Open Access. Powered by Scholars. Published by Universities.®
- Keyword
-
- Cloud storage (4)
- Searchable encryption (4)
- Cloud computing (2)
- Cloud security (2)
- Keyword search (2)
-
- Multi-user (2)
- Access control (1)
- Association rule mining (1)
- Attribute based encryption (1)
- Attribute-based cryptography (1)
- Attribute-based encryption (1)
- Auditing (1)
- Authentication (1)
- Benchmark study (1)
- Blockchain (1)
- Conjunctive query (1)
- Constant size (1)
- Criteria-based encryption (1)
- Cryptanalysis (1)
- Data dynamics (1)
- Data integrity (1)
- Data security and privacy (1)
- Data sharing mechanism (1)
- Deduplication (1)
- Diffie-Hellman language (1)
- Disambiguation (1)
- Dual-cloud architecture (1)
- Dummy attributes (1)
- Dynamic update (1)
- Dynamics (1)
Articles 1 - 21 of 21
Full-Text Articles in Information Security
Owner-Free Distributed Symmetric Searchable Encryption Supporting Conjunctive Queries, Qiuyun Tong, Xinghua Li, Yinbin Miao, Yunwei Wang, Ximeng Liu, Robert H. Deng
Owner-Free Distributed Symmetric Searchable Encryption Supporting Conjunctive Queries, Qiuyun Tong, Xinghua Li, Yinbin Miao, Yunwei Wang, Ximeng Liu, Robert H. Deng
Research Collection School Of Computing and Information Systems
Symmetric Searchable Encryption (SSE), as an ideal primitive, can ensure data privacy while supporting retrieval over encrypted data. However, existing multi-user SSE schemes require the data owner to share the secret key with all query users or always be online to generate search tokens. While there are some solutions to this problem, they have at least one weakness, such as non-supporting conjunctive query, result decryption assistance of the data owner, and unauthorized access. To solve the above issues, we propose an Owner-free Distributed Symmetric searchable encryption supporting Conjunctive query (ODiSC). Specifically, we first evaluate the Learning-Parity-with-Noise weak Pseudorandom Function (LPN-wPRF) …
Benchmarking Library Recognition In Tweets, Ting Zhang, Divya Prabha Chandrasekaran, Ferdian Thung, David Lo
Benchmarking Library Recognition In Tweets, Ting Zhang, Divya Prabha Chandrasekaran, Ferdian Thung, David Lo
Research Collection School Of Computing and Information Systems
Software developers often use social media (such as Twitter) to shareprogramming knowledge such as new tools, sample code snippets,and tips on programming. One of the topics they talk about is thesoftware library. The tweets may contain useful information abouta library. A good understanding of this information, e.g., on thedeveloper’s views regarding a library can be beneficial to weigh thepros and cons of using the library as well as the general sentimentstowards the library. However, it is not trivial to recognize whethera word actually refers to a library or other meanings. For example,a tweet mentioning the word “pandas" may refer to …
Message-Locked Searchable Encryption: A New Versatile Tool For Secure Cloud Storage, Xueqiao Liu, Guomin Yang, Willy Susilo, Joseph Tonien, Rongmao Chen, Xixiang Lv
Message-Locked Searchable Encryption: A New Versatile Tool For Secure Cloud Storage, Xueqiao Liu, Guomin Yang, Willy Susilo, Joseph Tonien, Rongmao Chen, Xixiang Lv
Research Collection School Of Computing and Information Systems
Message-Locked Encryption (MLE) is a useful tool to enable deduplication over encrypted data in cloud storage. It can significantly improve the cloud service quality by eliminating redundancy to save storage resources, and hence user cost, and also providing defense against different types of attacks, such as duplicate faking attack and brute-force attack. A typical MLE scheme only focuses on deduplication. On the other hand, supporting search operations on stored content is another essential requirement for cloud storage. In this article, we present a message-locked searchable encryption (MLSE) scheme in a dual-server setting, which achieves simultaneously the desirable features of supporting …
Verifiable Searchable Encryption Framework Against Insider Keyword-Guessing Attack In Cloud Storage, Yinbin Miao, Robert H. Deng, Kim-Kwang Raymond Choo, Ximeng Liu, Hongwei Li
Verifiable Searchable Encryption Framework Against Insider Keyword-Guessing Attack In Cloud Storage, Yinbin Miao, Robert H. Deng, Kim-Kwang Raymond Choo, Ximeng Liu, Hongwei Li
Research Collection School Of Computing and Information Systems
Searchable encryption (SE) allows cloud tenants to retrieve encrypted data while preserving data confidentiality securely. Many SE solutions have been designed to improve efficiency and security, but most of them are still susceptible to insider Keyword-Guessing Attacks (KGA), which implies that the internal attackers can guess the candidate keywords successfully in an off-line manner. Also in existing SE solutions, a semi-honest-but-curious cloud server may deliver incorrect search results by performing only a fraction of retrieval operations honestly (e.g., to save storage space). To address these two challenging issues, we first construct the basic Verifiable SE Framework (VSEF), which can withstand …
Efficient Certificateless Multi-Copy Integrity Auditing Scheme Supporting Data Dynamics, Lei Zhou, Anmin Fu, Guomin Yang, Huaqun Wang, Yuqing Zhang
Efficient Certificateless Multi-Copy Integrity Auditing Scheme Supporting Data Dynamics, Lei Zhou, Anmin Fu, Guomin Yang, Huaqun Wang, Yuqing Zhang
Research Collection School Of Computing and Information Systems
To improve data availability and durability, cloud users would like to store multiple copies of their original files at servers. The multi-copy auditing technique is proposed to provide users with the assurance that multiple copies are actually stored in the cloud. However, most multi-replica solutions rely on Public Key Infrastructure (PKI), which entails massive overhead of certificate computation and management. In this article, we propose an efficient multi-copy dynamic integrity auditing scheme by employing certificateless signatures (named MDSS), which gets rid of expensive certificate management overhead and avoids the key escrow problem in identity-based signatures. Specifically, we improve the classic …
Efficient Server-Aided Secure Two-Party Computation In Heterogeneous Mobile Cloud Computing, Yulin Wu, Xuan Wang, Willy Susilo, Guomin Yang, Zoe L. Jiang, Qian Chen, Peng Xu
Efficient Server-Aided Secure Two-Party Computation In Heterogeneous Mobile Cloud Computing, Yulin Wu, Xuan Wang, Willy Susilo, Guomin Yang, Zoe L. Jiang, Qian Chen, Peng Xu
Research Collection School Of Computing and Information Systems
With the ubiquity of mobile devices and rapid development of cloud computing, mobile cloud computing (MCC) has been considered as an essential computation setting to support complicated, scalable and flexible mobile applications by overcoming the physical limitations of mobile devices with the aid of cloud. In the MCC setting, since many mobile applications (e.g., map apps) interacting with cloud server and application server need to perform computation with the private data of users, it is important to realize secure computation for MCC. In this article, we propose an efficient server-aided secure two-party computation (2PC) protocol for MCC. This is the …
Multi-User Verifiable Searchable Symmetric Encryption For Cloud Storage, Xueqiao Liu, Guomin Yang, Guomin Yang
Multi-User Verifiable Searchable Symmetric Encryption For Cloud Storage, Xueqiao Liu, Guomin Yang, Guomin Yang
Research Collection School Of Computing and Information Systems
In a cloud data storage system, symmetric key encryption is usually used to encrypt files due to its high efficiency. In order allow the untrusted/semi-trusted cloud storage server to perform searching over encrypted data while maintaining data confidentiality, searchable symmetric encryption (SSE) has been proposed. In a typical SSE scheme, a users stores encrypted files on a cloud storage server and later can retrieve the encrypted files containing specific keywords. The basic security requirement of SSE is that the cloud server learns no information about the files or the keywords during the searching process. Some SSE schemes also offer additional …
Efficient Fine-Grained Data Sharing Mechanism For Electronic Medical Record Systems With Mobile Devices, Hui Ma, Rui Zhang, Guomin Yang, Zishuai Zong, Kai He, Yuting Xiao
Efficient Fine-Grained Data Sharing Mechanism For Electronic Medical Record Systems With Mobile Devices, Hui Ma, Rui Zhang, Guomin Yang, Zishuai Zong, Kai He, Yuting Xiao
Research Collection School Of Computing and Information Systems
Sharing digital medical records on public cloud storage via mobile devices facilitates patients (doctors) to get (offer) medical treatment of high quality and efficiency. However, challenges such as data privacy protection, flexible data sharing, efficient authority delegation, computation efficiency optimization, are remaining toward achieving practical fine-grained access control in the Electronic Medical Record (EMR) system. In this work, we propose an innovative access control model and a fine-grained data sharing mechanism for EMR, which simultaneously achieves the above-mentioned features and is suitable for resource-constrained mobile devices. In the model, complex computation is outsourced to public cloud servers, leaving almost no …
Attribute-Based Cloud Data Integrity Auditing For Secure Outsourced Storage, Yong Yu, Yannan Li, Bo Yang, Willy Susilo, Guomin Yang, Jian Bai
Attribute-Based Cloud Data Integrity Auditing For Secure Outsourced Storage, Yong Yu, Yannan Li, Bo Yang, Willy Susilo, Guomin Yang, Jian Bai
Research Collection School Of Computing and Information Systems
Outsourced storage such as cloud storage can significantly reduce the burden of data management of data owners. Despite of a long list of merits of cloud storage, it triggers many security risks at the same time. Data integrity, one of the most burning challenges in secure cloud storage, is a fundamental and pivotal element in outsourcing services. Outsourced data auditing protocols enable a verifier to efficiently check the integrity of the outsourced files without downloading the entire file from the cloud, which can dramatically reduce the communication overhead between the cloud server and the verifier. Existing protocols are mostly based …
Designated-Server Identity-Based Authenticated Encryption With Keyword Search For Encrypted Emails, Hongbo Li, Qiong Huang, Jian Shen, Guomin Yang, Willy Susilo
Designated-Server Identity-Based Authenticated Encryption With Keyword Search For Encrypted Emails, Hongbo Li, Qiong Huang, Jian Shen, Guomin Yang, Willy Susilo
Research Collection School Of Computing and Information Systems
In encrypted email system, how to search over encrypted cloud emails without decryption is an important and practical problem. Public key encryption with keyword search (PEKS) is an efficient solution to it. However, PEKS suffers from the complex key management problem in the public key infrastructure. Its variant in the identity-based setting addresses the drawback, however, almost all the schemes does not resist against offline keyword guessing attacks (KGA) by inside adversaries. In this work we introduce the notion of designated-server identity-based authenticated encryption with keyword search (dIBAEKS), in which the email sender authenticates the message while encrypting so that …
Blockchain Based Efficient And Robust Fair Payment For Outsourcing Services In Cloud Computing, Yinghui Zhang, Robert H. Deng, Ximeng Liu, Dong Zheng
Blockchain Based Efficient And Robust Fair Payment For Outsourcing Services In Cloud Computing, Yinghui Zhang, Robert H. Deng, Ximeng Liu, Dong Zheng
Research Collection School Of Computing and Information Systems
As an attractive business model of cloud computing, outsourcing services usually involve online payment and security issues. The mutual distrust between users and outsourcing service providers may severely impede the wide adoption of cloud computing. Nevertheless, most existing payment solutions only consider a specific type of outsourcing service and rely on a trusted third-party to realize fairness. In this paper, in order to realize secure and fair payment of outsourcing services in general without relying on any third-party, trusted or not, we introduce BCPay, a blockchain based fair payment framework for outsourcing services in cloud computing. We first present the …
Privacy-Preserving Mining Of Association Rule On Outsourced Cloud Data From Multiple Parties, Lin Liu, Jinshu Su, Rongmao Chen, Ximeng Liu, Xiaofeng Wang, Shuhui Chen, Ho-Fung Fung Leung
Privacy-Preserving Mining Of Association Rule On Outsourced Cloud Data From Multiple Parties, Lin Liu, Jinshu Su, Rongmao Chen, Ximeng Liu, Xiaofeng Wang, Shuhui Chen, Ho-Fung Fung Leung
Research Collection School Of Computing and Information Systems
It has been widely recognized as a challenge to carry out data analysis and meanwhile preserve its privacy in the cloud. In this work, we mainly focus on a well-known data analysis approach namely association rule mining. We found that the data privacy in this mining approach have not been well considered so far. To address this problem, we propose a scheme for privacy-preserving association rule mining on outsourced cloud data which are uploaded from multiple parties in a twin-cloud architecture. In particular, we mainly consider the scenario where the data owners and miners have different encryption keys that are …
Criteria-Based Encryption, Tran Viet Xuan Phuong, Guomin Yang, Willy Susilo
Criteria-Based Encryption, Tran Viet Xuan Phuong, Guomin Yang, Willy Susilo
Research Collection School Of Computing and Information Systems
We present a new type of public-key encryption called Criteria-based Encryption (or , for short). Different from Attribute-based Encryption, in , we consider the access policies as criteria carrying different weights. A user must hold some cases (or answers) satisfying the criteria and have sufficient weights in order to successfully decrypt a message. We then propose two Schemes under different settings: the first scheme requires a user to have at least one case for a criterion specified by the encryptor in the access structure, while the second scheme requires a user to have all the cases for each criterion. We …
Constant-Size Ciphertexts In Threshold Attribute-Based Encryption Without Dummy Attributes, Willy Susilo, Guomin Yang, Fuchun Guo, Qiong Huang
Constant-Size Ciphertexts In Threshold Attribute-Based Encryption Without Dummy Attributes, Willy Susilo, Guomin Yang, Fuchun Guo, Qiong Huang
Research Collection School Of Computing and Information Systems
Attribute-based encryption (ABE) is an augmentation of public key encryption that allows users to encrypt and decrypt messages based on users' attributes. In a (t, s) threshold ABE, users who can decrypt a ciphertext must hold at least t attributes among the s attributes specified by the encryptor. At PKC 2010, Herranz, Laguillaumie and Raft& proposed the first threshold ABE with constant-size ciphertexts. In order to ensure the encryptor can flexibly select the attribute set and a threshold value, they use dummy attributes to satisfy the decryption requirement. The advantage of their scheme is that any addition or removal of …
Attribute-Based Encryption With Expressive And Authorized Keyword Search, Hui Cui, Robert H. Deng, Joseph K. Liu, Yingjiu Li
Attribute-Based Encryption With Expressive And Authorized Keyword Search, Hui Cui, Robert H. Deng, Joseph K. Liu, Yingjiu Li
Research Collection School Of Computing and Information Systems
To protect data security and privacy in cloud storage systems, a common solution is to outsource data in encrypted forms so that the data will remain secure and private even if storage systems are compromised. The encrypted data, however, must be pliable to search and access control. In this paper, we introduce a notion of attribute-based encryption with expressive and authorized keyword search (ABE-EAKS) to support both expressive keyword search and fine-grained access control over encrypted data in the cloud. In ABE-EAKS, every data user is associated with a set of attributes and is issued a private attribute-key corresponding to …
Cryptography And Data Security In Cloud Computing, Zheng Yan, Robert H. Deng, Vijay Varadharajan
Cryptography And Data Security In Cloud Computing, Zheng Yan, Robert H. Deng, Vijay Varadharajan
Research Collection School Of Computing and Information Systems
Cloud computing offers a new way of services by re-arranging various resources and providing them to users based on their demands. It also plays an important role in the next generation mobile networks and services (5G) and Cyber-Physical and Social Computing (CPSC). Storing data in the cloud greatly reduces storage burden of users and brings them access convenience, thus it has become one of the most important cloud services. However, cloud data security, privacy and trust become a crucial issue that impacts the success of cloud computing and may impede the development of 5G and CPSC. First, storing data at …
Indoor Localization Via Multi-Modal Sensing On Smartphones, Han Xu, Zheng Yang, Zimu Zhou, Longfei Shangguan, Ke Yi, Yunhao Liu
Indoor Localization Via Multi-Modal Sensing On Smartphones, Han Xu, Zheng Yang, Zimu Zhou, Longfei Shangguan, Ke Yi, Yunhao Liu
Research Collection School Of Computing and Information Systems
Indoor localization is of great importance to a wide range ofapplications in shopping malls, office buildings and publicplaces. The maturity of computer vision (CV) techniques andthe ubiquity of smartphone cameras hold promise for offering sub-meter accuracy localization services. However, pureCV-based solutions usually involve hundreds of photos andpre-calibration to construct image database, a labor-intensiveoverhead for practical deployment. We present ClickLoc, anaccurate, easy-to-deploy, sensor-enriched, image-based indoor localization system. With core techniques rooted insemantic information extraction and optimization-based sensor data fusion, ClickLoc is able to bootstrap with few images. Leveraging sensor-enriched photos, ClickLoc also enables user localization with a single photo of the …
Linear Encryption With Keyword Search, Shiwei Zhang, Guomin Yang, Yi Mu
Linear Encryption With Keyword Search, Shiwei Zhang, Guomin Yang, Yi Mu
Research Collection School Of Computing and Information Systems
Nowadays an increasing amount of data stored in the public cloud need to be searched remotely for fast accessing. For the sake of privacy, the remote files are usually encrypted, which makes them difficult to be searched by remote servers. It is also harder to efficiently share encrypted data in the cloud than those in plaintext. In this paper, we develop a searchable encryption framework called Linear Encryption with Keyword Search (LEKS) that can semi-generically convert some existing encryption schemes meeting our Linear Encryption Template (LET) to be searchable without re-encrypting all the data. For allowing easy data sharing, we …
Dual-Server Public-Key Encryption With Keyword Search For Secure Cloud Storage, Rongmao Chen, Yi Mu, Guomin Yang, Fuchun Guo, Xiaofen Wang
Dual-Server Public-Key Encryption With Keyword Search For Secure Cloud Storage, Rongmao Chen, Yi Mu, Guomin Yang, Fuchun Guo, Xiaofen Wang
Research Collection School Of Computing and Information Systems
Searchable encryption is of increasing interest for protecting the data privacy in secure searchable cloud storage. In this paper, we investigate the security of a well-known cryptographic primitive, namely, public key encryption with keyword search (PEKS) which is very useful in many applications of cloud storage. Unfortunately, it has been shown that the traditional PEKS framework suffers from an inherent insecurity called inside keyword guessing attack (KGA) launched by the malicious server. To address this security vulnerability, we propose a new PEKS framework named dual-server PEKS (DS-PEKS). As another main contribution, we define a new variant of the smooth projective …
From Physical Security To Cybersecurity, Arunesh Sinha, Thanh H. Nguyen, Debarun Kar, Matthew Brown, Milind Tambe, Albert Xin Jiang
From Physical Security To Cybersecurity, Arunesh Sinha, Thanh H. Nguyen, Debarun Kar, Matthew Brown, Milind Tambe, Albert Xin Jiang
Research Collection School Of Computing and Information Systems
Security is a critical concern around the world. In many domains from cybersecurity to sustainability, limited security resources prevent complete security coverage at all times. Instead, these limited resources must be scheduled (or allocated or deployed), while simultaneously taking into account the importance of different targets, the responses of the adversaries to the security posture, and the potential uncertainties in adversary payoffs and observations, etc. Computational game theory can help generate such security schedules. Indeed, casting the problem as a Stackelberg game, we have developed new algorithms that are now deployed over multiple years in multiple applications for scheduling of …
On The Security Of Auditing Mechanisms For Secure Cloud Storage, Yong Yu, Lei Niu, Guomin Yang, Yi Mu, Willy Susilo
On The Security Of Auditing Mechanisms For Secure Cloud Storage, Yong Yu, Lei Niu, Guomin Yang, Yi Mu, Willy Susilo
Research Collection School Of Computing and Information Systems
Cloud computing is a novel computing model that enables convenient and on-demand access to a shared pool of configurable computing resources. Auditing services are highly essential to make sure that the data is correctly hosted in the cloud. In this paper, we investigate the active adversary attacks in three auditing mechanisms for shared data in the cloud, including two identity privacy-preserving auditing mechanisms called Oruta and Knox, and a distributed storage integrity auditing mechanism.We show that these schemes become insecure when active adversaries are involved in the cloud storage. Specifically, an active adversary can arbitrarily alter the cloud data without …