This paper presents a comprehensive exploration into the integration of Internet of Things(IoT),big data analysis,cloud computing,and Artificial Intelligence(AI),which has led to an unprecedented era of connectivity.W...This paper presents a comprehensive exploration into the integration of Internet of Things(IoT),big data analysis,cloud computing,and Artificial Intelligence(AI),which has led to an unprecedented era of connectivity.We delve into the emerging trend of machine learning on embedded devices,enabling tasks in resource-limited environ-ments.However,the widespread adoption of machine learning raises significant privacy concerns,necessitating the development of privacy-preserving techniques.One such technique,secure multi-party computation(MPC),allows collaborative computations without exposing private inputs.Despite its potential,complex protocols and communication interactions hinder performance,especially on resource-constrained devices.Efforts to enhance efficiency have been made,but scalability remains a challenge.Given the success of GPUs in deep learning,lever-aging embedded GPUs,such as those offered by NVIDIA,emerges as a promising solution.Therefore,we propose an Embedded GPU-based Secure Two-party Computation(EG-STC)framework for Artificial Intelligence(AI)systems.To the best of our knowledge,this work represents the first endeavor to fully implement machine learning model training based on secure two-party computing on the Embedded GPU platform.Our experimental results demonstrate the effectiveness of EG-STC.On an embedded GPU with a power draw of 5 W,our implementation achieved a secure two-party matrix multiplication throughput of 5881.5 kilo-operations per millisecond(kops/ms),with an energy efficiency ratio of 1176.3 kops/ms/W.Furthermore,leveraging our EG-STC framework,we achieved an overall time acceleration ratio of 5–6 times compared to solutions running on server-grade CPUs.Our solution also exhibited a reduced runtime,requiring only 60%to 70%of the runtime of previously best-known methods on the same platform.In summary,our research contributes to the advancement of secure and efficient machine learning implementations on resource-constrained embedded devices,paving the way for broader adoption of AI technologies in various applications.展开更多
With the development of cloud computing technology,more and more data owners upload their local data to the public cloud server for storage and calculation.While this can save customers’operating costs,it also poses ...With the development of cloud computing technology,more and more data owners upload their local data to the public cloud server for storage and calculation.While this can save customers’operating costs,it also poses privacy and security challenges.Such challenges can be solved using secure multi-party computation(SMPC),but this still exposes more security issues.In cloud computing using SMPC,clients need to process their data and submit the processed data to the cloud server,which then performs the calculation and returns the results to each client.Each client and server must be honest.If there is cooperation or dishonest behavior between clients,some clients may profit from it or even disclose the private data of other clients.This paper proposes the SMPC based on a Partially-Homomorphic Encryption(PHE)scheme in which an addition homomorphic encryption algorithm with a lower computational cost is used to ensure data comparability and Zero-Knowledge Proof(ZKP)is used to limit the client’s malicious behavior.In addition,the introduction of Oblivious Transfer(OT)technology also ensures that the semi-honest cloud server knows nothing about private data,so that the cloud server of this scheme can calculate the correct data in the case of malicious participant models and safely return the calculation results to each client.Finally,the security analysis shows that the scheme not only ensures the privacy of participants,but also ensures the fairness of the comparison protocol data.展开更多
This paper studies how to take advantage of other's computing ability to sign a message with one's private key without disclosing the private key. A protocol to this problem is presented, and it is proven, by ...This paper studies how to take advantage of other's computing ability to sign a message with one's private key without disclosing the private key. A protocol to this problem is presented, and it is proven, by well known simulation paradigm, that this protocol is private.展开更多
Efficiency and scalability are still the bottleneck for secure multi-party computation geometry(SMCG).In this work a secure planar convex hull(SPCH) protocol for large-scaled point sets in semi-honest model has been p...Efficiency and scalability are still the bottleneck for secure multi-party computation geometry(SMCG).In this work a secure planar convex hull(SPCH) protocol for large-scaled point sets in semi-honest model has been proposed efficiendy to solve the above problems.Firstly,a novel privacy-preserving point-inclusion(PPPI) protocol is designed based on the classic homomorphic encryption and secure cross product protocol,and it is demonstrated that the complexity of PPPI protocol is independent of the vertex size of the input convex hull.And then on the basis of the novel PPPI protocol,an effective SPCH protocol is presented.Analysis shows that this SPCH protocol has a good performance for large-scaled point sets compared with previous solutions.Moreover,analysis finds that the complexity of our SPCH protocol relies on the size of the points on the outermost layer of the input point sets only.展开更多
Numerous privacy-preserving issues have emerged along with the fast development of the Internet of Things. In addressing privacy protection problems in Wireless Sensor Networks (WSN), secure multi-party computation ...Numerous privacy-preserving issues have emerged along with the fast development of the Internet of Things. In addressing privacy protection problems in Wireless Sensor Networks (WSN), secure multi-party computation is considered vital, where obtaining the Euclidian distance between two nodes with no disclosure of either side's secrets has become the focus of location-privacy-related applications. This paper proposes a novel Privacy-Preserving Scalar Product Protocol (PPSPP) for wireless sensor networks. Based on PPSPP, we then propose a Homomorphic-Encryption-based Euclidean Distance Protocol (HEEDP) without third parties. This protocol can achieve secure distance computation between two sensor nodes. Correctness proofs of PPSPP and HEEDP are provided, followed by security validation and analysis. Performance evaluations via comparisons among similar protocols demonstrate that HEEDP is superior; it is most efficient in terms of both communication and computation on a wide range of data types, especially in wireless sensor networks.展开更多
Pervasive IoT applications enable us to perceive,analyze,control,and optimize the traditional physical systems.Recently,security breaches in many IoT applications have indicated that IoT applications may put the physi...Pervasive IoT applications enable us to perceive,analyze,control,and optimize the traditional physical systems.Recently,security breaches in many IoT applications have indicated that IoT applications may put the physical systems at risk.Severe resource constraints and insufficient security design are two major causes of many security problems in IoT applications.As an extension of the cloud,the emerging edge computing with rich resources provides us a new venue to design and deploy novel security solutions for IoT applications.Although there are some research efforts in this area,edge-based security designs for IoT applications are still in its infancy.This paper aims to present a comprehensive survey of existing IoT security solutions at the edge layer as well as to inspire more edge-based IoT security designs.We first present an edge-centric IoT architecture.Then,we extensively review the edge-based IoT security research efforts in the context of security architecture designs,firewalls,intrusion detection systems,authentication and authorization protocols,and privacy-preserving mechanisms.Finally,we propose our insight into future research directions and open research issues.展开更多
We present a model based on Computational Temporal Logic (CTL) methods forverifying security requirements of electronic commerce, protocols. The model describes formally theauthentication, confidentiality integrity, n...We present a model based on Computational Temporal Logic (CTL) methods forverifying security requirements of electronic commerce, protocols. The model describes formally theauthentication, confidentiality integrity, non-repudiation) denial of serviee and access control ofthe e-lectronic commerce protocols. We illustrate as case study a variant of the Lu-Smolka protocolproposed by Lu-Smolka Moreover, we have discovered two attacks that allow a dishonest user topurchase a good debiting the amountto another user. And also, we compared our work with relativeresearch works and found lhat the formal way of this paper is more general to specify securityprotocols for E-Commerce.展开更多
Software Defined Networking(SDN)being an emerging network control model is widely recognized as a control and management platform.This model provides efficient techniques to control and manage the enterprise network.A...Software Defined Networking(SDN)being an emerging network control model is widely recognized as a control and management platform.This model provides efficient techniques to control and manage the enterprise network.Another emerging paradigm is edge computing in which data processing is performed at the edges of the network instead of a central controller.This data processing at the edge nodes reduces the latency and bandwidth requirements.In SDN,the controller is a single point of failure.Several security issues related to the traditional network can be solved by using SDN central management and control.Address Spoofing and Network Intrusion are the most common attacks.These attacks severely degrade performance and security.We propose an edge computing-based mechanism that automatically detects and mitigates those attacks.In this mechanism,an edge system gets the network topology from the controller and the Address Resolution Protocol(ARP)traffic is directed to it for further analysis.As such,the controller is saved from unnecessary processing related to addressing translation.We propose a graph computation based method to identify the location of an attacker or intruder by implementing a graph difference method.By using the correct location information,the exact attacker or intruder is blocked,while the legitimate users get access to the network resources.The proposed mechanism is evaluated in a Mininet simulator and a POX controller.The results show that it improves system performance in terms of attack mitigation time,attack detection time,and bandwidth requirements.展开更多
Secure Multi-party Computation has been a research focus in international cryptographic community in recent years. In this paper the authors investigate how some computational geometric problems could be solved in a c...Secure Multi-party Computation has been a research focus in international cryptographic community in recent years. In this paper the authors investigate how some computational geometric problems could be solved in a cooperative environment, where two parties need to solve a geometric problem based on their joint data, but neither wants to disclose its private data to the other party. These problems are the distance between two private points, the relation between a private point and a circle area, the relation between a private point and an ellipse area and the shortest distance between two point sets. The paper gives solutions to these specific geometric. problems, and in doing so a building block is developed, the protocol for the distance between two private points, that is also useful in the solutions to other geometric problems and combinatorial problems.展开更多
Internet of Medical Things (IoMT) is a breakthrough technologyin the transfer of medical data via a communication system. Wearable sensordevices collect patient data and transfer them through mobile internet, thatis, ...Internet of Medical Things (IoMT) is a breakthrough technologyin the transfer of medical data via a communication system. Wearable sensordevices collect patient data and transfer them through mobile internet, thatis, the IoMT. Recently, the shift in paradigm from manual data storage toelectronic health recording on fog, edge, and cloud computing has been noted.These advanced computing technologies have facilitated medical services withminimum cost and available conditions. However, the IoMT raises a highconcern on network security and patient data privacy in the health caresystem. The main issue is the transmission of health data with high security inthe fog computing model. In today’s market, the best solution is blockchaintechnology. This technology provides high-end security and authenticationin storing and transferring data. In this research, a blockchain-based fogcomputing model is proposed for the IoMT. The proposed technique embedsa block chain with the yet another consensus (YAC) protocol building securityinfrastructure into fog computing for storing and transferring IoMT data inthe network. YAC is a consensus protocol that authenticates the input datain the block chain. In this scenario, the patients and their family membersare allowed to access the data. The empirical outcome of the proposedtechnique indicates high reliability and security against dangerous threats.The major advantages of using the blockchain model are high transparency,good traceability, and high processing speed. The technique also exhibitshigh reliability and efficiency in accessing data with secure transmission. Theproposed technique achieves 95% reliability in transferring a large number offiles up to 10,000.展开更多
Recently, privacy concerns become an increasingly critical issue. Secure multi-party computation plays an important role in privacy-preserving. Secure multi-party computational geometry is a new field of secure multi-...Recently, privacy concerns become an increasingly critical issue. Secure multi-party computation plays an important role in privacy-preserving. Secure multi-party computational geometry is a new field of secure multi-party computation. In this paper, we devote to investigating the solutions to some secure geometric problems in a cooperative environment. The problem is collaboratively computing the Euclid-distance between two private vectors without disclosing the private input to each other. A general privacy-preserving Euclid-distance protocol is firstly presented as a building block and is proved to be secure and efficient in the comparison with the previous methods. And we proposed a new protocol for the application in Wireless Sensor Networks (WSNs), based on the novel Euclid-distance protocol and Density-Based Clustering Protocol (DBCP), so that the nodes from two sides can compute cooperatively to divide them into clusters without disclosing their location information to the opposite side.展开更多
基金supported in part by Major Science and Technology Demonstration Project of Jiangsu Provincial Key R&D Program under Grant No.BE2023025in part by the National Natural Science Foundation of China under Grant No.62302238+2 种基金in part by the Natural Science Foundation of Jiangsu Province under Grant No.BK20220388in part by the Natural Science Research Project of Colleges and Universities in Jiangsu Province under Grant No.22KJB520004in part by the China Postdoctoral Science Foundation under Grant No.2022M711689.
文摘This paper presents a comprehensive exploration into the integration of Internet of Things(IoT),big data analysis,cloud computing,and Artificial Intelligence(AI),which has led to an unprecedented era of connectivity.We delve into the emerging trend of machine learning on embedded devices,enabling tasks in resource-limited environ-ments.However,the widespread adoption of machine learning raises significant privacy concerns,necessitating the development of privacy-preserving techniques.One such technique,secure multi-party computation(MPC),allows collaborative computations without exposing private inputs.Despite its potential,complex protocols and communication interactions hinder performance,especially on resource-constrained devices.Efforts to enhance efficiency have been made,but scalability remains a challenge.Given the success of GPUs in deep learning,lever-aging embedded GPUs,such as those offered by NVIDIA,emerges as a promising solution.Therefore,we propose an Embedded GPU-based Secure Two-party Computation(EG-STC)framework for Artificial Intelligence(AI)systems.To the best of our knowledge,this work represents the first endeavor to fully implement machine learning model training based on secure two-party computing on the Embedded GPU platform.Our experimental results demonstrate the effectiveness of EG-STC.On an embedded GPU with a power draw of 5 W,our implementation achieved a secure two-party matrix multiplication throughput of 5881.5 kilo-operations per millisecond(kops/ms),with an energy efficiency ratio of 1176.3 kops/ms/W.Furthermore,leveraging our EG-STC framework,we achieved an overall time acceleration ratio of 5–6 times compared to solutions running on server-grade CPUs.Our solution also exhibited a reduced runtime,requiring only 60%to 70%of the runtime of previously best-known methods on the same platform.In summary,our research contributes to the advancement of secure and efficient machine learning implementations on resource-constrained embedded devices,paving the way for broader adoption of AI technologies in various applications.
基金supported by the National Natural Science Foundation of China under Grant No.(62202118.61962009)And in part by Natural Science Foundation of Shandong Province(ZR2021MF086)+1 种基金And in part by Top Technology Talent Project from Guizhou Education Department(Qian jiao ji[2022]073)And in part by Foundation of Guangxi Key Laboratory of Cryptography and Information Security(GCIS202118).
文摘With the development of cloud computing technology,more and more data owners upload their local data to the public cloud server for storage and calculation.While this can save customers’operating costs,it also poses privacy and security challenges.Such challenges can be solved using secure multi-party computation(SMPC),but this still exposes more security issues.In cloud computing using SMPC,clients need to process their data and submit the processed data to the cloud server,which then performs the calculation and returns the results to each client.Each client and server must be honest.If there is cooperation or dishonest behavior between clients,some clients may profit from it or even disclose the private data of other clients.This paper proposes the SMPC based on a Partially-Homomorphic Encryption(PHE)scheme in which an addition homomorphic encryption algorithm with a lower computational cost is used to ensure data comparability and Zero-Knowledge Proof(ZKP)is used to limit the client’s malicious behavior.In addition,the introduction of Oblivious Transfer(OT)technology also ensures that the semi-honest cloud server knows nothing about private data,so that the cloud server of this scheme can calculate the correct data in the case of malicious participant models and safely return the calculation results to each client.Finally,the security analysis shows that the scheme not only ensures the privacy of participants,but also ensures the fairness of the comparison protocol data.
文摘This paper studies how to take advantage of other's computing ability to sign a message with one's private key without disclosing the private key. A protocol to this problem is presented, and it is proven, by well known simulation paradigm, that this protocol is private.
基金Supported by the Young Scientists Program of CUEB(No.2014XJQ016,00791462722337)National Natural Science Foundation of China(No.61302087)+1 种基金Young Scientific Research Starting Foundation of CUEBImprove Scientific Research Foundation of Beijing Education
文摘Efficiency and scalability are still the bottleneck for secure multi-party computation geometry(SMCG).In this work a secure planar convex hull(SPCH) protocol for large-scaled point sets in semi-honest model has been proposed efficiendy to solve the above problems.Firstly,a novel privacy-preserving point-inclusion(PPPI) protocol is designed based on the classic homomorphic encryption and secure cross product protocol,and it is demonstrated that the complexity of PPPI protocol is independent of the vertex size of the input convex hull.And then on the basis of the novel PPPI protocol,an effective SPCH protocol is presented.Analysis shows that this SPCH protocol has a good performance for large-scaled point sets compared with previous solutions.Moreover,analysis finds that the complexity of our SPCH protocol relies on the size of the points on the outermost layer of the input point sets only.
基金sponsored by the National Natural Science Foundation of China(No.61373138)the Natural Science Key Fund for Colleges and Universities in Jiangsu Province(No.12KJA520002)+4 种基金the Key Research and Development Program of Jiangsu Province(Social Development Program)(No.BE2015702)the Postdoctoral Foundation(Nos.2015M570468 and2016T90485)the Sixth Talent Peaks Project of Jiangsu Province(No.DZXX-017)the Fund of Jiangsu High Technology Research Key Laboratory for Wireless Sensor Networks(WSNLBZY201516)the Science and Technology Innovation Fund for Postgraduate Education of Jiangsu Province(No.KYLX15 0853)
文摘Numerous privacy-preserving issues have emerged along with the fast development of the Internet of Things. In addressing privacy protection problems in Wireless Sensor Networks (WSN), secure multi-party computation is considered vital, where obtaining the Euclidian distance between two nodes with no disclosure of either side's secrets has become the focus of location-privacy-related applications. This paper proposes a novel Privacy-Preserving Scalar Product Protocol (PPSPP) for wireless sensor networks. Based on PPSPP, we then propose a Homomorphic-Encryption-based Euclidean Distance Protocol (HEEDP) without third parties. This protocol can achieve secure distance computation between two sensor nodes. Correctness proofs of PPSPP and HEEDP are provided, followed by security validation and analysis. Performance evaluations via comparisons among similar protocols demonstrate that HEEDP is superior; it is most efficient in terms of both communication and computation on a wide range of data types, especially in wireless sensor networks.
基金This research has been supported by the National Science Foundation(under grant#1723596)the National Security Agency(under grant#H98230-17-1-0355).
文摘Pervasive IoT applications enable us to perceive,analyze,control,and optimize the traditional physical systems.Recently,security breaches in many IoT applications have indicated that IoT applications may put the physical systems at risk.Severe resource constraints and insufficient security design are two major causes of many security problems in IoT applications.As an extension of the cloud,the emerging edge computing with rich resources provides us a new venue to design and deploy novel security solutions for IoT applications.Although there are some research efforts in this area,edge-based security designs for IoT applications are still in its infancy.This paper aims to present a comprehensive survey of existing IoT security solutions at the edge layer as well as to inspire more edge-based IoT security designs.We first present an edge-centric IoT architecture.Then,we extensively review the edge-based IoT security research efforts in the context of security architecture designs,firewalls,intrusion detection systems,authentication and authorization protocols,and privacy-preserving mechanisms.Finally,we propose our insight into future research directions and open research issues.
基金Supported by the Natural Science Foundation ofthe Department of Education of Guangdong Province (Z03001)
文摘We present a model based on Computational Temporal Logic (CTL) methods forverifying security requirements of electronic commerce, protocols. The model describes formally theauthentication, confidentiality integrity, non-repudiation) denial of serviee and access control ofthe e-lectronic commerce protocols. We illustrate as case study a variant of the Lu-Smolka protocolproposed by Lu-Smolka Moreover, we have discovered two attacks that allow a dishonest user topurchase a good debiting the amountto another user. And also, we compared our work with relativeresearch works and found lhat the formal way of this paper is more general to specify securityprotocols for E-Commerce.
文摘Software Defined Networking(SDN)being an emerging network control model is widely recognized as a control and management platform.This model provides efficient techniques to control and manage the enterprise network.Another emerging paradigm is edge computing in which data processing is performed at the edges of the network instead of a central controller.This data processing at the edge nodes reduces the latency and bandwidth requirements.In SDN,the controller is a single point of failure.Several security issues related to the traditional network can be solved by using SDN central management and control.Address Spoofing and Network Intrusion are the most common attacks.These attacks severely degrade performance and security.We propose an edge computing-based mechanism that automatically detects and mitigates those attacks.In this mechanism,an edge system gets the network topology from the controller and the Address Resolution Protocol(ARP)traffic is directed to it for further analysis.As such,the controller is saved from unnecessary processing related to addressing translation.We propose a graph computation based method to identify the location of an attacker or intruder by implementing a graph difference method.By using the correct location information,the exact attacker or intruder is blocked,while the legitimate users get access to the network resources.The proposed mechanism is evaluated in a Mininet simulator and a POX controller.The results show that it improves system performance in terms of attack mitigation time,attack detection time,and bandwidth requirements.
文摘Secure Multi-party Computation has been a research focus in international cryptographic community in recent years. In this paper the authors investigate how some computational geometric problems could be solved in a cooperative environment, where two parties need to solve a geometric problem based on their joint data, but neither wants to disclose its private data to the other party. These problems are the distance between two private points, the relation between a private point and a circle area, the relation between a private point and an ellipse area and the shortest distance between two point sets. The paper gives solutions to these specific geometric. problems, and in doing so a building block is developed, the protocol for the distance between two private points, that is also useful in the solutions to other geometric problems and combinatorial problems.
文摘Internet of Medical Things (IoMT) is a breakthrough technologyin the transfer of medical data via a communication system. Wearable sensordevices collect patient data and transfer them through mobile internet, thatis, the IoMT. Recently, the shift in paradigm from manual data storage toelectronic health recording on fog, edge, and cloud computing has been noted.These advanced computing technologies have facilitated medical services withminimum cost and available conditions. However, the IoMT raises a highconcern on network security and patient data privacy in the health caresystem. The main issue is the transmission of health data with high security inthe fog computing model. In today’s market, the best solution is blockchaintechnology. This technology provides high-end security and authenticationin storing and transferring data. In this research, a blockchain-based fogcomputing model is proposed for the IoMT. The proposed technique embedsa block chain with the yet another consensus (YAC) protocol building securityinfrastructure into fog computing for storing and transferring IoMT data inthe network. YAC is a consensus protocol that authenticates the input datain the block chain. In this scenario, the patients and their family membersare allowed to access the data. The empirical outcome of the proposedtechnique indicates high reliability and security against dangerous threats.The major advantages of using the blockchain model are high transparency,good traceability, and high processing speed. The technique also exhibitshigh reliability and efficiency in accessing data with secure transmission. Theproposed technique achieves 95% reliability in transferring a large number offiles up to 10,000.
基金Supported by the National Natural Science Foundation ofChina(No.61170065,61003039)Postdoctoral Foundation(2012M511753,1101011B)+1 种基金Science & Technology Innovation Fund for Higher Education Institutions of Jiangsu Province(CXLX12_0486)the Priority Academic Program Development of Jiangsu Higher Education Institutions(yx002001)
文摘Recently, privacy concerns become an increasingly critical issue. Secure multi-party computation plays an important role in privacy-preserving. Secure multi-party computational geometry is a new field of secure multi-party computation. In this paper, we devote to investigating the solutions to some secure geometric problems in a cooperative environment. The problem is collaboratively computing the Euclid-distance between two private vectors without disclosing the private input to each other. A general privacy-preserving Euclid-distance protocol is firstly presented as a building block and is proved to be secure and efficient in the comparison with the previous methods. And we proposed a new protocol for the application in Wireless Sensor Networks (WSNs), based on the novel Euclid-distance protocol and Density-Based Clustering Protocol (DBCP), so that the nodes from two sides can compute cooperatively to divide them into clusters without disclosing their location information to the opposite side.