ACDAS: Authenticated controlled data access and sharing scheme for cloud storage

Cloud storage services require cost‐effective, scalable, and self‐managed secure data management functionality. Public cloud storage always enforces users to adopt the restricted generic security consideration provided by the cloud service provider. On the contrary, private cloud storage gives users the opportunity to configure a self‐managed and controlled authenticated data security model to control the accessing and sharing of data in a private cloud. However, this introduces several new challenges to data security. One critical issue is how to enable a secure, authenticated data storage model for data access with controlled data accessibility. In this paper, we propose an authenticated controlled data access and sharing scheme called ACDAS to address this issue. In our proposed scheme, we employ a biometric‐based authentication model for secure access to data storage and sharing. To provide flexible data sharing under the control of a data owner, we propose a variant of a proxy reencryption scheme where the cloud server uses a proxy reencryption key and the data owner generates a credential token during decryption to control the accessibility of the users. The security analysis shows that our proposed scheme is resistant to various attacks, including a stolen verifier attack, a replay attack, a password guessing attack, and a stolen mobile device attack. Further, our proposed scheme satisfies the considered security requirements of a data storage and sharing system. The experimental results demonstrate that ACDAS can achieve the security goals together with the practical efficiency of storage, computation, and communication compared with other related schemes.     

一种SD卡用户身份认证方案的设计与实现

通过分析当前云计算中基于口令与证书的模式身份认证,发现存在口令泄露、证书劫持、恶意攻击等导致信息泄密的安全隐患。结合安全卡携带方便、认证效率高、安全度强的特性,基于椭圆算法设计实现了用户与云计算服务器安全认证、密钥协商以及数据密文传输,有效地解决了终端用户身份认证存在的安全问题,并增强了云计算服务的安全性。     

软件定义安全模型与架构浅析

目前大多数企业已经部署了基于策略访问控制的信息安全防御体系,但是随着云计算环境部署和网络攻击技术的发展,安全正成为云计算环境下亟待解决的重要问题,诸如能轻而易举地绕过传统防火墙、突破基于黑/白名单与特征匹配的安全防御机制等高级持续性攻击,给传统安全体系带来了新的挑战.分析了传统紧耦合安全防御体系在虚实结合网络环境下面临的问题,提出了软件定义安全的模型及其框架下的关键技术,实现了虚拟的和物理的网络安全设备与它们的接入模式、部署位置解耦合,为企业云计算环境下自适应的主动安全防护提供了有益的探索.     

A based on blinded CP‐ABE searchable encryption cloud storage service scheme

Cloud computing has great economical advantages and wide application, more and more data owners store their data in the cloud storage server (CSS) to avoid tedious local data management and insufficient storage resources. But the privacy of data owners faces enormous challenges. The most recent searchable encryption technology adopts the ciphertext‐policy attribute‐based encryption (CP‐ABE), which is one good method to deal with this security issue. However, the access attributes of the users are transmitted and assigned in plaintext form. In this paper, we propose a based on blinded CP‐ABE searchable encryption cloud storage service (BCP‐ABE‐SECSS) scheme, which can blind the access attributes of the users in order to prevent the collusion attacks of the CSS and the users. Data encryption and keyword index generation are performed by the data owners; meanwhile, we construct that CSS not only executes the access control policy of the data but also performs the pre‐decryption operation about the encrypted data to solve higher time cost of decryption calculation to the data users. Security proof results show that this scheme has access attribute security, data confidentiality, indistinguishable security against chosen keyword attack, and resisting the collusion attack between the data user and the CSS. Performance analysis and the experimental results show that this scheme can effectively reduce the computation time cost of the data owners and the data users.     

Enhanced security‐aware technique and ontology data access control in cloud computing

Nowadays, security and data access control are some of the major concerns in the cloud storage unit, especially in the medical field. Therefore, a security‐aware mechanism and ontology‐based data access control (SA‐ODAC) has been developed to improve security and access control in cloud computing. The model proposed in this research work is based on two operational methods, namely, secure awareness technique (SAT) and ontology‐based data access control (ODAC), to improve security and data access control in cloud computing. The SAT technique is developed to provide security for medical data in cloud computing, based on encryption, splitting and adding files, and decryption. The ODAC ontology is launched to control unauthorized persons accessing data from storage and create owner and administrator rules to allow access to data and is proposed to improve security and restrict access to data. To manage the key of the SAT technique, the secret sharing scheme is introduced in the proposed framework. The implementation of the algorithm is performed by MATLAB, and its performance is verified in terms of delay, encryption time, encryption time, and ontology processing time and is compared with role‐based access control (RBAC), context‐aware RBAC and context‐aware task RBAC, and security analysis of advanced encryption standard and data encryption standard. Ultimately, the proposed data access control and security scheme in SA‐ODAC have achieved better performance and outperform the conventional technique.     

Identity‐and‐data privacy forward security public auditing protocol in the standard model

To ensure the intactness of the stored data in cloud, numerous data public auditing mechanisms have been presented. However, most of these existing solutions suffer from several flaws: (a) identity privacy and data privacy of data owner are inevitably revealed to the auditor in the auditing process; (b) the existing public auditing mechanisms with resisting key exposure are only proved in the random oracle model. To address the problems above, in this paper, we propose an achieving identity‐and‐data privacy public auditing protocol with forward security in the standard model by incorporating knowledge proof signature, ring signature, and forward security technique. And then, we formalize the security model of forward security and anonymity of identity, in which the adversary is allowed to query private keys of some ring members. It can provide stronger security. Thus, our proposed scheme can not only achieve data owner's identity privacy and data privacy but also provide forward security for data owner's secret key. To the best of our knowledge, it is the first preserving privacy of identity‐and‐data public auditing scheme with forward security that is provably secure in the standard model. The security of the scheme is related to the computational Diffie–Hellman (CDH) problem and the subgroup decision problem. Finally, our scheme is simulatively tested; experimental results demonstrate that our mechanism is very efficient in terms of overall performance.     

Game theory approach for detecting vulnerable data centers in cloud computing network

Nowadays, cloud computing has many benefits to accessibility, scalability, and cost‐effectiveness, leading to network security risks and vulnerabilities. Cloud computing is gaining in popularity with the advances and growth of its systems. Therefore, the security of this system and the identification of vulnerable data centers are more complicated than the past. Definitely discovering vulnerable data centers that are vulnerable to attacks can help to strengthen these data centers and provide a safer and more secure network structure. This paper examines the vulnerability of malware data centers in the infrastructure and cloud computing network structure. Based on the analysis of the cloud computing system in the field of game theory, we introduce a developed model for identifying vulnerable data centers in cloud computing. The developed model in this paper is based on the game theory as a mathematical tool. According to the game theory, we introduce a measure of the degree of vulnerability of data centers in the cloud computing network.     

On the design of secure user authenticated key management scheme for multigateway‐based wireless sensor networks using ECC

In wireless sensor networks (WSNs), there are many critical applications (for example, healthcare, vehicle tracking, and battlefield), where the online streaming data generated from different sensor nodes need to be analyzed with respect to quick control decisions. However, as the data generated by these sensor nodes usually flow through open channel, so there are higher chances of various types of attacks either on the nodes or on to the data captured by these nodes. In this paper, we aim to design a new elliptic curve cryptography–based user authenticated key agreement protocol in a hierarchical WSN so that a legal user can only access the streaming data from generated from different sensor nodes. The proposed scheme is based upon 3‐factor authentication, as it applies smart card, password, and personal biometrics of a user (for ticket generation). The proposed scheme maintains low computation cost for resource‐constrained sensor nodes, as it uses efficient 1‐way cryptographic hash function and bitwise exclusive‐OR operations for secure key establishment between different sensor nodes. The security analysis using the broadly accepted Burrows‐Abadi‐Needham logic, formal security verification using the popular simulation tool (automated validation of Internet security protocols and applications), and informal security show that the proposed scheme is resilient against several well‐known attacks needed for a user authentication scheme in WSNs. The comparison of security and functionality requirements, communication and computation costs of the proposed scheme, and other related existing user authentication schemes shows the superior performance of the proposed scheme.     

一种云计算环境下的安全模型

本文针对当前流行的云计算技术,分析了其所面临的安全问题。以中国墙模型(简称BN模型)为基础提出了保护云端服务器私有云中敏感数据完整性和保密性的CCBN(cloud computing BN)模型,并给出了该模型的基本原理和在云环境中应用该模型的配置方案。     

A simplified deniable authentication scheme in cloud‐based pay‐TV system with privacy protection

Cloud computing is a milestones for computing model, which enables on‐demand, flexible, and low‐cost usage of computing resources, especially for cloud storage. Nowadays, the services of cloud‐based pay‐TV systems are emerging endlessly. But these pay‐TV systems' privacy is not given enough attention. The users not only care about their information revealed during transmission processes but are also concerned about whether the video contents that they have seen were recorded by the pay‐TV systems or not. In this work, I propose a novel deniable authentication protocol in a cloud‐based pay‐TV system, named DAP‐TV, aiming to achieve mutual authentication, deniability, and privacy protection in cloud‐based pay‐TV systems. The unique feature of our scheme is deniability which means a pay‐TV system to identify a user is a legal user, but the pay‐TV system cannot prove video contents that the user has seen to any third party over an unsecured network. In additon, our scheme is based on chaotic maps, which is a highly efficient cryptosystem and is firstly used to construct a deniable authentication scheme in pay‐TV systems. Finally, we give the formal security proof and efficiency comparison with recently related works.     

Provable secure identity‐based multi‐proxy signature scheme

Multi‐proxy signature is one of the useful primitives of the proxy signature. Till now, only a few schemes of identity‐based multi‐proxy signature (IBMPS) have been proposed using bilinear pairings, but most of the schemes are insecure or lack a formal security proof. Because of the important application of IBMPS scheme in distributed systems, grid computing, and so on, construction of an efficient and provable‐secure IBMPS scheme is desired. In 2005, Li & Chen proposed an IBMPS scheme from bilinear pairings, but their paper lacks a formal model and proof of the security. Further, in 2009, Cao & Cao presented an IBMPS scheme with the first formal security model for it. Unfortunately, their scheme is not secure against the Xiong et al's attack. In this paper, first, we present an IBMPS scheme, then we formalize a security model for the IBMPS schemes and prove that the presented scheme is existential unforgeable against adaptive chosen message and identity attack in the random oracle model under the computational Diffie–Hellman assumption. Also, our scheme is not vulnerable for the Xiong et al's attack. The presented scheme is more efficient in the sense of computation and operation time than the existing IBMPS schemes. Copyright © 2013 John Wiley & Sons, Ltd.     

Fog‐SDN: A light mitigation scheme for DDoS attack in fog computing framework

Cloud computing is one of the most tempting technologies in today's computing scenario as it provides a cost‐efficient solutions by reducing the large upfront cost for buying hardware infrastructures and computing power. Fog computing is an added support to cloud environment by leveraging with doing some of the less compute intensive task to be done at the edge devices, which reduces the response time for end user computing. But the vulnerabilities to these systems are still a big concern. Among several security needs, availability is one that makes the demanded services available to the targeted customers all the time. Availability is often challenged by external attacks like Denial of service (DoS) and distributed denial of service (DDoS). This paper demonstrates a novel source‐based DDoS mitigating schemes that could be employed in both fog and cloud computing scenarios to eliminate these attacks. It deploys the DDoS defender module which works on a machine learning–based light detection method, present at the SDN controller. This scheme uses the network traffic data to analyze, predict, and filter incoming data, so that it can send the filtered legitimate packets to the server and blocking the rest.     

抗自适应泄漏的基于身份加密方案

针对基于身份的加密(IBE)体制中缺乏有效抗自适应泄漏方案的问题,运用熵抗泄漏的基本思想,定义了自适应泄漏攻击下IBE的安全性;利用基于身份的散列证明系统(IB-HPS)和提取器,提出了抗自适应泄漏的IBE方案;并对其进行实例化,构建了基于q-TABDHE假设的抗自适应泄漏的IBE方案。安全性分析表明,设计的IBE方案是选择明文攻击安全的,它不仅能够有效地抵抗自适应泄漏,而且能够容忍较大的密钥泄漏量。     

PUF‐based solutions for secure communications in Advanced Metering Infrastructure (AMI)

Advanced metering infrastructure (AMI) provides 2‐way communications between the utility and the smart meters. Developing authenticated key exchange (AKE) and broadcast authentication (BA) protocols is essential to provide secure communications in AMI. The security of all existing cryptographic protocols is based on the assumption that secret information is stored in the nonvolatile memories. In the AMI, the attackers can obtain some or all of the stored secret information from memories by a great variety of inexpensive and fast side‐channel attacks. Thus, all existing AKE and BA protocols are no longer secure. In this paper, we investigate how to develop secure AKE and BA protocols in the presence of memory attacks. As a solution, we propose to embed a physical unclonable function (PUF) in each party, which generates the secret values as required without the need to store them. By combining PUFs and 2 well‐known and secure protocols, we propose PUF‐based AKE and BA protocols. We show that our proposed protocols are memory leakage resilient. In addition, we prove their security in the standard model. Performance analysis of both protocols shows their efficiency for AMI applications. The proposed protocols can be easily implemented.     

Efficient revocable ID‐based encryption with cloud revocation server

The capability to efficiently revoke compromised/misbehaving users is important in identity‐based encryption (IBE) applications, as it is not a matter of if but of when that one or more users are compromised. Existing solutions generally require a trusted third party to update the private keys of nonrevoked users periodically, which impact on scalability and result in high computation and communication overheads at the key generation center. Li et al proposed a revocable IBE scheme, which outsources most of the computation and communication overheads to a Key Update Cloud Service Provider (KU‐CSP). However, their scheme is lack of scalability since the KU‐CSP must maintain a secret value for each user. Tseng et al proposed another revocable IBE scheme with a cloud revocation authority, seeking to provide scalability and improve both performance and security level. In this paper, we present a new revocable IBE scheme with a cloud revocation server (CRS). The CRS holds only one secret time update key for all users, which provides the capability to scale our scheme. We demonstrate that our scheme is secure against adaptive‐ID and chosen ciphertext attacks under the k‐CAA assumption and outperforms both schemes mentioned above, in terms of having lower computation and communication overheads.     

Efficient and secure business model for content centric network using elliptic curve cryptography

Initially, Internet has evolved as a resource sharing model where resources are identified by IP addresses. However, with rapid technological advancement, resources/hardware has become cheap and thus, the need of sharing hardware over Internet is reduced. Moreover, people are using Internet mainly for information exchange and hence, Internet has gradually shifted from resource sharing to information sharing model. To meet the recent growing demand of information exchange, Content Centric Network (CCN) is envisaged as a clean‐slate future network architecture which is specially destined for smooth content distribution over Internet. In CCN, content is easily made available using network caching mechanism which is misaligned with the existing business policy of content providers/publishers in IP‐based Internet. Hence, the transition from contemporary IP‐based Internet to CCN demands attention for redesigning the business policy of the content publishers/providers. In this paper, we have proposed efficient and secure communication protocols for flexible CCN business model to protect the existing business policies of the content publisher while maintaining the salient CCN features like in‐network content caching and Interest packet aggregation. To enhance the efficiency and security, the Elliptic Curve Cryptography (ECC) is used. The proposed ECC‐based scheme is analyzed to show that it is resilient to relevant existing cryptographic attacks. The performance analysis in terms of less computation and communication overheads and increased efficiency is given. Moreover, a formal security verification of the proposed scheme is done using widely used AVISPA simulator and BAN logic that shows our scheme is well secured.     

具有隐私保护的云存储访问控制方案

针对传统的访问控制方案无法在云计算环境下保护用户的属性隐私,提出了具有隐私保护的云存储访问控制方案。采用混合加密体制实现了数据的机密性,即利用对称密钥加密明文数据,再利用公钥密码体制对对称密钥进行加密。在新的访问控制方案中,公钥加密采用了匿名的密文策略下基于属性的加密技术。安全性分析表明,新方案在保护用户属性隐私的同时,达到了选择明文安全性,可抵抗恶意用户及云存储服务器的合谋攻击。     

ID-Based User Authentication Scheme for Cloud Computing

In cloud computing environments, user authentication is an important security mechanism because it provides the fundamentals of authentication, authorization, and accounting (AAA). In 2009, Wang et al. proposed an identity-based (ID-based) authentication scheme to deal with the user login problem for cloud computing. However, Wang et al.'s scheme is insecure against message alteration and impersonation attacks. Besides, their scheme has large computation costs for cloud users. Therefore, we propose a novel ID-based user authentication scheme to solve the above mentioned problems. The proposed scheme provides anonymity and security for the user who accesses different cloud servers. Compared with the related schemes, the proposed scheme has less computation cost so it is very efficient for cloud computing in practice.     

A User-Centric Data Secure Creation Scheme in Cloud Computing

Due to the use of the cloud computing technology, the ownership is separated from the adminis-tration of the data in cloud and the shared data might be migrated between different clouds, which would bring new challenges to data secure creation, especially for the data privacy protection. We propose a User-centric data secure creation scheme (UCDSC) for the security requirements of resource owners in cloud. In this scheme, a data owner first divides the users into different domains. The data owner encrypts data and defines different secure managing poli-cies for the data according to domains. To encrypt the data in UCDSC, we present an algorithm based on Access con-trol conditions proxy re-encryption (ACC-PRE), which is proved to be master secret secure and Chosen-ciphertext attack (CCA) secure in random oracle model. We give the application protocols and make the comparisons between some existing approaches and UCDSC.     

Fully Leakage-Resilient Signatures

A signature scheme is fully leakage resilient (Katz and Vaikuntanathan, ASIACRYPT’09) if it is existentially unforgeable under an adaptive chosen-message attack even in a setting where an adversary may obtain bounded (yet arbitrary) leakage information on all intermediate values that are used throughout the lifetime of the system. This is a strong and meaningful notion of security that captures a wide range of side-channel attacks. One of the main challenges in constructing fully leakage-resilient signature schemes is dealing with leakage that may depend on the random bits used by the signing algorithm, and constructions of such schemes are known only in the random-oracle model. Moreover, even in the random-oracle model, known schemes are only resilient to leakage of less than half the length of their signing key. In this paper we construct the first fully leakage-resilient signature schemes without random oracles. We present a scheme that is resilient to any leakage of length (1?o(1))L bits, where L is the length of the signing key. Our approach relies on generic cryptographic primitives, and at the same time admits rather efficient instantiations based on specific number-theoretic assumptions. In addition, we show that our approach extends to the continual-leakage model, recently introduced by Dodis, Haralambiev, Lopez-Alt and Wichs (FOCS’10), and by Brakerski, Tauman Kalai, Katz and Vaikuntanathan (FOCS’10). In this model the signing key is allowed to be refreshed, while its corresponding verification key remains fixed, and the amount of leakage is assumed to be bounded only in between any two successive key refreshes.