Cloud services,favored by many enterprises due to their high flexibility and easy operation,are widely used for data storage and processing.However,the high latency,together with transmission overheads of the cloud ar...Cloud services,favored by many enterprises due to their high flexibility and easy operation,are widely used for data storage and processing.However,the high latency,together with transmission overheads of the cloud architecture,makes it difficult to quickly respond to the demands of IoT applications and local computation.To make up for these deficiencies in the cloud,fog computing has emerged as a critical role in the IoT applications.It decentralizes the computing power to various lower nodes close to data sources,so as to achieve the goal of low latency and distributed processing.With the data being frequently exchanged and shared between multiple nodes,it becomes a challenge to authorize data securely and efficiently while protecting user privacy.To address this challenge,proxy re-encryption(PRE)schemes provide a feasible way allowing an intermediary proxy node to re-encrypt ciphertext designated for different authorized data requesters without compromising any plaintext information.Since the proxy is viewed as a semi-trusted party,it should be taken to prevent malicious behaviors and reduce the risk of data leakage when implementing PRE schemes.This paper proposes a new fog-assisted identity-based PRE scheme supporting anonymous key generation,equality test,and user revocation to fulfill various IoT application requirements.Specifically,in a traditional identity-based public key architecture,the key escrow problem and the necessity of a secure channel are major security concerns.We utilize an anonymous key generation technique to solve these problems.The equality test functionality further enables a cloud server to inspect whether two candidate trapdoors contain an identical keyword.In particular,the proposed scheme realizes fine-grained user-level authorization while maintaining strong key confidentiality.To revoke an invalid user identity,we add a revocation list to the system flows to restrict access privileges without increasing additional computation cost.To ensure security,it is shown that our system meets the security notion of IND-PrID-CCA and OW-ID-CCA under the Decisional Bilinear Diffie-Hellman(DBDH)assumption.展开更多
Cloud data sharing is an important issue in modern times.To maintain the privacy and confidentiality of data stored in the cloud,encryption is an inevitable process before uploading the data.However,the centralized ma...Cloud data sharing is an important issue in modern times.To maintain the privacy and confidentiality of data stored in the cloud,encryption is an inevitable process before uploading the data.However,the centralized management and transmission latency of the cloud makes it difficult to support real-time processing and distributed access structures.As a result,fog computing and the Internet of Things(IoT)have emerged as crucial applications.Fog-assisted proxy re-encryption is a commonly adopted technique for sharing cloud ciphertexts.It allows a semitrusted proxy to transforma data owner’s ciphertext into another re-encrypted ciphertext intended for a data requester,without compromising any information about the original ciphertext.Yet,the user revocation and cloud ciphertext renewal problems still lack effective and secure mechanisms.Motivated by it,we propose a revocable conditional proxy re-encryption scheme offering ciphertext evolution(R-CPRE-CE).In particular,a periodically updated time key is used to revoke the user’s access privileges while an access condition prevents a malicious proxy from reencrypting unauthorized ciphertext.We also demonstrate that our scheme is provably secure under the notion of indistinguishability against adaptively chosen identity and chosen ciphertext attacks in the random oracle model.Performance analysis shows that our scheme reduces the computation time for a complete data access cycle from an initial query to the final decryption by approximately 47.05%compared to related schemes.展开更多
With the rapid development of web3.0 applications,the volume of data sharing is increasing,the inefficiency of big data file sharing and the problem of data privacy leakage are becoming more and more prominent,and the...With the rapid development of web3.0 applications,the volume of data sharing is increasing,the inefficiency of big data file sharing and the problem of data privacy leakage are becoming more and more prominent,and the existing data sharing schemes have been difficult to meet the growing demand for data sharing,this paper aims at exploring a secure,efficient and privacy-protecting data sharing scheme under web3.0 applications.Specifically,this paper adopts interplanetary file system(IPFS)technology to realize the storage of large data files to solve the problem of blockchain storage capacity limitation,and utilizes ciphertext policy attribute-based encryption(CP-ABE)and proxy re-encryption(PRE)technology to realize secure multi-party sharing and finegrained access control of data.This paper provides the detailed algorithm design and implementation of data sharing phases and processes,and analyzes the algorithms from the perspectives of security,privacy protection,and performance.展开更多
Objectives This study aimed to clarify the relationship between the content of proxy decision-making made by families of patients with malignant brain tumors regarding treatment policies and daily care and the cues le...Objectives This study aimed to clarify the relationship between the content of proxy decision-making made by families of patients with malignant brain tumors regarding treatment policies and daily care and the cues leading to those decisions.Methods Semi-structured personal interviews were used to collect data.Seven family members of patients with malignant brain tumors were selected to participate in the study by purposive sampling method from June to August 2022 in the Patient Family Association of Japan.Responses were content analyzed to explore the relationship between the content of decisions regarding“treatment policies”and“daily care”and the cues influencing those decisions.Semi-structured interviews were analyzed by using thematic analysis.Results The contents of proxy decisions regarding“treatment policies”included implementation,interruption,and termination of initial treatments,free medical treatments,use of respirators,and end-of-life sedation and included six cues:treatment policies suggested by the primary physician,information and knowledge about the disease and treatment obtained by the family from limited resources,perceived life threat from symptom worsening,words and reactions from the patient regarding treatment,patient’s personality and way of life inferred from their treatment preferences,family’s thoughts and values hoping for better treatment for the patient.Decisions for“daily care”included meal content and methods,excretion,mobility,maintaining cleanliness,rehabilitation,continuation or resignation from work,treatment settings(outpatient or inpatient),and ways to spend time outside and included seven cues:words and thoughts from the patient about their way of life,patient’s reactions and life history inferred from their preferred way of living,things the patient can do to maintain daily life and roles,awareness of the increasing inability to do things in daily life,family’s underlying thoughts and values about how to spend the remaining time,approval from family members regarding the care setting,advice from medical professionals on living at home.Conclusions For“treatment policies,”guidelines from medical professionals were a key cue,while for“daily care,”the small signs from the patients in their daily lives served as cues for proxy decision-making.This may be due to the lack of information available to families and the limited time available for discussion with the patient.Families of patients with malignant brain tumors repeatedly use multiple cues to make proxy decision-making under high uncertainty.Therefore,nurses supporting proxy decision-making should assess the family’s situation and provide cues that facilitate informed and confident decisions.展开更多
Conditional proxy re-encryption(CPRE)is an effective cryptographic primitive language that enhances the access control mechanism and makes the delegation of decryption permissions more granular,but most of the attribu...Conditional proxy re-encryption(CPRE)is an effective cryptographic primitive language that enhances the access control mechanism and makes the delegation of decryption permissions more granular,but most of the attribute-based conditional proxy re-encryption(AB-CPRE)schemes proposed so far do not take into account the importance of user attributes.A weighted attribute-based conditional proxy re-encryption(WAB-CPRE)scheme is thus designed to provide more precise decryption rights delegation.By introducing the concept of weight attributes,the quantity of system attributes managed by the server is reduced greatly.At the same time,a weighted tree structure is constructed to simplify the expression of access structure effectively.With conditional proxy re-encryption,large amounts of data and complex computations are outsourced to cloud servers,so the data owner(DO)can revoke the user’s decryption rights directly with minimal costs.The scheme proposed achieves security against chosen plaintext attacks(CPA).Experimental simulation results demonstrated that the decryption time is within 6–9 ms,and it has a significant reduction in communication and computation cost on the user side with better functionality compared to other related schemes,which enables users to access cloud data on devices with limited resources.展开更多
Salinity is a fundamental variable of watermass chemistry,often varying strongly in coastal,estuarine,lagoonal,restricted-marine basinal,and non-freshwater lacustrine systems(Figure 1).Salinity variation commonly cont...Salinity is a fundamental variable of watermass chemistry,often varying strongly in coastal,estuarine,lagoonal,restricted-marine basinal,and non-freshwater lacustrine systems(Figure 1).Salinity variation commonly controls other watermass properties(e.g.,redox,temperature,p H,and chemical composition)as well as nutrient levels(and thus bioproductivity).展开更多
为解决篇章级多事件抽取中事件及论元角色间全局语义关联缺失、文档信息利用不足的问题,提出了基于论元关联和图神经网络的篇章级多事件抽取(document-level multi-event extraction based on argument correlation and graph neural ne...为解决篇章级多事件抽取中事件及论元角色间全局语义关联缺失、文档信息利用不足的问题,提出了基于论元关联和图神经网络的篇章级多事件抽取(document-level multi-event extraction based on argument correlation and graph neural network,DEEACG)模型。首先,使用基于变换器的双向编码器表示(bidirectional encoder representations from Transformers,BERT)模块获取实体,并引入实体共事件性预测任务,增强实体间的语义关联。接着,引入可学习的事件代理节点,构建包含实体、上下文和代理节点的异构图,通过特征线性调制图神经网络(graph neural network with feature-wise linear modulation,GNN-FiLM)与多头自注意力机制,实现多事件间的全局交互与语义融合。然后,通过多层感知机进行事件类型检测。最后,构建双投影空间建模论元关联,采用Bron-Kerbosch算法提取图中极大团作为候选论元组合,并结合多头注意力实现论元角色分类。结果表明,DEEACG模型在中文金融公告(Chinese financial announcements,ChFinAnn)数据集的多事件抽取任务中性能明显提升,与关系增强文档级事件抽取(relation-enabled document-level event extraction,ReDEE)模型相比,F1均值提升了2.1个百分点。该研究证实DEEACG模型能有效捕捉多事件间语义关联,适用于篇章级多事件抽取任务。展开更多
基金supported in part by the National Science and Technology Council of Taiwan under the contract numbers NSTC 114-2221-E-019-055-MY2 and NSTC 114-2221-E-019-069.
文摘Cloud services,favored by many enterprises due to their high flexibility and easy operation,are widely used for data storage and processing.However,the high latency,together with transmission overheads of the cloud architecture,makes it difficult to quickly respond to the demands of IoT applications and local computation.To make up for these deficiencies in the cloud,fog computing has emerged as a critical role in the IoT applications.It decentralizes the computing power to various lower nodes close to data sources,so as to achieve the goal of low latency and distributed processing.With the data being frequently exchanged and shared between multiple nodes,it becomes a challenge to authorize data securely and efficiently while protecting user privacy.To address this challenge,proxy re-encryption(PRE)schemes provide a feasible way allowing an intermediary proxy node to re-encrypt ciphertext designated for different authorized data requesters without compromising any plaintext information.Since the proxy is viewed as a semi-trusted party,it should be taken to prevent malicious behaviors and reduce the risk of data leakage when implementing PRE schemes.This paper proposes a new fog-assisted identity-based PRE scheme supporting anonymous key generation,equality test,and user revocation to fulfill various IoT application requirements.Specifically,in a traditional identity-based public key architecture,the key escrow problem and the necessity of a secure channel are major security concerns.We utilize an anonymous key generation technique to solve these problems.The equality test functionality further enables a cloud server to inspect whether two candidate trapdoors contain an identical keyword.In particular,the proposed scheme realizes fine-grained user-level authorization while maintaining strong key confidentiality.To revoke an invalid user identity,we add a revocation list to the system flows to restrict access privileges without increasing additional computation cost.To ensure security,it is shown that our system meets the security notion of IND-PrID-CCA and OW-ID-CCA under the Decisional Bilinear Diffie-Hellman(DBDH)assumption.
基金supported in part by the National Science and Technology Council of Republic of China under the contract numbers NSTC 114-2221-E-019-055-MY2NSTC 114-2221-E-019-069.
文摘Cloud data sharing is an important issue in modern times.To maintain the privacy and confidentiality of data stored in the cloud,encryption is an inevitable process before uploading the data.However,the centralized management and transmission latency of the cloud makes it difficult to support real-time processing and distributed access structures.As a result,fog computing and the Internet of Things(IoT)have emerged as crucial applications.Fog-assisted proxy re-encryption is a commonly adopted technique for sharing cloud ciphertexts.It allows a semitrusted proxy to transforma data owner’s ciphertext into another re-encrypted ciphertext intended for a data requester,without compromising any information about the original ciphertext.Yet,the user revocation and cloud ciphertext renewal problems still lack effective and secure mechanisms.Motivated by it,we propose a revocable conditional proxy re-encryption scheme offering ciphertext evolution(R-CPRE-CE).In particular,a periodically updated time key is used to revoke the user’s access privileges while an access condition prevents a malicious proxy from reencrypting unauthorized ciphertext.We also demonstrate that our scheme is provably secure under the notion of indistinguishability against adaptively chosen identity and chosen ciphertext attacks in the random oracle model.Performance analysis shows that our scheme reduces the computation time for a complete data access cycle from an initial query to the final decryption by approximately 47.05%compared to related schemes.
基金supported by the National Natural Science Foundation of China(Grant No.U24B20146)the National Key Research and Development Plan in China(Grant No.2020YFB1005500)Beijing Natural Science Foundation Project(No.M21034).
文摘With the rapid development of web3.0 applications,the volume of data sharing is increasing,the inefficiency of big data file sharing and the problem of data privacy leakage are becoming more and more prominent,and the existing data sharing schemes have been difficult to meet the growing demand for data sharing,this paper aims at exploring a secure,efficient and privacy-protecting data sharing scheme under web3.0 applications.Specifically,this paper adopts interplanetary file system(IPFS)technology to realize the storage of large data files to solve the problem of blockchain storage capacity limitation,and utilizes ciphertext policy attribute-based encryption(CP-ABE)and proxy re-encryption(PRE)technology to realize secure multi-party sharing and finegrained access control of data.This paper provides the detailed algorithm design and implementation of data sharing phases and processes,and analyzes the algorithms from the perspectives of security,privacy protection,and performance.
文摘Objectives This study aimed to clarify the relationship between the content of proxy decision-making made by families of patients with malignant brain tumors regarding treatment policies and daily care and the cues leading to those decisions.Methods Semi-structured personal interviews were used to collect data.Seven family members of patients with malignant brain tumors were selected to participate in the study by purposive sampling method from June to August 2022 in the Patient Family Association of Japan.Responses were content analyzed to explore the relationship between the content of decisions regarding“treatment policies”and“daily care”and the cues influencing those decisions.Semi-structured interviews were analyzed by using thematic analysis.Results The contents of proxy decisions regarding“treatment policies”included implementation,interruption,and termination of initial treatments,free medical treatments,use of respirators,and end-of-life sedation and included six cues:treatment policies suggested by the primary physician,information and knowledge about the disease and treatment obtained by the family from limited resources,perceived life threat from symptom worsening,words and reactions from the patient regarding treatment,patient’s personality and way of life inferred from their treatment preferences,family’s thoughts and values hoping for better treatment for the patient.Decisions for“daily care”included meal content and methods,excretion,mobility,maintaining cleanliness,rehabilitation,continuation or resignation from work,treatment settings(outpatient or inpatient),and ways to spend time outside and included seven cues:words and thoughts from the patient about their way of life,patient’s reactions and life history inferred from their preferred way of living,things the patient can do to maintain daily life and roles,awareness of the increasing inability to do things in daily life,family’s underlying thoughts and values about how to spend the remaining time,approval from family members regarding the care setting,advice from medical professionals on living at home.Conclusions For“treatment policies,”guidelines from medical professionals were a key cue,while for“daily care,”the small signs from the patients in their daily lives served as cues for proxy decision-making.This may be due to the lack of information available to families and the limited time available for discussion with the patient.Families of patients with malignant brain tumors repeatedly use multiple cues to make proxy decision-making under high uncertainty.Therefore,nurses supporting proxy decision-making should assess the family’s situation and provide cues that facilitate informed and confident decisions.
基金Programs for Science and Technology Development of Henan Province,grant number 242102210152The Fundamental Research Funds for the Universities of Henan Province,grant number NSFRF240620+1 种基金Key Scientific Research Project of Henan Higher Education Institutions,grant number 24A520015Henan Key Laboratory of Network Cryptography Technology,grant number LNCT2022-A11.
文摘Conditional proxy re-encryption(CPRE)is an effective cryptographic primitive language that enhances the access control mechanism and makes the delegation of decryption permissions more granular,but most of the attribute-based conditional proxy re-encryption(AB-CPRE)schemes proposed so far do not take into account the importance of user attributes.A weighted attribute-based conditional proxy re-encryption(WAB-CPRE)scheme is thus designed to provide more precise decryption rights delegation.By introducing the concept of weight attributes,the quantity of system attributes managed by the server is reduced greatly.At the same time,a weighted tree structure is constructed to simplify the expression of access structure effectively.With conditional proxy re-encryption,large amounts of data and complex computations are outsourced to cloud servers,so the data owner(DO)can revoke the user’s decryption rights directly with minimal costs.The scheme proposed achieves security against chosen plaintext attacks(CPA).Experimental simulation results demonstrated that the decryption time is within 6–9 ms,and it has a significant reduction in communication and computation cost on the user side with better functionality compared to other related schemes,which enables users to access cloud data on devices with limited resources.
文摘Salinity is a fundamental variable of watermass chemistry,often varying strongly in coastal,estuarine,lagoonal,restricted-marine basinal,and non-freshwater lacustrine systems(Figure 1).Salinity variation commonly controls other watermass properties(e.g.,redox,temperature,p H,and chemical composition)as well as nutrient levels(and thus bioproductivity).
文摘为解决篇章级多事件抽取中事件及论元角色间全局语义关联缺失、文档信息利用不足的问题,提出了基于论元关联和图神经网络的篇章级多事件抽取(document-level multi-event extraction based on argument correlation and graph neural network,DEEACG)模型。首先,使用基于变换器的双向编码器表示(bidirectional encoder representations from Transformers,BERT)模块获取实体,并引入实体共事件性预测任务,增强实体间的语义关联。接着,引入可学习的事件代理节点,构建包含实体、上下文和代理节点的异构图,通过特征线性调制图神经网络(graph neural network with feature-wise linear modulation,GNN-FiLM)与多头自注意力机制,实现多事件间的全局交互与语义融合。然后,通过多层感知机进行事件类型检测。最后,构建双投影空间建模论元关联,采用Bron-Kerbosch算法提取图中极大团作为候选论元组合,并结合多头注意力实现论元角色分类。结果表明,DEEACG模型在中文金融公告(Chinese financial announcements,ChFinAnn)数据集的多事件抽取任务中性能明显提升,与关系增强文档级事件抽取(relation-enabled document-level event extraction,ReDEE)模型相比,F1均值提升了2.1个百分点。该研究证实DEEACG模型能有效捕捉多事件间语义关联,适用于篇章级多事件抽取任务。
