Resource discovery for distributed computing systems: A comprehensive survey

Large-scale distributed computing environments provide a vast amount of heterogeneous computing resources from different sources for resource sharing and distributed computing. Discovering appropriate resources in such environments is a challenge which involves several different subjects. In this paper, we provide an investigation on the current state of resource discovery protocols, mechanisms, and platforms for large-scale distributed environments, focusing on the design aspects. We classify all related aspects, general steps, and requirements to construct a novel resource discovery solution in three categories consisting of structures, methods, and issues. Accordingly, we review the literature, analyzing various aspects for each category

An efficient and scalable vaccine passport verification system based on ciphertext policy attribute-based encryption and blockchain

Abstract Implementing a trust and secure immunity or vaccine passport verification system is now crucial for many countries. The system typically aims to enable the secure access control and verification of vaccination records which will be used by trusted parties. However, the issues related to the system scalability in supporting a large number of data access requests, the enforcement of the user consent for data sharing, and the flexibility in delegating the access capability to trusted parties have not been resolved by existing works. In this paper, we propose a Universal Vaccine Passport Verification System (UniVAC) to support a decentralized, scalable, secure, and fine-grained, access control for Covid-19 vaccine passport data sharing and verification. At a core of our scheme, we employ the ciphertext policy attribute-based encryption (CP-ABE) to support secure and fine-grained access control and use the blockchain to record access transactions and provide data indexing. Furthermore, we propose a ciphertext retrieval method based on regional blockchain segmentation and introduce the outsourced CP-ABE decryption as a part of the proxy re-encryption (PRE) process to enable scalable and secure ciphertext delivery of the encrypted vaccine passport under the requestor’s public key. Finally, we conducted the extensive experiments in real cloud environment and the results showed that our proposed scheme is more efficient and scalable than related works

A Fully Outsourced Attribute-Based Signcryption Scheme Supporting Privacy-Preserving Policy Update in Mobile Cloud Computing

Existing fine-grained and secure access control systems deployed in mobile cloud computing (MCC) typically focus on offloading encryption and/or decryption workloads to the delegated proxy in the cloud server. However, the privacy and authenticity management of outsourced data with flexible and efficient access policy update in MCC is generally overlooked by existing works. In fact, the signcryption feature is generally required in data access control system where the trust between data owner and multiple mobile users is crucial while the policy update management deals with the dynamic handling of user privilege control lifecycle. In this paper, we propose a privacy-preserving access control scheme supporting signcryption and efficient policy update with policy hiding in MCC setting. Essentially, a fully outsourced attribute-based signcryption (ABSC) and policy update method are devised to allows the data owner to offload ABS operation and policy update cost to be executed by the delegated proxy. Finally, we present our experiments to demonstrate that our proposed scheme is computationally more efficient compared to related works

Secure and Lightweight Blockchain-Enabled Access Control for Fog-Assisted IoT Cloud Based Electronic Medical Records Sharing

As for the advancement of IoT and cloud computing in healthcare, outsourcing encrypted Electronic medical records (EMRs) created by the aggregation of medical treatment applications and health data collected from IoT devices enables high accessibility, effective collaboration, and zero computational operation cost. Current applications and research works generally concern the privacy of the finest EMRs that are encrypted with secure and lightweight cryptographic protocols before they are outsourced to the cloud. However, this process does not consider the security and privacy of the data collected by IoT devices, where the data being transferred can be leaked before they are aggregated. Furthermore, existing IoT-cloud based access control solutions have not addressed the outsourced encryption, privacy of IoT data transmission and aggregation, and the policy update of the EMRs in an integrated manner. In this paper, we propose an access control scheme called LightMED which provides secure, fine-grained, and scalable EMR sharing in a cloud-based environment integrated with fog computing, CP-ABE, and blockchain technology. We propose a secure IoT data transmission and aggregation method based on lightweight encryption and digital signing. At the core, we introduce outsourced encryption with a privacy-preserving access policy scheme and an outsourced encryption and decryption algorithm leveraged by the collaboration between fog nodes and blockchain. In addition, we introduce a novel lightweight policy update algorithm to enable the data owners of EMRs to effectively manage their policies in a secure and effective manner. Finally, we performed the comparative analysis to illustrate the computation cost and conducted experiments to evaluate the performance of our scheme and related works. The experimental results showed that our scheme outperformed existing works since it yielded least processing cost of both encryption and decryption at end-users’ devices, which demonstrates the higher efficiency and practicality of our scheme