The Cloud is increasingly being used to store and process big data for its tenants and classical security mechanisms using encryption are neither sufficiently efficient nor suited to the task of protecting big data in...The Cloud is increasingly being used to store and process big data for its tenants and classical security mechanisms using encryption are neither sufficiently efficient nor suited to the task of protecting big data in the Cloud.In this paper,we present an alternative approach which divides big data into sequenced parts and stores them among multiple Cloud storage service providers.Instead of protecting the big data itself,the proposed scheme protects the mapping of the various data elements to each provider using a trapdoor function.Analysis,comparison and simulation prove that the proposed scheme is efficient and secure for the big data of Cloud tenants.展开更多
In this paper, we consider the problems of data sharing between multiple distrusted authorities. Prior solutions rely on trusted third parties such as CAs, or are susceptible to collusion between malicious authorities...In this paper, we consider the problems of data sharing between multiple distrusted authorities. Prior solutions rely on trusted third parties such as CAs, or are susceptible to collusion between malicious authorities, which can comprise the security of honest ones. In this paper, we propose a new multi-authority data sharing scheme - Decen- tralized Multi-Authority ABE (DMA), which is derived from CP-ABE that is resilient to these types of misbehavior. Our system distin- guishes between a data owner (DO) principal and attribute authorities (AAs): the DO owns the data but allows AAs to arbitrate access by providing attribute labels to users. The data is protected by policy encryption over these attributes. Unlike prior systems, attributes generated by AAs are not user-specific, and neither is the system susceptible to collusion between users who try to escalate their access by sharing keys. We prove our scherne correct under the Decisional Bilinear Diffie-Hellman (DBDH) assumption; we also include a com- plete end-to-end implementation that demon- strates the practical efficacy of our technique.展开更多
基金supported in part by the National Nature Science Foundation of China under Grant No.61402413 and 61340058 the "Six Kinds Peak Talents Plan" project of Jiangsu Province under Grant No.ll-JY-009+2 种基金the Nature Science Foundation of Zhejiang Province under Grant No.LY14F020019, Z14F020006 and Y1101183the China Postdoctoral Science Foundation funded project under Grant No.2012M511732Jiangsu Province Postdoctoral Science Foundation funded project Grant No.1102014C
文摘The Cloud is increasingly being used to store and process big data for its tenants and classical security mechanisms using encryption are neither sufficiently efficient nor suited to the task of protecting big data in the Cloud.In this paper,we present an alternative approach which divides big data into sequenced parts and stores them among multiple Cloud storage service providers.Instead of protecting the big data itself,the proposed scheme protects the mapping of the various data elements to each provider using a trapdoor function.Analysis,comparison and simulation prove that the proposed scheme is efficient and secure for the big data of Cloud tenants.
基金supported by the National Natural Science Foundation of China under grant 61402160Hunan Provincial Natural Science Foundation of China under grant 2016JJ3043Open Funding for Universities in Hunan Province under grant 14K023
文摘In this paper, we consider the problems of data sharing between multiple distrusted authorities. Prior solutions rely on trusted third parties such as CAs, or are susceptible to collusion between malicious authorities, which can comprise the security of honest ones. In this paper, we propose a new multi-authority data sharing scheme - Decen- tralized Multi-Authority ABE (DMA), which is derived from CP-ABE that is resilient to these types of misbehavior. Our system distin- guishes between a data owner (DO) principal and attribute authorities (AAs): the DO owns the data but allows AAs to arbitrate access by providing attribute labels to users. The data is protected by policy encryption over these attributes. Unlike prior systems, attributes generated by AAs are not user-specific, and neither is the system susceptible to collusion between users who try to escalate their access by sharing keys. We prove our scherne correct under the Decisional Bilinear Diffie-Hellman (DBDH) assumption; we also include a com- plete end-to-end implementation that demon- strates the practical efficacy of our technique.
