scholarly journals A Threshold Proxy Re-Encryption Scheme for Secure IoT Data Sharing Based on Blockchain

Electronics ◽  
2021 ◽  
Vol 10 (19) ◽  
pp. 2359
Author(s):  
Yingwen Chen ◽  
Bowen Hu ◽  
Hujie Yu ◽  
Zhimin Duan ◽  
Junxin Huang

The IoT devices deployed in various application scenarios will generate massive data with immeasurable value every day. These data often contain the user’s personal privacy information, so there is an imperative need to guarantee the reliability and security of IoT data sharing. We proposed a new encrypted data storing and sharing architecture by combining proxy re-encryption with blockchain technology. The consensus mechanism based on threshold proxy re-encryption eliminates dependence on the third-party central service providers. Multiple consensus nodes in the blockchain network act as proxy service nodes to re-encrypt data and combine converted ciphertext, and personal information will not be disclosed in the whole procedure. That eliminates the restrictions of using decentralized network to store and distribute private encrypted data safely. We implemented a lot of simulated experiments to evaluate the performance of the proposed framework. The results show that the proposed architecture can meet the extensive data access demands and increase a tolerable time latency. Our scheme is one of the essays to utilize the threshold proxy re-encryption and blockchain consensus algorithm to support IoT data sharing.

2019 ◽  
Vol 13 (4) ◽  
pp. 356-363
Author(s):  
Yuezhong Wu ◽  
Wei Chen ◽  
Shuhong Chen ◽  
Guojun Wang ◽  
Changyun Li

Background: Cloud storage is generally used to provide on-demand services with sufficient scalability in an efficient network environment, and various encryption algorithms are typically applied to protect the data in the cloud. However, it is non-trivial to obtain the original data after encryption and efficient methods are needed to access the original data. Methods: In this paper, we propose a new user-controlled and efficient encrypted data sharing model in cloud storage. It preprocesses user data to ensure the confidentiality and integrity based on triple encryption scheme of CP-ABE ciphertext access control mechanism and integrity verification. Moreover, it adopts secondary screening program to achieve efficient ciphertext retrieval by using distributed Lucene technology and fine-grained decision tree. In this way, when a trustworthy third party is introduced, the security and reliability of data sharing can be guaranteed. To provide data security and efficient retrieval, we also combine active user with active system. Results: Experimental results show that the proposed model can ensure data security in cloud storage services platform as well as enhance the operational performance of data sharing. Conclusion: The proposed security sharing mechanism works well in an actual cloud storage environment.


2021 ◽  
Vol 13 (1) ◽  
pp. 20-39
Author(s):  
Ahmed Aloui ◽  
Okba Kazar

In mobile business (m-business), a client sends its exact locations to service providers. This data may involve sensitive and private personal information. As a result, misuse of location information by the third party location servers creating privacy issues for clients. This paper provides an overview of the privacy protection techniques currently applied by location-based mobile business. The authors first identify different system architectures and different protection goals. Second, this article provides an overview of the basic principles and mechanisms that exist to protect these privacy goals. In a third step, the authors provide existing privacy protection measures.


Author(s):  
Prerna Agarwal Et. al.

A comprehensive and functional approach is built in cloud computing, which can be used by cloud users to exchange information. Cloud service providers (CSPs) can transfer through server services through powerful data centres to cloud users. Data is protected through authentication of cloud users and CSPs can have outsourced data file sharing security assurance. The continuing change in cloud users, especially unauthenticated users or third parties poses a critical problem in ensuring privacy in data sharing. The multifunctional exchange of information while protecting information and personal protection from unauthorized or other third-party users remains a daunting challenge


2020 ◽  
Vol 16 (1) ◽  
pp. 116-141
Author(s):  
Bertin Martens ◽  
Frank Mueller-Langer

Abstract Before the arrival of digital car data, car manufacturers had already partly foreclosed the maintenance market through franchising contracts with a network of exclusive official dealers. EU regulation endorsed this foreclosure but mandated access to maintenance data for independent service providers to keep competition in these markets. The arrival of digital car data upsets this balance because manufacturers can collect real-time maintenance data on their servers and send messages to drivers. These can be used to price discriminate and increase the market share of official dealers. There are at least four alternative technical gateways that could give independent service providers similar data access options. However, they suffer in various degrees from data portability issues, switching costs and weak network effects, and insufficient economies of scale and scope in data analytics. Multisided third-party consumer media platforms appear to be better placed to overcome these economic hurdles, provided that an operational real-time data portability regime could be established.


Cryptography ◽  
2019 ◽  
Vol 3 (1) ◽  
pp. 7 ◽  
Author(s):  
Karuna Pande Joshi ◽  
Agniva Banerjee

An essential requirement of any information management system is to protect data and resources against breach or improper modifications, while at the same time ensuring data access to legitimate users. Systems handling personal data are mandated to track its flow to comply with data protection regulations. We have built a novel framework that integrates semantically rich data privacy knowledge graph with Hyperledger Fabric blockchain technology, to develop an automated access-control and audit mechanism that enforces users' data privacy policies while sharing their data with third parties. Our blockchain based data-sharing solution addresses two of the most critical challenges: transaction verification and permissioned data obfuscation. Our solution ensures accountability for data sharing in the cloud by incorporating a secure and efficient system for End-to-End provenance. In this paper, we describe this framework along with the comprehensive semantically rich knowledge graph that we have developed to capture rules embedded in data privacy policy documents. Our framework can be used by organizations to automate compliance of their Cloud datasets.


10.2196/16887 ◽  
2020 ◽  
Vol 22 (6) ◽  
pp. e16887
Author(s):  
Anjum Khurshid ◽  
Vivian Rajeswaren ◽  
Steven Andrews

Background In the homeless population, barriers to housing and supportive services include a lack of control or access to data. Disparate data formats and storage across multiple organizations hinder up-to-date intersystem access to records and a unified view of an individual’s health and documentation history. The utility of blockchain to solve interoperability in health care is supported in recent literature, but the technology has yet to be tested in real-life conditions encompassing the complex regulatory standards in the health sector. Objective This study aimed to test the feasibility and performance of a blockchain system in a homeless community to securely store and share data across a system of providers in the health care ecosystem. Methods We performed a series of platform demonstrations and open-ended qualitative feedback interviews to determine the key needs and barriers to user and stakeholder adoption. Account creation and data transactions promoting organizational efficiency and improved health outcomes in this population were tested with homeless users and service providers. Results Persons experiencing homelessness and care organizations could successfully create accounts, grant and revoke data sharing permissions, and transmit documents across a distributed network of providers. However, there were issues regarding the security of shared data, user experience and adoption, and organizational preparedness for service providers as end users. We tested a set of assumptions related to these problems within the project time frame and contractual obligations with an existing blockchain-based platform. Conclusions Blockchain technology provides decentralized data sharing, validation, immutability, traceability, and integration. These core features enable a secure system for the management and distribution of sensitive information. This study presents a concrete evaluation of the effectiveness of blockchain through an existing platform while revealing limitations from the perspectives of user adoption, cost-effectiveness, scalability, and regulatory frameworks.


Sensors ◽  
2019 ◽  
Vol 19 (12) ◽  
pp. 2817
Author(s):  
Zhen-Yu Wu

“Education Cloud” is a cloud-computing application used in educational contexts to facilitate the use of comprehensive digital technologies and establish data-based learning environments. The immense amount of digital resources, data, and teaching materials involved in these environments must be stored in robust data-access systems. These systems must be equipped with effective security mechanisms to guarantee confidentiality and ensure the integrity of the cloud-computing environment. To minimize the potential risk of privacy exposure, digital sharing service providers must encrypt their digital resources, data, and teaching materials, and digital-resource owners must have complete control over what data or materials they share. In addition, the data in these systems must be accessible to e-learners. In other words, data-access systems should not only encrypt data, but also provide access control mechanisms by which users may access the data. In cloud environments, digital sharing systems no longer target single users, and the access control by numerous users may overload a system and increase management burden and complexity. This study addressed these challenges to create a system that preserves the benefits of combining digital sharing systems and cloud computing. A cloud-based and learner-centered access control mechanism suitable for multi-user digital sharing was developed. The proposed mechanism resolves the problems concerning multi-user access requests in cloud environments and dynamic updating in digital-sharing systems, thereby reducing the complexity of security management.


2018 ◽  
Vol 2018 ◽  
pp. 1-16 ◽  
Author(s):  
Qiang Wei ◽  
Huaibin Shao ◽  
Gongxuan Zhang

Due to the abundant storage resources and high reliability data service of cloud computing, more individuals and enterprises are motivated to outsource their data to public cloud platform and enable legal data users to search and download what they need in the outsourced dataset. However, in “Paid Data Sharing” model, some valuable data should be encrypted before outsourcing for protecting owner’s economic benefits, which is an obstacle for flexible application. Specifically, if the owner does not know who (user) will download which data files in advance and even does not know the attributes of user, he/she has to either remain online all the time or import a trusted third party (TTP) to distribute the file decryption key to data user. Obviously, making the owner always remain online is too inflexible, and wholly depending on the security of TTP is a potential risk. In this paper, we propose a flexible, secure, and reliable data sharing scheme based on collaboration in multicloud environment. For securely and instantly providing data sharing service even if the owner is offline and without TTP, we distribute all encrypted split data/key blocks together to multiple cloud service providers (CSPs), respectively. An elaborate cryptographic protocol we designed helps the owner verify the correctness of data exchange bills, which is directly related to the owner’s economic benefits. Besides, in order to support reliable data service, the erasure-correcting code technic is exploited for tolerating multiple failures among CSPs, and we offer a secure keyword search mechanism that makes the system more close to reality. Extensive security analyses and experiments on real-world data show that our scheme is secure and efficient.


2021 ◽  
Vol 2021 ◽  
pp. 1-15
Author(s):  
Xieyang Shen ◽  
Chuanhe Huang ◽  
Danxin Wang ◽  
Jiaoli Shi

Information leakage and efficiency are the two main concerns of data sharing in cloud-aided IoT. The main problem is that smart devices cannot afford both energy and computation costs and tend to outsource data to a cloud server. Furthermore, most schemes focus on preserving the data stored in the cloud but omitting the access policy is typically stored in unencrypted form. In this paper, we proposed a fine-grained data access control scheme based on CP-ABE to implement access policies with a greater degree of expressiveness as well as hidden policies from curious cloud service providers. Moreover, to mitigate the extra computation cost generated by complex policies, an outsourcing service for decryption can be used by data users. Further experiments and extensive analysis show that we significantly decrease the communication and computation overhead while providing a high-level security scheme compared with the existing schemes.


2021 ◽  
Vol 13 (16) ◽  
pp. 9206
Author(s):  
Marc Alier ◽  
Maria Jose Casañ Guerrero ◽  
Daniel Amo ◽  
Charles Severance ◽  
David Fonseca

Most educational software programs use and gather personal information and metadata from students. Additionally, most of the educational software programs are no longer operated by the learning institutions but are run by third-party agencies. This means that in the decade since 2020, information about students is stored and handled outside premises and control of learning institutions. The personal information about students and their activity while they interact with learning management systems and online learning tools is increasingly in custody of cloud computing platforms, software-as-a-service providers, and learning tool vendors. There is an increasing will to use all the data and metadata from the activity of the students for research, to develop education management strategies, pedagogy approaches, and develop behavior control tools or learning tools informed by behavior analysis from learning analytics. Many times, these studies lack the ethical and moral perspective. In addition, there is an increasing number of cases in which this information has leaked or has been used in a shady way. Additionally, this information will be around for a long time, tied to the future digital profiles of the students whose data has been leaked. This paper hypothesizes that there has been an ongoing process of technological evolution that leads to a loss of control over personal information, which makes it even more difficult to protect user confidentiality and ensuring privacy, that data surveillance has entered the world of education, and that the current legal frameworks are not enough to really protect the student’s personal information. The paper analyzes how this situation came to pass, and why this is wrong. We conclude with some proposals to address it from its different root dimensions: technical, cultural, legal, and organizational.


Sign in / Sign up

Export Citation Format

Share Document