The growing advent of the Internet of Things(IoT)users is driving the adoption of cloud computing technologies.The integration of IoT in the cloud enables storage and computational capabilities for IoT users.However,s...The growing advent of the Internet of Things(IoT)users is driving the adoption of cloud computing technologies.The integration of IoT in the cloud enables storage and computational capabilities for IoT users.However,security has been one of the main concerns of cloud-integrated IoT.Existing work attempts to address the security concerns of cloud-integrated IoT through authentication,access control,and blockchain-based methods.However,existing frameworks are somewhat limited by scalability,privacy,and centralized structures.To mitigate the existing problems,we propose a blockchain-based distributed access control method for secure storage in the IoT cloud(BL-DAC).Initially,the BL-DAC performs decentralized authentication using the Quantum Neural Network Cryptography(QNNC)algorithm.IoT users and edge nodes are authenticated in the blockchain deployed by distributed Trusted Authorities(TAs)using multiple credentials.The user data is classified into sensitive and non-sensitive categories using the Enhanced Seagull Optimization(ESO)algorithm.Also,the authentication to access this data is performed by a decentralized access control method using smart contract policy.Sensitive user data is encrypted using the QNNC algorithm and stored in the private cloud.In contrast,non-sensitive data is stored in the public cloud,and IPFS is used to store data in a decentralized manner with high reliability.In addition,data security is improved by using a hierarchical blockchain which improves scalability by managing the multiple blockchains hierarchically and is lightweight using Proof of Authentication Consensus(PoAH).The BL-DAC is simulated and validated using the Network Simulator-3.26 simulation tool and validated.This work shows better results than the compared ones in terms of validation metrics such as throughput(26%),encryption time(19%),decryption time(16%),response time(15%),block validation time(31%),attack detection rate(16%),access control precision(13%),and scalability(28%).展开更多
We present a secure storage system named HermitFS against many types ofattacks. HermitFS uses strong cryptography algorithms and a secure protocol to secure the data fromthe time it is written to the time an authorize...We present a secure storage system named HermitFS against many types ofattacks. HermitFS uses strong cryptography algorithms and a secure protocol to secure the data fromthe time it is written to the time an authorized user accesses it. Our experimental results andsecure analysis show that HermitFS can protect information from unauthorized access in any openenvironment with little penalty of data o-verhead and acceptable performance.展开更多
The wide application of intelligent terminals in microgrids has fueled the surge of data amount in recent years.In real-world scenarios,microgrids must store large amounts of data efficiently while also being able to ...The wide application of intelligent terminals in microgrids has fueled the surge of data amount in recent years.In real-world scenarios,microgrids must store large amounts of data efficiently while also being able to withstand malicious cyberattacks.To meet the high hardware resource requirements,address the vulnerability to network attacks and poor reliability in the tradi-tional centralized data storage schemes,this paper proposes a secure storage management method for microgrid data that considers node trust and directed acyclic graph(DAG)consensus mechanism.Firstly,the microgrid data storage model is designed based on the edge computing technology.The blockchain,deployed on the edge computing server and combined with cloud storage,ensures reliable data storage in the microgrid.Secondly,a blockchain consen-sus algorithm based on directed acyclic graph data structure is then proposed to effectively improve the data storage timeliness and avoid disadvantages in traditional blockchain topology such as long chain construction time and low consensus efficiency.Finally,considering the tolerance differences among the candidate chain-building nodes to network attacks,a hash value update mechanism of blockchain header with node trust identification to ensure data storage security is proposed.Experimental results from the microgrid data storage platform show that the proposed method can achieve a private key update time of less than 5 milliseconds.When the number of blockchain nodes is less than 25,the blockchain construction takes no more than 80 mins,and the data throughput is close to 300 kbps.Compared with the traditional chain-topology-based consensus methods that do not consider node trust,the proposed method has higher efficiency in data storage and better resistance to network attacks.展开更多
The security of critical data is an important issue for distributed storage system design,especially for long-term storage.ESSA (An Efficient and Secure Splitting Algorithm for Distributed Storage Systems) is presente...The security of critical data is an important issue for distributed storage system design,especially for long-term storage.ESSA (An Efficient and Secure Splitting Algorithm for Distributed Storage Systems) is presented,which takes advantage of a two level information dispersal scheme to strengthen the security of data.In ESSA,the approach of knight’s tour problem,which is NP-Complete,is introduced to scramble data at the first level,and a split cube is used to split scrambled data at the second level.Thus,it is very difficult for the malicious user to get information because the task of reconstructing the original data needs more computation than they can tolerate.We prove that the security of ESSA is better than encryption algorithm and not inferior to erasure codes and secret sharing.Experimental results show that distributed storage systems exploiting ESSA has greater efficiency than that exploiting keyed encryption,erasure codes and secret sharing.展开更多
Grain storage security is big issue related to national economy and the people's livelihood, as well as one of the most important strategic requirements in China. Under the background of grain supply-side structural ...Grain storage security is big issue related to national economy and the people's livelihood, as well as one of the most important strategic requirements in China. Under the background of grain supply-side structural reform, this paper analyzed the grain storage security countermeasures under the new normal conditions with "grain storage technology", one of the national grain security strategies of China during the 13th Five-year Plan, as the guiding ideology, from the perspectives of scientific technologies, policy supports, government supports and talent construction, so as to provide supports for the storage enterprises with vulnerable technological links. In addition, the food security issues discussed in this paper could be a helping hand in improving people's living quality, enhancing grain storage ecological quality, promoting grain green storage quality security, and be of important and profound strategic significance to enhance the macro-control capability of the government, maintain social stability and people's health.展开更多
The dissociation between data management and data ownership makes it difficult to protect data security and privacy in cloud storage systems.Traditional encryption technologies are not suitable for data protection in ...The dissociation between data management and data ownership makes it difficult to protect data security and privacy in cloud storage systems.Traditional encryption technologies are not suitable for data protection in cloud storage systems.A novel multi-authority proxy re-encryption mechanism based on ciphertext-policy attribute-based encryption(MPRE-CPABE) is proposed for cloud storage systems.MPRE-CPABE requires data owner to split each file into two blocks,one big block and one small block.The small block is used to encrypt the big one as the private key,and then the encrypted big block will be uploaded to the cloud storage system.Even if the uploaded big block of file is stolen,illegal users cannot get the complete information of the file easily.Ciphertext-policy attribute-based encryption(CPABE)is always criticized for its heavy overload and insecure issues when distributing keys or revoking user's access right.MPRE-CPABE applies CPABE to the multi-authority cloud storage system,and solves the above issues.The weighted access structure(WAS) is proposed to support a variety of fine-grained threshold access control policy in multi-authority environments,and reduce the computational cost of key distribution.Meanwhile,MPRE-CPABE uses proxy re-encryption to reduce the computational cost of access revocation.Experiments are implemented on platforms of Ubuntu and CloudSim.Experimental results show that MPRE-CPABE can greatly reduce the computational cost of the generation of key components and the revocation of user's access right.MPRE-CPABE is also proved secure under the security model of decisional bilinear Diffie-Hellman(DBDH).展开更多
Mobile Cloud Computing usually consists of front-end users who possess mobile devices and back-end cloud servers. This paradigm empowers users to pervasively access a large volume of storage resources with portable de...Mobile Cloud Computing usually consists of front-end users who possess mobile devices and back-end cloud servers. This paradigm empowers users to pervasively access a large volume of storage resources with portable devices in a distributed and cooperative manner. During the period between uploading and downloading files (data), the privacy and integrity of files need to be guaranteed. To this end, a family of schemes are proposed for different situations. All schemes are lightweight in terms of computational overhead, resilient to storage compromise on mobile devices, and do not assume that trusted cloud servers are present. Corresponding algorithms are proposed in detail for guiding off-the-shelf implementation. The evaluation of security and performance is also extensively analyzed, justifying the applicability of the proposed schemes.展开更多
Cloud computing and storage services allow clients to move their data center and applications to centralized large data centers and thus avoid the burden of local data storage and maintenance.However,this poses new ch...Cloud computing and storage services allow clients to move their data center and applications to centralized large data centers and thus avoid the burden of local data storage and maintenance.However,this poses new challenges related to creating secure and reliable data storage over unreliable service providers.In this study,we address the problem of ensuring the integrity of data storage in cloud computing.In particular,we consider methods for reducing the burden of generating a constant amount of metadata at the client side.By exploiting some good attributes of the bilinear group,we can devise a simple and efficient audit service for public verification of untrusted and outsourced storage,which can be important for achieving widespread deployment of cloud computing.Whereas many prior studies on ensuring remote data integrity did not consider the burden of generating verification metadata at the client side,the objective of this study is to resolve this issue.Moreover,our scheme also supports data dynamics and public verifiability.Extensive security and performance analysis shows that the proposed scheme is highly efficient and provably secure.展开更多
Increment of mobile cloud video motivates mobile users to utilize cloud storage service to address their demands, cloud storage provider always furnish a location-independent platform for managing user's data. Howeve...Increment of mobile cloud video motivates mobile users to utilize cloud storage service to address their demands, cloud storage provider always furnish a location-independent platform for managing user's data. However, mobile users wonder if their cloud video data leakage or dynamic migration to illegal service providers. In this paper, we design a novel provable data possession protocol based on data geographic location attribute, which allows data owner to auditing the integrity of their video data, which put forward an ideal choice for remote data possession checking in the mobile cloud storage. In our proposed scheme, we check out whether the video data dynamic migrate to an unspecified location (such as: overseas) by adding data geographic location attribute tag into provable data possession protocol. Moreover, we make sure the security of our proposed scheme under the Computational Diffic-Hellman assumption. The analysis and experiment results demonstrate that our proposed scheme is provably secure and efficient.展开更多
Grain security guarantees national security.China has many widely distributed grain depots to supervise grain storage security.However,this has led to a lack of regulatory capacity and manpower.Amid the development of...Grain security guarantees national security.China has many widely distributed grain depots to supervise grain storage security.However,this has led to a lack of regulatory capacity and manpower.Amid the development of reserve-level information technology,big data supervision of grain storage security should be improved.This study proposes big data research architecture and an analysis model for grain storage security;as an example,it illustrates the supervision of the grain loss problem in storage security.The statistical analysis model and the prediction and clustering-based model for grain loss supervision were used to mine abnormal data.A combination of feature extraction and feature selection reduction methods were chosen for dimensionality.A comparative analysis showed that the nonlinear prediction model performed better on the grain loss data set,with R2 of 87.21%,87.83%,91.97%,and 89.40%for Gradient Boosting Regressor(GBR),Random Forest,Decision Tree,XGBoost regression on test sets,respectively.Nineteen abnormal data were filtered out by GBR combined with residuals as an example.The deep learning model had the best performance on the mean absolute error,with an R2 of 85.14%on the test set and only one abnormal data identified.This is contrary to the original intention of finding as many anomalies as possible for supervisory purposes.Five classes were generated using principal component analysis dimensionality reduction combined with Density-Based Spatial Clustering of Applications with Noise(DBSCAN)clustering,with 11 anomalous data points screened by adding the amount of normalized grain loss.Based on the existing grain information system,this paper provides a supervision model for grain storage that can help mine abnormal data.Unlike the current post-event supervision model,this study proposes a pre-event supervision model.This study provides a framework of ideas for subsequent scholarly research;the addition of big data technology will help improve efficient supervisory capacity in the field of grain supervision.展开更多
With the process of medical informatization,medical diagnosis results are recorded and shared in the form of electronic data in the computer.However,the security of medical data storage cannot be effectively protected...With the process of medical informatization,medical diagnosis results are recorded and shared in the form of electronic data in the computer.However,the security of medical data storage cannot be effectively protected and the unsafe sharing of medical data among different institutions is still a hidden danger that cannot be underestimated.To solve the above problems,a secure storage and sharing model of private data based on blockchain technology and homomorphic encryption is constructed.Based on the idea of blockchain decentralization,the model maintains a reliable medical alliance chain system to ensure the safe transmission of data between different institutions;A privacy data encryption and computing protocol based on homomorphic encryption is constructed to ensure the safe transmission of medical data;Using its complete anonymity to ensure the Blockchain of medical data and patient identity privacy;A strict transaction control management mechanism of medical data based on Intelligent contract automatic execution of preset instructions is proposed.After security verification,compared with the traditional medical big data storage and sharing mode,the model has better security and sharing.展开更多
Big data cloud platforms provide users with on-demand configurable computing,storage resources to users,thus involving a large amount of user data.However,most of the data is processed and stored in plaintext,resultin...Big data cloud platforms provide users with on-demand configurable computing,storage resources to users,thus involving a large amount of user data.However,most of the data is processed and stored in plaintext,resulting in data leakage.At the same time,simple encrypted storage ensures the confidentiality of the cloud data,but has the following problems:if the encrypted data is downloaded to the client and then decrypted,the search efficiency will be low.If the encrypted data is decrypted and searched on the server side,the security will be reduced.Data availability is finally reduced,and indiscriminate protection measures make the risk of data leakage uncontrollable.To solve the problems,based on searchable encryption and key derivation,a cipher search system is designed in this paper considering both data security and availability,and the use of a search encryption algorithm that supports dynamic update is listed.Moreover,the system structure has the advantage of adapting different searchable encryption algorithm.In particular,a user-centered key derivation mechanism is designed to realize file-level fine-grained encryption.Finally,extensive experiment and analysis show that the scheme greatly improves the data security of big data platform.展开更多
Over the last few years,the need of a cloud environment with the ability to detect illegal behaviours along with a secured data storage capability has increased largely.This study presents such a secured cloud storage...Over the last few years,the need of a cloud environment with the ability to detect illegal behaviours along with a secured data storage capability has increased largely.This study presents such a secured cloud storage framework comprising of a deoxyribonucleic acid(DNA)based encryption key which has been generated to make the framework unbreakable,thus ensuring a better and secured distributed cloud storage environment.Furthermore,this work proposes a novel DNA-based encryption technique inspired by the biological characteristics of DNA and the protein synthesis mechanism.The introduced DNA based model also has an additional advantage of being able to decide on selecting suitable storage servers from an existing pool of storage servers on which the data must be stored.A fuzzy-based technique for order of preference by similarity to ideal solution(TOFSIS)multi-criteria decisionmaking(MCDM)model has been employed to achieve the above-mentioned goal.This can decide the set of suitable storage servers and also results in a reduction in execution time by keeping up the level of security to an improved grade.This study also investigates and analyzes the strength of the proposed S-Box and encryption technique against some standard criteria and benchmarks,such as avalanche effect,correlation coefficient,information entropy,linear probability,and differential probability etc.After the avalanche effect analysis,the average change in cipher-text has been found to be 51.85%.Moreover,thorough security,sensitivity and functionality analysis show that the proposed scheme guarantees high security with robustness.展开更多
Real-time encryption and decryption of digital images stored on end-user devices is a challenging task due to the inherent features of the images. Traditional software encryption applications generally suffered from t...Real-time encryption and decryption of digital images stored on end-user devices is a challenging task due to the inherent features of the images. Traditional software encryption applications generally suffered from the expense of user con- venience, performance efficiency, and the level of security provided. To overcome these limitations, the concept of transparent encryption has been proposed. This type of encryption mechanism can be implemented most efficiently with kernel file systems. However, this approach has some disadvantages since developing a new file system and attaching it in the kernel level requires a deep understanding of the kernel internal data structure. A filesystem in userspace (FUSE) can be used to bridge the gap. Never- theless, ctwrent implementations of cryptographic FUSE-based file systems suffered from several weaknesses that make them less than ideal for deployment. This paper describes the design and implementation of ImgFS, a fully transparent cryptographic file system that resides on user space. ImgFS can provide a sophisticated way to access, manage, and monitor all encryption and key management operations for image files stored on the local disk without any interaction from the user. The development of ImgFS has managed to solve weaknesses that have been identified on cryptographic FUSE-based implementations. Experiments were carried out to measure the performance of ImgFS over image files' read and write against the cryptographic service, and the results indicated that while ImgFS has managed to provide higher level of security and transparency, its performance was competitive with other established cryptographic FUSE-based schemes of high performance.展开更多
文摘The growing advent of the Internet of Things(IoT)users is driving the adoption of cloud computing technologies.The integration of IoT in the cloud enables storage and computational capabilities for IoT users.However,security has been one of the main concerns of cloud-integrated IoT.Existing work attempts to address the security concerns of cloud-integrated IoT through authentication,access control,and blockchain-based methods.However,existing frameworks are somewhat limited by scalability,privacy,and centralized structures.To mitigate the existing problems,we propose a blockchain-based distributed access control method for secure storage in the IoT cloud(BL-DAC).Initially,the BL-DAC performs decentralized authentication using the Quantum Neural Network Cryptography(QNNC)algorithm.IoT users and edge nodes are authenticated in the blockchain deployed by distributed Trusted Authorities(TAs)using multiple credentials.The user data is classified into sensitive and non-sensitive categories using the Enhanced Seagull Optimization(ESO)algorithm.Also,the authentication to access this data is performed by a decentralized access control method using smart contract policy.Sensitive user data is encrypted using the QNNC algorithm and stored in the private cloud.In contrast,non-sensitive data is stored in the public cloud,and IPFS is used to store data in a decentralized manner with high reliability.In addition,data security is improved by using a hierarchical blockchain which improves scalability by managing the multiple blockchains hierarchically and is lightweight using Proof of Authentication Consensus(PoAH).The BL-DAC is simulated and validated using the Network Simulator-3.26 simulation tool and validated.This work shows better results than the compared ones in terms of validation metrics such as throughput(26%),encryption time(19%),decryption time(16%),response time(15%),block validation time(31%),attack detection rate(16%),access control precision(13%),and scalability(28%).
基金Supported by the National High Tech Researchand Development Plan of China(2001AA114141)
文摘We present a secure storage system named HermitFS against many types ofattacks. HermitFS uses strong cryptography algorithms and a secure protocol to secure the data fromthe time it is written to the time an authorized user accesses it. Our experimental results andsecure analysis show that HermitFS can protect information from unauthorized access in any openenvironment with little penalty of data o-verhead and acceptable performance.
文摘The wide application of intelligent terminals in microgrids has fueled the surge of data amount in recent years.In real-world scenarios,microgrids must store large amounts of data efficiently while also being able to withstand malicious cyberattacks.To meet the high hardware resource requirements,address the vulnerability to network attacks and poor reliability in the tradi-tional centralized data storage schemes,this paper proposes a secure storage management method for microgrid data that considers node trust and directed acyclic graph(DAG)consensus mechanism.Firstly,the microgrid data storage model is designed based on the edge computing technology.The blockchain,deployed on the edge computing server and combined with cloud storage,ensures reliable data storage in the microgrid.Secondly,a blockchain consen-sus algorithm based on directed acyclic graph data structure is then proposed to effectively improve the data storage timeliness and avoid disadvantages in traditional blockchain topology such as long chain construction time and low consensus efficiency.Finally,considering the tolerance differences among the candidate chain-building nodes to network attacks,a hash value update mechanism of blockchain header with node trust identification to ensure data storage security is proposed.Experimental results from the microgrid data storage platform show that the proposed method can achieve a private key update time of less than 5 milliseconds.When the number of blockchain nodes is less than 25,the blockchain construction takes no more than 80 mins,and the data throughput is close to 300 kbps.Compared with the traditional chain-topology-based consensus methods that do not consider node trust,the proposed method has higher efficiency in data storage and better resistance to network attacks.
基金This study is supported by National Natural Science Foundation of China (No.60973146) National Natur al Science Foundation of Beijing (No.4092029) The Fundamental Research Funds for the Central Universities (No.2009RC0217). We also thank the anonymous reviewers for their constructive comments.
文摘The security of critical data is an important issue for distributed storage system design,especially for long-term storage.ESSA (An Efficient and Secure Splitting Algorithm for Distributed Storage Systems) is presented,which takes advantage of a two level information dispersal scheme to strengthen the security of data.In ESSA,the approach of knight’s tour problem,which is NP-Complete,is introduced to scramble data at the first level,and a split cube is used to split scrambled data at the second level.Thus,it is very difficult for the malicious user to get information because the task of reconstructing the original data needs more computation than they can tolerate.We prove that the security of ESSA is better than encryption algorithm and not inferior to erasure codes and secret sharing.Experimental results show that distributed storage systems exploiting ESSA has greater efficiency than that exploiting keyed encryption,erasure codes and secret sharing.
基金Supported by the Fund Project for the Scientific Undertakings in Public Interest of Liaoning Province(20170046)the Initiation Project of Economic and Social Development of Liaoning Province(2018lslktyb)the Initiation Project of Economic and Social Development of Shenyang City in 2017(SYSK2017-13-11)~~
文摘Grain storage security is big issue related to national economy and the people's livelihood, as well as one of the most important strategic requirements in China. Under the background of grain supply-side structural reform, this paper analyzed the grain storage security countermeasures under the new normal conditions with "grain storage technology", one of the national grain security strategies of China during the 13th Five-year Plan, as the guiding ideology, from the perspectives of scientific technologies, policy supports, government supports and talent construction, so as to provide supports for the storage enterprises with vulnerable technological links. In addition, the food security issues discussed in this paper could be a helping hand in improving people's living quality, enhancing grain storage ecological quality, promoting grain green storage quality security, and be of important and profound strategic significance to enhance the macro-control capability of the government, maintain social stability and people's health.
基金supported by the National Natural Science Foundation of China(6120200461472192)+1 种基金the Special Fund for Fast Sharing of Science Paper in Net Era by CSTD(2013116)the Natural Science Fund of Higher Education of Jiangsu Province(14KJB520014)
文摘The dissociation between data management and data ownership makes it difficult to protect data security and privacy in cloud storage systems.Traditional encryption technologies are not suitable for data protection in cloud storage systems.A novel multi-authority proxy re-encryption mechanism based on ciphertext-policy attribute-based encryption(MPRE-CPABE) is proposed for cloud storage systems.MPRE-CPABE requires data owner to split each file into two blocks,one big block and one small block.The small block is used to encrypt the big one as the private key,and then the encrypted big block will be uploaded to the cloud storage system.Even if the uploaded big block of file is stolen,illegal users cannot get the complete information of the file easily.Ciphertext-policy attribute-based encryption(CPABE)is always criticized for its heavy overload and insecure issues when distributing keys or revoking user's access right.MPRE-CPABE applies CPABE to the multi-authority cloud storage system,and solves the above issues.The weighted access structure(WAS) is proposed to support a variety of fine-grained threshold access control policy in multi-authority environments,and reduce the computational cost of key distribution.Meanwhile,MPRE-CPABE uses proxy re-encryption to reduce the computational cost of access revocation.Experiments are implemented on platforms of Ubuntu and CloudSim.Experimental results show that MPRE-CPABE can greatly reduce the computational cost of the generation of key components and the revocation of user's access right.MPRE-CPABE is also proved secure under the security model of decisional bilinear Diffie-Hellman(DBDH).
基金Supported by the Special Fund for Basic Scientific Research of Central Colleges,China University of Geosciences (Wuhan) (No.090109)the National Natural Science Foundation of China (No.61170217)the Scientific Research Fund of Zhejiang Provincial Education Department (No. 20070952)
文摘Mobile Cloud Computing usually consists of front-end users who possess mobile devices and back-end cloud servers. This paradigm empowers users to pervasively access a large volume of storage resources with portable devices in a distributed and cooperative manner. During the period between uploading and downloading files (data), the privacy and integrity of files need to be guaranteed. To this end, a family of schemes are proposed for different situations. All schemes are lightweight in terms of computational overhead, resilient to storage compromise on mobile devices, and do not assume that trusted cloud servers are present. Corresponding algorithms are proposed in detail for guiding off-the-shelf implementation. The evaluation of security and performance is also extensively analyzed, justifying the applicability of the proposed schemes.
基金the National Natural Science Foundation of China,the National Basic Research Program of China ("973" Program) the National High Technology Research and Development Program of China ("863" Program)
文摘Cloud computing and storage services allow clients to move their data center and applications to centralized large data centers and thus avoid the burden of local data storage and maintenance.However,this poses new challenges related to creating secure and reliable data storage over unreliable service providers.In this study,we address the problem of ensuring the integrity of data storage in cloud computing.In particular,we consider methods for reducing the burden of generating a constant amount of metadata at the client side.By exploiting some good attributes of the bilinear group,we can devise a simple and efficient audit service for public verification of untrusted and outsourced storage,which can be important for achieving widespread deployment of cloud computing.Whereas many prior studies on ensuring remote data integrity did not consider the burden of generating verification metadata at the client side,the objective of this study is to resolve this issue.Moreover,our scheme also supports data dynamics and public verifiability.Extensive security and performance analysis shows that the proposed scheme is highly efficient and provably secure.
基金supported in part by National High Tech Research and Development Program(863 Program)of China(No.2015 AA016005)
文摘Increment of mobile cloud video motivates mobile users to utilize cloud storage service to address their demands, cloud storage provider always furnish a location-independent platform for managing user's data. However, mobile users wonder if their cloud video data leakage or dynamic migration to illegal service providers. In this paper, we design a novel provable data possession protocol based on data geographic location attribute, which allows data owner to auditing the integrity of their video data, which put forward an ideal choice for remote data possession checking in the mobile cloud storage. In our proposed scheme, we check out whether the video data dynamic migrate to an unspecified location (such as: overseas) by adding data geographic location attribute tag into provable data possession protocol. Moreover, we make sure the security of our proposed scheme under the Computational Diffic-Hellman assumption. The analysis and experiment results demonstrate that our proposed scheme is provably secure and efficient.
文摘Grain security guarantees national security.China has many widely distributed grain depots to supervise grain storage security.However,this has led to a lack of regulatory capacity and manpower.Amid the development of reserve-level information technology,big data supervision of grain storage security should be improved.This study proposes big data research architecture and an analysis model for grain storage security;as an example,it illustrates the supervision of the grain loss problem in storage security.The statistical analysis model and the prediction and clustering-based model for grain loss supervision were used to mine abnormal data.A combination of feature extraction and feature selection reduction methods were chosen for dimensionality.A comparative analysis showed that the nonlinear prediction model performed better on the grain loss data set,with R2 of 87.21%,87.83%,91.97%,and 89.40%for Gradient Boosting Regressor(GBR),Random Forest,Decision Tree,XGBoost regression on test sets,respectively.Nineteen abnormal data were filtered out by GBR combined with residuals as an example.The deep learning model had the best performance on the mean absolute error,with an R2 of 85.14%on the test set and only one abnormal data identified.This is contrary to the original intention of finding as many anomalies as possible for supervisory purposes.Five classes were generated using principal component analysis dimensionality reduction combined with Density-Based Spatial Clustering of Applications with Noise(DBSCAN)clustering,with 11 anomalous data points screened by adding the amount of normalized grain loss.Based on the existing grain information system,this paper provides a supervision model for grain storage that can help mine abnormal data.Unlike the current post-event supervision model,this study proposes a pre-event supervision model.This study provides a framework of ideas for subsequent scholarly research;the addition of big data technology will help improve efficient supervisory capacity in the field of grain supervision.
基金supported in part by the Jilin Provincial Department of Science and Technology,China(YDZJ202303CGZH010)Jilin Provincial Department of Human Resources and Social Security,China(2022QN05)the Changchun Science and Technology Bureau,China(21ZGM29).
文摘With the process of medical informatization,medical diagnosis results are recorded and shared in the form of electronic data in the computer.However,the security of medical data storage cannot be effectively protected and the unsafe sharing of medical data among different institutions is still a hidden danger that cannot be underestimated.To solve the above problems,a secure storage and sharing model of private data based on blockchain technology and homomorphic encryption is constructed.Based on the idea of blockchain decentralization,the model maintains a reliable medical alliance chain system to ensure the safe transmission of data between different institutions;A privacy data encryption and computing protocol based on homomorphic encryption is constructed to ensure the safe transmission of medical data;Using its complete anonymity to ensure the Blockchain of medical data and patient identity privacy;A strict transaction control management mechanism of medical data based on Intelligent contract automatic execution of preset instructions is proposed.After security verification,compared with the traditional medical big data storage and sharing mode,the model has better security and sharing.
基金the Sichuan Science and Technology Program(2021JDRC0077)the Sichuan Province’s Key Research and Development Plan.“Distributed Secure StorageTechnology for Massive Sensitive Data”Project(2020YFG0298)Applied Basic Research Project of Sichuan Province(No.2018JY0370).
文摘Big data cloud platforms provide users with on-demand configurable computing,storage resources to users,thus involving a large amount of user data.However,most of the data is processed and stored in plaintext,resulting in data leakage.At the same time,simple encrypted storage ensures the confidentiality of the cloud data,but has the following problems:if the encrypted data is downloaded to the client and then decrypted,the search efficiency will be low.If the encrypted data is decrypted and searched on the server side,the security will be reduced.Data availability is finally reduced,and indiscriminate protection measures make the risk of data leakage uncontrollable.To solve the problems,based on searchable encryption and key derivation,a cipher search system is designed in this paper considering both data security and availability,and the use of a search encryption algorithm that supports dynamic update is listed.Moreover,the system structure has the advantage of adapting different searchable encryption algorithm.In particular,a user-centered key derivation mechanism is designed to realize file-level fine-grained encryption.Finally,extensive experiment and analysis show that the scheme greatly improves the data security of big data platform.
基金This publication was an outcome of the R&D work undertaken project under the Visvesvaraya PhD Scheme of Ministry of Electronics&Information Technology,Government of India,being implemented by Digital India Corporation.
文摘Over the last few years,the need of a cloud environment with the ability to detect illegal behaviours along with a secured data storage capability has increased largely.This study presents such a secured cloud storage framework comprising of a deoxyribonucleic acid(DNA)based encryption key which has been generated to make the framework unbreakable,thus ensuring a better and secured distributed cloud storage environment.Furthermore,this work proposes a novel DNA-based encryption technique inspired by the biological characteristics of DNA and the protein synthesis mechanism.The introduced DNA based model also has an additional advantage of being able to decide on selecting suitable storage servers from an existing pool of storage servers on which the data must be stored.A fuzzy-based technique for order of preference by similarity to ideal solution(TOFSIS)multi-criteria decisionmaking(MCDM)model has been employed to achieve the above-mentioned goal.This can decide the set of suitable storage servers and also results in a reduction in execution time by keeping up the level of security to an improved grade.This study also investigates and analyzes the strength of the proposed S-Box and encryption technique against some standard criteria and benchmarks,such as avalanche effect,correlation coefficient,information entropy,linear probability,and differential probability etc.After the avalanche effect analysis,the average change in cipher-text has been found to be 51.85%.Moreover,thorough security,sensitivity and functionality analysis show that the proposed scheme guarantees high security with robustness.
基金Project partly supported by the Ministry of Higher Education of Malaysia under Grant LRGS/TD/2011/UKM/ICT/02
文摘Real-time encryption and decryption of digital images stored on end-user devices is a challenging task due to the inherent features of the images. Traditional software encryption applications generally suffered from the expense of user con- venience, performance efficiency, and the level of security provided. To overcome these limitations, the concept of transparent encryption has been proposed. This type of encryption mechanism can be implemented most efficiently with kernel file systems. However, this approach has some disadvantages since developing a new file system and attaching it in the kernel level requires a deep understanding of the kernel internal data structure. A filesystem in userspace (FUSE) can be used to bridge the gap. Never- theless, ctwrent implementations of cryptographic FUSE-based file systems suffered from several weaknesses that make them less than ideal for deployment. This paper describes the design and implementation of ImgFS, a fully transparent cryptographic file system that resides on user space. ImgFS can provide a sophisticated way to access, manage, and monitor all encryption and key management operations for image files stored on the local disk without any interaction from the user. The development of ImgFS has managed to solve weaknesses that have been identified on cryptographic FUSE-based implementations. Experiments were carried out to measure the performance of ImgFS over image files' read and write against the cryptographic service, and the results indicated that while ImgFS has managed to provide higher level of security and transparency, its performance was competitive with other established cryptographic FUSE-based schemes of high performance.