The accelerated advancement of the Internet of Things(IoT)has generated substantial data,including sensitive and private information.Consequently,it is imperative to guarantee the security of data sharing.While facili...The accelerated advancement of the Internet of Things(IoT)has generated substantial data,including sensitive and private information.Consequently,it is imperative to guarantee the security of data sharing.While facilitating fine-grained access control,Ciphertext Policy Attribute-Based Encryption(CP-ABE)can effectively ensure the confidentiality of shared data.Nevertheless,the conventional centralized CP-ABE scheme is plagued by the issues of keymisuse,key escrow,and large computation,which will result in security risks.This paper suggests a lightweight IoT data security sharing scheme that integrates blockchain technology and CP-ABE to address the abovementioned issues.The integrity and traceability of shared data are guaranteed by the use of blockchain technology to store and verify access transactions.The encryption and decryption operations of the CP-ABE algorithm have been implemented using elliptic curve scalarmultiplication to accommodate lightweight IoT devices,as opposed to themore arithmetic bilinear pairing found in the traditional CP-ABE algorithm.Additionally,a portion of the computation is delegated to the edge nodes to alleviate the computational burden on users.A distributed key management method is proposed to address the issues of key escrow andmisuse.Thismethod employs the edge blockchain to facilitate the storage and distribution of attribute private keys.Meanwhile,data security sharing is enhanced by combining off-chain and on-chain ciphertext storage.The security and performance analysis indicates that the proposed scheme is more efficient and secure.展开更多
As the integration of medical big data and artificial intelligence advances,the secure sharing of medical data has become a key driving force for advancing disease research and clinical diagnosis.Federated learning,a ...As the integration of medical big data and artificial intelligence advances,the secure sharing of medical data has become a key driving force for advancing disease research and clinical diagnosis.Federated learning,a distributed approach enabling collaborative data processing without sharing raw data,offers promising solutions to challenges in multi-center medical data sharing.This review summarizes the progress of federated learning in multi-center medical data processing,analyzed from four perspectives:system architectures,data distribution strategies,clinical tasks,and algorithmic models.At the same time,this paper explores the challenges in practical applications,such as data heterogeneity,communication overhead,and privacy concerns.It proposes driving future research development by optimizing algorithms,strengthening privacy protection mechanisms,and enhancing computational efficiency.展开更多
In current cloud computing system, large amounts of sensitive data are shared to other cloud users. To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencry...In current cloud computing system, large amounts of sensitive data are shared to other cloud users. To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencryption (PRE) as the cloud data encryption technique. In a PRE system, a semi-trusted proxy can transform a ciphertext under one public key into a ciphertext of the same message under another public key, but the proxy cannot gain any information about the message. In this paper, we propose a certificateless PRE (CL-PRE) scheme without pairings. The security of the proposed scheme can be proved to be equivalent to the computational Dire- Hellman (CDH) problem in the random oracle model. Compared with other existing CL-PRE schemes, our scheme requires less computation cost and is significantly more efficient. The new scheme does not need the public key certificates to guarantee validity of public keys and solves the key escrow problem in identity-based public key cryptography.展开更多
With the rapid growth of Internet of Things(IoT)based models,and the lack amount of data makes cloud computing resources insufficient.Hence,edge computing-based techniques are becoming more popular in present research...With the rapid growth of Internet of Things(IoT)based models,and the lack amount of data makes cloud computing resources insufficient.Hence,edge computing-based techniques are becoming more popular in present research domains that makes data storage,and processing effective at the network edges.There are several advanced features like parallel processing and data perception are available in edge computing.Still,there are some challenges in providing privacy and data security over networks.To solve the security issues in Edge Computing,Hash-based Message Authentication Code(HMAC)algorithm is used to provide solutions for preserving data from various attacks that happens with the distributed network nature.This paper proposed a Trust Model for Secure Data Sharing(TM-SDS)with HMAC algorithm.Here,data security is ensured with local and global trust levels with the centralized processing of cloud and by conserving resources effectively.Further,the proposed model achieved 84.25%of packet delivery ratio which is better compared to existing models in the resulting phase.The data packets are securely transmitted between entities in the proposed model and results showed that proposed TM-SDS model outperforms the existing models in an efficient manner.展开更多
Big data has a strong demand for a network infrastructure with the capability to support data sharing and retrieval efficiently. Information-centric networking (ICN) is an emerging approach to satisfy this demand, w...Big data has a strong demand for a network infrastructure with the capability to support data sharing and retrieval efficiently. Information-centric networking (ICN) is an emerging approach to satisfy this demand, where big data is cached ubiquitously in the network and retrieved using data names. However, existing authentication and authorization schemes rely mostly on centralized servers to provide certification and mediation services for data retrieval. This causes considerable traffic overhead for the secure distributed sharing of data. To solve this problem, we employ identity-based cryptography (IBC) to propose a Distributed Authentication and Authorization Scheme (DAAS), where an identity-based signature (IBS) is used to achieve distributed verifications of the identities of publishers and users. Moreover, Ciphertext-Policy Attribnte-based encryption (CP-ABE) is used to enable the distributed and fine-grained authorization. DAAS consists of three phases: initialization, secure data publication, and secure data retrieval, which seamlessly integrate authentication and authorization with the in- terest/data communication paradigm in ICN. In particular, we propose trustworthy registration and Network Operator and Authority Manifest (NOAM) dissemination to provide initial secure registration and enable efficient authentication for global data retrieval. Meanwhile, Attribute Manifest (AM) distribution coupled with automatic attribute update is proposed to reduce the cost of attribute retrieval. We examine the performance of the proposed DAAS, which shows that it can achieve a lower bandwidth cost than existing schemes.展开更多
With the advancements in the era of artificial intelligence,blockchain,cloud computing,and big data,there is a need for secure,decentralized medical record storage and retrieval systems.While cloud storage solves stor...With the advancements in the era of artificial intelligence,blockchain,cloud computing,and big data,there is a need for secure,decentralized medical record storage and retrieval systems.While cloud storage solves storage issues,it is challenging to realize secure sharing of records over the network.Medi-block record in the healthcare system has brought a new digitalization method for patients’medical records.This centralized technology provides a symmetrical process between the hospital and doctors when patients urgently need to go to a different or nearby hospital.It enables electronic medical records to be available with the correct authentication and restricts access to medical data retrieval.Medi-block record is the consumer-centered healthcare data system that brings reliable and transparent datasets for the medical record.This study presents an extensive review of proposed solutions aiming to protect the privacy and integrity of medical data by securing data sharing for Medi-block records.It also aims to propose a comprehensive investigation of the recent advances in different methods of securing data sharing,such as using Blockchain technology,Access Control,Privacy-Preserving,Proxy Re-Encryption,and Service-On-Chain approach.Finally,we highlight the open issues and identify the challenges regarding secure data sharing for Medi-block records in the healthcare systems.展开更多
1 Introduction Access control and key update are crucial for secure data sharing.Currently,many access control strategies have been proposed to address unauthorized access and privacy breaches[1,2].However,these strat...1 Introduction Access control and key update are crucial for secure data sharing.Currently,many access control strategies have been proposed to address unauthorized access and privacy breaches[1,2].However,these strategies typically focus only on the unilateral access control of data requesters,potentially failing to prevent unauthorized individuals from maliciously publishing data.Additionally,existing key update schemes rely on trusted key generation center(KGC)and have significant performance limitations,which are not practical[3,4].展开更多
Users store vast amounts of sensitive data on a big data platform. Sharing sensitive data will help enterprises reduce the cost of providing users with personalized services and provide value-added data services.Howev...Users store vast amounts of sensitive data on a big data platform. Sharing sensitive data will help enterprises reduce the cost of providing users with personalized services and provide value-added data services.However, secure data sharing is problematic. This paper proposes a framework for secure sensitive data sharing on a big data platform, including secure data delivery, storage, usage, and destruction on a semi-trusted big data sharing platform. We present a proxy re-encryption algorithm based on heterogeneous ciphertext transformation and a user process protection method based on a virtual machine monitor, which provides support for the realization of system functions. The framework protects the security of users' sensitive data effectively and shares these data safely. At the same time, data owners retain complete control of their own data in a sound environment for modern Internet information security.展开更多
With the development of Internet technology,secure storage and secure sharing of data have become increasingly important.Traditional data sharing schemes exist a series of problems including lack of security and low e...With the development of Internet technology,secure storage and secure sharing of data have become increasingly important.Traditional data sharing schemes exist a series of problems including lack of security and low efficiency.In this paper,we construct a secure and efficient data sharing scheme based on threshold Paillier algorithm and blockchain technology,which achieves secure data storage and sharing without a third-party institution.Firstly,we propose a(t,l)threshold Paillier blockchain data sharing scheme,which effectively prevents decryption failures caused by the loss of a single node’s private key.Secondly,we propose a combined on-chain and off-chain data storage scheme,we store the ciphertext on the cloud server and the ciphertext hash value on the blockchain,which not only ensures the integrity of the data but also solves the storage limitation problem on the blockchain.Finally,we use the simulation paradigm to prove the security of the scheme in the semi-honest model.The discussion results of the comparison and the analysis of performance show that the blockchain data security sharing scheme proposed in this paper has lower computational overhead and higher security than other similar schemes.展开更多
Today,scientific research is increasingly becoming data-centric and compute-intensive,relying on data and models across distributed sources.However,challenges still exist in the traditional cooperation mode,given the ...Today,scientific research is increasingly becoming data-centric and compute-intensive,relying on data and models across distributed sources.However,challenges still exist in the traditional cooperation mode,given the high storage and computing costs,geolocation barriers,and local cofidentiality regulations.The Jupyter environment has recently emerged and evolved into a vital virtual research environment for scientific computing,which researchers can use to scale computational analyses up to larger datasets and high-performance computing resources.Nevertheless,existing approaches lack robust support of a decentralized cooperation mode to unlock the full potential of decentralized collaborative scientific research,e.g.,seamlessly secure data sharing.In this work,we change the basic structure and legacy norms of current research environments via the seamless integration of Jupyter with Ethereum blockchain capabilities.As such,it creates a Decentralized Virtual Research Environment(D-VRE)from private computational notebooks to a decentralized collaborative research ecosystem.We propose a novel architecture for the D-VRE and prototype some essential D-VRE elements for enabling secure data sharing with decentralized identity,user-centric agreement-making,membership,and research asset management.To validate our method,we conduct an experimental study to test all functionalities of D-VRE smart contracts and their gas consumption.In addition,we deploy the D-VRE prototype on a test net of the Ethereum blockchain for demonstration.The feedback from the studies showcases the current prototype’s usability,ease of use,and potential,and suggests further improvements.展开更多
文摘The accelerated advancement of the Internet of Things(IoT)has generated substantial data,including sensitive and private information.Consequently,it is imperative to guarantee the security of data sharing.While facilitating fine-grained access control,Ciphertext Policy Attribute-Based Encryption(CP-ABE)can effectively ensure the confidentiality of shared data.Nevertheless,the conventional centralized CP-ABE scheme is plagued by the issues of keymisuse,key escrow,and large computation,which will result in security risks.This paper suggests a lightweight IoT data security sharing scheme that integrates blockchain technology and CP-ABE to address the abovementioned issues.The integrity and traceability of shared data are guaranteed by the use of blockchain technology to store and verify access transactions.The encryption and decryption operations of the CP-ABE algorithm have been implemented using elliptic curve scalarmultiplication to accommodate lightweight IoT devices,as opposed to themore arithmetic bilinear pairing found in the traditional CP-ABE algorithm.Additionally,a portion of the computation is delegated to the edge nodes to alleviate the computational burden on users.A distributed key management method is proposed to address the issues of key escrow andmisuse.Thismethod employs the edge blockchain to facilitate the storage and distribution of attribute private keys.Meanwhile,data security sharing is enhanced by combining off-chain and on-chain ciphertext storage.The security and performance analysis indicates that the proposed scheme is more efficient and secure.
基金supported and funded by the National Natural Science Foundation of China(82101079)the Key R&D Program of Jiangsu Province(BE2023836)the National Key Research and Development Program of China(SQ2023YFC2400025).
文摘As the integration of medical big data and artificial intelligence advances,the secure sharing of medical data has become a key driving force for advancing disease research and clinical diagnosis.Federated learning,a distributed approach enabling collaborative data processing without sharing raw data,offers promising solutions to challenges in multi-center medical data sharing.This review summarizes the progress of federated learning in multi-center medical data processing,analyzed from four perspectives:system architectures,data distribution strategies,clinical tasks,and algorithmic models.At the same time,this paper explores the challenges in practical applications,such as data heterogeneity,communication overhead,and privacy concerns.It proposes driving future research development by optimizing algorithms,strengthening privacy protection mechanisms,and enhancing computational efficiency.
基金the National Natural Science Foundation of China(No.61133014)
文摘In current cloud computing system, large amounts of sensitive data are shared to other cloud users. To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencryption (PRE) as the cloud data encryption technique. In a PRE system, a semi-trusted proxy can transform a ciphertext under one public key into a ciphertext of the same message under another public key, but the proxy cannot gain any information about the message. In this paper, we propose a certificateless PRE (CL-PRE) scheme without pairings. The security of the proposed scheme can be proved to be equivalent to the computational Dire- Hellman (CDH) problem in the random oracle model. Compared with other existing CL-PRE schemes, our scheme requires less computation cost and is significantly more efficient. The new scheme does not need the public key certificates to guarantee validity of public keys and solves the key escrow problem in identity-based public key cryptography.
文摘With the rapid growth of Internet of Things(IoT)based models,and the lack amount of data makes cloud computing resources insufficient.Hence,edge computing-based techniques are becoming more popular in present research domains that makes data storage,and processing effective at the network edges.There are several advanced features like parallel processing and data perception are available in edge computing.Still,there are some challenges in providing privacy and data security over networks.To solve the security issues in Edge Computing,Hash-based Message Authentication Code(HMAC)algorithm is used to provide solutions for preserving data from various attacks that happens with the distributed network nature.This paper proposed a Trust Model for Secure Data Sharing(TM-SDS)with HMAC algorithm.Here,data security is ensured with local and global trust levels with the centralized processing of cloud and by conserving resources effectively.Further,the proposed model achieved 84.25%of packet delivery ratio which is better compared to existing models in the resulting phase.The data packets are securely transmitted between entities in the proposed model and results showed that proposed TM-SDS model outperforms the existing models in an efficient manner.
文摘Big data has a strong demand for a network infrastructure with the capability to support data sharing and retrieval efficiently. Information-centric networking (ICN) is an emerging approach to satisfy this demand, where big data is cached ubiquitously in the network and retrieved using data names. However, existing authentication and authorization schemes rely mostly on centralized servers to provide certification and mediation services for data retrieval. This causes considerable traffic overhead for the secure distributed sharing of data. To solve this problem, we employ identity-based cryptography (IBC) to propose a Distributed Authentication and Authorization Scheme (DAAS), where an identity-based signature (IBS) is used to achieve distributed verifications of the identities of publishers and users. Moreover, Ciphertext-Policy Attribnte-based encryption (CP-ABE) is used to enable the distributed and fine-grained authorization. DAAS consists of three phases: initialization, secure data publication, and secure data retrieval, which seamlessly integrate authentication and authorization with the in- terest/data communication paradigm in ICN. In particular, we propose trustworthy registration and Network Operator and Authority Manifest (NOAM) dissemination to provide initial secure registration and enable efficient authentication for global data retrieval. Meanwhile, Attribute Manifest (AM) distribution coupled with automatic attribute update is proposed to reduce the cost of attribute retrieval. We examine the performance of the proposed DAAS, which shows that it can achieve a lower bandwidth cost than existing schemes.
文摘With the advancements in the era of artificial intelligence,blockchain,cloud computing,and big data,there is a need for secure,decentralized medical record storage and retrieval systems.While cloud storage solves storage issues,it is challenging to realize secure sharing of records over the network.Medi-block record in the healthcare system has brought a new digitalization method for patients’medical records.This centralized technology provides a symmetrical process between the hospital and doctors when patients urgently need to go to a different or nearby hospital.It enables electronic medical records to be available with the correct authentication and restricts access to medical data retrieval.Medi-block record is the consumer-centered healthcare data system that brings reliable and transparent datasets for the medical record.This study presents an extensive review of proposed solutions aiming to protect the privacy and integrity of medical data by securing data sharing for Medi-block records.It also aims to propose a comprehensive investigation of the recent advances in different methods of securing data sharing,such as using Blockchain technology,Access Control,Privacy-Preserving,Proxy Re-Encryption,and Service-On-Chain approach.Finally,we highlight the open issues and identify the challenges regarding secure data sharing for Medi-block records in the healthcare systems.
基金supported by the National Key R&D Projects(No.2021YFB00900)the National Natural Science Foundation of China(Grant Nos.U20A20174,U22B2062,62302230,62202051,62372068,62302229,and 62302162)the China Postdoctoral Science Foundation(Nos.2021M700435,2024M751480).
文摘1 Introduction Access control and key update are crucial for secure data sharing.Currently,many access control strategies have been proposed to address unauthorized access and privacy breaches[1,2].However,these strategies typically focus only on the unilateral access control of data requesters,potentially failing to prevent unauthorized individuals from maliciously publishing data.Additionally,existing key update schemes rely on trusted key generation center(KGC)and have significant performance limitations,which are not practical[3,4].
基金supported by the National Natural Science Foundation of China (Nos. 61173170, 61300222, 61433006, and U1401258)Independent Innovation Fund of Huazhong University of Science and Technology (Nos. 2012TS052, 2012TS053, 2013QN120, and CXY13Q019)
文摘Users store vast amounts of sensitive data on a big data platform. Sharing sensitive data will help enterprises reduce the cost of providing users with personalized services and provide value-added data services.However, secure data sharing is problematic. This paper proposes a framework for secure sensitive data sharing on a big data platform, including secure data delivery, storage, usage, and destruction on a semi-trusted big data sharing platform. We present a proxy re-encryption algorithm based on heterogeneous ciphertext transformation and a user process protection method based on a virtual machine monitor, which provides support for the realization of system functions. The framework protects the security of users' sensitive data effectively and shares these data safely. At the same time, data owners retain complete control of their own data in a sound environment for modern Internet information security.
基金supported by the Defense Industrial Technology Development Program(JCKY2021208B036).
文摘With the development of Internet technology,secure storage and secure sharing of data have become increasingly important.Traditional data sharing schemes exist a series of problems including lack of security and low efficiency.In this paper,we construct a secure and efficient data sharing scheme based on threshold Paillier algorithm and blockchain technology,which achieves secure data storage and sharing without a third-party institution.Firstly,we propose a(t,l)threshold Paillier blockchain data sharing scheme,which effectively prevents decryption failures caused by the loss of a single node’s private key.Secondly,we propose a combined on-chain and off-chain data storage scheme,we store the ciphertext on the cloud server and the ciphertext hash value on the blockchain,which not only ensures the integrity of the data but also solves the storage limitation problem on the blockchain.Finally,we use the simulation paradigm to prove the security of the scheme in the semi-honest model.The discussion results of the comparison and the analysis of performance show that the blockchain data security sharing scheme proposed in this paper has lower computational overhead and higher security than other similar schemes.
文摘Today,scientific research is increasingly becoming data-centric and compute-intensive,relying on data and models across distributed sources.However,challenges still exist in the traditional cooperation mode,given the high storage and computing costs,geolocation barriers,and local cofidentiality regulations.The Jupyter environment has recently emerged and evolved into a vital virtual research environment for scientific computing,which researchers can use to scale computational analyses up to larger datasets and high-performance computing resources.Nevertheless,existing approaches lack robust support of a decentralized cooperation mode to unlock the full potential of decentralized collaborative scientific research,e.g.,seamlessly secure data sharing.In this work,we change the basic structure and legacy norms of current research environments via the seamless integration of Jupyter with Ethereum blockchain capabilities.As such,it creates a Decentralized Virtual Research Environment(D-VRE)from private computational notebooks to a decentralized collaborative research ecosystem.We propose a novel architecture for the D-VRE and prototype some essential D-VRE elements for enabling secure data sharing with decentralized identity,user-centric agreement-making,membership,and research asset management.To validate our method,we conduct an experimental study to test all functionalities of D-VRE smart contracts and their gas consumption.In addition,we deploy the D-VRE prototype on a test net of the Ethereum blockchain for demonstration.The feedback from the studies showcases the current prototype’s usability,ease of use,and potential,and suggests further improvements.
