Cloud computing is very useful for big data owner who doesn't want to manage IT infrastructure and big data technique details. However, it is hard for big data owner to trust multi-layer outsourced big data system...Cloud computing is very useful for big data owner who doesn't want to manage IT infrastructure and big data technique details. However, it is hard for big data owner to trust multi-layer outsourced big data system in cloud environment and to verify which outsourced service leads to the problem. Similarly, the cloud service provider cannot simply trust the data computation applications. At last,the verification data itself may also leak the sensitive information from the cloud service provider and data owner. We propose a new three-level definition of the verification, threat model, corresponding trusted policies based on different roles for outsourced big data system in cloud. We also provide two policy enforcement methods for building trusted data computation environment by measuring both the Map Reduce application and its behaviors based on trusted computing and aspect-oriented programming. To prevent sensitive information leakage from verification process,we provide a privacy-preserved verification method. Finally, we implement the TPTVer, a Trusted third Party based Trusted Verifier as a proof of concept system. Our evaluation and analysis show that TPTVer can provide trusted verification for multi-layered outsourced big data system in the cloud with low overhead.展开更多
Cloud computing, a recently emerged paradigm faces major challenges in achieving the privacy of migrated data, network security, etc. Too many cryptographic technologies are raised to solve these issues based on ident...Cloud computing, a recently emerged paradigm faces major challenges in achieving the privacy of migrated data, network security, etc. Too many cryptographic technologies are raised to solve these issues based on identity, attributes and prediction algorithms yet;these techniques are highly prone to attackers. This would raise a need of an effective encryption technique, which would ensure secure data migration. With this scenario, our proposed methodology Efficient Probabilistic Public Key Encryption(EPPKE) is optimized with Covariance Matrix Adaptation Evolution Strategies(CMA-ES). It ensures data integrity through the Luhn algorithm with BLAKE 2b encapsulation. This enables an optimized security to the data which is migrated through cloud. The proposed methodology is implemented in Open Stack with Java Language. It achieves better results by providing security compared to other existing techniques like RSA, IBA, ABE, PBE, etc.展开更多
Location k-anonymity techniques typically use anony- mous spatial region to ensure privacy. But these solutions are vul- nerable to multiple queries attacks and inference attacks. Failing to account for the obstacle i...Location k-anonymity techniques typically use anony- mous spatial region to ensure privacy. But these solutions are vul- nerable to multiple queries attacks and inference attacks. Failing to account for the obstacle in geographic space is a severe problem since adversaries will surely regard these constraints. A novel framework is proposed to enhance location-dependent queries, based on the theoretical work of k-anonymity and Voronoi diagrams, allows a user to express service requirement and privacy require- ment by specifying a region and an appropriate value ofk. A trusted anonymity server form a restricted set (k, r, s), which is composed of a number of discrete points to meet the requirements for location k-anonymity and location /-diversity. The location-based services (LBS) server implements an efficient algorithm for continu- ous-region-query processing. Simulation results demonstrated that the framework is superior to previous works in terms of privacy. Moreover, discreteness and randomness of the anonymous set are conducive to resisting location tracking attacks.展开更多
An electronic contract is a contract signed by electronic means,which is widely used in electronic commerce activities.In recent years,with the rapid development of quantum cryptography technology,the quantum electron...An electronic contract is a contract signed by electronic means,which is widely used in electronic commerce activities.In recent years,with the rapid development of quantum cryptography technology,the quantum electronic contract has been widely studied by researchers.Supported by the basic principles of quantum mechanics,a quantum electronic contract scheme based on the single photon is proposed in this paper.In this scheme,two copies of the same contract are signed by both parties involved,and then a copy of each contract is sent to a trusted third party.The trusted third party verifies the signatures of both parties and compares the signed copies to determine whether the contract is valid.Compared with the previous scheme,this scheme is based on the quantum electronic contract signed by the single photon.Because the single photon is easy to prepare and operate,this scheme is simple and easy to implement.At the same time,the scheme does not need to exchange signatures between the two parties,which reduces the complexity of communication.Nevertheless,it requires both parties and the third party to be honest and trustworthy.展开更多
基金partially supported by grants from the China 863 High-tech Program (Grant No. 2015AA016002)the Specialized Research Fund for the Doctoral Program of Higher Education (Grant No. 20131103120001)+2 种基金the National Key Research and Development Program of China (Grant No. 2016YFB0800204)the National Science Foundation of China (No. 61502017)the Scientific Research Common Program of Beijing Municipal Commission of Education (KM201710005024)
文摘Cloud computing is very useful for big data owner who doesn't want to manage IT infrastructure and big data technique details. However, it is hard for big data owner to trust multi-layer outsourced big data system in cloud environment and to verify which outsourced service leads to the problem. Similarly, the cloud service provider cannot simply trust the data computation applications. At last,the verification data itself may also leak the sensitive information from the cloud service provider and data owner. We propose a new three-level definition of the verification, threat model, corresponding trusted policies based on different roles for outsourced big data system in cloud. We also provide two policy enforcement methods for building trusted data computation environment by measuring both the Map Reduce application and its behaviors based on trusted computing and aspect-oriented programming. To prevent sensitive information leakage from verification process,we provide a privacy-preserved verification method. Finally, we implement the TPTVer, a Trusted third Party based Trusted Verifier as a proof of concept system. Our evaluation and analysis show that TPTVer can provide trusted verification for multi-layered outsourced big data system in the cloud with low overhead.
文摘Cloud computing, a recently emerged paradigm faces major challenges in achieving the privacy of migrated data, network security, etc. Too many cryptographic technologies are raised to solve these issues based on identity, attributes and prediction algorithms yet;these techniques are highly prone to attackers. This would raise a need of an effective encryption technique, which would ensure secure data migration. With this scenario, our proposed methodology Efficient Probabilistic Public Key Encryption(EPPKE) is optimized with Covariance Matrix Adaptation Evolution Strategies(CMA-ES). It ensures data integrity through the Luhn algorithm with BLAKE 2b encapsulation. This enables an optimized security to the data which is migrated through cloud. The proposed methodology is implemented in Open Stack with Java Language. It achieves better results by providing security compared to other existing techniques like RSA, IBA, ABE, PBE, etc.
基金Supported by the National Natural Science Foundation of China(61472097)Specialized Research Fund for the Doctoral Program of Higher Education of China(20132304110017)Natural Science Foundation of Heilongjiang Province of China(F2015022)
文摘Location k-anonymity techniques typically use anony- mous spatial region to ensure privacy. But these solutions are vul- nerable to multiple queries attacks and inference attacks. Failing to account for the obstacle in geographic space is a severe problem since adversaries will surely regard these constraints. A novel framework is proposed to enhance location-dependent queries, based on the theoretical work of k-anonymity and Voronoi diagrams, allows a user to express service requirement and privacy require- ment by specifying a region and an appropriate value ofk. A trusted anonymity server form a restricted set (k, r, s), which is composed of a number of discrete points to meet the requirements for location k-anonymity and location /-diversity. The location-based services (LBS) server implements an efficient algorithm for continu- ous-region-query processing. Simulation results demonstrated that the framework is superior to previous works in terms of privacy. Moreover, discreteness and randomness of the anonymous set are conducive to resisting location tracking attacks.
基金This work is supported by NSFC(Grant Nos.61572086,61402058)Sichuan Science and Technology Program(Grant Nos.2017JY0168,2018TJPT0012,2018GZ0232,2018CC0060,2017GFW0119,2017GZ0006,2016GFW0127)+2 种基金the National Key Research and Development Program(No.2017YFB0802302)Sichuan innovation team of quantum security communication(No.17TD0009)Sichuan academic and technical leaders training funding support projects(No.2016120080102643).
文摘An electronic contract is a contract signed by electronic means,which is widely used in electronic commerce activities.In recent years,with the rapid development of quantum cryptography technology,the quantum electronic contract has been widely studied by researchers.Supported by the basic principles of quantum mechanics,a quantum electronic contract scheme based on the single photon is proposed in this paper.In this scheme,two copies of the same contract are signed by both parties involved,and then a copy of each contract is sent to a trusted third party.The trusted third party verifies the signatures of both parties and compares the signed copies to determine whether the contract is valid.Compared with the previous scheme,this scheme is based on the quantum electronic contract signed by the single photon.Because the single photon is easy to prepare and operate,this scheme is simple and easy to implement.At the same time,the scheme does not need to exchange signatures between the two parties,which reduces the complexity of communication.Nevertheless,it requires both parties and the third party to be honest and trustworthy.
