Searchable Encryption for Cloud and Distributed Systems

The vast development in information and communication technologies has spawned many new computing and storage architectures in the last two decades. Famous for its powerful computation ability and massive storage capacity, cloud services, including storage and computing, replace personal computers and software systems in many industrial applications. Another famous and influential computing and storage architecture is the distributed system, which refers to an array of machines or components geographically dispersed but jointly contributes to a common task, bringing premium scalability, reliability, and efficiency. Recently, the distributed cloud concept has also been proposed to benefit both cloud and distributed computing. Despite the benefits of these new technologies, data security and privacy are among the main concerns that hinder the wide adoption of these attractive architectures since data and computation are not under the control of the end-users in such systems. The traditional security mechanisms, e.g., encryption, cannot fit these new architectures since they would disable the fast access and retrieval of remote storage servers. Thus, an urgent question turns to be how to enable refined and efficient data retrieval on encrypted data among numerous records (i.e., searchable encryption) in the cloud and distributed systems, which forms the topic of this thesis. Searchable encryption technologies can be divided into Searchable Symmetric Encryption (SSE) and Public-key Encryption with Keyword Search (PEKS). The intrinsical symmetric key hinders data sharing since it is problematic and insecure to reveal one’s key to others. However, SSE outperforms PEKS due to its premium efficiency and is thus is prefered in a number of keyword search applications. Then multi-user SSE with rigorous and fine access control undoubtedly renders a satisfactory solution of both efficiency and security, which is the first problem worthy of our much attention. Second, functions and versatility play an essential role in a cloud storage application but it is still tricky to realize keyword search and deduplication in the cloud simultaneously. Large-scale data usually renders significant data redundancy and saving cloud storage resources turns to be inevitable. Existing schemes only facilitate data retrieval due to keywords but rarely consider other demands like deduplication. To be noted, trivially and hastily affiliating a separate deduplication scheme to the searchable encryption leads to disordered system architecture and security threats. Therefore, attention should be paid to versatile solutions supporting both keyword search and deduplication in the cloud. The third problem to be addressed is implementing multi-reader access for PEKS. As we know, PEKS was born to support multi-writers but enabling multi-readers in PEKS is challenging. Repeatedly encrypting the same keyword with different readers’ keys is not an elegant solution. In addition to keyword privacy, user anonymity coming with a multi-reader setting should also be formulated and preserved. Last but not least, existing schemes targeting centralized storage have not taken full advantage of distributed computation, which is considerable efficiency and fast response. Specifically, all testing tasks between searchable ciphertexts and trapdoor/token are fully undertaken by the only centralized cloud server, resulting in a busy system and slow response. With the help of distributed techniques, we may now look forward to a new turnaround, i.e., multiple servers jointly work to perform the testing with better efficiency and scalability. Then the intractable multi-writer/multi-reader mode supporting multi-keyword queries may also come true as a by-product. This thesis investigates searchable encryption technologies in cloud storage and distributed systems and spares effort to address the problems mentioned above. Our first work can be classified into SSE. We formulate the Multi-user Verifiable Searchable Symmetric Encryption (MVSSE) and propose a concrete scheme for multi-user access. It not only offers multi-user access and verifiability but also supports extension on updates as well as a non-single keyword index. Moreover, revocable access control is obtained that the search authority is validated each time a query is launched, different from existing mechanisms that once the search authority is granted, users can search forever. We give simulation-based proof, demonstrating our proposal possesses Universally Composable (UC)-security. Second, we come up with a redundancy elimination solution on top of searchable encryption. Following the keyword comparison approach of SSE, we formulate a hybrid primitive called Message-Locked Searchable Encryption (MLSE) derived in the way of SSE’s keyword search supporting keyword search and deduplication and present a concrete construction that enables multi-keyword query and negative keyword query as well as deduplication at a considerable small cost, i.e., the tokens are used for both search and deduplication. And it can further support Proof of Storage (PoS), testifying the content integrity in cloud storage. The semantic security is proved in Random Oracle Model using the game-based methodology. Third, as the branch of PEKS, the Broadcast Authenticated Encryption with Keyword Search (BAEKS) is proposed to bridge the gap of multi-reader access for PEKS, followed by a scheme. It not only resists Keyword Guessing Attacks (KGA) but also fills in the blank of anonymity. The scheme is proved secure under Decisional Bilinear Diffie-Hellman (DBDH) assumption in the Random Oracle Model. For distributed systems, we present a Searchable Encryption based on Efficient Privacy-preserving Outsourced calculation framework with Multiple keys (SE-EPOM) enjoying desirable features, which can be classified into PEKS. Instead of merely deploying a single server, multiple servers are employed to execute the test algorithm in our scheme jointly. The refined search, i.e., multi-keyword query, data confidentiality, and search pattern hiding, are realized. Besides, the multi-writer/multi-reader mode comes true. It is shown that under the distributed circumstance, much efficiency can be substantially achieved by our construction. With simulation-based proof, the security of our scheme is elaborated. All constructions proposed in this thesis are formally proven according to their corresponding security definitions and requirements. In addition, for each cryptographic primitive designed in this thesis, concrete schemes are initiated to demonstrate the availability and practicality of our proposal

Hot Topic Propagation Model and Opinion Leader Identifying Model in Microblog Network

As the network technique is fast developing, the microblog has been a significant carrier representing the social public opinions. Therefore, it is important to investigate the propagation characteristics of the topics and to unearth the opinion leaders in Micro-blog network. The propagation status of the hot topics in the Micro-blog is influenced by the authority of the participating individuals. We build a time-varying model with the variational external field strength to simulate the topic propagation process. This model also fits for the multimodal events. The opinion leaders are important individuals who remarkably influence the topic discussions in its propagation process. They can help to guide the healthy development of public opinion. We build an AHP model based on the influence, the support, and the activity of a node, as well as a microblog-rank algorithm based on the weighted undirected network, to unearth and analyze the opinion leaders’ characteristics. The experiments in the data, collected from the Sina Micro-blog from October 2012 to November 2012 and from January 2013 to February 2013, show that our models predict the trend of hot topic efficiently and the opinion leaders we found are reasonable

Increased risk of dementia among people with a history of fractures: a systematic review and meta-analysis of population-based studies

BackgroundEmerging evidence suggests that there may be an association between a history of fractures and dementia risk, but the epidemiological findings are inconsistent. We, therefore, conducted a meta-analysis to systematically assess the risk of dementia among people with a history of fractures.MethodsWe comprehensively searched four electronic databases (PubMed, Web of Science, Embase, and Cochrane Library) for relevant literature published from inception to 10 January 2023. Longitudinal observational studies that investigated the association between any type of fracture occurrence and the subsequent risk of dementia were included for qualitative and quantitative analysis. Risk estimates were pooled using fixed-effects or random-effects models according to the level of heterogeneity. The Newcastle-Ottawa scale was used to evaluate the risk of bias in the included studies.ResultsA total of seven population-based studies involving 3,658,108 participants (136,179 with a history of fractures) were eventually included. Pooled results showed a significant association between fracture and subsequent risk of dementia [hazard ratio (HR) = 1.28, 95% confidence interval (CI): 1.11–1.48] in cohort studies. Patients with fractures at different sites showed a similar trend toward increased risk of subsequent dementia. No gender, age, region, duration of follow-up, study quality, or study design specificity were observed. Sensitivity analysis indicates that the current results are robust. No publication bias existed. The results were similar in the cohort study with the standardized incidence ratio (SIR) as the statistical measure (SIR = 1.58, 95% CI: 1.25–2.00) and in the case-control study (OR = 1.38, 95% CI: 1.18–1.61). Of note, the causal relationship between fracture and dementia was not demonstrated in this meta-analysis.ConclusionPeople with a history of fractures are at increased risk of developing dementia. Enhanced screening and preventive management of dementia in people with a history of fractures may be beneficial

Multi-user Verifiable Searchable Symmetric Encryption for Cloud Storage

IEEE In a cloud storage system, to allow searching over encrypted data by the cloud server, searchable symmetric encryption (SSE) has been proposed in the literature. The basic security requirement of SSE is that the cloud server learns no information about the files or keywords during the searching process. Some SSE schemes also offer additional functionalities such as detecting cheating behaviour of a malicious server (i.e., verifiability) and allowing update (e.g., modifying, deleting and adding) of documents on the server. However, the previous (verifiable) SSE schemes were mainly designed for single users, which means the searching can only be done by the data owner, whereas in reality people often use cloud storage to share files with other users. In this paper we present a multi-user verifiable searchable symmetric encryption (MVSSE) scheme that achieves all the desirable features of a verifiable SSE and allows multiple users to perform searching. We then define an ideal functionality for MVSSE under the Universally Composable (UC-) security framework and prove that our ideal functionality implies the security requirements of a secure MVSSE, and our multi-user verifiable SSE scheme is UC-secure. We also implement our scheme to verify its high performance based on some real dataset

Hierarchical conditional proxy re-encryption: A new insight of fine-grained secure data sharing

2017, Springer International Publishing AG. Outsource local data to remote cloud has become prevalence for Internet users to date. While being unable to handle (outsourced) data at hand, Internet users may concern about the confidentiality of data but also further operations over remote data. This paper deals with the case where a secure data sharing mechanism is needed when data is encrypted and stored in remote cloud. Proxy re-encryption (PRE) is a promising cryptographic tool for secure data sharing. It allows a honest-but-curious third party (e.g., cloud server), which we call proxy , to convert all ciphertexts encrypted for a delegator into those intended for a delegatee. The delegatee can further gain access to the plaintexts with private key, while the proxy learns nothing about the underlying plaintexts. Being regarded as a general extension of PRE, conditional PRE supports a fine-grained level of data sharing. In particular, condition is embedded into ciphertext that offers a chance for the delegator to generate conditional re-encryption key to control with which ciphertexts he wants to share. In this paper, for the first time, we introduce a new notion, called hierarchical conditional PRE. The new notion allows re-encryption rights to be re-delegated for low-level encrypted data. We propose the seminal scheme satisfying the notion in the context of identity-based encryption and further, prove it secure against chosen-ciphertext security

Effects of Multi-Phase Reinforcements on Microstructures, Mechanical and Tribological Properties of Cu/Ti3SiC2/C/BN/GNPs Nanocomposites Sintered by Vacuum Hot-Pressing and Hot Isostatic Pressing

Cu/Ti3SiC2/C/BN/GNPs nanocomposites were prepared by vacuum hot-pressing (HP) sintering and hot isostatic pressing (HIP) sintering methods. Microstructures, mechanical and tribological properties of Cu/Ti3SiC2/C/BN/GNPs nanocomposites were investigated. Microstructures were examined by optical microscopy (OM), X-ray diffraction (XRD) and scanning electron microscope (SEM). Mechanical properties were determined by the relative density, micro-Vickers hardness, as well as tensile strength, compressive strength and shear strength. Tribological behavior of the Cu/Ti3SiC2/C/BN/GNPs composite against the GCr15 steel ring was evaluated using an M-2000 wear tester with high tangential sliding velocity. Results demonstrated that BN and graphene nano-platelets (GNPs) have an impact on the microstructures and mechanical properties of Cu/Ti3SiC2/C/BN/GNPs nanocomposites. Based on microstructures, and mechanical and tribological properties of Cu/Ti3SiC2/C/BN/GNP nanocomposites, strengthening, fracture and wear mechanisms for synergistic enhancement by multi-phase reinforcements were analyzed