A Secure and Verifiable Access Control Scheme for Big Data Storage in Clouds
TLDR
A secure and verifiable access control scheme based on the NTRU cryptosystem for big data storage in clouds that enables the data owner and eligible users to effectively verify the legitimacy of a user for accessing the data, and a user to validate the information provided by other users for correct plaintext recovery.Abstract:
Due to the complexity and volume, outsourcing ciphertexts to a cloud is deemed to be one of the most effective approaches for big data storage and access. Nevertheless, verifying the access legitimacy of a user and securely updating a ciphertext in the cloud based on a new access policy designated by the data owner are two critical challenges to make cloud-based big data storage practical and effective. Traditional approaches either completely ignore the issue of access policy update or delegate the update to a third party authority; but in practice, access policy update is important for enhancing security and dealing with the dynamism caused by user join and leave activities. In this paper, we propose a secure and verifiable access control scheme based on the NTRU cryptosystem for big data storage in clouds. We first propose a new NTRU decryption algorithm to overcome the decryption failures of the original NTRU, and then detail our scheme and analyze its correctness, security strengths, and computational efficiency. Our scheme allows the cloud server to efficiently update the ciphertext when a new access policy is specified by the data owner, who is also able to validate the update to counter against cheating behaviors of the cloud. It also enables (i) the data owner and eligible users to effectively verify the legitimacy of a user for accessing the data, and (ii) a user to validate the information provided by other users for correct plaintext recovery. Rigorous analysis indicates that our scheme can prevent eligible users from cheating and resist various attacks such as the collusion attack.read more
Citations
More filters
Journal ArticleDOI
A Privacy Preserving Communication Protocol for IoT Applications in Smart Homes
TL;DR: In this paper, an improved energy-efficient, secure, and privacy-preserving communication protocol for the SHSs is proposed and message authentication codes are incorporated to guarantee data integrity and authenticity.
Journal ArticleDOI
Resource Allocation Strategy in Fog Computing Based on Priced Timed Petri Nets
TL;DR: This paper proposes a resource allocation strategy for fog computing based on priced timed Petri nets (PTPNs), by which the user can choose the satisfying resources autonomously from a group of preallocated resources.
Journal ArticleDOI
An energy-aware computation offloading method for smart edge computing in wireless metropolitan area networks
TL;DR: An Energy-Aware Computation Offloading method, named EACO, is designed to reduce the energy consumption of edge computing nodes by adopting Non-dominated Sorting Genetic Algorithm II (NSGA-II) and exploiting Multiple Criteria Decision Marking and Simple Additive Weighting to select the optimal offloading solution.
Journal ArticleDOI
Time-aware distributed service recommendation with privacy-preservation
TL;DR: The traditional LSH technique is extended to incorporate the time factor and a novel time-aware and privacy-preserving service recommendation approach based on LSH is proposed that achieves a good tradeoff between recommendation accuracy and efficiency while guaranteeing privacy- Preservation.
Proceedings ArticleDOI
A Privacy Preserving Communication Protocol for IoT Applications in Smart Homes
TL;DR: This paper analyzes the differences of security and privacy issues that lie in the smart home systems, smart grid, and wireless sensor networks and proposes their own solutions that achieves privacy preservation during the communications between end sensors and appliances and the controller.
References
More filters
Journal ArticleDOI
How to share a secret
TL;DR: This technique enables the construction of robust key management schemes for cryptographic systems that can function securely and reliably even when misfortunes destroy half the pieces and security breaches expose all but one of the remaining pieces.
Journal ArticleDOI
A Map of Human Genome Variation From Population-Scale Sequencing
Gonçalo R. Abecasis,David Altshuler,David Altshuler,Adam Auton,Lisa D Brooks,Richard Durbin,Richard A. Gibbs,Matthew E. Hurles,Gil McVean +8 more
TL;DR: The 1000 Genomes Project aims to provide a deep characterization of human genome sequence variation as a foundation for investigating the relationship between genotype and phenotype as mentioned in this paper, and the results of the pilot phase of the project, designed to develop and compare different strategies for genomewide sequencing with high-throughput platforms.
Book ChapterDOI
Identity-based cryptosystems and signature schemes
TL;DR: In this article, the authors introduce a novel type of cryptographic scheme, which enables any pair of users to communicate securely and to verify each other's signatures without exchanging private or public keys, without keeping key directories, and without using the services of a third party.
Proceedings ArticleDOI
Ciphertext-Policy Attribute-Based Encryption
TL;DR: A system for realizing complex access control on encrypted data that is conceptually closer to traditional access control methods such as role-based access control (RBAC) and secure against collusion attacks is presented.
Proceedings ArticleDOI
Attribute-based encryption for fine-grained access control of encrypted data
TL;DR: This work develops a new cryptosystem for fine-grained sharing of encrypted data that is compatible with Hierarchical Identity-Based Encryption (HIBE), and demonstrates the applicability of the construction to sharing of audit-log information and broadcast encryption.