In order to solve principal-agent problems caused by interest inconformity and information asymmetry during information security outsourcing, it is necessary to design a reasonable incentive mechanism to promote clien...In order to solve principal-agent problems caused by interest inconformity and information asymmetry during information security outsourcing, it is necessary to design a reasonable incentive mechanism to promote client enterprises to complete outsourcing service actively. The incentive mechanism model of information security outsourcing is designed based on the principal-agent theory. Through analyzing the factors such as enterprise information assets value, invasion probability, information security environment, the agent cost coefficient and agency risk preference degree how to impact on the incentive mechanism, conclusions show that an enterprise information assets value and invasion probability have a positive influence on the fixed fee and the compensation coefficient; while information security environment, the agent cost coefficient and agency risk preference degree have a negative influence on the compensation coefficient. Therefore, the principal enterprises should reasonably design the fixed fee and the compensation coefficient to encourage information security outsourcing agency enterprises to the full extent.展开更多
Cloud computing is very useful for big data owner who doesn't want to manage IT infrastructure and big data technique details. However, it is hard for big data owner to trust multi-layer outsourced big data system...Cloud computing is very useful for big data owner who doesn't want to manage IT infrastructure and big data technique details. However, it is hard for big data owner to trust multi-layer outsourced big data system in cloud environment and to verify which outsourced service leads to the problem. Similarly, the cloud service provider cannot simply trust the data computation applications. At last,the verification data itself may also leak the sensitive information from the cloud service provider and data owner. We propose a new three-level definition of the verification, threat model, corresponding trusted policies based on different roles for outsourced big data system in cloud. We also provide two policy enforcement methods for building trusted data computation environment by measuring both the Map Reduce application and its behaviors based on trusted computing and aspect-oriented programming. To prevent sensitive information leakage from verification process,we provide a privacy-preserved verification method. Finally, we implement the TPTVer, a Trusted third Party based Trusted Verifier as a proof of concept system. Our evaluation and analysis show that TPTVer can provide trusted verification for multi-layered outsourced big data system in the cloud with low overhead.展开更多
Cloud computing provides the capability to con-nect resource-constrained clients with a centralized and shared pool of resources,such as computational power and storage on demand.Large matrix determinant computation i...Cloud computing provides the capability to con-nect resource-constrained clients with a centralized and shared pool of resources,such as computational power and storage on demand.Large matrix determinant computation is almost ubiquitous in computer science and requires large-scale data computation.Currently,techniques for securely outsourcing matrix determinant computations to untrusted servers are of utmost importance,and they have practical value as well as theoretical significance for the scientific community.In this study,we propose a secure outsourcing method for large matrix determinant computation.We em-ploy some transformations for privacy protection based on the original matrix,including permutation and mix-row/mix-column operations,before sending the target matrix to the cloud.The results returned from the cloud need to be de-clypled anul verified U ubtainl te cullett delinall.Il1 comparison with previously proposed algorithms,our new al-gorithm achieves a higher security level with greater cloud ef-ficiency.The experimental results demonstrate the efficiency and effectiveness of our algorithm.展开更多
In this paper,we propose a framework for lightning-fast privacy-preserving outsourced computation framework in the cloud,which we refer to as LightCom.Using LightCom,a user can securely achieve the outsource data stor...In this paper,we propose a framework for lightning-fast privacy-preserving outsourced computation framework in the cloud,which we refer to as LightCom.Using LightCom,a user can securely achieve the outsource data storage and fast,secure data processing in a single cloud server different from the existing multi-server outsourced computation model.Specifically,we first present a general secure computation framework for LightCom under the cloud server equipped with multiple Trusted Processing Units(TPUs),which face the side-channel attack.Under the LightCom,we design two specified fast processing toolkits,which allow the user to achieve the commonly-used secure integer computation and secure floating-point computation against the side-channel information leakage of TPUs,respectively.Furthermore,our LightCom can also guarantee access pattern protection during the data processing and achieve private user information retrieve after the computation.We prove that the proposed LightCom can successfully achieve the goal of single cloud outsourced data processing to avoid the extra computation server and trusted computation server,and demonstrate the utility and the efficiency of LightCom using simulations.展开更多
In this paper,we propose a framework for lightning-fast privacy-preserving outsourced computation framework in the cloud,which we refer to as LightCom.Using LightCom,a user can securely achieve the outsource data stor...In this paper,we propose a framework for lightning-fast privacy-preserving outsourced computation framework in the cloud,which we refer to as LightCom.Using LightCom,a user can securely achieve the outsource data storage and fast,secure data processing in a single cloud server different from the existing multi-server outsourced computation model.Specifically,we first present a general secure computation framework for LightCom under the cloud server equipped with multiple Trusted Processing Units(TPUs),which face the side-channel attack.Under the LightCom,we design two specified fast processing toolkits,which allow the user to achieve the commonly-used secure integer computation and secure floating-point computation against the side-channel information leakage of TPUs,respectively.Furthermore,our LightCom can also guarantee access pattern protection during the data processing and achieve private user information retrieve after the computation.We prove that the proposed LightCom can successfully achieve the goal of single cloud outsourced data processing to avoid the extra computation server and trusted computation server,and demonstrate the utility and the efficiency of LightCom using simulations.展开更多
基金The National Natural Science Foundation of China(No.71071033)the Youth Foundation of Humanity and Social Scienceof Ministry of Education of China(No.11YJC630234)
文摘In order to solve principal-agent problems caused by interest inconformity and information asymmetry during information security outsourcing, it is necessary to design a reasonable incentive mechanism to promote client enterprises to complete outsourcing service actively. The incentive mechanism model of information security outsourcing is designed based on the principal-agent theory. Through analyzing the factors such as enterprise information assets value, invasion probability, information security environment, the agent cost coefficient and agency risk preference degree how to impact on the incentive mechanism, conclusions show that an enterprise information assets value and invasion probability have a positive influence on the fixed fee and the compensation coefficient; while information security environment, the agent cost coefficient and agency risk preference degree have a negative influence on the compensation coefficient. Therefore, the principal enterprises should reasonably design the fixed fee and the compensation coefficient to encourage information security outsourcing agency enterprises to the full extent.
基金partially supported by grants from the China 863 High-tech Program (Grant No. 2015AA016002)the Specialized Research Fund for the Doctoral Program of Higher Education (Grant No. 20131103120001)+2 种基金the National Key Research and Development Program of China (Grant No. 2016YFB0800204)the National Science Foundation of China (No. 61502017)the Scientific Research Common Program of Beijing Municipal Commission of Education (KM201710005024)
文摘Cloud computing is very useful for big data owner who doesn't want to manage IT infrastructure and big data technique details. However, it is hard for big data owner to trust multi-layer outsourced big data system in cloud environment and to verify which outsourced service leads to the problem. Similarly, the cloud service provider cannot simply trust the data computation applications. At last,the verification data itself may also leak the sensitive information from the cloud service provider and data owner. We propose a new three-level definition of the verification, threat model, corresponding trusted policies based on different roles for outsourced big data system in cloud. We also provide two policy enforcement methods for building trusted data computation environment by measuring both the Map Reduce application and its behaviors based on trusted computing and aspect-oriented programming. To prevent sensitive information leakage from verification process,we provide a privacy-preserved verification method. Finally, we implement the TPTVer, a Trusted third Party based Trusted Verifier as a proof of concept system. Our evaluation and analysis show that TPTVer can provide trusted verification for multi-layered outsourced big data system in the cloud with low overhead.
基金supported by the National Natural Science Foundation of China(Grant No.61502269)National Key Research and Development Program of China(2017YFA0303903)Zhejiang Province Key R&D Project(2017C01062).
文摘Cloud computing provides the capability to con-nect resource-constrained clients with a centralized and shared pool of resources,such as computational power and storage on demand.Large matrix determinant computation is almost ubiquitous in computer science and requires large-scale data computation.Currently,techniques for securely outsourcing matrix determinant computations to untrusted servers are of utmost importance,and they have practical value as well as theoretical significance for the scientific community.In this study,we propose a secure outsourcing method for large matrix determinant computation.We em-ploy some transformations for privacy protection based on the original matrix,including permutation and mix-row/mix-column operations,before sending the target matrix to the cloud.The results returned from the cloud need to be de-clypled anul verified U ubtainl te cullett delinall.Il1 comparison with previously proposed algorithms,our new al-gorithm achieves a higher security level with greater cloud ef-ficiency.The experimental results demonstrate the efficiency and effectiveness of our algorithm.
基金This research is supported in part by the AXA Research Fund,National Natural Science Foundation of China under Grant Nos.61702105,No.61872091the Cloud Technology Endowed Professorship from the the 80/20 Foundation.
文摘In this paper,we propose a framework for lightning-fast privacy-preserving outsourced computation framework in the cloud,which we refer to as LightCom.Using LightCom,a user can securely achieve the outsource data storage and fast,secure data processing in a single cloud server different from the existing multi-server outsourced computation model.Specifically,we first present a general secure computation framework for LightCom under the cloud server equipped with multiple Trusted Processing Units(TPUs),which face the side-channel attack.Under the LightCom,we design two specified fast processing toolkits,which allow the user to achieve the commonly-used secure integer computation and secure floating-point computation against the side-channel information leakage of TPUs,respectively.Furthermore,our LightCom can also guarantee access pattern protection during the data processing and achieve private user information retrieve after the computation.We prove that the proposed LightCom can successfully achieve the goal of single cloud outsourced data processing to avoid the extra computation server and trusted computation server,and demonstrate the utility and the efficiency of LightCom using simulations.
基金supported in part by the AXA Research Fund,National Natural Science Foundation of China under Grant Nos.61702105,No.61872091the Cloud Technology Endowed Professorship from the the 80/20 Foundation.
文摘In this paper,we propose a framework for lightning-fast privacy-preserving outsourced computation framework in the cloud,which we refer to as LightCom.Using LightCom,a user can securely achieve the outsource data storage and fast,secure data processing in a single cloud server different from the existing multi-server outsourced computation model.Specifically,we first present a general secure computation framework for LightCom under the cloud server equipped with multiple Trusted Processing Units(TPUs),which face the side-channel attack.Under the LightCom,we design two specified fast processing toolkits,which allow the user to achieve the commonly-used secure integer computation and secure floating-point computation against the side-channel information leakage of TPUs,respectively.Furthermore,our LightCom can also guarantee access pattern protection during the data processing and achieve private user information retrieve after the computation.We prove that the proposed LightCom can successfully achieve the goal of single cloud outsourced data processing to avoid the extra computation server and trusted computation server,and demonstrate the utility and the efficiency of LightCom using simulations.