Flexible, Secure, and Reliable Data Sharing Service Based on Collaboration in Multicloud Environment

Due to the abundant storage resources and high reliability data service of cloud computing, more individuals and enterprises are motivated to outsource their data to public cloud platform and enable legal data users to search and download what they need in the outsourced dataset. However, in “Paid Data Sharing” model, some valuable data should be encrypted before outsourcing for protecting owner’s economic benefits, which is an obstacle for flexible application. Specifically, if the owner does not know who (user) will download which data files in advance and even does not know the attributes of user, he/she has to either remain online all the time or import a trusted third party (TTP) to distribute the file decryption key to data user. Obviously, making the owner always remain online is too inflexible, and wholly depending on the security of TTP is a potential risk. In this paper, we propose a flexible, secure, and reliable data sharing scheme based on collaboration in multicloud environment. For securely and instantly providing data sharing service even if the owner is offline and without TTP, we distribute all encrypted split data/key blocks together to multiple cloud service providers (CSPs), respectively. An elaborate cryptographic protocol we designed helps the owner verify the correctness of data exchange bills, which is directly related to the owner’s economic benefits. Besides, in order to support reliable data service, the erasure-correcting code technic is exploited for tolerating multiple failures among CSPs, and we offer a secure keyword search mechanism that makes the system more close to reality. Extensive security analyses and experiments on real-world data show that our scheme is secure and efficient.

Download Full-text

A Safe and Resilient Cryptographic System for Dynamic Cloud Groups with Secure Data Sharing and Efficient User Revocation

Turkish Journal of Computer and Mathematics Education (TURCOMAT) ◽

10.17762/turcomat.v12i3.2144 ◽

2021 ◽

Vol 12 (3) ◽

pp. 5164-5175

Author(s):

Prerna Agarwal Et. al.

Keyword(s):

Data Sharing ◽

Service Providers ◽

Cloud Service ◽

Data File ◽

Third Party ◽

Outsourced Data ◽

User Revocation ◽

Cryptographic System ◽

Daunting Challenge ◽

Cloud Users

A comprehensive and functional approach is built in cloud computing, which can be used by cloud users to exchange information. Cloud service providers (CSPs) can transfer through server services through powerful data centres to cloud users. Data is protected through authentication of cloud users and CSPs can have outsourced data file sharing security assurance. The continuing change in cloud users, especially unauthenticated users or third parties poses a critical problem in ensuring privacy in data sharing. The multifunctional exchange of information while protecting information and personal protection from unauthorized or other third-party users remains a daunting challenge

Download Full-text

Using Blockchain Technology to Mitigate Challenges in Service Access for the Homeless and Data Exchange Between Providers: Qualitative Study

Journal of Medical Internet Research ◽

10.2196/16887 ◽

2020 ◽

Vol 22 (6) ◽

pp. e16887

Author(s):

Anjum Khurshid ◽

Vivian Rajeswaren ◽

Steven Andrews

Keyword(s):

Health Care ◽

Data Sharing ◽

Data Exchange ◽

Service Providers ◽

Health Sector ◽

Real Life ◽

Homeless Population ◽

Sensitive Information ◽

Service Access ◽

Blockchain Technology

Background In the homeless population, barriers to housing and supportive services include a lack of control or access to data. Disparate data formats and storage across multiple organizations hinder up-to-date intersystem access to records and a unified view of an individual’s health and documentation history. The utility of blockchain to solve interoperability in health care is supported in recent literature, but the technology has yet to be tested in real-life conditions encompassing the complex regulatory standards in the health sector. Objective This study aimed to test the feasibility and performance of a blockchain system in a homeless community to securely store and share data across a system of providers in the health care ecosystem. Methods We performed a series of platform demonstrations and open-ended qualitative feedback interviews to determine the key needs and barriers to user and stakeholder adoption. Account creation and data transactions promoting organizational efficiency and improved health outcomes in this population were tested with homeless users and service providers. Results Persons experiencing homelessness and care organizations could successfully create accounts, grant and revoke data sharing permissions, and transmit documents across a distributed network of providers. However, there were issues regarding the security of shared data, user experience and adoption, and organizational preparedness for service providers as end users. We tested a set of assumptions related to these problems within the project time frame and contractual obligations with an existing blockchain-based platform. Conclusions Blockchain technology provides decentralized data sharing, validation, immutability, traceability, and integration. These core features enable a secure system for the management and distribution of sensitive information. This study presents a concrete evaluation of the effectiveness of blockchain through an existing platform while revealing limitations from the perspectives of user adoption, cost-effectiveness, scalability, and regulatory frameworks.

Download Full-text

Secure Dynamic Groups Data Sharing with Modified Revocable Attribute-Based Encryption in Cloud

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.d9788.118419 ◽

2019 ◽

Vol 8 (4) ◽

pp. 9508-9512

Keyword(s):

Data Sharing ◽

Data Exchange ◽

Service Providers ◽

Cloud Service ◽

Difficult Problem ◽

Natural Resistance ◽

Security Issues ◽

Shared Data ◽

Attribute Based Encryption ◽

User Groups

Cloud computing provides a flexible and convenient way for data sharing, which brings various benefits for both the society and individuals. But there exists a natural resistance for users to directly outsource the shared data to the cloud server since the data often contain valuable information. Although it causes many security issues, cloud service providers are not at the same level of trust as users. To preserve the privacy of data against non-trusted Cloud Service Provider (CSP) files, current solutions implement Cryptographic methods (for example, encryption methods) and deliver decryption keys only to authorized users. However, data sharing in the cloud among authorized users remains a difficult problem, especially when it comes to dynamic user groups. Most of the research on dynamic group data exchange has been done in the cloud with many algorithms, such as Attribute-Based Encryption (ABE), Ciphertext Attribute-Based Encryption (CP-ABE) to provide better security in dynamic cloud users with multiple authorities, but they still face challenges, either lack of performance or rely on a trusted server, and are not suitable for distribution with the problem of eliminating attributes. Thus, the Revocation user cannot get shared data before and after. To solve this in particular, we first suggest an effective Modified Revocable Attribute-Based Encryption (MR-ABE) system with the quality of ciphertext allocation by applying and integrating both Identity-Based Encryption (IBE) and CP-ABE techniques. It can provide confidential forward / backward of encrypted data by delivering user revocation attributes and updating encrypted text simultaneously. Next, we perform Fine-grained access control and data exchange for on-demand services with dynamic user groups on the cloud. Experimental data show that our proposed system is more efficient and scalable than the latest generation solutions

Download Full-text

FaDe: A Blockchain-Based Fair Data Exchange Scheme for Big Data Sharing

Future Internet ◽

10.3390/fi11110225 ◽

2019 ◽

Vol 11 (11) ◽

pp. 225 ◽

Cited By ~ 2

Author(s):

Yuling Chen ◽

Jinyi Guo ◽

Changlou Li ◽

Wei Ren

Keyword(s):

Big Data ◽

Data Sharing ◽

Data Privacy ◽

Data Exchange ◽

Data Dissemination ◽

Third Party ◽

Management Efficiency ◽

Centralized Management ◽

Efficiency Data ◽

Critical Resources

In the big data era, data are envisioned as critical resources with various values, e.g., business intelligence, management efficiency, and financial evaluations. Data sharing is always mandatory for value exchanges and profit promotion. Currently, certain big data markets have been created for facilitating data dissemination and coordinating data transaction, but we have to assume that such centralized management of data sharing must be trustworthy for data privacy and sharing fairness, which very likely imposes limitations such as joining admission, sharing efficiency, and extra costly commissions. To avoid these weaknesses, in this paper, we propose a blockchain-based fair data exchange scheme, called FaDe. FaDe can enable de-centralized data sharing in an autonomous manner, especially guaranteeing trade fairness, sharing efficiency, data privacy, and exchanging automation. A fairness protocol based on bit commitment is proposed. An algorithm based on blockchain script architecture for a smart contract, e.g., by a bitcoin virtual machine, is also proposed and implemented. Extensive analysis justifies that the proposed scheme can guarantee data exchanging without a trusted third party fairly, efficiently, and automatically.

Download Full-text

A blockchain-assisted framework for secure and reliable data sharing in distributed systems

EURASIP Journal on Wireless Communications and Networking ◽

10.1186/s13638-021-02041-y ◽

2021 ◽

Vol 2021 (1) ◽

Author(s):

Yu Guo ◽

Shenling Wang ◽

Jianhui Huang

Keyword(s):

Distributed Systems ◽

Data Sharing ◽

Keyword Search ◽

Distributed Storage ◽

Data Access ◽

Third Party ◽

Superior Performance ◽

User Privacy ◽

Local Index ◽

Data Store

AbstractThe explosive growth of big data is pushing forward the paradigm of cloud-based data store today. Among other, distributed storage systems are widely adopted due to their superior performance and continuous availability. However, due to the potentially wide attacking surfaces of the public cloud, outsourcing data store inevitably raises new concerns on user privacy exposure and unauthorized data access. Besides, directly introducing a centralized third-party authority for query authorization management does not work because it still can be compromised. In this paper, we propose a blockchain-assisted framework that can support trustworthy data sharing services. In particular, data owners allow to outsource their sensitive data to distributed systems in encrypted form. By leveraging smart contracts of blockchain, a data owner can distribute secret keys for authorized users without extra round interaction to generate the permitted search tokens. Meanwhile, such blockchain-assisted framework naturally solves the trust issues of query authorization. Besides, we devise a secure local index framework to support encrypted keyword search with forward privacy and mitigate blockchain overhead. To validate our design, we implement the prototype and deploy it at Amazon Cloud. Extensive experiments demonstrate the security, efficiency, and effectiveness of the blockchain-assisted design.

Download Full-text

Reliable Data Sharing by Certificateless Encryption Supporting Keyword Search Against Vulnerable KGC in Industrial Internet of Things

IEEE Transactions on Industrial Informatics ◽

10.1109/tii.2021.3112986 ◽

2021 ◽

pp. 1-1

Author(s):

Arijit Karati ◽

Chun-I Fan ◽

Er-Shuo Zhuang

Keyword(s):

Internet Of Things ◽

Data Sharing ◽

Keyword Search ◽

Reliable Data ◽

Industrial Internet Of Things ◽

Industrial Internet ◽

Certificateless Encryption

Download Full-text

Review on dynamic group data sharing in cloud environment

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i2.9770 ◽

2018 ◽

Vol 7 (2) ◽

pp. 646

Author(s):

Sathishkumar Easwaramoorthy ◽

Anilkumar Chunduru ◽

Usha Moorthy ◽

Sravankumar B

Keyword(s):

Cloud Computing ◽

Data Sharing ◽

Service Providers ◽

Cloud Service ◽

Third Party ◽

Continuous Change ◽

Frequent Change ◽

Dynamic Group ◽

Group Data ◽

Cloud Users

Information sharing or exchange of data within entities plays a significant role in cloud storage. In cloud computing, a robust and practical methodology is developed which can be utilized by cloud users for sharing information among multiple group members in the cloud with lowered maintenance and management costs. Furthermore, a service provider in the cloud does not share data with anyone other than the Trusted Third Party (TTP) sources due to the semi-trusted characteristics of the cloud. In this way, there is no global security mechanism for dynamic group data sharing over the cloud. Subsequently, the Cloud Service Providers (CSPs) can convey different services to cloud users through powerful data centres. Hence, data is secured through the validation of users in the cloud. Meanwhile, CSPs should offer outsourced security assurance for data file sharing. Assuring privacy in data sharing is still a critical issue due to continuous change in cloud users, particularly, for unauthenticated or third party users because of the risk of collusion attacks. However, security concerns turn into a major restraint as outsourcing storage data is perhaps a delicate concern for cloud providers. Additionally, sharing information in a multi-proprietary approach while protecting information and individual security to the data from unauthorized or third party users is still a challenging task as there is a frequent change in cloud members. In this regard, previous studies are reviewed and discussed which are related to dynamic group data sharing using cloud computing.

Download Full-text

A Decentralized Personal Data Store based on Ethereum: Towards GDPR Compliance

Journal of Communications Software and Systems ◽

10.24138/jcomss.v15i2.696 ◽

2019 ◽

Vol 15 (2) ◽

Cited By ~ 3

Author(s):

Marco Alessi ◽

Alessio Camillò ◽

Enza Giangreco ◽

Marco Matera ◽

Stefano Pino ◽

...

Keyword(s):

Data Sharing ◽

Data Protection ◽

Service Providers ◽

Personal Data ◽

End Users ◽

Third Party ◽

Smart Devices ◽

Sensitive Data ◽

Data Store ◽

Mandatory Requirement

Sharing personal data with service providers is a fundamental resource for the times we live in. But data sharing represents an unavoidable issue, due to improper data treatment, lack of users' awareness to whom they are sharing with, wrong or excessive data sharing from end users who ignore they are exposing personal information. The problem becomes even more complicate if we try to consider the devices around us: how to share devices we own, so that we can receive pervasive services, based on our contexts and device functionalities. The European Authority has provided the General Data Protection Regulation (GDPR), in order to implement protection of sensitive data in each EU member, throughout certification mechanisms (according to Art. 42 GDPR). The certification assures compliance to the regulation, which represent a mandatory requirement for any service which may come in contact with sensitive data. Still the certification is an open process and not constrained by strict rule. In this paper we describe our decentralized approach in sharing personal data in the era of smart devices, being those considered sensitive data as well. Having in mind the centrality of users in the ownership of the data, we have proposed a decentralized Personal Data Store prototype, which stands as a unique data sharing endpoint for third party services. Even if blockchain technologies may seem fit to solve the issue of data protection, because of the absence of a central authority, they lay to additional concerns especially relating such technologies with specifications described in the regulation. The current work offers a contribution in the advancements of personal data sharing management systems in a distributed environment by presenting a real prototype and an architectural blueprint, which advances the state of the art in order to meet the GDPR regulation. Address those arisen issues, from a technological perspective, stands as an important challenge, in order to empower end users in owning their personal data for real.

Download Full-text

A Secure Key Aggregate Searchable Encryption with Multi Delegation in Cloud Data Sharing Service

Applied Sciences ◽

10.3390/app11198841 ◽

2021 ◽

Vol 11 (19) ◽

pp. 8841

Author(s):

JoonYoung Lee ◽

MyeongHyun Kim ◽

JiHyeon Oh ◽

YoungHo Park ◽

KiSung Park ◽

...

Keyword(s):

Data Sharing ◽

Keyword Search ◽

Personal Information ◽

Formal Analysis ◽

Searchable Encryption ◽

Third Party ◽

Security Evaluation ◽

Cloud Data ◽

Delegation Of Authority ◽

Data Owner

As the amount of data generated in various distributed environments is rapidly increasing, cloud servers and computing technologies are attracting considerable attention. However, the cloud server has privacy issues, including personal information and requires the help of a Trusted Third Party (TTP) for data sharing. However, because the amount of data generated and value increases, the data owner who produces data must become the subject of data sharing. In this study, we use key aggregate searchable encryption (KASE) technology, which enables keyword search, to efficiently share data without using TTP. The traditional KASE scheme approach only discusses the authority delegation from the data owner to another user. The traditional KASE scheme approach only discusses delegation of authority from the data owner to another user. However, if the delegated entity cannot perform time-critical tasks because the shared data are unavailable, the delegate must further delegate the rights given to other users. Consequently, this paper proposes a new KASE scheme that enables multi-delegation without TTP and includes an authentication technique between the user and the server. After that, we perform informal and formal analysis using BAN logic and AVISPA for security evaluation, and compare the security and performance aspects with existing schemes.

Download Full-text

TOPPool: Time-aware Optimized Privacy-Preserving Ridesharing

Proceedings on Privacy Enhancing Technologies ◽

10.2478/popets-2019-0060 ◽

2019 ◽

Vol 2019 (4) ◽

pp. 93-111 ◽

Cited By ~ 1

Author(s):

Elena Pagnin ◽

Gunnar Gunnarsson ◽

Pedram Talebi ◽

Claudio Orlandi ◽

Andrei Sabelfeld

Keyword(s):

High Performance ◽

Service Providers ◽

Privacy Preserving ◽

Time Preferences ◽

Third Party ◽

Prior Work ◽

Transportation Industry ◽

Real World Data ◽

Location Data ◽

Set Intersection

Abstract Ridesharing is revolutionizing the transportation industry in many countries. Yet, the state of the art is based on heavily centralized services and platforms, where the service providers have full possession of the users’ location data. Recently, researchers have started addressing the challenge of enabling privacy-preserving ridesharing. The initial proposals, however, have shortcomings, as some rely on a central party, some incur high performance penalties, and most do not consider time preferences for ridesharing. TOPPool encompasses ridesharing based on the proximity of end-points of a ride as well as partial itinerary overlaps. To achieve the latter, we propose a simple yet powerful reduction to a private set intersection on trips represented as sets of consecutive road segments. We show that TOPPool includes time preferences while preserving privacy and without relying on a third party. We evaluate our approach on real-world data from the New York’s Taxi & Limousine Commission. Our experiments demonstrate that TOPPool is superior in performance over the prior work: our intersection-based itinerary matching runs in less than 0.3 seconds for reasonable trip length, in contrast, on the same set of trips prior work takes up to 10 hours.

Download Full-text