With the development of cloud computing, virtualization technology has been widely used in our life. Meanwhile, it became one of the key targets for some attackers. The integrity measurement in virtual machine has bec...With the development of cloud computing, virtualization technology has been widely used in our life. Meanwhile, it became one of the key targets for some attackers. The integrity measurement in virtual machine has become an urgent problem. Some of the existing virtualization platform integrity measurement mechanism introduces the trusted computing technology, according to a trusted chain that the Trusted Platform Module(TPM) established for trusted root to measure the integrity of process in static. But this single chain static measurement cannot ensure the dynamic credible in platform running. To solve the problem that the virtual trusted platform can not guarantee the dynamic credibility, this paper put forward Dynamic Integrity Measurement Model(DIMM) based on virtual Trusted Platform Module(v TPM) which had been implemented with typical virtual machine monitor Xen as an example. DIMM combined with virtual machine introspection and event capture technology to ensure the security of the entire user domain. Based on the framework, this paper put forward Self-modify dynamic measurement strategy which can effectively reduce the measurement frequency and improve the measurement performance. Finally, it is proved that the validity and feasibility of the proposed model with comparison experiments.展开更多
In order to deal with the problems in P2P systems such as unreliability of the Service, security risk and attacks caused by malicious peers, a novel trust model MSL-TM based on the Multinomial Subjective Logic is prop...In order to deal with the problems in P2P systems such as unreliability of the Service, security risk and attacks caused by malicious peers, a novel trust model MSL-TM based on the Multinomial Subjective Logic is proposed. The model uses multinomial ratings and Dirichlet distribution to compute the expectation of the subjective opinion and accordingly draws the peer’s reputation value and risk value, and finally gets the trust value. The decay of time, rating credibility and the risk value are introduced to reflect the recent behaviors of the peers and make the system more sensitive to malicious acts. Finally, the effectiveness and feasibility of the model is illustrated by the simulation experiment designed with peersim.展开更多
Because of the anonymity and openness of online transactions and the richness of network resources, the problems of the credibility of the online trading and the exact selection of network resources have become acute....Because of the anonymity and openness of online transactions and the richness of network resources, the problems of the credibility of the online trading and the exact selection of network resources have become acute. For this reason, a reputation-based multi-agent model for network resource selection (RMNRS) is presented. The model divides the network into numbers of trust domains. Each domain has one domain-agent and several entity-agents. The model prevents the inconsistency of information that is maintained by differ-ent agents through the periodically communication between the agents. The model enables the consumers to receive responses from agents significantly quicker than that of traditional models, because the global reputation values of service providers and consumers are evaluated and updated dynamically after each transaction. And the model allocates two global reputation values to each entity and takes the recognition value that how much the service provider knows the service into account. In order to make users choose the best matching services and give users with trusted services, the model also takes the similarity between services into account and uses the similarity degree to amend the integration reputation value with harmonic-mean. Finally, the effectiveness and feasibility of this model is illustrated by the experiment.展开更多
Attribute-Based Encryption (ABE) has been widely used for ciphertext retrieval in the cloud environment.However,bi-flexible attribute control and privacy keywords are difficult problems that have yet to be solved.In t...Attribute-Based Encryption (ABE) has been widely used for ciphertext retrieval in the cloud environment.However,bi-flexible attribute control and privacy keywords are difficult problems that have yet to be solved.In this paper,we introduce the denial of access policy and the mutual matching algorithm of a dataset used to realize bidirectional control of attributes in the cloud server.To solve the problem of keyword privacy,we construct a security trapdoor by adding random numbers that effectively resist keyword guessing attacks from cloud servers and external attackers.System security is reduced to the Deterministic Bilinear Diffie-Hellman (DBDH) hypothesis problem.We validate our scheme through theoretical security analysis and experimental verification.Experiments are conducted on a real dataset,and results show that the scheme has higher security and retrieval efficiency than previous methods.展开更多
基金supported by National Natural Science Foundation of China (61170254,61379116), Hebei Natural Science Foundation Project (F2016201244)Hebei Province Science and Technology Research Project of Higher Education (ZD2016043)Hebei Engineering Technology Research Center for IOT Data Acquisition & Processing, North China Insitute of Science and Technology, Hebei 065201,China
文摘With the development of cloud computing, virtualization technology has been widely used in our life. Meanwhile, it became one of the key targets for some attackers. The integrity measurement in virtual machine has become an urgent problem. Some of the existing virtualization platform integrity measurement mechanism introduces the trusted computing technology, according to a trusted chain that the Trusted Platform Module(TPM) established for trusted root to measure the integrity of process in static. But this single chain static measurement cannot ensure the dynamic credible in platform running. To solve the problem that the virtual trusted platform can not guarantee the dynamic credibility, this paper put forward Dynamic Integrity Measurement Model(DIMM) based on virtual Trusted Platform Module(v TPM) which had been implemented with typical virtual machine monitor Xen as an example. DIMM combined with virtual machine introspection and event capture technology to ensure the security of the entire user domain. Based on the framework, this paper put forward Self-modify dynamic measurement strategy which can effectively reduce the measurement frequency and improve the measurement performance. Finally, it is proved that the validity and feasibility of the proposed model with comparison experiments.
文摘In order to deal with the problems in P2P systems such as unreliability of the Service, security risk and attacks caused by malicious peers, a novel trust model MSL-TM based on the Multinomial Subjective Logic is proposed. The model uses multinomial ratings and Dirichlet distribution to compute the expectation of the subjective opinion and accordingly draws the peer’s reputation value and risk value, and finally gets the trust value. The decay of time, rating credibility and the risk value are introduced to reflect the recent behaviors of the peers and make the system more sensitive to malicious acts. Finally, the effectiveness and feasibility of the model is illustrated by the simulation experiment designed with peersim.
文摘Because of the anonymity and openness of online transactions and the richness of network resources, the problems of the credibility of the online trading and the exact selection of network resources have become acute. For this reason, a reputation-based multi-agent model for network resource selection (RMNRS) is presented. The model divides the network into numbers of trust domains. Each domain has one domain-agent and several entity-agents. The model prevents the inconsistency of information that is maintained by differ-ent agents through the periodically communication between the agents. The model enables the consumers to receive responses from agents significantly quicker than that of traditional models, because the global reputation values of service providers and consumers are evaluated and updated dynamically after each transaction. And the model allocates two global reputation values to each entity and takes the recognition value that how much the service provider knows the service into account. In order to make users choose the best matching services and give users with trusted services, the model also takes the similarity between services into account and uses the similarity degree to amend the integration reputation value with harmonic-mean. Finally, the effectiveness and feasibility of this model is illustrated by the experiment.
文摘Attribute-Based Encryption (ABE) has been widely used for ciphertext retrieval in the cloud environment.However,bi-flexible attribute control and privacy keywords are difficult problems that have yet to be solved.In this paper,we introduce the denial of access policy and the mutual matching algorithm of a dataset used to realize bidirectional control of attributes in the cloud server.To solve the problem of keyword privacy,we construct a security trapdoor by adding random numbers that effectively resist keyword guessing attacks from cloud servers and external attackers.System security is reduced to the Deterministic Bilinear Diffie-Hellman (DBDH) hypothesis problem.We validate our scheme through theoretical security analysis and experimental verification.Experiments are conducted on a real dataset,and results show that the scheme has higher security and retrieval efficiency than previous methods.