New attacks on secret sharing-based data outsourcing: toward a resistant scheme

In this paper, two new practical attacks on some secret sharing-based data outsourcing schemes are first introduced, and several other security and performance issues with the existing schemes are also explored. The existing and new attacks exploit the information about the share range boundaries or the correspondences between the secret values and shares. A range expansion technique is then proposed to thwart one of the attacks. It expands the ranges in every range predicate in the submitted queries in order to hide the share range boundaries from any query observer. Next, a mapping method is proposed to thwart the other attacks. It maps each secret value to a mapping value using a secret one-to-many mapping with a finite set of linear mapping rules so that the tuples of shares are generated from the mapping values rather than directly from the secret values. The proposed mapping method works as an additional layer of security and addresses any attack based on the correspondences between the secret values and shares. At the same time, it preserves the homomorphism property of secret sharing. Finally, a new secure data outsourcing scheme is elaborated on secret sharing, the proposed mapping method, and the proposed range expansion technique. The proposed scheme is resistant to various attacks and also some inferences. It supports the fully server-side or a partially server-side query execution of most types of queries. The experimental results confirm that the proposed scheme is quite practical and efficient.

     

基于点函数秘密共享的私有信息检索协议

针对私有信息检索（PIR）中的隐私安全问题,提出了一个基于点函数秘密共享的私有信息检索协议。该协议将检索的索引看成一个特殊的0-1点函数,利用点函数秘密共享技术生成这个点函数的密钥组,分别发送给p个服务器,根据p个服务器返回的响应作异或运算得到检索结果。对协议进行了正确性、安全性和效率分析,验证了这个协议是安全且高效的,并给出了一个具体实例来说明该协议的有效性。最后介绍了将该协议推广到多项私有信息检索和基于关键字的私有信息检索中的应用情况。     

Protecting statistical databases against retrieval of private information

The paper discusses problems arising from the ‘abuse’ of statistical databases by retrieving private information on individuals. The paper first demonstrates how such retrieval is made possible. It then provides a general algorithm that describes the retrieval procedures. Several protective measures are reviewed and critized. Enhancements to those measures, particularly by employing encryption methods, are suggested.     

云环境下基于秘密共享的海洋遥感影像认证方案

云存储模式的出现为海量海洋遥感影像的存储和管理带来了机遇,越来越多的用户选择将海洋遥感影像数据移植到云中,但云存储环境的开放性对海洋遥感影像数据的安全性提出了挑战。以保障云环境下海洋遥感敏感数据的安全性为前提,提出一种影像认证方案,将哈希函数与(k,n)门限秘密共享方法相结合,检测敏感区影像信息变化,并对加密前和恢复后的影像进行一致性验证,保护加密影像数据的机密性。同时,为避免n个子秘密中,因多于n-k个子秘密的篡改或丢失,造成敏感区影像不可恢复情况的发生,采用对敏感区影像进行分块的策略,对每个子影像块做进一步的秘密共享处理,以保证部分影像的无损恢复。实验对比分析表明,所提出的安全认证方案可以有效防止秘密恢复过程中的欺诈行为,同时可获得比传统方法更高的遥感影像云存储安全性。     

A secret sharing-based scheme for secure and energy efficient data transfer in sensor-based IoT

The sensed data from Internet of Things (IoT) devices are important for accurate decision making. Thus, the data integrity, non-repudiation, data confidentiality, data freshness, etc., are necessary requirements in sensor-based IoT networks. Further, the IoT devices are resource constrained in terms of computation and communication capabilities. Hence, striking a balance between network lifetime and data security is of utmost importance. The present work explores the sensor-based IoT-specific security threats like, data modification, selective forwarding and replay attacks. Further, a scheme is proposed based on secret sharing and cryptographic hash functions which detects these attacks by a malicious entity and protects the data from passive listeners too. Extensive simulations were performed to evaluate the efficacy of the scheme, and results show that the proposed scheme outperforms previously explored schemes like SIGN-share, SHAM-share, and PIP algorithm, in terms of sensor processing time, energy consumption during in-node processing and aggregation time. Network lifetime has been further analyzed to show the efficacy of the scheme.

     

Strongly secure ramp secret sharing schemes for general access structures

Ramp secret sharing (SS) schemes can be classified into strong ramp SS schemes and weak ramp SS schemes. The strong ramp SS schemes do not leak out any part of a secret explicitly even in the case that some information about the secret leaks out from some set of shares, and hence, they are more desirable than the weak ramp SS schemes. In this paper, it is shown that for any feasible general access structure, a strong ramp SS scheme can be constructed from a partially decryptable ramp SS scheme, which can be considered as a kind of SS scheme with plural secrets. As a byproduct, it is pointed out that threshold ramp SS schemes based on Shamir's polynomial interpolation method are not always strong.     

Speech information retrieval: a review

Speech is an information-rich component of multimedia. Information can be extracted from a speech signal in a number of different ways, and thus there are several well-established speech signal analysis research fields. These fields include speech recognition, speaker recognition, event detection, and fingerprinting. The information that can be extracted from tools and methods developed in these fields can greatly enhance multimedia systems. In this paper, we present the current state of research in each of the major speech analysis fields. The goal is to introduce enough background for someone new in the field to quickly gain high-level understanding and to provide direction for further study.     

Knowledge-based information retrieval

A knowledge-based system is used as a front-end to a very large database to increase the relevance of the information being retrieved. The subject domain of the data base is modelled in a semantic network and the queries to the database are expanded according to the semantic model. An experiment has been performed on a bibliographic database, by developing the prototype KNOWIT, a knowledge-based front-end to the information retrieval system ESA-QUEST¹. An experimental evaluation shows that the number of relevant bibliographic references retrieved with the knowledge-based front-end is significantly improved, without compromising the precision of the retrieval.     

Language-oriented information retrieval

There is no task that computers regularly perform that is more affected by the nature of human language than the retrieval of texts in response to a human need. Despite this, the techniques actually in use for this task, as well as most of the techniques proposed by information retrieval (IR) researchers, make little use of knowledge about language. In this article we take the view that IR is an inference task, and that natural language processing (NLP) techniques can produce text representations that enable more accurate inferences about document content. By considering previous work on language-based and knowledge-based techniques from this perspective, some clear lessons are apparent, and we are applying these lessons in the ADRENAL (Augmented Document REtrieval using NAtural Language processing) project. Our initial experiments with hand-coded representations suggest that using NLP-produced representations can result in significant performance increases in IR systems, and also demonstrate the attention that must be given to representational issues in language-oriented IR.     

HINMINE: heterogeneous information network mining with information retrieval heuristics

The paper presents an approach to mining heterogeneous information networks by decomposing them into homogeneous networks. The proposed HINMINE methodology is based on previous work that classifies nodes in a heterogeneous network in two steps. In the first step the heterogeneous network is decomposed into one or more homogeneous networks using different connecting nodes. We improve this step by using new methods inspired by weighting of bag-of-words vectors mostly used in information retrieval. The methods assign larger weights to nodes which are more informative and characteristic for a specific class of nodes. In the second step, the resulting homogeneous networks are used to classify data either by network propositionalization or label propagation. We propose an adaptation of the label propagation algorithm to handle imbalanced data and test several classification algorithms in propositionalization. The new methodology is tested on three data sets with different properties. For each data set, we perform a series of experiments and compare different heuristics used in the first step of the methodology. We also use different classifiers which can be used in the second step of the methodology when performing network propositionalization. Our results show that HINMINE, using different network decomposition methods, can significantly improve the performance of the resulting classifiers, and also that using a modified label propagation algorithm is beneficial when the data set is imbalanced.     

Efficient storage and retrieval of probabilistic latent semantic information for information retrieval

Probabilistic latent semantic analysis (PLSA) is a method for computing term and document relationships from a document set. The probabilistic latent semantic index (PLSI) has been used to store PLSA information, but unfortunately the PLSI uses excessive storage space relative to a simple term frequency index, which causes lengthy query times. To overcome the storage and speed problems of PLSI, we introduce the probabilistic latent semantic thesaurus (PLST); an efficient and effective method of storing the PLSA information. We show that through methods such as document thresholding and term pruning, we are able to maintain the high precision results found using PLSA while using a very small percent (0.15%) of the storage space of PLSI.     

Quantum symmetrically-private information retrieval

Private information retrieval systems (PIRs) allow a user to extract an item from a database that is replicated over k?1 servers, while satisfying various privacy constraints. We exhibit quantum k-server symmetrically-private information retrieval systems (QSPIRs) that use sublinear communication, do not use shared randomness among the servers, and preserve privacy against honest users and dishonest servers. Classically, SPIRs without shared randomness do not exist at all.     

Energy-efficient wireless information retrieval

In this paper, we propose an adaptive application-driven power management (AADPM) protocol for wireless information retrieval applications within the IEEE 802.11b infrastructure WLAN environment. Our goal is to minimize energy consumption while achieving low round trip time delay. We discuss the protocol and evaluate its effectiveness using the network simulator NS2. We also draw horizontal comparisons among a variety of PM methods reported in the literature. Experimental results show that, compared to the power save mode supported by 802.11b, AADPM reduces the network interface card energy consumption by 52% while only introducing 3% RTT delay.     

利用信息隐藏的秘密通信模型

针对开放环境中秘密通信的安全性问题,提出一种基于信息隐藏技术的秘密通信方案。首先,将信息明文用私钥加密,然后将密文以数字水印的形式嵌入到载体数据库中,通过开放网络传送。接收者需要从载体数据库中提取信息密文,再用发送方的公钥解密。给出了秘密通信的系统模型以及相应的信息嵌入、提取算法。实验和分析表明该模型隐蔽性强、安全性好,有一定的实用性和可扩展性。     

CI-SNF: Exploiting contextual information to improve SNF based information retrieval

Similarity networks contain important topological features and patterns critical to understanding interactions among samples in a large dataset. To create a comprehensive view of the interactions within a dataset, the Similarity Network Fusion (SNF) technique has been proposed to fuse the similarity networks based on different data types into one similarity network that represents the full spectrum of underlying data. In this paper, a modified version of SNF, which is named as Contextual Information based SNF (CI-SNF), is proposed. In CI-SNF, first, modified Jaccard distance is performed on the SNF fused similarity to utilize the contextual information contained in the fused similarity network. Second, the local consistency of samples from the same category is enhanced by speculating that the samples which are located high in the Jaccard distance based ranking list of a specific query are from the same category as the query. Third, the inverted index technique is introduced to utilize the sparsity property of the locally consistent similarity network to enhance the computational efficiency. To verify the effectiveness and efficiency of CI-SNF model, it is applied in four different tasks, Cover Song Identification (CSI), image classification, cancer subtype identification, and drug taxonomy, respectively. Extensive experiments on thirteen challenging datasets demonstrate that CI-SNF scheme outperforms state-of-the-art similarity fusion algorithms including SNF in all four tasks. It is also verified that utilizing the contextual information contained in the SNF-based similarity network helps to enhance the performance of the SNF-based scheme, further.     

Access control aware data retrieval for secret sharing based database outsourcing

Enforcing dynamic and confidential access control policies is a challenging issue of data outsourcing to external servers due to the lack of trust towards the servers. In this paper, we propose a scalable yet flexible access control enforcement mechanism when the underlying relational data, on which access policies are defined, has been shared through a secret sharing scheme. For sharing values of an attribute in a relation, the attribute is assigned a secret distribution key and its values are split and distributed among data servers according to a Shamir based secret sharing scheme. Given access control policies over attributes of the relation schema, access to distribution keys, used further for reconstructing original values, is managed using the Chinese remainder theorem. Our solution, in addition to preserving the confidentiality of access control policies, is flexible to efficiently adopt grant and revoke of authorizations. Moreover, it prevents the possibility of information leakage caused by query processing through an access control aware retrieval of data shares. That is, our solution not only enforces access control policies for reconstructing shares and obtaining original values, but also for retrieving shares in query processing scenario. We implemented our mechanism and performed extensive experiments, whose results confirm its efficiency and considerable scalability in practice.