong deletion result to cheat the data owner. Moreover, it is very difficult for the data owner to securely insert some new data blocks into the outsourced data set. To solve the above two problems, we adopt the primitive of Merkle sum hash tree to design a novel publicly verifiable cloud data deletion scheme, which can also simultaneously achieve provable data storage and dynamic data insertion. Moreover, an interesting property of our proposed scheme is that it can satisfy private and public verifiability without requiring any trusted third party. Furthermore, we formally prove that our proposed scheme not only can achieve the desired security properties, but also can realize the high efficiency and practicality.
27
Zhao, Ruoli, Yong Xie, Xingxing Jia, Hongyuan Wang, and Neeraj Kumar. "Practical Privacy Preserving-Aided Disease Diagnosis with Multiclass SVM in an Outsourced Environment." Security and Communication Networks 2022 (October 12, 2022): 1–17. http://dx.doi.org/10.1155/2022/7751845.
Full textAbstract:
With the rapid development of cloud computing and machine learning, using outsourced stored data and machine learning model for training and online-aided disease diagnosis has a great application prospect. However, training and diagnosis in an outsourced environment will cause serious challenges to the privacy of data. At present, many scholars have proposed privacy preserving machine learning schemes and made a lot of progress, but there are still great challenges in security and low client load. In this paper, we propose a complete privacy preserving outsourced multiclass SVM training and aided disease diagnosis scheme. We design some efficient basic operation algorithms for encrypted data. Then, we design an efficient and privacy preserving SVM model training protocol using the basic operation algorithms. We propose a secure maximum finding algorithm and secure comparison algorithm. Then, we design an efficient online-aided disease diagnosis scheme based on the BFV cryptosystem and blinding technique. Detailed security analysis proves that our scheme can protect the privacy of each participant. The experimental results illustrate that our proposed scheme significantly reduces the computation overhead compared with the previous similar works. Our proposed scheme completes most of the operations of aided disease diagnosis by the cloud servers and the client only needs to complete a small amount of encryption and decryption operations. The overall computation overhead is 0.175 s, and the efficiency of online aided disease diagnosis is improved by 85.4%. At the same time, our proposed scheme provides multiclass diagnosis results, which can better assist doctors in their treatment.
28
Deng, Guoqiang, Min Tang, Yuhao Zhang, Ying Huang, and Xuefeng Duan. "Privacy-Preserving Outsourced Artificial Neural Network Training for Secure Image Classification." Applied Sciences 12, no. 24 (December 14, 2022): 12873. http://dx.doi.org/10.3390/app122412873.
Full textAbstract:
Artificial neural network (ANN) is powerful in the artificial intelligence field and has been successfully applied to interpret complex image data in the real world. Since the majority of images are commonly known as private with the information intended to be used by the owner, such as handwritten characters and face, the private constraints form a major obstacle in developing high-precision image classifiers which require access to a large amount of image data belonging to multiple users. State-of-the-art privacy-preserving ANN schemes often use full homomorphic encryption which result in a substantial overhead of computation and data traffic for the data owners, and are restricted to approximation models by low-degree polynomials which lead to a large accuracy loss of the trained model compared to the original ANN model in the plain domain. Consequently, it is still a huge challenge to train an ANN model in the encrypted-domain. To mitigate this problem, we propose a privacy-preserving ANN system for secure constructing image classifiers, named IPPNN, where the server is able to train an ANN-based classifier on the combined image data of all data owners without being able to observe any images using primitives, such as randomization and functional encryption. Our system achieves faster training time and supports lossless training. Moreover, IPPNN removes the need for multiple communications among data owners and servers. We analyze the security of the protocol and perform experiments on a large scale image recognition task. The results show that the IPPNN is feasible to use in practice while achieving high accuracy.
29
Zhao, Shengnan, Xiangfu Song, Han Jiang, Ming Ma, Zhihua Zheng, and Qiuliang Xu. "An Efficient Outsourced Oblivious Transfer Extension Protocol and Its Applications." Security and Communication Networks 2020 (December 5, 2020): 1–12. http://dx.doi.org/10.1155/2020/8847487.
Full textAbstract:
Oblivious transfer (OT) is a cryptographic primitive originally used to transfer a collection of messages from the sender to the receiver in an oblivious manner. OT extension protocol reduces expensive asymmetric operations by running a small number of OT instances first and then cheap symmetric operations. While most earlier works discussed security model or communication and computation complexity of OT in general case, we focus on concrete application scenarios, especially where the sender in the OT protocol is a database with less computation and limited interaction capability. In this paper, we propose a generic outsourced OT extension protocol ( O Tex ) that outsources all the asymmetric operations of the sender to a semihonest server so as to adapt to specific scenarios above. We give O Tex a standard security definition, and the proposed protocol is proven secure in the semihonest model. In O Tex , the sender works on the fly and performs only symmetric operations locally. Whatever the number of rounds OT to be executed and the length of messages in OT to be sent, our protocol realizes optimal complexity. Besides, O Tex can be used to construct high-level protocols, such as private membership test (PMT) and private set intersection (PSI). We believe our O Tex construction may be a building block in other applications as well.
30
Wu, Yiqi, Fazhi He, and Yueting Yang. "A Grid-Based Secure Product Data Exchange for Cloud-Based Collaborative Design." International Journal of Cooperative Information Systems 29, no. 01n02 (March 2020): 2040006. http://dx.doi.org/10.1142/s0218843020400067.
Full textAbstract:
As a new design and manufacture paradigm, Cloud-Based Collaborative Design (CBCD) has motivated designers to outsource their product data and design computation onto the cloud service. Despite non-negligible benefits of CBCD, there are potential security threats for the outsourced product data, such as intellectual property, design intentions and private identity, which has become an interest point. This paper presents a novel secure product data exchange (PDE) in the processes of CBCD. Different from general cloud security mechanism, our method is content-based. We first show an outline of the collaborative scenario to describe the architecture of the proposed secure CBCD, in which a security mechanism is combined with the data exchange service to achieve secure PDE. Second, we present a novel grid-based geometric deformation method for the security mechanism with three processes: the original shapes of a source Computer Aided Design (CAD) model can be hidden by deforming the control grid; then the deformed grid can be exchanged to target system where a deformed target CAD model can be reconstructed; at last, the deformed target CAD model can be recovered to the original shape after recovering the deformed grid. Finally, typical CAD model tests demonstrate that our method can keep the sensitive information of source model and also maintain the same level of data exchange error.
31
Cao, Fang, Jiayi Sun, Xiangyang Luo, Chuan Qin, and Ching-Chun Chang. "Privacy-preserving inpainting for outsourced image." International Journal of Distributed Sensor Networks 17, no. 11 (November 2021): 155014772110590. http://dx.doi.org/10.1177/15501477211059092.
Full textAbstract:
In this article, a framework of privacy-preserving inpainting for outsourced image and an encrypted-image inpainting scheme are proposed. Different with conventional image inpainting in plaintext domain, there are two entities, that is, content owner and image restorer, in our framework. Content owner first encrypts his or her damaged image for privacy protection and outsources the encrypted, damaged image to image restorer, who may be a cloud server with powerful computation capability. Image restorer performs inpainting in encrypted domain and sends the inpainted and encrypted image back to content owner or authorized receiver, who can acquire final inpainted result in plaintext domain through decryption. In our encrypted-image inpainting scheme, with the assist of Johnson–Lindenstrauss transform that can preserve Euclidean distance between two vectors before and after encryption, the best-matching block with the smallest distance to current block can be found and utilized for patch filling in Paillier-encrypted image. To eliminate mosaic effect after decryption, weighted mean filtering in encrypted domain is conducted with Paillier homomorphic properties. Experimental results show that our privacy-preserving inpainting framework can be effectively applied in secure cloud computing, and the proposed encrypted-image inpainting scheme achieves comparable visual quality of inpainted results with some typical inpainting schemes in plaintext domain.
32
Hyder, M. F., S. Tooba, and Waseemullah. "Performance Evaluation of RSA-based Secure Cloud Storage Protocol using OpenStack." Engineering, Technology & Applied Science Research 11, no. 4 (August 21, 2021): 7321–25. http://dx.doi.org/10.48084/etasr.4220.
Full textAbstract:
In this paper, the implementation of the General Secure Cloud Storage Protocol is carried out and instantiated by a multiplicatively Homomorphic Encryption Scheme (HES). The protocol provides a system for secure storage of data over the cloud, thereby allowing the client to carry out the operational tasks on it efficiently. The work focuses on the execution of five major modules of the protocol. We also evaluate the performance of the protocol with respect to the computation cost of these modules on the basis of different security parameters and datasets by conducting a series of experiments. The cloud was built using OpenStack and the data were outsourced from the client’s system to the cloud to study the security features and performance metrics when adopting the cloud environment.
33
Li, Jiguo, Fengjie Sha, Yichen Zhang, Xinyi Huang, and Jian Shen. "Verifiable Outsourced Decryption of Attribute-Based Encryption with Constant Ciphertext Length." Security and Communication Networks 2017 (2017): 1–11. http://dx.doi.org/10.1155/2017/3596205.
Full textAbstract:
Outsourced decryption ABE system largely reduces the computation cost for users who intend to access the encrypted files stored in cloud. However, the correctness of the transformation ciphertext cannot be guaranteed because the user does not have the original ciphertext. Lai et al. provided an ABE scheme with verifiable outsourced decryption which helps the user to check whether the transformation done by the cloud is correct. In order to improve the computation performance and reduce communication overhead, we propose a new verifiable outsourcing scheme with constant ciphertext length. To be specific, our scheme achieves the following goals.(1)Our scheme is verifiable which ensures that the user efficiently checks whether the transformation is done correctly by the CSP.(2)The size of ciphertext and the number of expensive pairing operations are constant, which do not grow with the complexity of the access structure.(3)The access structure in our scheme is AND gates on multivalued attributes and we prove our scheme is verifiable and it is secure against selectively chosen-plaintext attack in the standard model.(4)We give some performance analysis which indicates that our scheme is adaptable for various limited bandwidth and computation-constrained devices, such as mobile phone.
34
Chen, Jiannan, Ying Wang, Zhaohui Huang, Conghao Ruan, and Chunqiang Hu. "A Decentralized Public Auditing Scheme for Secure Cloud Storage Based on Blockchain." Wireless Communications and Mobile Computing 2022 (October 14, 2022): 1–12. http://dx.doi.org/10.1155/2022/3688164.
Full textAbstract:
The cloud storage service has brought great convenience to the customer, which can save massive storage and computation resources via outsourcing the data to cloud service provider (CSP). However, the security issues are the biggest challenge such as data integrity. The user can verify the integrity of outsourced data through a remote data auditing solution without retrieving original data from cloud, however, the auditing procedure has heavy computational overhead, which employs third party auditor (TPA) to conduct auditing task on behalf of users. In this paper, we propose a decentralized public auditing scheme for cloud storage based on blockchain, which removes TPA and increases the number of CSP, the auditing task was assigned to multiple CSPs, and the blockchain technology was used to record the audit process. Meanwhile, the structure of e-voting system is utilized to realize the audit result statistics of multiple CSPs via smart contract, which enhanced the credibility and stability of final auditing result. The theoretical analysis and experimental results demonstrate that proposed scheme is secure and efficient.
35
Zhou, Fucai, Su Peng, Jian Xu, and Zifeng Xu. "Identity-Based Batch Provable Data Possession with Detailed Analyses." International Journal of Foundations of Computer Science 28, no. 06 (September 2017): 743–60. http://dx.doi.org/10.1142/s0129054117400160.
Full textAbstract:
In the era of big data, cloud storages become prevalent while security issues on outsourced data emerge. Without the physical control of the data owners, the outsourced data faces more risks. Provable Data Possession (PDP) is a probabilistic technique for checking whether data is correctly stored in remote servers without retrieving the entire data. For many previous PDP schemes, correctly choosing public keys for data owners relies on the security of Public Key Infrastructure (PKI), which is resource consuming. In this paper, we propose an Identity-Based Batch Provable Data Possession (ID-BPDP) scheme to eliminate the certificate management. Meanwhile, to the best of our knowledge, it is the first identity-based provable data possession scheme supporting batch verification for multiple owners and multiple clouds simultaneously to reduce computation cost greatly. We prove that our scheme is correct and secure based on bilinear pairings and the hardness assumption of Computational Diffie-Hellman problem, and also give detailed analyses to show that our scheme is able to verify the integrity of data efficiently.
36
Kotte, Bhuvaneswari, and T. Sirisha Madhuri. "Providing Security to Ensure Biometric Identification System in Cloud." Asian Journal of Computer Science and Technology 8, no. 3 (November 15, 2019): 1–5. http://dx.doi.org/10.51983/ajcst-2019.8.3.2731.
Full textAbstract:
Biometric identification has rapidly growing in recent years. With the development of cloud computing, database owners are incentivized to outsource the bulk size of biometric data and identification tasks to the cloud to liberate the costly storage and computation costs, which however brings potential attacks to users’ privacy. In this paper, we propose an adequate and security to keep biometric identification outsourcing scheme. Categorically, the biometric data is encrypted and outsourced to the cloud server. To get a biometric identification, the database owner encrypts the query data and submits it to the cloud. The cloud implements identification operations over the encrypted database and returns the result to the database owner. An exhaustive security analysis indicated the proposed scheme is secure even if attackers can forge identification requests and collude with the cloud. Compared with antecedent protocols, experimental results show the proposed scheme achieves a better performance in both preparation and identification procedures.
37
Guo, Rui, Chaoyuan Zhuang, Huixian Shi, Yinghui Zhang, and Dong Zheng. "A lightweight verifiable outsourced decryption of attribute-based encryption scheme for blockchain-enabled wireless body area network in fog computing." International Journal of Distributed Sensor Networks 16, no. 2 (February 2020): 155014772090679. http://dx.doi.org/10.1177/1550147720906796.
Full textAbstract:
Wireless body area network includes some tiny wearable sensors for monitoring the physiological data of user, which has been a promising method of promoting the quality and efficiency greatly in healthcare. The collected physical signs are aggregated into the medical documents and uploaded to cloud server for utilizing by the remote user. As these files are highly sensitive privacy data, there is a vital challenge that constructs a secure and efficient communication architecture in this application scenario. Based on this standpoint, we present a lightweight verifiability ciphertext-policy attribute-based encryption protocol with outsourced decryption in this article. Specifically, our construction enjoys the following six features: (1) Although the outsourced decryption enables to save the computation overhead of the data user sharply in an attribute-based encryption scheme, the ciphertext is out of control and the correctness cannot be guaranteed by the data owner. The proposal provides the verifiability of ciphertext that ensures the user to check the correctness efficiently. (2) The size of the ciphertext is constant that is not increased with the complexity of attribute and access structure. (3) For Internet of Things devices, it introduces the fog computing into our protocol for the purpose of low latency and relation interactions, which has virtually saved the bandwidth. (4) With the help of blockchain technique, we encapsulate the hash value of public parameter, original and transformed ciphertext and transformed key into a block, so that the tamper-resistance is facilitated against an adversary from inside and outside the system. (5) In the standard model, we prove that it is selectively chosen-plaintext attack-secure and verifiable provided that the computational bilinear Diffie–Hellman assumption holds. (6) It implements this protocol and shows the result of performance measurement, which indicates a significant reduction on communication and computation costs burden on every entity in wireless body area network.
38
Kim, Hyeong-Jin, Hyunjo Lee, Yong-Ki Kim, and Jae-Woo Chang. "Privacy-preserving kNN query processing algorithms via secure two-party computation over encrypted database in cloud computing." Journal of Supercomputing 78, no. 7 (January 17, 2022): 9245–84. http://dx.doi.org/10.1007/s11227-021-04286-2.
Full textAbstract:
AbstractSince studies on privacy-preserving database outsourcing have been spotlighted in a cloud computing, databases need to be encrypted before being outsourced to the cloud. Therefore, a couple of privacy-preserving kNN query processing algorithms have been proposed over the encrypted database. However, the existing algorithms are either insecure or inefficient. Therefore, in this paper we propose a privacy-preserving kNN query processing algorithm via secure two-party computation on the encrypted database. Our algorithm preserves both data privacy and query privacy while hiding data access patterns. For this, we propose efficient and secure protocols based on Yao’s garbled circuit. To achieve a high degree of efficiency in query processing, we also propose a parallel kNN query processing algorithm using encrypted random value pool. Through our performance analysis, we verify that our proposed algorithms outperform the existing ones in terms of a query processing cost.
39
Ma, Haobin, Dehua Zhou, Peng Li, and Xiaoming Wang. "EVOAC-HP: An Efficient and Verifiable Outsourced Access Control Scheme with Hidden Policy." Sensors 23, no. 9 (April 28, 2023): 4384. http://dx.doi.org/10.3390/s23094384.
Full textAbstract:
As medical data become increasingly important in healthcare, it is crucial to have proper access control mechanisms, ensuring that sensitive data are only accessible to authorized users while maintaining privacy and security. Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is an attractive access control solution that can offer effective, fine-grained and secure medical data sharing, but it has two major drawbacks: Firstly, decryption is computationally expensive for resource-limited data users, especially when the access policy has many attributes, limiting its use in large-scale data-sharing scenarios. Secondly, existing schemes are based on data users’ attributes, which can potentially reveal sensitive information about the users, especially in healthcare data sharing, where strong privacy and security are essential. To address these issues, we designed an improved CP-ABE scheme that provides efficient and verifiable outsourced access control with fully hidden policy named EVOAC-HP. In this paper, we utilize the attribute bloom filter to achieve policy hiding without revealing user privacy. For the purpose of alleviating the decryption burden for data users, we also adopt the technique of outsourced decryption to outsource the heavy computation overhead to the cloud service provider (CSP) with strong computing and storage capabilities, while the transformed ciphertext results can be verified by the data user. Finally, with rigorous security and reliable performance analysis, we demonstrate that EVOAC-HP is both practical and effective with robust privacy protection.
40
Peng, Ningduo, Guangchun Luo, Ke Qin, and Aiguo Chen. "Query-Biased Preview over Outsourced and Encrypted Data." Scientific World Journal 2013 (2013): 1–13. http://dx.doi.org/10.1155/2013/860621.
Full textAbstract:
For both convenience and security, more and more users encrypt their sensitive data before outsourcing it to a third party such as cloud storage service. However, searching for the desired documents becomes problematic since it is costly to download and decrypt each possibly needed document to check if it contains the desired content. An informative query-biased preview feature, as applied in modern search engine, could help the users to learn about the content without downloading the entire document. However, when the data are encrypted, securely extracting a keyword-in-context snippet from the data as a preview becomes a challenge. Based on private information retrieval protocol and the core concept of searchable encryption, we propose a single-server and two-round solution to securely obtain a query-biased snippet over the encrypted data from the server. We achieve this novel result by making a document (plaintext) previewable under any cryptosystem and constructing a secure index to support dynamic computation for a best matched snippet when queried by some keywords. For each document, the scheme hasO(d)storage complexity andO(log(d/s)+s+d/s)communication complexity, wheredis the document size andsis the snippet length.
41
Wang, Jiafan, and Sherman S. M. Chow. "Forward and Backward-Secure Range-Searchable Symmetric Encryption." Proceedings on Privacy Enhancing Technologies 2022, no. 1 (November 20, 2021): 28–48. http://dx.doi.org/10.2478/popets-2022-0003.
Full textAbstract:
Abstract Dynamic searchable symmetric encryption (DSSE) allows a client to query or update an outsourced encrypted database. Range queries are commonly needed. Previous range-searchable schemes either do not support updates natively (SIGMOD’16) or use file indexes of many long bit-vectors for distinct keywords, which only support toggling updates via homomorphically flipping the presence bit. (ESORICS’18). We propose a generic upgrade of any (inverted-index) DSSE to support range queries (a.k.a. range DSSE), without homomorphic encryption, and a specific instantiation with a new trade-off reducing client-side storage. Our schemes achieve forward security, an important property that mitigates file injection attacks. Moreover, we identify a variant of injection attacks against the first somewhat dynamic scheme (ESORICS’18). We also extend the definition of backward security to range DSSE and show that our schemes are compatible with a generic upgrade of backward security (CCS’17). We comprehensively analyze the computation and communication overheads, including implementation details of client-side index-related operations omitted by prior schemes. We show high empirical efficiency for million-scale databases over a million-scale keyword space.
42
Hong, Linjian, Kai Zhang, Junqing Gong, and Haifeng Qian. "A Practical and Efficient Blockchain-Assisted Attribute-Based Encryption Scheme for Access Control and Data Sharing." Security and Communication Networks 2022 (September 30, 2022): 1–14. http://dx.doi.org/10.1155/2022/4978802.
Full textAbstract:
Attribute-based encryption (ABE) is a powerful encryption scheme with flexible access control over encrypted data that has been widely adopted in cloud computing scenarios to facilitate data sharing. However, despite convenience and efficiency provided by data sharing based on cloud, it is commonly vulnerable to issues like key abuse (namely, illegal key sharing by user or key distribution by authority) and key escrow (namely, illegal decryption by ABE authority). Hence, exploring a more secure ABE scheme that can be key abuse and key escrow resistant is crucial. Furthermore, data modification that happens in cloud storage and outsourced computation is also a challenge for the cloud-based data sharing schemes. To handle the above issues, in this paper, we propose a secure and efficient data sharing scheme based on attribute-based encryption (ABE) and blockchain equipped with InterPlanetary File System (IPFS). In particular, we show that the large-universe ABE with outsourced decryption (LU-ABE-OD) scheme proposed by Ning et al. is vulnerable to key escrow attack, which is not secure enough in the data sharing scenario. Therefore, based on their basic proposal, we construct an improved multi-authority LU-ABE-OD scheme to encrypt personal data, which are stored in the IPFS system while blockchain is applied to store the hash value returned by IPFS and be responsible for the outsourced decryption. As a result, our scheme greatly reduces the decryption overheads of the user while risks of key abuse and key escrow can be settled. Meanwhile, the introduction of IPFS significantly reduces the storage burden on chain without data tampering problem. Through theoretical analysis and experimental simulation, we prove the feasibility, security, and efficiency of our scheme.
43
Zhou, Xingguang, Jianwei Liu, Zongyang Zhang, and Qianhong Wu. "Secure Outsourced Medical Data against Unexpected Leakage with Flexible Access Control in a Cloud Storage System." Security and Communication Networks 2020 (February 10, 2020): 1–20. http://dx.doi.org/10.1155/2020/8347213.
Full textAbstract:
The application of cloud storage system has been deployed widely in recent years. A lot of electronic medical records (EMRs) are collected and uploaded to the cloud for scalable sharing among the authority users. It is necessary to guarantee the confidentiality of EMRs and the privacy of EMR owners. To achieve this target, we summarize a series of attack behaviors in the cloud storage system and present the security model against many types of unexpected privacy leakage. Privacy of unassailed EMRs is guaranteed in this model, and the influence of privacy leakage is controlled in a certain scope. We also propose a role-based access control scheme to achieve flexible access control on these private EMRs. One can access medical records only if his/her role satisfies the defined access policy, which implies a fine-grained access control. Theoretical and experimental analyses show the efficiency of our scheme in terms of computation and communication.
44
Zhou, Jun, Zhenfu Cao, Zhan Qin, Xiaolei Dong, and Kui Ren. "LPPA: Lightweight Privacy-Preserving Authentication From Efficient Multi-Key Secure Outsourced Computation for Location-Based Services in VANETs." IEEE Transactions on Information Forensics and Security 15 (2020): 420–34. http://dx.doi.org/10.1109/tifs.2019.2923156.
Full text
45
Zhen, Yan, Yilan Chui, Puning Zhang, and Huan Liu. "Multiauthority Attribute-Based Keyword Search over Cloud-Edge-End Collaboration in IoV." Wireless Communications and Mobile Computing 2022 (May 31, 2022): 1–14. http://dx.doi.org/10.1155/2022/3513063.
Full textAbstract:
The development of cloud computing and edge computing makes it possible to store and share Internet of Vehicles (IoV) data on a large scale, which greatly contributes to traffic intelligence, but outsourced data confidentiality and user privacy cannot be guaranteed. The Ciphertext Policy Attribute-Based Encryption (CP-ABE) scheme can achieve both fine-grained access control and secure data sharing. However, existing CP-ABE schemes owns high computational complexity, and the adopted single attribute authority mode is burdensome to resource-limited IoV. Thus, this paper proposes a Multiauthority Attribute-Based Keyword Search over Cloud-Edge-End Collaboration (CEABKS-MA) system, leveraging the benefits of edge and cloud resources and effectively combining with the multiauthority structure to minimize the computation and storage pressure on resource-limited parties in the system. In addition, fine-grained keyword search with support for attribute update and lightweight encryption/decryption is extended. Finally, this paper demonstrates the security and efficiency of the CEABKS-MA system through rigorous security analysis and simulation experiments.
46
Kaushik, Shweta, and Charu Gandhi. "Capability Based Outsourced Data Access Control with Assured File Deletion and Efficient Revocation with Trust Factor in Cloud Computing." International Journal of Cloud Applications and Computing 10, no. 1 (January 2020): 64–84. http://dx.doi.org/10.4018/ijcac.2020010105.
Full textAbstract:
Cloud computing has introduced a paradigm which support data outsourcing to third parties for processing using commodity clusters. It allows the owner to outsource sensitive data and share it with the authorized user while reducing the computation and management cost. Since owners store sensitive data over the cloud, the requirements of access control and data security have also been increasing. To alleviate all the problem requirements, the need has arisen for providing a safe, secure, and sound model. The existing solutions for these problems use pure cryptographic techniques, which increases the computation cost. In this article, the security problems are solved by using a trusted third party and a quorum of key managers. A service provider is responsible for capability-based access control to ensure that only authorized users will be able to access the data. Whenever any data revocation is required, the data owner simply updates this information to the master key manager to revoke a specific number of shares. The model for the proposed work has been presented and its analysis shows how it introduces security features.
47
Zhu, Binrui, Willy Susilo, Jing Qin, Fuchun Guo, Zhen Zhao, and Jixin Ma. "A Secure and Efficient Data Sharing and Searching Scheme in Wireless Sensor Networks." Sensors 19, no. 11 (June 6, 2019): 2583. http://dx.doi.org/10.3390/s19112583.
Full textAbstract:
Wireless sensor networks (WSN) generally utilize cloud computing to store and process sensing data in real time, namely, cloud-assisted WSN. However, the cloud-assisted WSN faces new security challenges, particularly outsourced data confidentiality. Data Encryption is a fundamental approach but it limits target data retrieval in massive encrypted data. Public key encryption with keyword search (PEKS) enables a data receiver to retrieve encrypted data containing some specific keyword in cloud-assisted WSN. However, the traditional PEKS schemes suffer from an inherent problem, namely, the keyword guessing attack (KGA). KGA includes off-line KGA and on-line KGA. To date, the existing literature on PEKS cannot simultaneously resist both off-line KGA and on-line KGA performed by an external adversary and an internal adversary. In this work, we propose a secure and efficient data sharing and searching scheme to address the aforementioned problem such that our scheme is secure against both off-line KGA and on-line KGA performed by external and internal adversaries. We would like to stress that our scheme simultaneously achieves document encryption/decryption and keyword search functions. We also prove our scheme achieves keyword security and document security. Furthermore, our scheme is more efficient than previous schemes by eliminating the pairing computation.
48
Kulkarni, Amogh Pramod, and Manjunath T. N. "Hybrid Cloud-Based Privacy Preserving Clustering as Service for Enterprise Big Data." International Journal on Recent and Innovation Trends in Computing and Communication 11, no. 2s (January 31, 2023): 146–56. http://dx.doi.org/10.17762/ijritcc.v11i2s.6037.
Full textAbstract:
Clustering as service is being offered by many cloud service providers. It helps enterprises to learn hidden patterns and learn knowledge from large, big data generated by enterprises. Though it brings lot of value to enterprises, it also exposes the data to various security and privacy threats. Privacy preserving clustering is being proposed a solution to address this problem. But the privacy preserving clustering as outsourced service model involves too much overhead on querying user, lacks adaptivity to incremental data and involves frequent interaction between service provider and the querying user. There is also a lack of personalization to clustering by the querying user. This work “Locality Sensitive Hashing for Transformed Dataset (LSHTD)” proposes a hybrid cloud-based clustering as service model for streaming data that address the problems in the existing model such as privacy preserving k-means clustering outsourcing under multiple keys (PPCOM) and secure nearest neighbor clustering (SNNC) models, The solution combines hybrid cloud, LSHTD clustering algorithm as outsourced service model. Through experiments, the proposed solution is able is found to reduce the computation cost by 23% and communication cost by 6% and able to provide better clustering accuracy with ARI greater than 4.59% compared to existing works.
49
Hussien, Hassan Mansur, Sharifah Md Yasin, Nur Izura Udzir, and Mohd Izuan Hafez Ninggal. "Blockchain-Based Access Control Scheme for Secure Shared Personal Health Records over Decentralised Storage." Sensors 21, no. 7 (April 2, 2021): 2462. http://dx.doi.org/10.3390/s21072462.
Full textAbstract:
Blockchain technology provides a tremendous opportunity to transform current personal health record (PHR) systems into a decentralised network infrastructure. However, such technology possesses some drawbacks, such as issues in privacy and storage capacity. Given its transparency and decentralised features, medical data are visible to everyone on the network and are inappropriate for certain medical applications. By contrast, storing vast medical data, such as patient medical history, laboratory tests, X-rays, and MRIs, significantly affect the repository storage of blockchain. This study bridges the gap between PHRs and blockchain technology by offloading the vast medical data into the InterPlanetary File System (IPFS) storage and establishing an enforced cryptographic authorisation and access control scheme for outsourced encrypted medical data. The access control scheme is constructed on the basis of the new lightweight cryptographic concept named smart contract-based attribute-based searchable encryption (SC-ABSE). This newly cryptographic primitive is developed by extending ciphertext-policy attribute-based encryption (CP-ABE) and searchable symmetric encryption (SSE) and by leveraging the technology of smart contracts to achieve the following: (1) efficient and secure fine-grained access control of outsourced encrypted data, (2) confidentiality of data by eliminating trusted private key generators, and (3) multikeyword searchable mechanism. Based on decisional bilinear Diffie–Hellman hardness assumptions (DBDH) and discrete logarithm (DL) problems, the rigorous security indistinguishability analysis indicates that SC-ABSE is secure against the chosen-keyword attack (CKA) and keyword secrecy (KS) in the standard model. In addition, user collusion attacks are prevented, and the tamper-proof resistance of data is ensured. Furthermore, security validation is verified by simulating a formal verification scenario using Automated Validation of Internet Security Protocols and Applications (AVISPA), thereby unveiling that SC-ABSE is resistant to man-in-the-middle (MIM) and replay attacks. The experimental analysis utilised real-world datasets to demonstrate the efficiency and utility of SC-ABSE in terms of computation overhead, storage cost and communication overhead. The proposed scheme is also designed and developed to evaluate throughput and latency transactions using a standard benchmark tool known as Caliper. Lastly, simulation results show that SC-ABSE has high throughput and low latency, with an ultimate increase in network life compared with traditional healthcare systems.
50
Zhang, Yinghui, Haonan Su, Menglei Yang, Dong Zheng, Fang Ren, and Qinglan Zhao. "Secure Deduplication Based on Rabin Fingerprinting over Wireless Sensing Data in Cloud Computing." Security and Communication Networks 2018 (September 6, 2018): 1–12. http://dx.doi.org/10.1155/2018/9081814.
Full textAbstract:
The rapid advancements in the Internet of Things (IoT) and cloud computing technologies have significantly promoted the collection and sharing of various data. In order to reduce the communication cost and the storage overhead, it is necessary to exploit data deduplication mechanisms. However, existing data deduplication technologies still suffer security and efficiency drawbacks. In this paper, we propose two secure data deduplication schemes based on Rabin fingerprinting over wireless sensing data in cloud computing. The first scheme is based on deterministic tags and the other one adopts random tags. The proposed schemes realize data deduplication before the data is outsourced to the cloud storage server, and hence both the communication cost and the computation cost are reduced. In particular, variable-size block-level deduplication is enabled based on the technique of Rabin fingerprinting which generates data blocks based on the content of the data. Before outsourcing data to the cloud, users encrypt the data based on convergent encryption technologies, which protects the data from being accessed by unauthorized users. Our security analysis shows that the proposed schemes are secure against offline brute-force dictionary attacks. In addition, the random tag makes the second scheme more reliable. Extensive experimental results indicate that the proposed data deduplication schemes are efficient in terms of the deduplication rate, the system operation time, and the tag generation time.