A novel proactive secret image sharing scheme based on LISS

Multimedia Tools and Applications - In the traditional secret image sharing schemes, a dealer shares a secret image among a group of participants and an authorized subset of the participants with...     

A dynamic access control scheme based upon the knapsack problem

A new dynamic access control scheme for information protection systems is proposed in this paper. The main idea of it is inspired by the concept of the trapdoor knapsack problem proposed by Merkle and Hellman. Since the knapsack problem is an NP-complete problem, the security of access control is achieved henceforth. Our scheme associates each user with some user keys and each file with some file keys. There is a positive integer set of S′; through a simple formula on keys and S′, the corresponding access privilege can be easily revealed in the protection system. Moreover, by employing our scheme, insertion or deletion of the user/file can be processed effectively with only a few previously defined keys and locks required to be modified.     

A novel data hiding scheme based on modulus function

Four criteria are generally used to evaluate the performance of data hiding scheme: the embedding capacity, the visual quality of the stego-image, the security, and the complexity of the data-embedding algorithm. However, data hiding schemes seldom take all these factors into consideration. This paper proposes a novel data hiding scheme that uses a simple modulus function to address all the performance criteria listed above. According to the input secret keys, the encoder and decoder use the same set-generation functions H_r() and H_c() to first generate two sets Kr and Kc. A variant Cartesian product is then created using Kr and Kc. Each cover pixel then forms a pixel group with its neighboring pixels by exploiting an efficient modulus function; the secret data are then embedded or extracted via a mapping process between the variant of the Cartesian product and each pixel group. The proposed scheme offers several advantages, namely (1) the embedding capacity can be scaled, (2) a good visual quality of the stego-image can be achieved, (3) the computational cost of embedding or extracting the secret data is low and requires little memory space, (4) secret keys are used to protect the secret data and (5) the problem of overflow or underflow does not occur, regardless of the nature of the cover pixels.We tested the performance of the proposed scheme by comparing it with Mielikainen’s and Zhang and Wang’s schemes for gray-scale images. The experimental results showed that our proposed scheme outperforms Mielikainen’s in three respects, namely scalable embedding capacity, embedding rate, and level of security. Our data hiding scheme also achieved a higher embedding capacity than Zhang and Wang’s. The proposed scheme can easily be applied to both gray-scale and color images. Analyses of its performance showed that our proposed scheme outperforms Tsai and Wang’s in terms of its time complexity and memory space requirement.     

内容命名网络中一种基于历史访问记录的转发策略的设计与实现

内容命名网络(NDN)作为ICN的实例系统,以其区别于传统IP网络的独特体系结构在近些年受到了研究界的普遍关注,NDN舍弃了IP网络点到点的传输方式,设计了基于内容名字的寻址方式,使得内容的提供者由集中式一点变为分散式的多点,大幅提高了数据信息的利用率。将研究的重点放在NDN路由节点的转发环节,提出并实现了一种新的基于历史访问记录的转发策略HRF,使得数据请求者能够发现本地的邻居节点是否持有请求者所需的内容,从而从本地网络高效快速地获取所需数据,并通过实验验证了HRF策略的可行性和有效性。     

采用BP神经网络的通用数据压缩方案

本文介绍了BP神经网络的基本原理.由于BP神经网络有着神奇的非线性映射能力,通过构造特殊的映射关系,获得了一套基于BP神经网络的通用高效无损数据压缩方案.通过试验证明该方案行之有效,并且压缩比可达71.     

采用BP神经网络的通用数据压缩方案

本文介绍了BP神经网络的基本原理。由于BP神经网络有着神奇的非线性映射能力,通过构造特殊的映射关系,获得了一套基于BP神经网络的通用高效无损数据压缩方案。通过试验证明该方案行之有效,并且压缩比可达7:1。     

基于CP-ABE算法的区块链数据访问控制方案

与公有链不同,联盟区块链超级账本Fabric额外集成了成员管理服务机制,能够提供基于通道层面的数据隔离保护。但这种数据隔离保护机制在通道内同步的仍是明文数据,因此存在一定程度的数据泄露风险。另外,基于通道的数据访问控制在一些细粒度隐私保护场景下也不适用。为了解决上述提及的联盟链超级账本中存在的数据隐私安全问题,提出了一种基于CP-ABE算法的区块链数据访问控制方案。结合超级账本中原有的Fabric-CA模块,提出的方案在实现用户级细粒度安全访问控制区块链数据的同时,还能够实现对CP-ABE方案中用户属性密钥的安全分发。对该方案进行的安全分析表明,该方案实现了ABE用户属性私钥安全分发和数据隐私性保护的安全性目标,性能分析部分也说明了所提方案具有良好的可用性。     

Smart grid data access control scheme based on blockchain

The smart grid communication parties need to process the data by the trusted central node, which will lead to security issues such as single-point attacks and data tampering. This paper proposes a smart grid data access control scheme based on blockchain, the user completes the registration of the smart meter by three encryptions. After the registration is completed, the registration information will be uploaded to the blockchain. In the data access phase, the verification center verifies the user's data access request, the database will accept the user's request for data if the verification is passed, and that will be broadcasted on the entire network and uploaded to the blockchain. The security of the scheme is analyzed by using a random oracle model. Analysis shows that this scheme can resist public key replacement attacks and malicious key generation center (KGC) attacks. Compared with the existing scheme, this scheme can more effectively resist more types of attacks. It shows that the smart grid data access control scheme proposed in this paper is safe, reliable and efficient.     

A proactive secret sharing scheme based on Chinese remainder theorem

If an adversary tries to obtain a secret s in a (t, n) threshold secret sharing (SS) scheme, it has to capture no less than t shares instead of the secret s directly. However, if a shareholder keeps a fixed share for a long time, an adversary may have chances to filch some shareholders’ shares. In a proactive secret sharing (PSS) scheme, shareholders are supposed to refresh shares at fixed period without changing the secret. In this way, an adversary can recover the secret if and only if it captures at least t shares during a period rather than any time, and thus PSS provides enhanced protection to long-lived secrets. The existing PSS schemes are almost based on linear SS but no Chinese Remainder Theorem (CRT)-based PSS scheme was proposed. This paper proposes a PSS scheme based on CRT for integer ring to analyze the reason why traditional CRT-based SS is not suitable to design PSS schemes. Then, an ideal PSS scheme based on CRT for polynomial ring is also proposed. The scheme utilizes isomorphism of CRT to implement efficient share refreshing.     

A network flow based approach for network selection in dynamic spectrum access networks

In this paper, we present a network flow based approach for dynamic network and channel selection for secondary users in dynamic spectrum access networks. Most approaches in the current literature on dynamic spectrum access networks do not consider dynamic network and channel selection. We present a network flow framework for network selection. We show that our approach can enable re-assignment of networks to secondary users and also re-assignment of channels to secondary users within the same network. The assignments and re-assignments take into account, the interference caused to primary users, the price each secondary user is willing to pay and the quality of service (QoS) obtained by each secondary user. We obtain a bound for the maximum number of re-assignments.     

A novel data aggregation scheme based on self-organized map for WSN

The Journal of Supercomputing - Wireless sensor network allows efficient data collection and transmission in IoT environment. Since it usually consists of a large number of sensor nodes, a...     

基于密钥分发和密文抽样的云数据确定性删除方案

针对云数据过期后不及时删除容易导致非授权访问和隐私泄露等问题,结合加密算法和分布式哈希表（DHT）网络,提出一种基于密钥分发和密文抽样的云数据确定性删除方案。首先加密明文,再随机抽样密文,将抽样后的不完整密文上传到云端;然后评估DHT网络中各节点的信任值,使用秘密共享算法处理密钥,并将子密钥分发到信任值高的节点上;最后,密钥通过DHT网络的周期性自更新功能实现自动删除,通过调用Hadoop分布式文件系统（HDFS）的接口上传随机数据覆写密文,实现密文的完全删除。通过删除密钥和云端密文实现云数据的确定性删除。安全性分析和性能分析表明所提方案是安全和高效的。     

A threshold-based dynamic data replication strategy

Data replication is the creation and maintenance of multiple copies of the same data. Replication is used in Data Grid to enhance data availability and fault tolerance. One of the main objectives of replication strategies is reducing response time and bandwidth consumption. In this paper, a dynamic replication strategy that is based on Fast Spread but superior to it in terms of total response time and total bandwidth consumption is proposed. This is achieved by storing only the important replicas on the storage of the node. The main idea of this strategy is using a threshold to determine if the requested replica needs to be copied to the node. The simulation results show that the proposed strategy achieved better performance compared with Fast Spread with Least Recently Used (LRU), and Fast Spread with Least Frequently Used (LFU).     

基于虚拟移动的IPv6主动防御方案

现有通过地址跳变对IPv6节点进行防护的技术依赖时间同步或事件同步,利用IPv6的良好移动特性和多转交地址注册机制,提出一种基于虚拟移动的IPv6主动防御方案。通过为IPv6节点分配动态变化的转交地址,使其呈现出在网络内不断移动的特征,降低攻击者对其实施攻击概率的同时,能够保证通信的持续。理论分析和实验测试表明,方案具有良好的抗攻击能力且较小的系统开销。     

PDDRA: A new pre-fetching based dynamic data replication algorithm in data grids

In recent years, grid technology has had such a fast growth that it has been used in many scientific experiments and research centers. A large number of storage elements and computational resources are combined to generate a grid which gives us shared access to extra computing power. In particular, data grid deals with data intensive applications and provides intensive resources across widely distributed communities. Data replication is an efficient way for distributing replicas among the data grids, making it possible to access similar data in different locations of the data grid. Replication reduces data access time and improves the performance of the system. In this paper, we propose a new dynamic data replication algorithm named PDDRA that optimizes the traditional algorithms. Our proposed algorithm is based on an assumption: members in a VO (Virtual Organization) have similar interests in files. Based on this assumption and also file access history, PDDRA predicts future needs of grid sites and pre-fetches a sequence of files to the requester grid site, so the next time that this site needs a file, it will be locally available. This will considerably reduce access latency, response time and bandwidth consumption. PDDRA consists of three phases: storing file access patterns, requesting a file and performing replication and pre-fetching and replacement. The algorithm was tested using a grid simulator, OptorSim developed by European Data Grid projects. The simulation results show that our proposed algorithm has better performance in comparison with other algorithms in terms of job execution time, effective network usage, total number of replications, hit ratio and percentage of storage filled.     

加密电子病历数据共享方案

为了实现电子病历数据的细粒度访问控制以及安全存储与共享,提出了一种基于属性的云链协同存储的电子病历共享方案。该方案用对称加密算法加密电子病历,用基于密文策略的属性基加密算法加密对称密钥,用可搜索加密算法加密关键字。电子病历密文存储在医疗云上,安全索引存储在联盟链上。该方案使用可搜索加密技术实现关键字的安全搜索,使用代理重加密技术实现用户属性的撤销。经安全性证明,该方案能够实现密文的安全性和关键字的安全性。数值模拟实验结果表明,该方案是有效的。     

A dynamic multicast tree based routing scheme without replication in delay tolerant networks

Delay tolerant networks (DTNs) are a special type of wireless mobile networks which may lack continuous network connectivity. Multicast is an important routing function that supports the distribution of data to a group of users: a service needed for many potential DTN applications. While multicasting in the Internet and in mobile ad hoc networks has been studied extensively, efficient multicasting in DTNs is a considerably different and challenging problem due to the probabilistic nature of contact among nodes. This paper aims to provide a non-replication multicasting scheme in DTNs while keeping the number of forwardings low. The address of each destination is not replicated, but is assigned to a particular node based on its contact rate level and active level. Our scheme is based on a dynamic multicast tree where each leaf node corresponds to a destination. Each tree branch is generated at a contact based on the compare–split rule proposed in this paper. The compare part determines when a new search branch is needed, and the split part decides how the destination set should be partitioned. When only one destination is left in the destination set, we use either wait (no further relay) or focus (with further relay) to reach the final destination. The effectiveness of our approach is verified through extensive simulations. Ratio-based-split performs best in the compare–split step, both in synthetic and real traces. Using the wait scheme can reduce the number of forwardings, while using the focus scheme can reduce the latency.