Certificate-Less Searchable Encryption with a Refreshing Keyword Search

Public Key Encryptions with Keyword Search (PEKS) scheme had been hosted for keeping data security and privacy of outsourced data in a cloud environment. It is also used to provide search operations on encrypted data. Nevertheless, most of the existing PEKS schemes are disposed to key-escrow problems due to the private key of the target users are known by the Key Generating Center (KGC). To improve the key escrow issue in PEKS schemes, the Certificate-Less Public Key Encryptions with Keyword Search (CL-PEKS) scheme has been designed. Meanwhile, the existing CL-PEKS schemes do not consider refreshing keyword searches. Due to this, the cloud server can store search trapdoors for keywords used in the system and can launch keyword guessing attacks. In this research work, we proposed Certificate-Less Searchable Encryption with a Refreshing Keyword Search (CL-SERKS) scheme by attaching date information to the encrypted data and keyword. We demonstrated that our proposed scheme is secure against adaptively chosen keyword attacks against both types of adversaries, where one adversary is given the power to select a random public key as a replacement for the user’s public key whereas another adversary is allowed to learn the system master key in the random oracle model under the Bilinear Diffie-Hellman problem assumption. We evaluated the performance of the proposed scheme in terms of both computational cost and communication cost. Experimental results show that the proposed CL-SERKS scheme has better computational cost during the key generation phase and testing phase than two related schemes. It also has lower communication costs than both related schemes

A Pairing-Free Certificateless Searchable Public Key Encryption Scheme for Industrial Internet of Things

The Industrial Internet of Things (IIoT) collects a large amount of data through various types of sensors and intelligently processes this data using cloud computing, which is flexible, efficient, and cost-effective. Since IIoT data is stored on the cloud service provider’s server, the data must be encrypted to protect the user’s privacy. However, the encrypted data faces the search problem, which is usually solved by Public Key Encryption with Keyword Search (PEKS). In addition, most existing PEKS schemes are vulnerable to Inside Keyword Guessing Attacks (IKGA). Recently, some certificateless public key authenticated encryption with keyword search (CLPEKS) schemes have been proposed, which not only avoid the problems of certificate management and key escrow but can also resist IKGA. However, most of them rely on the expensive bilinear pairing. To overcome these problems, in this paper we propose a pairing-free CLPEKS scheme. The security of the proposed scheme is proved in the random oracle model. The analysis results show that the proposed scheme has better overall performance in terms of computational cost, communication cost and security properties

Security architecture for Fog-To-Cloud continuum system

Nowadays, by increasing the number of connected devices to Internet rapidly, cloud computing cannot handle the real-time processing. Therefore, fog computing was emerged for providing data processing, filtering, aggregating, storing, network, and computing closer to the users. Fog computing provides real-time processing with lower latency than cloud. However, fog computing did not come to compete with cloud, it comes to complete the cloud. Therefore, a hierarchical Fog-to-Cloud (F2C) continuum system was introduced. The F2C system brings the collaboration between distributed fogs and centralized cloud. In F2C systems, one of the main challenges is security. Traditional cloud as security provider is not suitable for the F2C system due to be a single-point-of-failure; and even the increasing number of devices at the edge of the network brings scalability issues. Furthermore, traditional cloud security cannot be applied to the fog devices due to their lower computational power than cloud. On the other hand, considering fog nodes as security providers for the edge of the network brings Quality of Service (QoS) issues due to huge fog device’s computational power consumption by security algorithms. There are some security solutions for fog computing but they are not considering the hierarchical fog to cloud characteristics that can cause a no-secure collaboration between fog and cloud. In this thesis, the security considerations, attacks, challenges, requirements, and existing solutions are deeply analyzed and reviewed. And finally, a decoupled security architecture is proposed to provide the demanded security in hierarchical and distributed fashion with less impact on the QoS.Hoy en día, al aumentar rápidamente el número de dispositivos conectados a Internet, el cloud computing no puede gestionar el procesamiento en tiempo real. Por lo tanto, la informática de niebla surgió para proporcionar procesamiento de datos, filtrado, agregación, almacenamiento, red y computación más cercana a los usuarios. La computación nebulizada proporciona procesamiento en tiempo real con menor latencia que la nube. Sin embargo, la informática de niebla no llegó a competir con la nube, sino que viene a completar la nube. Por lo tanto, se introdujo un sistema continuo jerárquico de niebla a nube (F2C). El sistema F2C aporta la colaboración entre las nieblas distribuidas y la nube centralizada. En los sistemas F2C, uno de los principales retos es la seguridad. La nube tradicional como proveedor de seguridad no es adecuada para el sistema F2C debido a que se trata de un único punto de fallo; e incluso el creciente número de dispositivos en el borde de la red trae consigo problemas de escalabilidad. Además, la seguridad tradicional de la nube no se puede aplicar a los dispositivos de niebla debido a su menor poder computacional que la nube. Por otro lado, considerar los nodos de niebla como proveedores de seguridad para el borde de la red trae problemas de Calidad de Servicio (QoS) debido al enorme consumo de energía computacional del dispositivo de niebla por parte de los algoritmos de seguridad. Existen algunas soluciones de seguridad para la informática de niebla, pero no están considerando las características de niebla a nube jerárquica que pueden causar una colaboración insegura entre niebla y nube. En esta tesis, las consideraciones de seguridad, los ataques, los desafíos, los requisitos y las soluciones existentes se analizan y revisan en profundidad. Y finalmente, se propone una arquitectura de seguridad desacoplada para proporcionar la seguridad exigida de forma jerárquica y distribuida con menor impacto en la QoS.Postprint (published version

Software Engineering Methods for the Internet of Things: A Comparative Review

Accessing different physical objects at any time from anywhere through wireless network heavily impacts the living style of societies worldwide nowadays. Thus, the Internet of Things has now become a hot emerging paradigm in computing environments. Issues like interoperability, software reusability, and platform independence of those physical objects are considered the main current challenges. This raises the need for appropriate software engineering approaches to develop effective and efficient IoT applications software. This paper studies the state of the art of design and development methodologies for IoT software. The aim is to study how proposed approaches have been solved issues of interoperability, reusability, and independence of the platform. A comparative study is presented for the different software engineering methods used for the Internet of Things. Finally, the key research gaps and open issues are highlighted as future directions