673 research outputs found
A Practical Framework for Storing and Searching Encrypted Data on Cloud Storage
Security has become a significant concern with the increased popularity of
cloud storage services. It comes with the vulnerability of being accessed by
third parties. Security is one of the major hurdles in the cloud server for the
user when the user data that reside in local storage is outsourced to the
cloud. It has given rise to security concerns involved in data confidentiality
even after the deletion of data from cloud storage. Though, it raises a serious
problem when the encrypted data needs to be shared with more people than the
data owner initially designated. However, searching on encrypted data is a
fundamental issue in cloud storage. The method of searching over encrypted data
represents a significant challenge in the cloud.
Searchable encryption allows a cloud server to conduct a search over
encrypted data on behalf of the data users without learning the underlying
plaintexts. While many academic SE schemes show provable security, they usually
expose some query information, making them less practical, weak in usability,
and challenging to deploy. Also, sharing encrypted data with other authorized
users must provide each document's secret key. However, this way has many
limitations due to the difficulty of key management and distribution.
We have designed the system using the existing cryptographic approaches,
ensuring the search on encrypted data over the cloud. The primary focus of our
proposed model is to ensure user privacy and security through a less
computationally intensive, user-friendly system with a trusted third party
entity. To demonstrate our proposed model, we have implemented a web
application called CryptoSearch as an overlay system on top of a well-known
cloud storage domain. It exhibits secure search on encrypted data with no
compromise to the user-friendliness and the scheme's functional performance in
real-world applications.Comment: 146 Pages, Master's Thesis, 6 Chapters, 96 Figures, 11 Table
Secure Blockchain Transactions for Electronic Health Records based on an Improved Attribute-Based Signature Scheme (IASS)
Electronic Health Records (EHRs) are entirely controlled by hospitals, not patients, making it difficult to obtain medical advice from individual hospitals. Patients need to keep tabs on their health details and take back control of their medical data. The rapid development of blockchain technology has facilitated large-scale healthcare, including medical records and patient-related data. The technology provides comprehensive and immutable patient records and free access to electronic medical records for providers and treatment portals. To ensure the validity of the blockchain-connected EHR, the Improved Attribute-Based Signature Scheme (IASS) has considerable powers, allowing patients to approve messages based on attributes but not validated. In addition, it avoids the problem of having multiple authorities without a single or central source of trust for generating and distributing patient public/private keys and fits into the blockchain model for distributed data storage. By sharing a secret, pseudo-random activity seed between authorities, the protocol resists collusive attacks by corrupt officials. The technology provides patients with a comprehensive, immutable record and free access to their EHR from providers and treatment portals. To ensure the validity of blockchain-connected EHRs, propose an attribute-based multi-authority signature scheme that authorizes messages based on their attributes without revealing any information
The Utilization of Mobile Technology for Crime Scene Investigation in the San Francisco Bay Area
The research presented aims to explore factors affecting the decision to adopt a mobile crime scene investigation application in police departments throughout the San Francisco Bay Area. To accomplish this goal, the mobile technology acceptance model was used in designing a survey for data collection. This model utilizes four categories to interpret the factors that influence a police officer’s decision to accept or reject mobile technologies: performance, security and reliability, management style, and cognitive acceptance. Nine police departments were sampled through a series of in-person and over-the-phone interviews to obtain data regarding factors affecting the adoption of a mobile crime scene investigation application. Results suggest that if a mobile crime scene investigation application were made available, a vast majority of the police departments in the Bay Area would implement this new technology
Novel Proposed Work for Empirical Word Searching in Cloud Environment
People's lives have become much more convenient as a result of the development of cloud storage. The third-party server has received a lot of data from many people and businesses for storage. Therefore, it is necessary to ensure that the user's data is protected from prying eyes. In the cloud environment, searchable encryption technology is used to protect user information when retrieving data. The versatility of the scheme is, however, constrained by the fact that the majority of them only offer single-keyword searches and do not permit file changes.A novel empirical multi-keyword search in the cloud environment technique is offered as a solution to these issues. Additionally, it prevents the involvement of a third party in the transaction between data holder and user and guarantees integrity. Our system achieves authenticity at the data storage stage by numbering the files, verifying that the user receives a complete ciphertext. Our technique outperforms previous analogous schemes in terms of security and performance and is resistant to inside keyword guessing attacks.The server cannot detect if the same set of keywords is being looked for by several queries because our system generates randomized search queries. Both the number of keywords in a search query and the number of keywords in an encrypted document can be hidden. Our searchable encryption method is effective and protected from the adaptive chosen keywords threat at the same time
Recommended from our members
R-PEKS: RBAC Enabled PEKS for Secure Access of Cloud Data
In the recent past, few works have been done by combining attribute-based access control with multi-user PEKS, i.e., public key encryption with keyword search. Such attribute enabled searchable encryption is most suitable for applications where the changing of privileges is done once in a while. However, to date, no efficient and secure scheme is available in the literature that is suitable for these applications where changing privileges are done frequently. In this paper our contributions are twofold. Firstly, we propose a new PEKS scheme for string search, which, unlike the previous constructions, is free from bi-linear mapping and is efficient by 97% compared to PEKS for string search proposed by Ray et.al in TrustCom 2017. Secondly, we introduce role based access control (RBAC) to multi-user PEKS, where an arbitrary group of users can search and access the encrypted files depending upon roles. We termed this integrated scheme as R-PEKS. The efficiency of R-PEKS over the PEKS scheme is up to 90%. We provide formal security proofs for the different components of R-PEKS and validate these schemes using a commercial dataset
Cloud data security and various cryptographic algorithms
Cloud computing has spread widely among different organizations due to its advantages, such as cost reduction, resource pooling, broad network access, and ease of administration. It increases the abilities of physical resources by optimizing shared use. Clients’ valuable items (data and applications) are moved outside of regulatory supervision in a shared environment where many clients are grouped together. However, this process poses security concerns, such as sensitive information theft and personally identifiable data leakage. Many researchers have contributed to reducing the problem of data security in cloud computing by developing a variety of technologies to secure cloud data, including encryption. In this study, a set of encryption algorithms (advance encryption standard (AES), data encryption standard (DES), Blowfish, Rivest-Shamir-Adleman (RSA) encryption, and international data encryption algorithm (IDEA) was compared in terms of security, data encipherment capacity, memory usage, and encipherment time to determine the optimal algorithm for securing cloud information from hackers. Results show that RSA and IDEA are less secure than AES, Blowfish, and DES). The AES algorithm encrypts a huge amount of data, takes the least encipherment time, and is faster than other algorithms, and the Blowfish algorithm requires the least amount of memory space
A Hybrid Multi-user Cloud Access Control based Block Chain Framework for Privacy Preserving Distributed Databases
Most of the traditional medical applications are insecure and difficult to compute the data integrity with variable hash size. Traditional medical data security systems are insecure and it depend on static parameters for data security. Also, distributed based cloud storage systems are independent of integrity computational and data security due to unstructured data and computational memory. As the size of the data and its dimensions are increasing in the public and private cloud servers, it is difficult to provide the machine learning based privacy preserving in cloud computing environment. Block-chain technology plays a vital role for large cloud databases. Most of the conventional block-chain frameworks are based on the existing integrity and confidentiality models. Also, these models are based on the data size and file format. In this model, a novel integrity verification and encryption framework is designed and implemented in cloud environment. In order to overcome these problems in the cloud computing environment, a hybrid integrity and security-based block-chain framework is designed and implemented on the large distributed databases. In this framework,a novel decision tree classifier is used along with non-linear mathematical hash algorithm and advanced attribute-based encryption models are used to improve the privacy of multiple users on the large cloud datasets. Experimental results proved that the proposed advanced privacy preserving based block-chain technology has better efficiency than the traditional block-chain based privacy preserving systems on large distributed databases
Achieving Privacy-Preserving DSSE for Intelligent IoT Healthcare System
As the product of combining Internet of Things (IoT), cloud computing, and traditional healthcare, Intelligent IoT Healthcare (IIoTH) brings us a lot of convenience, meanwhile security and privacy issues have attracted great attention. Dynamic searchable symmetric encryption (DSSE) technique can make the user search the dynamic healthcare information from IIoTH system under the condition that the privacy is protected. In this article, a novel privacy-preserving DSSE scheme for IIoTH system is proposed. It is the first DSSE scheme designed for personal health record (PHR) files database with forward security. We construct the secure index based on hash chain and realize trapdoor updates for resisting file injection attacks. In addition, we realize fine-grained search over encrypted PHR files database of attribute-value type. When the user executes search operations, he/she gets only a matched attribute value instead of the whole file. As a result, the communication cost is reduced and the disclosure of patient's privacy is minimized. The proposed scheme also achieves attribute access control, which allows users have different access authorities to attribute values. The specific security analysis and experiments show the security and the efficiency of the proposed scheme
- …