Efficient distributed skyline computation using dependency-based data partitioning

Skyline queries, together with other advanced query operators, are essential in order to help identify sets of interesting data points buried within huge amount of data readily available these days. A skyline query retrieves sets of non-dominated data points in a multi-dimensional dataset. As computing infrastructures become increasingly pervasive, connected by readily available network services, data storage and management have become inevitably more distributed. Under these distributed environments, designing efficient skyline querying with desirable quick response time and progressive returning of answers faces new challenges. To address this, in this paper, we propose a novel skyline query scheme termed MpSky. MpSky is based on a novel space partitioning scheme, employing the dependency relationships among data points on different servers. By grouping points of each server using dependencies, we are able to qualify a skyline point by only comparing it with data on dependent servers, and parallelize the skyline computation among non-dependent partitions that are from different servers or individual servers. By controlling the query propagation among partitions, we are able to generate skyline results progressively and prune partitions and points efficiently. Analytical and extensive simulation results show the effectiveness of the proposed scheme.     

基于SM9的公钥可搜索加密方案

云存储技术因其使用便捷、性价比高等优势得以迅速发展,越来越多用户将个人数据外包至第三方云服务器存储。虽然数据加密存储可有效保护数据安全和用户隐私,但传统的对称/非对称加密技术会影响数据检索和使用。可搜索加密是一种特殊的加密技术,一经提出便备受关注,在保障数据机密性的同时可提供数据检索功能。目前,国内外学者提出了大量可搜索加密方案,但现有方案都基于国外密码算法设计,尚未见基于国产商用密码算法的可搜索加密方案在国内外刊物上公开发表,不符合我国密码核心技术自主可控的要求。为了丰富国产商用密码算法在可搜索加密方面的研究,满足云存储领域的数据安全检索需求,本文以SM9标识加密算法为基础,构造了一种公钥可搜索加密方案(SM9-PEKS)。在q-ABDHE安全假设和随机谕言模型下,本文首先证明SM9标识加密算法的匿名性,进而证明SM9-PEKS方案的安全性。理论分析和编程实现结果表明,与常用经典的公钥可搜索加密方案相比,本文方案在增加64字节通信代价的情况下,可至少降低31.31%的计算开销。最后,提出了未来可能的研究方向。     

基于属性代理重加密技术与可容错机制相结合的数据检索方案

针对云服务器上用户信息的隐私问题,提出一种基于属性代理重加密技术与容错机制相结合的方案。该方案将用户存储的数据分为文件和文件的安全索引,将其分别进行加密后存储在不同的云服务器上。首先,利用倒排序结构构造文件的安全索引,并使用模糊提取器对关键字进行预处理,用户可以通过该安全索引进行容错的多关键字搜索;其次,设置访问控制树对解密密钥重加密,实现权限管理,即实现数据在云端的有效共享;最后,通过Complex Triple Diffle-Hellman难题证明该方案生成的系统主密钥是安全的,因此该方案在云环境下也是安全的。与已有的方案的对比分析表明,该方案可减少密钥重加密、解密 等的计算量,同时通过加入容错处理机制提高了数据检索的效率。     

适合云存储的访问策略可更新多中心CP-ABE方案

云存储作为一种新型的数据存储体系结构,近年来得到越来越广泛的应用.大多数用户为了降低本地存储开销、实现数据共享选择将自己的数据上传到云服务器存储.然而,云存储系统存在的安全隐患也引发了社会越来越多的担忧.例如,不完全可信的云服务提供商可能会窃取用户的数据或让未授权的其他用户访问数据等.因此,对用户数据进行加密并实现数据的访问控制是确保云存储中数据安全的有效方法.基于密文的属性加密(CP-ABE)方案则能够很好地实现安全云存储目标,它允许一个发送者加密数据并设置访问控制结构,只有符合条件的用户才能对数据进行解密.但是,传统CP-ABE方案中存在的密钥泄露等问题制约了属性加密在云存储系统中的应用.针对上述的问题,提出了一个多授权机构支持策略更新的CP-ABE方案,该方案与之前的方案相比,不仅可以通过多授权机构避免密钥泄露问题,同时将策略更新及密文更新过程交给服务器执行,有效地降低了本地的计算开销和数据传输开销,充分利用云存储的优势提供一个高效、灵活的安全数据存储方案,对所提方案进行了安全性证明,并对方案进行了效率分析.     

Reducing bandwidth requirement for delivering video over wide area networks with proxy server

Due to the high bandwidth requirement and rate variability of compressed video, delivering video across wide area networks (WANs) is a challenging issue. Proxy servers have been used to reduce network congestion and improve client access time on the Internet by caching passing data. We investigate ways to store or stage partial video in proxy servers to reduce the network bandwidth requirement over WAN. A client needs to access a portion of the video from a proxy server over a local area network (LAN) and the rest from a central server across a WAN. Therefore, client buffer requirement and video synchronization are to be considered. We study the tradeoffs between client buffer, storage requirement on the proxy server, and bandwidth requirement over WAN. Given a video delivery rate for the WAN, we propose several frame staging selection algorithms to determine the video frames to be stored in the proxy server. A scheme called chunk algorithm, which partitions a video into different segments (chunks of frames) with alternating chunks stored in the proxy server, is shown to offer the best tradeoff. We also investigate an efficient way to utilize client buffer when the combination of video streams from WAN and LAN is considered.     

A Lightweight And privacy-preserving public cloud auditing scheme without bilinear pairings in smart cities

Smart Cities have become a global strategy. However, massive data generated by various smart devices need to be uploaded and stored to the cloud servers. It is critical to ensure the integrity and privacy of the stored data. Quite a few public cloud auditing schemes have been proposed recently. However, most of them use bilinear pairing operations in the audit phase, requiring a significant time cost. Meanwhile, users (may be resource-constrained mobile devices or sensor nodes) still need to perform significant computations, like computing meta data for each data block, which bring a huge burden of calculation for these users. Moreover, those schemes cannot effectively protect users’ data privacy. Thus, we propose a lightweight and privacy-preserving public cloud auditing scheme for smart cities that does not require bilinear pairings. First, the proposed scheme is pairing-free, and allowing a third party auditor to generate authentication meta set on behalf of users. Furthermore, it also protects data privacy against the third party auditor and the cloud service providers. In addition, this new scheme can be easily and naturally extended to batch auditing in a multi-user scenario. Detailed security and performance analyses show that the proposed scheme is more secure and efficient compared to the existing public cloud auditing schemes.     

一种改进的智能卡远程用户匿名认证方案

针对Sonwanshi提出的远程用户认证方案存在会话密钥安全性差、不能抵御扮演攻击和离线口令猜测攻击的缺陷,提出了一种改进方案,主要在注册和登录阶段增加了安全性能。在注册阶段,用户口令直接在智能卡内进行相应运算,不再提交给服务器。这不仅降低了服务器对口令存储、维护的开销,而且避免了服务器对用户的攻击,提高了安全性能。在登录阶段,采用随机数的挑战应答方式取代原方案的时间戳方式,消除了时钟不同步导致的认证失败。对原方案、改进方案和其他同类方案进行安全性和效率分析的结果表明,改进方案不仅弥补了原方案的缺陷,而且相对同类方案,降低了时间复杂度,适用于安全需求高、处理能力低的设备。     

一个支持错误定位的批处理数据拥有性证明方案

数据拥有性证明技术是当前云存储安全领域中的一大重要研究内容,目的是不必下载所有文件,就能安全而高效地远程校验存储在云服务器中的数据是否完整.目前已陆续提出了许多批处理数据拥有性证明方案,但大多数方案都没有考虑用户数据出错后的错误定位问题,仅有的几个批处理校验方案也只能单独定位错误数据所在服务器或其所属用户.提出了利用定位标签辅助第三方审计员快速定位错误的方法,并在Zhou等人工作的基础上,利用Merkle Hash Tree构造数据定位标签,实现了一个多用户、多服务器环境下支持批处理校验且具备错误数据定位功能的数据拥有性证明方案,可以在批处理校验失败后快速定位错误数据的拥有者和所在服务器.在随机谕言机模型下,该方案是可证明安全的,且性能分析表明,定位错误数据的能力和效率比其他具有单一定位功能的方案更高.     

Digital provenance: Enabling secure data forensics in cloud computing

Secure provenance that records the ownership and process history of data objects is vital to the success of data forensics in cloud computing. In this paper, we propose a new secure provenance scheme based on group signature and attribute-based signature techniques. The proposed provenance scheme provides confidentiality on sensitive documents stored in a cloud, unforgeability of the provenance record, anonymous authentication to cloud servers, fine-grained access control on documents, and provenance tracking on disputed documents. Furthermore, it is assumed that the cloud server has huge computation capacity, while users are regarded as devices with low computation capability. Aiming at this, we show how to utilize the cloud server to outsource and decrease the user’s computational overhead during the process of provenance. With provable security techniques, we formally demonstrate the security of the proposed scheme under standard assumptions.     

加密数据上的计算密码学技术研究综述

近年来机密数据被盗事件在国内外时有发生,其所带来的经济损失和社会影响持续加剧。尽管已有系统采取了若干安全措施,如访问控制、防火墙和入侵检测等,并期望通过这些措施来阻止攻击者获取数据访问权限,从而保护数据机密性。然而经验表明,攻击者往往能够通过各种方式攻入系统,盗取用户数据。为了从根本上保护数据机密性,应确保即使攻击者能够获取存储在服务器上数据的访问权限,数据机密性依然不受到威胁,即数据以加密形式存储在服务器上。另外,为了保持数据的可用性,应允许服务器在密文上进行计算。本文针对支持在加密数据上计算的密码学技术,如同态加密,函数加密,可搜索加密以及CryptDB和Monomi等应用系统进行综述性介绍,并指出有待解决的关键问题和未来的研究方向。     

面向移动终端的隐私数据安全存储及自毁方案

针对移动终端隐私数据的安全问题,结合数据压缩、门限秘密共享和移动社交网络,提出一种面向移动终端的隐私数据安全存储及自毁方案.首先,对移动隐私数据进行无损压缩获得压缩数据.然后,使用对称密钥对压缩数据进行对称加密获得原始密文.接着,将原始密文分解成两部分密文块:其中一部分密文块与时间属性结合并封装成移动数据自毁对象(MDSO)后保存到云服务器中;另一部分密文块与对称密钥和时间属性结合,再经过拉格朗日多项式处理后获得密文分量.最后,将这些密文分量分别嵌入图片并共享到移动社交网络.当超过授权期后,任何用户都无法获取密文块重组出原始密文,从而无法恢复隐私数据,最终实现移动隐私数据的安全自毁.实验结果表明:当文件为10 KB时,压缩和加密时间之和仅为22 ms,说明所提方案性能开销较低.综合分析亦表明该方案具备较高安全性,能有效抵抗安全攻击,保护移动隐私数据的隐私安全.     

Cross-group secret sharing scheme for secure usage of cloud storage over different providers and regions

With the spread of the Internet, more and more data are being stored in the cloud. Here the technique of secret sharing can be naturally applied in order to provide both security and availability of the stored data, hereby reducing the risks of data leakage and data loss. The privacy property of secret sharing ensures protection against unauthorized access, while protection against data loss may be attained by distributing shares to the servers located in different regions. However, there is still a problem: If we naively employ the secret sharing technique without regarding to whom the cloud servers belong, a dishonest provider can obtain the secret data by collecting enough shares from its servers. In this scenario, there is a need to distribute shares over cloud services operated by different providers. In this paper, we propose a simple secret sharing technique, a cross-group secret sharing (CGSS), which is suitable for storing the data on cloud storage distributed over different groups—that is, different providers and regions. By combining an \(\ell \)-out-of-m threshold secret sharing scheme with a k-out-of-n threshold secret sharing scheme using a symmetric-key encryption scheme, we construct the CGSS scheme that forces k shares to be collected from \(\ell \) groups. Compared with the previous works, our scheme attains the functionality with reasonable computation. We also formalize the problem of allocating shares over different providers and regions as an optimization problem and show the design principles, which one must follow, when applying our proposal in practical settings. An experiment on real IaaS systems shows effectiveness of our proposed scheme, CGSS.     

ACER: detecting Shadowsocks server based on active probe technology

Anonymous server is created for hiding the information of hosts when they are surfing the Internet, such as Tor, Shadowsocks, etc. It is quite difficult to identify these servers, which provides potential criminals with opportunities to commit crime. Also, hackers can make use of these servers to threaten public network security, such as DDoS and Phishing attacks. Hence, the study of identifying these servers is pretty crucial. Current works on detecting Shadowsocks servers are mostly based on the features of servers’ data stream combined with machine learning. However, they are passive methods because they can only be established when the servers are in connection state. Therefore, we propose a new system named ACER, which AC means active and ER means expert, to detect these servers. Besides, we introduce XGBoost algorithm to process the data stream to optimize the detection. The method can recognize more Shadowsocks servers actively instead of monitoring the communication tunnel passively to identify the servers. The experiment result has achieved an accuracy of 94.63% by taking proposed framework and 1.20% more accurate than other existing solutions. We hope to provide a novel solution for those who are conducting research in this area, and provide a detection scheme for network censors to block illegal servers at the same time.

     

云计算中一种安全的电子文档自毁方案

针对长期存储在云端定时发布的电子文档容易导致隐私信息泄露的问题,提出基于身份的定时发布加密文档自毁方案.该方案首先采用对称密钥加密电子文档,其密文经过提取算法变为提取密文和封装密文;然后采用基于身份定时发布加密(identity-based timed-release encryption, ITE)算法加密对称密钥,其密文结合提取密文产生密文分量并分发到分布式Hash表(distributed Hash table, DHT)网络,封装密文被封装成电子文档自毁对象后存储在云端.仅当到达预订的发布时间时,授权用户才能访问受保护的电子文档;且当超过一定的时间期限时,分布式Hash表网络将自动丢弃所存密文分量,使得原始密钥不可恢复,实现电子文档安全自毁.安全分析表明,该方案能够同时抵抗来自云端的密码分析攻击和来自DHT网络的Sybil攻击;实验结果表明,该方案的计算代价要小于已有方案,具有较高的效率.     

Data dynamics for remote data possession checking in cloud storage

In cloud storage, storage servers may not be fully trustworthy. Therefore, it is of great importance for users to check whether the data is kept intact. This is the goal of remote data possession checking (RDPC) schemes. In this paper, an RDPC scheme based on homomorphic hashing is proposed. To enable data dynamics, the Merkle hash tree is introduced to record the location for each data operation in the scheme. Data dynamics, including the most general forms of data operations such as block modification, insertion and deletion, are supported. Our scheme provides provable data possession and integrity protection. The security and performance analysis shows that the scheme is practical for real-world use.     

支持错误定位的远程数据完整性批量验证方案

远程数据完整性验证技术是保证云数据安全的一种重要技术,能通过与服务器进行少量交互,验证外包数据是否完整。在现实中,云存储服务通常是在多用户与多服务器之间存在的,最近多用户与多服务器环境下的批处理验证方案陆续被提出。但这些方案在数据出错后,往往于一次挑战中无法判定错误数据的拥有者或所在服务器。利用Merkle Hash Tree（MHT）提出了一种支持错误数据定位的批处理校验方案,可以在批处理校验不通过后,同时定位出错误数据的拥有者与其所存储的服务器。     

Efficient integrity verification of replicated data in cloud using homomorphic encryption

The cloud computing is an emerging model in which computing infrastructure resources are provided as a service over the internet. Data owners can outsource their data by remotely storing them in the cloud and enjoy on-demand high quality services from a shared pool of configurable computing resources. However, since data owners and the cloud servers are not in the same trusted domain, the outsourced data may be at risk as the cloud server may no longer be fully trusted. Therefore, data confidentiality, availability and integrity is of critical importance in such a scenario. The data owner encrypts data before storing it on the cloud to ensure data confidentiality. Cloud should let the owners or a trusted third party to check for the integrity of their data storage without demanding a local copy of the data. Owners often replicate their data on the cloud servers across multiple data centers to provide a higher level of scalability, availability, and durability. When the data owners ask the cloud service provider (CSP) to replicate data, they are charged a higher storage fee by the CSP. Therefore, the data owners need to be strongly convinced that the CSP is storing data copies agreed on in the service level contract, and data-updates have been correctly executed on all the remotely stored copies. To deal with such problems, previous multi copy verification schemes either focused on static files or incurred huge update costs in a dynamic file scenario. In this paper, we propose a dynamic multi-replica provable data possession scheme (DMR-PDP) that while maintaining data confidentiality prevents the CSP from cheating, by maintaining fewer copies than paid for and/or tampering data. In addition, we also extend the scheme to support a basic file versioning system where only the difference between the original file and the updated file is propagated rather than the propagation of operations for privacy reasons. DMR-PDP also supports efficient dynamic operations like block modification, insertion and deletion on replicas over the cloud servers. Through security analysis and experimental results, we demonstrate that the proposed scheme is secure and performs better than some other related ideas published recently.     

Implementation of a dynamic adjustment strategy for parallel file transfer in co-allocation data grids

Co-allocation architecture was developed to enable parallel transferring of files from multiple replicas stored in the different servers. Several co-allocation strategies have been coupled and used to exploit the different transfer rates among various client-server links and to address dynamic rate fluctuations by dividing files into multiple blocks of equal sizes. The paper presents a dynamic file transfer scheme, called dynamic adjustment strategy (DAS), for co-allocation architecture in concurrently transferring a file from multiple replicas stored in multiple servers within a data grid. The scheme overcomes the obstacle of transfer performance due to idle waiting time of faster servers in co-allocation based file transfers and, therefore, provides reduced file transfer time. A tool with user friendly interface that can be used to manage replicas and downloading in a data grid environment is also described. Experimental results show that our DAS can obtain high-performance file transfer speed and reduce the time cost of reassembling data blocks.     

Phish Block: A Blockchain Framework for Phish Detection in Cloud

The data in the cloud is protected by various mechanisms to ensure security aspects and user’s privacy. But, deceptive attacks like phishing might obtain the user’s data and use it for malicious purposes. In Spite of much technological advancement, phishing acts as the first step in a series of attacks. With technological advancements, availability and access to the phishing kits has improved drastically, thus making it an ideal tool for the hackers to execute the attacks. The phishing cases indicate use of foreign characters to disguise the original Uniform Resource Locator (URL), typosquatting the popular domain names, using reserved characters for re directions and multi-chain phishing. Such phishing URLs can be stored as a part of the document and uploaded in the cloud, providing a nudge to hackers in cloud storage. The cloud servers are becoming the trusted tool for executing these attacks. The prevailing software for blacklisting phishing URLs lacks the security for multi-level phishing and expects security from the client’s end (browser). At the same time, the avalanche effect and immutability of block-chain proves to be a strong source of security. Considering these trends in technology, a block-chain based filtering implementation for preserving the integrity of user data stored in the cloud is proposed. The proposed Phish Block detects the homographic phishing URLs with accuracy of 91% which assures the security in cloud storage.     

ABKS-SKGA: Attribute-based keyword search secure against keyword guessing attack

In order to guarantee security and privacy of sensitive data, attribute-based keyword search (ABKS) enables data owners to upload their encrypted data to cloud servers, and authorizes intended data users to retrieve it. Meanwhile, ABKS outsources heavy search work to cloud servers, which makes ABKS adaptive to mobile computing environment. However, as cloud servers can both generate keyword ciphertexts and run search algorithm, the existing most ABKS schemes are vulnerable to keyword guessing attack. In this paper, we show the fundamental cause that the existing ABKS schemes do not resist keyword guessing attack is any entity can generate keyword ciphertext. To solve the above problem, in the phase of keyword ciphertext generation, we use private key of data owner to sign keyword prior to generating keyword ciphertext. Therefore, any other entity does not forge keyword ciphertext, which can resist keyword guessing attack. We give the formal definition and security model of attributed-based keyword search secure against keyword guessing attack (ABKS-SKGA). Furthermore, we provide an ABKS-SKGA scheme. The ABKS-SKGA scheme is proved secure against chosen-plaintext attack (CPA). Performance analysis shows that the proposed scheme is practical.