This paper presents a comprehensive exploration into the integration of Internet of Things(IoT),big data analysis,cloud computing,and Artificial Intelligence(AI),which has led to an unprecedented era of connectivity.W...This paper presents a comprehensive exploration into the integration of Internet of Things(IoT),big data analysis,cloud computing,and Artificial Intelligence(AI),which has led to an unprecedented era of connectivity.We delve into the emerging trend of machine learning on embedded devices,enabling tasks in resource-limited environ-ments.However,the widespread adoption of machine learning raises significant privacy concerns,necessitating the development of privacy-preserving techniques.One such technique,secure multi-party computation(MPC),allows collaborative computations without exposing private inputs.Despite its potential,complex protocols and communication interactions hinder performance,especially on resource-constrained devices.Efforts to enhance efficiency have been made,but scalability remains a challenge.Given the success of GPUs in deep learning,lever-aging embedded GPUs,such as those offered by NVIDIA,emerges as a promising solution.Therefore,we propose an Embedded GPU-based Secure Two-party Computation(EG-STC)framework for Artificial Intelligence(AI)systems.To the best of our knowledge,this work represents the first endeavor to fully implement machine learning model training based on secure two-party computing on the Embedded GPU platform.Our experimental results demonstrate the effectiveness of EG-STC.On an embedded GPU with a power draw of 5 W,our implementation achieved a secure two-party matrix multiplication throughput of 5881.5 kilo-operations per millisecond(kops/ms),with an energy efficiency ratio of 1176.3 kops/ms/W.Furthermore,leveraging our EG-STC framework,we achieved an overall time acceleration ratio of 5–6 times compared to solutions running on server-grade CPUs.Our solution also exhibited a reduced runtime,requiring only 60%to 70%of the runtime of previously best-known methods on the same platform.In summary,our research contributes to the advancement of secure and efficient machine learning implementations on resource-constrained embedded devices,paving the way for broader adoption of AI technologies in various applications.展开更多
This paper studies how to take advantage of other's computing ability to sign a message with one's private key without disclosing the private key. A protocol to this problem is presented, and it is proven, by ...This paper studies how to take advantage of other's computing ability to sign a message with one's private key without disclosing the private key. A protocol to this problem is presented, and it is proven, by well known simulation paradigm, that this protocol is private.展开更多
With the development of cloud computing technology,more and more data owners upload their local data to the public cloud server for storage and calculation.While this can save customers’operating costs,it also poses ...With the development of cloud computing technology,more and more data owners upload their local data to the public cloud server for storage and calculation.While this can save customers’operating costs,it also poses privacy and security challenges.Such challenges can be solved using secure multi-party computation(SMPC),but this still exposes more security issues.In cloud computing using SMPC,clients need to process their data and submit the processed data to the cloud server,which then performs the calculation and returns the results to each client.Each client and server must be honest.If there is cooperation or dishonest behavior between clients,some clients may profit from it or even disclose the private data of other clients.This paper proposes the SMPC based on a Partially-Homomorphic Encryption(PHE)scheme in which an addition homomorphic encryption algorithm with a lower computational cost is used to ensure data comparability and Zero-Knowledge Proof(ZKP)is used to limit the client’s malicious behavior.In addition,the introduction of Oblivious Transfer(OT)technology also ensures that the semi-honest cloud server knows nothing about private data,so that the cloud server of this scheme can calculate the correct data in the case of malicious participant models and safely return the calculation results to each client.Finally,the security analysis shows that the scheme not only ensures the privacy of participants,but also ensures the fairness of the comparison protocol data.展开更多
Efficiency and scalability are still the bottleneck for secure multi-party computation geometry (SMCG). In this work a secure planar convex hull (SPCH) protocol for large-scaled point sets in semi-honest model has...Efficiency and scalability are still the bottleneck for secure multi-party computation geometry (SMCG). In this work a secure planar convex hull (SPCH) protocol for large-scaled point sets in semi-honest model has been proposed efficiently to solve the above problems. Firstly, a novel priva- cy-preserving point-inclusion (PPPI) protocol is designed based on the classic homomorphic encryp- tion and secure cross product protocol, and it is demonstrated that the complexity of PPPI protocol is independent of the vertex size of the input convex hull. And then on the basis of the novel PPPI pro- tocol, an effective SPCH protocol is presented. Analysis shows that this SPCH protocol has a good performance for large-scaled point sets compared with previous solutions. Moreover, analysis finds that the complexity of our SPCH protocol relies on the size of the points on the outermost layer of the input point sets only.展开更多
Numerous privacy-preserving issues have emerged along with the fast development of the Internet of Things. In addressing privacy protection problems in Wireless Sensor Networks (WSN), secure multi-party computation ...Numerous privacy-preserving issues have emerged along with the fast development of the Internet of Things. In addressing privacy protection problems in Wireless Sensor Networks (WSN), secure multi-party computation is considered vital, where obtaining the Euclidian distance between two nodes with no disclosure of either side's secrets has become the focus of location-privacy-related applications. This paper proposes a novel Privacy-Preserving Scalar Product Protocol (PPSPP) for wireless sensor networks. Based on PPSPP, we then propose a Homomorphic-Encryption-based Euclidean Distance Protocol (HEEDP) without third parties. This protocol can achieve secure distance computation between two sensor nodes. Correctness proofs of PPSPP and HEEDP are provided, followed by security validation and analysis. Performance evaluations via comparisons among similar protocols demonstrate that HEEDP is superior; it is most efficient in terms of both communication and computation on a wide range of data types, especially in wireless sensor networks.展开更多
Pervasive IoT applications enable us to perceive,analyze,control,and optimize the traditional physical systems.Recently,security breaches in many IoT applications have indicated that IoT applications may put the physi...Pervasive IoT applications enable us to perceive,analyze,control,and optimize the traditional physical systems.Recently,security breaches in many IoT applications have indicated that IoT applications may put the physical systems at risk.Severe resource constraints and insufficient security design are two major causes of many security problems in IoT applications.As an extension of the cloud,the emerging edge computing with rich resources provides us a new venue to design and deploy novel security solutions for IoT applications.Although there are some research efforts in this area,edge-based security designs for IoT applications are still in its infancy.This paper aims to present a comprehensive survey of existing IoT security solutions at the edge layer as well as to inspire more edge-based IoT security designs.We first present an edge-centric IoT architecture.Then,we extensively review the edge-based IoT security research efforts in the context of security architecture designs,firewalls,intrusion detection systems,authentication and authorization protocols,and privacy-preserving mechanisms.Finally,we propose our insight into future research directions and open research issues.展开更多
The resilient storage outsourcing schemes in mobile cloud computing are analyzed. It is pointed out that the sharing-based scheme (ShS) has vulnerabilities regarding confidentiality and integrity; meanwhile, the cod...The resilient storage outsourcing schemes in mobile cloud computing are analyzed. It is pointed out that the sharing-based scheme (ShS) has vulnerabilities regarding confidentiality and integrity; meanwhile, the coding-based scheme (COS) and the encryption-based scheme (EnS) have vulnerabilities on integrity. The corresponding attacks on these vulnerabilities are given. Then, the improved protocols such as the secure sharing-based protocol (SShP), the secure coding-based protocol (SCoP) and the secure encryption- based protocol (SEnP), are proposed to overcome these vulnerabilities. The core elements are protected through public key encryptions and digital signatures. Security analyses show that the confidentiality and the integrity of the improved protocols are guaranteed. Meanwhile, the improved protocols can keep the frame of the former schemes and have higher security. The simulation results illustrate that compared with the existing protocols, the communication overhead of the improved protocols is not significantly increased.展开更多
We present a model based on Computational Temporal Logic(CTL)methods forverifying security requirements of electronic commerce,protocols.The model describes formally theauthentication,confidentiality integrity,non-rep...We present a model based on Computational Temporal Logic(CTL)methods forverifying security requirements of electronic commerce,protocols.The model describes formally theauthentication,confidentiality integrity,non-repudiation denial of serviee and access control ofthe e-lectronic commerce protocols.We illustrate as case study a variant of the Lu-Smolka protocolproposed by Lu-Smolka Moreover,we have discovered two attacks that allow a dishonest user topurchase a good debiting the amountto another user.And also,we compared our work with relativeresearch works and found lhat the formal way of this paper is more general to specify securityprotocols for E-Commerce.展开更多
Software Defined Networking(SDN)being an emerging network control model is widely recognized as a control and management platform.This model provides efficient techniques to control and manage the enterprise network.A...Software Defined Networking(SDN)being an emerging network control model is widely recognized as a control and management platform.This model provides efficient techniques to control and manage the enterprise network.Another emerging paradigm is edge computing in which data processing is performed at the edges of the network instead of a central controller.This data processing at the edge nodes reduces the latency and bandwidth requirements.In SDN,the controller is a single point of failure.Several security issues related to the traditional network can be solved by using SDN central management and control.Address Spoofing and Network Intrusion are the most common attacks.These attacks severely degrade performance and security.We propose an edge computing-based mechanism that automatically detects and mitigates those attacks.In this mechanism,an edge system gets the network topology from the controller and the Address Resolution Protocol(ARP)traffic is directed to it for further analysis.As such,the controller is saved from unnecessary processing related to addressing translation.We propose a graph computation based method to identify the location of an attacker or intruder by implementing a graph difference method.By using the correct location information,the exact attacker or intruder is blocked,while the legitimate users get access to the network resources.The proposed mechanism is evaluated in a Mininet simulator and a POX controller.The results show that it improves system performance in terms of attack mitigation time,attack detection time,and bandwidth requirements.展开更多
With the rapid advancement of ICT and IoT technologies,the integration of Edge and Fog Computing has become essential to meet the increasing demands for real-time data processing and network efficiency.However,these t...With the rapid advancement of ICT and IoT technologies,the integration of Edge and Fog Computing has become essential to meet the increasing demands for real-time data processing and network efficiency.However,these technologies face critical security challenges,exacerbated by the emergence of quantum computing,which threatens traditional encryption methods.The rise in cyber-attacks targeting IoT and Edge/Fog networks underscores the need for robust,quantum-resistant security solutions.To address these challenges,researchers are focusing on Quantum Key Distribution and Post-Quantum Cryptography,which utilize quantum-resistant algorithms and the principles of quantum mechanics to ensure data confidentiality and integrity.This paper reviews the current security practices in IoT and Edge/Fog environments,explores the latest advancements in QKD and PQC technologies,and discusses their integration into distributed computing systems.Additionally,this paper proposes an enhanced QKD protocol combining the Cascade protocol and Kyber algorithm to address existing limitations.Finally,we highlight future research directions aimed at improving the scalability,efficiency,and practicality of QKD and PQC for securing IoT and Edge/Fog networks against evolving quantum threats.展开更多
Secure Multi-party Computation has been a research focus in international cryptographic community in recent years. In this paper the authors investigate how some computational geometric problems could be solved in a c...Secure Multi-party Computation has been a research focus in international cryptographic community in recent years. In this paper the authors investigate how some computational geometric problems could be solved in a cooperative environment, where two parties need to solve a geometric problem based on their joint data, but neither wants to disclose its private data to the other party. These problems are the distance between two private points, the relation between a private point and a circle area, the relation between a private point and an ellipse area and the shortest distance between two point sets. The paper gives solutions to these specific geometric. problems, and in doing so a building block is developed, the protocol for the distance between two private points, that is also useful in the solutions to other geometric problems and combinatorial problems.展开更多
Internet of Medical Things (IoMT) is a breakthrough technologyin the transfer of medical data via a communication system. Wearable sensordevices collect patient data and transfer them through mobile internet, thatis, ...Internet of Medical Things (IoMT) is a breakthrough technologyin the transfer of medical data via a communication system. Wearable sensordevices collect patient data and transfer them through mobile internet, thatis, the IoMT. Recently, the shift in paradigm from manual data storage toelectronic health recording on fog, edge, and cloud computing has been noted.These advanced computing technologies have facilitated medical services withminimum cost and available conditions. However, the IoMT raises a highconcern on network security and patient data privacy in the health caresystem. The main issue is the transmission of health data with high security inthe fog computing model. In today’s market, the best solution is blockchaintechnology. This technology provides high-end security and authenticationin storing and transferring data. In this research, a blockchain-based fogcomputing model is proposed for the IoMT. The proposed technique embedsa block chain with the yet another consensus (YAC) protocol building securityinfrastructure into fog computing for storing and transferring IoMT data inthe network. YAC is a consensus protocol that authenticates the input datain the block chain. In this scenario, the patients and their family membersare allowed to access the data. The empirical outcome of the proposedtechnique indicates high reliability and security against dangerous threats.The major advantages of using the blockchain model are high transparency,good traceability, and high processing speed. The technique also exhibitshigh reliability and efficiency in accessing data with secure transmission. Theproposed technique achieves 95% reliability in transferring a large number offiles up to 10,000.展开更多
Recently, privacy concerns become an increasingly critical issue. Secure multi-party computation plays an important role in privacy-preserving. Secure multi-party computational geometry is a new field of secure multi-...Recently, privacy concerns become an increasingly critical issue. Secure multi-party computation plays an important role in privacy-preserving. Secure multi-party computational geometry is a new field of secure multi-party computation. In this paper, we devote to investigating the solutions to some secure geometric problems in a cooperative environment. The problem is collaboratively computing the Euclid-distance between two private vectors without disclosing the private input to each other. A general privacy-preserving Euclid-distance protocol is firstly presented as a building block and is proved to be secure and efficient in the comparison with the previous methods. And we proposed a new protocol for the application in Wireless Sensor Networks (WSNs), based on the novel Euclid-distance protocol and Density-Based Clustering Protocol (DBCP), so that the nodes from two sides can compute cooperatively to divide them into clusters without disclosing their location information to the opposite side.展开更多
Cloud computing becomes an important application development platform for processing user data with high security.Service providers are accustomed to providing storage centers outside the trusted location preferred by...Cloud computing becomes an important application development platform for processing user data with high security.Service providers are accustomed to providing storage centers outside the trusted location preferred by the data owner.Thus,ensuring the security and confidentiality of the data while processing in the centralized network is very difficult.The secured key transmission between the sender and the receiver in the network is a huge challenge in managing most of the sensitive data transmission among the cloud network.Intruders are very active over the network like real authenticated user to hack the personal sensitive data,such as bank balance,health data,personal data,and confidential documents over the cloud network.In this research,a secured key agreement between the sender and the receiver using Kerberos authentication protocol with fingerprint is proposed to ensure security in M-Healthcare.Conditions of patients are monitored using wireless sensor devices and are then transferred to the server.Kerberos protocol helps in avoiding unnecessary communication of authenticated data over the cloud network.Biometric security process is a procedure with the best security in most of the authentication field.Trust node is responsible in carrying data packets from the sender to the receiver in the cloud network.The Kerberos protocol is used in trust node to ensure security.Secured communication between the local health center and the healthcare server is ensured by using a fingerprint feature called minutiae form,which refers to the fingerprint image of both sender and receiver.The computational and communicational cost of the proposed system is lesser when compared with other existing authentication methods.展开更多
Two-party certificateless authenticated key agreement(CL-AKA) protocol is a hot topic in the field of wireless communication security. An improved two-party CL-AKA protocol with enhanced security is proposed,which is ...Two-party certificateless authenticated key agreement(CL-AKA) protocol is a hot topic in the field of wireless communication security. An improved two-party CL-AKA protocol with enhanced security is proposed,which is of provable security and unforgeability in the extended Canetti-Krawczyk(eCK) security model based on the hardness assumption of the computational Diffie Hellman(CDH) problem. Compared with other similar protocols, it is more efficient and can satisfy security properties such as free of the centralized management of certificate and key, free of bilinear pairings, two-party authentication, resistant to unknown key-share attack, key compromise impersonation attacks, the man-in-the-middle-attack(MIMA) of key generation center(KGC), etc. These properties make the proposed protocol have better performance and adaptability for military communication.展开更多
A secure scalar product protocol is a type of specific secure multi-party computation problem. Using this kind of protocol, two involved parties are able to jointly compute the scalar product of their private vectors...A secure scalar product protocol is a type of specific secure multi-party computation problem. Using this kind of protocol, two involved parties are able to jointly compute the scalar product of their private vectors:, but no party will reveal any information about his/her private vector to another one. The secure scalar product protocol is of great importance in many privacy-preserving applications such as privacy-preserving data mining, privacy-preserving cooperative statistical analysis, and privacy-preserving geometry computation. In this paper, we give an efficient and secure scalar product protocol in the presence of malicious adversaries based on two important tools: the proof of knowledge of a discrete logarithm and the verifiable encryption. The security of the new protocol is proved under the standard simulation-based definitions. Compared with the existing schemes, our scheme offers higher efficiency because of avoiding inefficient cut-and-choose proofs.展开更多
基金supported in part by Major Science and Technology Demonstration Project of Jiangsu Provincial Key R&D Program under Grant No.BE2023025in part by the National Natural Science Foundation of China under Grant No.62302238+2 种基金in part by the Natural Science Foundation of Jiangsu Province under Grant No.BK20220388in part by the Natural Science Research Project of Colleges and Universities in Jiangsu Province under Grant No.22KJB520004in part by the China Postdoctoral Science Foundation under Grant No.2022M711689.
文摘This paper presents a comprehensive exploration into the integration of Internet of Things(IoT),big data analysis,cloud computing,and Artificial Intelligence(AI),which has led to an unprecedented era of connectivity.We delve into the emerging trend of machine learning on embedded devices,enabling tasks in resource-limited environ-ments.However,the widespread adoption of machine learning raises significant privacy concerns,necessitating the development of privacy-preserving techniques.One such technique,secure multi-party computation(MPC),allows collaborative computations without exposing private inputs.Despite its potential,complex protocols and communication interactions hinder performance,especially on resource-constrained devices.Efforts to enhance efficiency have been made,but scalability remains a challenge.Given the success of GPUs in deep learning,lever-aging embedded GPUs,such as those offered by NVIDIA,emerges as a promising solution.Therefore,we propose an Embedded GPU-based Secure Two-party Computation(EG-STC)framework for Artificial Intelligence(AI)systems.To the best of our knowledge,this work represents the first endeavor to fully implement machine learning model training based on secure two-party computing on the Embedded GPU platform.Our experimental results demonstrate the effectiveness of EG-STC.On an embedded GPU with a power draw of 5 W,our implementation achieved a secure two-party matrix multiplication throughput of 5881.5 kilo-operations per millisecond(kops/ms),with an energy efficiency ratio of 1176.3 kops/ms/W.Furthermore,leveraging our EG-STC framework,we achieved an overall time acceleration ratio of 5–6 times compared to solutions running on server-grade CPUs.Our solution also exhibited a reduced runtime,requiring only 60%to 70%of the runtime of previously best-known methods on the same platform.In summary,our research contributes to the advancement of secure and efficient machine learning implementations on resource-constrained embedded devices,paving the way for broader adoption of AI technologies in various applications.
文摘This paper studies how to take advantage of other's computing ability to sign a message with one's private key without disclosing the private key. A protocol to this problem is presented, and it is proven, by well known simulation paradigm, that this protocol is private.
基金supported by the National Natural Science Foundation of China under Grant No.(62202118.61962009)And in part by Natural Science Foundation of Shandong Province(ZR2021MF086)+1 种基金And in part by Top Technology Talent Project from Guizhou Education Department(Qian jiao ji[2022]073)And in part by Foundation of Guangxi Key Laboratory of Cryptography and Information Security(GCIS202118).
文摘With the development of cloud computing technology,more and more data owners upload their local data to the public cloud server for storage and calculation.While this can save customers’operating costs,it also poses privacy and security challenges.Such challenges can be solved using secure multi-party computation(SMPC),but this still exposes more security issues.In cloud computing using SMPC,clients need to process their data and submit the processed data to the cloud server,which then performs the calculation and returns the results to each client.Each client and server must be honest.If there is cooperation or dishonest behavior between clients,some clients may profit from it or even disclose the private data of other clients.This paper proposes the SMPC based on a Partially-Homomorphic Encryption(PHE)scheme in which an addition homomorphic encryption algorithm with a lower computational cost is used to ensure data comparability and Zero-Knowledge Proof(ZKP)is used to limit the client’s malicious behavior.In addition,the introduction of Oblivious Transfer(OT)technology also ensures that the semi-honest cloud server knows nothing about private data,so that the cloud server of this scheme can calculate the correct data in the case of malicious participant models and safely return the calculation results to each client.Finally,the security analysis shows that the scheme not only ensures the privacy of participants,but also ensures the fairness of the comparison protocol data.
基金Supported by the Young Scientists Program of CUEB(No.2014XJQ016,00791462722337)National Natural Science Foundation of China(No.61302087)+1 种基金Young Scientific Research Starting Foundation of CUEBImprove Scientific Research Foundation of Beijing Education
文摘Efficiency and scalability are still the bottleneck for secure multi-party computation geometry (SMCG). In this work a secure planar convex hull (SPCH) protocol for large-scaled point sets in semi-honest model has been proposed efficiently to solve the above problems. Firstly, a novel priva- cy-preserving point-inclusion (PPPI) protocol is designed based on the classic homomorphic encryp- tion and secure cross product protocol, and it is demonstrated that the complexity of PPPI protocol is independent of the vertex size of the input convex hull. And then on the basis of the novel PPPI pro- tocol, an effective SPCH protocol is presented. Analysis shows that this SPCH protocol has a good performance for large-scaled point sets compared with previous solutions. Moreover, analysis finds that the complexity of our SPCH protocol relies on the size of the points on the outermost layer of the input point sets only.
基金sponsored by the National Natural Science Foundation of China(No.61373138)the Natural Science Key Fund for Colleges and Universities in Jiangsu Province(No.12KJA520002)+4 种基金the Key Research and Development Program of Jiangsu Province(Social Development Program)(No.BE2015702)the Postdoctoral Foundation(Nos.2015M570468 and2016T90485)the Sixth Talent Peaks Project of Jiangsu Province(No.DZXX-017)the Fund of Jiangsu High Technology Research Key Laboratory for Wireless Sensor Networks(WSNLBZY201516)the Science and Technology Innovation Fund for Postgraduate Education of Jiangsu Province(No.KYLX15 0853)
文摘Numerous privacy-preserving issues have emerged along with the fast development of the Internet of Things. In addressing privacy protection problems in Wireless Sensor Networks (WSN), secure multi-party computation is considered vital, where obtaining the Euclidian distance between two nodes with no disclosure of either side's secrets has become the focus of location-privacy-related applications. This paper proposes a novel Privacy-Preserving Scalar Product Protocol (PPSPP) for wireless sensor networks. Based on PPSPP, we then propose a Homomorphic-Encryption-based Euclidean Distance Protocol (HEEDP) without third parties. This protocol can achieve secure distance computation between two sensor nodes. Correctness proofs of PPSPP and HEEDP are provided, followed by security validation and analysis. Performance evaluations via comparisons among similar protocols demonstrate that HEEDP is superior; it is most efficient in terms of both communication and computation on a wide range of data types, especially in wireless sensor networks.
基金This research has been supported by the National Science Foundation(under grant#1723596)the National Security Agency(under grant#H98230-17-1-0355).
文摘Pervasive IoT applications enable us to perceive,analyze,control,and optimize the traditional physical systems.Recently,security breaches in many IoT applications have indicated that IoT applications may put the physical systems at risk.Severe resource constraints and insufficient security design are two major causes of many security problems in IoT applications.As an extension of the cloud,the emerging edge computing with rich resources provides us a new venue to design and deploy novel security solutions for IoT applications.Although there are some research efforts in this area,edge-based security designs for IoT applications are still in its infancy.This paper aims to present a comprehensive survey of existing IoT security solutions at the edge layer as well as to inspire more edge-based IoT security designs.We first present an edge-centric IoT architecture.Then,we extensively review the edge-based IoT security research efforts in the context of security architecture designs,firewalls,intrusion detection systems,authentication and authorization protocols,and privacy-preserving mechanisms.Finally,we propose our insight into future research directions and open research issues.
基金The National Natural Science Foundation of China( No. 60902008)the Key Laboratory Hi-Tech Program of Changzhou City( No. CM20103003)+1 种基金the Key Laboratory Program of Information Network Security of Ministry of Public Security (No. C12602)the Science and Technology Supporting Project of Changzhou City ( No. CE20120030)
文摘The resilient storage outsourcing schemes in mobile cloud computing are analyzed. It is pointed out that the sharing-based scheme (ShS) has vulnerabilities regarding confidentiality and integrity; meanwhile, the coding-based scheme (COS) and the encryption-based scheme (EnS) have vulnerabilities on integrity. The corresponding attacks on these vulnerabilities are given. Then, the improved protocols such as the secure sharing-based protocol (SShP), the secure coding-based protocol (SCoP) and the secure encryption- based protocol (SEnP), are proposed to overcome these vulnerabilities. The core elements are protected through public key encryptions and digital signatures. Security analyses show that the confidentiality and the integrity of the improved protocols are guaranteed. Meanwhile, the improved protocols can keep the frame of the former schemes and have higher security. The simulation results illustrate that compared with the existing protocols, the communication overhead of the improved protocols is not significantly increased.
基金Supported by the Natural Science Foundation ofthe Department of Education of Guangdong Province(Z03001)
文摘We present a model based on Computational Temporal Logic(CTL)methods forverifying security requirements of electronic commerce,protocols.The model describes formally theauthentication,confidentiality integrity,non-repudiation denial of serviee and access control ofthe e-lectronic commerce protocols.We illustrate as case study a variant of the Lu-Smolka protocolproposed by Lu-Smolka Moreover,we have discovered two attacks that allow a dishonest user topurchase a good debiting the amountto another user.And also,we compared our work with relativeresearch works and found lhat the formal way of this paper is more general to specify securityprotocols for E-Commerce.
文摘Software Defined Networking(SDN)being an emerging network control model is widely recognized as a control and management platform.This model provides efficient techniques to control and manage the enterprise network.Another emerging paradigm is edge computing in which data processing is performed at the edges of the network instead of a central controller.This data processing at the edge nodes reduces the latency and bandwidth requirements.In SDN,the controller is a single point of failure.Several security issues related to the traditional network can be solved by using SDN central management and control.Address Spoofing and Network Intrusion are the most common attacks.These attacks severely degrade performance and security.We propose an edge computing-based mechanism that automatically detects and mitigates those attacks.In this mechanism,an edge system gets the network topology from the controller and the Address Resolution Protocol(ARP)traffic is directed to it for further analysis.As such,the controller is saved from unnecessary processing related to addressing translation.We propose a graph computation based method to identify the location of an attacker or intruder by implementing a graph difference method.By using the correct location information,the exact attacker or intruder is blocked,while the legitimate users get access to the network resources.The proposed mechanism is evaluated in a Mininet simulator and a POX controller.The results show that it improves system performance in terms of attack mitigation time,attack detection time,and bandwidth requirements.
基金supported by the National Research Foundation of Korea(NRF)funded by theMinistry of Science and ICT(2022K1A3A1A61014825)。
文摘With the rapid advancement of ICT and IoT technologies,the integration of Edge and Fog Computing has become essential to meet the increasing demands for real-time data processing and network efficiency.However,these technologies face critical security challenges,exacerbated by the emergence of quantum computing,which threatens traditional encryption methods.The rise in cyber-attacks targeting IoT and Edge/Fog networks underscores the need for robust,quantum-resistant security solutions.To address these challenges,researchers are focusing on Quantum Key Distribution and Post-Quantum Cryptography,which utilize quantum-resistant algorithms and the principles of quantum mechanics to ensure data confidentiality and integrity.This paper reviews the current security practices in IoT and Edge/Fog environments,explores the latest advancements in QKD and PQC technologies,and discusses their integration into distributed computing systems.Additionally,this paper proposes an enhanced QKD protocol combining the Cascade protocol and Kyber algorithm to address existing limitations.Finally,we highlight future research directions aimed at improving the scalability,efficiency,and practicality of QKD and PQC for securing IoT and Edge/Fog networks against evolving quantum threats.
文摘Secure Multi-party Computation has been a research focus in international cryptographic community in recent years. In this paper the authors investigate how some computational geometric problems could be solved in a cooperative environment, where two parties need to solve a geometric problem based on their joint data, but neither wants to disclose its private data to the other party. These problems are the distance between two private points, the relation between a private point and a circle area, the relation between a private point and an ellipse area and the shortest distance between two point sets. The paper gives solutions to these specific geometric. problems, and in doing so a building block is developed, the protocol for the distance between two private points, that is also useful in the solutions to other geometric problems and combinatorial problems.
文摘Internet of Medical Things (IoMT) is a breakthrough technologyin the transfer of medical data via a communication system. Wearable sensordevices collect patient data and transfer them through mobile internet, thatis, the IoMT. Recently, the shift in paradigm from manual data storage toelectronic health recording on fog, edge, and cloud computing has been noted.These advanced computing technologies have facilitated medical services withminimum cost and available conditions. However, the IoMT raises a highconcern on network security and patient data privacy in the health caresystem. The main issue is the transmission of health data with high security inthe fog computing model. In today’s market, the best solution is blockchaintechnology. This technology provides high-end security and authenticationin storing and transferring data. In this research, a blockchain-based fogcomputing model is proposed for the IoMT. The proposed technique embedsa block chain with the yet another consensus (YAC) protocol building securityinfrastructure into fog computing for storing and transferring IoMT data inthe network. YAC is a consensus protocol that authenticates the input datain the block chain. In this scenario, the patients and their family membersare allowed to access the data. The empirical outcome of the proposedtechnique indicates high reliability and security against dangerous threats.The major advantages of using the blockchain model are high transparency,good traceability, and high processing speed. The technique also exhibitshigh reliability and efficiency in accessing data with secure transmission. Theproposed technique achieves 95% reliability in transferring a large number offiles up to 10,000.
基金Supported by the National Natural Science Foundation ofChina(No.61170065,61003039)Postdoctoral Foundation(2012M511753,1101011B)+1 种基金Science & Technology Innovation Fund for Higher Education Institutions of Jiangsu Province(CXLX12_0486)the Priority Academic Program Development of Jiangsu Higher Education Institutions(yx002001)
文摘Recently, privacy concerns become an increasingly critical issue. Secure multi-party computation plays an important role in privacy-preserving. Secure multi-party computational geometry is a new field of secure multi-party computation. In this paper, we devote to investigating the solutions to some secure geometric problems in a cooperative environment. The problem is collaboratively computing the Euclid-distance between two private vectors without disclosing the private input to each other. A general privacy-preserving Euclid-distance protocol is firstly presented as a building block and is proved to be secure and efficient in the comparison with the previous methods. And we proposed a new protocol for the application in Wireless Sensor Networks (WSNs), based on the novel Euclid-distance protocol and Density-Based Clustering Protocol (DBCP), so that the nodes from two sides can compute cooperatively to divide them into clusters without disclosing their location information to the opposite side.
文摘Cloud computing becomes an important application development platform for processing user data with high security.Service providers are accustomed to providing storage centers outside the trusted location preferred by the data owner.Thus,ensuring the security and confidentiality of the data while processing in the centralized network is very difficult.The secured key transmission between the sender and the receiver in the network is a huge challenge in managing most of the sensitive data transmission among the cloud network.Intruders are very active over the network like real authenticated user to hack the personal sensitive data,such as bank balance,health data,personal data,and confidential documents over the cloud network.In this research,a secured key agreement between the sender and the receiver using Kerberos authentication protocol with fingerprint is proposed to ensure security in M-Healthcare.Conditions of patients are monitored using wireless sensor devices and are then transferred to the server.Kerberos protocol helps in avoiding unnecessary communication of authenticated data over the cloud network.Biometric security process is a procedure with the best security in most of the authentication field.Trust node is responsible in carrying data packets from the sender to the receiver in the cloud network.The Kerberos protocol is used in trust node to ensure security.Secured communication between the local health center and the healthcare server is ensured by using a fingerprint feature called minutiae form,which refers to the fingerprint image of both sender and receiver.The computational and communicational cost of the proposed system is lesser when compared with other existing authentication methods.
文摘Two-party certificateless authenticated key agreement(CL-AKA) protocol is a hot topic in the field of wireless communication security. An improved two-party CL-AKA protocol with enhanced security is proposed,which is of provable security and unforgeability in the extended Canetti-Krawczyk(eCK) security model based on the hardness assumption of the computational Diffie Hellman(CDH) problem. Compared with other similar protocols, it is more efficient and can satisfy security properties such as free of the centralized management of certificate and key, free of bilinear pairings, two-party authentication, resistant to unknown key-share attack, key compromise impersonation attacks, the man-in-the-middle-attack(MIMA) of key generation center(KGC), etc. These properties make the proposed protocol have better performance and adaptability for military communication.
基金This work was supported by the National Natural Science Foundation of China under Grant Nos. 60973134, 61173164, 61003232, and the Natural Science Foundation of Guangdong Province of China under Grant No. 10351806001000000.
文摘A secure scalar product protocol is a type of specific secure multi-party computation problem. Using this kind of protocol, two involved parties are able to jointly compute the scalar product of their private vectors:, but no party will reveal any information about his/her private vector to another one. The secure scalar product protocol is of great importance in many privacy-preserving applications such as privacy-preserving data mining, privacy-preserving cooperative statistical analysis, and privacy-preserving geometry computation. In this paper, we give an efficient and secure scalar product protocol in the presence of malicious adversaries based on two important tools: the proof of knowledge of a discrete logarithm and the verifiable encryption. The security of the new protocol is proved under the standard simulation-based definitions. Compared with the existing schemes, our scheme offers higher efficiency because of avoiding inefficient cut-and-choose proofs.
