10,284 research outputs found
PHOABE : securely outsourcing multi-authority attribute based encryption with policy hidden for cloud assisted IoT
Attribute based encryption (ABE) is an encrypted access control mechanism that ensures efficient data sharing among dynamic group of users. Nevertheless, this encryption technique presents two main drawbacks, namely high decryption cost and publicly shared access policies, thus leading to possible users’ privacy leakage.
In this paper, we introduce PHOABE, a Policy-Hidden Outsourced ABE scheme. Our construction presents several advantages. First, it is a multi-attribute authority ABE scheme. Second, the expensive computations for the ABE decryption process is partially delegated to a Semi Trusted Cloud Server. Third, users’ privacy is protected thanks to a hidden access policy. Fourth, PHOABE is proven to be selectively secure, verifiable and policy privacy preserving under the random oracle model. Five, estimation of the processing overhead proves its feasibility in IoT constrained environments
Towards Cyber Security for Low-Carbon Transportation: Overview, Challenges and Future Directions
In recent years, low-carbon transportation has become an indispensable part
as sustainable development strategies of various countries, and plays a very
important responsibility in promoting low-carbon cities. However, the security
of low-carbon transportation has been threatened from various ways. For
example, denial of service attacks pose a great threat to the electric vehicles
and vehicle-to-grid networks. To minimize these threats, several methods have
been proposed to defense against them. Yet, these methods are only for certain
types of scenarios or attacks. Therefore, this review addresses security aspect
from holistic view, provides the overview, challenges and future directions of
cyber security technologies in low-carbon transportation. Firstly, based on the
concept and importance of low-carbon transportation, this review positions the
low-carbon transportation services. Then, with the perspective of network
architecture and communication mode, this review classifies its typical attack
risks. The corresponding defense technologies and relevant security suggestions
are further reviewed from perspective of data security, network management
security and network application security. Finally, in view of the long term
development of low-carbon transportation, future research directions have been
concerned.Comment: 34 pages, 6 figures, accepted by journal Renewable and Sustainable
Energy Review
A Security Architecture for Data Aggregation and Access Control in Smart Grids
We propose an integrated architecture for smart grids, that supports data
aggregation and access control. Data can be aggregated by home area network,
building area network and neighboring area network in such a way that the
privacy of customers is protected. We use homomorphic encryption technique to
achieve this. The consumer data that is collected is sent to the substations
where it is monitored by remote terminal units (RTU). The proposed access
control mechanism gives selective access to consumer data stored in data
repositories and used by different smart grid users. Users can be maintenance
units, utility centers, pricing estimator units or analyzing and prediction
groups. We solve this problem of access control using cryptographic technique
of attribute-based encryption. RTUs and users have attributes and cryptographic
keys distributed by several key distribution centers (KDC). RTUs send data
encrypted under a set of attributes. Users can decrypt information provided
they have valid attributes. The access control scheme is distributed in nature
and does not rely on a single KDC to distribute keys. Bobba \emph{et al.}
\cite{BKAA09} proposed an access control scheme, which relies on a centralized
KDC and is thus prone to single-point failure. The other requirement is that
the KDC has to be online, during data transfer which is not required in our
scheme. Our access control scheme is collusion resistant, meaning that users
cannot collude and gain access to data, when they are not authorized to access.
We theoretically analyze our schemes and show that the computation overheads
are low enough to be carried out in smart grids. To the best of our knowledge,
ours is the first work on smart grids, which integrates these two important
security components (privacy preserving data aggregation and access control)
and presents an overall security architecture in smart grids.Comment: 12 Pages, 3 figure
Towards Secure and Intelligent Diagnosis: Deep Learning and Blockchain Technology for Computer-Aided Diagnosis Systems
Cancer is the second leading cause of death across the world after cardiovascular disease. The survival rate of patients with cancerous tissue can significantly decrease due to late-stage diagnosis. Nowadays, advancements of whole slide imaging scanners have resulted in a dramatic increase of patient data in the domain of digital pathology. Large-scale histopathology images need to be analyzed promptly for early cancer detection which is critical for improving patient's survival rate and treatment planning. Advances of medical image processing and deep learning methods have facilitated the extraction and analysis of high-level features from histopathological data that could assist in life-critical diagnosis and reduce the considerable healthcare cost associated with cancer. In clinical trials, due to the complexity and large variance of collected image data, developing computer-aided diagnosis systems to support quantitative medical image analysis is an area of active research. The first goal of this research is to automate the classification and segmentation process of cancerous regions in histopathology images of different cancer tissues by developing models using deep learning-based architectures. In this research, a framework with different modules is proposed, including (1) data pre-processing, (2) data augmentation, (3) feature extraction, and (4) deep learning architectures. Four validation studies were designed to conduct this research. (1) differentiating benign and malignant lesions in breast cancer (2) differentiating between immature leukemic blasts and normal cells in leukemia cancer (3) differentiating benign and malignant regions in lung cancer, and (4) differentiating benign and malignant regions in colorectal cancer.
Training machine learning models, disease diagnosis, and treatment often requires collecting patients' medical data. Privacy and trusted authenticity concerns make data owners reluctant to share their personal and medical data. Motivated by the advantages of Blockchain technology in healthcare data sharing frameworks, the focus of the second part of this research is to integrate Blockchain technology in computer-aided diagnosis systems to address the problems of managing access control, authentication, provenance, and confidentiality of sensitive medical data. To do so, a hierarchical identity and attribute-based access control mechanism using smart contract and Ethereum Blockchain is proposed to securely process healthcare data without revealing sensitive information to an unauthorized party leveraging the trustworthiness of transactions in a collaborative healthcare environment. The proposed access control mechanism provides a solution to the challenges associated with centralized access control systems and ensures data transparency and traceability for secure data sharing, and data ownership
SECURE, POLICY-BASED, MULTI-RECIPIENT DATA SHARING
In distributed systems users often need to share sensitive data with other users
based on the latter's ability to satisfy various policies. In many cases the data owner
may not even know the identities of the data recipients, but deems it crucial that they
are legitimate; i.e., satisfy the policy. Enabling such data sharing over the Internet
faces the challenge of (1) securely associating access policies with data and enforcing
them, and (2) protecting data as it traverses untrusted proxies and intermediate
repositories. Furthermore, it is desirable to achieve properties such as: (1) flexibility
of access policies; (2) privacy of sensitive access policies; (3) minimal reliance on
trusted third parties; and (4) efficiency of access policy enforcement. Often schemes
enabling controlled data sharing need to trade one property for another. In this
dissertation, we propose two complimentary policy-based data sharing schemes that
achieve different subsets of the above desired properties.
In the first part of this dissertation, we focus on CiphertextPolicy Attribute-
Based Encryption (CP-ABE) schemes that specify and enforce access policies
cryptographically and eliminate trusted mediators. We motivate the need for flexible
attribute organization within user keys for efficient support of many practical
applications. We then propose Ciphertext-Policy Attribute-Set Based Encryption
(CP-ASBE) which is the first CP-ABE scheme to (1) efficiently support naturally
occurring compound attributes, (2) support multiple numerical assignments for a
given attribute in a single key and (3) provide efficient key management. While the
CP-ASBE scheme minimizes reliance on trusted mediators, it can support neither
context-based policies nor policy privacy. In the second part of this dissertation,
we propose Policy Based Encryption System (PBES), which employs mediated decryption
and supports both context-based policies and policy privacy. Finally, we integrate the
proposed schemes into practical applications (i.e., CP-ASBE scheme with Attribute-Based
Messaging (ABM) and PBES scheme with a conditional data sharing application in the Power Grid) and demonstrate their usefulness in practice
Attribute-based encryption for cloud computing access control: A survey
National Research Foundation (NRF) Singapore; AXA Research Fun
- …