Showing papers on "Data access published in 2021"

A Blockchain-based auditable access control system for private data in service-centric IoT environments

Abstract: Internet of Things (IoT) devices are widely considered in smart cities, intelligent medicine, and intelligent transportation, among other fields that facilitate people's lives, producing a large amount of private data. However, due to the mobility, limited performance, and distributed deployment of IoT, traditional access control methods cannot support the security of private data's access control process in current IoT environments. To address such problems, this article proposes an auditable access control model, based on an attribute-based access control model, and manages the access control policy for private data through the request record, the response record, and the access record stored in the blockchain network. Additionally, a Blockchain-based auditable access control system is also proposed based on the auditable access control model, ensuring private data security in IoT environments and realizing effective management and auditable access to these data. Experimental results show that the proposed system can maintain high throughput while ensuring private data security for real application scenarios in IoT environments.

Cross-Node Federated Graph Neural Network for Spatio-Temporal Data Modeling

Abstract: Vast amount of data generated from networks of sensors, wearables, and the Internet of Things (IoT) devices underscores the need for advanced modeling techniques that leverage the spatio-temporal structure of decentralized data due to the need for edge computation and licensing (data access) issues. While federated learning (FL) has emerged as a framework for model training without requiring direct data sharing and exchange, effectively modeling the complex spatio-temporal dependencies to improve forecasting capabilities still remains an open problem. On the other hand, state-of-the-art spatio-temporal forecasting models assume unfettered access to the data, neglecting constraints on data sharing. To bridge this gap, we propose a federated spatio-temporal model -- Cross-Node Federated Graph Neural Network (CNFGNN) -- which explicitly encodes the underlying graph structure using graph neural network (GNN)-based architecture under the constraint of cross-node federated learning, which requires that data in a network of nodes is generated locally on each node and remains decentralized. CNFGNN operates by disentangling the temporal dynamics modeling on devices and spatial dynamics on the server, utilizing alternating optimization to reduce the communication cost, facilitating computations on the edge devices. Experiments on the traffic flow forecasting task show that CNFGNN achieves the best forecasting performance in both transductive and inductive learning settings with no extra computation cost on edge devices, while incurring modest communication cost.

CryptCloud $^+$ + : Secure and Expressive Data Access Control for Cloud Storage

Abstract: Secure cloud storage, which is an emerging cloud service, is designed to protect the confidentiality of outsourced data but also to provide flexible data access for cloud users whose data is out of physical control. Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is regarded as one of the most promising techniques that may be leveraged to secure the guarantee of the service. However, the use of CP-ABE may yield an inevitable security breach which is known as the misuse of access credential (i.e., decryption rights), due to the intrinsic “all-or-nothing” decryption feature of CP-ABE. In this paper, we investigate the two main cases of access credential misuse: one is on the semi-trusted authority side, and the other is on the side of cloud user. To mitigate the misuse, we propose the first accountable authority and revocable CP-ABE based cloud storage system with white-box traceability and auditing, referred to as CryptCloud $^+$ + . We also present the security analysis and further demonstrate the utility of our system via experiments.

Faa$T: A Transparent Auto-Scaling Cache for Serverless Applications

Abstract: Function-as-a-Service (FaaS) has become an increasingly popular way for users to deploy their applications without the burden of managing the underlying infrastructure. However, existing FaaS platforms rely on remote storage to maintain state, limiting the set of applications that can be run efficiently. Recent caching work for FaaS platforms has tried to address this problem, but has fallen short: it disregards the widely different characteristics of FaaS applications, does not scale the cache based on data access patterns, or requires changes to applications. To address these limitations, we present Faa$T, a transparent auto-scaling distributed cache for serverless applications. Each application gets its own cache. After a function executes and the application becomes inactive, the cache is unloaded from memory with the application. Upon reloading for the next invocation, Faa$T pre-warms the cache with objects likely to be accessed. In addition to traditional compute-based scaling, Faa$T scales based on working set and object sizes to manage cache space and I/O bandwidth. We motivate our design with a comprehensive study of data access patterns on Azure Functions. We implement Faa$T for Azure Functions, and show that Faa$T can improve performance by up to 92% (57% on average) for challenging applications, and reduce cost for most users compared to state-of-the-art caching systems, i.e. the cost of having to stand up additional serverful resources.

Artificial Intelligence for Wireless Caching: Schemes, Performance, and Challenges

Abstract: Wireless data traffic is growing unprecedentedly and it may impede network performance by consuming an ever-greater amount of bandwidth. With the advancement in technology there exist profound techniques having potentials to improve performance of wireless networks. Artificial Intelligence (AI) is one such evolving technology that enables systems to take intelligent decisions. AI can be incorporated in wireless networks for performing an optimal data caching based on accurate predictions of users’ data requests and data popularity profile. AI-based data caching is a promising candidate to effectively harness the issues of rising backhaul data traffic of future wireless networks such as duplicate data transmission and data access delay. In this paper, we provide a systematic survey of state-of-the-art intelligent data caching approaches based on learning mechanism to optimize data caching. First we give an overview of traditional caching approaches and their limitations. Then, after rendering brief introduction of several AI techniques, we introduce state-of-the-art learning approaches in cache-enabled wireless networks. We unfold significant research efforts utilizing AI for efficient data placement for optimizing network performance in terms of cache hit rate, throughput, and offloading etc. Finally, we highlight existing challenges and research directions of AI-based data caching.

A Privacy-Preserving and Untraceable Group Data Sharing Scheme in Cloud Computing

Abstract: With the development of cloud computing, the great amount of storage data requires safe and efficient data sharing. In multiparty storage data sharing, first, the confidentiality of shared data is ensured to achieve data privacy preservation. Second, the security of stored data is ensured. That is, when stored shared data are subject to frequent access operations, the server's address sequence or access mode is hidden. Therefore, determining how to ensure the untraceability of stored data or efficient hide the data access mode in sharing stored data is a challenge. By leveraging proxy re-encryption and oblivious random access memory (ORAM), a privacy-preserving and untraceable scheme is proposed to support multiple users in sharing data in cloud computing. On the one hand, group members and proxies use the key exchange phase to obtain keys and resist multiparty collusion if necessary. The ciphertext obtained according to the proxy re-encryption phase enables group members to implement access control and store data, thereby completing secure data sharing. On the other hand, this paper realizes data untraceability and a hidden data access mode through a one-way circular linked table in a binary tree (OLTB) and obfuscation operation.

A robust and lightweight secure access scheme for cloud based E-healthcare services.

Abstract: Traditional healthcare services have transitioned into modern healthcare services where doctors remotely diagnose the patients. Cloud computing plays a significant role in this change by providing easy access to patients’ medical records to all stakeholders, such as doctors, nurses, patients, life insurance agents, etc. Cloud services are scalable, cost-effective, and offer a broad range of mobile access to patients’ electronic health record (EHR). Despite the cloud’s enormous benefits like real-time data access, patients’ EHR security and privacy are major concerns. Since the information about patients’ health is highly sensitive and crucial, sharing it over the unsecured wireless medium brings many security challenges such as eavesdropping, modifications, etc. Considering the security needs of remote healthcare, this paper proposes a robust and lightweight, secure access scheme for cloud-based E-healthcare services. The proposed scheme addresses the potential threats to E-healthcare by providing a secure interface to stakeholders and prohibiting unauthorized users from accessing information stored in the cloud. The scheme makes use of multiple keys formed through the key derivation function (KDF) to ensure end-to-end ciphering of information for preventing misuse. The rights to access the cloud services are provided based on the identity and the association between stakeholders, thus ensuring privacy. Due to its simplicity and robustness, the proposed scheme is the best fit for protecting data security and privacy in cloud-based E-healthcare services.

Blockchain-empowered cloud architecture based on secret sharing for smart city

Abstract: Recent advances in information technology go beyond the simple convenience offered to individuals, leading to smart city technology that provides urban facilities and better quality of life. Smart City is a heterogeneous system consisting of a large IoT-based network, offering various applications for citizens by collecting and analyzing real-time information. As intelligent, efficient digital systems, smart cities manage data by digitalizing all information. Despite the potential benefits of smart cities for citizen convenience, this digital information service can give rise to security and privacy issues. In particular, the challenge of relying on the Cloud Service Provider (CSP) is that it is difficult for individuals to manage large amounts of data in smart city environments. In this paper, we study blockchain and Secret Sharing to address personal information protection issues in external cloud services and improve data integrity and security by designing a distributed system. CSPs are connected in a blockchain to validate user data integrity and provide easy data access through Transaction. CSP uses the blockchain to store distributed users' information safely through the Secret Sharing algorithm as a distributed system with improved security of existing centralized systems. The proposed approach demonstrates improved security and privacy through security analysis and has faster transaction speed and data storage efficiency than existing research.

Architecture and Technology of Multi-Source Heterogeneous Data System for Telecom Operator

Abstract: In recent years, telecom operator builds mobile networks infrastructure worldwide, as well as deploys a series of relevant systems/platforms to management the mobile networks and telecom customers. These systems/platforms can generate a huge amount of data resources. In order to effectively access these systems/platforms and make use of the valuable data resources, this paper designs a novel multi-source heterogeneous data (MSHD) system for telecom operator. The MSHD system contains data access module, data pre-processing module, data storage and management module, data application and visualization module. The MSHD system can assist telecom internal application as well as the vertical industry application.

FAST: Fast Accessing Scheme for data Transmission in cloud computing

Abstract: With the rapid advancement of emerging technologies, a huge amount of data is created and processed in daily life. Nowadays, Cloud Computing (CC) technology is one of the frequently adopted technologies to access and store data over the internet. CC mainly provides on-demand and pay-per-use services to users. However, access control and security are two major issues that users face in a cloud environment. During data access from a cloud server, the searching time of a Data Owner (DO) and the data accessing time are high. Therefore, users utilize more cloud services and pay more. High system overhead is another issue of a cloud environment. In this paper, a novel access control model has been proposed to overcome all these concerns. Here, the Cloud Service Provider (CSP) maintains a temporary table based on the data type and popularity value of the DO for fast and efficient data accessing. The cloud service provider can easily search the data owner by using the table and the data accessing time is remarkably reduced. Experimental results and theoretical analysis of the proposed scheme prove its efficiency over the existing schemes.

Data replication schemes in cloud computing: a survey

Abstract: In recent years, cloud storage systems have emerged as a promising technology for storing data blocks on various cloud servers. One of the main mechanisms in cloud storage systems is data replication, for which various solutions are proposed. Data replication's main target is achieving higher performance for data-intensive applications by addressing some critical challenges of this criterion, such as availability, reliability, security, bandwidth, and response time of data access. However, to the best of the author’s knowledge, there is no systematic, comprehensive, and complete survey in the cloud data replication despite its impacts and maturity. This paper presents a comprehensive survey and classification of state-of-the-art data replication schemes among different existing cloud computing solutions in the form of a classical classification to define current schemes on the topic and present open issues. The presented classification comprises three main classes; data deduplication schemes, data auditing schemes, and data handling schemes. A complete comparative comparison of the replication schemes highlights their main properties, such as utilized classes, type of the scheme, the place of implementation, evaluation tools, and their advantages and weaknesses. Finally, open issues and future uncovered or weakly covered research challenges are discussed, and the survey will be concluded.

A blockchain-based medical data preservation scheme for telecare medical information systems

Abstract: With rapid technological development, mobile computing and wireless transmission have become mature. These two technologies can be combined for sharing medical records on social networks, but doing so depends on the secure sharing of a patient’s data between Pervasive Social Network (PSN) nodes. Previous research has revealed that most human sensors cannot support very heavy computation, so the computation on the sensor node must be light. When a legitimate node is intercepted, an attacker may steal shared data of a third party through this intercepted node, causing security problems. Based on the aforementioned security and performance considerations, this study proposes a blockchain-based medical data preservation scheme for telecare medical information systems (TMISs), which consists of a medical sensor area authentication protocol and a social network information transfer protocol. The former protocol uses elliptic curve point multiplication to achieve secure data transfer between human sensors and mobile devices. The latter protocol stores data collected and transferred by mobile devices. The scheme herein is secure against several possible attacks and reduces the number of communication rounds below those of previously developed approaches. The social network information transfer protocol stores data using blockchain technology so that a data owner can authorize access to data by relevant users. Therefore, the proposed scheme improves upon not only the computing performance but also the security of previous approaches.

The openEO API–Harmonising the Use of Earth Observation Cloud Services Using Virtual Data Cube Functionalities

Abstract: At present, accessing and processing Earth Observation (EO) data on different cloud platforms requires users to exercise distinct communication strategies as each backend platform is designed differently. The openEO API (Application Programming Interface) standardises EO-related contracts between local clients (R, Python, and JavaScript) and cloud service providers regarding data access and processing, simplifying their direct comparability. Independent of the providers’ data storage system, the API mimics the functionalities of a virtual EO raster data cube. This article introduces the communication strategy and aspects of the data cube model applied by the openEO API. Two test cases show the potential and current limitations of processing similar workflows on different cloud platforms and a comparison of the result of a locally running workflow and its openEO-dependent cloud equivalent. The outcomes demonstrate the flexibility of the openEO API in enabling complex scientific analysis of EO data collections on cloud platforms in a homogenised way.

CubicleOS: a library OS with software componentisation for practical isolation

Abstract: Library OSs have been proposed to deploy applications isolated inside containers, VMs, or trusted execution environments. They often follow a highly modular design in which third-party components are combined to offer the OS functionality needed by an application, and they are customised at compilation and deployment time to fit application requirements. Yet their monolithic design lacks isolation across components: when applications and OS components contain security-sensitive data (e.g., cryptographic keys or user data), the lack of isolation renders library OSs open to security breaches via malicious or vulnerable third-party components. We describe CubicleOS, a library OS that isolates components in the system while maintaining the simple, monolithic development approach of library composition. CubicleOS allows isolated components, called cubicles , to share data dynamically with other components. It provides spatial memory isolation at the granularity of function calls by using Intel MPK at user-level to isolate components. At the same time, it supports zero-copy data access across cubicles with feature-rich OS functionality. Our evaluation shows that CubicleOS introduces moderate end-to-end performance overheads in complex applications: 2× for the I/O-intensive NGINX web server with 8 partitions, and 1.7–8× for the SQLite database engine with 7 partitions.

Privacy Concerns and Data Sharing in the Internet of Things: Mixed Methods Evidence from Connected Cars

Abstract: The Internet of Things (IoT) is increasingly transforming the way we work, live, and travel. IoT devices collect, store, analyze, and act upon a continuous stream of data as a by-product of everyday use. However, IoT devices need unrestricted data access to fully function. As such, they invade users’ virtual and physical space and raise far-reaching privacy challenges that are unlike those examined in other contexts.

A GDPR-Compliant Framework for IoT-Based Personal Health Records Using Blockchain

Abstract: An up-to-date personal health record (PHR) system is crucial for people’s health. Achieving a reliable PHR system in the e-Health and m-Health era is still a challenge concerning data integration from different EHRs, data interoperability, and enforcing that access to data is fully under the patient’s control. We address these challenges by proposing an electronic health wallet (EHW) system that uses emergent decentralized technologies like blockchain and IPFS and adopts health data interoperability standards and technologies like FHIR’s APIs. The EHW stands on a GDPR-compliant framework for IoT-based PHR systems that ensures both data privacy and interoperability. The proposed conceptual framework and system architecture provide a comprehensive solution for a patient-centered IoT-based PHR system that preserves data privacy and satisfies the data interoperability needs. By encouraging patients to share their data in a controlled way, also enables health big data analytics by utilizing the IoT data in a privacy-preserving fashion.

The Data Use Ontology to streamline responsible access to human biomedical datasets.

Abstract: Summary Human biomedical datasets that are critical for research and clinical studies to benefit human health also often contain sensitive or potentially identifying information of individual participants. Thus, care must be taken when they are processed and made available to comply with ethical and regulatory frameworks and informed consent data conditions. To enable and streamline data access for these biomedical datasets, the Global Alliance for Genomics and Health (GA4GH) Data Use and Researcher Identities (DURI) work stream developed and approved the Data Use Ontology (DUO) standard. DUO is a hierarchical vocabulary of human and machine-readable data use terms that consistently and unambiguously represents a dataset’s allowable data uses. DUO has been implemented by major international stakeholders such as the Broad and Sanger Institutes and is currently used in annotation of over 200,000 datasets worldwide. Using DUO in data management and access facilitates researchers’ discovery and access of relevant datasets. DUO annotations increase the FAIRness of datasets and support data linkages using common data use profiles when integrating the data for secondary analyses. DUO is implemented in the Web Ontology Language (OWL) and, to increase community awareness and engagement, hosted in an open, centralized GitHub repository. DUO, together with the GA4GH Passport standard, offers a new, efficient, and streamlined data authorization and access framework that has enabled increased sharing of biomedical datasets worldwide.

MeetGo: A Trusted Execution Environment for Remote Applications on FPGA

Abstract: Remote computing has emerged as a trendy computing model that enables users to process an immense number of computations efficiently on the remote server where the necessary data and high-performance computing power are provisioned. Unfortunately, despite such an advantage, this computing model suffers from insider threats that are committed by adversarial administrators of remote servers who attempt to steal or corrupt users’ private data. These security threats are somewhat innate to remote computing in that there is no means to control administrators’ unlimited data access. In this paper, we present our novel hardware-centric solution, called MeetGo , to address the intrinsic threats to remote computing. MeetGo is a field-programmable gate array (FPGA)-based trusted execution environment (TEE) that aims to operate independently of the host system architecture. To exhibit the ability and effectiveness of MeetGo as a TEE ensuring secure remote computing, we have built two concrete applications: cryptocurrency wallet and GPGPU. MeetGo provides a trust anchor for these applications that enable their users to trade cryptocurrency or to run a GPGPU program server on a remote server while staying safe from threats by insiders. Our experimental results clearly demonstrate that MeetGo incurs only a negligible performance overhead to the applications.

IoT Data Replication and Consistency Management in Fog computing

Abstract: Fog Computing has emerged as a virtual platform extending Cloud services down to the network edge especially (and not exclusively) to host IoT applications. Data replication strategies have been designed to investigate the best storage location of data copies in geo-distributed storage systems in order to reduce its access time for different consumer services spread over the infrastructure. Unfortunately, due to the geographical distance between Fog nodes, misplacing data in such an infrastructure may generate high latencies when accessing or synchronizing replicas, thus degrading the Quality of Service (QoS). In this paper, we present two strategies to manage IoT data replication and consistency in Fog infrastructures. Our strategies choose for each datum, the right replica number and their location in order to reduce data access latency and replicas synchronization cost. This is done while respecting the required consistency level. Also, we propose an evaluation platform based on the simulator iFogSim to enable users to implement and test their own strategies for IoT data replication and consistency management. Our experiments show that when using our strategies, the service latency can be reduced by 30% in case of small Fog infrastructures and by 13% in case of large scale Fog infrastructures compared to iFogStor, a state-of-the-art strategy that does not use replication.

TS-Benchmark: A Benchmark for Time Series Databases

Abstract: Time series data is widely used in scenarios such as supply chain, stock data analysis, and smart manufacturing. A number of time series database systems have been invented to manage and query large volumes of time series data. We observe that the existing benchmarks of time series databases are focused on workloads of complex analysis such as pattern matching and trend prediction whose performance may be highly affected by the data analysis algorithms, instead of the back-end databases. However, in many real applications of time series databases, people are more interested in the performance metrics such as data injection throughput and query processing time. A benchmark is still required to extensively compare the performance of time series databases in such metrics. We introduce such a benchmark called TS-Benchmark which majorly applies a scenario of device monitoring for wind turbines. A DCGAN-based data generation model is proposed to generate large volumes of time series data from some real time series data. The workloads are categorized into three folds: data loading (in batch), streaming data injection, and historical data access (for typical queries). We implement the benchmark and compare four representative time series databases: InfluxDB, TimescaleDB, Druid and OpenTSDB. The results are reported and analyzed.

AC4AV: A Flexible and Dynamic Access Control Framework for Connected and Autonomous Vehicles

Abstract: Sensing data plays a pivotal role in connected and autonomous vehicles (CAVs), enabling CAV to perceive surroundings. For example, malicious applications might tamper this life-critical data, resulting in erroneous driving decisions and threatening the safety of passengers. Access control, one of the promising solutions to protect data from unauthorized access, is urgently needed for vehicle sensing data. However, due to the intrinsic complexity of vehicle sensing data, including historical and real time, and access patterns of different data sources, there is currently no suitable access control framework that can systematically solve this problem; current frameworks only focus on one aspect. In this article, we propose a novel and flexible access control framework, AC4AV , which aims to support various access control models, and provide APIs for dynamically adjusting access control models and developing customized access control models, thus supporting access control research on CAV for the community. In addition, we propose a data abstraction method to clearly identify data, applications, and access operations in CAV, and therefore is easily able to configure the permits of each data and application in access control policies. We have implemented a prototype to demonstrate our architecture on NATS for real-time data and NGINX for historical data, and three access control models as built-in models. We measured the performance of our AC4AV while applying these access control models to real-time and historical data. The experimental results show that the framework has little impact on real-time data access within a tolerable range.

Reinforcement Learning-Based Energy-Efficient Data Access for Airborne Users in Civil Aircrafts-Enabled SAGIN

Abstract: Airborne users are always dreaming of enjoying a good Internet access experience while in the air. However, due to long propagation delay and limited network coverage, the existing data communication methods utilized in space and ground communications not only fail to ensure the quality-of-service (QoS) of airborne users, but also incur significant energy consumption to process content requests. In this paper, we introduce the aeronautical ad hoc network (AANET) as a new method of network access and design an energy-efficient data access scheme in civil aircrafts-enabled space-air-ground integrated networks (CAE-SAGIN). In order to minimize the energy consumption, we propose a service selection scheme based on reinforcement learning and formulate a joint optimization problem of resource allocation and request distribution. Leveraged by the Lyapunov optimization method, the optimization problem can be solved by the proposed joint optimization algorithm. Extensive simulations are conducted to confirm the stability of the CAE-SAGIN, and demonstrate that the proposed data access scheme can effectively reduce both the energy consumption and the processing delay. Moreover, the advantages of using AANET are becoming more obvious when higher data rate is required.

An Alternative to Data Ownership: Managing Access to Non-Personal Data through the Commons

Abstract: In today’s algorithmic society, access to large-scale datasets is the sine qua non for any economic actor to reap the benefits of data-driven innovation (DDI). This article explores alternative mechanisms of data management in large-scale processing environments which can bolster access in view of the shortcomings of the existing data ownership-centric system. The scope of the analysis is limited to non-personal data. First, this contribution elaborates on the features and shortcomings of the data ownership-centric system and the existing legislation on data access. In fact, despite its ground-breaking potential, data access is not a widely available resource. It is subject, meanwhile, to the ability of several actors to control it, originating from data holders’ position of de facto control over data (“data ownership”), which is mostly anchored in technological, behavioural, and legal access barriers. This ownership-oriented setting thus stifles data sharing and opportunities for novel reuses of data. Despite these concerns, EU secondary legislation and case law (including the “essential facilities doctrine” of competition law) have not yet offered appropriate means to enable data access across society. Second, this article investigates whether alternative systems of data management based on the commons is a viable solution to open up access to raw non-personal data (RNPD). The commons as a conceptual notion and institutional mechanism values access and freedom to operate, instead of power to appropriate. The article homes in on two main reasons which substantiate why commons management of RNPD can be desirable. On the one hand, RNPD can be deemed a cooperative infrastructural resource that calls for being pulled out of its factual enclosure (“structuralist approach” of the commons). On the other hand, grasping RNPD as a commons means valuing its functional nature, making data available to a wide number of actors for the fulfilment of fundamental rights and enhancing human flourishing (“functionalist approach”). The article concludes with some thoughts on the lines of research which are still to be explored to put the commons-based vision of data management into practice.

Enhancing virtual ontology based access over tabular data with Morph-CSV

Abstract: Ontology-Based Data Access (OBDA) has traditionally focused on providing a unified view of heterogeneous datasets, either by materializing integrated data into RDF or by performing on-the fly querying via SPARQL query translation. In the specific case of tabular datasets represented as several CSV or Excel files, query translation approaches have been applied by considering each source as a single table that can be loaded into a relational database management system (RDBMS). Nevertheless, constraints over these tables are not represented; thus, neither consistency among attributes nor indexes over tables are enforced. As a consequence, efficiency of the SPARQL-to-SQL translation process may be affected, as well as the completeness of the answers produced during the evaluation of the generated SQL query. Our work is focused on applying implicit constraints on the OBDA query translation process over tabular data. We propose Morph-CSV, a framework for querying tabular data that exploits information from typical OBDA inputs (e.g., mappings, queries) to enforce constraints that can be used together with any SPARQL-to-SQL OBDA engine. Morph-CSV relies on both a constraint component and a set of constraint operators. For a given set of constraints, the operators are applied to each type of constraint with the aim of enhancing query completeness and performance. We evaluate Morph-CSV in several domains: e-commerce with the BSBM benchmark; transportation with a benchmark using the GTFS dataset from the Madrid subway; and biology with a use case extracted from the Bio2RDF project. We compare and report the performance of two SPARQL-to-SQL OBDA engines, without and with the incorporation of MorphCSV. The observed results suggest that Morph-CSV is able to speed up the total query execution time by up to two orders of magnitude, while it is able to produce all the query answers.

Provably Secure Data Sharing Approach for Personal Health Records in Cloud Storage Using Session Password, Data Access Key, and Circular Interpolation

Abstract: Personal health record (PHR) system has become the most important platform to exchange health information, in which the patients can share and manage personal health information more effectively in cloud storage. However, the cloud server is unreliable, and the secure data of users may be disclosed. Therefore, a secure data sharing mechanism is developed in this research using the proposed session password, data access key, and circular interpolation (SKC)-based data-sharing approach for the secure sharing of PHR in the cloud. The proposed SKC-based data sharing approach provides high efficiency and high-security guarantee. It effectively satisfies various security properties, such as tamper resistance, openness, and decentralization. The proposed SKC-based data sharing approach is the reliable mechanism created for the doctors to share the PHR and to access the patient historical data while meeting the privacy preservation.