Order-Revealing Encryption Scheme with Comparison Token for Cloud Computing

Order-preserving encryption (OPE) is a basic paradigm for the outsourced database where the order of plaintexts is kept in ciphertexts. OPE enables efficient order comparison execution while providing privacy protection. Unfortunately, almost all the previous OPE schemes either require numerous rounds of interactions or reveal more information about the encrypted database (e.g., the most significant bit). Order-revealing encryption (ORE) as a generalization is an encryption scheme where the order of plaintexts can be evaluated by running a comparison algorithm. Therefore, it is desirable to design an efficient ORE scheme which addresses above efficiency and security issues. In this paper, we propose a noninteractive ORE scheme from prefix encoding and Bloom filter techniques. The proposed scheme is an encryption scheme where a cloud service provider cannot evaluate the order of plaintexts until a comparison token is provided. The security analysis illustrates that our scheme achieves ideal security with frequency hiding. Furthermore, we illustrate a secure range query scheme through designing an encrypted tree structure named PORE tree from the above ORE scheme. The PORE tree reveals the order between different nodes and leaves encrypted data items in the same node incomparable even after query execution. Finally, the experimental evaluation shows the high efficiency of the proposed ORE scheme and range query scheme.

Download Full-text

VOTE: Verifiable Auditing for Outsourced Database with Token Enforced Cloud Storage

International Journal of Engineering and Advanced Technology - Regular Issue ◽

10.35940/ijeat.b3930.129219 ◽

2019 ◽

Vol 9 (2) ◽

pp. 5156-5166

Keyword(s):

Cloud Storage ◽

Bloom Filter ◽

Cloud Service ◽

Communication Cost ◽

Cloud Service Provider ◽

Merkle Hash Tree ◽

Database Administration ◽

Outsourced Database ◽

Counting Bloom Filter ◽

Null Set

Database deploying is one of the remarkable utilities in cloud computing where the Information Proprietor (IP) assigns the database administration to the Cloud Service Provider (CSP) in order to lower the administration overhead and preservation expenditures of the database. Regardless of its overwhelming advantages, it experiences few security problems such as confidentiality of deployed database and auditability of search outcome. In recent past, survey has been carried out on the auditability of search outcome of deployed database that gives preciseness and intactness of search outcome. But in the prevailing schemes, since there is flow of data between IP and the clients repeatedly, huge communication cost is incurred at the Information Proprietor side. To address this challenge, we introduce Verifiable Auditing of Outsourced Database with Token Enforced Cloud Storage (VOTE) mechanism based on Merkle Hash Tree (MHT), Invertible Bloom Filter(IBF) and Counting Bloom Filter(CBF). The proposed scheme reduces the huge communication cost at the Information Proprietor side and achieves preciseness and intactness of the search outcome. Experimental analysis show that the proposed scheme has totally reduced the huge communication cost at the Information Proprietor side, and simultaneously achieves the preciseness and intactness of search outcome though the semi- trusted CSP deliberately sends a null set

Download Full-text

An Efficient Electronic Cash System Based on Certificateless Group Signcryption Scheme Using Conformable Chaotic Maps

Sensors ◽

10.3390/s21217039 ◽

2021 ◽

Vol 21 (21) ◽

pp. 7039

Author(s):

Chandrashekhar Meshram ◽

Agbotiname Lucky Imoize ◽

Amer Aljaedi ◽

Adel R. Alharbi ◽

Sajjad Shaukat Jamal ◽

...

Keyword(s):

High Efficiency ◽

Chaotic Maps ◽

Security Analysis ◽

Electronic Cash ◽

Security Vulnerabilities ◽

The Public ◽

Security Issues ◽

Significant Research ◽

Online Business ◽

Chosen Ciphertext Attack

Signcryption schemes leveraging chaotic constructions have garnered significant research interest in recent years. These schemes have proffered practical solutions towards addressing the vast security vulnerabilities in Electronic Cash Systems (ECS). The schemes can seamlessly perform message confidentiality and authentication simultaneously. Still, their applications in emerging electronic cash platforms require a higher degree of complexity in design and robustness, especially as billions of online transactions are conducted globally. Consequently, several security issues arise from using open wireless channels for online business transactions. In order to guarantee the security of user information over these safety-limited channels, sophisticated security schemes are solely desired. However, the existing signcryption schemes cannot provide the required confidentiality and authentication for user information on these online platforms. Therefore, the need for certificateless group signcryption schemes (CGSS) becomes imperative. This paper presents an efficient electronic cash system based on CGSS using conformable chaotic maps (CCM). In our design, any group signcrypter would encrypt information/data with the group manager (GM) and send it to the verifier, who confirms the authenticity of the signcrypted information/data using the public criteria of the group. Additionally, the traceability, unforgeability, unlinkability, and robust security of the proposed CGSS-CCM ECS scheme have been built leveraging computationally difficult problems. Performance evaluation of the proposed CGSS-CCM ECS scheme shows that it is secure from the Indistinguishably Chosen Ciphertext Attack. Finally, the security analysis of the proposed technique shows high efficiency in security-vulnerable applications. Overall, the scheme gave superior security features compared to the existing methods in the preliminaries.

Download Full-text

Migration Issues in Cloud Computing due to Security Flaws

IMS Manthan (The Journal of Innovations) ◽

10.18701/imsmanthan.v8i2.5132 ◽

2015 ◽

Vol 8 (2) ◽

Author(s):

Hitesh Marwaha ◽

Dr. Rajeshwar Singh

Keyword(s):

Cloud Computing ◽

Service Providers ◽

Trusted Computing ◽

Cloud Service ◽

Cloud Services ◽

The Internet ◽

Security Issues ◽

Cloud Computing Service ◽

Cloud Service Providers ◽

Almost All

Cloud computing is becoming an adoptable technology for many of the organizations with its dynamic scalability and usage of virtualized resources as a service through the Internet. Cloud computing is the delivery of computing services over the Internet. Cloud services allow individuals and businesses to use software and hardware that are managed by third parties at remote locations. Cloud Computing is a computing model, in which customer plug into the “cloud” to access IT resources which are priced and provided “on-demand”. The major challenges that prevent Cloud Computing from being adopted are recognized by organizations are security issues. Many techniques for securing the data in cloud are proposed by researcher but almost all methods have some drawbacks and till date no appropriate method has not been proposed that Cloud service providers can win the trust of customer. In this research paper the various security issues are reviewed along with cloud computing service providers which will give a deep insight for cloud service providers as well as researchers to work on the areas and make cloud computing a“trusted computing “and hardening the confidence of organizations towards cloud computing migration.

Download Full-text

A Study of the Cloud Computing Adoption Issues and Challenges

Recent Advances in Computer Science and Communications ◽

10.2174/2213275911666181114142428 ◽

2020 ◽

Vol 13 (3) ◽

pp. 313-318 ◽

Cited By ~ 3

Author(s):

Dhanapal Angamuthu ◽

Nithyanandam Pandian

Keyword(s):

Cloud Computing ◽

High Performance ◽

Cloud Service ◽

Ease Of Use ◽

Modern Trend ◽

Security Issues ◽

Research Areas ◽

Data Location ◽

Broad Classification

Background: The cloud computing is the modern trend in high-performance computing. Cloud computing becomes very popular due to its characteristic of available anywhere, elasticity, ease of use, cost-effectiveness, etc. Though the cloud grants various benefits, it has associated issues and challenges to prevent the organizations to adopt the cloud. Objective: The objective of this paper is to cover the several perspectives of Cloud Computing. This includes a basic definition of cloud, classification of the cloud based on Delivery and Deployment Model. The broad classification of the issues and challenges faced by the organization to adopt the cloud computing model are explored. Examples for the broad classification are Data Related issues in the cloud, Service availability related issues in cloud, etc. The detailed sub-classifications of each of the issues and challenges discussed. The example sub-classification of the Data Related issues in cloud shall be further classified into Data Security issues, Data Integrity issue, Data location issue, Multitenancy issues, etc. This paper also covers the typical problem of vendor lock-in issue. This article analyzed and described the various possible unique insider attacks in the cloud environment. Results: The guideline and recommendations for the different issues and challenges are discussed. The most importantly the potential research areas in the cloud domain are explored. Conclusion: This paper discussed the details on cloud computing, classifications and the several issues and challenges faced in adopting the cloud. The guideline and recommendations for issues and challenges are covered. The potential research areas in the cloud domain are captured. This helps the researchers, academicians and industries to focus and address the current challenges faced by the customers.

Download Full-text

Comparable Encryption Scheme over Encrypted Cloud Data in Internet of Everything

Security and Communication Networks ◽

10.1155/2017/6430850 ◽

2017 ◽

Vol 2017 ◽

pp. 1-11

Author(s):

Qian Meng ◽

Jianfeng Ma ◽

Kefei Chen ◽

Yinbin Miao ◽

Tengfei Yang

Keyword(s):

Model Performance ◽

Data Integrity ◽

Cloud Service ◽

Third Party ◽

Encryption Scheme ◽

Cloud Data ◽

Practical Applications ◽

Internet Of Everything ◽

Window Method ◽

Comparable Encryption

User authentication has been widely deployed to prevent unauthorized access in the new era of Internet of Everything (IOE). When user passes the legal authentication, he/she can do series of operations in database. We mainly concern issues of data security and comparable queries over ciphertexts in IOE. In traditional database, a Short Comparable Encryption (SCE) scheme has been widely used by authorized users to conduct comparable queries over ciphertexts, but existing SCE schemes still incur high storage and computational overhead as well as economic burden. In this paper, we first propose a basic Short Comparable Encryption scheme based on sliding window method (SCESW), which can significantly reduce computational and storage burden as well as enhance work efficiency. Unfortunately, as the cloud service provider is a semitrusted third party, public auditing mechanism needs to be furnished to protect data integrity. To further protect data integrity and reduce management overhead, we present an enhanced SCESW scheme based on position-aware Merkle tree, namely, PT-SCESW. Security analysis proves that PT-SCESW and SCESW schemes can guarantee completeness and weak indistinguishability in standard model. Performance evaluation indicates that PT-SCESW scheme is efficient and feasible in practical applications, especially for smarter and smaller computing devices in IOE.

Download Full-text

Provably Secure Authentication Approach for Data Security in Cloud Using Hashing, Encryption, and Chebyshev-Based Authentication

International Journal of Information Security and Privacy ◽

10.4018/ijisp.2022010106 ◽

2022 ◽

Vol 16 (1) ◽

pp. 0-0

Keyword(s):

Data Security ◽

Security Analysis ◽

Data Communication ◽

Computation Time ◽

Computational Time ◽

Security Issues ◽

Authentication Mechanism ◽

Cloud Server ◽

Secure Authentication ◽

Provably Secure

Secure and efficient authentication mechanism becomes a major concern in cloud computing due to the data sharing among cloud server and user through internet. This paper proposed an efficient Hashing, Encryption and Chebyshev HEC-based authentication in order to provide security among data communication. With the formal and the informal security analysis, it has been demonstrated that the proposed HEC-based authentication approach provides data security more efficiently in cloud. The proposed approach amplifies the security issues and ensures the privacy and data security to the cloud user. Moreover, the proposed HEC-based authentication approach makes the system more robust and secured and has been verified with multiple scenarios. However, the proposed authentication approach requires less computational time and memory than the existing authentication techniques. The performance revealed by the proposed HEC-based authentication approach is measured in terms of computation time and memory as 26ms, and 1878bytes for 100Kb data size, respectively.

Download Full-text

A Comparative analysis of security issues & vulnerabilities of leading Cloud Service Providers and in-house University Cloud platform for hosting E-Educational applications

10.1109/mysurucon52639.2021.9641545 ◽

2021 ◽

Author(s):

Abhishek Sharma ◽

Umesh Kumar Singh ◽

Kamal Upreti ◽

Nishant Kumar ◽

Suyash Kumar Singh

Keyword(s):

Comparative Analysis ◽

Service Providers ◽

Cloud Service ◽

Cloud Platform ◽

Security Issues ◽

Cloud Service Providers ◽

Educational Applications

Download Full-text

A Secure Ciphertext Retrieval Scheme against Insider KGAs for Mobile Devices in Cloud Storage

Security and Communication Networks ◽

10.1155/2018/7254305 ◽

2018 ◽

Vol 2018 ◽

pp. 1-7 ◽

Cited By ~ 11

Author(s):

Run Xie ◽

Chanlian He ◽

Dongqing Xie ◽

Chongzhi Gao ◽

Xiaojun Zhang

Keyword(s):

Cloud Computing ◽

Mobile Devices ◽

Data Privacy ◽

Security Analysis ◽

Data Retrieval ◽

Sensitive Data ◽

Encrypted Data ◽

Security Issues ◽

Efficiency Comparison ◽

Cloud Servers

With the advent of cloud computing, data privacy has become one of critical security issues and attracted much attention as more and more mobile devices are relying on the services in cloud. To protect data privacy, users usually encrypt their sensitive data before uploading to cloud servers, which renders the data utilization to be difficult. The ciphertext retrieval is able to realize utilization over encrypted data and searchable public key encryption is an effective way in the construction of encrypted data retrieval. However, the previous related works have not paid much attention to the design of ciphertext retrieval schemes that are secure against inside keyword-guessing attacks (KGAs). In this paper, we first construct a new architecture to resist inside KGAs. Moreover we present an efficient ciphertext retrieval instance with a designated tester (dCRKS) based on the architecture. This instance is secure under the inside KGAs. Finally, security analysis and efficiency comparison show that the proposal is effective for the retrieval of encrypted data in cloud computing.

Download Full-text

Multi-dimensional Range Query on Outsourced Database with Strong Privacy Guarantee

International Journal of Computer Network and Information Security ◽

10.5815/ijcnis.2017.10.02 ◽

2017 ◽

Vol 9 (10) ◽

pp. 13-23

Author(s):

Do Hoang Giang ◽

◽

Ng Wee Keong

Keyword(s):

Range Query ◽

Outsourced Database ◽

Dimensional Range

Download Full-text

Nuclear-Targeted TAT-PZLL-D3 Co-Delivery DOX and p53 for Chemotherapy Resistance of SCLC

10.21203/rs.3.rs-309656/v1 ◽

2021 ◽

Author(s):

Dan Wang ◽

Tianshou Cao ◽

Wanyu Li ◽

Li Li ◽

Qunfa Huang ◽

...

Keyword(s):

Lung Cancer ◽

Drug Resistance ◽

Tumor Recurrence ◽

High Efficiency ◽

Chemotherapy Resistance ◽

A549 Cells ◽

Delivery Vector ◽

Transactivator Of Transcription ◽

Almost All

Abstract Small cell lung cancer (SCLC) accounts for 13% ~ 15% of lung cancer. It is a subtype with high malignancy and poor prognosis. Almost all patients with SCLC will inevitably have drug resistance and tumor recurrence, which has become an urgent problem in the treatment of SCLC. Nuclear-targeted drug delivery system, which enables intra-nuclear release of anticancer drugs, is expected to address this challenge. In this study, based on transactivator of transcription (TAT)’s active transport property to the nucleus, we developed a high-efficiency nucleus-targeted co-delivery vector that delivers genes and drugs directly into the nucleus of A549 cells. The system is based on a poly-(N-ε-carbobenzyloxy-L-lysine) (PZLL) and dendritic polyamidoamine (PAMAM) block copolymer (PZLL-D3) with TAT modified on the surface of carrier. In vitro studies showed that DOX and p53 could can be effectively transported to the nucleus and kill the cancer cells. Thus, such deliver system would bypass the drug resistance and tumor recurrence problem.

Download Full-text