The accelerated advancement of the Internet of Things(IoT)has generated substantial data,including sensitive and private information.Consequently,it is imperative to guarantee the security of data sharing.While facili...The accelerated advancement of the Internet of Things(IoT)has generated substantial data,including sensitive and private information.Consequently,it is imperative to guarantee the security of data sharing.While facilitating fine-grained access control,Ciphertext Policy Attribute-Based Encryption(CP-ABE)can effectively ensure the confidentiality of shared data.Nevertheless,the conventional centralized CP-ABE scheme is plagued by the issues of keymisuse,key escrow,and large computation,which will result in security risks.This paper suggests a lightweight IoT data security sharing scheme that integrates blockchain technology and CP-ABE to address the abovementioned issues.The integrity and traceability of shared data are guaranteed by the use of blockchain technology to store and verify access transactions.The encryption and decryption operations of the CP-ABE algorithm have been implemented using elliptic curve scalarmultiplication to accommodate lightweight IoT devices,as opposed to themore arithmetic bilinear pairing found in the traditional CP-ABE algorithm.Additionally,a portion of the computation is delegated to the edge nodes to alleviate the computational burden on users.A distributed key management method is proposed to address the issues of key escrow andmisuse.Thismethod employs the edge blockchain to facilitate the storage and distribution of attribute private keys.Meanwhile,data security sharing is enhanced by combining off-chain and on-chain ciphertext storage.The security and performance analysis indicates that the proposed scheme is more efficient and secure.展开更多
1.Introduction Data inference(DInf)is a data security threat in which critical information is inferred from low-sensitivity data.Once regarded as an advanced professional threat limited to intelligence analysts,DInf h...1.Introduction Data inference(DInf)is a data security threat in which critical information is inferred from low-sensitivity data.Once regarded as an advanced professional threat limited to intelligence analysts,DInf has become a widespread risk in the artificial intelligence(AI)era.展开更多
1.Data security in smart manufacturing The global manufacturing sector is undergoing a digital transformation as traditional systems-reliant on physical assets such as raw materials and labor-struggle to meet demands ...1.Data security in smart manufacturing The global manufacturing sector is undergoing a digital transformation as traditional systems-reliant on physical assets such as raw materials and labor-struggle to meet demands for greater flexibility and efficiency.The integration of advanced information technology facilitates smart manufacturing(SM),which optimizes production,management,and supply chains[1].展开更多
A basic procedure for transforming readable data into encoded forms is encryption, which ensures security when the right decryption keys are used. Hadoop is susceptible to possible cyber-attacks because it lacks built...A basic procedure for transforming readable data into encoded forms is encryption, which ensures security when the right decryption keys are used. Hadoop is susceptible to possible cyber-attacks because it lacks built-in security measures, even though it can effectively handle and store enormous datasets using the Hadoop Distributed File System (HDFS). The increasing number of data breaches emphasizes how urgently creative encryption techniques are needed in cloud-based big data settings. This paper presents Adaptive Attribute-Based Honey Encryption (AABHE), a state-of-the-art technique that combines honey encryption with Ciphertext-Policy Attribute-Based Encryption (CP-ABE) to provide improved data security. Even if intercepted, AABHE makes sure that sensitive data cannot be accessed by unauthorized parties. With a focus on protecting huge files in HDFS, the suggested approach achieves 98% security robustness and 95% encryption efficiency, outperforming other encryption methods including Ciphertext-Policy Attribute-Based Encryption (CP-ABE), Key-Policy Attribute-Based Encryption (KB-ABE), and Advanced Encryption Standard combined with Attribute-Based Encryption (AES+ABE). By fixing Hadoop’s security flaws, AABHE fortifies its protections against data breaches and enhances Hadoop’s dependability as a platform for processing and storing massive amounts of data.展开更多
In the era of big data,the financial industry is undergoing profound changes.By integrating multiple data sources such as transaction records,customer interactions,market trends,and regulatory requirements,big data te...In the era of big data,the financial industry is undergoing profound changes.By integrating multiple data sources such as transaction records,customer interactions,market trends,and regulatory requirements,big data technology has significantly improved the decision-making efficiency,customer insight,and risk management capabilities of financial institutions.The financial industry has become a pioneer in the application of big data technology,which is widely used in scenarios such as fraud detection,risk management,customer service optimization,and smart transactions.However,financial data security management also faces many challenges,including data breaches,privacy protection,compliance requirements,the complexity of emerging technologies,and the balance between data access and security.This article explores the major challenges of financial data security management,coping strategies,and the evolution of the regulatory environment,and it looks ahead to future trends,highlighting the important role of artificial intelligence and machine learning in financial data security.展开更多
In the context of the rapid development of digital education,the security of educational data has become an increasing concern.This paper explores strategies for the classification and grading of educational data,and ...In the context of the rapid development of digital education,the security of educational data has become an increasing concern.This paper explores strategies for the classification and grading of educational data,and constructs a higher educational data security management and control model centered on the integration of medical and educational data.By implementing a multi-dimensional strategy of dynamic classification,real-time authorization,and secure execution through educational data security levels,dynamic access control is applied to effectively enhance the security and controllability of educational data,providing a secure foundation for data sharing and openness.展开更多
Cyberattacks are difficult to prevent because the targeted companies and organizations are often relying on new and fundamentally insecure cloudbased technologies,such as the Internet of Things.With increasing industr...Cyberattacks are difficult to prevent because the targeted companies and organizations are often relying on new and fundamentally insecure cloudbased technologies,such as the Internet of Things.With increasing industry adoption and migration of traditional computing services to the cloud,one of the main challenges in cybersecurity is to provide mechanisms to secure these technologies.This work proposes a Data Security Framework for cloud computing services(CCS)that evaluates and improves CCS data security from a software engineering perspective by evaluating the levels of security within the cloud computing paradigm using engineering methods and techniques applied to CCS.This framework is developed by means of a methodology based on a heuristic theory that incorporates knowledge generated by existing works as well as the experience of their implementation.The paper presents the design details of the framework,which consists of three stages:identification of data security requirements,management of data security risks and evaluation of data security performance in CCS.展开更多
Cloud computing is very useful for big data owner who doesn't want to manage IT infrastructure and big data technique details. However, it is hard for big data owner to trust multi-layer outsourced big data system...Cloud computing is very useful for big data owner who doesn't want to manage IT infrastructure and big data technique details. However, it is hard for big data owner to trust multi-layer outsourced big data system in cloud environment and to verify which outsourced service leads to the problem. Similarly, the cloud service provider cannot simply trust the data computation applications. At last,the verification data itself may also leak the sensitive information from the cloud service provider and data owner. We propose a new three-level definition of the verification, threat model, corresponding trusted policies based on different roles for outsourced big data system in cloud. We also provide two policy enforcement methods for building trusted data computation environment by measuring both the Map Reduce application and its behaviors based on trusted computing and aspect-oriented programming. To prevent sensitive information leakage from verification process,we provide a privacy-preserved verification method. Finally, we implement the TPTVer, a Trusted third Party based Trusted Verifier as a proof of concept system. Our evaluation and analysis show that TPTVer can provide trusted verification for multi-layered outsourced big data system in the cloud with low overhead.展开更多
With the development of information technology,the Internet of Things(IoT)has gradually become the third wave of the worldwide information industry revolution after the computer and the Internet.The application of the...With the development of information technology,the Internet of Things(IoT)has gradually become the third wave of the worldwide information industry revolution after the computer and the Internet.The application of the IoT has brought great convenience to people’s production and life.However,the potential information security problems in various IoT applications are gradually exposed and people pay more attention to them.The traditional centralized data storage and management model of the IoT is easy to cause transmission delay,single point of failure,privacy disclosure and other problems,and eventually leads to unpredictable behavior of the system.Blockchain technology can effectively improve the operation and data security status of the IoT.Referring to the storage model of the Fabric blockchain project,this paper designs a data security storage model suitable for the IoT system.The simulation results show that the model is not only effective and extensible,but also can better protect the data security of the Internet of Things.展开更多
Geo-data is a foundation for the prediction and assessment of ore resources, so managing and making full use of those data, including geography database, geology database, mineral deposits database, aeromagnetics data...Geo-data is a foundation for the prediction and assessment of ore resources, so managing and making full use of those data, including geography database, geology database, mineral deposits database, aeromagnetics database, gravity database, geochemistry database and remote sensing database, is very significant. We developed national important mining zone database (NIMZDB) to manage 14 national important mining zone databases to support a new round prediction of ore deposit. We found that attention should be paid to the following issues: ① data accuracy: integrity, logic consistency, attribute, spatial and time accuracy; ② management of both attribute and spatial data in the same system;③ transforming data between MapGIS and ArcGIS; ④ data sharing and security; ⑤ data searches that can query both attribute and spatial data. Accuracy of input data is guaranteed and the search, analysis and translation of data between MapGIS and ArcGIS has been made convenient via the development of a checking data module and a managing data module based on MapGIS and ArcGIS. Using AreSDE, we based data sharing on a client/server system, and attribute and spatial data are also managed in the same system.展开更多
These days,data is regarded as a valuable asset in the era of the data economy,which demands a trading platform for buying and selling data.However,online data trading poses challenges in terms of security and fairnes...These days,data is regarded as a valuable asset in the era of the data economy,which demands a trading platform for buying and selling data.However,online data trading poses challenges in terms of security and fairness because the seller and the buyer may not fully trust each other.Therefore,in this paper,a blockchain-based secure and fair data trading system is proposed by taking advantage of the smart contract and matchmaking encryption.The proposed system enables bilateral authorization,where data trading between a seller and a buyer is accomplished only if their policies,required by each other,are satisfied simultaneously.This can be achieved by exploiting the security features of the matchmaking encryption.To guarantee non-repudiation and fairness between trading parties,the proposed system leverages a smart contract to ensure that the parties honestly carry out the data trading protocol.However,the smart contract in the proposed system does not include complex cryptographic operations for the efficiency of onchain processes.Instead,these operations are carried out by off-chain parties and their results are used as input for the on-chain procedure.The system also uses an arbitration protocol to resolve disputes based on the trading proof recorded on the blockchain.The performance of the protocol is evaluated in terms of off-chain computation overhead and on-chain gas consumption.The results of the experiments demonstrate that the proposed protocols can enable the implementation of a cost-effective data trading system.展开更多
In order to cope with varying protection granularity levels of XML(extensible Markup Language) documents, we propose a TXAC (Two-level XML. Access Control) framework,in which an extended TRBAC ( Temporal Role-Based Ac...In order to cope with varying protection granularity levels of XML(extensible Markup Language) documents, we propose a TXAC (Two-level XML. Access Control) framework,in which an extended TRBAC ( Temporal Role-Based Access Control) approach is proposed to deal withthe dynamic XML data With different system components, LXAC algorithm evaluates access requestsefficiently by appropriate access control policy in dynamic web environment. The method is aflexible and powerful security system offering amulti-level access control solution.展开更多
Big data has been taken as a Chinese national strategy in order to satisfy the developments of the social and economic requirements and the development of new information technology. The prosperity of big data brings ...Big data has been taken as a Chinese national strategy in order to satisfy the developments of the social and economic requirements and the development of new information technology. The prosperity of big data brings not only convenience to people's daily life and more opportunities to enterprises, but more challenges with information security as well. This paper has a research on new types and features of information security issues in the age of big data, and puts forward the solutions for the above issues: build up the big data security management platform, set up the establishment of information security system and implement relevant laws and regulations.展开更多
At present,the global big data industry is experiencing vibrant development with technological evolution and application innovation speeding up side by side.Novel technologies for data storage,computing and analytics,...At present,the global big data industry is experiencing vibrant development with technological evolution and application innovation speeding up side by side.Novel technologies for data storage,computing and analytics,such as non-relational databases,distributed parallel computing,machine learning,and deep data mining have emerged and evolved rapidly.Big data has gradually become a fundamental national strategic resource and a cornerstone factor in production.However,increasing big data security problems are exposed and the number of big data security incidents occurring around the world is on the rise.Against this background,this paper provides a summary of the present situation of global data security governance,points out the challenges,and then proceeds to raise solutions for further modernizing data security governance systems.展开更多
As more medical data become digitalized,machine learning is regarded as a promising tool for constructing medical decision support systems.Even with vast medical data volumes,machine learning is still not fully exploi...As more medical data become digitalized,machine learning is regarded as a promising tool for constructing medical decision support systems.Even with vast medical data volumes,machine learning is still not fully exploiting its potential because the data usually sits in data silos,and privacy and security regulations restrict their access and use.To address these issues,we built a secured and explainable machine learning framework,called explainable federated XGBoost(EXPERTS),which can share valuable information among different medical institutions to improve the learning results without sharing the patients’ data.It also reveals how the machine makes a decision through eigenvalues to offer a more insightful answer to medical professionals.To study the performance,we evaluate our approach by real-world datasets,and our approach outperforms the benchmark algorithms under both federated learning and non-federated learning frameworks.展开更多
At present,health care applications,government services,and banking applications use big data with cloud storage to process and implement data.Data mobility in cloud environments uses protection protocols and algorith...At present,health care applications,government services,and banking applications use big data with cloud storage to process and implement data.Data mobility in cloud environments uses protection protocols and algorithms to secure sensitive user data.Sometimes,data may have highly sensitive information,lead-ing users to consider using big data and cloud processing regardless of whether they are secured are not.Threats to sensitive data in cloud systems produce high risks,and existing security methods do not provide enough security to sensitive user data in cloud and big data environments.At present,several security solu-tions support cloud systems.Some of them include Hadoop Distributed File Sys-tem(HDFS)baseline Kerberos security,socket layer-based HDFS security,and hybrid security systems,which have time complexity in providing security inter-actions.Thus,mobile data security algorithms are necessary in cloud environ-ments to avoid time risks in providing security.In our study,we propose a data mobility and security(DMoS)algorithm to provide security of data mobility in cloud environments.By analyzing metadata,data are classified as secured and open data based on their importance.Secured data are sensitive user data,whereas open data are open to the public.On the basis of data classification,secured data are applied to the DMoS algorithm to achieve high security in HDFS.The pro-posed approach is compared with the time complexity of three existing algo-rithms,and results are evaluated.展开更多
In the present scenario of rapid growth in cloud computing models,several companies and users started to share their data on cloud servers.However,when the model is not completely trusted,the data owners face several ...In the present scenario of rapid growth in cloud computing models,several companies and users started to share their data on cloud servers.However,when the model is not completely trusted,the data owners face several security-related problems,such as user privacy breaches,data disclosure,data corruption,and so on,during the process of data outsourcing.For addressing and handling the security-related issues on Cloud,several models were proposed.With that concern,this paper develops a Privacy-Preserved Data Security Approach(PP-DSA)to provide the data security and data integrity for the out-sourcing data in Cloud Environment.Privacy preservation is ensured in this work with the Efficient Authentication Technique(EAT)using the Group Signature method that is applied with Third-Party Auditor(TPA).The role of the auditor is to secure the data and guarantee shared data integrity.Additionally,the Cloud Service Provider(CSP)and Data User(DU)can also be the attackers that are to be handled with the EAT.Here,the major objective of the work is to enhance cloud security and thereby,increase Quality of Service(QoS).The results are evaluated based on the model effectiveness,security,and reliability and show that the proposed model provides better results than existing works.展开更多
In recent years,it has been observed that the disclosure of information increases the risk of terrorism.Without restricting the accessibility of information,providing security is difficult.So,there is a demand for tim...In recent years,it has been observed that the disclosure of information increases the risk of terrorism.Without restricting the accessibility of information,providing security is difficult.So,there is a demand for time tofill the gap between security and accessibility of information.In fact,security tools should be usable for improving the security as well as the accessibility of information.Though security and accessibility are not directly influenced,some of their factors are indirectly influenced by each other.Attributes play an important role in bridging the gap between security and accessibility.In this paper,we identify the key attributes of accessibility and security that impact directly and indirectly on each other,such as confidentiality,integrity,availability,and severity.The significance of every attribute on the basis of obtained weight is important for its effect on security during the big data security life cycle process.To calculate the proposed work,researchers utilised the Fuzzy Analytic Hierarchy Process(Fuzzy AHP).Thefindings show that the Fuzzy AHP is a very accurate mechanism for determining the best security solution in a real-time healthcare context.The study also looks at the rapidly evolving security technologies in healthcare that could help improve healthcare services and the future prospects in this area.展开更多
The Internet of Medical Things(IoMT)is an online device that senses and transmits medical data from users to physicians within a time interval.In,recent years,IoMT has rapidly grown in the medicalfield to provide heal...The Internet of Medical Things(IoMT)is an online device that senses and transmits medical data from users to physicians within a time interval.In,recent years,IoMT has rapidly grown in the medicalfield to provide healthcare services without physical appearance.With the use of sensors,IoMT applications are used in healthcare management.In such applications,one of the most important factors is data security,given that its transmission over the network may cause obtrusion.For data security in IoMT systems,blockchain is used due to its numerous blocks for secure data storage.In this study,Blockchain-assisted secure data management framework(BSDMF)and Proof of Activity(PoA)protocol using malicious code detection algorithm is used in the proposed data security for the healthcare system.The main aim is to enhance the data security over the networks.The PoA protocol enhances high security of data from the literature review.By replacing the malicious node from the block,the PoA can provide high security for medical data in the blockchain.Comparison with existing systems shows that the proposed simulation with BSD-Malicious code detection algorithm achieves higher accuracy ratio,precision ratio,security,and efficiency and less response time for Blockchain-enabled healthcare systems.展开更多
With the advancements in the era of artificial intelligence,blockchain,cloud computing,and big data,there is a need for secure,decentralized medical record storage and retrieval systems.While cloud storage solves stor...With the advancements in the era of artificial intelligence,blockchain,cloud computing,and big data,there is a need for secure,decentralized medical record storage and retrieval systems.While cloud storage solves storage issues,it is challenging to realize secure sharing of records over the network.Medi-block record in the healthcare system has brought a new digitalization method for patients’medical records.This centralized technology provides a symmetrical process between the hospital and doctors when patients urgently need to go to a different or nearby hospital.It enables electronic medical records to be available with the correct authentication and restricts access to medical data retrieval.Medi-block record is the consumer-centered healthcare data system that brings reliable and transparent datasets for the medical record.This study presents an extensive review of proposed solutions aiming to protect the privacy and integrity of medical data by securing data sharing for Medi-block records.It also aims to propose a comprehensive investigation of the recent advances in different methods of securing data sharing,such as using Blockchain technology,Access Control,Privacy-Preserving,Proxy Re-Encryption,and Service-On-Chain approach.Finally,we highlight the open issues and identify the challenges regarding secure data sharing for Medi-block records in the healthcare systems.展开更多
文摘The accelerated advancement of the Internet of Things(IoT)has generated substantial data,including sensitive and private information.Consequently,it is imperative to guarantee the security of data sharing.While facilitating fine-grained access control,Ciphertext Policy Attribute-Based Encryption(CP-ABE)can effectively ensure the confidentiality of shared data.Nevertheless,the conventional centralized CP-ABE scheme is plagued by the issues of keymisuse,key escrow,and large computation,which will result in security risks.This paper suggests a lightweight IoT data security sharing scheme that integrates blockchain technology and CP-ABE to address the abovementioned issues.The integrity and traceability of shared data are guaranteed by the use of blockchain technology to store and verify access transactions.The encryption and decryption operations of the CP-ABE algorithm have been implemented using elliptic curve scalarmultiplication to accommodate lightweight IoT devices,as opposed to themore arithmetic bilinear pairing found in the traditional CP-ABE algorithm.Additionally,a portion of the computation is delegated to the edge nodes to alleviate the computational burden on users.A distributed key management method is proposed to address the issues of key escrow andmisuse.Thismethod employs the edge blockchain to facilitate the storage and distribution of attribute private keys.Meanwhile,data security sharing is enhanced by combining off-chain and on-chain ciphertext storage.The security and performance analysis indicates that the proposed scheme is more efficient and secure.
基金supported by the National Key Research and Development Program of China(2022YFB2703503)the National Natural Science Foundation of China(62293501,62525210,and 62293502)the China Scholarship Council(202306280318).
文摘1.Introduction Data inference(DInf)is a data security threat in which critical information is inferred from low-sensitivity data.Once regarded as an advanced professional threat limited to intelligence analysts,DInf has become a widespread risk in the artificial intelligence(AI)era.
基金supported in part by the National Natural Science Foundation of China(62293511 and 62402256)in part by the Shandong Provincial Natural Science Foundation of China(ZR2024MF100)+1 种基金in part by the Taishan Scholars Program(tsqn202408239)in part by the Open Research Project of the State Key Laboratory of Industrial Control Technology,Zhejiang University,China(ICT2025B13).
文摘1.Data security in smart manufacturing The global manufacturing sector is undergoing a digital transformation as traditional systems-reliant on physical assets such as raw materials and labor-struggle to meet demands for greater flexibility and efficiency.The integration of advanced information technology facilitates smart manufacturing(SM),which optimizes production,management,and supply chains[1].
基金funded by Princess Nourah bint Abdulrahman UniversityResearchers Supporting Project number (PNURSP2024R408), Princess Nourah bint AbdulrahmanUniversity, Riyadh, Saudi Arabia.
文摘A basic procedure for transforming readable data into encoded forms is encryption, which ensures security when the right decryption keys are used. Hadoop is susceptible to possible cyber-attacks because it lacks built-in security measures, even though it can effectively handle and store enormous datasets using the Hadoop Distributed File System (HDFS). The increasing number of data breaches emphasizes how urgently creative encryption techniques are needed in cloud-based big data settings. This paper presents Adaptive Attribute-Based Honey Encryption (AABHE), a state-of-the-art technique that combines honey encryption with Ciphertext-Policy Attribute-Based Encryption (CP-ABE) to provide improved data security. Even if intercepted, AABHE makes sure that sensitive data cannot be accessed by unauthorized parties. With a focus on protecting huge files in HDFS, the suggested approach achieves 98% security robustness and 95% encryption efficiency, outperforming other encryption methods including Ciphertext-Policy Attribute-Based Encryption (CP-ABE), Key-Policy Attribute-Based Encryption (KB-ABE), and Advanced Encryption Standard combined with Attribute-Based Encryption (AES+ABE). By fixing Hadoop’s security flaws, AABHE fortifies its protections against data breaches and enhances Hadoop’s dependability as a platform for processing and storing massive amounts of data.
基金Exploration and Practice of the Application of Blockchain Technology to the Cultivation of Compound Talents under the Background of Free Trade Port(HKJG2023-18)。
文摘In the era of big data,the financial industry is undergoing profound changes.By integrating multiple data sources such as transaction records,customer interactions,market trends,and regulatory requirements,big data technology has significantly improved the decision-making efficiency,customer insight,and risk management capabilities of financial institutions.The financial industry has become a pioneer in the application of big data technology,which is widely used in scenarios such as fraud detection,risk management,customer service optimization,and smart transactions.However,financial data security management also faces many challenges,including data breaches,privacy protection,compliance requirements,the complexity of emerging technologies,and the balance between data access and security.This article explores the major challenges of financial data security management,coping strategies,and the evolution of the regulatory environment,and it looks ahead to future trends,highlighting the important role of artificial intelligence and machine learning in financial data security.
基金supported by:the 2023 Basic Public Welfare Research Project of the Wenzhou Science and Technology Bureau“Research on Multi-Source Data Classification and Grading Standards and Intelligent Algorithms for Higher Education Institutions”(Project No.G2023094)Major Humanities and Social Sciences Research Projects in Zhejiang higher education institutions(Grant/Award Number:2024QN061)2023 Basic Public Welfare Research Project of Wenzhou(No.:S2023014).
文摘In the context of the rapid development of digital education,the security of educational data has become an increasing concern.This paper explores strategies for the classification and grading of educational data,and constructs a higher educational data security management and control model centered on the integration of medical and educational data.By implementing a multi-dimensional strategy of dynamic classification,real-time authorization,and secure execution through educational data security levels,dynamic access control is applied to effectively enhance the security and controllability of educational data,providing a secure foundation for data sharing and openness.
文摘Cyberattacks are difficult to prevent because the targeted companies and organizations are often relying on new and fundamentally insecure cloudbased technologies,such as the Internet of Things.With increasing industry adoption and migration of traditional computing services to the cloud,one of the main challenges in cybersecurity is to provide mechanisms to secure these technologies.This work proposes a Data Security Framework for cloud computing services(CCS)that evaluates and improves CCS data security from a software engineering perspective by evaluating the levels of security within the cloud computing paradigm using engineering methods and techniques applied to CCS.This framework is developed by means of a methodology based on a heuristic theory that incorporates knowledge generated by existing works as well as the experience of their implementation.The paper presents the design details of the framework,which consists of three stages:identification of data security requirements,management of data security risks and evaluation of data security performance in CCS.
基金partially supported by grants from the China 863 High-tech Program (Grant No. 2015AA016002)the Specialized Research Fund for the Doctoral Program of Higher Education (Grant No. 20131103120001)+2 种基金the National Key Research and Development Program of China (Grant No. 2016YFB0800204)the National Science Foundation of China (No. 61502017)the Scientific Research Common Program of Beijing Municipal Commission of Education (KM201710005024)
文摘Cloud computing is very useful for big data owner who doesn't want to manage IT infrastructure and big data technique details. However, it is hard for big data owner to trust multi-layer outsourced big data system in cloud environment and to verify which outsourced service leads to the problem. Similarly, the cloud service provider cannot simply trust the data computation applications. At last,the verification data itself may also leak the sensitive information from the cloud service provider and data owner. We propose a new three-level definition of the verification, threat model, corresponding trusted policies based on different roles for outsourced big data system in cloud. We also provide two policy enforcement methods for building trusted data computation environment by measuring both the Map Reduce application and its behaviors based on trusted computing and aspect-oriented programming. To prevent sensitive information leakage from verification process,we provide a privacy-preserved verification method. Finally, we implement the TPTVer, a Trusted third Party based Trusted Verifier as a proof of concept system. Our evaluation and analysis show that TPTVer can provide trusted verification for multi-layered outsourced big data system in the cloud with low overhead.
基金supported by the National Social Science Foundation Project of China under Grant 16BTQ085.
文摘With the development of information technology,the Internet of Things(IoT)has gradually become the third wave of the worldwide information industry revolution after the computer and the Internet.The application of the IoT has brought great convenience to people’s production and life.However,the potential information security problems in various IoT applications are gradually exposed and people pay more attention to them.The traditional centralized data storage and management model of the IoT is easy to cause transmission delay,single point of failure,privacy disclosure and other problems,and eventually leads to unpredictable behavior of the system.Blockchain technology can effectively improve the operation and data security status of the IoT.Referring to the storage model of the Fabric blockchain project,this paper designs a data security storage model suitable for the IoT system.The simulation results show that the model is not only effective and extensible,but also can better protect the data security of the Internet of Things.
基金This paper is financially supported by the National I mportant MiningZone Database ( No .200210000004)Prediction and Assessment ofMineral Resources and Social Service (No .1212010331402) .
文摘Geo-data is a foundation for the prediction and assessment of ore resources, so managing and making full use of those data, including geography database, geology database, mineral deposits database, aeromagnetics database, gravity database, geochemistry database and remote sensing database, is very significant. We developed national important mining zone database (NIMZDB) to manage 14 national important mining zone databases to support a new round prediction of ore deposit. We found that attention should be paid to the following issues: ① data accuracy: integrity, logic consistency, attribute, spatial and time accuracy; ② management of both attribute and spatial data in the same system;③ transforming data between MapGIS and ArcGIS; ④ data sharing and security; ⑤ data searches that can query both attribute and spatial data. Accuracy of input data is guaranteed and the search, analysis and translation of data between MapGIS and ArcGIS has been made convenient via the development of a checking data module and a managing data module based on MapGIS and ArcGIS. Using AreSDE, we based data sharing on a client/server system, and attribute and spatial data are also managed in the same system.
基金supported by Basic Science Research Program through the National Research Foundation of Korea(NRF)funded by the Ministry of Education(No.2022R1I1A3063257)supported by Electronics and Telecommunications Research Institute(ETRI)grant funded by the Korean Government[22ZR1300,Research on Intelligent Cyber Security and Trust Infra].
文摘These days,data is regarded as a valuable asset in the era of the data economy,which demands a trading platform for buying and selling data.However,online data trading poses challenges in terms of security and fairness because the seller and the buyer may not fully trust each other.Therefore,in this paper,a blockchain-based secure and fair data trading system is proposed by taking advantage of the smart contract and matchmaking encryption.The proposed system enables bilateral authorization,where data trading between a seller and a buyer is accomplished only if their policies,required by each other,are satisfied simultaneously.This can be achieved by exploiting the security features of the matchmaking encryption.To guarantee non-repudiation and fairness between trading parties,the proposed system leverages a smart contract to ensure that the parties honestly carry out the data trading protocol.However,the smart contract in the proposed system does not include complex cryptographic operations for the efficiency of onchain processes.Instead,these operations are carried out by off-chain parties and their results are used as input for the on-chain procedure.The system also uses an arbitration protocol to resolve disputes based on the trading proof recorded on the blockchain.The performance of the protocol is evaluated in terms of off-chain computation overhead and on-chain gas consumption.The results of the experiments demonstrate that the proposed protocols can enable the implementation of a cost-effective data trading system.
文摘In order to cope with varying protection granularity levels of XML(extensible Markup Language) documents, we propose a TXAC (Two-level XML. Access Control) framework,in which an extended TRBAC ( Temporal Role-Based Access Control) approach is proposed to deal withthe dynamic XML data With different system components, LXAC algorithm evaluates access requestsefficiently by appropriate access control policy in dynamic web environment. The method is aflexible and powerful security system offering amulti-level access control solution.
基金supported by National Key Technology Support Program(No.2013BAD17B06)Major Program of National Social Science Fund(No.15ZDB154)
文摘Big data has been taken as a Chinese national strategy in order to satisfy the developments of the social and economic requirements and the development of new information technology. The prosperity of big data brings not only convenience to people's daily life and more opportunities to enterprises, but more challenges with information security as well. This paper has a research on new types and features of information security issues in the age of big data, and puts forward the solutions for the above issues: build up the big data security management platform, set up the establishment of information security system and implement relevant laws and regulations.
基金National Natural Science Foundation of China grant 71901169Fundamental Research Funds for the Central Universities,and Natural Science Basic Research Plan in the Shaanxi Province of China 2021JM-026.
文摘At present,the global big data industry is experiencing vibrant development with technological evolution and application innovation speeding up side by side.Novel technologies for data storage,computing and analytics,such as non-relational databases,distributed parallel computing,machine learning,and deep data mining have emerged and evolved rapidly.Big data has gradually become a fundamental national strategic resource and a cornerstone factor in production.However,increasing big data security problems are exposed and the number of big data security incidents occurring around the world is on the rise.Against this background,this paper provides a summary of the present situation of global data security governance,points out the challenges,and then proceeds to raise solutions for further modernizing data security governance systems.
文摘As more medical data become digitalized,machine learning is regarded as a promising tool for constructing medical decision support systems.Even with vast medical data volumes,machine learning is still not fully exploiting its potential because the data usually sits in data silos,and privacy and security regulations restrict their access and use.To address these issues,we built a secured and explainable machine learning framework,called explainable federated XGBoost(EXPERTS),which can share valuable information among different medical institutions to improve the learning results without sharing the patients’ data.It also reveals how the machine makes a decision through eigenvalues to offer a more insightful answer to medical professionals.To study the performance,we evaluate our approach by real-world datasets,and our approach outperforms the benchmark algorithms under both federated learning and non-federated learning frameworks.
文摘At present,health care applications,government services,and banking applications use big data with cloud storage to process and implement data.Data mobility in cloud environments uses protection protocols and algorithms to secure sensitive user data.Sometimes,data may have highly sensitive information,lead-ing users to consider using big data and cloud processing regardless of whether they are secured are not.Threats to sensitive data in cloud systems produce high risks,and existing security methods do not provide enough security to sensitive user data in cloud and big data environments.At present,several security solu-tions support cloud systems.Some of them include Hadoop Distributed File Sys-tem(HDFS)baseline Kerberos security,socket layer-based HDFS security,and hybrid security systems,which have time complexity in providing security inter-actions.Thus,mobile data security algorithms are necessary in cloud environ-ments to avoid time risks in providing security.In our study,we propose a data mobility and security(DMoS)algorithm to provide security of data mobility in cloud environments.By analyzing metadata,data are classified as secured and open data based on their importance.Secured data are sensitive user data,whereas open data are open to the public.On the basis of data classification,secured data are applied to the DMoS algorithm to achieve high security in HDFS.The pro-posed approach is compared with the time complexity of three existing algo-rithms,and results are evaluated.
文摘In the present scenario of rapid growth in cloud computing models,several companies and users started to share their data on cloud servers.However,when the model is not completely trusted,the data owners face several security-related problems,such as user privacy breaches,data disclosure,data corruption,and so on,during the process of data outsourcing.For addressing and handling the security-related issues on Cloud,several models were proposed.With that concern,this paper develops a Privacy-Preserved Data Security Approach(PP-DSA)to provide the data security and data integrity for the out-sourcing data in Cloud Environment.Privacy preservation is ensured in this work with the Efficient Authentication Technique(EAT)using the Group Signature method that is applied with Third-Party Auditor(TPA).The role of the auditor is to secure the data and guarantee shared data integrity.Additionally,the Cloud Service Provider(CSP)and Data User(DU)can also be the attackers that are to be handled with the EAT.Here,the major objective of the work is to enhance cloud security and thereby,increase Quality of Service(QoS).The results are evaluated based on the model effectiveness,security,and reliability and show that the proposed model provides better results than existing works.
基金Funding for this study was received from the Taif University,Taif,Saudi Arabia under the Grant No.TURSP-2020/150.
文摘In recent years,it has been observed that the disclosure of information increases the risk of terrorism.Without restricting the accessibility of information,providing security is difficult.So,there is a demand for time tofill the gap between security and accessibility of information.In fact,security tools should be usable for improving the security as well as the accessibility of information.Though security and accessibility are not directly influenced,some of their factors are indirectly influenced by each other.Attributes play an important role in bridging the gap between security and accessibility.In this paper,we identify the key attributes of accessibility and security that impact directly and indirectly on each other,such as confidentiality,integrity,availability,and severity.The significance of every attribute on the basis of obtained weight is important for its effect on security during the big data security life cycle process.To calculate the proposed work,researchers utilised the Fuzzy Analytic Hierarchy Process(Fuzzy AHP).Thefindings show that the Fuzzy AHP is a very accurate mechanism for determining the best security solution in a real-time healthcare context.The study also looks at the rapidly evolving security technologies in healthcare that could help improve healthcare services and the future prospects in this area.
基金Taif University Researchers Supporting Project Number(TURSP-2020/98),Taif University,Taif,Saudi Arabia.
文摘The Internet of Medical Things(IoMT)is an online device that senses and transmits medical data from users to physicians within a time interval.In,recent years,IoMT has rapidly grown in the medicalfield to provide healthcare services without physical appearance.With the use of sensors,IoMT applications are used in healthcare management.In such applications,one of the most important factors is data security,given that its transmission over the network may cause obtrusion.For data security in IoMT systems,blockchain is used due to its numerous blocks for secure data storage.In this study,Blockchain-assisted secure data management framework(BSDMF)and Proof of Activity(PoA)protocol using malicious code detection algorithm is used in the proposed data security for the healthcare system.The main aim is to enhance the data security over the networks.The PoA protocol enhances high security of data from the literature review.By replacing the malicious node from the block,the PoA can provide high security for medical data in the blockchain.Comparison with existing systems shows that the proposed simulation with BSD-Malicious code detection algorithm achieves higher accuracy ratio,precision ratio,security,and efficiency and less response time for Blockchain-enabled healthcare systems.
文摘With the advancements in the era of artificial intelligence,blockchain,cloud computing,and big data,there is a need for secure,decentralized medical record storage and retrieval systems.While cloud storage solves storage issues,it is challenging to realize secure sharing of records over the network.Medi-block record in the healthcare system has brought a new digitalization method for patients’medical records.This centralized technology provides a symmetrical process between the hospital and doctors when patients urgently need to go to a different or nearby hospital.It enables electronic medical records to be available with the correct authentication and restricts access to medical data retrieval.Medi-block record is the consumer-centered healthcare data system that brings reliable and transparent datasets for the medical record.This study presents an extensive review of proposed solutions aiming to protect the privacy and integrity of medical data by securing data sharing for Medi-block records.It also aims to propose a comprehensive investigation of the recent advances in different methods of securing data sharing,such as using Blockchain technology,Access Control,Privacy-Preserving,Proxy Re-Encryption,and Service-On-Chain approach.Finally,we highlight the open issues and identify the challenges regarding secure data sharing for Medi-block records in the healthcare systems.
