No Arabic abstract
With the support of cloud computing, large quantities of data collected from various WSN applications can be managed efficiently. However, maintaining data security and efficiency of data processing in cloud-WSN (C-WSN) are important and challenging issues. In this paper, we present an efficient data outsourcing scheme based on CP-ABE, which can not only guarantee secure data access, but also reduce overall data processing time. In our proposed scheme, a large file is divided into several data blocks by data owner (DO) firstly. Then, the data blocks are encrypted and transferred to the cloud server in parallel. For data receiver (DR), data decryption and data transmission is also processed in parallel. In addition, data integrity can be checked by DR without any master key components. The security analysis shows that the proposed scheme can meet the security requirement of C-WSN. By performance evaluation, it shows that our scheme can dramatically improve data processing efficiency compared to the traditional CP-ABE method.
Discrete exponential operation, such as modular exponentiation and scalar multiplication on elliptic curves, is a basic operation of many public-key cryptosystems. However, the exponential operations are considered prohibitively expensive for resource-constrained mobile devices. In this paper, we address the problem of secure outsourcing of exponentiation operations to one single untrusted server. Our proposed scheme (ExpSOS) only requires very limited number of modular multiplications at local mobile environment thus it can achieve impressive computational gain. ExpSOS also provides a secure verification scheme with probability approximately 1 to ensure that the mobile end-users can always receive valid results. The comprehensive analysis as well as the simulation results in real mobile device demonstrates that our proposed ExpSOS can significantly improve the existing schemes in efficiency, security and result verifiability. We apply ExpSOS to securely outsource several cryptographic protocols to show that ExpSOS is widely applicable to many cryptographic computations.
We show that the verifying equations in the scheme [Theoretical Computer Science, 562 (2015), 112-121] cannot filter out some malformed values returned by the malicious servers. We also remark that the two untrusted programs model adopted in the scheme is somewhat artificial, and discuss some reasonable scenarios for outsourcing computations.
Recently, Wang et al. [IEEE INFOCOM 2011, 820-828], and Nie et al. [IEEE AINA 2014, 591-596] have proposed two schemes for secure outsourcing of large-scale linear programming (LP). They did not consider the standard form: minimize c^{T}x, subject to Ax=b, x>0. Instead, they studied a peculiar form: minimize c^{T}x, subject to Ax = b, Bx>0, where B is a non-singular matrix. In this note, we stress that the proposed peculiar form is unsolvable and meaningless. The two schemes have confused the functional inequality constraints Bx>0 with the nonnegativity constraints x>0 in the linear programming model. But the condition x>0 is indispensable to the simplex method. Therefore, both two schemes failed.
Nowadays companies are increasingly adopting the technology ofcloud computing. This technology is subject to a lot of research and continuousadvances are made. The use of cloud computing in the companies advantagessuch as: reducing costs, sharing and exchange of information between institutions,but the data in the Cloud computing are susceptible to be compromisedand the companies are exposing to see their data loss. In this study, we addressthe subject of security in cloud computing; we expose and discuss someresearches that had been proposed to secure the data stored in the cloud. Andthen we will present our new frameworks that ensure confidentiality of datastorage in the cloud environment
The growing adoption of IoT devices in our daily life is engendering a data deluge, mostly private information that needs careful maintenance and secure storage system to ensure data integrity and protection. Also, the prodigious IoT ecosystem has provided users with opportunities to automate systems by interconnecting their devices and other services with rule-based programs. The cloud services that are used to store and process sensitive IoT data turn out to be vulnerable to outside threats. Hence, sensitive IoT data and rule-based programs need to be protected against cyberattacks. To address this important challenge, in this paper, we propose a framework to maintain confidentiality and integrity of IoT data and rule-based program execution. We design the framework to preserve data privacy utilizing Trusted Execution Environment (TEE) such as Intel SGX, and end-to-end data encryption mechanism. We evaluate the framework by executing rule-based programs in the SGX securely with both simulated and real IoT device data.