Open Access. Powered by Scholars. Published by Universities.®
- Keyword
-
- Trusted computing (2)
- Access control (1)
- Access control scheme (1)
- Auditing (1)
- Authentication Scheme (1)
-
- Authentication information (1)
- Blind signature (1)
- Certificate (1)
- Chains (1)
- Conference key distribution scheme (1)
- Conference scheme (1)
- Copyrights (1)
- Cryptographic primitives (1)
- DRM (1)
- Data dissemination (1)
- Data handling (1)
- Data integrity (1)
- Data privacy (1)
- Data security (1)
- Decision trees (1)
- Differentiated service (1)
- Digital Signature Scheme (1)
- Digital distribution (1)
- Digital signature (1)
- Edge computing (1)
- Erasure correction coding (1)
- Flat authentication scheme (1)
- Hash chain (1)
- Hierarchical authentication scheme (1)
- Inference control (1)
Articles 1 - 16 of 16
Full-Text Articles in Entire DC Network
Formal Analysis And Systematic Construction Of Two-Factor Authentication Scheme, Guomin Yang, Duncan S. Wong, Huaxiong Wang, Xiaotie Deng
Formal Analysis And Systematic Construction Of Two-Factor Authentication Scheme, Guomin Yang, Duncan S. Wong, Huaxiong Wang, Xiaotie Deng
Research Collection School Of Computing and Information Systems
One of the most commonly used two-factor authentication mechanisms is based on smart card and user’s password. Throughout the years, there have been many schemes proposed, but most of them have already been found flawed due to the lack of formal security analysis. On the cryptanalysis of this type of schemes, in this paper, we further review two recently proposed schemes and show that their security claims are invalid. To address the current issue, we propose a new and simplified property set and a formal adversarial model for analyzing the security of this type of schemes. We believe that the …
New Paradigm Of Inference Control With Trusted Computing, Yanjiang Yang, Yingjiu Li, Robert H. Deng
New Paradigm Of Inference Control With Trusted Computing, Yanjiang Yang, Yingjiu Li, Robert H. Deng
Research Collection School Of Computing and Information Systems
The database server is a crucial bottleneck in traditional inference control architecture, as it enforces highly computation-intensive auditing for all users who query the protected database. As a result, most auditing methods, though rigorously studied, can never be implemented in practice for protecting largescale real-world database systems. To shift this paradigm, we propose a new inference control architecture that will entrust inference control to each users platform, provided that the platform is equipped with trusted computing technology. The trusted computing technology is designed to attest the state of a users platform to the database server, so as to assure the …
Privacy Enhanced Superdistribution Of Layered Content With Trusted Access Control, Daniel J. T. Chong, Robert H. Deng
Privacy Enhanced Superdistribution Of Layered Content With Trusted Access Control, Daniel J. T. Chong, Robert H. Deng
Research Collection School Of Computing and Information Systems
Traditional superdistribution approaches do not address consumer privacy issues and also do not reliably prevent the malicious consumer from indiscriminately copying and redistributing the decryption keys or the decrypted content. The layered nature of common digital content can also be exploited to efficiently provide the consumer with choices over the quality of the content, allowing him/her to pay less for lower quality consumption and vice versa. This paper presents a system that superdistributes encrypted layered content and (1) allows the consumer to select a quality level at which to decrypt and consume the content; (2) prevents the merchant from knowing …
Practical Private Data Matching Deterrent To Spoofing Attacks, Yanjiang Yang, Robert H. Deng, Feng Bao
Practical Private Data Matching Deterrent To Spoofing Attacks, Yanjiang Yang, Robert H. Deng, Feng Bao
Research Collection School Of Computing and Information Systems
Private data matching between the data sets of two potentially distrusted parties has a wide range of applications. However, existing solutions have substantial weaknesses and do not meet the needs of many practical application scenarios. In particular, practical private data matching applications often require discouraging the matching parties from spoofing their private inputs. In this paper, we address this challenge by forcing the matching parties to "escrow" the data they use for matching to an auditorial agent, and in the "after-the-fact" period, they undertake the liability to attest the genuineness of the escrowed data.
Rights Protection For Data Cubes, Jie Guo, Yingjiu Li, Robert H. Deng, Kefei Chen
Rights Protection For Data Cubes, Jie Guo, Yingjiu Li, Robert H. Deng, Kefei Chen
Research Collection School Of Computing and Information Systems
We propose a rights protection scheme for data cubes. The scheme embeds ownership information by modifying a set of selected cell values. The embedded message will not affect the usefulness of data cubes in the sense that the sum queries at any aggregation level are not affected. At the same time, the errors introduced to individual cell values are under control. The embedded message can be detected with a high probability even in the presence of typical data cube attacks. The proposed scheme can thus be used for protecting data cubes from piracy in an open, distributed environment.
Disclosure Analysis For Two-Way Contingency Tables, Haibing Lu, Yingjiu Li, Xintao Wu
Disclosure Analysis For Two-Way Contingency Tables, Haibing Lu, Yingjiu Li, Xintao Wu
Research Collection School Of Computing and Information Systems
Disclosure analysis in two-way contingency tables is important in categorical data analysis. The disclosure analysis concerns whether a data snooper can infer any protected cell values, which contain privacy sensitive information, from available marginal totals (i.e., row sums and column sums) in a two-way contingency table. Previous research has been targeted on this problem from various perspectives. However, there is a lack of systematic definitions on the disclosure of cell values. Also, no previous study has been focused on the distribution of the cells that are subject to various types of disclosure. In this paper, we define four types of …
Three Architectures For Trusted Data Dissemination In Edge Computing, Shen-Tat Goh, Hwee Hwa Pang, Robert H. Deng, Feng Bao
Three Architectures For Trusted Data Dissemination In Edge Computing, Shen-Tat Goh, Hwee Hwa Pang, Robert H. Deng, Feng Bao
Research Collection School Of Computing and Information Systems
Edge computing pushes application logic and the underlying data to the edge of the network, with the aim of improving availability and scalability. As the edge servers are not necessarily secure, there must be provisions for users to validate the results—that values in the result tuples are not tampered with, that no qualifying data are left out, that no spurious tuples are introduced, and that a query result is not actually the output from a different query. This paper aims to address the challenges of ensuring data integrity in edge computing. We study three schemes that enable users to check …
Private Information Retrieval Using Trusted Hardware, Shuhong Wang, Xuhua Ding, Robert H. Deng, Feng Bao
Private Information Retrieval Using Trusted Hardware, Shuhong Wang, Xuhua Ding, Robert H. Deng, Feng Bao
Research Collection School Of Computing and Information Systems
Many theoretical PIR (Private Information Retrieval) constructions have been proposed in the past years. Though information theoretically secure, most of them are impractical to deploy due to the prohibitively high communication and computation complexity. The recent trend in outsourcing databases fuels the research on practical PIR schemes. In this paper, we propose a new PIR system by making use of trusted hardware. Our system is proven to be information theoretically secure. Furthermore, we derive the computation complexity lower bound for hardware-based PIR schemes and show that our construction meets the lower bounds for both the communication and computation costs, respectively.
Authenticating Multi-Dimensional Query Results In Data Publishing, Weiwei Cheng, Hwee Hwa Pang, Kian-Lee Tan
Authenticating Multi-Dimensional Query Results In Data Publishing, Weiwei Cheng, Hwee Hwa Pang, Kian-Lee Tan
Research Collection School Of Computing and Information Systems
In data publishing, the owner delegates the role of satisfying user queries to a third-party publisher. As the publisher may be untrusted or susceptible to attacks, it could produce incorrect query results. This paper introduces a mechanism for users to verify that their query answers on a multi-dimensional dataset are correct, in the sense of being complete (i.e., no qualifying data points are omitted) and authentic (i.e., all the result values originated from the owner). Our approach is to add authentication information into a spatial data structure, by constructing certified chains on the points within each partition, as well as …
A Novel Privacy Preserving Authentication And Access Control Scheme For Pervasive Computing Environments, K. Ren, Wenjing Lou, K. Kim, Robert H. Deng
A Novel Privacy Preserving Authentication And Access Control Scheme For Pervasive Computing Environments, K. Ren, Wenjing Lou, K. Kim, Robert H. Deng
Research Collection School Of Computing and Information Systems
Privacy and security are two important but seemingly contradictory objectives in a pervasive computing environment (PCE). On one hand, service providers want to authenticate legitimate users and make sure they are accessing their authorized services in a legal way. On the other hand, users want to maintain the necessary privacy without being tracked down for wherever they are and whatever they are doing. In this paper, a novel privacy preserving authentication and access control scheme to secure the interactions between mobile users and services in PCEs is proposed. The proposed scheme seamlessly integrates two underlying cryptographic primitives, namely blind signature …
Security Analysis On A Conference Scheme For Mobile Communications, Zhiguo Wan, Feng Bao, Robert H. Deng, A. L. Ananda
Security Analysis On A Conference Scheme For Mobile Communications, Zhiguo Wan, Feng Bao, Robert H. Deng, A. L. Ananda
Research Collection School Of Computing and Information Systems
The conference key distribution scheme (CKDS) enables three or more parties to derive a common conference key to protect the conversation content in their conference. Designing a conference key distribution scheme for mobile communications is a difficult task because wireless networks are more susceptible to attacks and mobile devices usually obtain low power and limited computing capability. In this paper we study a conference scheme for mobile communications and find that the scheme is insecure against the replay attack. With our replay attack, an attacker with a compromised conference key can cause the conferees to reuse the compromised conference key, …
Anonymous Signature Schemes, Guomin Yang, Duncan S. Wong, Xiaotie Deng, Huaxiong Wang
Anonymous Signature Schemes, Guomin Yang, Duncan S. Wong, Xiaotie Deng, Huaxiong Wang
Research Collection School Of Computing and Information Systems
Digital signature is one of the most important primitives in public key cryptography. It provides authenticity, integrity and non-repudiation to many kinds of applications. On signer privacy however, it is generally unclear or suspicious of whether a signature scheme itself can guarantee the anonymity of the signer. In this paper, we give some affirmative answers to it. We formally define the signer anonymity for digital signature and propose some schemes of this type. We show that a signer anonymous signature scheme can be very useful by proposing a new anonymous key exchange protocol which allows a client Alice to establish …
A Practical Password-Based Two-Server Authentication And Key Exchange System, Yanjiang Yang, Robert H. Deng, Feng Bao
A Practical Password-Based Two-Server Authentication And Key Exchange System, Yanjiang Yang, Robert H. Deng, Feng Bao
Research Collection School Of Computing and Information Systems
Most password-based user authentication systems place total trust on the authentication server where cleartext passwords or easily derived password verification data are stored in a central database. Such systems are, thus, by no means resilient against offline dictionary attacks initiated at the server side. Compromise of the authentication server by either outsiders or insiders subjects all user passwords to exposure and may have serious legal and financial repercussions to an organization. Recently, several multiserver password systems were proposed to circumvent the single point of vulnerability inherent in the single-server architecture. However, these multiserver systems are difficult to deploy and operate …
Publicly Verifiable Ownership Protection For Relational Databases, Yingjiu Li, Robert H. Deng
Publicly Verifiable Ownership Protection For Relational Databases, Yingjiu Li, Robert H. Deng
Research Collection School Of Computing and Information Systems
Today, watermarking techniques have been extended from the multimedia context to relational databases so as to protect the ownership of data even after the data are published or distributed. However, all existing watermarking schemes for relational databases are secret key based, thus require a secret key to be presented in proof of ownership. This means that the ownership can only be proven once to the public (e.g., to the court). After that, the secret key is known to the public and the embedded watermark can be easily destroyed by malicious users. Moreover, most of the existing techniques introduce distortions to …
Fortifying Password Authentication In Integrated Healthcare Delivery Systems, Yanjiang Yang, Robert H. Deng, Feng Bao
Fortifying Password Authentication In Integrated Healthcare Delivery Systems, Yanjiang Yang, Robert H. Deng, Feng Bao
Research Collection School Of Computing and Information Systems
Integrated Delivery Systems (IDSs) now become a primary means of care provision in healthcare domain. However, existing password systems (under either the single-server model or the multi-server model) do not provide adequate security when applied to IDSs. We are thus motivated to present a practical password authentication system built upon a novel two-server model. We generalize the two-server model to an architecture of a single control server supporting multiple service servers, tailored to the organizational structure of IDSs. The underlying user authentication and key exchange protocols we propose are password-only, neat, efficient, and robust against off-line dictionary attacks mounted by …
Scalable Authentication Of Mpeg-4 Streams, Yongdong Wu, Robert H. Deng
Scalable Authentication Of Mpeg-4 Streams, Yongdong Wu, Robert H. Deng
Research Collection School Of Computing and Information Systems
This paper presents three scalable and efficient schemes for authenticating MPEG-4 streams: the Flat Authentication Scheme, the Progressive Authentication Scheme, and the Hierarchical Authentication Scheme. All the schemes allow authentication of MPEG-4 streams over lossy networks by integrating seamlessly digital signatures and erasure correction coding with MPEG-4's fine granular scalability. A prominent feature of our schemes is their "sign once, verify many ways" property, i.e., they generate only one digital signature per compressed MPEG-4 object group, but allow clients to verify the authenticity of any down-scaled version of the original signed object group.