scholarly journals A Privacy-Preserving Attribute-Based Encryption System for Data Sharing in Smart Cities

2021 ◽  
Vol 2021 ◽  
pp. 1-15
Author(s):  
Xieyang Shen ◽  
Chuanhe Huang ◽  
Danxin Wang ◽  
Jiaoli Shi
Keyword(s):  
Data Sharing ◽  
Service Providers ◽  
Smart Cities ◽  
Information Leakage ◽  
Cloud Service ◽  
Data Access ◽  
Smart Devices ◽  
Fine Grained ◽  
Data Access Control ◽  
High Level

Information leakage and efficiency are the two main concerns of data sharing in cloud-aided IoT. The main problem is that smart devices cannot afford both energy and computation costs and tend to outsource data to a cloud server. Furthermore, most schemes focus on preserving the data stored in the cloud but omitting the access policy is typically stored in unencrypted form. In this paper, we proposed a fine-grained data access control scheme based on CP-ABE to implement access policies with a greater degree of expressiveness as well as hidden policies from curious cloud service providers. Moreover, to mitigate the extra computation cost generated by complex policies, an outsourcing service for decryption can be used by data users. Further experiments and extensive analysis show that we significantly decrease the communication and computation overhead while providing a high-level security scheme compared with the existing schemes.

Authentication and Identity Management for Secure Cloud Businesses and Services

2014 ◽  
pp. 180-201 ◽  
Author(s):  
Bing He ◽  
Tuan T. Tran ◽  
Bin Xie
Keyword(s):  
Access Control ◽  
Identity Management ◽  
Service Providers ◽  
Cloud Service ◽  
Data Access ◽  
Fine Grained ◽  
Industry Standards ◽  
Cloud Service Providers ◽  
Potential Benefits ◽  
Identity Management System

Today, cloud-based services and applications are ubiquitous in many systems. The cloud provides undeniable potential benefits to the users by offering lower costs and simpler deployment. The users significantly reduce their system management responsibilities by outsourcing services to the cloud service providers. However, the management shift has posed significant security challenges to the cloud service providers. Security concerns are the main reasons that delay organizations from moving to the cloud. The security and efficiency of user identity management and access control in the cloud needs to be well addressed to realize the power of the cloud. In this chapter, the authors identify the key challenges and provide solutions to the authentication and identity management for secure cloud business and services. The authors first identify and discuss the challenges and requirements of the authentication and identity management system in the cloud. Several prevailing industry standards and protocols for authentication and access control in cloud environments are provided and discussed. The authors then present and discuss the latest advances in authentication and identity management in cloud, especially for mobile cloud computing and identity as a service. They further discuss how proximity-based access control can be applied for an effective and fine-grained data access control in the cloud.

Authentication and Identity Management for Secure Cloud Businesses and Services

2016 ◽  
pp. 1629-1651
Author(s):  
Bing He ◽  
Tuan T. Tran ◽  
Bin Xie
Keyword(s):  
Access Control ◽  
Identity Management ◽  
Service Providers ◽  
Cloud Service ◽  
Data Access ◽  
Fine Grained ◽  
Industry Standards ◽  
Cloud Service Providers ◽  
Potential Benefits ◽  
Identity Management System

Today, cloud-based services and applications are ubiquitous in many systems. The cloud provides undeniable potential benefits to the users by offering lower costs and simpler deployment. The users significantly reduce their system management responsibilities by outsourcing services to the cloud service providers. However, the management shift has posed significant security challenges to the cloud service providers. Security concerns are the main reasons that delay organizations from moving to the cloud. The security and efficiency of user identity management and access control in the cloud needs to be well addressed to realize the power of the cloud. In this chapter, the authors identify the key challenges and provide solutions to the authentication and identity management for secure cloud business and services. The authors first identify and discuss the challenges and requirements of the authentication and identity management system in the cloud. Several prevailing industry standards and protocols for authentication and access control in cloud environments are provided and discussed. The authors then present and discuss the latest advances in authentication and identity management in cloud, especially for mobile cloud computing and identity as a service. They further discuss how proximity-based access control can be applied for an effective and fine-grained data access control in the cloud.

scholarly journals Enabling efficient traceable and revocable time-based data sharing in smart city

2022 ◽  
Vol 2022 (1) ◽  
Author(s):  
Jiawei Zhang ◽  
Teng Li ◽  
Qi Jiang ◽  
Jianfeng Ma
Keyword(s):  
Access Control ◽  
Data Sharing ◽  
Smart City ◽  
Large Scale ◽  
Fog Computing ◽  
Data Access ◽  
Sensitive Information ◽  
Fine Grained ◽  
Data Access Control ◽  
Security Proof

AbstractWith the assistance of emerging techniques, such as cloud computing, fog computing and Internet of Things (IoT), smart city is developing rapidly into a novel and well-accepted service pattern these days. The trend also facilitates numerous relevant applications, e.g., smart health care, smart office, smart campus, etc., and drives the urgent demand for data sharing. However, this brings many concerns on data security as there is more private and sensitive information contained in the data of smart city applications. It may incur disastrous consequences if the shared data are illegally accessed, which necessitates an efficient data access control scheme for data sharing in smart city applications with resource-poor user terminals. To this end, we proposes an efficient traceable and revocable time-based CP-ABE (TR-TABE) scheme which can achieve time-based and fine-grained data access control over large attribute universe for data sharing in large-scale smart city applications. To trace and punish the malicious users that intentionally leak their keys to pursue illicit profits, we design an efficient user tracing and revocation mechanism with forward and backward security. For efficiency improvement, we integrate outsourced decryption and verify the correctness of its result. The proposed scheme is proved secure with formal security proof and is demonstrated to be practical for data sharing in smart city applications with extensive performance evaluation.

Improved Proofs Of Retrievability And Replication For Data Availability In Cloud Storage

2020 ◽  
Vol 63 (8) ◽  
pp. 1216-1230 ◽  
Author(s):  
Wei Guo ◽  
Sujuan Qin ◽  
Jun Lu ◽  
Fei Gao ◽  
Zhengping Jin ◽  
...  
Keyword(s):  
Service Providers ◽  
Cloud Service ◽  
Data Availability ◽  
Forgery Attack ◽  
Common Strategy ◽  
Comparable Performance ◽  
Replication Scheme ◽  
High Level ◽  
Cloud Users ◽  
Proofs Of Retrievability

Abstract For a high level of data availability and reliability, a common strategy for cloud service providers is to rely on replication, i.e. storing several replicas onto different servers. To provide cloud users with a strong guarantee that all replicas required by them are actually stored, many multi-replica integrity auditing schemes were proposed. However, most existing solutions are not resource economical since users need to create and upload replicas of their files by themselves. A multi-replica solution called Mirror is presented to overcome the problems, but we find that it is vulnerable to storage saving attack, by which a dishonest provider can considerably save storage costs compared to the costs of storing all the replicas honestly—while still can pass any challenge successfully. In addition, we also find that Mirror is easily subject to substitution attack and forgery attack, which pose new security risks for cloud users. To address the problems, we propose some simple yet effective countermeasures and an improved proofs of retrievability and replication scheme, which can resist the aforesaid attacks and maintain the advantages of Mirror, such as economical bandwidth and efficient verification. Experimental results show that our scheme exhibits comparable performance with Mirror while achieving high security.

ILSSPP: Intelligent location sharing system with privacy preserving features for smart cities

2021 ◽  
pp. 1-12
Author(s):  
Gokay Saldamli ◽  
Richard Chow ◽  
Hongxia Jin
Keyword(s):  
Service Providers ◽  
Smart Cities ◽  
User Interaction ◽  
Privacy Preserving ◽  
Location Based Services ◽  
Third Party ◽  
Location Information ◽  
Fine Grained ◽  
Location Sharing ◽  
Social Network Structure

Social networking services are increasingly accessed through mobile devices. This trend has prompted services such as Facebook and Google+to incorporate location as a de facto feature of user interaction. At the same time, services based on location such as Foursquare and Shopkick are also growing as smartphone market penetration increases. In fact, this growth is happening despite concerns (growing at a similar pace) about security and third-party use of private location information (e.g., for advertising). Nevertheless, service providers have been unwilling to build truly private systems in which they do not have access to location information. In this paper, we describe an architecture and a trial implementation of a privacy-preserving location sharing system called ILSSPP. The system protects location information from the service provider and yet enables fine grained location-sharing. One main feature of the system is to protect an individual’s social network structure. The pattern of location sharing preferences towards contacts can reveal this structure without any knowledge of the locations themselves. ILSSPP protects locations sharing preferences through protocol unification and masking. ILSSPP has been implemented as a standalone solution, but the technology can also be integrated into location-based services to enhance privacy.

scholarly journals A Safe and Resilient Cryptographic System for Dynamic Cloud Groups with Secure Data Sharing and Efficient User Revocation

2021 ◽  
Vol 12 (3) ◽  
pp. 5164-5175
Author(s):  
Prerna Agarwal Et. al.
Keyword(s):  
Data Sharing ◽  
Service Providers ◽  
Cloud Service ◽  
Data File ◽  
Third Party ◽  
Outsourced Data ◽  
User Revocation ◽  
Cryptographic System ◽  
Daunting Challenge ◽  
Cloud Users

A comprehensive and functional approach is built in cloud computing, which can be used by cloud users to exchange information. Cloud service providers (CSPs) can transfer through server services through powerful data centres to cloud users. Data is protected through authentication of cloud users and CSPs can have outsourced data file sharing security assurance. The continuing change in cloud users, especially unauthenticated users or third parties poses a critical problem in ensuring privacy in data sharing. The multifunctional exchange of information while protecting information and personal protection from unauthorized or other third-party users remains a daunting challenge

scholarly journals Practical Multiauthority Attribute-Based Access Control for Edge-Cloud-Aided Internet of Things

2021 ◽  
Vol 2021 ◽  
pp. 1-22
Author(s):  
Kaiqing Huang ◽  
Xueli Wang ◽  
Zhiqiang Lin
Keyword(s):  
Internet Of Things ◽  
Access Control ◽  
Data Access ◽  
Edge Computing ◽  
Fine Grained ◽  
Technical Requirements ◽  
Data Access Control ◽  
Heavy Burden ◽  
Attribute Based Access Control ◽  
Access Privileges

With the assistance of edge computing which reduces the heavy burden of the cloud center server by using the network edge servers, the Internet of Things (IoTs) architectures enable low latency for real-time devices and applications. However, there still exist security challenges on data access control for the IoT. Multiauthority attribute-based encryption (MA-ABE) is a promising technique to achieve access control over encrypted data in cross-domain applications. Based on the characteristics and technical requirements of the IoT, we propose an efficient fine-grained revocable large universe multiauthority access control scheme. In the proposed scheme, the most expensive encryption operations have been executed in the user’s initialization phase by adding a reusable ciphertext pool besides splitting the encryption algorithm to online encryption and offline encryption. Massive decryption operations are outsourced to the near-edge servers for reducing the computation overhead of decryption. An efficient revocation mechanism is designed to change users’ access privileges dynamically. Moreover, the scheme supports ciphertext verification. Only valid ciphertext can be stored and transmitted, which saves system resources. With the help of the chameleon hash function, the proposed scheme is proven CCA2-secure under the q-DPBDHE2 assumption. The performance analysis results indicate that the proposed scheme is efficient and suitable in edge computing for the IoT.

scholarly journals An SDN-Based Connectivity Control System for Wi-Fi Devices

2018 ◽  
Vol 2018 ◽  
pp. 1-10 ◽  
Author(s):  
Duc-Thang Nguyen ◽  
Taehong Kim
Keyword(s):  
Control System ◽  
Service Providers ◽  
Connection Management ◽  
Fine Grained ◽  
Connectivity Information ◽  
Wireless Environment ◽  
Remote Services ◽  
Iot Devices ◽  
And Performance ◽  
High Level

In recent years, the prevalence of Wi-Fi-enabled devices such as smartphones, smart appliances, and various sensors has increased. As most IoT devices lack a display or a keypad owing to their tiny size, it is difficult to set connectivity information such as service set identifier (SSID) and password without any help from external devices such as smartphones. Moreover, it is much more complex to apply advanced connectivity options such as SSID hiding, MAC ID filtering, and Wi-Fi Protected Access (WPA) to these devices. Thus, we need a new Wi-Fi network management system which not only facilitates client access operations but also provides a high-level authentication procedure. In this paper, we introduce a remote connectivity control system for Wi-Fi devices based on software-defined networking (SDN) in a wireless environment. The main contributions of the proposed system are twofold: (i) it enables network owner/administrator to manage and approve connection request from Wi-Fi devices through remote services, which is essential for easy connection management across diverse IoT devices; (ii) it also allows fine-grained access control at the device level through remote control. We describe the architecture of SDN-based remote connectivity control of Wi-Fi devices. While verifying the feasibility and performance of the proposed system, we discuss how the proposed system can benefit both service providers and users.

Sign in / Sign up

Export Citation Format

Share Document