Yao Zheng

Bio: Yao Zheng is an academic researcher from Virginia Tech. The author has contributed to research in topics: Information privacy & Communication channel. The author has an hindex of 10, co-authored 23 publications receiving 1598 citations. Previous affiliations of Yao Zheng include University of Arizona & University of Hawaii.

Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption

Abstract: Personal health record (PHR) is an emerging patient-centric model of health information exchange, which is often outsourced to be stored at a third party, such as cloud providers. However, there have been wide privacy concerns as personal health information could be exposed to those third party servers and to unauthorized parties. To assure the patients' control over access to their own PHRs, it is a promising method to encrypt the PHRs before outsourcing. Yet, issues such as risks of privacy exposure, scalability in key management, flexible access, and efficient user revocation, have remained the most important challenges toward achieving fine-grained, cryptographically enforced data access control. In this paper, we propose a novel patient-centric framework and a suite of mechanisms for data access control to PHRs stored in semitrusted servers. To achieve fine-grained and scalable data access control for PHRs, we leverage attribute-based encryption (ABE) techniques to encrypt each patient's PHR file. Different from previous works in secure data outsourcing, we focus on the multiple data owner scenario, and divide the users in the PHR system into multiple security domains that greatly reduces the key management complexity for owners and users. A high degree of patient privacy is guaranteed simultaneously by exploiting multiauthority ABE. Our scheme also enables dynamic modification of access policies or file attributes, supports efficient on-demand user/attribute revocation and break-glass access under emergency scenarios. Extensive analytical and experimental results are presented which show the security, scalability, and efficiency of our proposed scheme.

DDoS Attack Protection in the Era of Cloud Computing and Software-Defined Networking

Abstract: Cloud computing has become the real trend of enterprise IT service model that offers cost-effective and scalable processing. Meanwhile, Software-Defined Networking (SDN) is gaining popularity in enterprise networks for flexibility in network management service and reduced operational cost. There seems a trend for the two technologies to go hand-in-hand in providing an enterprise's IT services. However, the new challenges brought by the marriage of cloud computing and SDN, particularly the implications on enterprise network security, have not been well understood. This paper sets to address this important problem. We start by examining the security impact, in particular, the impact on DDoS attack defense mechanisms, in an enterprise network where both technologies are adopted. We find that SDN technology can actually help enterprises to defend against DDoS attacks if the defense architecture is designed properly. To that end, we propose a DDoS attack mitigation architecture that integrates a highly programmable network monitoring to enable attack detection and a flexible control structure to allow fast and specific attack reaction. The simulation results show that our architecture can effectively and efficiently address the security challenges brought by the new network paradigm.

A Feedback Control-Based Crowd Dynamics Management in IoT System

Abstract: The development of technologies related to the Internet of Things (IoT) provides a new perspective on applications pertaining to smart cities. Smart city applications focus on resolving issues facing people in everyday life, and have attracted a considerable amount of research interest. The typical issue encountered in such places of daily use, such as stations, shopping malls, and stadiums is crowd dynamics management. Therefore, we focus on crowd dynamics management to resolve the problem of congestion using IoT technologies. Real-time crowd dynamics management can be achieved by gathering information relating to congestion and propose less crowded places. Although many crowd dynamics management applications have been proposed in various scenarios and many models have been devised to this end, a general model for evaluating the control effectiveness of crowd dynamics management has not yet been developed in IoT research. Therefore, in this paper, we propose a model to evaluate the performance of crowd dynamics management applications. In other words, the objective of this paper is to present the proof-of-concept of control effectiveness of crowd dynamics management. Our model uses feedback control theory, and enables an integrated evaluation of the control effectiveness of crowd dynamics management methods under various scenarios. We also provide extensive numerical results to verify the effectiveness of the model.

SHARP: Private Proximity Test and Secure Handshake with Cheat-Proof Location Tags

Abstract: A location proximity test service allows mobile users to determine whether they are in close proximity to each other, and has found numerous applications in mobile social networks. Unfortunately, existing solutions usually reveal much of users’ private location information during proximity test. They are also vulnerable to location cheating where an attacker reports false locations to gain advantage. Moreover, the initial trust establishment among unfamiliar users in large scale mobile social networks has been a challenging task. In this paper, we propose a novel scheme that enables a user to perform (1) privacy-preserving proximity test without revealing her actual location to the server or other users not within the proximity, and (2) secure handshake that establishes secure communications among stranger users within the proximity who do not have pre-shared secret. The proposed scheme is based on a novel concept, i.e. location tags, and we put forward a location tag construction method using environmental signals that provides location unforgeability. Bloom filters are used to represent the location tags efficiently and a fuzzy extractor is exploited to extract shared secrets between matching location tags. Our solution also allows users to tune their desired location privacy level and range of proximity. We conduct extensive analysis and real experiments to demonstrate the feasibility, security, and efficiency of our scheme.

Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption

Abstract: Personal health record (PHR) is an emerging patient-centric model of health information exchange, which is often outsourced to be stored at a third party, such as cloud providers. However, there have been wide privacy concerns as personal health information could be exposed to those third party servers and to unauthorized parties. To assure the patients' control over access to their own PHRs, it is a promising method to encrypt the PHRs before outsourcing. Yet, issues such as risks of privacy exposure, scalability in key management, flexible access, and efficient user revocation, have remained the most important challenges toward achieving fine-grained, cryptographically enforced data access control. In this paper, we propose a novel patient-centric framework and a suite of mechanisms for data access control to PHRs stored in semitrusted servers. To achieve fine-grained and scalable data access control for PHRs, we leverage attribute-based encryption (ABE) techniques to encrypt each patient's PHR file. Different from previous works in secure data outsourcing, we focus on the multiple data owner scenario, and divide the users in the PHR system into multiple security domains that greatly reduces the key management complexity for owners and users. A high degree of patient privacy is guaranteed simultaneously by exploiting multiauthority ABE. Our scheme also enables dynamic modification of access policies or file attributes, supports efficient on-demand user/attribute revocation and break-glass access under emergency scenarios. Extensive analytical and experimental results are presented which show the security, scalability, and efficiency of our proposed scheme.

Heart Disease: A Textbook of Cardiovascular Medicine

Abstract: This third edition of what has now become a well-established textbook in cardiovascular medicine is again edited by Dr Eugene Braunwald with the assistance of 65 other authors who read like a Who's Who of American Cardiology. Since the second edition, 12 new chapters have been added or substituted and others have been significantly revised. The first volume includes Part I on "Examination of the Patient" and Part II on "Normal and Abnormal Circulatory Function." The second volume deals with specific diseases. Part III, "Diseases of the Heart, Pericardium and Vascular System," includes new sections on "Risk Factors for Coronary Artery Disease," "The Pathogenesis of Atherosclerosis," and "Interventional Catheterization Techniques." Part IV, "Broader Perspectives on Heart Disease and Cardiologic Practice," includes new chapters on "Genetics and Cardiovascular Disease," "Aging in Cardiac Disease," and "Cost Effective Strategies in Cardiology." The last 200 pages of the book (Part V) are devoted to

Health Monitoring and Management Using Internet-of-Things (IoT) Sensing with Cloud-Based Processing: Opportunities and Challenges

Abstract: Among the panoply of applications enabled by the Internet of Things (IoT), smart and connected health care is a particularly important one. Networked sensors, either worn on the body or embedded in our living environments, make possible the gathering of rich information indicative of our physical and mental health. Captured on a continual basis, aggregated, and effectively mined, such information can bring about a positive transformative change in the health care landscape. In particular, the availability of data at hitherto unimagined scales and temporal longitudes coupled with a new generation of intelligent processing algorithms can: (a) facilitate an evolution in the practice of medicine, from the current post facto diagnose-and-treat reactive paradigm, to a proactive framework for prognosis of diseases at an incipient stage, coupled with prevention, cure, and overall management of health instead of disease, (b) enable personalization of treatment and management options targeted particularly to the specific circumstances and needs of the individual, and (c) help reduce the cost of health care while simultaneously improving outcomes. In this paper, we highlight the opportunities and challenges for IoT in realizing this vision of the future of health care.

Blockchain: A Panacea for Healthcare Cloud-Based Data Security and Privacy?

Abstract: One particular trend observed in healthcare is the progressive shift of data and services to the cloud, partly due to convenience (e.g. availability of complete patient medical history in real-time) and savings (e.g. economics of healthcare data management). There are, however, limitations to using conventional cryptographic primitives and access control models to address security and privacy concerns in an increasingly cloud-based environment. In this paper, we study the potential to use the Blockchain technology to protect healthcare data hosted within the cloud. We also describe the practical challenges of such a proposition and further research that is required.

The Health Insurance Portability and Accountability Act.

Abstract: The Health Insurance Portability and Accountability Act, also known as HIPAA, was first delivered to congress in 1996 and consisted of just two Titles. It was designed to protect health insurance coverage for workers and their families while between jobs. It establishes standards for electronic health care transactions and addresses the issues of privacy and security when dealing with Protected Health Information (PHI). HIPAA is applicable only in the United States of America.