Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 30 of 39
Full-Text Articles in Physical Sciences and Mathematics
Reks: Role-Based Encrypted Keyword Search With Enhanced Access Control For Outsourced Cloud Data, Yibin Miao, Feng Li, Xiaohua Jia, Huaxiong Wang, Ximeng Liu, Kim-Kwang Raymond Choo, Robert H. Deng
Reks: Role-Based Encrypted Keyword Search With Enhanced Access Control For Outsourced Cloud Data, Yibin Miao, Feng Li, Xiaohua Jia, Huaxiong Wang, Ximeng Liu, Kim-Kwang Raymond Choo, Robert H. Deng
Research Collection School Of Computing and Information Systems
Keyword-based search over encrypted data is an important technique to achieve both data confidentiality and utilization in cloud outsourcing services. While commonly used access control mechanisms, such as identity-based encryption and attribute-based encryption, do not generally scale well for hierarchical access permissions. To solve this problem, we propose a Role-based Encrypted Keyword Search (REKS) scheme by using the role-based access control and broadcast encryption. Specifically, REKS allows owners to deploy hierarchical access control by allowing users with parent roles to have access permissions from child roles. Using REKS, we further facilitate token generation preprocessing and efficient user management, thereby significantly …
Sanitizable Access Control System For Secure Cloud Storage Against Malicious Data Publishers, Willy Susilo, Peng Jiang, Jianchang Lai, Fuchun Guo, Guomin Yang, Robert H. Deng
Sanitizable Access Control System For Secure Cloud Storage Against Malicious Data Publishers, Willy Susilo, Peng Jiang, Jianchang Lai, Fuchun Guo, Guomin Yang, Robert H. Deng
Research Collection School Of Computing and Information Systems
Cloud computing is considered as one of the most prominent paradigms in the information technology industry, since it can significantly reduce the costs of hardware and software resources in computing infrastructure. This convenience has enabled corporations to efficiently use the cloud storage as a mechanism to share data among their employees. At the first sight, by merely storing the shared data as plaintext in the cloud storage and protect them using an appropriate access control would be a nice solution. This is assuming that the cloud is fully trusted for not leaking any information, which is impractical as the cloud …
Lightweight And Expressive Fine-Grained Access Control For Healthcare Internet-Of-Things, Shengmin Xu, Yingjiu Li, Robert H. Deng, Yinghui Zhang, Xiangyang Luo, Ximeng Liu
Lightweight And Expressive Fine-Grained Access Control For Healthcare Internet-Of-Things, Shengmin Xu, Yingjiu Li, Robert H. Deng, Yinghui Zhang, Xiangyang Luo, Ximeng Liu
Research Collection School Of Computing and Information Systems
Healthcare Internet-of-Things (IoT) is an emerging paradigm that enables embedded devices to monitor patients vital signals and allows these data to be aggregated and outsourced to the cloud. The cloud enables authorized users to store and share data to enjoy on-demand services. Nevertheless, it also causes many security concerns because of the untrusted network environment, dishonest cloud service providers and resource-limited devices. To preserve patients' privacy, existing solutions usually apply cryptographic tools to offer access controls. However, fine-grained access control among authorized users is still a challenge, especially for lightweight and resource-limited end-devices. In this paper, we propose a novel …
Attribute-Based Keyword Search Over Hierarchical Data In Cloud Computing, Yinbin Miao, Jianfeng Ma, Ximeng Liu, Xinghua Li, Qi Jiang, Junwei Zhang
Attribute-Based Keyword Search Over Hierarchical Data In Cloud Computing, Yinbin Miao, Jianfeng Ma, Ximeng Liu, Xinghua Li, Qi Jiang, Junwei Zhang
Research Collection School Of Computing and Information Systems
Searchable encryption (SE) has been a promising technology which allows users to perform search queries over encrypted data. However, the most of existing SE schemes cannot deal with the shared records that have hierarchical structures. In this paper, we devise a basic cryptographic primitive called as attribute-based keyword search over hierarchical data (ABKS-HD) scheme by using the ciphertext-policy attribute-based encryption (CP-ABE) technique, but this basic scheme cannot satisfy all the desirable requirements of cloud systems. The facts that the single keyword search will yield many irrelevant search results and the revoked users can access the unauthorized data with the old …
Attribute-Based Encryption For Cloud Computing Access Control: A Survey, Yinghui Zhang, Robert H. Deng, Shengmin Xu, Jianfei Sun, Qi Li, Dong Zheng
Attribute-Based Encryption For Cloud Computing Access Control: A Survey, Yinghui Zhang, Robert H. Deng, Shengmin Xu, Jianfei Sun, Qi Li, Dong Zheng
Research Collection School Of Computing and Information Systems
Attribute-based encryption (ABE) for cloud computing access control is reviewed in this article. A taxonomy and comprehensive assessment criteria of ABE are first proposed. In the taxonomy, ABE schemes are assorted into key-policy ABE (KP-ABE) schemes, ciphertext-policy ABE (CP-ABE) schemes, anti-quantum ABE schemes, and generic constructions. In accordance with cryptographically functional features, CP-ABE is further divided into nine subcategories with regard to basic functionality, revocation, accountability, policy hiding, policy updating, multi-authority, hierarchy, offline computation, and outsourced computation. In addition, a systematical methodology for discussing and comparing existing ABE schemes is proposed. For KP-ABE and each type of CP-ABE, the corresponding …
Lightweight And Privacy-Aware Fine-Grained Access Control For Iot-Oriented Smart Health, Jianfei Sun, Hu Xiong, Ximeng Liu, Yinghui Zhang, Xuyun Nie, Robert H. Deng
Lightweight And Privacy-Aware Fine-Grained Access Control For Iot-Oriented Smart Health, Jianfei Sun, Hu Xiong, Ximeng Liu, Yinghui Zhang, Xuyun Nie, Robert H. Deng
Research Collection School Of Computing and Information Systems
With the booming of Internet of Things (IoT), smart health (s-health) is becoming an emerging and attractive paradigm. It can provide an accurate prediction of various diseases and improve the quality of healthcare. Nevertheless, data security and user privacy concerns still remain issues to be addressed. As a high potential and prospective solution to secure IoT-oriented s-health applications, ciphertext policy attribute-based encryption (CP-ABE) schemes raise challenges, such as heavy overhead and attribute privacy of the end users. To resolve these drawbacks, an optimized vector transformation approach is first proposed to efficiently transform the access policy and user attribute set into …
An Extended Framework Of Privacy-Preserving Computation With Flexible Access Control, Wenxiu Ding, Rui Hu, Zheng Yan, Xinren Qian, Robert H. Deng, Laurence T. Yang, Mianxiong Dong
An Extended Framework Of Privacy-Preserving Computation With Flexible Access Control, Wenxiu Ding, Rui Hu, Zheng Yan, Xinren Qian, Robert H. Deng, Laurence T. Yang, Mianxiong Dong
Research Collection School Of Computing and Information Systems
Cloud computing offers various services based on outsourced data by utilizing its huge volume of resources and great computation capability. However, it also makes users lose full control over their data. To avoid the leakage of user data privacy, encrypted data are preferred to be uploaded and stored in the cloud, which unfortunately complicates data analysis and access control. In particular, few existing works consider the fine-grained access control over the computational results from ciphertexts. Though our previous work proposed a framework to support several basic computations (such as addition, multiplication and comparison) with flexible access control, privacy-preserving division calculations …
A Fully Distributed Hierarchical Attribute-Based Encryption Scheme, Ali Mohammad, Javad Mohajeri, Ximeng Liu, Ximeng Liu
A Fully Distributed Hierarchical Attribute-Based Encryption Scheme, Ali Mohammad, Javad Mohajeri, Ximeng Liu, Ximeng Liu
Research Collection School Of Computing and Information Systems
With the development of cloud computing, many enterprises have been interested in outsourcing their data to cloud servers to decrease IT costs and rise capabilities of provided services. To afford confidentiality and fine-grained data access control, attribute-based encryption (ABE) was proposed and used in several cloud storage systems. However, scalability and flexibility in key delegation and user revocation mechanisms are primary issues in ABE systems. In this paper, we introduce the concept of a fully distributed revocable ciphertext-policy hierarchical ABE (FDR-CP-HABE) and design the first FDR-CP-HABE scheme. Our scheme offers a high level of flexibility and scalability in the key …
Identity-Based Encryption Transformation For Flexible Sharing Of Encrypted Data In Public Cloud, Robert H. Deng, Zheng Qin, Qianhong Wu, Zhenyu Guan, Robert H. Deng, Yujue Wang, Yunya Zhou
Identity-Based Encryption Transformation For Flexible Sharing Of Encrypted Data In Public Cloud, Robert H. Deng, Zheng Qin, Qianhong Wu, Zhenyu Guan, Robert H. Deng, Yujue Wang, Yunya Zhou
Research Collection School Of Computing and Information Systems
With the rapid development of cloud computing, an increasing number of individuals and organizations are sharing data in the public cloud. To protect the privacy of data stored in the cloud, a data owner usually encrypts his data in such a way that certain designated data users can decrypt the data. This raises a serious problem when the encrypted data needs to be shared to more people beyond those initially designated by the data owner. To address this problem, we introduce and formalize an identity-based encryption transformation (IBET) model by seamlessly integrating two well-established encryption mechanisms, namely identity-basedencryption (IBE) and …
Privacy-Preserving Data Processing With Flexible Access Control, Wenxiu Ding, Zheng Yan, Robert H. Deng
Privacy-Preserving Data Processing With Flexible Access Control, Wenxiu Ding, Zheng Yan, Robert H. Deng
Research Collection School Of Computing and Information Systems
Cloud computing provides an efficient and convenient platform for cloud users to store, process and control their data. Cloud overcomes the bottlenecks of resource-constrained user devices and greatly releases their storage and computing burdens. However, due to the lack of full trust in cloud service providers, the cloud users generally prefer to outsource their sensitive data in an encrypted form, which, however, seriously complicates data processing, analysis, as well as access control. Homomorphic encryption (HE) as a single key system cannot flexibly control data sharing and access after encrypted data processing. How to realize various computations over encrypted data in …
Lightweight Sharable And Traceable Secure Mobile Health System, Yang Yang, Ximeng Liu, Robert H. Deng, Yingjiu Li
Lightweight Sharable And Traceable Secure Mobile Health System, Yang Yang, Ximeng Liu, Robert H. Deng, Yingjiu Li
Research Collection School Of Computing and Information Systems
Mobile health (mHealth) has emerged as a new patient centric model which allows real-time collection of patient data via wearable sensors, aggregation and encryption of these data at mobile devices, and then uploading the encrypted data to the cloud for storage and access by healthcare staff and researchers. However, efficient and scalable sharing of encrypted data has been a very challenging problem. In this paper, we propose a Lightweight Sharable and Traceable (LiST) secure mobile health system in which patient data are encrypted end-to-end from a patient’s mobile device to data users. LiST enables efficient keyword search and finegrained access …
Server-Aided Revocable Attribute-Based Encryption For Cloud Computing Services, Hui Cui, Tsz Hon Yuen, Robert H. Deng, Guilin Wang
Server-Aided Revocable Attribute-Based Encryption For Cloud Computing Services, Hui Cui, Tsz Hon Yuen, Robert H. Deng, Guilin Wang
Research Collection School Of Computing and Information Systems
Attribute-based encryption (ABE) has been regarded as a promising solution in cloud computing services to enable scalable access control without compromising the security. Despite of the advantages, efficient user revocation has been a challenge in ABE. One suggestion for user revocation is using the binary tree in the key generation phase of an ABE scheme, which enables a trusted key generation center to periodically distribute the key update information to all nonrevoked users over a public channel. This revocation approach reduces the size of key updates from linear to logarithmic in the number of users. But it requires each user …
Lightweight Fine-Grained Search Over Encrypted Data In Fog Computing, Yinbin Miao, Jianfeng Ma, Ximeng Liu, Jian Weng, Hongwei Li, Hui Li
Lightweight Fine-Grained Search Over Encrypted Data In Fog Computing, Yinbin Miao, Jianfeng Ma, Ximeng Liu, Jian Weng, Hongwei Li, Hui Li
Research Collection School Of Computing and Information Systems
Fog computing, as an extension of cloud computing, outsources the encrypted sensitive data to multiple fog nodes on the edge of Internet of Things (IoT) to decrease latency and network congestion. However, the existing ciphertext retrieval schemes rarely focus on the fog computing environment and most of them still impose high computational and storage overhead on resource-limited end users. In this paper, we first present a Lightweight Fine-Grained ciphertexts Search (LFGS) system in fog computing by extending Ciphertext-Policy Attribute-Based Encryption (CP-ABE) and Searchable Encryption (SE) technologies, which can achieve fine-grained access control and keyword search simultaneously. The LFGS can shift …
Revocable Attribute-Based Encryption With Decryption Key Exposure Resistance And Ciphertext Delegation, Shengmin Xu, Guomin Yang, Yi Mu
Revocable Attribute-Based Encryption With Decryption Key Exposure Resistance And Ciphertext Delegation, Shengmin Xu, Guomin Yang, Yi Mu
Research Collection School Of Computing and Information Systems
Attribute-based encryption (ABE) enables fine-grained access control over encrypted data. A practical and popular approach for handing revocation in ABE is to use the indirect revocation mechanism, in which a key generation centre (KGC) periodically broadcasts key update information for all data users over a public channel. Unfortunately, existing RABE schemes are vulnerable to decryption key exposure attack which has been well studied in the identity-based setting. In this paper, we introduce a new notion for RABE called re-randomizable piecewise key generation by allowing a data user to re-randmomize the combined secret key and the key update to obtain the …
Secure Smart Health With Privacy-Aware Aggregate Authentication And Access Control In Internet Of Things, Yinghui Zhang, Robert H. Deng, Gang Han, Dong Zheng
Secure Smart Health With Privacy-Aware Aggregate Authentication And Access Control In Internet Of Things, Yinghui Zhang, Robert H. Deng, Gang Han, Dong Zheng
Research Collection School Of Computing and Information Systems
With the rapid technological advancements in the Internet of Things (IoT), wireless communication and cloud computing, smart health is expected to enable comprehensive and qualified healthcare services. It is important to ensure security and efficiency in smart health. However, existing smart health systems still have challenging issues, such as aggregate authentication, fine-grained access control and privacy protection. In this paper, we address these issues by introducing SSH, a Secure Smart Health system with privacy-aware aggregate authentication and access control in IoT. In SSH, privacy-aware aggregate authentication is enabled by an anonymous certificateless aggregate signature scheme, in which users' identity information …
Lightweight Break-Glass Access Control System For Healthcare Internet-Of-Things, Yang Yang, Ximeng Liu, Robert H. Deng
Lightweight Break-Glass Access Control System For Healthcare Internet-Of-Things, Yang Yang, Ximeng Liu, Robert H. Deng
Research Collection School Of Computing and Information Systems
Healthcare Internet-of-things (IoT) has been proposed as a promising means to greatly improve the efficiency and quality of patient care. Medical devices in healthcare IoT measure patients' vital signs and aggregate these data into medical files which are uploaded to the cloud for storage and accessed by healthcare workers. To protect patients' privacy, encryption is normally used to enforce access control of medical files by authorized parties while preventing unauthorized access. In healthcare, it is crucial to enable timely access of patient files in emergency situations. In this paper, we propose a lightweight break-glass access control (LiBAC) system that supports …
Security And Privacy In Smart Health: Efficient Policy-Hiding Attribute-Based Access Control, Yinghui Zhang, Dong Zheng, Robert H. Deng
Security And Privacy In Smart Health: Efficient Policy-Hiding Attribute-Based Access Control, Yinghui Zhang, Dong Zheng, Robert H. Deng
Research Collection School Of Computing and Information Systems
With the rapid development of the Internet of Things (IoT) and cloud computing technologies, smart health (s-health) is expected to significantly improve the quality of health care. However, data security and user privacy concerns in s-health have not been adequately addressed. As a well-received solution to realize fine-grained access control, ciphertext-policy attribute-based encryption (CP-ABE) has the potential to ensure data security in s-health. Nevertheless, direct adoption of the traditional CP-ABE in s-health suffers two flaws. For one thing, access policies are in cleartext form and reveal sensitive health-related information in the encrypted s-health records (SHRs). For another, it usually supports …
Sclib: A Practical And Lightweight Defense Against Component Hijacking In Android Applications, Daoyuan Wu, Yao Cheng, Debin Gao, Yingjiu Li, Robert H. Deng
Sclib: A Practical And Lightweight Defense Against Component Hijacking In Android Applications, Daoyuan Wu, Yao Cheng, Debin Gao, Yingjiu Li, Robert H. Deng
Research Collection School Of Computing and Information Systems
Cross-app collaboration via inter-component communication is a fundamental mechanism on Android. Although it brings the benefits such as functionality reuse and data sharing, a threat called component hijacking is also introduced. By hijacking a vulnerable component in victim apps, an attack app can escalate its privilege for operations originally prohibited. Many prior studies have been performed to understand and mitigate this issue, but no defense is being deployed in the wild, largely due to the deployment difficulties and performance concerns. In this paper we present SCLib, a secure component library that performs in-app mandatory access control on behalf of app …
An Efficient And Expressive Ciphertext-Policy Attribute-Based Encryption Scheme With Partially Hidden Access Structures, Revisited, Hui Cui, Robert H. Deng, Junzuo Lai, Xun Yi, Surya Nepal
An Efficient And Expressive Ciphertext-Policy Attribute-Based Encryption Scheme With Partially Hidden Access Structures, Revisited, Hui Cui, Robert H. Deng, Junzuo Lai, Xun Yi, Surya Nepal
Research Collection School Of Computing and Information Systems
Ciphertext-policy attribute-based encryption (CP-ABE) has been regarded as one of the promising solutions to protect data security and privacy in cloud storage services. In a CP-ABE scheme, an access structure is included in the ciphertext, which, however, may leak sensitive information about the underlying plaintext and the privileged recipients in that anyone who sees the ciphertext is able to learn the attributes of the privileged recipients from the associated access structure. In order to address this issue, CP-ABE with partially hidden access structures was introduced where each attribute is divided into an attribute name and an attribute value and the …
An Efficient And Expressive Ciphertext-Policy Attribute-Based Encryption Scheme With Partially Hidden Access Structures, Revisited, Hui Cui, Robert H. Deng, Junzuo Lai, Xun Yi, Surya Nepal
An Efficient And Expressive Ciphertext-Policy Attribute-Based Encryption Scheme With Partially Hidden Access Structures, Revisited, Hui Cui, Robert H. Deng, Junzuo Lai, Xun Yi, Surya Nepal
Research Collection School Of Computing and Information Systems
Ciphertext-policy attribute-based encryption (CP-ABE) has been regarded as one of the promising solutions to protect data security and privacy in cloud storage services. In a CP-ABE scheme, an access structure is included in the ciphertext, which, however, may leak sensitive information about the underlying plaintext and the privileged recipients in that anyone who sees the ciphertext is able to learn the attributes of the privileged recipients from the associated access structure. In order to address this issue, CP-ABE with partially hidden access structures was introduced where each attribute is divided into an attribute name and an attribute value and the …
Attribute-Based Cloud Storage With Secure Provenance Over Encrypted Data, Hui Cui, Robert H. Deng, Yingjiu Li
Attribute-Based Cloud Storage With Secure Provenance Over Encrypted Data, Hui Cui, Robert H. Deng, Yingjiu Li
Research Collection School Of Computing and Information Systems
To securely and conveniently enjoy the benefits of cloud storage, it is desirable to design a cloud data storage system which protects data privacy from storage servers through encryption, allows fine-grained access control such that data providers can expressively specify who are eligible to access the encrypted data, enables dynamic user management such that the total number of data users is unbounded and user revocation can be carried out conveniently, supports data provider anonymity and traceability such that a data provider’s identity is not disclosed to data users in normal circumstances but can be traced by a trusted authority if …
Secure Fine-Grained Access Control And Data Sharing For Dynamic Groups In The Cloud, Shengmin Xu, Guomin Yang, Yi Mu, Robert H. Deng
Secure Fine-Grained Access Control And Data Sharing For Dynamic Groups In The Cloud, Shengmin Xu, Guomin Yang, Yi Mu, Robert H. Deng
Research Collection School Of Computing and Information Systems
Cloud computing is an emerging computing paradigm that enables users to store their data in a cloud server to enjoy scalable and on-demand services. Nevertheless, it also brings many security issues, since cloud service providers (CSPs) are not in the same trusted domain as users. To protect data privacy against untrusted CSPs, existing solutions apply cryptographic methods (e.g., encryption mechanisms) and provide decryption keys only to authorized users. However, sharing cloud data among authorized users at a fine-grained level is still a challenging issue, especially when dealing with dynamic user groups. In this paper, we propose a secure and efficient …
A Lightweight Policy Preserving Ehr Sharing Scheme In The Cloud, Zuobin Ying, Lu Wei, Qi Li, Ximeng Liu, Jie Cui
A Lightweight Policy Preserving Ehr Sharing Scheme In The Cloud, Zuobin Ying, Lu Wei, Qi Li, Ximeng Liu, Jie Cui
Research Collection School Of Computing and Information Systems
Electronic Health Record (EHR) is a digital health documentary. It contains not only the health-related records but also the personal sensitive information. Therefore, how to reliably share EHR through the cloud is a challenging issue. Ciphertext-policy attribute-based encryption (CP-ABE) is a promising cryptography prototype, which can achieve fine-grained access control as well as one-to-many encryption. In CP-ABE, access policy is attached to the ciphertext, and however, the access policy is not protected, which will also cause some privacy leakage. In this paper, we propose a policy preserving EHR system on the basis of CP-ABE. Specifically, we designed an algorithm, which …
Attribute-Based Encryption With Expressive And Authorized Keyword Search, Hui Cui, Robert H. Deng, Joseph K. Liu, Yingjiu Li
Attribute-Based Encryption With Expressive And Authorized Keyword Search, Hui Cui, Robert H. Deng, Joseph K. Liu, Yingjiu Li
Research Collection School Of Computing and Information Systems
To protect data security and privacy in cloud storage systems, a common solution is to outsource data in encrypted forms so that the data will remain secure and private even if storage systems are compromised. The encrypted data, however, must be pliable to search and access control. In this paper, we introduce a notion of attribute-based encryption with expressive and authorized keyword search (ABE-EAKS) to support both expressive keyword search and fine-grained access control over encrypted data in the cloud. In ABE-EAKS, every data user is associated with a set of attributes and is issued a private attribute-key corresponding to …
Encrypted Data Processing With Homomorphic Re-Encryption, Wenxiu Ding, Zheng Yan, Robert H. Deng
Encrypted Data Processing With Homomorphic Re-Encryption, Wenxiu Ding, Zheng Yan, Robert H. Deng
Research Collection School Of Computing and Information Systems
Cloud computing offers various services to users by re-arranging storage and computing resources. In order to preserve data privacy, cloud users may choose to upload encrypted data rather than raw data to the cloud. However, processing and analyzing encrypted data are challenging problems, which have received increasing attention in recent years. Homomorphic Encryption (HE) was proposed to support computation on encrypted data and ensure data confidentiality simultaneously. However, a limitation of HE is it is a single user system, which means it only allows the party that owns a homomorphic decryption key to decrypt processed ciphertexts. Original HE cannot support …
Deduplication On Encrypted Big Data In Cloud, Zheng Yan, Wenxiu Ding, Xixun Yu, Haiqi Zhu, Deng, Robert H.
Deduplication On Encrypted Big Data In Cloud, Zheng Yan, Wenxiu Ding, Xixun Yu, Haiqi Zhu, Deng, Robert H.
Research Collection School Of Computing and Information Systems
Cloud computing offers a new way of service provision by re-arranging various resources over the Internet. The most important and popular cloud service is data storage. In order to preserve the privacy of data holders, data are often stored in cloud in an encrypted form. However, encrypted data introduce new challenges for cloud data deduplication, which becomes crucial for big data storage and processing in cloud. Traditional deduplication schemes cannot work on encrypted data. Existing solutions of encrypted data deduplication suffer from security weakness. They cannot flexibly support data access control and revocation. Therefore, few of them can be readily …
Multidimensional Context Awareness In Mobile Devices, Zhuo Wei, Robert H. Deng, Jialie Shen, Jixiang Zhu, Kun Ouyang, Yongdong Wu
Multidimensional Context Awareness In Mobile Devices, Zhuo Wei, Robert H. Deng, Jialie Shen, Jixiang Zhu, Kun Ouyang, Yongdong Wu
Research Collection School Of Computing and Information Systems
With the increase of mobile computation ability and the development of wireless network transmission technology, mobile devices not only are the important tools of personal life (e.g., education and entertainment), but also emerge as indispensable "secretary" of business activities (e.g., email and phone call). However, since mobile devices could work under complex and dynamic local and network conditions, they are vulnerable to local and remote security attacks. In real applications, different kinds of data protection are required by various local contexts. To provide appropriate protection, we propose a multidimensional context (MContext) scheme to comprehensively model and characterize the scene and …
Permission Based Android Security: Issues And Countermeasures, Zheran Fang, Weili Han, Yingjiu Li
Permission Based Android Security: Issues And Countermeasures, Zheran Fang, Weili Han, Yingjiu Li
Research Collection School Of Computing and Information Systems
Android security has been a hot spot recently in both academic research and public concerns due to numerous instances of security attacks and privacy leakage on Android platform. Android security has been built upon a permission based mechanism which restricts accesses of third-party Android applications to critical resources on an Android device. Such permission based mechanism is widely criticized for its coarse-grained control of application permissions and difficult management of permissions by developers, marketers, and end-users. In this paper, we investigate the arising issues in Android security, including coarse granularity of permissions, incompetent permission administration, insufficient permission documentation, over-claim of …
Attribute-Based Access To Scalable Media In Cloud-Assisted Content Sharing, Yongdong Wu, Zhuo Wei, Robert H. Deng
Attribute-Based Access To Scalable Media In Cloud-Assisted Content Sharing, Yongdong Wu, Zhuo Wei, Robert H. Deng
Research Collection School Of Computing and Information Systems
This paper presents a novel Multi-message Ciphertext Policy Attribute-Based Encryption (MCP-ABE) technique, and employs the MCP-ABE to design an access control scheme for sharing scalable media based on data consumers’ attributes (e.g., age, nationality, gender) rather than an explicit list of the consumers’ names. The scheme is efficient and flexible because MCP-ABE allows a content provider to specify an access policy and encrypt multiple messages within one ciphertext such that only the users whose attributes satisfy the access policy can decrypt the ciphertext. Moreover, the paper shows how to support resource-limited mobile devices by offloading computational intensive perations to cloud …
Enforcing Secure And Privacy-Preserving Information Brokering In Distributed Information Sharing, Fengjun Li, Bo Luo, Peng Liu, Dongwon Lee, Chao-Hsien Chu
Enforcing Secure And Privacy-Preserving Information Brokering In Distributed Information Sharing, Fengjun Li, Bo Luo, Peng Liu, Dongwon Lee, Chao-Hsien Chu
Research Collection School Of Computing and Information Systems
Today’s organizations raise an increasing need for information sharing via on-demand access. Information brokering systems (IBSs) have been proposed to connect large-scale loosely federated data sources via a brokering overlay, in which the brokers make routing decisions to direct client queries to the requested data servers. Many existing IBSs assume that brokers are trusted and thus only adopt server-side access control for data confidentiality. However, privacy of data location and data consumer can still be inferred from metadata (such as query and access control rules) exchanged within the IBS, but little attention has been put on its protection. In this …