Integrity of Outsourced Databases 2015

 

 
SoS Logo

Integrity of Outsourced Databases 2015

The growth of distributed storage systems such as the Cloud has produced novel security problems.  The works cited here address untrusted servers, generic trusted data, trust extension on commodity computers, defense against frequency-based attacks in wireless networks, and other topics.  For the Science of Security community, these topics relate to composability, metrics, and resilience.  The work cited here was presented in 2015.

Azraoui, M.; Elkhiyaoui, K.; Onen, M.; Molva, R., "Publicly Verifiable Conjunctive Keyword Search in Outsourced Databases," in Communications and Network Security (CNS), 2015 IEEE Conference on, pp. 619-627, 28-30 Sept. 2015. doi: 10.1109/CNS.2015.7346876

Abstract: Recent technological developments in cloud computing and the ensuing commercial appeal have encouraged companies and individuals to outsource their storage and computations to powerful cloud servers. However, the challenge when outsourcing data and computation is to ensure that the cloud servers comply with their advertised policies. In this paper, we focus in particular on the scenario where a data owner wishes to (i) outsource its public database to a cloud server; (ii) enable anyone to submit multi-keyword search queries to the outsourced database; and (iii) ensure that anyone can verify the correctness of the server's responses. To meet these requirements, we propose a solution that builds upon the well-established techniques of Cuckoo hashing, polynomial-based accumulators and Merkle trees. The key idea is to (i) build an efficient index for the keywords in the database using Cuckoo hashing; (ii) authenticate the resulting index using polynomial-based accumulators and Merkle tree; (iii) and finally, use the root of the Merkle tree to verify the correctness of the server's responses. Thus, the proposed solution yields efficient search and verification and incurs a constant storage at the data owner. Furthermore, we show that it is sound under the strong bilinear Diffie-Hellman assumption and the security of Merkle trees.

Keywords: authorisation; cloud computing; cryptography; database management systems; formal verification; polynomials; query processing; tree data structures; trees (mathematics); Merkle trees security; bilinear Diffie-Hellman assumption; cloud computing; cloud servers; cuckoo hashing; multikeyword search queries; outsourced databases; outsourcing computation; outsourcing data; polynomial-based accumulators; public conjunctive keyword search verifiability; resulting index authentication; server response correctness verification; Cloud computing; Databases; Erbium; Keyword search; Public key; Servers (ID#: 15-8765)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7346876&isnumber=7346791

 

Hyunjo Lee; MunChol Choi; Jae-Woo Chang, "A Group Order-Preserving Encryption Scheme Based on Periodic Functions for Efficient Query Processing on Encrypted Data," in High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conference on Embedded Software and Systems (ICESS), 2015 IEEE 17th International Conference on, pp. 923-923, 24-26 Aug. 2015. doi: 10.1109/HPCC-CSS-ICESS.2015.275

Abstract: To preserve the private information of the outsourced database, it is important to encrypt the database. Also it is necessary to provide a query processing scheme without decrypting the encrypted data. For this, we propose a group order preserving data encryption scheme based on periodic functions (GOPES). Our GOPES generates encryption signatures based on data groups and periodic functions. With this, we can guarantee the data privacy.

Keywords: cryptography; query processing; GOPES; data privacy; encrypted data; encryption signatures; group order-preserving encryption scheme; outsourced database; periodic functions; query processing; Conferences; Data privacy; Encryption; Query processing; data privacy protection; database outsourcing; encrypted query processing; group order-preserving; order-preserving encryption scheme (ID#: 15-8766)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7336287&isnumber=7336120

 

Talha, Ayesha M.; Kamel, Ibrahim; Aghbari, Zaher Al, "Enhancing Confidentiality and Privacy of Outsourced Spatial Data," in Cyber Security and Cloud Computing (CSCloud), 2015 IEEE 2nd International Conference on, pp. 13-18, 3-5 Nov. 2015. doi: 10.1109/CSCloud.2015.39

Abstract: The increase of spatial data has led organizations to upload their data onto third-party service providers. Cloud computing allows data owners to outsource their databases, eliminating the need for costly storage and computational resources. The main challenge is maintaining data confidentiality with respect to untrusted parties as well as providing efficient and accurate query results to the authenticated users. We propose a dual transformation scheme on the spatial database to overcome this problem, while the service provider executes queries and returns results to the users. First, our approach utilizes the space-filling Hilbert curve to map each spatial point in the multidimensional space to a one-dimensional space. This space transformation method is easy to compute and preserves the spatial proximity. Next, the order-preserving encryption algorithm is applied to the clustered data. The user issues spatial range queries to the service provider on the encrypted Hilbert index and then uses a secret key to decrypt the query response returned. This allows data protection and reduces the query communication cost between the user and service provider.

Keywords: Encryption; Indexes; Servers; Spatial databases; Database Security; Order-Preserving Encryption; Outsourced Database; Space-Filling Curves; Spatial Data (ID#: 15-8767)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7371432&isnumber=7371418

 

Sepehri, M.; Cimato, S.; Damiani, E.; Yeuny, C.Y., "Data Sharing on the Cloud: A Scalable Proxy-Based Protocol for Privacy-Preserving Queries," in Trustcom/BigDataSE/ISPA, 2015 IEEE, vol. 1pp. 1357-1362, 20-22 Aug. 2015. doi: 10.1109/Trustcom.2015.530

Abstract: Outsourcing data on the cloud poses many challenges related to data owners and users privacy, especially when some data processing capabilities are delegated to the cloud infrastructure. In this paper we address the problem of executing privacy-preserving equality queries in a scenario where multiple data owners outsource their databases to an untrusted cloud service provider, accepting encrypted queries coming from authorized users. We propose a highly scalable proxy re-encryption scheme so that (i) the cloud service provider can return only the encrypted data that satisfies user's query without decrypting it, and (ii) the encrypted results can be decrypted using the user's key. We analyze the computation efficiency and the security of the scheme against proxy under the standard Diffie-Hellman assumption, reporting also some experimental results, which show encouraging speed up in comparison with previously proposed similar schemes.

Keywords: cloud computing; cryptographic protocols; outsourcing; private key cryptography; public key cryptography; query processing; trusted computing; authorized users; cloud infrastructure; computation efficiency analysis; data decryption; data owners; data processing capabilities; data sharing; database outsourcing; encrypted data; encrypted queries; privacy-preserving equality queries; proxy re-encryption scheme; scalable proxy-based protocol; security analysis; standard Diffie-Hellman analysis; untrusted cloud service provider; user key; user privacy; Cloud computing; Data models; Data privacy; Encryption; Protocols; Servers (ID#: 15-8768)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7345438&isnumber=7345233

 

Baghel, S.V.; Theng, D.P., "A Survey for Secure Communication of Cloud Third Party Authenticator," in Electronics and Communication Systems (ICECS), 2015 2nd International Conference on, pp. 51-54, 26-27 Feb. 2015. doi: 10.1109/ECS.2015.7124959

Abstract: Cloud computing is an information technology where user can remotely store their outsourced data so as enjoy on demand high quality application and services from configurable resources. Using information data exchange, users can be worried from the load of local data storage and protection. Thus, allowing freely available auditability for cloud data storage is more importance so that user gives change to check data integrity through external audit party. In the direction of securely establish efficient third party auditor (TPA), which has next two primary requirements to be met: 1) TPA should able to audit outsourced data without demanding local copy of user outsourced data; 2) TPA process should not bring in new threats towards user data privacy. To achieve these goals this system will provide a solution that uses Kerberos as a Third Party Auditor/ Authenticator, RSA algorithm for secure communication, MD5 algorithm is used to verify data integrity, Data centers is used for storing of data on cloud in effective manner with secured environment and provides Multilevel Security to Database.

Keywords: authorisation; cloud computing; computer centres; data integrity; data protection; outsourcing; public key cryptography; MD5 algorithm; RSA algorithm; TPA; cloud third party authenticator; data centers; data integrity; data outsourcing; external audit party; information data exchange; information technology; local data protection; local data storage; multilevel security; on demand high quality application; on demand services; secure communication; third party auditor; user data privacy; user outsourced data; Algorithm design and analysis; Authentication; Cloud computing; Heuristic algorithms; Memory; Servers; Cloud Computing; Data center; Multilevel database; Public Auditing; Third Party Auditor (ID#: 15-8769)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7124959&isnumber=7124722

 

Mohammed, N.; Barouti, S.; Alhadidi, D.; Rui Chen, "Secure and Private Management of Healthcare Databases for Data Mining," in Computer-Based Medical Systems (CBMS), 2015 IEEE 28th International Symposium on, pp. 191-196, 22-25 June 2015. doi: 10.1109/CBMS.2015.54

Abstract: There has been a tremendous growth in health data collection since the development of Electronic Medical Record (EMR) systems. Such collected data is further shared and analyzed for diverse purposes. Despite many benefits, data collection and sharing have become a big concern as it threatens individual privacy. In this paper, we propose a secure and private data management framework that addresses both the security and privacy issues in the management of medical data in outsourced databases. The proposed framework ensures the security of data by using semantically-secure encryption schemes to keep data encrypted in outsourced databases. The framework also provides a differentially-private query interface that can support a number of SQL queries and complex data mining tasks. We experimentally evaluate the performance of the proposed framework, and the results show that the proposed framework is practical and has low overhead.

Keywords: data mining; electronic health records; health care; records management; security of data; EMR system; SQL query; data mining; differentially-private query interface; electronic medical record; health data collection; healthcare database private management; healthcare database security; medical data management; semantically-secure encryption scheme; Algorithm design and analysis; Cryptography; Databases; Medical services; Privacy; Protocols; Servers; Data sharing; Differential privacy; Electronic medical record; Privacy (ID#: 15-8770)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7167484&isnumber=7167433

 

Dingxing Xie; Yanchao Lu; Congjin Du; Jie Li; Li Li, "Secure Range Query Based on Spatial Index," in Industrial Networks and Intelligent Systems (INISCom), 2015 1st International Conference on, pp. 1-6, 2-4 March 2015. doi: 10.4108/icst.iniscom.2015.258364

Abstract: Sensor network has become an increasingly attractive and advantageous subject recently. More and more demands of data storage and data query have been raised in soft-defined sensor network. Bonnet et al. [1] investigated the problem of database in sensor network. In most of such scenes, data is stored in server instead of local. For this reason, data security [2] is very important. While encryption of outsourced data protects against many privacy threats, it could not hide the access patterns of the users. Protecting user information from leakage or attackers while guaranteeing high efficiency of query is becoming an important problem of concern. In this paper, we discuss secure range query based on spatial index. We build the spatial index on the client instead of the server to keep the information away from the potential threat. While keeping a high efficiency of query, we not only encrypt the data, but also hide the access patterns. That will greatly reduce the risk of data leakage. We do simulations and prove our design to be practicable and effective.

Keywords: cryptography; data privacy; query processing; software defined networking; storage management; data query; data security; data storage; encryption; outsourced data; privacy threat; secure range query; soft-defined sensor network; spatial index; user information protection; Cryptography; Random access memory; Servers; Spatial databases; Spatial indexes; Data Security; Database; Range Query; Sensor network; Spatial Data (ID#: 15-8771)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7157814&isnumber=7157808

 

Nguyen-Vu, Long; Park, Minho; Park, Jungsoo; Jung, Souhwan, "Privacy Enhancement for Data Outsourcing," in Information and Communication Technology Convergence (ICTC), 2015 International Conference on, pp. 335-338, 28-30 Oct. 2015. doi: 10.1109/ICTC.2015.7354558

Abstract: The demand of storing and processing data online grows quickly to adapt to the rapid change of business. It could lead to crisis if the cloud service provider is compromised and data of users are exposed to attackers in plaintext. In this paper, we introduce a practical scheme that dynamically protects and outsources data on demand, as well as propose a corresponding architecture to securely process data in Database Service Provider. After studying over 1300 database models, we believe this scheme can be applied in production with justifiable result.

Keywords: Databases; Digital signal processing; Encryption; Outsourcing; Servers; Yttrium; Cloud Privacy; Data Outsourcing; Database as a Service; Information Security (ID#: 15-8772)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7354558&isnumber=7354472

 

Sarada, G.; Abitha, N.; Manikandan, G.; Sairam, N., "A Few New Approaches for Data Masking," in Circuit, Power and Computing Technologies (ICCPCT), 2015 International Conference on, pp. 1-4, 19-20 March 2015. doi: 10.1109/ICCPCT.2015.7159301

Abstract: In today's information era, the data is a key asset for any organization. Every organization has a privacy policy for hiding their data in the database, but when they outsource their data to a third party for analysis purpose there is no security measure taken in order to prevent it from being misused. Data Security plays a vital role in the industry and one way to achieve security is to use data masking. The Main objective of data masking is to hide the sensitive data from the outside world. In this paper we propose a few approaches to hide the sensitive data from being accessed by unauthorized users.

Keywords: authorisation; data encapsulation; data privacy; fuzzy logic; minimax techniques; data masking; data outsourcing; data privacy policy; data security; sensitive data hiding; Algorithm design and analysis; Computers; Data privacy; Databases; Encryption; Organizations; Fuzzy; Map range; Masking; Min-Max normalization; Rail-fence (ID#: 15-8773)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7159301&isnumber=7159156

 

Rahulamathavan, Y.; Rajarajan, M., "Hide-and-Seek: Face Recognition in Private," in Communications (ICC), 2015 IEEE International Conference on, pp. 7102-7107, 8-12 June 2015. doi: 10.1109/ICC.2015.7249459

Abstract: Recent trend towards cloud computing and outsourcing has led to the requirement for face recognition (FR) to be performed remotely by third-party servers. When outsourcing the FR, client's test image and classification result will be revealed to the servers. Within this context, we propose a novel privacy-preserving (PP) FR algorithm based on randomization. Existing PP FR algorithms are based on homomorphic encryption (HE) which requires higher computational power and communication bandwidth. Since we use randomization, the proposed algorithm outperforms the HE based algorithm in terms of computational and communication complexity. We validated our algorithm using popular ORL database. Experimental results demonstrate that accuracy of the proposed algorithm is the same as the accuracy of existing algorithms, while improving the computational efficiency by 120 times and communication complexity by 2.5 times against the existing HE based approach.

Keywords: communication complexity; cryptography; data privacy; face recognition; image classification; ORL database; cloud computing; communication complexity; computational complexity; face recognition; hide-and-seek; homomorphic encryption; image classification; outsourcing; privacy-preserving FR algorithm; third-party servers; Accuracy; Algorithm design and analysis; Complexity theory; Noise; Security; Servers; Training (ID#: 15-8774)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7249459&isnumber=7248285

 

Hoang Giang Do; Wee Keong Ng, "Privacy-Preserving Approach for Sharing and Processing Intrusion Alert Data," in Intelligent Sensors, Sensor Networks and Information Processing (ISSNIP), 2015 IEEE Tenth International Conference on, pp. 1-6, 7-9 April 2015. doi: 10.1109/ISSNIP.2015.7106911

Abstract: Amplified and disrupting cyber-attacks might lead to severe security incidents with drastic consequences such as large property damage, sensitive information breach, or even disruption of the national economy. While traditional intrusion detection and prevention system might successfully detect low or moderate levels of attack, the cooperation among different organizations is necessary to defend against multi-stage and large-scale cyber-attacks. Correlating intrusion alerts from a shared database of multiple sources provides security analysts with succinct and high-level patterns of cyber-attacks - a powerful tool to combat with sophisticate attacks. However, sharing intrusion alert data raises a significant privacy concern among data holders, since publishing this information means a risk of exposing other sensitive information such as intranet topology, network services, and the security infrastructure. This paper discusses possible cryptographic approaches to tackle this issue. Organizers can encrypt their intrusion alert data to protect data confidentiality and outsource them to a shared server to reduce the cost of storage and maintenance, while, at the same time, benefit from a larger source of information for alert correlation process. Two privacy preserving alert correlation techniques are proposed under semi-honest model. These methods are based on attribute similarity and prerequisite/consequence conditions of cyber-attacks.

Keywords: cryptography; data privacy; intranets; cryptographic approach; cyber-attacks; intranet topology; intrusion alert data processing; intrusion alert data sharing; large-scale cyber-attacks; network services; privacy-preserving approach; security infrastructure; Encryption; Sensors (ID#: 15-8775)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7106911&isnumber=7106892

 

Andreoli, Andrea; Ferretti, Luca; Marchetti, Mirco; Colajanni, Michele, "Enforcing Correct Behavior without Trust in Cloud Key-Value Databases," in Cyber Security and Cloud Computing (CSCloud), 2015 IEEE 2nd International Conference on, pp. 157-164, 3-5 Nov. 2015. doi: 10.1109/CSCloud.2015.51

Abstract: Traditional computation outsourcing and modern cloud computing are affected by a common risk of distrust between service requestor and service provider. We propose a novel protocol, named Probus, that offers guarantees of correct behavior to both parts without assuming any trust relationship between them in the context of cloud-based key-value databases. Probus allows a service requestor to have evidence of cloud provider misbehavior on its data, and a cloud provider to defend itself from false accusations by demonstrating the correctness of its operations. Accusation and defense proofs are based on cryptographic mechanisms that can be verified by a third party. Probus improves the state-of-the-art by introducing novel solutions that allow for efficient verification of data security properties and by limiting the overhead required to provide its security guarantees. Thanks to Probus it is possible to check the correctness of all the results generated by a cloud service, thus improving weaker integrity assurance based on probabilistic verifications that are adopted by related work.

Keywords: Cloud computing; Cryptography; Databases; Metadata; Protocols; cloud services; integrity; key-value database ;trust (ID#: 15-8776)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7371475&isnumber=7371418

 

Refaie, Rasha; Abd El-Aziz, A.A.; Hamza, Nermin; Mahmood, Mahmood A.; Hefny, Hesham, "A New Efficient Algorithm for Executing Queries over Encrypted Data," in Computing, Communication and Security (ICCCS), 2015 International Conference on, pp. 1-4, 4-5 Dec. 2015. doi: 10.1109/CCCS.2015.7374182

Abstract: Outsourcing databases into cloud increases the need of data security. The user of cloud must be sure that his data will be safe and will not be stolen or reused even if the datacenters were attacked. The service provider is not trustworthy so the data must be invisible to him. Executing queries over encrypted data preserves a certain degree of confidentiality. In this paper, we propose an efficient algorithm to run computations on data encrypted for different principals. The proposed algorithm allows users to run queries over encrypted columns directly without decrypting all records.

Keywords: Antenna radiation patterns; Bandwidth; Boats; Dual band; Feeds; Ultra wideband antennas; CryptDB; Database security; Homomorphic encryption; MONOMI; Secure indexes; query processing (ID#: 15-8777)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7374182&isnumber=7374113

 

Chang Liu; Liehuang Zhu; Jinjun Chen, "Efficient Searchable Symmetric Encryption for Storing Multiple Source Data on Cloud," in Trustcom/BigData SE/ISPA, 2015 IEEE, vol. 1, pp. 451-458, 20-22 Aug. 2015.  doi: 10.1109/Trustcom.2015.406

Abstract: Cloud computing has greatly facilitated large-scale data outsourcing due to its cost efficiency, scalability and many other advantages. Subsequent privacy risks force data owners to encrypt sensitive data, hence making the outsourced data no longer searchable. Searchable Symmetric Encryption (SSE) is an advanced cryptographic primitive addressing the above issue, which maintains efficient keyword search over encrypted data without disclosing much information to the storage provider. Existing SSE schemes implicitly assume that original user data is centralized, so that a searchable index can be built at once. Nevertheless, especially in cloud computing applications, user-side data centralization is not reasonable, e.g. an enterprise distributes its data in several data centers. In this paper, we propose the notion of Multi-Data-Source SSE (MDS-SSE), which allows each data source to build a local index individually and enables the storage provider to merge all local indexes into a global index afterwards. We propose a novel MDS-SSE scheme, in which an adversary only learns the number of data sources, the number of entire data files, the access pattern and the search pattern, but not any other distribution information such as how data files or search results are distributed over data sources. We offer rigorous security proof of our scheme, and report experimental results to demonstrate the efficiency of our scheme.

Keywords: cloud computing; cryptography; storage management; MDS-SSE scheme; cloud computing; large-scale data outsourcing; multiple source data storage; searchable symmetric encryption; Cloud computing; Distributed databases; Encryption; Indexes; Servers; Cloud Computing; Data Outsourcing; Multiple Data Sources; Searchable Symmetric Encryption (ID#: 15-8778)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7345314&isnumber=7345233

 

Talpur, S.R.; Abdalla, S.; Kechadi, T., "Towards Middleware Security Framework for Next Generation Data Centers Connectivity," in Science and Information Conference (SAI), 2015, pp. 1277-1283, 28-30 July 2015. doi: 10.1109/SAI.2015.7237308

Abstract: Data Center as a Service (DCaaS) facilitates to clients as an alternate outsourced physical data center, the expectations of business community to fully automate these data centers to run smoothly. Geographically Distributed Data Centers and their connectivity has major role in next generation data centers. In order to deploy the reliable connections between Distributed Data Centers, the SDN based security and logical firewalls are attractive and enviable. We present the middleware security framework for software defined data centers interconnectivity, the proposed security framework will be based on some learning processes, which will reduce the complexity and manage very large number of secure connections in real-world data centers. In this paper we will focus on two main objectives; (1) proposing simple and yet scalable techniques for security and analysis, (2) Implementing and evaluating these techniques on real-world data centers.

Keywords: cloud computing; computer centres; firewalls; middleware; security of data; software defined networking; Data Center as a Service; SDN based security; geographically distributed data centers; logical firewalls; middleware security framework; next generation data centers connectivity; outsourced physical data center; real-world data centers; software defined data centers interconnectivity; Distributed databases; Optical switches; Routing; Security; Servers; Software; DCI (Data Center Inter-connectivity); DCaaS; Distributed Firewall; OpenFlow; SDDC; SDN; Virtual Networking (ID#: 15-8779)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7237308&isnumber=7237120

 

Helei Cui; Xingliang Yuan; Cong Wang, "Harnessing Encrypted Data in Cloud for Secure and Efficient Image Sharing from Mobile Devices," in Computer Communications (INFOCOM), 2015 IEEE Conference on, pp. 2659-2667, April 26 2015-May 1 2015. doi: 10.1109/INFOCOM.2015.7218657

Abstract: In storage outsourcing, highly correlated datasets can occur commonly, where the rich information buried in correlated data can be useful for many cloud data generation/dissemination services. In light of this, we propose to enable a secure and efficient cloud-assisted image sharing architecture for mobile devices, by leveraging outsourced encrypted image datasets with privacy assurance. Different from traditional image sharing, the proposed design aims to save the transmission cost from mobile clients, by directly utilizing outsourced correlated images to reproduce the image of interest inside the cloud for immediate dissemination. While the benefits are obvious, how to leverage the encrypted image datasets makes the problem particular challenging. To tackle the problem, we first propose a secure and efficient index design that allows the mobile client to securely find from the encrypted image datasets the candidate selection pertaining to the image of interest for sharing. We then design two specialized encryption mechanisms that support the secure image reproduction inside the cloud directly from the encrypted candidate selection. We formally analyze the security strength of the design. Our experiments show that up to 90% of the transmission cost at the mobile client can be saved, while achieving all service requirements and security guarantees.

Keywords: cloud computing; correlation methods; cryptography; data privacy; image processing; mobile computing; outsourcing; visual databases; cloud data dissemination services; cloud data generation services; cloud-assisted image sharing architecture; correlated datasets; encrypted candidate selection; encrypted data; index design; mobile clients; mobile devices; outsourced encrypted image datasets; privacy assurance; secure image reproduction; security guarantees; security strength analysis; service requirements; specialized encryption mechanisms; storage outsourcing; transmission cost saving; Encryption; Feature extraction; Indexes; Mobile communication; Servers (ID#: 15-8780)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7218657&isnumber=7218353

 

Shuaishuai Zhu; Yiliang Han; Yuechuan Wei, "Controlling Outsourcing Data in Cloud Computing with Attribute-Based Encryption," in Intelligent Networking and Collaborative Systems (INCOS), 2015 International Conference on, pp. 257-261, 2-4 Sept. 2015. doi: 10.1109/INCoS.2015.29

Abstract: In our IT society, cloud computing is clearly becoming one of the dominating infrastructures for enterprises as long as end users. As more cloud based services available to end users, their oceans of data are outsourced in the cloud as well. Without any special mechanisms, the data may be leaked to a third party for unauthorized use. Most presented works of cloud computing put these emphases on computing utility or new types of applications. But in the view of cloud users, such as traditional big companies, data in cloud computing systems is tend to be out of control and privacy fragile. So most of data they outsourced is less important. A mechanism to guarantee the ownership of data is required. In this paper, we analyzed a couple of recently presented scalable data management models to describe the storage patterns of data in cloud computing systems. Then we defined a new tree-based dataset management model to solve the storage and sharing problems in cloud computing. A couple of operation strategies including data encryption, data boundary maintenance, and data proof are extracted from the view of different entities in the cloud. The behaviors of different users are controlled by view management on the tree. Based on these strategies, a flexible data management mechanism is designed in the model to guarantee entity privacy, data availability and secure data sharing.

Keywords: cloud computing; cryptography; data privacy; outsourcing; trees (mathematics); attribute-based encryption; cloud computing system; data availability; data management model; data outsourcing; data sharing security; entity privacy; tree-based dataset management model; Access control; Cloud computing; Computational modeling; Data models; Data privacy; Encryption; Cloud Computing; Data Privacy; Database Management; Outsourcing Data (ID#: 15-8781)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7312081&isnumber=7312007

 

Shanmugakani, N.; Chinnaa, R., "An Explicit Integrity Verification Scheme for Cloud Distributed Systems," in Intelligent Systems and Control (ISCO), 2015 IEEE 9th International Conference on, pp. 1-4, 9-10 Jan. 2015. doi: 10.1109/ISCO.2015.7282293

Abstract: Cloud computing encourages the prototype for data service outsourcing, where data owners can avoid cost usage by storing their data in cloud storage centers. The ultimate problem of cloud computing technology is that, the service providers have to protect the user data and services. Secured systems should consider Confidentiality, Availability and Integrity as their primary option. The user encrypts their information to achieve the first one. The second one is achieved in convenient deployment scheme. Last but not the least is integrity. To provide integrity, lots of techniques were discovered, but still the goal is not achieved. In this paper, we propose a novel scheme to achieve integrity goals and we explore how to ensure the integrity and correctness of data storage in cloud computing. The Unique feature of this scheme is finding out which data portion is modified or attacked by the malicious user. In our scheme, there is no need for third-party authority (TPA) and cloud service provider communication in verification. Compared with the existing scheme, it takes the advantage of huge data support and high performance with a simple and easily approachable technique.

Keywords: cloud computing; cryptography; outsourcing; program verification; software reliability; storage management; TPA; cloud computing technology; cloud distributed systems; cloud service provider communication; cloud storage centers; data service outsourcing; data storage; explicit integrity verification scheme; third-party authority; Cloud computing; Computers; Cryptography; Distributed databases; Instruments; Servers; Availability; Cloud Storage; Confidentiality; Integrity (ID#: 15-8782)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7282293&isnumber=7282219

 

Jiang, T.; Chen, X.; Ma, J., "Public Integrity Auditing for Shared Dynamic Cloud Data with Group User Revocation," in Computers, IEEE Transactions on, vol. PP, no. 99, pp.1-1, January 2015.  doi: 10.1109/TC.2015.2389955

Abstract: The advent of the cloud computing makes storage outsourcing become a rising trend, which promotes the secure remote data auditing a hot topic that appeared in the research literature. Recently some research consider the problem of secure and efficient public data integrity auditing for shared dynamic data. However, these schemes are still not secure against the collusion of cloud storage server and revoked group users during user revocation in practical cloud storage system. In this paper, we figure out the collusion attack in the exiting scheme and provide an efficient public integrity auditing scheme with secure group user revocation based on vector commitment and verifier-local revocation group signature. We design a concrete scheme based on the our scheme definition. Our scheme supports the public checking and efficient user revocation and also some nice properties, such as confidently, efficiency, countability and traceability of secure group user revocation. Finally, the security and experimental analysis show that, compared with its relevant schemes our scheme is also secure and efficient.

Keywords: Cloud computing; Cryptography; Databases; Generators; Servers; Vectors; Public integrity auditing; cloud computing; dynamic data; group signature; victor commitment (ID#: 15-8783)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7004787&isnumber=4358213

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.