Open Access. Powered by Scholars. Published by Universities.®
- Institution
- Publication
- Publication Type
Articles 1 - 10 of 10
Full-Text Articles in Information Security
Reks: Role-Based Encrypted Keyword Search With Enhanced Access Control For Outsourced Cloud Data, Yibin Miao, Feng Li, Xiaohua Jia, Huaxiong Wang, Ximeng Liu, Kim-Kwang Raymond Choo, Robert H. Deng
Reks: Role-Based Encrypted Keyword Search With Enhanced Access Control For Outsourced Cloud Data, Yibin Miao, Feng Li, Xiaohua Jia, Huaxiong Wang, Ximeng Liu, Kim-Kwang Raymond Choo, Robert H. Deng
Research Collection School Of Computing and Information Systems
Keyword-based search over encrypted data is an important technique to achieve both data confidentiality and utilization in cloud outsourcing services. While commonly used access control mechanisms, such as identity-based encryption and attribute-based encryption, do not generally scale well for hierarchical access permissions. To solve this problem, we propose a Role-based Encrypted Keyword Search (REKS) scheme by using the role-based access control and broadcast encryption. Specifically, REKS allows owners to deploy hierarchical access control by allowing users with parent roles to have access permissions from child roles. Using REKS, we further facilitate token generation preprocessing and efficient user management, thereby significantly …
Soci: A Toolkit For Secure Outsourced Computation On Integers, Bowen Zhao, Jiaming Yuan, Ximeng Liu, Yongdong Wu, Hwee Hwa Pang, Robert H. Deng
Soci: A Toolkit For Secure Outsourced Computation On Integers, Bowen Zhao, Jiaming Yuan, Ximeng Liu, Yongdong Wu, Hwee Hwa Pang, Robert H. Deng
Research Collection School Of Computing and Information Systems
Secure outsourced computation is a key technique for protecting data security and privacy in the cloud. Although fully homomorphic encryption (FHE) enables computations over encrypted data, it suffers from high computation costs in order to support an unlimited number of arithmetic operations. Recently, secure computations based on interactions of multiple computation servers and partially homomorphic encryption (PHE) were proposed in the literature, which enable an unbound number of addition and multiplication operations on encrypted data more efficiently than FHE and do not add any noise to encrypted data; however, these existing solutions are either limited in functionalities (e.g., computation on …
Privacy-Preserving Data Processing With Flexible Access Control, Wenxiu Ding, Zheng Yan, Robert H. Deng
Privacy-Preserving Data Processing With Flexible Access Control, Wenxiu Ding, Zheng Yan, Robert H. Deng
Research Collection School Of Computing and Information Systems
Cloud computing provides an efficient and convenient platform for cloud users to store, process and control their data. Cloud overcomes the bottlenecks of resource-constrained user devices and greatly releases their storage and computing burdens. However, due to the lack of full trust in cloud service providers, the cloud users generally prefer to outsource their sensitive data in an encrypted form, which, however, seriously complicates data processing, analysis, as well as access control. Homomorphic encryption (HE) as a single key system cannot flexibly control data sharing and access after encrypted data processing. How to realize various computations over encrypted data in …
Lightweight Fine-Grained Search Over Encrypted Data In Fog Computing, Yinbin Miao, Jianfeng Ma, Ximeng Liu, Jian Weng, Hongwei Li, Hui Li
Lightweight Fine-Grained Search Over Encrypted Data In Fog Computing, Yinbin Miao, Jianfeng Ma, Ximeng Liu, Jian Weng, Hongwei Li, Hui Li
Research Collection School Of Computing and Information Systems
Fog computing, as an extension of cloud computing, outsources the encrypted sensitive data to multiple fog nodes on the edge of Internet of Things (IoT) to decrease latency and network congestion. However, the existing ciphertext retrieval schemes rarely focus on the fog computing environment and most of them still impose high computational and storage overhead on resource-limited end users. In this paper, we first present a Lightweight Fine-Grained ciphertexts Search (LFGS) system in fog computing by extending Ciphertext-Policy Attribute-Based Encryption (CP-ABE) and Searchable Encryption (SE) technologies, which can achieve fine-grained access control and keyword search simultaneously. The LFGS can shift …
A Scalable Approach To Joint Cyber Insurance And Security-As-A-Service Provisioning In Cloud Computing, Jonathan David Chase, Dusit Niyato, Ping Wang, Sivadon Chaisiri, Ryan K. L. Ko
A Scalable Approach To Joint Cyber Insurance And Security-As-A-Service Provisioning In Cloud Computing, Jonathan David Chase, Dusit Niyato, Ping Wang, Sivadon Chaisiri, Ryan K. L. Ko
Research Collection School Of Computing and Information Systems
As computing services are increasingly cloud-based, corporations are investing in cloud-based security measures. The Security-as-a-Service (SECaaS) paradigm allows customers to outsource security to the cloud, through the payment of a subscription fee. However, no security system is bulletproof, and even one successful attack can result in the loss of data and revenue worth millions of dollars. To guard against this eventuality, customers may also purchase cyber insurance to receive recompense in the case of loss. To achieve cost effectiveness, it is necessary to balance provisioning of security and insurance, even when future costs and risks are uncertain. To this end, …
Building Consumer Trust In The Cloud: An Experimental Analysis Of The Cloud Trust Label Approach, Lisa Van Der Werff, Grace Fox, Ieva Masevic, Vincent C. Emeakaroha, John P. Morrison, Theo Lynn
Building Consumer Trust In The Cloud: An Experimental Analysis Of The Cloud Trust Label Approach, Lisa Van Der Werff, Grace Fox, Ieva Masevic, Vincent C. Emeakaroha, John P. Morrison, Theo Lynn
Department of Computer Science Publications
The lack of transparency surrounding cloud service provision makes it difficult for consumers to make knowledge based purchasing decisions. As a result, consumer trust has become a major impediment to cloud computing adoption. Cloud Trust Labels represent a means of communicating relevant service and security information to potential customers on the cloud service provided, thereby facilitating informed decision making. This research investigates the potential of a Cloud Trust Label system to overcome the trust barrier. Specifically, it examines the impact of a Cloud Trust Label on consumer perceptions of a service and cloud service provider trustworthiness and trust in the …
Vpsearch: Achieving Verifiability For Privacy-Preserving Multi-Keyword Search Over Encrypted Cloud Data, Zhiguo Wan, Robert H. Deng
Vpsearch: Achieving Verifiability For Privacy-Preserving Multi-Keyword Search Over Encrypted Cloud Data, Zhiguo Wan, Robert H. Deng
Research Collection School Of Computing and Information Systems
Although cloud computing offers elastic computation and storage resources, it poses challenges on verifiability of computations and data privacy. In this work we investigate verifiability for privacy-preserving multi-keyword search over outsourced documents. As the cloud server may return incorrect results due to system faults or incentive to reduce computation cost, it is critical to offer verifiability of search results and privacy protection for outsourced data at the same time. To fulfill these requirements, we design aVerifiablePrivacy-preserving keywordSearch scheme, called VPSearch, by integrating an adapted homomorphic MAC technique with a privacy-preserving multi-keyword search scheme. The proposed scheme enables the client to …
Ten Simple Rules For Responsible Big Data Research, Matthew Zook, Solon Barocas, Danah Boyd, Kate Crawford, Emily Keller, Seeta Peña Gangadharan, Alyssa Goodman, Rachelle Hollander, Barbara A. Koenig, Jacob Metcalf, Arvind Narayanan, Alondra Nelson, Frank Pasquale
Ten Simple Rules For Responsible Big Data Research, Matthew Zook, Solon Barocas, Danah Boyd, Kate Crawford, Emily Keller, Seeta Peña Gangadharan, Alyssa Goodman, Rachelle Hollander, Barbara A. Koenig, Jacob Metcalf, Arvind Narayanan, Alondra Nelson, Frank Pasquale
Geography Faculty Publications
No abstract provided.
A System For Detecting Malicious Insider Data Theft In Iaas Cloud Environments, Jason Nikolai, Yong Wang
A System For Detecting Malicious Insider Data Theft In Iaas Cloud Environments, Jason Nikolai, Yong Wang
Research & Publications
The Cloud Security Alliance lists data theft and insider attacks as critical threats to cloud security. Our work puts forth an approach using a train, monitor, detect pattern which leverages a stateful rule based k-nearest neighbors anomaly detection technique and system state data to detect inside attacker data theft on Infrastructure as a Service (IaaS) nodes. We posit, instantiate, and demonstrate our approach using the Eucalyptus cloud computing infrastructure where we observe a 100 percent detection rate for abnormal login events and data copies to outside systems.
A Secure And Fair Resource Sharing Model For Community Clouds, Santhosh S. Anand
A Secure And Fair Resource Sharing Model For Community Clouds, Santhosh S. Anand
Graduate Theses and Dissertations
Cloud computing has gained a lot of importance and has been one of the most discussed segment of today's IT industry. As enterprises explore the idea of using clouds, concerns have emerged related to cloud security and standardization. This thesis explores whether the Community Cloud Deployment Model can provide solutions to some of the concerns associated with cloud computing. A secure framework based on trust negotiations for resource sharing within the community is developed as a means to provide standardization and security while building trust during resource sharing within the community. Additionally, a model for fair sharing of resources is …