Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
- Institution
- Publication Year
- Publication
- Publication Type
Articles 1 - 12 of 12
Full-Text Articles in Physical Sciences and Mathematics
Reks: Role-Based Encrypted Keyword Search With Enhanced Access Control For Outsourced Cloud Data, Yibin Miao, Feng Li, Xiaohua Jia, Huaxiong Wang, Ximeng Liu, Kim-Kwang Raymond Choo, Robert H. Deng
Reks: Role-Based Encrypted Keyword Search With Enhanced Access Control For Outsourced Cloud Data, Yibin Miao, Feng Li, Xiaohua Jia, Huaxiong Wang, Ximeng Liu, Kim-Kwang Raymond Choo, Robert H. Deng
Research Collection School Of Computing and Information Systems
Keyword-based search over encrypted data is an important technique to achieve both data confidentiality and utilization in cloud outsourcing services. While commonly used access control mechanisms, such as identity-based encryption and attribute-based encryption, do not generally scale well for hierarchical access permissions. To solve this problem, we propose a Role-based Encrypted Keyword Search (REKS) scheme by using the role-based access control and broadcast encryption. Specifically, REKS allows owners to deploy hierarchical access control by allowing users with parent roles to have access permissions from child roles. Using REKS, we further facilitate token generation preprocessing and efficient user management, thereby significantly …
Privacy-Preserving Data Processing With Flexible Access Control, Wenxiu Ding, Zheng Yan, Robert H. Deng
Privacy-Preserving Data Processing With Flexible Access Control, Wenxiu Ding, Zheng Yan, Robert H. Deng
Research Collection School Of Computing and Information Systems
Cloud computing provides an efficient and convenient platform for cloud users to store, process and control their data. Cloud overcomes the bottlenecks of resource-constrained user devices and greatly releases their storage and computing burdens. However, due to the lack of full trust in cloud service providers, the cloud users generally prefer to outsource their sensitive data in an encrypted form, which, however, seriously complicates data processing, analysis, as well as access control. Homomorphic encryption (HE) as a single key system cannot flexibly control data sharing and access after encrypted data processing. How to realize various computations over encrypted data in …
Lightweight Fine-Grained Search Over Encrypted Data In Fog Computing, Yinbin Miao, Jianfeng Ma, Ximeng Liu, Jian Weng, Hongwei Li, Hui Li
Lightweight Fine-Grained Search Over Encrypted Data In Fog Computing, Yinbin Miao, Jianfeng Ma, Ximeng Liu, Jian Weng, Hongwei Li, Hui Li
Research Collection School Of Computing and Information Systems
Fog computing, as an extension of cloud computing, outsources the encrypted sensitive data to multiple fog nodes on the edge of Internet of Things (IoT) to decrease latency and network congestion. However, the existing ciphertext retrieval schemes rarely focus on the fog computing environment and most of them still impose high computational and storage overhead on resource-limited end users. In this paper, we first present a Lightweight Fine-Grained ciphertexts Search (LFGS) system in fog computing by extending Ciphertext-Policy Attribute-Based Encryption (CP-ABE) and Searchable Encryption (SE) technologies, which can achieve fine-grained access control and keyword search simultaneously. The LFGS can shift …
Attribute-Based Cloud Storage With Secure Provenance Over Encrypted Data, Hui Cui, Robert H. Deng, Yingjiu Li
Attribute-Based Cloud Storage With Secure Provenance Over Encrypted Data, Hui Cui, Robert H. Deng, Yingjiu Li
Research Collection School Of Computing and Information Systems
To securely and conveniently enjoy the benefits of cloud storage, it is desirable to design a cloud data storage system which protects data privacy from storage servers through encryption, allows fine-grained access control such that data providers can expressively specify who are eligible to access the encrypted data, enables dynamic user management such that the total number of data users is unbounded and user revocation can be carried out conveniently, supports data provider anonymity and traceability such that a data provider’s identity is not disclosed to data users in normal circumstances but can be traced by a trusted authority if …
Encrypted Data Processing With Homomorphic Re-Encryption, Wenxiu Ding, Zheng Yan, Robert H. Deng
Encrypted Data Processing With Homomorphic Re-Encryption, Wenxiu Ding, Zheng Yan, Robert H. Deng
Research Collection School Of Computing and Information Systems
Cloud computing offers various services to users by re-arranging storage and computing resources. In order to preserve data privacy, cloud users may choose to upload encrypted data rather than raw data to the cloud. However, processing and analyzing encrypted data are challenging problems, which have received increasing attention in recent years. Homomorphic Encryption (HE) was proposed to support computation on encrypted data and ensure data confidentiality simultaneously. However, a limitation of HE is it is a single user system, which means it only allows the party that owns a homomorphic decryption key to decrypt processed ciphertexts. Original HE cannot support …
Multidimensional Context Awareness In Mobile Devices, Zhuo Wei, Robert H. Deng, Jialie Shen, Jixiang Zhu, Kun Ouyang, Yongdong Wu
Multidimensional Context Awareness In Mobile Devices, Zhuo Wei, Robert H. Deng, Jialie Shen, Jixiang Zhu, Kun Ouyang, Yongdong Wu
Research Collection School Of Computing and Information Systems
With the increase of mobile computation ability and the development of wireless network transmission technology, mobile devices not only are the important tools of personal life (e.g., education and entertainment), but also emerge as indispensable "secretary" of business activities (e.g., email and phone call). However, since mobile devices could work under complex and dynamic local and network conditions, they are vulnerable to local and remote security attacks. In real applications, different kinds of data protection are required by various local contexts. To provide appropriate protection, we propose a multidimensional context (MContext) scheme to comprehensively model and characterize the scene and …
Application Of Risk Metrics For Role Mining, Sharmin Ahmed
Application Of Risk Metrics For Role Mining, Sharmin Ahmed
Electronic Thesis and Dissertation Repository
Incorporating risk consideration in access control systems has recently become a popular research topic. Related to this is risk awareness which is needed to enable access control in an agile and dynamic way. While risk awareness is probably known for an established access control system, being aware of risk even before the access control system is defined can mean identification of users and permissions that are most likely to lead to dangerous or error-prone situations from an administration point of view. Having this information available during the role engineering phase allows data analysts and role engineers to highlight potentially risky …
A Secure And Efficient Discovery Service System In Epcglobal Network, Jie Shi, Yingjiu Li, Robert H. Deng
A Secure And Efficient Discovery Service System In Epcglobal Network, Jie Shi, Yingjiu Li, Robert H. Deng
Research Collection School Of Computing and Information Systems
In recent years, the Internet of Things (IOT) has drawn considerable attention from the industrial and research communities. Due to the vast amount of data generated through IOT devices and users, there is an urgent need for an effective search engine to help us make sense of this massive amount of data. With this motivation, we begin our initial works on developing a secure and efficient search engine (SecDS) based on EPC Discovery Services (EPCDS) for EPCglobal network, an integral part of IOT. SecDS is designed to provide a bridge between different partners of supply chains to share information while …
Networks - Ii: Overhead Analysis Of Security Implementation Using Ipsec, Muhammad Awais Azam, Zaka -Ul- Mustafa, Usman Tahir, S. M. Ahsan, Muhammad Adnan Naseem, Imran Rashid, Muhammad Adeel
Networks - Ii: Overhead Analysis Of Security Implementation Using Ipsec, Muhammad Awais Azam, Zaka -Ul- Mustafa, Usman Tahir, S. M. Ahsan, Muhammad Adnan Naseem, Imran Rashid, Muhammad Adeel
International Conference on Information and Communication Technologies
Authentication, access control, encryption and auditing make up the essential elements of network security. Researchers have dedicated a large amount of efforts to implement security features that fully incorporate the use of all these elements. Currently, data networks mainly provide authentication and confidentiality services. Confidentiality alone is not able to protect the system, thus, suitable security measures must be taken. However, this security is itself an overhead which must be accounted for. A trade-off must exist between performance and security. This trade-off must be carefully managed so as not to deteriorate the systems being secured. This calls for the true …
Verifying Completeness Of Relational Query Results In Data Publishing, Hwee Hwa Pang, Arpit Jain, Krithi Ramamritham, Kian-Lee Tan
Verifying Completeness Of Relational Query Results In Data Publishing, Hwee Hwa Pang, Arpit Jain, Krithi Ramamritham, Kian-Lee Tan
Research Collection School Of Computing and Information Systems
In data publishing, the owner delegates the role of satisfying user queries to a third-party publisher. As the publisher may be untrusted or susceptible to attacks, it could produce incorrect query results. In this paper, we introduce a scheme for users to verify that their query results are complete (i.e., no qualifying tuples are omitted) and authentic (i.e., all the result values originated from the owner). The scheme supports range selection on key and non-key attributes, project as well as join queries on relational databases. Moreover, the proposed scheme complies with access control policies, is computationally secure, and can be …
Steganographic Schemes For File System And B-Tree, Hwee Hwa Pang, Kian-Lee Tan, Xuan Zhou
Steganographic Schemes For File System And B-Tree, Hwee Hwa Pang, Kian-Lee Tan, Xuan Zhou
Research Collection School Of Computing and Information Systems
While user access control and encryption can protect valuable data from passive observers, these techniques leave visible ciphertexts that are likely to alert an active adversary to the existence of the data. We introduce StegFD, a steganographic file driver that securely hides user-selected files in a file system so that, without the corresponding access keys, an attacker would not be able to deduce their existence. Unlike other steganographic schemes proposed previously, our construction satisfies the prerequisites of a practical file system in ensuring the integrity of the files and maintaining efficient space utilization. We also propose two schemes for implementing …
Access To Geographic Scientific And Technical Data In An Academic Setting, Bastiaan Van Loenen
Access To Geographic Scientific And Technical Data In An Academic Setting, Bastiaan Van Loenen
Electronic Theses and Dissertations
Data availability is a key issue affecting society's social well being. Information technology has increased the availability of and improved access to data. The academic community that uses spatial data is one of the groups that has taken advantage of fast and inexpensive opportunities to share data and knowledge in a relatively unfettered fashion across digital networks. However, pressure by the private sector to increase protection for databases through database legislation, self-help measures (contracts, licensing and technological methods for limiting access) and movement by some local governments towards revenue generation from sales of data are decreasing or threatening to decrease …