10 research outputs found
Achieving Secure and Efficient Cloud Search Services: Cross-Lingual Multi-Keyword Rank Search over Encrypted Cloud Data
Multi-user multi-keyword ranked search scheme in arbitrary language is a
novel multi-keyword rank searchable encryption (MRSE) framework based on
Paillier Cryptosystem with Threshold Decryption (PCTD). Compared to previous
MRSE schemes constructed based on the k-nearest neighbor searcha-ble encryption
(KNN-SE) algorithm, it can mitigate some draw-backs and achieve better
performance in terms of functionality and efficiency. Additionally, it does not
require a predefined keyword set and support keywords in arbitrary languages.
However, due to the pattern of exact matching of keywords in the new MRSE
scheme, multilingual search is limited to each language and cannot be searched
across languages. In this pa-per, we propose a cross-lingual multi-keyword rank
search (CLRSE) scheme which eliminates the barrier of languages and achieves
semantic extension with using the Open Multilingual Wordnet. Our CLRSE scheme
also realizes intelligent and per-sonalized search through flexible keyword and
language prefer-ence settings. We evaluate the performance of our scheme in
terms of security, functionality, precision and efficiency, via extensive
experiments
Fine-Grained Access Control with Attribute Based Cache Coherency for IoT with application to Healthcare
The Internet of Things (IoT) is getting popular everyday around the world. Given the endless opportunities it promises to provide, IoT is adopted by various organizations belonging to diverse domains. However, IoT’s “access by anybody from anywhere” concept makes it prone to numerous security challenges. Although data security is studied at various levels of IoT architecture, breach of data security due to internal parties has not received as much attention as that caused by external parties. When an organization with people spread across multiple levels of hierarchies with multiple roles adopts IoT, it is not fair to provide uniform access of the data to everyone. Past research has extensively investigated various Access Control techniques like Role Based Access Control (RBAC), Identity Based Access Control (IBAC), Attribute Based Access Control (ABAC) and other variations to address the above issue. While ABAC meets the needs of the growing amount of subjects and objects in an IoT environment, when implemented as an encryption algorithm (ABE) it does not cater to the IoT RDBMS applications. Also, given the query processing over huge encrypted data-set on the Cloud and the distance between the Cloud and the end-user, latency issues are highly prevalent in IoT applications. Various Client side caching and Server side caching techniques have been proposed to meet the latency issues in a Client-Server environment. Client side caching is more appropriate for an IoT environment given the dynamic connections and the large volume of requests to the Cloud per unit time. However, an IoT Cloud has mixed critical data to every user and conventional Client side caching techniques do not exploit this property of IoT data.
In this work, we develop (i) an Attribute Based Access Control (ABAC) mechanism for the IoT data on the Cloud in order to provide a fine-grained access control in an organization and (ii) an Attribute Based Cache Consistency (ABCC) technique that tailors Cache Invalidation according to the users’ attributes to cater to the latency as well as criticality needs of different users. We implement and study these models on a Healthcare application comprising of a million Electronic Health Record (EHR) Cloud and a variety of end-users within a hospital trying to access various fields of the EHR from their Smart devices (such as Android phones). ABAC is evaluated with and without ABCC and we shall observe that ABAC with ABCC provides a lower average latency but a higher staleness percentage than the one without ABCC. However, the staleness percentage is negligible since we can see that much of the data that contributes to the staleness percentage are the non-critical data, thus making ABAC with ABCC an efficient approach for IoT based Cloud applications
Cyber-Storms Come from Clouds: Security of Cloud Computing in the IoT Era
The Internet of Things (IoT) is rapidly changing our society to a world where
every "thing" is connected to the Internet, making computing pervasive like
never before. This tsunami of connectivity and data collection relies more and
more on the Cloud, where data analytics and intelligence actually reside. Cloud
computing has indeed revolutionized the way computational resources and
services can be used and accessed, implementing the concept of utility
computing whose advantages are undeniable for every business. However, despite
the benefits in terms of flexibility, economic savings, and support of new
services, its widespread adoption is hindered by the security issues arising
with its usage. From a security perspective, the technological revolution
introduced by IoT and Cloud computing can represent a disaster, as each object
might become inherently remotely hackable and, as a consequence, controllable
by malicious actors. While the literature mostly focuses on security of IoT and
Cloud computing as separate entities, in this article we provide an up-to-date
and well-structured survey of the security issues of Cloud computing in the IoT
era. We give a clear picture of where security issues occur and what their
potential impact is. As a result, we claim that it is not enough to secure IoT
devices, as cyber-storms come from Clouds
Cyber-storms come from clouds:Security of cloud computing in the IoT era
The Internet of Things (IoT) is rapidly changing our society to a world where every “thing” is connected to the Internet, making computing pervasive like never before. This tsunami of connectivity and data collection relies more and more on the Cloud, where data analytics and intelligence actually reside. Cloud computing has indeed revolutionized the way computational resources and services can be used and accessed, implementing the concept of utility computing whose advantages are undeniable for every business. However, despite the benefits in terms of flexibility, economic savings, and support of new services, its widespread adoption is hindered by the security issues arising with its usage. From a security perspective, the technological revolution introduced by IoT and Cloud computing can represent a disaster, as each object might become inherently remotely hackable and, as a consequence, controllable by malicious actors. While the literature mostly focuses on the security of IoT and Cloud computing as separate entities, in this article we provide an up-to-date and well-structured survey of the security issues of cloud computing in the IoT era. We give a clear picture of where security issues occur and what their potential impact is. As a result, we claim that it is not enough to secure IoT devices, as cyber-storms come from Clouds