Cloud computing provides services to users through Internet.This open mode not only facilitates the access by users,but also brings potential security risks.In cloud computing,the risk of data leakage exists between u...Cloud computing provides services to users through Internet.This open mode not only facilitates the access by users,but also brings potential security risks.In cloud computing,the risk of data leakage exists between users and virtual machines.Whether direct or indirect data leakage,it can be regarded as illegal information flow.Methods,such as access control models can control the information flow,but not the covert information flow.Therefore,it needs to use the noninterference models to detect the existence of illegal information flow in cloud computing architecture.Typical noninterference models are not suitable to certificate information flow in cloud computing architecture.In this paper,we propose several information flow models for cloud architecture.One model is for transitive cloud computing architecture.The others are for intransitive cloud computing architecture.When concurrent access actions execute in the cloud architecture,we want that security domain and security domain do not affect each other,that there is no information flow between security domains.But in fact,there will be more or less indirect information flow between security domains.Our models are concerned with how much information is allowed to flow.For example,in the CIP model,the other domain can learn the sequence of actions.But in the CTA model,the other domain can’t learn the information.Which security model will be used in an architecture depends on the security requirements for that architecture.展开更多
In the field of cloud computing, topics such as computing resource virtualization, differences between grid and cloud computing, relationship between high-performance computers and cloud computing centers, and cloud s...In the field of cloud computing, topics such as computing resource virtualization, differences between grid and cloud computing, relationship between high-performance computers and cloud computing centers, and cloud security and standards have attracted much research interest. This paper analyzes these topics and highlights that resource virtualization allows information services to be scalable, intensive, and specialized; grid computing involves using many computers for large-scale computing tasks, while cloud computing uses one platform for multiple services; high-performance computers may not be suitable for a cloud computing; security in cloud computing focuses on trust management between service suppliers and users; and based on the existing standards, standardization of cloud computing should focus on interoperability between services.展开更多
Separation issue is one of the most important problems about cloud computing security. Tenants should be separated from each other based on cloud infrastructure and different users from one tenant should be separated ...Separation issue is one of the most important problems about cloud computing security. Tenants should be separated from each other based on cloud infrastructure and different users from one tenant should be separated from each other with the constraint of security policies. Learning from the notion of trusted cloud computing and trustworthiness in cloud, in this paper, a multi-level authorization separation model is formally described, and a series of rules are proposed to summarize the separation property of this model. The correctness of the rules is proved. Furthermore, based on this model, a tenant separation mechanism is deployed in a real world mixed-critical information system. Performance benchmarks have shown the availability and efficiency of this mechanism.展开更多
Fully homomorphic encryption(FHE)can be used for privacy-preserving aggregation of medical data.In this typical application,the security against passive attacks has been well studied by Li and Micciancio(2021).In this...Fully homomorphic encryption(FHE)can be used for privacy-preserving aggregation of medical data.In this typical application,the security against passive attacks has been well studied by Li and Micciancio(2021).In this paper,the authors further consider a“nearly passive”kind of attack,where the attacker may behave like a passive attacker in the view of the third-party server.To capture the security against this hard-to-detect attack,the authors propose a new notion of IND-CPA^(rD)security.The authors show that the standard LWE encryption and its related FHE schemes can not defend against IND-CPA^(rD)attack,even under a stricter rule limiting the content and number of queries made by the attacker.To make the application of FHE schemes more secure,the authors discuss some possible modifications that may serve as countermeasures to IND-CPA^(rD)attack.展开更多
The publication of Tsinghua Science and Technology was started in 1996. Since then, it has been an international academic journal sponsored by Tsinghua University and published bimonthly. This journal aims at presenti...The publication of Tsinghua Science and Technology was started in 1996. Since then, it has been an international academic journal sponsored by Tsinghua University and published bimonthly. This journal aims at presenting the state-of-art scientific achievements in computer science, and other IT fields, and is currently indexed by EI and other abstracting indices. The journal is available in IEEE Xplore Digital Library with an open access model: http://ieeexplore.ieee.org/xpl/RecentIssue.j sp?punumber=5971803.展开更多
In cloud computing applications, users' data and applications are hosted by cloud providers. This paper proposed an access control scheme that uses a combination of discretionary access control and cryptographic tech...In cloud computing applications, users' data and applications are hosted by cloud providers. This paper proposed an access control scheme that uses a combination of discretionary access control and cryptographic techniques to secure users' data and applications hosted by cloud providers. Many cloud applications require users to share their data and applications hosted by cloud providers. To facilitate resource sharing, the proposed scheme allows cloud users to delegate their access permissions to other users easily. Using the access control policies that guard the access to resources and the credentials submitted by users, a third party can infer information about the cloud users. The proposed scheme uses cryptographic techniques to obscure the access control policies and users' credentials to ensure the privacy of the cloud users. Data encryption is used to guarantee the confidentiality of data. Compared with existing schemes, the proposed scheme is more flexible and easy to use. Experiments showed that the proposed scheme is also efficient.展开更多
基金Natural Science Research Project of Jiangsu Province Universities and Colleges(No.17KJD520005,Congdong Lv).
文摘Cloud computing provides services to users through Internet.This open mode not only facilitates the access by users,but also brings potential security risks.In cloud computing,the risk of data leakage exists between users and virtual machines.Whether direct or indirect data leakage,it can be regarded as illegal information flow.Methods,such as access control models can control the information flow,but not the covert information flow.Therefore,it needs to use the noninterference models to detect the existence of illegal information flow in cloud computing architecture.Typical noninterference models are not suitable to certificate information flow in cloud computing architecture.In this paper,we propose several information flow models for cloud architecture.One model is for transitive cloud computing architecture.The others are for intransitive cloud computing architecture.When concurrent access actions execute in the cloud architecture,we want that security domain and security domain do not affect each other,that there is no information flow between security domains.But in fact,there will be more or less indirect information flow between security domains.Our models are concerned with how much information is allowed to flow.For example,in the CIP model,the other domain can learn the sequence of actions.But in the CTA model,the other domain can’t learn the information.Which security model will be used in an architecture depends on the security requirements for that architecture.
文摘In the field of cloud computing, topics such as computing resource virtualization, differences between grid and cloud computing, relationship between high-performance computers and cloud computing centers, and cloud security and standards have attracted much research interest. This paper analyzes these topics and highlights that resource virtualization allows information services to be scalable, intensive, and specialized; grid computing involves using many computers for large-scale computing tasks, while cloud computing uses one platform for multiple services; high-performance computers may not be suitable for a cloud computing; security in cloud computing focuses on trust management between service suppliers and users; and based on the existing standards, standardization of cloud computing should focus on interoperability between services.
基金supported by the Fundamental Research funds for the central Universities of China (No. K15JB00190)the Ph.D. Programs Foundation of Ministry of Education of China (No. 20120009120010)the Program for Innovative Research Team in University of Ministry of Education of China (IRT201206)
文摘Separation issue is one of the most important problems about cloud computing security. Tenants should be separated from each other based on cloud infrastructure and different users from one tenant should be separated from each other with the constraint of security policies. Learning from the notion of trusted cloud computing and trustworthiness in cloud, in this paper, a multi-level authorization separation model is formally described, and a series of rules are proposed to summarize the separation property of this model. The correctness of the rules is proved. Furthermore, based on this model, a tenant separation mechanism is deployed in a real world mixed-critical information system. Performance benchmarks have shown the availability and efficiency of this mechanism.
基金partially supported by China National Key Research and Development Projects under Grant Nos.2020YFA0712300 and 2018YFA0704705。
文摘Fully homomorphic encryption(FHE)can be used for privacy-preserving aggregation of medical data.In this typical application,the security against passive attacks has been well studied by Li and Micciancio(2021).In this paper,the authors further consider a“nearly passive”kind of attack,where the attacker may behave like a passive attacker in the view of the third-party server.To capture the security against this hard-to-detect attack,the authors propose a new notion of IND-CPA^(rD)security.The authors show that the standard LWE encryption and its related FHE schemes can not defend against IND-CPA^(rD)attack,even under a stricter rule limiting the content and number of queries made by the attacker.To make the application of FHE schemes more secure,the authors discuss some possible modifications that may serve as countermeasures to IND-CPA^(rD)attack.
文摘The publication of Tsinghua Science and Technology was started in 1996. Since then, it has been an international academic journal sponsored by Tsinghua University and published bimonthly. This journal aims at presenting the state-of-art scientific achievements in computer science, and other IT fields, and is currently indexed by EI and other abstracting indices. The journal is available in IEEE Xplore Digital Library with an open access model: http://ieeexplore.ieee.org/xpl/RecentIssue.j sp?punumber=5971803.
文摘In cloud computing applications, users' data and applications are hosted by cloud providers. This paper proposed an access control scheme that uses a combination of discretionary access control and cryptographic techniques to secure users' data and applications hosted by cloud providers. Many cloud applications require users to share their data and applications hosted by cloud providers. To facilitate resource sharing, the proposed scheme allows cloud users to delegate their access permissions to other users easily. Using the access control policies that guard the access to resources and the credentials submitted by users, a third party can infer information about the cloud users. The proposed scheme uses cryptographic techniques to obscure the access control policies and users' credentials to ensure the privacy of the cloud users. Data encryption is used to guarantee the confidentiality of data. Compared with existing schemes, the proposed scheme is more flexible and easy to use. Experiments showed that the proposed scheme is also efficient.
