With the rapid development of web3.0 applications,the volume of data sharing is increasing,the inefficiency of big data file sharing and the problem of data privacy leakage are becoming more and more prominent,and the...With the rapid development of web3.0 applications,the volume of data sharing is increasing,the inefficiency of big data file sharing and the problem of data privacy leakage are becoming more and more prominent,and the existing data sharing schemes have been difficult to meet the growing demand for data sharing,this paper aims at exploring a secure,efficient and privacy-protecting data sharing scheme under web3.0 applications.Specifically,this paper adopts interplanetary file system(IPFS)technology to realize the storage of large data files to solve the problem of blockchain storage capacity limitation,and utilizes ciphertext policy attribute-based encryption(CP-ABE)and proxy re-encryption(PRE)technology to realize secure multi-party sharing and finegrained access control of data.This paper provides the detailed algorithm design and implementation of data sharing phases and processes,and analyzes the algorithms from the perspectives of security,privacy protection,and performance.展开更多
The accelerated advancement of the Internet of Things(IoT)has generated substantial data,including sensitive and private information.Consequently,it is imperative to guarantee the security of data sharing.While facili...The accelerated advancement of the Internet of Things(IoT)has generated substantial data,including sensitive and private information.Consequently,it is imperative to guarantee the security of data sharing.While facilitating fine-grained access control,Ciphertext Policy Attribute-Based Encryption(CP-ABE)can effectively ensure the confidentiality of shared data.Nevertheless,the conventional centralized CP-ABE scheme is plagued by the issues of keymisuse,key escrow,and large computation,which will result in security risks.This paper suggests a lightweight IoT data security sharing scheme that integrates blockchain technology and CP-ABE to address the abovementioned issues.The integrity and traceability of shared data are guaranteed by the use of blockchain technology to store and verify access transactions.The encryption and decryption operations of the CP-ABE algorithm have been implemented using elliptic curve scalarmultiplication to accommodate lightweight IoT devices,as opposed to themore arithmetic bilinear pairing found in the traditional CP-ABE algorithm.Additionally,a portion of the computation is delegated to the edge nodes to alleviate the computational burden on users.A distributed key management method is proposed to address the issues of key escrow andmisuse.Thismethod employs the edge blockchain to facilitate the storage and distribution of attribute private keys.Meanwhile,data security sharing is enhanced by combining off-chain and on-chain ciphertext storage.The security and performance analysis indicates that the proposed scheme is more efficient and secure.展开更多
Aiming at the problems of the traditional centralized data sharing platform,such as poor data privacy protection ability,insufficient scalability of the system and poor interaction ability,this paper proposes a distri...Aiming at the problems of the traditional centralized data sharing platform,such as poor data privacy protection ability,insufficient scalability of the system and poor interaction ability,this paper proposes a distributed data sharing system architecture based on the Internet of Things and blockchain technology.In this system,the distributed consensus mechanism of blockchain and the distributed storage technology are employed to manage the access and storage of Internet of Things data in a secure manner.Up to the physical topology of the network,a hierarchical blockchain network architecture is proposed for local network data storage and global network data sharing,which reduces networking complexity and improves the scalability of the system.In addition,smart contract and distributed machine learning are adopted to design automatic processing functions for different types of data(public or private)and supervise the data sharing process,improving both the security and interactive ability of the system.展开更多
The explosive development of mobile communications and networking has led to the creation of an extremely complex system,which is difficult to manage.Hence,we propose an AI-powered network framework that uses AI techn...The explosive development of mobile communications and networking has led to the creation of an extremely complex system,which is difficult to manage.Hence,we propose an AI-powered network framework that uses AI technologies to operate the network automatically.However,due to the separation between different mobile network operators,data barriers between diverse operators become bottlenecks to exploit the full power of AI.In this paper,we establish a mutual trust data sharing framework to break these data barriers.The framework is based on the distributed and temper-proof attributes of blockchain.We implement a prototype based on Hyperledger Fabric.The proposed system combines supervision and fine-grained data access control based on smart contracts,which provides a secure and trustless environment for data sharing.We further compare our system with existing data sharing schemes,and we find that our system provides a better functionality.展开更多
To address the private data management problems and realize privacy-preserving data sharing,a blockchain-based transaction system named Ecare featuring information transparency,fairness and scalability is proposed.The...To address the private data management problems and realize privacy-preserving data sharing,a blockchain-based transaction system named Ecare featuring information transparency,fairness and scalability is proposed.The proposed system formulates multiple private data access control strategies,and realizes data trading and sharing through on-chain transactions,which makes transaction records transparent and immutable.In our system,the private data are encrypted,and the role-based account model ensures that access to the data requires owner’s authorization.Moreover,a new consensus protocol named Proof of Transactions(PoT)proposed by ourselves has been used to improve consensus efficiency.The value of Ecare is not only that it aggregates telemedicine,data transactions,and other features,but also that it translates these actions into transaction events stored in the blockchain,making them transparent and immutable to all participants.The proposed system can be extended to more general big data privacy protection and data transaction scenarios.展开更多
【Objective】Medical imaging data has great value,but it contains a significant amount of sensitive information about patients.At present,laws and regulations regarding to the de-identification of medical imaging data...【Objective】Medical imaging data has great value,but it contains a significant amount of sensitive information about patients.At present,laws and regulations regarding to the de-identification of medical imaging data are not clearly defined around the world.This study aims to develop a tool that meets compliance-driven desensitization requirements tailored to diverse research needs.【Methods】To enhance the security of medical image data,we designed and implemented a DICOM format medical image de-identification system on the Windows operating system.【Results】Our custom de-identification system is adaptable to the legal standards of different countries and can accommodate specific research demands.The system offers both web-based online and desktop offline de-identification capabilities,enabling customization of de-identification rules and facilitating batch processing to improve efficiency.【Conclusions】This medical image de-identification system robustly strengthens the stewardship of sensitive medical data,aligning with data security protection requirements while facilitating the sharing and utilization of medical image data.This approach unlocks the intrinsic value inherent in such datasets.展开更多
With the rapid development of medical data sharing,issues of privacy and ownership have become prominent,which have limited the scale of data sharing.To address the above challenges,we propose a blockchainbased data-s...With the rapid development of medical data sharing,issues of privacy and ownership have become prominent,which have limited the scale of data sharing.To address the above challenges,we propose a blockchainbased data-sharing framework to ensure data security and encourage data owners to actively participate in sharing.We introduce a reliable attribute-based searchable encryption scheme that enables fine-grained access control of encrypted data and ensures secure and efficient data sharing.The revenue distribution model is constructed based on Shapley value to motivate participants.Additionally,by integrating the smart contract technology of blockchain,the search operation and incentive mechanism are automatically executed.Through revenue distribution analysis,the incentive effect and rationality of the proposed scheme are verified.Performance evaluation shows that,compared with traditional data-sharing models,our proposed framework not only meets data security requirements but also incentivizes more participants to actively participate in data sharing.展开更多
The advent of the digital age has consistently provided impetus for facilitating global trade,as evidenced by the numerous customs clearance documents and participants involved in the international trade process,inclu...The advent of the digital age has consistently provided impetus for facilitating global trade,as evidenced by the numerous customs clearance documents and participants involved in the international trade process,including enterprises,agents,and government departments.However,the urgent issue that requires immediate attention is how to achieve secure and efficient cross-border data sharing among these government departments and enterprises in complex trade processes.In addressing this need,this paper proposes a data exchange architecture employing Multi-Authority Attribute-Based Encryption(MA-ABE)in combination with blockchain technology.This scheme supports proxy decryption,attribute revocation,and policy update,while allowing each participating entity to manage their keys autonomously,ensuring system security and enhancing trust among participants.In order to enhance system decentralization,a mechanism has been designed in the architecture where multiple institutions interact with smart contracts and jointly participate in the generation of public parameters.Integration with the multi-party process execution engine Caterpillar has been shown to boost the transparency of cross-border information flow and cooperation between different organizations.The scheme ensures the auditability of data access control information and the visualization of on-chain data sharing.The MA-ABE scheme is statically secure under the q-Decisional Parallel Bilinear Diffie-Hellman Exponent(q-DPBDHE2)assumption in the random oracle model,and can resist ciphertext rollback attacks to achieve true backward and forward security.Theoretical analysis and experimental results demonstrate the appropriateness of the scheme for cross-border data collaboration between different institutions.展开更多
Numerous industries,especially the medical industry,are likely to exhibit significant developments in the future.Ever since the announcement of the precision medicine initiative by the United States in 2015,interest i...Numerous industries,especially the medical industry,are likely to exhibit significant developments in the future.Ever since the announcement of the precision medicine initiative by the United States in 2015,interest in the field has considerably increased.The techniques of precision medicine are employed to provide optimal treatment and medical services to patients,in addition to the prevention and management of diseases via the collection and analysis of big data related to their individual genetic characteristics,occupation,living environment,and dietary habits.As this involves the accumulation and utilization of sensitive information,such as patient history,DNA,and personal details,its implementation is difficult if the data are inaccurate,exposed,or forged,and there is also a concern for privacy,as massive amount of data are collected;hence,ensuring the security of information is essential.Therefore,it is necessary to develop methods of securely sharing sensitive data for the establishment of a precision medicine system.An authentication and data sharing scheme is presented in this study on the basis of an analysis of sensitive data.The proposed scheme securely shares sensitive data of each entity in the precision medicine system according to its architecture and data flow.展开更多
With the advancements in the era of artificial intelligence,blockchain,cloud computing,and big data,there is a need for secure,decentralized medical record storage and retrieval systems.While cloud storage solves stor...With the advancements in the era of artificial intelligence,blockchain,cloud computing,and big data,there is a need for secure,decentralized medical record storage and retrieval systems.While cloud storage solves storage issues,it is challenging to realize secure sharing of records over the network.Medi-block record in the healthcare system has brought a new digitalization method for patients’medical records.This centralized technology provides a symmetrical process between the hospital and doctors when patients urgently need to go to a different or nearby hospital.It enables electronic medical records to be available with the correct authentication and restricts access to medical data retrieval.Medi-block record is the consumer-centered healthcare data system that brings reliable and transparent datasets for the medical record.This study presents an extensive review of proposed solutions aiming to protect the privacy and integrity of medical data by securing data sharing for Medi-block records.It also aims to propose a comprehensive investigation of the recent advances in different methods of securing data sharing,such as using Blockchain technology,Access Control,Privacy-Preserving,Proxy Re-Encryption,and Service-On-Chain approach.Finally,we highlight the open issues and identify the challenges regarding secure data sharing for Medi-block records in the healthcare systems.展开更多
Remote data monitoring system which adopts virtual instrument usually applies data sharing, acquisition and remote transmission technology via internet. It is able to finish concurrent data acquisition and processing ...Remote data monitoring system which adopts virtual instrument usually applies data sharing, acquisition and remote transmission technology via internet. It is able to finish concurrent data acquisition and processing for multi-user and multi-task and also build a personalized virtual testing environment for more people but with fewer instruments. In this paper, we' 11 elaborate on the design and implementation of information sharing platform through a typical example of how to build multi-user concurrent virtual testing environment based on the virtnal software LabVIEW.展开更多
The fast proliferation of edge devices for the Internet of Things(IoT)has led to massive volumes of data explosion.The generated data is collected and shared using edge-based IoT structures at a considerably high freq...The fast proliferation of edge devices for the Internet of Things(IoT)has led to massive volumes of data explosion.The generated data is collected and shared using edge-based IoT structures at a considerably high frequency.Thus,the data-sharing privacy exposure issue is increasingly intimidating when IoT devices make malicious requests for filching sensitive information from a cloud storage system through edge nodes.To address the identified issue,we present evolutionary privacy preservation learning strategies for an edge computing-based IoT data sharing scheme.In particular,we introduce evolutionary game theory and construct a payoff matrix to symbolize intercommunication between IoT devices and edge nodes,where IoT devices and edge nodes are two parties of the game.IoT devices may make malicious requests to achieve their goals of stealing privacy.Accordingly,edge nodes should deny malicious IoT device requests to prevent IoT data from being disclosed.They dynamically adjust their own strategies according to the opponent's strategy and finally maximize the payoffs.Built upon a developed application framework to illustrate the concrete data sharing architecture,a novel algorithm is proposed that can derive the optimal evolutionary learning strategy.Furthermore,we numerically simulate evolutionarily stable strategies,and the final results experimentally verify the correctness of the IoT data sharing privacy preservation scheme.Therefore,the proposed model can effectively defeat malicious invasion and protect sensitive information from leaking when IoT data is shared.展开更多
Data sharing technology in Internet of Vehicles(Io V)has attracted great research interest with the goal of realizing intelligent transportation and traffic management.Meanwhile,the main concerns have been raised abou...Data sharing technology in Internet of Vehicles(Io V)has attracted great research interest with the goal of realizing intelligent transportation and traffic management.Meanwhile,the main concerns have been raised about the security and privacy of vehicle data.The mobility and real-time characteristics of vehicle data make data sharing more difficult in Io V.The emergence of blockchain and federated learning brings new directions.In this paper,a data-sharing model that combines blockchain and federated learning is proposed to solve the security and privacy problems of data sharing in Io V.First,we use federated learning to share data instead of exposing actual data and propose an adaptive differential privacy scheme to further balance the privacy and availability of data.Then,we integrate the verification scheme into the consensus process,so that the consensus computation can filter out low-quality models.Experimental data shows that our data-sharing model can better balance the relationship between data availability and privacy,and also has enhanced security.展开更多
In the digital era,electronic medical record(EMR)has been a major way for hospitals to store patients’medical data.The traditional centralized medical system and semi-trusted cloud storage are difficult to achieve dy...In the digital era,electronic medical record(EMR)has been a major way for hospitals to store patients’medical data.The traditional centralized medical system and semi-trusted cloud storage are difficult to achieve dynamic balance between privacy protection and data sharing.The storage capacity of blockchain is limited and single blockchain schemes have poor scalability and low throughput.To address these issues,we propose a secure and efficient medical data storage and sharing scheme based on double blockchain.In our scheme,we encrypt the original EMR and store it in the cloud.The storage blockchain stores the index of the complete EMR,and the shared blockchain stores the index of the shared part of the EMR.Users with different attributes can make requests to different blockchains to share different parts according to their own permissions.Through experiments,it was found that cloud storage combined with blockchain not only solved the problem of limited storage capacity of blockchain,but also greatly reduced the risk of leakage of the original EMR.Content Extraction Signature(CES)combined with the double blockchain technology realized the separation of the privacy part and the shared part of the original EMR.The symmetric encryption technology combined with Ciphertext-Policy Attribute-Based Encryption(CP–ABE)not only ensures the safe storage of data in the cloud,but also achieves the consistency and convenience of data update,avoiding redundant backup of data.Safety analysis and performance analysis verified the feasibility and effectiveness of our scheme.展开更多
With the development of the Internet of Things(IoT),the massive data sharing between IoT devices improves the Quality of Service(QoS)and user experience in various IoT applications.However,data sharing may cause serio...With the development of the Internet of Things(IoT),the massive data sharing between IoT devices improves the Quality of Service(QoS)and user experience in various IoT applications.However,data sharing may cause serious privacy leakages to data providers.To address this problem,in this study,data sharing is realized through model sharing,based on which a secure data sharing mechanism,called BP2P-FL,is proposed using peer-to-peer federated learning with the privacy protection of data providers.In addition,by introducing the blockchain to the data sharing,every training process is recorded to ensure that data providers offer high-quality data.For further privacy protection,the differential privacy technology is used to disturb the global data sharing model.The experimental results show that BP2P-FL has high accuracy and feasibility in the data sharing of various IoT applications.展开更多
The traditional centralized data sharing systems have potential risks such as single point of failures and excessive working load on the central node.As a distributed and collaborative alternative,approaches based upo...The traditional centralized data sharing systems have potential risks such as single point of failures and excessive working load on the central node.As a distributed and collaborative alternative,approaches based upon blockchain have been explored recently for Internet of Things(IoTs).However,the access from a legitimate user may be denied without the pre-defined policy and data update on the blockchain could be costly to the owners.In this paper,we first address these issues by incorporating the Accountable Subgroup Multi-Signature(ASM)algorithm into the Attribute-based Access Control(ABAC)method with Policy Smart Contract,to provide a finegrained and flexible solution.Next,we propose a policy-based Chameleon Hash algorithm that allows the data to be updated in a reliable and convenient way by the authorized users.Finally,we evaluate our work by comparing its performance with the benchmarks.The results demonstrate significant improvement on the effectiveness and efficiency.展开更多
Despite that existing data sharing systems in online social networks(OSNs)propose to encrypt data before sharing,the multiparty access control of encrypted data has become a challenging issue.In this paper,we propose ...Despite that existing data sharing systems in online social networks(OSNs)propose to encrypt data before sharing,the multiparty access control of encrypted data has become a challenging issue.In this paper,we propose a secure data sharing scheme in 0SNs based on ciphertext-policy attribute-based proxy re-encryption and secret sharing.In order to protect users'sensitive data,our scheme allows users to customize access policies of their data and then outsource encrypted data to the OSNs service provider.Our scheme presents a multiparty access control model,which enables the disseminator to update the access policy of ciphertext if their attributes satisfy the existing access policy.Further,we present a partial decryption construction in which the computation overhead of user is largely reduced by delegating most of the decryption operations to the OSNs service provider.We also provide checkability on the results returned from the OSNs service provider to guarantee the correctness of partial decrypted ciphertext.Moreover,our scheme presents an efficient attribute revocation method that achieves both forward and backward secrecy.The security and performance analysis results indicate that the proposed scheme is secure and efficient in OSNs.展开更多
In this paper,we propose a novel fuzzy matching data sharing scheme named FADS for cloudedge communications.FADS allows users to specify their access policies,and enables receivers to obtain the data transmitted by th...In this paper,we propose a novel fuzzy matching data sharing scheme named FADS for cloudedge communications.FADS allows users to specify their access policies,and enables receivers to obtain the data transmitted by the senders if and only if the two sides meet their defined certain policies simultaneously.Specifically,we first formalize the definition and security models of fuzzy matching data sharing in cloud-edge environments.Then,we construct a concrete instantiation by pairing-based cryptosystem and the privacy-preserving set intersection on attribute sets from both sides to construct a concurrent matching over the policies.If the matching succeeds,the data can be decrypted.Otherwise,nothing will be revealed.In addition,FADS allows users to dynamically specify the policy for each time,which is an urgent demand in practice.A thorough security analysis demonstrates that FADS is of provable security under indistinguishable chosen ciphertext attack(IND-CCA)in random oracle model against probabilistic polynomial-time(PPT)adversary,and the desirable security properties of privacy and authenticity are achieved.Extensive experiments provide evidence that FADS is with acceptable efficiency.展开更多
In current cloud computing system, large amounts of sensitive data are shared to other cloud users. To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencry...In current cloud computing system, large amounts of sensitive data are shared to other cloud users. To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencryption (PRE) as the cloud data encryption technique. In a PRE system, a semi-trusted proxy can transform a ciphertext under one public key into a ciphertext of the same message under another public key, but the proxy cannot gain any information about the message. In this paper, we propose a certificateless PRE (CL-PRE) scheme without pairings. The security of the proposed scheme can be proved to be equivalent to the computational Dire- Hellman (CDH) problem in the random oracle model. Compared with other existing CL-PRE schemes, our scheme requires less computation cost and is significantly more efficient. The new scheme does not need the public key certificates to guarantee validity of public keys and solves the key escrow problem in identity-based public key cryptography.展开更多
For the goals of security and privacy preservation,we propose a blind batch encryption-and public ledger-based data sharing protocol that allows the integrity of sensitive data to be audited by a public ledger and all...For the goals of security and privacy preservation,we propose a blind batch encryption-and public ledger-based data sharing protocol that allows the integrity of sensitive data to be audited by a public ledger and allows privacy information to be preserved.Data owners can tightly manage their data with efficient revocation and only grant one-time adaptive access for the fulfillment of the requester.We prove that our protocol is semanticallly secure,blind,and secure against oblivious requesters and malicious file keepers.We also provide security analysis in the context of four typical attacks.展开更多
基金supported by the National Natural Science Foundation of China(Grant No.U24B20146)the National Key Research and Development Plan in China(Grant No.2020YFB1005500)Beijing Natural Science Foundation Project(No.M21034).
文摘With the rapid development of web3.0 applications,the volume of data sharing is increasing,the inefficiency of big data file sharing and the problem of data privacy leakage are becoming more and more prominent,and the existing data sharing schemes have been difficult to meet the growing demand for data sharing,this paper aims at exploring a secure,efficient and privacy-protecting data sharing scheme under web3.0 applications.Specifically,this paper adopts interplanetary file system(IPFS)technology to realize the storage of large data files to solve the problem of blockchain storage capacity limitation,and utilizes ciphertext policy attribute-based encryption(CP-ABE)and proxy re-encryption(PRE)technology to realize secure multi-party sharing and finegrained access control of data.This paper provides the detailed algorithm design and implementation of data sharing phases and processes,and analyzes the algorithms from the perspectives of security,privacy protection,and performance.
文摘The accelerated advancement of the Internet of Things(IoT)has generated substantial data,including sensitive and private information.Consequently,it is imperative to guarantee the security of data sharing.While facilitating fine-grained access control,Ciphertext Policy Attribute-Based Encryption(CP-ABE)can effectively ensure the confidentiality of shared data.Nevertheless,the conventional centralized CP-ABE scheme is plagued by the issues of keymisuse,key escrow,and large computation,which will result in security risks.This paper suggests a lightweight IoT data security sharing scheme that integrates blockchain technology and CP-ABE to address the abovementioned issues.The integrity and traceability of shared data are guaranteed by the use of blockchain technology to store and verify access transactions.The encryption and decryption operations of the CP-ABE algorithm have been implemented using elliptic curve scalarmultiplication to accommodate lightweight IoT devices,as opposed to themore arithmetic bilinear pairing found in the traditional CP-ABE algorithm.Additionally,a portion of the computation is delegated to the edge nodes to alleviate the computational burden on users.A distributed key management method is proposed to address the issues of key escrow andmisuse.Thismethod employs the edge blockchain to facilitate the storage and distribution of attribute private keys.Meanwhile,data security sharing is enhanced by combining off-chain and on-chain ciphertext storage.The security and performance analysis indicates that the proposed scheme is more efficient and secure.
基金the National Natural Science Foundation of China(61901011)the Foundation for University Key Teachers from the Ministry of Education of China(201806545031)+1 种基金the Foundation of Beijing Municipal Commission of Education(KM202010005017)the Project of Enterprise and Business Cooperation(KLAGIO2019100006124)。
文摘Aiming at the problems of the traditional centralized data sharing platform,such as poor data privacy protection ability,insufficient scalability of the system and poor interaction ability,this paper proposes a distributed data sharing system architecture based on the Internet of Things and blockchain technology.In this system,the distributed consensus mechanism of blockchain and the distributed storage technology are employed to manage the access and storage of Internet of Things data in a secure manner.Up to the physical topology of the network,a hierarchical blockchain network architecture is proposed for local network data storage and global network data sharing,which reduces networking complexity and improves the scalability of the system.In addition,smart contract and distributed machine learning are adopted to design automatic processing functions for different types of data(public or private)and supervise the data sharing process,improving both the security and interactive ability of the system.
文摘The explosive development of mobile communications and networking has led to the creation of an extremely complex system,which is difficult to manage.Hence,we propose an AI-powered network framework that uses AI technologies to operate the network automatically.However,due to the separation between different mobile network operators,data barriers between diverse operators become bottlenecks to exploit the full power of AI.In this paper,we establish a mutual trust data sharing framework to break these data barriers.The framework is based on the distributed and temper-proof attributes of blockchain.We implement a prototype based on Hyperledger Fabric.The proposed system combines supervision and fine-grained data access control based on smart contracts,which provides a secure and trustless environment for data sharing.We further compare our system with existing data sharing schemes,and we find that our system provides a better functionality.
基金This work was supported by the National Key R&D Program of China(No.2018YFB1700100)the National Natural Science Foundation of China(No.61873317)。
文摘To address the private data management problems and realize privacy-preserving data sharing,a blockchain-based transaction system named Ecare featuring information transparency,fairness and scalability is proposed.The proposed system formulates multiple private data access control strategies,and realizes data trading and sharing through on-chain transactions,which makes transaction records transparent and immutable.In our system,the private data are encrypted,and the role-based account model ensures that access to the data requires owner’s authorization.Moreover,a new consensus protocol named Proof of Transactions(PoT)proposed by ourselves has been used to improve consensus efficiency.The value of Ecare is not only that it aggregates telemedicine,data transactions,and other features,but also that it translates these actions into transaction events stored in the blockchain,making them transparent and immutable to all participants.The proposed system can be extended to more general big data privacy protection and data transaction scenarios.
基金CAMS Innovation Fund for Medical Sciences(CIFMS):“Construction of an Intelligent Management and Efficient Utilization Technology System for Big Data in Population Health Science.”(2021-I2M-1-057)Key Projects of the Innovation Fund of the National Clinical Research Center for Orthopedics and Sports Rehabilitation:“National Orthopedics and Sports Rehabilitation Real-World Research Platform System Construction”(23-NCRC-CXJJ-ZD4)。
文摘【Objective】Medical imaging data has great value,but it contains a significant amount of sensitive information about patients.At present,laws and regulations regarding to the de-identification of medical imaging data are not clearly defined around the world.This study aims to develop a tool that meets compliance-driven desensitization requirements tailored to diverse research needs.【Methods】To enhance the security of medical image data,we designed and implemented a DICOM format medical image de-identification system on the Windows operating system.【Results】Our custom de-identification system is adaptable to the legal standards of different countries and can accommodate specific research demands.The system offers both web-based online and desktop offline de-identification capabilities,enabling customization of de-identification rules and facilitating batch processing to improve efficiency.【Conclusions】This medical image de-identification system robustly strengthens the stewardship of sensitive medical data,aligning with data security protection requirements while facilitating the sharing and utilization of medical image data.This approach unlocks the intrinsic value inherent in such datasets.
基金supported by the Natural Science Foundation of Hebei Province of China(F2021201052).
文摘With the rapid development of medical data sharing,issues of privacy and ownership have become prominent,which have limited the scale of data sharing.To address the above challenges,we propose a blockchainbased data-sharing framework to ensure data security and encourage data owners to actively participate in sharing.We introduce a reliable attribute-based searchable encryption scheme that enables fine-grained access control of encrypted data and ensures secure and efficient data sharing.The revenue distribution model is constructed based on Shapley value to motivate participants.Additionally,by integrating the smart contract technology of blockchain,the search operation and incentive mechanism are automatically executed.Through revenue distribution analysis,the incentive effect and rationality of the proposed scheme are verified.Performance evaluation shows that,compared with traditional data-sharing models,our proposed framework not only meets data security requirements but also incentivizes more participants to actively participate in data sharing.
基金supported by Hainan Provincial Natural Science Foundation of China Nos.622RC617,624RC485Open Foundation of State Key Laboratory of Networking and Switching Technology(Beijing University of Posts and Telecommunications)(SKLNST-2023-1-07).
文摘The advent of the digital age has consistently provided impetus for facilitating global trade,as evidenced by the numerous customs clearance documents and participants involved in the international trade process,including enterprises,agents,and government departments.However,the urgent issue that requires immediate attention is how to achieve secure and efficient cross-border data sharing among these government departments and enterprises in complex trade processes.In addressing this need,this paper proposes a data exchange architecture employing Multi-Authority Attribute-Based Encryption(MA-ABE)in combination with blockchain technology.This scheme supports proxy decryption,attribute revocation,and policy update,while allowing each participating entity to manage their keys autonomously,ensuring system security and enhancing trust among participants.In order to enhance system decentralization,a mechanism has been designed in the architecture where multiple institutions interact with smart contracts and jointly participate in the generation of public parameters.Integration with the multi-party process execution engine Caterpillar has been shown to boost the transparency of cross-border information flow and cooperation between different organizations.The scheme ensures the auditability of data access control information and the visualization of on-chain data sharing.The MA-ABE scheme is statically secure under the q-Decisional Parallel Bilinear Diffie-Hellman Exponent(q-DPBDHE2)assumption in the random oracle model,and can resist ciphertext rollback attacks to achieve true backward and forward security.Theoretical analysis and experimental results demonstrate the appropriateness of the scheme for cross-border data collaboration between different institutions.
文摘Numerous industries,especially the medical industry,are likely to exhibit significant developments in the future.Ever since the announcement of the precision medicine initiative by the United States in 2015,interest in the field has considerably increased.The techniques of precision medicine are employed to provide optimal treatment and medical services to patients,in addition to the prevention and management of diseases via the collection and analysis of big data related to their individual genetic characteristics,occupation,living environment,and dietary habits.As this involves the accumulation and utilization of sensitive information,such as patient history,DNA,and personal details,its implementation is difficult if the data are inaccurate,exposed,or forged,and there is also a concern for privacy,as massive amount of data are collected;hence,ensuring the security of information is essential.Therefore,it is necessary to develop methods of securely sharing sensitive data for the establishment of a precision medicine system.An authentication and data sharing scheme is presented in this study on the basis of an analysis of sensitive data.The proposed scheme securely shares sensitive data of each entity in the precision medicine system according to its architecture and data flow.
文摘With the advancements in the era of artificial intelligence,blockchain,cloud computing,and big data,there is a need for secure,decentralized medical record storage and retrieval systems.While cloud storage solves storage issues,it is challenging to realize secure sharing of records over the network.Medi-block record in the healthcare system has brought a new digitalization method for patients’medical records.This centralized technology provides a symmetrical process between the hospital and doctors when patients urgently need to go to a different or nearby hospital.It enables electronic medical records to be available with the correct authentication and restricts access to medical data retrieval.Medi-block record is the consumer-centered healthcare data system that brings reliable and transparent datasets for the medical record.This study presents an extensive review of proposed solutions aiming to protect the privacy and integrity of medical data by securing data sharing for Medi-block records.It also aims to propose a comprehensive investigation of the recent advances in different methods of securing data sharing,such as using Blockchain technology,Access Control,Privacy-Preserving,Proxy Re-Encryption,and Service-On-Chain approach.Finally,we highlight the open issues and identify the challenges regarding secure data sharing for Medi-block records in the healthcare systems.
文摘Remote data monitoring system which adopts virtual instrument usually applies data sharing, acquisition and remote transmission technology via internet. It is able to finish concurrent data acquisition and processing for multi-user and multi-task and also build a personalized virtual testing environment for more people but with fewer instruments. In this paper, we' 11 elaborate on the design and implementation of information sharing platform through a typical example of how to build multi-user concurrent virtual testing environment based on the virtnal software LabVIEW.
基金supported in part by Zhejiang Provincial Natural Science Foundation of China under Grant nos.LZ22F020002 and LY22F020003National Natural Science Foundation of China under Grant nos.61772018 and 62002226the key project of Humanities and Social Sciences in Colleges and Universities of Zhejiang Province under Grant no.2021GH017.
文摘The fast proliferation of edge devices for the Internet of Things(IoT)has led to massive volumes of data explosion.The generated data is collected and shared using edge-based IoT structures at a considerably high frequency.Thus,the data-sharing privacy exposure issue is increasingly intimidating when IoT devices make malicious requests for filching sensitive information from a cloud storage system through edge nodes.To address the identified issue,we present evolutionary privacy preservation learning strategies for an edge computing-based IoT data sharing scheme.In particular,we introduce evolutionary game theory and construct a payoff matrix to symbolize intercommunication between IoT devices and edge nodes,where IoT devices and edge nodes are two parties of the game.IoT devices may make malicious requests to achieve their goals of stealing privacy.Accordingly,edge nodes should deny malicious IoT device requests to prevent IoT data from being disclosed.They dynamically adjust their own strategies according to the opponent's strategy and finally maximize the payoffs.Built upon a developed application framework to illustrate the concrete data sharing architecture,a novel algorithm is proposed that can derive the optimal evolutionary learning strategy.Furthermore,we numerically simulate evolutionarily stable strategies,and the final results experimentally verify the correctness of the IoT data sharing privacy preservation scheme.Therefore,the proposed model can effectively defeat malicious invasion and protect sensitive information from leaking when IoT data is shared.
基金supported by the Ministry of Education Industry-University Cooperation Collaborative Education Projects of China under Grant 202102119036 and 202102082013。
文摘Data sharing technology in Internet of Vehicles(Io V)has attracted great research interest with the goal of realizing intelligent transportation and traffic management.Meanwhile,the main concerns have been raised about the security and privacy of vehicle data.The mobility and real-time characteristics of vehicle data make data sharing more difficult in Io V.The emergence of blockchain and federated learning brings new directions.In this paper,a data-sharing model that combines blockchain and federated learning is proposed to solve the security and privacy problems of data sharing in Io V.First,we use federated learning to share data instead of exposing actual data and propose an adaptive differential privacy scheme to further balance the privacy and availability of data.Then,we integrate the verification scheme into the consensus process,so that the consensus computation can filter out low-quality models.Experimental data shows that our data-sharing model can better balance the relationship between data availability and privacy,and also has enhanced security.
基金the Natural Science Foundation of Heilongjiang Province of China under Grant No.LC2016024Natural Science Foundation of the Jiangsu Higher Education Institutions Grant No.17KJB520044Six Talent Peaks Project in Jiangsu Province No.XYDXX–108.
文摘In the digital era,electronic medical record(EMR)has been a major way for hospitals to store patients’medical data.The traditional centralized medical system and semi-trusted cloud storage are difficult to achieve dynamic balance between privacy protection and data sharing.The storage capacity of blockchain is limited and single blockchain schemes have poor scalability and low throughput.To address these issues,we propose a secure and efficient medical data storage and sharing scheme based on double blockchain.In our scheme,we encrypt the original EMR and store it in the cloud.The storage blockchain stores the index of the complete EMR,and the shared blockchain stores the index of the shared part of the EMR.Users with different attributes can make requests to different blockchains to share different parts according to their own permissions.Through experiments,it was found that cloud storage combined with blockchain not only solved the problem of limited storage capacity of blockchain,but also greatly reduced the risk of leakage of the original EMR.Content Extraction Signature(CES)combined with the double blockchain technology realized the separation of the privacy part and the shared part of the original EMR.The symmetric encryption technology combined with Ciphertext-Policy Attribute-Based Encryption(CP–ABE)not only ensures the safe storage of data in the cloud,but also achieves the consistency and convenience of data update,avoiding redundant backup of data.Safety analysis and performance analysis verified the feasibility and effectiveness of our scheme.
基金This work is supported by National Natural Science Foundation of China under Grant No.U1905211 and 61702103Natural Science Foundation of Fujian Province under Grant No.2020J01167 and 2020J01169.
文摘With the development of the Internet of Things(IoT),the massive data sharing between IoT devices improves the Quality of Service(QoS)and user experience in various IoT applications.However,data sharing may cause serious privacy leakages to data providers.To address this problem,in this study,data sharing is realized through model sharing,based on which a secure data sharing mechanism,called BP2P-FL,is proposed using peer-to-peer federated learning with the privacy protection of data providers.In addition,by introducing the blockchain to the data sharing,every training process is recorded to ensure that data providers offer high-quality data.For further privacy protection,the differential privacy technology is used to disturb the global data sharing model.The experimental results show that BP2P-FL has high accuracy and feasibility in the data sharing of various IoT applications.
基金supported by the National Natural Science Foundation of China under Grant 61972148。
文摘The traditional centralized data sharing systems have potential risks such as single point of failures and excessive working load on the central node.As a distributed and collaborative alternative,approaches based upon blockchain have been explored recently for Internet of Things(IoTs).However,the access from a legitimate user may be denied without the pre-defined policy and data update on the blockchain could be costly to the owners.In this paper,we first address these issues by incorporating the Accountable Subgroup Multi-Signature(ASM)algorithm into the Attribute-based Access Control(ABAC)method with Policy Smart Contract,to provide a finegrained and flexible solution.Next,we propose a policy-based Chameleon Hash algorithm that allows the data to be updated in a reliable and convenient way by the authorized users.Finally,we evaluate our work by comparing its performance with the benchmarks.The results demonstrate significant improvement on the effectiveness and efficiency.
基金supported by the National Natural Science Foundation of China under Grant No.61272519the Specialized Research Fund for the Doctoral Program of Higher Education under Grant No.20120005110017the National Key Technology R&D Program under Grant No.2012BAH06B02
文摘Despite that existing data sharing systems in online social networks(OSNs)propose to encrypt data before sharing,the multiparty access control of encrypted data has become a challenging issue.In this paper,we propose a secure data sharing scheme in 0SNs based on ciphertext-policy attribute-based proxy re-encryption and secret sharing.In order to protect users'sensitive data,our scheme allows users to customize access policies of their data and then outsource encrypted data to the OSNs service provider.Our scheme presents a multiparty access control model,which enables the disseminator to update the access policy of ciphertext if their attributes satisfy the existing access policy.Further,we present a partial decryption construction in which the computation overhead of user is largely reduced by delegating most of the decryption operations to the OSNs service provider.We also provide checkability on the results returned from the OSNs service provider to guarantee the correctness of partial decrypted ciphertext.Moreover,our scheme presents an efficient attribute revocation method that achieves both forward and backward secrecy.The security and performance analysis results indicate that the proposed scheme is secure and efficient in OSNs.
基金supported by the China Postdoctoral Science Foundation (Grant Nos. 2021TQ0042, 2021M700435, 2021TQ0041)the National Natural Science Foundation of China (Grant No. 62102027)the Shandong Provincial Key Research and Development Program (2021CXGC010106)
文摘In this paper,we propose a novel fuzzy matching data sharing scheme named FADS for cloudedge communications.FADS allows users to specify their access policies,and enables receivers to obtain the data transmitted by the senders if and only if the two sides meet their defined certain policies simultaneously.Specifically,we first formalize the definition and security models of fuzzy matching data sharing in cloud-edge environments.Then,we construct a concrete instantiation by pairing-based cryptosystem and the privacy-preserving set intersection on attribute sets from both sides to construct a concurrent matching over the policies.If the matching succeeds,the data can be decrypted.Otherwise,nothing will be revealed.In addition,FADS allows users to dynamically specify the policy for each time,which is an urgent demand in practice.A thorough security analysis demonstrates that FADS is of provable security under indistinguishable chosen ciphertext attack(IND-CCA)in random oracle model against probabilistic polynomial-time(PPT)adversary,and the desirable security properties of privacy and authenticity are achieved.Extensive experiments provide evidence that FADS is with acceptable efficiency.
基金the National Natural Science Foundation of China(No.61133014)
文摘In current cloud computing system, large amounts of sensitive data are shared to other cloud users. To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencryption (PRE) as the cloud data encryption technique. In a PRE system, a semi-trusted proxy can transform a ciphertext under one public key into a ciphertext of the same message under another public key, but the proxy cannot gain any information about the message. In this paper, we propose a certificateless PRE (CL-PRE) scheme without pairings. The security of the proposed scheme can be proved to be equivalent to the computational Dire- Hellman (CDH) problem in the random oracle model. Compared with other existing CL-PRE schemes, our scheme requires less computation cost and is significantly more efficient. The new scheme does not need the public key certificates to guarantee validity of public keys and solves the key escrow problem in identity-based public key cryptography.
基金partially supported by the National Natural Science Foundation of China under grant no.62372245the Foundation of Yunnan Key Laboratory of Blockchain Application Technology under Grant 202105AG070005+1 种基金in part by the Foundation of State Key Laboratory of Public Big Datain part by the Foundation of Key Laboratory of Computational Science and Application of Hainan Province under Grant JSKX202202。
文摘For the goals of security and privacy preservation,we propose a blind batch encryption-and public ledger-based data sharing protocol that allows the integrity of sensitive data to be audited by a public ledger and allows privacy information to be preserved.Data owners can tightly manage their data with efficient revocation and only grant one-time adaptive access for the fulfillment of the requester.We prove that our protocol is semanticallly secure,blind,and secure against oblivious requesters and malicious file keepers.We also provide security analysis in the context of four typical attacks.
