Attribute-based data transfer with filtering scheme in cloud computing

Data transfer is a transmission of data over a point-to-point or point-to-multipoint communication channel. To protect the confidentiality of the transferred data, public-key cryptography has been introduced in data transfer schemes (DTSs). Data transfer is a transmission of data over a point-to-point or point-to-multipoint communication channel. To protect the confidentiality of the transferred data, public-key cryptography has been introduced in data transfer schemes (DTSs). Unfortunately, there exist some drawbacks in the current DTSs. First, the sender must know who the real receivers are. This is undesirable in a system where the number of the users is very large, such as cloud computing. In practice, the sender only knows some descriptive attributes of the receivers. Secondly, the receiver cannot be guaranteed to only receive messages from the legal senders. Therefore, it remains an elusive and challenging research problem on how to design a DTS scheme where the sender can send messages to the unknown receivers and the receiver can filter out false messages according to the described attributes. In this paper, we propose an attribute-based data transfer with filtering (ABDTF) scheme to address these problems. In our proposed scheme, the receiver can publish an access structure so that only the users whose attributes satisfy this access structure can send messages to him. Furthermore, the sender can encrypt a message under a set of attributes such that only the users who hold these attributes can obtain the message. In particular, we provide an efficient filtering algorithm for the receiver to resist the denial-of-service attacks. Notably, we propose the formal definition and security models for ABDTF schemes. To the best of our knowledge, it is the first time that a provable ABDTF scheme is proposed. Hence, this work provides a new research approach to ABDTF schemes. must know who are the real receivers. This is undesirable in a system where the number of the users is very large, such as cloud computing. In practice, the sender only knows some descriptive attributes of the receivers. Second, the receiver cannot be guaranteed to only receive messages from the legal senders. Therefore, it remains an elusive and challenging research problem on how to design a DTS scheme where the sender can send messages to the unknown receivers and the receiver can filter out false messages according to the described attributes. In this paper, we propose an attribute-based data transfer with filtering (ABDTF) scheme to address these problems. In our proposed scheme, the receiver can publish an access structure so that only the users whose attributes satisfy this access structure can send messages to him. Furthermore, the sender can encrypt a message under a set of attributes such that only the users who hold these attributes can obtain the message. In particular, we provide an efficient filtering algorithm for the receiver to resist the denial-of-service (DoS) attacks. Notably, we propose the formal definition and security models for ABDTF schemes. To the best of our knowledge, it is the first time that a provable ABDTF scheme is proposed. Hence, this work provides a new research approach to ABDTF schemes

Preventing DDoS using Bloom Filter: A Survey

Distributed Denial-of-Service (DDoS) is a menace for service provider and prominent issue in network security. Defeating or defending the DDoS is a prime challenge. DDoS make a service unavailable for a certain time. This phenomenon harms the service providers, and hence, loss of business revenue. Therefore, DDoS is a grand challenge to defeat. There are numerous mechanism to defend DDoS, however, this paper surveys the deployment of Bloom Filter in defending a DDoS attack. The Bloom Filter is a probabilistic data structure for membership query that returns either true or false. Bloom Filter uses tiny memory to store information of large data. Therefore, packet information is stored in Bloom Filter to defend and defeat DDoS. This paper presents a survey on DDoS defending technique using Bloom Filter.Comment: 9 pages, 1 figure. This article is accepted for publication in EAI Endorsed Transactions on Scalable Information System

Secure data sharing and processing in heterogeneous clouds

The extensive cloud adoption among the European Public Sector Players empowered them to own and operate a range of cloud infrastructures. These deployments vary both in the size and capabilities, as well as in the range of employed technologies and processes. The public sector, however, lacks the necessary technology to enable effective, interoperable and secure integration of a multitude of its computing clouds and services. In this work we focus on the federation of private clouds and the approaches that enable secure data sharing and processing among the collaborating infrastructures and services of public entities. We investigate the aspects of access control, data and security policy languages, as well as cryptographic approaches that enable fine-grained security and data processing in semi-trusted environments. We identify the main challenges and frame the future work that serve as an enabler of interoperability among heterogeneous infrastructures and services. Our goal is to enable both security and legal conformance as well as to facilitate transparency, privacy and effectivity of private cloud federations for the public sector needs. © 2015 The Authors