The latest, modern security camera systems record numerous data at once. With the utilization of artificial intelligence, these systems can even compose an online attendance register of students present during the lectures. Data is primarily recorded on the hard disk of the NVR (Network Video Recorder), and in the long term, it is recommended to save the data in the blockchain. The purpose of the research is to demonstrate how university security cameras can be securely connected to the blockchain. This would be important for universities as this is sensitive student data that needs to be protected from unauthorized access. In my research, as part of the practical implementation, I therefore also use encryption methods and data fragmentation, which are saved at the nodes of the blockchain. Thus, even a DDoS (Distributed Denial of Service) type attack may be easily repelled, as data is not concentrated on a single, central server. To further increase security, it is useful to constitute a blockchain capable of its own data storage at the faculty itself, rather than renting data storage space, so we, ourselves may regulate the conditions of operation, and the policy of data protection. As a practical part of my research, therefore, I created a blockchain called UEDSC (Universities Data Storage Chain) where I saved the student's data.

Modern connected vehicles are equipped with a large number of sensors, which enable a wide range of services that can improve overall traffic safety and efficiency. However, remote access to connected vehicles also introduces new security issues affecting both inter and intra-vehicle communications. In fact, existing intra-vehicle communication systems, such as Controller Area Network (CAN), lack security features, such as encryption and secure authentication for Electronic Control Units (ECUs). Instead, Original Equipment Manufacturers (OEMs) seek security through obscurity by keeping secret the proprietary format with which they encode the information. Recently, it has been shown that the reuse of CAN frame IDs can be exploited to perform CAN bus reverse engineering without physical access to the vehicle, thus raising further security concerns in a connected environment. This work investigates whether anonymizing the frames of each newly released vehicle is sufficient to prevent CAN bus reverse engineering based on frame ID matching. The results show that, by adopting Machine Learning techniques, anonymized CAN frames can still be fingerprinted and identified in an unknown vehicle with an accuracy of up to 80 %.

This paper presents a case study for designing and implementing a secure communication protocol over a Controller Area Network (CAN). The CAN based protocol uses a hybrid encryption method on a relatively simple hardware / software environment. Moreover, the blockchain technology is proposed as a working solution to provide an extra secure level of the proposed system.

In the context of big data era, in order to prevent malicious access and information leakage during data services, researchers put forward a location big data encryption method based on privacy protection in practical exploration. According to the problems arising from the development of information network in recent years, users often encounter the situation of randomly obtaining location information in the network environment, which not only threatens their privacy security, but also affects the effective transmission of information. Therefore, this study proposed the privacy protection as the core position of big data encryption method, must first clear position with large data representation and positioning information, distinguish between processing position information and the unknown information, the fuzzy encryption theory, dynamic location data regrouping, eventually build privacy protection as the core of the encryption algorithm. The empirical results show that this method can not only effectively block the intrusion of attack data, but also effectively control the error of position data encryption.

Cloud computing is a unified management and scheduling model of computing resources. To satisfy multiple resource requirements for various application, edge computing has been proposed. One challenge of edge computing is cross-domain data security sharing problem. Ciphertext policy attribute-based encryption (CP-ABE) is an effective way to ensure data security sharing. However, many existing schemes focus on could computing, and do not consider the features of edge computing. In order to address this issue, we propose a cross-domain data security sharing approach for edge computing based on CP-ABE. Besides data user attributes, we also consider access control from edge nodes to user data. Our scheme first calculates public-secret key peer of each edge node based on its attributes, and then uses it to encrypt secret key of data ciphertext to ensure data security. In addition, our scheme can add non-user access control attributes such as time, location, frequency according to the different demands. In this paper we take time as example. Finally, the simulation experiments and analysis exhibit the feasibility and effectiveness of our approach.

SWIM (System Wide Information Management) has become the development direction of A TM (Air Traffic Management) system by providing interoperable services to promote the exchange and sharing of data among various stakeholders. The premise of data sharing is security, and the access control has become the key guarantee for the secure sharing and exchange. The CP-ABE scheme (Ciphertext Policy Attribute-Based Encryption) can realize one-to-many access control, which is suitable for the characteristics of SWIM environment. However, the combination of the existing CP-ABE access control and SWIM has following constraints. 1. The traditional single authority CP-ABE scheme requires unconditional trust in the authority center. Once the authority center is corrupted, the excessive authority of the center may lead to the complete destruction of system security. So, SWIM with a large user group and data volume requires multiple authorities CP-ABE when performing access control. 2. There is no unified management of users' data access records. Lack of supervision on user behavior make it impossible to effectively deter malicious users. 3. There are a certain proportion of lightweight data users in SWIM, such as aircraft, users with handheld devices, etc. And their computing capacity becomes the bottleneck of data sharing. Aiming at these issues above, this paper based on cloud-chain fusion basically proposes a multi-authority CP-ABE scheme, called the MOV ATM scheme, which has three advantages. 1. Based on a multi-cloud and multi-authority CP-ABE, this solution conforms to the distributed nature of SWIM; 2. This scheme provides outsourced computing and verification functions for lightweight users; 3. Based on blockchain technology, a blockchain that is maintained by all stakeholders of SWIM is designed. It takes user's access records as transactions to ensure that access records are well documented and cannot be tampered with. Compared with other schemes, this scheme adds the functions of multi-authority, outsourcing, verifiability and auditability, but do not increase the decryption cost of users.

At present, the ciphertext-policy attribute based encryption (CP-ABE) has been widely used in different fields of data sharing such as cross-border paperless trade, digital government and etc. However, there still exist some challenges including single point of failure, key abuse and key unaccountable issues in CP-ABE. To address these problems. We propose an accountable CP-ABE mechanism based on block chain system. First, we establish two authorization agencies MskCA and AttrVN(Attribute verify Network),where the MskCA can realize master key escrow, and the AttrVN manages and validates users' attributes. In this way, our system can avoid the single point of failure and improve the privacy of user attributes and security of keys. Moreover, in order to realize auditability of CP-ABE key parameter transfer, we introduce the did and record parameter transfer process on the block chain. Finally, we theoretically prove the security of our CP-ABE. Through comprehensive comparison, the superiority of CP-ABE is verified. At the same time, our proposed schemes have some properties such as fast decryption and so on.

Ensuring data rights, openness and transaction flow is important in today’s digital economy. Few scholars have studied in the area of data confirmation, it is only with the development of blockchain that it has started to be taken seriously. However, blockchain has open and transparent natures, so there exists a certain probability of exposing the privacy of data owners. Therefore, in this paper we propose a new measure of data confirmation based on Ciphertext-Policy Attribute-Base Encryption(CP-ABE). The information with unique identification of the data owner is embedded in the ciphertext of CP-ABE by paillier homomorphic encryption, and the data can have multiple sharers. No one has access to the plaintext during the whole confirmation process, which reduces the risk of source data leakage.

The data sharing is a helpful and financial assistance provided by CC. Information substance security also rises out of it since the information is moved to some cloud workers. To ensure the sensitive and important data; different procedures are utilized to improve access manage on collective information. Here strategies, Cipher text-policyattribute based encryption (CP-ABE) might create it very helpful and safe. The conventionalCP-ABE concentrates on information privacy only; whereas client's personal security protection is a significant problem as of now. CP-ABE byhidden access (HA) strategy makes sure information privacy and ensures that client's protection isn't exposed also. Nevertheless, the vast majority of the current plans are ineffectivein correspondence overhead and calculation cost. In addition, the vast majority of thismechanism takes no thought regardingabilityauthenticationor issue of security spillescapein abilityverificationstage. To handle the issues referenced over, a security protectsCP-ABE methodby proficient influenceauthenticationis presented in this manuscript. Furthermore, its privacy keys accomplish consistent size. In the meantime, the suggestedplan accomplishes the specific safetyin decisional n-BDHE issue and decisional direct presumption. The computational outcomes affirm the benefits of introduced method.

With the rapid innovation of cloud computing technologies, which has enhanced the application of the Internet of Things (IoT), smart health (s-health) is expected to enhance the quality of the healthcare system. However, s-health records (SHRs) outsourcing, storage, and sharing via a cloud server must be protected and users attribute privacy issues from the public domain. Ciphertext policy attribute-based encryption (CP-ABE) is the cryptographic primitive which is promising to provide fine-grained access control in the cloud environment. However, the direct application of traditional CP-ABE has brought a lot of security issues like attributes' privacy violations and vulnerability in the future by potential powerful attackers like side-channel and cold-bot attacks. To solve these problems, a lot of CP-ABE schemes have been proposed but none of them concurrently support partially policy-hidden and leakage resilience. Hence, we propose a new Smart Health Records Sharing Scheme that will be based on Partially Policy-Hidden CP-ABE with Leakage Resilience which is resilient to bound leakage from each of many secret keys per user, as well as many master keys, and ensure attribute privacy. Our scheme hides attribute values of users in both secret key and ciphertext which contain sensitive information in the cloud environment and are fully secure in the standard model under the static assumptions.

The security and reliability of power grid dispatching system is the basis of the stable development of the whole social economy. With the development of information, computer science and technology, communication technology, and network technology, using more advanced intelligent technology to improve the performance of security and reliability of power grid dispatching system has important research value and practical significance. In order to provide valuable references for relevant researchers and for the construction of future power system related applications. This paper summarizes the latest technical status of attribute encryption and hierarchical identity encryption methods, and introduces the access control method based on attribute and hierarchical identity encryption, the construction method of attribute encryption scheme, revocable CP-ABE scheme and its application in power grid data security access control. Combined with multi authorization center encryption, third-party trusted entity and optimized encryption algorithm, the parallel access control algorithm of hierarchical identity and attribute encryption and its application in power grid data security access control are introduced.

The traditional ciphertext-policy attribute-based encryption (CP-ABE) has the problems of poor security of key distribution by a single attribute authorization center and too much calculation on the client in the process of encryption and decryption. A CP-ABE scheme that can outsource encryption and decryption and support multi-authorization centers is introduced to solve the above two problems. In the key generation stage, the user's private key is generated by the attribute authorization center and the key generation center jointly executing the two-party secure computing protocol; In the encryption and decryption stage, the cloud encryption server and cloud storage server are used to handle most of the computing work. Security proof and performance analysis show that the scheme not only can effectively make up for the defect of all key leakage when the attribute authorization center is broken, but also can enhance the security of the system; Moreover, after using the cloud server to process data, users only need to perform a simple calculation on the client to complete encryption or decryption, thus reducing the user's computing workload.

At present, cloud service providers control the direct management rights of cloud data, and cloud data cannot be effectively and assured deleted, which may easily lead to security problems such as data residue and user privacy leakage. This paper analyzes the related research work of cloud data assured deletion in recent years from three aspects: encryption key deletion, multi-replica association deletion, and verifiable deletion. The advantages and disadvantages of various deletion schemes are analysed in detail, and finally the prospect of future research on assured deletion of cloud data is given.

With the rapid development of general cloud services, more and more individuals or collectives use cloud platforms to store data. Assured data deletion deserves investigation in cloud storage. In time-sensitive data storage scenarios, it is necessary for cloud platforms to automatically destroy data after the data owner-specified expiration time. Therefore, assured time-sensitive data deletion should be sought. In this paper, a fine-grained assured time-sensitive data deletion (ATDD) scheme in cloud storage is proposed by embedding the time trapdoor in Ciphertext-Policy Attribute-Based Encryption (CP-ABE). Time-sensitive data is self-destructed after the data owner-specified expiration time so that the authorized users cannot get access to the related data. In addition, a credential is returned to the data owner for data deletion verification. This proposed scheme provides solutions for fine-grained access control and verifiable data self-destruction. Detailed security and performance analysis demonstrate the security and the practicability of the proposed scheme.

In the present era of the internet, image watermarking schemes are used to provide content authentication, security and reliability of various multimedia contents. In this paper image watermarking scheme which utilizes the properties of Integer Wavelet Transform (IWT), Schur decomposition and Singular value decomposition (SVD) based is proposed. In the suggested method, the cover image is subjected to a 3-level Integer wavelet transform (IWT), and the HH3 subband is subjected to Schur decomposition. In order to retrieve its singular values, the upper triangular matrix from the HH3 subband’s Schur decomposition is then subjected to SVD. The watermark image is first encrypted using a chaotic map, followed by the application of a 3-level IWT to the encrypted watermark and the usage of singular values of the LL-subband to embed by manipulating the singular values of the processed cover image. The proposed scheme is tested under various attacks like filtering (median, average, Gaussian) checkmark (histogram equalization, rotation, horizontal and vertical flipping) and noise (Gaussian, Salt & Pepper Noise). The suggested scheme provides strong robustness against numerous attacks and chaotic encryption provides security to watermark.

Image watermarking techniques provides security, reliability copyright protection for various multimedia contents. In this paper Integer Wavelet Transform Schur decomposition and Singular value decomposition (SVD) based image watermarking scheme is suggested for the integrity protection of dicom images. In the proposed technique 3-level Integer wavelet transform (IWT) is subjected into the Dicom ultrasound image of liver cover image and in HH sub-band Schur decomposition is applied. The upper triangular matrix obtained from Schur decomposition of HH sub-band is further processed with SVD to attain the singular values. The X-ray watermark image is pre-processed before embedding into cover image by applying 3-level IWT is applied into it and singular matrix of LL sub-band is embedded. The watermarked image is encrypted using Arnold chaotic encryption for its integrity protection. The performance of suggested scheme is tested under various attacks like filtering (median, average, Gaussian) checkmark (histogram equalization, rotation, horizontal and vertical flipping, contrast enhancement, gamma correction) and noise (Gaussian, speckle, Salt & Pepper Noise). The proposed technique provides strong robustness against various attacks and chaotic encryption provides integrity to watermarked image.

Side Channel Attacks (SCAs), an attack that exploits the physical information generated when an encryption algorithm is executed on a device to recover the key, has become one of the key threats to the security of encrypted devices. Recently, with the development of deep learning, deep learning techniques have been applied to SCAs with good results on publicly available dataset experiences. In this paper, we propose a power traces decomposition method that divides the original power traces into two parts, where the data-influenced part is defined as data power traces (Tdata) and the other part is defined as device constant power traces, and use the Tdata for training the network model, which has more obvious advantages than using the original power traces for training the network model. To verify the effectiveness of the approach, we evaluated the ATXmega128D4 microcontroller by capturing the power traces generated when implementing AES-128. Experimental results show that network models trained using Tdata outperform network models trained using raw power traces (Traw ) in terms of classification accuracy, training time, cross-subkey recovery key, and cross-device recovery key.

Internet service providers (ISP) rely on network traffic classifiers to provide secure and reliable connectivity for their users. Encrypted traffic introduces a challenge as attacks are no longer viable using classic Deep Packet Inspection (DPI) techniques. Distinguishing encrypted from non-encrypted traffic is the first step in addressing this challenge. Several attempts have been conducted to identify encrypted traffic. In this work, we compare the detection performance of DPI, traffic pattern, and randomness tests to identify encrypted traffic in different levels of granularity. In an experimental study, we evaluate these candidates and show that a traffic pattern-based classifier outperforms others for encryption detection.

Currently in El Salvador, efforts are being made to implement the digital signature and as part of this technology, a Public Key Infrastructure (PKI) is required, which must validate Certificate Authorities (CA). For a CA, it is necessary to implement the software that allows it to manage digital certificates and perform security procedures for the execution of cryptographic operations, such as encryption, digital signatures, and non-repudiation of electronic transactions. The present work makes a proposal for a digital certificate management system according to the Digital Signature Law of El Salvador and secure cryptography standards. Additionally, a security discussion is accomplished.

A digital signature is a type of asymmetric cryptography that is used to ensure that the recipient receives the actual received message from the intended sender. Problems that often arise conventionally when requiring letter approval from the authorized official, and the letter concerned is very important and urgent, often the process of giving the signature is hampered because the official concerned is not in place. With these obstacles, the letter that should be distributed immediately becomes hampered and takes a long time in terms of signing the letter. The purpose of this study is to overcome eavesdropping and data exchange in sending data using Digital Signature as authentication of data authenticity and minimizing fake signatures on letters that are not made and authorized by relevant officials based on digital signatures stored in the database. This research implements the Rivest Shamir Adleman method. (RSA) as outlined in an application to provide authorization or online signature with Digital Signature. The results of the study The application of the Rivest Shamir Adleman (RSA) algorithm can run on applications with the Digital Signature method based on ISO 9126 testing by expert examiners, and the questionnaire distributed to users and application operators obtained good results from an average value of 79.81 based on the scale table ISO 9126 conversion, the next recommendation for encryption does not use MD5 but uses Bcrypt secure database to make it stronger.

This is the time of internet, and we are communicating our confidential data over internet in daily life. So, it is necessary to check the authenticity in communication to stop non-repudiation, of the sender. We are using the digital signature for stopping the non-repudiation. There are many versions of digital signature are available in the market. But in every algorithm, we are sending the original message and the digest message to the receiver. Hence, there is no security applied on the original message. In this paper we are proposed an algorithm which can secure the original and its integrity. In this paper we are using the RSA algorithm as the encryption and decryption algorithm, and SHA256 algorithm for making the hash.

The MANET architecture's future growth will make extensive use of encryption and encryption to keep network participants safe. Using a digital signature node id, we illustrate how we may stimulate the safe growth of subjective clusters while simultaneously addressing security and energy efficiency concerns. The dynamic topology of MANET allows nodes to join and exit at any time. A form of attack known as a black hole assault was used to accomplish this. To demonstrate that he had the shortest path with the least amount of energy consumption, an attacker in MATLAB R2012a used a digital signature ID to authenticate the node from which he wished to intercept messages (DSEP). “Digital Signature”, “MANET,” and “AODV” are all terms used to describe various types of digital signatures. Black Hole Attack, Single Black Hole Attack, Digital Signature, and DSEP are just a few of the many terms associated with MANET.