While Big Data gradually become a hot topic of research and business and has been everywhere used in many industries, Big Data security and privacy has been increasingly concerned. However, there is an obvious contrad...While Big Data gradually become a hot topic of research and business and has been everywhere used in many industries, Big Data security and privacy has been increasingly concerned. However, there is an obvious contradiction between Big Data security and privacy and the widespread use of Big Data. In this paper, we firstly reviewed the enormous benefits and challenges of security and privacy in Big Data. Then, we present some possible methods and techniques to ensure Big Data security and privacy.展开更多
Hidden Web provides great amount of domain-specific data for constructing knowledge services. Most previous knowledge extraction researches ignore the valuable data hidden in Web database, and related works do not ref...Hidden Web provides great amount of domain-specific data for constructing knowledge services. Most previous knowledge extraction researches ignore the valuable data hidden in Web database, and related works do not refer how to make extracted information available for knowledge system. This paper describes a novel approach to build a domain-specific knowledge service with the data retrieved from Hidden Web. Ontology serves to model the domain knowledge. Queries forms of different Web sites are translated into machine-understandable format, defined knowledge concepts, so that they can be accessed automatically. Also knowledge data are extracted from Web pages and organized in ontology format knowledge. The experiment proves the algorithm achieves high accuracy and the system facilitates constructing knowledge services greatly.展开更多
Due to its characteristics distribution and virtualization, cloud storage also brings new security problems. User's data is stored in the cloud, which separated the ownership from management. How to ensure the securi...Due to its characteristics distribution and virtualization, cloud storage also brings new security problems. User's data is stored in the cloud, which separated the ownership from management. How to ensure the security of cloud data, how to increase data availability and how to improve user privacy perception are the key issues of cloud storage research, especially when the cloud service provider is not completely trusted. In this paper, a cloud storage ciphertext retrieval scheme based on AES and homomorphic encryption is presented. This ciphertext retrieval scheme will not only conceal the user retrieval information, but also prevent the cloud from obtaining user access pattern such as read-write mode, and access frequency, thereby ensuring the safety of the ciphertext retrieval and user privacy. The results of simulation analysis show that the performance of this ciphertext retrieval scheme requires less overhead than other schemes on the same security level.展开更多
Public verification of data integrity is crucial for promoting the serviceability of cloud storage systems. Recently, Tan and Jia (2014) proposed an identity-based public verification (NaEPASC) protocol for cloud ...Public verification of data integrity is crucial for promoting the serviceability of cloud storage systems. Recently, Tan and Jia (2014) proposed an identity-based public verification (NaEPASC) protocol for cloud data to simplify key management and alleviate the burden of check tasks. They claimed that NaEPASC enables a third- party auditor (TPA) to verify the integrity of outsourced data with high efficiency and security in a cloud computing environment. However, in this paper, we pinpoint that NaEPASC is vulnerable to the signature forgery attack in the setup phase; i.e., a malicious cloud server can forge a valid signature for an arbitrary data block by using two correct signatures. Moreover, we demonstrate that NaEPASC is subject to data privacy threats in the challenge phase; i.e., an external attacker acting as a TPA can reveal the content of outsourced data. The analysis shows that NaEPASC is not secure in the data verification process. Therefore, our work is helpful for cryptographers and engineers to design and implement more secure and efficient identitv-based nublic alldit^n~ .~cheme~ far clnne] ~tnr^q~展开更多
文摘While Big Data gradually become a hot topic of research and business and has been everywhere used in many industries, Big Data security and privacy has been increasingly concerned. However, there is an obvious contradiction between Big Data security and privacy and the widespread use of Big Data. In this paper, we firstly reviewed the enormous benefits and challenges of security and privacy in Big Data. Then, we present some possible methods and techniques to ensure Big Data security and privacy.
基金This project is supported by Major International Cooperation Program of NSFC Grant 60221120145 Chinese Folk Music Digital Library.
文摘Hidden Web provides great amount of domain-specific data for constructing knowledge services. Most previous knowledge extraction researches ignore the valuable data hidden in Web database, and related works do not refer how to make extracted information available for knowledge system. This paper describes a novel approach to build a domain-specific knowledge service with the data retrieved from Hidden Web. Ontology serves to model the domain knowledge. Queries forms of different Web sites are translated into machine-understandable format, defined knowledge concepts, so that they can be accessed automatically. Also knowledge data are extracted from Web pages and organized in ontology format knowledge. The experiment proves the algorithm achieves high accuracy and the system facilitates constructing knowledge services greatly.
基金the National Natural Science Foundation of China under Grant,the Fundamental Research Funds for the Central Universities under Grant No.FRF-TP-14-046A2
文摘Due to its characteristics distribution and virtualization, cloud storage also brings new security problems. User's data is stored in the cloud, which separated the ownership from management. How to ensure the security of cloud data, how to increase data availability and how to improve user privacy perception are the key issues of cloud storage research, especially when the cloud service provider is not completely trusted. In this paper, a cloud storage ciphertext retrieval scheme based on AES and homomorphic encryption is presented. This ciphertext retrieval scheme will not only conceal the user retrieval information, but also prevent the cloud from obtaining user access pattern such as read-write mode, and access frequency, thereby ensuring the safety of the ciphertext retrieval and user privacy. The results of simulation analysis show that the performance of this ciphertext retrieval scheme requires less overhead than other schemes on the same security level.
基金Project supported by the National Natural Science Foundation of China (Nos. 61472287, 61501333, 61572379, and 61772377), the Natural Science Foundation of Hubei Province, China (Nos. 2015CFA068 and 2017CFA007), the Wuhan Science and Tech- nology Plan Project (No. 2016060101010047), and the Deanship of Scientific Research at King Saud University, Saudi Arabia (No. PRG-1436-16)
文摘Public verification of data integrity is crucial for promoting the serviceability of cloud storage systems. Recently, Tan and Jia (2014) proposed an identity-based public verification (NaEPASC) protocol for cloud data to simplify key management and alleviate the burden of check tasks. They claimed that NaEPASC enables a third- party auditor (TPA) to verify the integrity of outsourced data with high efficiency and security in a cloud computing environment. However, in this paper, we pinpoint that NaEPASC is vulnerable to the signature forgery attack in the setup phase; i.e., a malicious cloud server can forge a valid signature for an arbitrary data block by using two correct signatures. Moreover, we demonstrate that NaEPASC is subject to data privacy threats in the challenge phase; i.e., an external attacker acting as a TPA can reveal the content of outsourced data. The analysis shows that NaEPASC is not secure in the data verification process. Therefore, our work is helpful for cryptographers and engineers to design and implement more secure and efficient identitv-based nublic alldit^n~ .~cheme~ far clnne] ~tnr^q~
