Attribute Based DRM Scheme with Dynamic Usage Control in Cloud Computing

In order to achieve fine-grained access control in cloud computing,existing digital rights management(DRM) schemes adopt attribute-based encryption as the main encryption primitive.However,these schemes suffer from inefficiency and cannot support dynamic updating of usage rights stored in the cloud.In this paper,we propose a novel DRM scheme with secure key management and dynamic usage control in cloud computing.We present a secure key management mechanism based on attribute-based encryption and proxy re-encryption.Only the users whose attributes satisfy the access policy of the encrypted content and who have effective usage rights can be able to recover the content encryption key and further decrypt the content.The attribute based mechanism allows the content provider to selectively provide fine-grained access control of contents among a set of users,and also enables the license server to implement immediate attribute and user revocation.Moreover,our scheme supports privacy-preserving dynamic usage control based on additive homomorphic encryption,which allows the license server in the cloud to update the users' usage rights dynamically without disclosing the plaintext.Extensive analytical results indicate that our proposed scheme is secure and efficient.

TrustControl:Trusted Private Data Usage Control Based on Security Enhanced TrustZone

The past decade has seen the rapid development of data in many areas.Data has enormous commercial potential as a new strategic resource that may efficiently boost technical growth and service innovation.However,individuals are becoming increasingly concerned about data misuse and leaks.To address these issues,in this paper,we propose TrustControl,a trusted data usage control system to control,process,and protect data usage without revealing privacy.A trusted execution environment(TEE)is exploited to process confidential user data.First of all,we design a secure and reliable remote attestation mechanism for ARM TrustZone,which can verify the security of the TEE platform and function code,thus guaranteeing data processing security.Secondly,to address the security problem that the raw data may be misused,we design a remote dynamic code injection method to regulate that data can only be processed for the expected purpose.Our solution focuses on protecting the sensitive data of the data owner and the function code of the data user to prevent data misuse and leakage.Furthermore,we implement the prototype system of TrustControl on TrustZone-enabled hardware.Real-world experiment results demonstrate that the proposed Trust-Control is secure and the performance overhead of introducing our prototype system is very low.

DEVELOPMENT AND USAGE OF SIGNAL PR OCESSING AND SOUND SITIMULATING SYSTEM CONTROLLED BY COMPUTER

In hearing physiological experiments and clinic tests,we need not only a signal processing system,but also a synchronous sound stimulator’ Most of stimulators we are now using are function generators which are independent to processing units,and can be controlled only by hand. Although some of them have ports through which they can be controlled by computer,but as they are designed for industrial aims,not for hearing research,most of them can’t generate the special waveforms we need. We use the TDT signal processing system and develop a software package have both usage. On the interface of the program we can control the sampling parameters and generate stimulating waveforms’

Context-Aware Usage-Based Grid Authorization Framework

Due to inherent heterogeneity, multi-domain characteristic and highly dynamic nature, authorization is a critical concern in grid computing. This paper proposes a general authorization and access control architecture, grid usage control （GUCON）, for grid computing. It＇s based on the next generation access control mechanism usage control （UCON） model. The GUCON Framework dynamic grants and adapts permission to the subject based on a set of contextual information collected from the system environments; while retaining the authorization by evaluating access requests based on subject attributes, object attributes and requests. In general, GUCON model provides very flexible approaches to adapt the dynamically security request. GUCON model is being implemented in our experiment prototype.

A Multi-Tenant Usage Access Model for Cloud Computing

Most cloud services are built with multi-tenancy which enables data and configuration segregation upon shared infrastructures.It offers tremendous advantages for enterprises and service providers.It is anticipated that this situation will evolve to foster cross-tenant collaboration supported by Authorization as a service.To realize access control in a multi-tenant cloud computing environment,this study proposes a multi-tenant cloud computing access control model based on the traditional usage access control model by building trust relations among tenants.The model consists of three sub-models,which achieve trust relationships between tenants with different granularities and satisfy the requirements of different application scenarios.With an established trust relation in MT-UCON(Multi-tenant Usage Access Control),the trustee can precisely authorize cross-tenant accesses to the trustor’s resources consistent with constraints over the trust relation and other components designated by the trustor.In addition,the security of the model is analyzed by an information flow method.The model adapts to the characteristics of a dynamic and open multi-tenant cloud computing environment and achieves fine-grained access control within and between tenants.

Digital Rights Management：Model,Technology and Application

with rapid achievement of current information technology and computing ability and applications,much more digital content such as films,cartoons,design drawings,office documents and software source codes are produced in daily work,however to protect the content being copying,shared or deliberately stolen by inside or outside,digital rights management(DRM) became more and more important for digital content protection.In this paper,we studied various DRM model,technology and application,and first proposed DRM Security Infrastructure(DSI),in which we defined encryption,hash,signature algorithm,watermarking algorithms,authentication,usage control,trusted counter,conditional trace,secure payment,and based on the DSI we then proposed a whole classification approach and architecture of all kinds of DRMs,in which we proposed 6 typical classes of copyrights and content protection DRMs architecture:(1) Software-oriented DRM,(2) e Book-oriented DRM,(3) Video-oriented DRM,(4) Image-Oriented DRM(5) Unstructured data oriented DRM,(6) Text-oriented DRM.Based on the above DSI,we then proposed a dynamic DRM model selection method for various DRM application,which can be adapted dynamically for different technology of different applications,which can provide awhole solution for variant DRM development in a rapid and customized mode.The proposed DRM method,technology and application in this paper provided a common,flexible and extendable solution for variant DRM scenes,and can support rapid and customized development.Moreover,we proposed an opinion that the future life will enter into a new era that the content usage and consumption will not again adopt DRM technology rather than with law,liberty and morality.

A Peer-to-Peer Resource Sharing Scheme Using Trusted Computing Technology

Facing the increasing security issues in P2P networks, a scheme for resource sharing using trusted computing technologies is proposed in this paper. We advance a RS-UCON model with decision continuity and attribute mutability to control the usage process and an architecture to illustrate how TC technologies support policy enforcement with bidirectional attestation. The properties required for attestation should include not only integrity measurement value of platform and related application, but also reputation of users and access history, in order to avoid the limitation of the existing approaches. To make a permission, it is required to evaluate both the authorization and conditions of the subject and the object in resource usage to ensure trustable resources to be transferred to trusted users and platform.

Music Protection Based on Digital Watermarking and Encryption

Two fast and robust digital watermarking schemes for compressed music format and MIDI format are put forward, which are suitable for on-line distribution through the Internet. For compressed music, the watermark is embedded in partially uncompressed domain and the embedding scheme is closely related to music content. For MIDI, the watermark is embedded in virtual notes that are generated and randomly hide among the MIDI notes. This paper also presents a method for controlling usage and protecting against copying of digital music contents and their associated players. The digital music contents and their players installed in one computer cannot be used if they are copied to another computer. Even in the same computer, the duplicated digital music contents are not usable. The usage associated to the music content will restrict the running time and times. Also the music can be played and it will be automatically updated after each playing. The digital music cannot be accessible if its permitted usage expires.

Connection Admission Control in ATM Networks Based on the Foreground and Background Neural Networks

Connection Admission Control(CAC)in ATM networks is the set o/actions taken by the networkto decide whether to accept connection requests during the phase of call establishment or call re-negotiation.CAC is an integral part of the preventive congestion control in ATM networks whose aim is to ensurenetwork performance.The CAC algorithm has the characteristics of the multitude of control parameters,high degree of computation complexity and strong time restrictions.In this paper we present a CACmechanism featured by combination of foreground control and background learning which is based onneural networks having the capabilities of self-learning and high-Speed processing.A case study is given,after which we discuss the practicability of the proposed algorithm.