Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 9 of 9
Full-Text Articles in Physical Sciences and Mathematics
Attribute-Based Keyword Search Over Hierarchical Data In Cloud Computing, Yinbin Miao, Jianfeng Ma, Ximeng Liu, Xinghua Li, Qi Jiang, Junwei Zhang
Attribute-Based Keyword Search Over Hierarchical Data In Cloud Computing, Yinbin Miao, Jianfeng Ma, Ximeng Liu, Xinghua Li, Qi Jiang, Junwei Zhang
Research Collection School Of Computing and Information Systems
Searchable encryption (SE) has been a promising technology which allows users to perform search queries over encrypted data. However, the most of existing SE schemes cannot deal with the shared records that have hierarchical structures. In this paper, we devise a basic cryptographic primitive called as attribute-based keyword search over hierarchical data (ABKS-HD) scheme by using the ciphertext-policy attribute-based encryption (CP-ABE) technique, but this basic scheme cannot satisfy all the desirable requirements of cloud systems. The facts that the single keyword search will yield many irrelevant search results and the revoked users can access the unauthorized data with the old …
Attribute-Based Encryption For Cloud Computing Access Control: A Survey, Yinghui Zhang, Robert H. Deng, Shengmin Xu, Jianfei Sun, Qi Li, Dong Zheng
Attribute-Based Encryption For Cloud Computing Access Control: A Survey, Yinghui Zhang, Robert H. Deng, Shengmin Xu, Jianfei Sun, Qi Li, Dong Zheng
Research Collection School Of Computing and Information Systems
Attribute-based encryption (ABE) for cloud computing access control is reviewed in this article. A taxonomy and comprehensive assessment criteria of ABE are first proposed. In the taxonomy, ABE schemes are assorted into key-policy ABE (KP-ABE) schemes, ciphertext-policy ABE (CP-ABE) schemes, anti-quantum ABE schemes, and generic constructions. In accordance with cryptographically functional features, CP-ABE is further divided into nine subcategories with regard to basic functionality, revocation, accountability, policy hiding, policy updating, multi-authority, hierarchy, offline computation, and outsourced computation. In addition, a systematical methodology for discussing and comparing existing ABE schemes is proposed. For KP-ABE and each type of CP-ABE, the corresponding …
Lightweight And Privacy-Aware Fine-Grained Access Control For Iot-Oriented Smart Health, Jianfei Sun, Hu Xiong, Ximeng Liu, Yinghui Zhang, Xuyun Nie, Robert H. Deng
Lightweight And Privacy-Aware Fine-Grained Access Control For Iot-Oriented Smart Health, Jianfei Sun, Hu Xiong, Ximeng Liu, Yinghui Zhang, Xuyun Nie, Robert H. Deng
Research Collection School Of Computing and Information Systems
With the booming of Internet of Things (IoT), smart health (s-health) is becoming an emerging and attractive paradigm. It can provide an accurate prediction of various diseases and improve the quality of healthcare. Nevertheless, data security and user privacy concerns still remain issues to be addressed. As a high potential and prospective solution to secure IoT-oriented s-health applications, ciphertext policy attribute-based encryption (CP-ABE) schemes raise challenges, such as heavy overhead and attribute privacy of the end users. To resolve these drawbacks, an optimized vector transformation approach is first proposed to efficiently transform the access policy and user attribute set into …
An Extended Framework Of Privacy-Preserving Computation With Flexible Access Control, Wenxiu Ding, Rui Hu, Zheng Yan, Xinren Qian, Robert H. Deng, Laurence T. Yang, Mianxiong Dong
An Extended Framework Of Privacy-Preserving Computation With Flexible Access Control, Wenxiu Ding, Rui Hu, Zheng Yan, Xinren Qian, Robert H. Deng, Laurence T. Yang, Mianxiong Dong
Research Collection School Of Computing and Information Systems
Cloud computing offers various services based on outsourced data by utilizing its huge volume of resources and great computation capability. However, it also makes users lose full control over their data. To avoid the leakage of user data privacy, encrypted data are preferred to be uploaded and stored in the cloud, which unfortunately complicates data analysis and access control. In particular, few existing works consider the fine-grained access control over the computational results from ciphertexts. Though our previous work proposed a framework to support several basic computations (such as addition, multiplication and comparison) with flexible access control, privacy-preserving division calculations …
A Fully Distributed Hierarchical Attribute-Based Encryption Scheme, Ali Mohammad, Javad Mohajeri, Ximeng Liu, Ximeng Liu
A Fully Distributed Hierarchical Attribute-Based Encryption Scheme, Ali Mohammad, Javad Mohajeri, Ximeng Liu, Ximeng Liu
Research Collection School Of Computing and Information Systems
With the development of cloud computing, many enterprises have been interested in outsourcing their data to cloud servers to decrease IT costs and rise capabilities of provided services. To afford confidentiality and fine-grained data access control, attribute-based encryption (ABE) was proposed and used in several cloud storage systems. However, scalability and flexibility in key delegation and user revocation mechanisms are primary issues in ABE systems. In this paper, we introduce the concept of a fully distributed revocable ciphertext-policy hierarchical ABE (FDR-CP-HABE) and design the first FDR-CP-HABE scheme. Our scheme offers a high level of flexibility and scalability in the key …
Identity-Based Encryption Transformation For Flexible Sharing Of Encrypted Data In Public Cloud, Robert H. Deng, Zheng Qin, Qianhong Wu, Zhenyu Guan, Robert H. Deng, Yujue Wang, Yunya Zhou
Identity-Based Encryption Transformation For Flexible Sharing Of Encrypted Data In Public Cloud, Robert H. Deng, Zheng Qin, Qianhong Wu, Zhenyu Guan, Robert H. Deng, Yujue Wang, Yunya Zhou
Research Collection School Of Computing and Information Systems
With the rapid development of cloud computing, an increasing number of individuals and organizations are sharing data in the public cloud. To protect the privacy of data stored in the cloud, a data owner usually encrypts his data in such a way that certain designated data users can decrypt the data. This raises a serious problem when the encrypted data needs to be shared to more people beyond those initially designated by the data owner. To address this problem, we introduce and formalize an identity-based encryption transformation (IBET) model by seamlessly integrating two well-established encryption mechanisms, namely identity-basedencryption (IBE) and …
Privacy-Preserving Data Processing With Flexible Access Control, Wenxiu Ding, Zheng Yan, Robert H. Deng
Privacy-Preserving Data Processing With Flexible Access Control, Wenxiu Ding, Zheng Yan, Robert H. Deng
Research Collection School Of Computing and Information Systems
Cloud computing provides an efficient and convenient platform for cloud users to store, process and control their data. Cloud overcomes the bottlenecks of resource-constrained user devices and greatly releases their storage and computing burdens. However, due to the lack of full trust in cloud service providers, the cloud users generally prefer to outsource their sensitive data in an encrypted form, which, however, seriously complicates data processing, analysis, as well as access control. Homomorphic encryption (HE) as a single key system cannot flexibly control data sharing and access after encrypted data processing. How to realize various computations over encrypted data in …
Server-Aided Revocable Attribute-Based Encryption For Cloud Computing Services, Hui Cui, Tsz Hon Yuen, Robert H. Deng, Guilin Wang
Server-Aided Revocable Attribute-Based Encryption For Cloud Computing Services, Hui Cui, Tsz Hon Yuen, Robert H. Deng, Guilin Wang
Research Collection School Of Computing and Information Systems
Attribute-based encryption (ABE) has been regarded as a promising solution in cloud computing services to enable scalable access control without compromising the security. Despite of the advantages, efficient user revocation has been a challenge in ABE. One suggestion for user revocation is using the binary tree in the key generation phase of an ABE scheme, which enables a trusted key generation center to periodically distribute the key update information to all nonrevoked users over a public channel. This revocation approach reduces the size of key updates from linear to logarithmic in the number of users. But it requires each user …
Lightweight Sharable And Traceable Secure Mobile Health System, Yang Yang, Ximeng Liu, Robert H. Deng, Yingjiu Li
Lightweight Sharable And Traceable Secure Mobile Health System, Yang Yang, Ximeng Liu, Robert H. Deng, Yingjiu Li
Research Collection School Of Computing and Information Systems
Mobile health (mHealth) has emerged as a new patient centric model which allows real-time collection of patient data via wearable sensors, aggregation and encryption of these data at mobile devices, and then uploading the encrypted data to the cloud for storage and access by healthcare staff and researchers. However, efficient and scalable sharing of encrypted data has been a very challenging problem. In this paper, we propose a Lightweight Sharable and Traceable (LiST) secure mobile health system in which patient data are encrypted end-to-end from a patient’s mobile device to data users. LiST enables efficient keyword search and finegrained access …