Open Access. Powered by Scholars. Published by Universities.®
- Institution
- Publication
- Publication Type
Articles 1 - 9 of 9
Full-Text Articles in Information Security
Reks: Role-Based Encrypted Keyword Search With Enhanced Access Control For Outsourced Cloud Data, Yibin Miao, Feng Li, Xiaohua Jia, Huaxiong Wang, Ximeng Liu, Kim-Kwang Raymond Choo, Robert H. Deng
Reks: Role-Based Encrypted Keyword Search With Enhanced Access Control For Outsourced Cloud Data, Yibin Miao, Feng Li, Xiaohua Jia, Huaxiong Wang, Ximeng Liu, Kim-Kwang Raymond Choo, Robert H. Deng
Research Collection School Of Computing and Information Systems
Keyword-based search over encrypted data is an important technique to achieve both data confidentiality and utilization in cloud outsourcing services. While commonly used access control mechanisms, such as identity-based encryption and attribute-based encryption, do not generally scale well for hierarchical access permissions. To solve this problem, we propose a Role-based Encrypted Keyword Search (REKS) scheme by using the role-based access control and broadcast encryption. Specifically, REKS allows owners to deploy hierarchical access control by allowing users with parent roles to have access permissions from child roles. Using REKS, we further facilitate token generation preprocessing and efficient user management, thereby significantly …
Privacy-Preserving Data Processing With Flexible Access Control, Wenxiu Ding, Zheng Yan, Robert H. Deng
Privacy-Preserving Data Processing With Flexible Access Control, Wenxiu Ding, Zheng Yan, Robert H. Deng
Research Collection School Of Computing and Information Systems
Cloud computing provides an efficient and convenient platform for cloud users to store, process and control their data. Cloud overcomes the bottlenecks of resource-constrained user devices and greatly releases their storage and computing burdens. However, due to the lack of full trust in cloud service providers, the cloud users generally prefer to outsource their sensitive data in an encrypted form, which, however, seriously complicates data processing, analysis, as well as access control. Homomorphic encryption (HE) as a single key system cannot flexibly control data sharing and access after encrypted data processing. How to realize various computations over encrypted data in …
Lightweight Fine-Grained Search Over Encrypted Data In Fog Computing, Yinbin Miao, Jianfeng Ma, Ximeng Liu, Jian Weng, Hongwei Li, Hui Li
Lightweight Fine-Grained Search Over Encrypted Data In Fog Computing, Yinbin Miao, Jianfeng Ma, Ximeng Liu, Jian Weng, Hongwei Li, Hui Li
Research Collection School Of Computing and Information Systems
Fog computing, as an extension of cloud computing, outsources the encrypted sensitive data to multiple fog nodes on the edge of Internet of Things (IoT) to decrease latency and network congestion. However, the existing ciphertext retrieval schemes rarely focus on the fog computing environment and most of them still impose high computational and storage overhead on resource-limited end users. In this paper, we first present a Lightweight Fine-Grained ciphertexts Search (LFGS) system in fog computing by extending Ciphertext-Policy Attribute-Based Encryption (CP-ABE) and Searchable Encryption (SE) technologies, which can achieve fine-grained access control and keyword search simultaneously. The LFGS can shift …
Attribute-Based Cloud Storage With Secure Provenance Over Encrypted Data, Hui Cui, Robert H. Deng, Yingjiu Li
Attribute-Based Cloud Storage With Secure Provenance Over Encrypted Data, Hui Cui, Robert H. Deng, Yingjiu Li
Research Collection School Of Computing and Information Systems
To securely and conveniently enjoy the benefits of cloud storage, it is desirable to design a cloud data storage system which protects data privacy from storage servers through encryption, allows fine-grained access control such that data providers can expressively specify who are eligible to access the encrypted data, enables dynamic user management such that the total number of data users is unbounded and user revocation can be carried out conveniently, supports data provider anonymity and traceability such that a data provider’s identity is not disclosed to data users in normal circumstances but can be traced by a trusted authority if …
Encrypted Data Processing With Homomorphic Re-Encryption, Wenxiu Ding, Zheng Yan, Robert H. Deng
Encrypted Data Processing With Homomorphic Re-Encryption, Wenxiu Ding, Zheng Yan, Robert H. Deng
Research Collection School Of Computing and Information Systems
Cloud computing offers various services to users by re-arranging storage and computing resources. In order to preserve data privacy, cloud users may choose to upload encrypted data rather than raw data to the cloud. However, processing and analyzing encrypted data are challenging problems, which have received increasing attention in recent years. Homomorphic Encryption (HE) was proposed to support computation on encrypted data and ensure data confidentiality simultaneously. However, a limitation of HE is it is a single user system, which means it only allows the party that owns a homomorphic decryption key to decrypt processed ciphertexts. Original HE cannot support …
Design And Implementation Of Digital Information Security For Physical Documents, Pengcheng Wang
Design And Implementation Of Digital Information Security For Physical Documents, Pengcheng Wang
Masters Theses
The objective of this thesis is to improve the security for physical paper documents. Providing information security has been difficult in environments that rely on physical paper documents to implement business processes. Our work presents the design of a digital information security system for paper documents, called "CryptoPaper", that uses 2-dimensional codes to represent data and its security properties on paper. A special scanner system is designed for "CryptoPaper" which uses image recognition techniques and cloud-based access control to display plaintext of encrypted and encoded data to authorized users.
Multidimensional Context Awareness In Mobile Devices, Zhuo Wei, Robert H. Deng, Jialie Shen, Jixiang Zhu, Kun Ouyang, Yongdong Wu
Multidimensional Context Awareness In Mobile Devices, Zhuo Wei, Robert H. Deng, Jialie Shen, Jixiang Zhu, Kun Ouyang, Yongdong Wu
Research Collection School Of Computing and Information Systems
With the increase of mobile computation ability and the development of wireless network transmission technology, mobile devices not only are the important tools of personal life (e.g., education and entertainment), but also emerge as indispensable "secretary" of business activities (e.g., email and phone call). However, since mobile devices could work under complex and dynamic local and network conditions, they are vulnerable to local and remote security attacks. In real applications, different kinds of data protection are required by various local contexts. To provide appropriate protection, we propose a multidimensional context (MContext) scheme to comprehensively model and characterize the scene and …
A Secure And Efficient Discovery Service System In Epcglobal Network, Jie Shi, Yingjiu Li, Robert H. Deng
A Secure And Efficient Discovery Service System In Epcglobal Network, Jie Shi, Yingjiu Li, Robert H. Deng
Research Collection School Of Computing and Information Systems
In recent years, the Internet of Things (IOT) has drawn considerable attention from the industrial and research communities. Due to the vast amount of data generated through IOT devices and users, there is an urgent need for an effective search engine to help us make sense of this massive amount of data. With this motivation, we begin our initial works on developing a secure and efficient search engine (SecDS) based on EPC Discovery Services (EPCDS) for EPCglobal network, an integral part of IOT. SecDS is designed to provide a bridge between different partners of supply chains to share information while …
Networks - Ii: Overhead Analysis Of Security Implementation Using Ipsec, Muhammad Awais Azam, Zaka -Ul- Mustafa, Usman Tahir, S. M. Ahsan, Muhammad Adnan Naseem, Imran Rashid, Muhammad Adeel
Networks - Ii: Overhead Analysis Of Security Implementation Using Ipsec, Muhammad Awais Azam, Zaka -Ul- Mustafa, Usman Tahir, S. M. Ahsan, Muhammad Adnan Naseem, Imran Rashid, Muhammad Adeel
International Conference on Information and Communication Technologies
Authentication, access control, encryption and auditing make up the essential elements of network security. Researchers have dedicated a large amount of efforts to implement security features that fully incorporate the use of all these elements. Currently, data networks mainly provide authentication and confidentiality services. Confidentiality alone is not able to protect the system, thus, suitable security measures must be taken. However, this security is itself an overhead which must be accounted for. A trade-off must exist between performance and security. This trade-off must be carefully managed so as not to deteriorate the systems being secured. This calls for the true …