Your search keyword '"attribute-based encryption"' showing total 1,453 results

1. Efficient post-quantum attribute-based access control scheme for blockchain-empowered metaverse data management

Author

Pan, Yuxuan, Jin, Rui, Liu, Yu, and Zhang, Lin

Published

2025

2. A CP-ABE-based access control scheme with cryptographic reverse firewall for IoV

Author

Yang, Xiaodong, Luo, Xilai, Liao, Zefan, Wang, Wenjia, Du, Xiaoni, and Li, Shudong

Published

2025

3. Tiny keys hold big secrets: On efficiency of Pairing-Based Cryptography in IoT

Author

Perazzo, Pericle and Vallati, Carlo

Published

2025

4. Blacklisting access control via negated subset predicate encryption: Constant-size ciphertexts/keys constructions with adaptive security or attribute hiding

Author

Tseng, Yi-Fan

Published

2025

5. Verifiable searchable encryption scheme with flexible access control in the cloud

Author

Li, Yang, Xu, Chungen, Xu, Lei, Mei, Lin, and Zhu, Yanzhe

Published

2025

6. Private approximate nearest neighbor search for on-chain data based on locality-sensitive hashing

Author

Shang, Siyuan, Du, Xuehui, Wang, Xiaohan, and Liu, Aodi

Published

2025

7. A data sharing scheme based on blockchain for privacy protection certification of Internet of Vehicles

Author

Shang, Fengjun and Deng, Xinxin

Published

2025

8. Enhancing smart healthcare networks: Integrating attribute-based encryption for optimization and anti-corruption mechanisms

Author

Zeng, Yanzhao, Guan, Xin, Sun, Jingjing, Chen, Yanrui, Wang, Zeyu, and Nie, Peng

Published

2025

9. Levelled attribute-based encryption for hierarchical access control

Author

Le, Huy Quoc, Le, Phi Thuong, Trinh, Sy Tuan, Susilo, Willy, and Trinh, Viet Cuong

Published

2025

10. Efficient and accountable anti-leakage attribute-based encryption scheme for cloud storage

Author

Yan, Li, Wang, Gaozhou, Feng, Hongxin, Liu, Peishun, Gao, Haojie, Zhang, Wenbin, Hu, Hailin, and Pan, Fading

Published

2024

11. DS-GAC: A Data-Sharing Scheme Based on Group Attribute Characteristics.

Author

Li, Zhangbing, Xiao, Jiantian, Xiao, Mingyu, and Zhang, Shaobo

Abstract

Data sharing has dramatically promoted the efficient use of data resources. The target sharing of confidential data is increasingly becoming urgent for enterprises or organizations to solve business problems, such as data sharing between group users with the same attribute characteristics. The confidentiality and relative privacy of shared data, whether in plaintext or ciphertext, largely depend on the encryption keys used during the sharing process and the storage security of the sharing platform. In order to solve the problem of secure sharing, this paper proposes a data-sharing scheme based on group attribute characteristics. The sharer segments and encrypts the data and stores most of the data and encryption keys on the cloud platform, while a small part of the residual is stored on the edge server. The sharer specifies group users by defining user attribute values and implements access control of encryption keys and shared data through CP-ABE. In particular, the private servers of the organizations involved in data sharing act as the edge servers, which are responsible for the storage of residuals with the final authorization of data access, and try their best to ensure that the data are shared with the target users. The security analysis and data collection time overhead experiments show that the scheme further guarantees data sharing with specified target users, which is one more layer of guarantee than sharing in multi-cloud environment and cloud-encrypted sharing, and the time overhead has about a 15% improvement over sharing in a multi-cloud environment. [ABSTRACT FROM AUTHOR]

Published

2025

12. Location privacy protection scheme of user collaborative probabilistic indistinguishability based on Hyperledger Fabric: Location privacy protection scheme of user collaborative...: Z. Lei et al.

Author

Zhang, Lei, Bai, Yongbo, Lin, Shiyi, Lian, Shuaishuai, Geng, Yijia, and Liu, Zhili

Abstract

With the widespread application of location-based services (LBS), the issue of location privacy protection has garnered increasing attention. To address the challenge of balancing service quality and privacy protection in existing LBS privacy protection algorithms, this paper proposes a location privacy protection scheme based on Hyperledger Fabric. By leveraging user collaboration probability indistinguishability, the scheme ensures service quality while significantly enhancing privacy protection capabilities. Specifically, the proposed scheme utilizes the multi-channel feature of Hyperledger Fabric to design a multi-channel privacy protection algorithm, effectively addressing the issues of single points of failure and data misuse in centralized architectures. By integrating distributed K-anonymity techniques with blockchain technology, a novel user collaboration probability indistinguishability algorithm is introduced, which effectively resists homogeneity attacks and background knowledge attacks. Theoretical analysis and simulation experiments validate the effectiveness of the proposed scheme. Experimental results demonstrate that the scheme achieves efficient protection of user location privacy while maintaining service quality and exhibits strong resistance to various attacks. [ABSTRACT FROM AUTHOR]

Published

2025

13. A novel location and time privacy-preserving approach for mobile cloud based on blockchain.

Author

Merdassi, Imen, Ghazel, Cherif, and Saidane, Leila

Abstract

Location-based services (LBSs) rely on geographic information to offer location-based functionality to users, providing comfort to people’s lives but also being accompanied by privacy leaks. Many of the central verification methods proposed in recent years are not satisfactory, as they pose a significant risk to the user’s privacy. Blockchain technology provides a decentralized, distributed and manipulative solution, providing innovation in data sharing and management, as the technology is employed to enhance data privacy protection through various mechanisms, such as hashing and encryption secure transactions and protect user identities. In this paper, we propose a blockchain-based approach to secure location and time data privacy. We present a novel access control system that leverages location-based policies and multi-authority attributes. This approach allows users to remain anonymous while granting access based on their dynamic location and time. By combining multiple private chains, users’ transaction records can be distributed, which can provide users with stronger on-site privacy protection without affecting service quality. Comparative simulation analysis with state-of-the-art methods using benchmark performance metrics shows that our proposed approach provides improved security, efficiency, and transparency. We use the real or random (ROR) model to verify the security of session keys and mutual authentication of the proposed approach. Finally, theoretical security analysis and informal and formal security verifications show that our approach is secure against multiple attacks. We use the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool to simulate the resistance of the proposed approach to security attacks. Our evaluation is based on the use of the JPBC (Java Pairing-Based Cryptography) library. Furthermore, validation and performance discussion show that decrypting our approach is preferable. [ABSTRACT FROM AUTHOR]

Published

2025

14. OSL-ABE: an optimal secure and lightweight attribute-based encryption method for blockchain-enabled IoT-based healthcare systems.

Author

Vinnarasi, A. Preethi and Dayana, R.

Subjects

*DATA encryption, *CYBERTERRORISM, *TRADE secrets, *DATA security, *INTERNET of things, *ACCESS control

Abstract

A secure IoT system can provide end-to-end encryption, secure communication protocols, mechanisms for access control, and intrusion detection and prevention systems to protect against various cyber threats. This paper presents a novel method to guarantee the secured and privateness of information in healthcare system that is Internet of Things based. This proposed method, called optimal secure and lightweight attribute-based encryption (OSL-ABE), is designed to provide an efficient and effective solution for secure data storage in the blockchain. By leveraging ABE, this method enables fine-grained access control over data, ensuring that only authorized users with specific attributes can access the data. Current ABE systems, including those used in IoT applications, often neglect privacy protection, during the key generation phase which is a significant threat to confidentiality of industrial secrets. Therefore, an optimal key generation method is proposed using modified sandpiper optimization (MSO) algorithm to ensure privacy preservation. In addition, it is incorporated with an enhanced gravitational search (EGS) algorithm in this proposed method to facilitate secure key revocations. It uses a single short broadcast message, which helps to maintain the IoT systems with confidentiality and integrity. Based on the simulation results, NPCR and UACI results exhibit 99.76% and 34%, respectively, and the entropy value is also obtained with a safe value of 8 which can withstand brute force attacks; it is found that the OSL-ABE method provides a comprehensive and effective solution for ensuring data security, preserving privacy, and facilitating secure key revocations in blockchain-enabled IoT-based healthcare systems. [ABSTRACT FROM AUTHOR]

Published

2025

15. An Efficient and Secure Information Dissemination Framework for Vehicular Ad Hoc Networks with Edge Intelligence.

Author

YING HE, YUAN LI, GUANG ZHOU, and ZHONG MING

Subjects

INFORMATION dissemination, DATA privacy, ACCESS control, VEHICULAR ad hoc networks, ACADEMIA, ALGORITHMS

Abstract

Vehicular ad hoc networks (VANETs) have attracted great interest from both academia and industry. Information dissemination among vehicles is an important application in VANETs with edge intelligence. Defining "appropriate vehicle" and protecting vehicle privacy in information dissemination is challenging. In this paper, we present an efficient and secure information dissemination framework built on a new ciphertext-policy attribute-based encryption (CP-ABE) scheme. The distinct features of this novel framework are as follows. First, the number of pairing operations used by the decryption algorithm in our framework is independent of the number of input attributes. Therefore, our framework can greatly reduce the computational burden. Second, the group used in our paper is generated based on a novel curve, which can bring higher security to VANETs. Third, we use a short-signature technology to reduce the computation overhead of the key generation process in the vehicle rental scenario. Performance evaluation shows the effectiveness of the proposed framework. [ABSTRACT FROM AUTHOR]

Published

2025

16. A secure and cloud-based patient management system using attribute-based encryption algorithm.

Author

Kalarani, Senthilkumar, Shobana, Mahalingam, Shankari, Edamakanti Uma, Praveena, Bolly Joshi, Shanthi, Subramaniam, Ramadevi, Rathinasabapathy, and Sandiri, Rajendar

Subjects

DATA privacy, MEDICAL coding, MEDICAL personnel, SECURITY systems, DATA integrity, ACCESS control

Abstract

Using attribute-based encryption (ABE), cloud-based patient management systems may be made more secure and efficient. The goal is to provide a scalable encryption infrastructure with dynamic attribute handling and context-aware access control for safe data access. Encryption procedures should directly comply with regulatory criteria to secure healthcare data and ensure data privacy and integrity. Secure attribute issuance and revocation are achieved using advanced key management and real-time auditing and monitoring to identify and react to unauthorized access. To help healthcare providers handle data, user-centric security measures including extensive training and adaptive security procedures are used. The encryption system is implemented and maintained using cost-effective cloud and open-source methodologies to ensure seamless integration and operational effectiveness in healthcare contexts. First, secure patient management system dataset results reveal ABE algorithm encryption. The encrypted values are 8F5D6A..., 7C4A3B..., 6E3B2C..., 9D8A7B..., 5E4D3C.... in the second instance, derived from role-based access control of ABE. The patients are 25-60 years old, have medical codes 101-105, 201-205, and 301-305. For roles from different fields, attribute code is 401-406, level code is 501-505. [ABSTRACT FROM AUTHOR]

Published

2025

17. A comprehensive and efficient CP-ABE scheme with full policy hiding and pre-decryption verification in peer-to-peer cyber-physical systems.

Author

Zhao, Xingwen, Wang, Xuan, Guan, Haimei, Cai, Jiayin, Li, Hui, and Li, Qingwen

Abstract

Cyber-Physical Systems (CPS) are systems that deeply integrate physical entities with digital infrastructure. In CPS, the central processor and sensors collaborate through demand response to achieve real-time data processing. However, this demand response mechanism that does not require authorization to access may lead to the leakage of sensitive information, while wasting the local overhead of the entity and failing to meet the application requirements of peer-to-peer CPS. To address these issues, we propose a fully policy-hidden CP-ABE scheme based on Linear Secret Sharing Scheme (LSSS) access structure. The scheme uses the LSSS matrix to provide fine-grained access policies, but does not expose the mapping function ρ . Instead, the information represented by ρ is converted into a blinded policy set to achieve full policy hiding, effectively preventing user privacy leakage. In order to avoid wasting user computing resources and improve decryption efficiency, the scheme provides permission verification before decryption. The cloud server can use private set intersection (PSI) technology to achieve attribute matching without knowing the policy, while helping users obtain the required decryption information and achieve decryption operations with minimal permissions and overhead. Security and performance analysis results demonstrate that our scheme satisfies the security requirements for data sharing in CPS while exhibiting good scalability. [ABSTRACT FROM AUTHOR]

Published

2025

18. A semantic model based on ensemble learning and attribute-based encryption to increase security of smart buildings in fog computing.

Author

Rezapour, Ronita, Asghari, Parvaneh, Haj Seyyed Javadi, Hamid, and Ghanbari, Shamsollah

Subjects

*DATA security, *INTELLIGENT buildings, *INFORMATION sharing, *CLOUD computing, *BURGLARY protection, *PUBLIC key cryptography

Abstract

Fog computing is a revolutionary technology that, by expanding the cloud computing paradigm to the network edge, brings a significant achievement in the resource-constrained IoT applications in intelligent environments. However, security matters still challenge the extensive deployment of fog computing infrastructure. Ciphertext policy attribute-based encryption prepares a solution for data sharing and security preservation issues in fog-enhanced intelligent environments. Nevertheless, the lack of an effective mechanism to moderate the execution time of CP-ABE schemes due to the diversity of attributes used in secret key and access structure, as well as ensuring data security, practically restricts the deployment of such schemes. In this regard, a collaborative semantic model, including an outsourced CP-ABE scheme with the attribute revocation ability, together with an impressive AES algorithm relying on an ensemble learning system, was proposed in this study. The ensemble learning model uses multiple classifiers, including the GMDH, SVM, and KNN, to specify attributes corresponding to CP-ABE. The Dragonfly algorithm with a semantic leveling method generates outstanding and practical feature subsets. The experimental results on five smart building datasets indicate that the recommended model performs more accurately than existing methods. Also, the encryption, decryption, and attribute revocation execution time are significantly modified with the average time of 1.95, 2.11, and 14.64 ms, respectively, compared to existing works and conducted the scheme's security. [ABSTRACT FROM AUTHOR]

Published

2024

19. Securing cloud access with enhanced attribute-based cryptography.

Author

Kumar, Ashutosh and Verma, Garima

Subjects

*DATA privacy, *TECHNOLOGICAL innovations, *CLOUD computing, *CRYPTOGRAPHY, *GLOBALIZATION

Abstract

With technological advancements and increasing globalization, cloud computing has emerged as one of the most favoured environments for managing and maintaining data, information, and services worldwide. However, this widespread use of cloud computing necessitates addressing various security challenges and implementing adequate provisions for ensuring data confidentiality and privacy. This paper proposes a modified model to address the above challenges. An improved access control system utilizing attribute-based encryption (ABE) has been proposed for secure cloud access. In this system, the message is broadcasted by the owner, and only precise users possessing definite attributes and constraints are authorized to access shared data. The encryption is carried out on the basis of attributes of the users, and each user's secret share is generated based on their given identity information. The distributed hash table (DHT) is used to distribute ciphertext share and decryption key. The authorized users can receive the disseminated ciphertext only by utilizing their secret shares and the required attributes. The proposed model has been experimentally evaluated and compared with existing state-of-the-art systems, demonstrating its effectiveness and superiority. Additionally, the model incorporates extra features such as a time limit for data availability, biometrics-based identity verification, and resistance to various attacks. [ABSTRACT FROM AUTHOR]

Published

2024

20. Designing quantum-secure attribute-based encryption.

Author

Rao, Y. Sreenivasa, Srivastava, Vikas, Mohanty, Tapaswini, and Debnath, Sumit Kumar

Subjects

*CONCRETE construction, *QUANTUM cryptography, *CRYPTOGRAPHY, *ALGORITHMS, *HARDNESS

Abstract

In the last couple of decades, Attribute-Based Encryption (ABE) has been a promising encryption technique to realize fine-grained access control over encrypted data. ABE has appealing functionalities such as (i) access control through encryption and (ii) encrypting a message to a group of recipients without knowing their actual identities. However, the existing state-of-the-art ABEs are based on number-theoretic hardness assumptions. These designs are not secure against attacks by quantum algorithms such as Shor algorithm. Moreover, existing Post-Quantum Cryptography (PQC)-based ABEs fail to provide long-term security. Therefore, there is a need for quantum secure ABE that can withstand quantum attacks and provides long-term security. In this work, for the first time, we introduce the notion of a quantum-secure ABE (qABE) framework that preserves the classical ABE's functionalities and resists quantum attacks. Next, we provide a generic construction of qABE which is able to transform any existing ABE into qABE scheme. Thereafter, we illustrate a concrete construction of a quantum ABE based on our generic transformation qABE and the Waters' ciphertext-policy ABE scheme. [ABSTRACT FROM AUTHOR]

Published

2024

21. Secure Power Data Sharing with Fine-grained Control: A Multi-strategy Access Tree Approach.

Author

Zhuo Yun JIANG, Jia Wei ZHANG, Hao Jie YANG, and Peng GENG

Subjects

ADVANCED Encryption Standard, INFORMATION sharing, ALGORITHMS, TREES

Abstract

The current data sharing schemes mainly employ Attribute-Based Encryption (ABE) technique to achieve one-to-many access control for power data. However, these schemes suffer from issues such as low encryption efficiency and vulnerability to user attribute tampering. To address these problems, a power data sharing scheme based on multi-strategy access trees is proposed. By combining ABE with symmetric encryption algorithms, specifically employing the Advanced Encryption Standard (AES) in conjunction with Ciphertext-Policy ABE (CP-ABE), a hybrid encryption mechanism is adopted. Building upon an encryption algorithm rooted in multi-strategy access trees, data visitors are categorized into security levels according to roles and regions. Then, a time-constrained attribute encryption scheme is proposed for designated personnel, thereby achieving confidentiality and fine-grained access control for power data. Analysis results indicate that the proposed scheme enables secure sharing of power data and is highly suitable for resource-limited power terminal devices. [ABSTRACT FROM AUTHOR]

Published

2024

22. Blockchain-enabled data governance for privacy-preserved sharing of confidential data.

Author

Zhang, Jingchi and Datta, Anwitaman

Subjects

CLOUD storage security measures, ADVANCED Encryption Standard, DATA encryption, ACCESS control, BLOCKCHAINS

Abstract

In traditional cloud storage systems, users benefit from the convenience of data accessibility but face significant risks related to security. Ciphertext-policy attribute-based encryption (CP-ABE) schemes are employed to achieve fine-grained access control in cloud services to ensure confidentiality while maintaining data-sharing capabilities. However, existing approaches are impaired by two critical issues: illegal authorization and privacy leakage. Despite extensive discussions in the literature on interoperability, performance, scalability, and stability, the security of ABE-based cloud storage and data-sharing systems against adversaries—particularly those involving adaptively corrupt attribute authorities gaining unauthorized access to users' data—has not been sufficiently explored. Notably, few existing works even address security in the presence of adversaries, raising concerns about the practicality of these systems in real-world scenarios where malicious behavior is a genuine threat. Another pressing issue is privacy leakage, where sensitive user information, such as medical histories in healthcare use cases, embedded within the access policies, may be exposed to all users. This problem is exacerbated in ABE schemes that integrate blockchain technology for enhanced decentralization and interoperability, as using a public ledger shared across multiple users can further compromise privacy. To address these, we propose an enhanced blockchain-based data governance system that employs blockchain technology and attribute-based encryption to prevent illegal authorization and privacy leakage. Our novel ABE encryption system supports multi-authority use cases while hiding access policy and ensuring identity privacy, which also protects data sharing against corrupt authorities. Utilizing the Advanced Encryption Standard (AES) for data encryption, our system is optimized for real-world efficiency. Notably, the encrypted data is stored in a decentralized storage system, like the InterPlanetary File System (IPFS), which does not rely on any centralized service provider and can, therefore, be leveraged to achieve resilience against single-point failures. With the integration of smart contracts and multi-authority attribute-based encryption, coupled with blockchain's inherent transparency and traceability, our system realizes a balanced solution for fine-grained access control with preserved privacy, further fortifying against credential misuse. Besides the system design, we also present security proofs to demonstrate the robustness of the proposed system. [ABSTRACT FROM AUTHOR]

Published

2024

23. Lattice‐Based CP‐ABE for Optimal Broadcast Encryption With Polynomial‐Depth Circuits.

Author

Ma, Shaohua, Zhao, Zongqu, Wang, Naifeng, Zha, Chunming, and Tian, Jiwei

Subjects

BROADCAST channels, COLLUSION, CRYPTOGRAPHY, BROADCASTING industry

Abstract

Most current broadcast encryption with optimal parameters is limited to Nick's class 1 (NC1) circuits and does not support polynomial‐depth circuits (P‐depth circuits), making it difficult to provide flexible access control in broadcast channels among vast user groups. To address this problem, we propose a ciphertext‐policy attribute–based encryption (CP‐ABE) that supports P‐depth circuits on lattices, achieving fully collusion resistance with randomization via the matrix tensors, thereby, making it impossible for unauthorized users to get any details about the plaintext even though they join forces and reducing the security to the evasive learning with errors (evasive LWE). By using matrix tensor–based randomization and evasive LWE, we achieve a new optimal broadcast encryption scheme based on lattice specifically designed to support P‐depth circuits. Since the matrices we choose as tensors have a low‐norm block diagonal structure, the use of evasive LWE is sufficient to ensure security for our scheme. Compared with similar studies, it not only avoids being involved with low‐norm matrices that restrict the system to NC1 circuits, but also eliminates the need for an additional assumption of the unproven tensor LWE. In addition, the use of matrix tensors further expands the dimensionality, which in turn enables the encryption of bit strings rather than a single bit, significantly reducing ciphertext expansion. Meanwhile, the CP‐ABE that we use to achieve the broadcast encryption scheme has a more compact ciphertext with a parameter size of O(m2 · d). [ABSTRACT FROM AUTHOR]

Published

2024

24. Integrating Fuzzy Graph Theory into Cryptography: A Survey of Techniques and Security Applications.

Author

Singh, Rashmi, Khalid, Saifullah, Nishad, D. K., and Ruchira

Subjects

*TECHNOLOGICAL innovations, *WIRELESS sensor networks, *ACCESS control, *IMAGE encryption, *WIRELESS sensor network security, *FUZZY logic, *FUZZY graphs

Abstract

Since the advent of networked systems, fuzzy graph theory has surfaced as a fertile paradigm for handling uncertainties and ambiguities. Among the different modes of handling challenges created by the uncertainties and ambiguities of current networked systems, integrating fuzzy graph theory with cryptography has emerged as the most promising approach. In this regard, this review paper elaborates on potentially studying fuzzy graph-based cryptographic techniques, application perspectives, and future research directions. Since the expressive power of fuzzy graphs allows the cryptographic schemes to handle imprecise information and to enhance security in many domains, several domains have benefited, such as image encryption, key management, and attribute-based encryption. The paper analyzes in depth the research landscape, mainly by focusing on the varied techniques used, such as fuzzy logic for key generation and fuzzy attribute representation for access control policies. A comparison with performance metrics unveils the trade-offs and advantages of different fuzzy graph-based approaches in efficiency, security strength, and computational overhead. Additionally, the survey explores the security applications of fuzzy graph-based cryptography and underpins potential development for secure communication in wireless sensor networks, privacy-preserving data mining, fine-grained access control in cloud computing, and blockchain security. Some challenges and research directions, such as the standardization of fuzzy logic operators, algorithmic optimization, integration with emerging technologies, and exploitation of post-quantum cryptography applications, are also brought out. This review will thus bring insight into this interdisciplinary domain and stimulate further research for the design of more robust, adaptive, and secure cryptographic systems in the wake of rising complexities and uncertainties. [ABSTRACT FROM AUTHOR]

Published

2024

25. Data-Sharing System with Attribute-Based Encryption in Blockchain and Privacy Computing †.

Author

Wu, Hao, Liu, Yu, Zhu, Konglin, and Zhang, Lin

Subjects

*DATA privacy, *DATABASES, *COMPUTER systems, *BOOLEAN searching, *DISCLOSURE, *ACCESS control, *BLOCKCHAINS

Abstract

With the development of the data-sharing system in recent years, financial management systems and their privacy have sparked great interest. Existing financial data-sharing systems store metadata, which include a hash value and database index on the blockchain, and store high-capacity actual data in the center database. However, current data-sharing systems largely depend on centralized systems, which are susceptible to distributed denial-of-service (DDoS) attacks and present a centralized attack vector. Furthermore, storing data in a local center database has a high risk of information disclosure and tampering. In this paper, we propose the ChainMaker Privacy Computing (CPC) system, a new decentralized data-sharing system for secure financial data, to solve this problem. It provides a series of financial data information and a data structure rather than actual data on the blockchain to protect the privacy of data. We utilize a smart contract to establish a trusted platform for the local database to obtain encrypted data. We design a resource catalog to provide a trusted environment of data usage in the privacy computing system that is visible for members on the blockchain. Based on cipher-policy attribute-based encryption (CP-ABE), We design a CPC-CP-ABE algorithm to enable fine-grained access control through attribute based encryption. Finally, We propose an efficient scheme that allows authenticated data-sharing systems to perform Boolean searches on encrypted data information. The results of experiment show that the CPC system can finish trusted data sharing to all organizations on the blockchain. [ABSTRACT FROM AUTHOR]

Published

2024

26. Fully outsourced and fully verifiable attribute-based encryption for cloud data sharing.

Author

Zhao, Xiaolong and Huang, Zhenjie

Subjects

*DATA encryption, *ACCESS control, *INFORMATION sharing, *COST

Abstract

Verifiable outsourced attribute-based encryption (VO-ABE) enables one-to-many data sharing and fine-grained access control under lower trust, making it suitable for cloud or edge systems involving resource-constrained devices. There is no fully outsourced and fully verifiable attribute-based encryption scheme or key-policy VO-ABE scheme. Moreover, the previous VO-ABE schemes require multiple rounds of interaction or high verification costs to support verifiable outsourced key generation and verifiable outsourced encryption. To address these issues, in this paper, we propose an effective key-policy fully outsourced and fully verifiable attribute-based encryption scheme supporting verifiable outsourced key generation, encryption, and decryption simultaneously. We formally define two new properties: outsourced key generation verifiability and outsourced encryption verifiability. Analysis and simulation show that the proposed scheme performs well and is practical. All local computational overheads of the proposed scheme are constant and do not increase with the number of attributes or the complexity of access structures. [ABSTRACT FROM AUTHOR]

Published

2024

27. Cryptanalysis of RL-ABE: A Revocable Lattice Attribute Based Encryption Scheme Based on R-LWE Problem in Cloud Storage.

Author

ER-SHUO ZHUANG, CHUN-I FAN, and CHIA-YU LIN

Subjects

CLOUD storage, CRYPTOGRAPHY

Abstract

Recently, Zhao et al. proposed a revocable lattice-based ciphertext-policy attributebased encryption scheme and claimed that it could resist quantum attacks and support finegrained access control. However, there is a security flaw in their scheme. Any user may change an access policy and decrypt the ciphertext corresponding to a chosen access policy. This paper presents how the attack works. [ABSTRACT FROM AUTHOR]

Published

2024

28. Two-Stage Client Selection Scheme for Blockchain-Enabled Federated Learning in IoT.

Author

Jin, Xiaojun, Ma, Chao, Luo, Song, Zeng, Pengyi, and Wei, Yifei

Subjects

FEDERATED learning, OPTIMIZATION algorithms, INTERNET of things, DATA quality, ALGORITHMS

Abstract

Federated learning enables data owners in the Internet of Things (IoT) to collaborate in training models without sharing private data, creating new business opportunities for building a data market. However, in practical operation, there are still some problems with federated learning applications. Blockchain has the characteristics of decentralization, distribution, and security. The blockchain-enabled federated learning further improve the security and performance of model training, while also expanding the application scope of federated learning. Blockchain has natural financial attributes that help establish a federated learning data market. However, the data of federated learning tasks may be distributed across a large number of resource-constrained IoT devices, which have different computing, communication, and storage resources, and the data quality of each device may also vary. Therefore, how to effectively select the clients with the data required for federated learning task is a research hotspot. In this paper, a two-stage client selection scheme for blockchain-enabled federated learning is proposed, which first selects clients that satisfy federated learning task through attribute-based encryption, protecting the attribute privacy of clients. Then blockchain nodes select some clients for local model aggregation by proximal policy optimization algorithm. Experiments show that the model performance of our two-stage client selection scheme is higher than that of other client selection algorithms when some clients are offline and the data quality is poor. [ABSTRACT FROM AUTHOR]

Published

2024

29. BPPKS: A blockchain-based privacy preserving and keyword-searchable scheme for medical data sharing.

Author

Yang, Xiaohui and Li, Liangshun

Subjects

INFORMATION technology, INFORMATION retrieval, ACCESS control, INFORMATION sharing, MEDICAL technology, BLOCKCHAINS

Abstract

With the rapid development of medical information technology, the widespread adoption and application of electronic medical data have prompted more and more healthcare institutions to choose to store medical data in cloud servers to facilitate easier sharing. Attribute-based encryption is utilized for sharing electronic medical data to achieve fine-grained access control. However, storing access policies in plaintext can easily expose user privacy. Additionally, during the data sharing process, placing data retrieval in the cloud prevents secure and reliable searches. To address these issues, this paper proposes a blockchain-based privacy preserving and keyword-searchable scheme for medical data sharing(BPPKS). Access policies are transformed into vector-matrix form, concealing attributes within access policies to prevent the leakage of authorized user privacy information. Leveraging blockchain's transparency, tamper-resistance, and integrity verification features, smart contracts are used for retrieval and verification, enabling secure and reliable data searches while ensuring the integrity of medical data. Simultaneously, some complex decryption operations are delegated to the cloud servers, reducing the decryption load for users to a constant level. Finally, security analysis demonstrates that this scheme can withstand adaptive chosen keyword attacks (IND-CKA), and performance evaluations show higher efficiency in computation and storage aspects. [ABSTRACT FROM AUTHOR]

Published

2024

30. The blockchain‐based privacy‐preserving searchable attribute‐based encryption scheme for federated learning model in IoMT.

Author

Zhou, Ziyu, Wang, Na, Liu, Jianwei, Fu, Junsong, and Deng, Lunzhi

Subjects

FEDERATED learning, DATA privacy, MEDICAL personnel, PROFESSIONS, DISCLOSURE

Abstract

Federated learning enables training healthcare diagnostic models across multiple decentralized devices containing local private health data samples, without transferring data to a central server, providing privacy‐preserving services for healthcare professionals. However, for a model of a specific field, some medical data from non‐target participants may be included in model training, compromising model accuracy. Moreover, diagnostic queries for healthcare models stored in cloud servers may result in the leakage of the privacy of healthcare participants and the parameters of models. Furthermore, the records of model searching and usage could be tracked causing privacy disclosure risk. To address these issues, we propose a blockchain‐based privacy‐preserving searchable attribute‐based encryption scheme for the diagnostic model federated learning in the Internet of Medical Things (BSAEM‐FL). We first adopt fine‐grained model trainer participation policies for federated learning, using the attribute‐based encryption (ABE) mechanism, to realize model accuracy and local data privacy. Then, We employ searchable encryption technology for model training and usage to protect the security of models stored in the cloud server. Blockchain is utilized to implement distributed healthcare models' keyword‐based search and model users' attribute‐based authentication. Lastly, we transfer most of the computational overhead of user terminals in model searching and decryption to edge nodes, achieving lightweight computation of IoMT terminals. The security analysis proves the security of the proposed healthcare scheme. The performance evaluation indicates our scheme is of better feasibility, efficiency, and decentralization. [ABSTRACT FROM AUTHOR]

Published

2024

31. 支持数据敏感度分级的属性访问控制方案.

Author

张绮文, 袁凌云, and 王孜冉

Abstract

Copyright of Cyber Security & Data Governance is the property of Editorial Office of Information Technology & Network Security and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published

2024

32. Multi-keyword attribute-based searchable encryption scheme supporting re-encryption for cloud storage

Author

ZHANG Kejun, WANG Wenbin, XU Shaofei, YU Xinying, WANG Jun, LI Pengcheng, and QIAN Rong

Subjects

searchable encryption, attribute-based encryption, read/write node, proxy re-encryption, access control, Telecommunication, TK5101-6720

Abstract

To address fine-grained access control, secure sharing, and encrypted key updates in a one-to-many model, a multi-keyword attribute-based searchable encryption scheme with proxy re-encryption for cloud storage was proposed. The access tree was enhanced with node information for fine-grained control over ciphertext read and write permissions. The keyword encryption process was optimized for trapdoor indistinguishability and restricted user search capabilities. Re-encryption updated ciphertext and keys, preventing malicious access by revoked users. A blockchain-based verification algorithm was designed to detect tampering of third-party data. The DBDH and DDH hard problems proved the scheme’s keyword ciphertext security and trapdoor security. Experiments show the proposed scheme secures data and keys during key generation, trapdoor, and index generation, and correctness verification. It also demonstrates higher efficiency in time overhead, ensuring privacy and key safety while maintaining high efficiency.

Published

2024

33. Secure and efficient communications with fine-grained access control in underwater wireless sensor networks

Author

Donghyun Yu, Sinwoong Yun, and Jemin Lee

Subjects

Underwater wireless sensor network, Underwater security, Access control, Attribute-based encryption, Information technology, T58.5-58.64

Abstract

As UWSN have received attention, a need for an efficient and secure communication protocol has arisen to overcome the low device performance, node failure, and high propagation latency. However, existing works are either specialized for one-to-one communication or cannot satisfy low latency constraints. Therefore, this work proposes a secure communication protocol with fine-grained access control for UWSN that support secure and efficient one-to-many communication and considers potential internal attackers for high security level. Specifically, we adopt lightweight ABE to achieve fine-grained access control at low cost, and introduce outsourced decryption to further alleviate the computational load of underwater sensors.

Published

2024

34. Privacy protection of communication networks using fully homomorphic encryption based on network slicing and attributes

Author

Wei Wang, Rong Liu, and Silin Cheng

Subjects

Communication network, Network slicing, Attribute-based encryption, Fully homomorphic encryption, Privacy protection, Medicine, Science

Abstract

Abstract At present, social networks have become an indispensable medium in people's daily life and work. However, concerns about personal privacy leakage and identity information theft have also emerged. Therefore, a communication network system based on network slicing is constructed to strengthen the protection of communication network privacy. The chameleon hash algorithm is used to optimize attribute-based encryption and enhance the privacy protection of communication networks. On the basis of optimizing the combination of attribute encryption and homomorphic encryption,, a communication network privacy protection method using homomorphic encryption for network slicing and attribute is designed. The results show that the designed network energy consumption is low, the average energy consumption calculation is reduced by 8.69%, and the average energy consumption calculation is reduced by 14.3%. During data transmission, the throughput of the designed network can reach about 700 Mbps at each stage, which has a high efficiency.. The above results demonstrate that the designed communication network provides effective privacy protection. Encrypted data can be decrypted and tracked in the event of any security incident. This is to protect user privacy and provide strong technical support for communication network security.

Published

2024

35. Application of Attribute-Based Encryption in Military Internet of Things Environment.

Author

Pióro, Łukasz, Sychowiec, Jakub, Kanciak, Krzysztof, and Zieliński, Zbigniew

Subjects

*ELLIPTIC curve cryptography, *INTERNET of things, *ELECTRONIC data processing, *MILITARY intelligence, *DATA management, *CRYPTOGRAPHY

Abstract

The Military Internet of Things (MIoT) has emerged as a new research area in military intelligence. The MIoT frequently has to constitute a federation-capable IoT environment when the military needs to interact with other institutions and organizations or carry out joint missions as part of a coalition such as in NATO. One of the main challenges of deploying the MIoT in such an environment is to acquire, analyze, and merge vast amounts of data from many different IoT devices and disseminate them in a secure, reliable, and context-dependent manner. This challenge is one of the main challenges in a federated environment and forms the basis for establishing trusting relationships and secure communication between IoT devices belonging to different partners. In this work, we focus on the problem of fulfillment of the data-centric security paradigm, i.e., ensuring the secure management of data along the path from its origin to the recipients and implementing fine-grained access control mechanisms. This problem can be solved using innovative solutions such as applying attribute-based encryption (ABE). In this work, we present a comprehensive solution for secure data dissemination in a federated MIoT environment, enabling the use of distributed registry technology (Hyperledger Fabric), a message broker (Apache Kafka), and data processing microservices implemented using the Kafka Streams API library. We designed and implemented ABE cryptography data access control methods using a combination of pairings-based elliptic curve cryptography and lightweight cryptography and confirmed their suitability for the federations of military networks. Experimental studies indicate that the proposed cryptographic scheme is viable for the number of attributes typically assumed to be used in battlefield networks, offering a good trade-off between security and performance for modern cryptographic applications. [ABSTRACT FROM AUTHOR]

Published

2024

36. Privacy protection of communication networks using fully homomorphic encryption based on network slicing and attributes.

Author

Wang, Wei, Liu, Rong, and Cheng, Silin

Subjects

TELECOMMUNICATION systems, PRIVACY, 5G networks, IDENTITY theft, COMPUTER network security, ENERGY consumption, DATA privacy, DATA encryption

Abstract

At present, social networks have become an indispensable medium in people's daily life and work. However, concerns about personal privacy leakage and identity information theft have also emerged. Therefore, a communication network system based on network slicing is constructed to strengthen the protection of communication network privacy. The chameleon hash algorithm is used to optimize attribute-based encryption and enhance the privacy protection of communication networks. On the basis of optimizing the combination of attribute encryption and homomorphic encryption,, a communication network privacy protection method using homomorphic encryption for network slicing and attribute is designed. The results show that the designed network energy consumption is low, the average energy consumption calculation is reduced by 8.69%, and the average energy consumption calculation is reduced by 14.3%. During data transmission, the throughput of the designed network can reach about 700 Mbps at each stage, which has a high efficiency.. The above results demonstrate that the designed communication network provides effective privacy protection. Encrypted data can be decrypted and tracked in the event of any security incident. This is to protect user privacy and provide strong technical support for communication network security. [ABSTRACT FROM AUTHOR]

Published

2024

37. EMR sharing system with lightweight searchable encryption and rights management.

Author

Luo, Haotian, Mei, Niansong, and Du, Chong

Subjects

*LOGIC circuits, *INFORMATION retrieval, *ACCESS control, *ELECTRONIC health records, *DATA warehousing

Abstract

The blockchain-based Electronic Medical Record (EMR) data storage system encounters challenges which are data leakage, insufficient access control, and low retrieval efficiency. In response to these issues, this paper proposes a lightweight searchable encryption and access control system for sharing EMR data securely. The lightweight searchable encryption scheme which is achieved by integrating the trapdoor verification phase with the keyword retrieval phase is constructed using BGG13 + and MP12. User access control is implemented through a Boolean circuit to replace arithmetic operations and thus improve arithmetic efficiency. Since logic operations can reduce the computation time, this paper uses Boolean circuits for user rights verification implementation. In addition, this paper adopts the Bloom filter as the system index to enhance the efficiency of block-chain data retrieval. According to the simulation results, there is a performance advantage of this system over similar systems. [ABSTRACT FROM AUTHOR]

Published

2024

38. A Blockchain Copyright Protection Scheme Based on CP-ABE Scheme with Policy Update.

Author

Jiang, Jian, Gao, Yulong, Gong, Yufei, and Jiang, Zhengtao

Subjects

*COPYRIGHT, *BLOCKCHAINS, *QUANTUM computing, *DATA security, *DATA management, *DATA integrity

Abstract

Although the copyright protection schemes supported by blockchain have significantly changed traditional copyright data management, there are still some data security challenges that cannot be ignored, especially the secure access and controllable management of copyright data. Quantum computing attacks also pose a threat to its security. Targeting these issues, we design and propose a blockchain copyright protection scheme based on attribute-based encryption (ABE). In this scheme, the security advantages of blockchain technology are utilized to ensure the authenticity and integrity of copyright data. Based on lattice cryptography and the decision ring learning with errors (R-LWE) problem, a new ABE algorithm that supports searchable ciphertext and policy updates is designed. Then, we introduce it into the blockchain copyright protection scheme, which enables secure access to copyright data and fine-grained control. In addition, the lattice cryptography can strengthen this scheme against quantum attacks. Through security analysis, our scheme can prove to be secure against adaptive chosen keyword attacks, selective chosen plaintext attacks, and adaptive chosen policy attacks in the random oracle model. More importantly, the comparison analysis and experimental results show that our proposed approach has lower computation costs and storage costs. Therefore, our scheme has better security and performance in copyright protection. [ABSTRACT FROM AUTHOR]

Published

2024

39. Multi-authority Attribute Based Keyword Search Over Encrypted Cloud Data.

Author

Bandu, Madar, Keerthipriya, P., Kethana, L. Sai, Sai Kiran, M. Uday, and satwik, N. Meghan

Subjects

*KEYWORD searching, *ACCESS control, *DATA security, *CLOUD storage

Abstract

To ensure both data security and usability in cloud environments simultaneously, Searchable Encryption (SE) emerges as a crucial technique. Through the utilization of Ciphertext-Policy Attribute-Based Encryption (CP-ABE), the Ciphertext-Policy AttributeBased Keyword Search (CP-ABKS) scheme accomplishes keyword-based retrieval and fine-grained access control concurrently. However, existing CP-ABKS schemes with a single attribute authority entail costly user certificate verification and secret key distribution, leading to a performance bottleneck in distributed cloud systems. Thus, this study introduces a secure Multi-authority CPABKS (MABKS) system to overcome these challenges and alleviate the computation and storage burden on resource-limited devices within cloud systems. Furthermore, the MABKS system extends its functionality to support malicious attribute authority tracing and attribute updates. [ABSTRACT FROM AUTHOR]

Published

2024

40. Blockchain-Enabled Secure Data Sharing with Honey Encryption and DSNN-Based Key Generation.

Author

Siyal, Reshma, Long, Jun, Asim, Muhammad, Ahmad, Naveed, Fathi, Hanaa, and Alshinwan, Mohammad

Subjects

*INFORMATION sharing, *ACCESS control, *HONEY, *DATA protection, *DATA security, *DATA encryption

Abstract

Ensuring data confidentiality is a critical requirement for modern security systems globally. Despite the implementation of various access-control policies to enhance system security, significant threats persist due to insecure and inadequate access management. To address this, Multi-Party Authorization (MPA) systems employ multiple authorities for authorization and authentication, utilizing blockchain technology to store and access data securely, ensuring immutable and trusted audit trails. In this work, we propose a hybrid key-generation approach called the Identity and Attribute-Based Honey Encryption (IABHE) Algorithm combined with Deep Spiking Neural Network (DSNN) denoted by IABHE+DSNN for secure data sharing in a multi-party blockchain-based system. This approach incorporates various entities and multiple security functionalities to ensure data security. The data-sharing process involves several steps: initialization, authentication, initial registration, data protection, validation, and data sharing. Data protection is executed within the MapReduce framework, with data encryption performed using IABHE and key generation managed by DSNN. Experimental results demonstrate that the proposed IABHE+DSNN approach achieves a decryption time of 10.786 s, an encryption time of 15.765 s, and a key complexity of 0.887, outperforming existing methods. [ABSTRACT FROM AUTHOR]

Published

2024

41. 一种支持追责和可验证外包解密的属性基加密方案.

Author

李彦锋, 张桂鹏, 林禄滨, 杨振国, and 刘文印

Subjects

CONTRACTING out, COST

Abstract

Copyright of Journal of Guangdong University of Technology is the property of Journal of Guangdong University of Technology and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published

2024

42. Attribute-Based Data and Privilege Hybrid Access Control Scheme in Cloud Computing.

Author

LIU Qin, LI Pengju, and YU Chunwu

Subjects

CLOUD computing, ACCESS control, ACADEMIA

Abstract

The emergence of cloud computing has made it possible to access applications and data from anywhere. Due to its flexibility, efficiency, and resource sharing capabilities, cloud computing has been rapidly applied to various industries and fields. Fine-grained data access control, privacy protection, and privilege control in cloud computing have become hot research issues in both academia and industry. To address these issues, this paper proposes a data and privilege hybrid access control scheme based on SM9 attribute encryption. In scenarios that require encryption of a large amount of hierarchical data, this scheme is more flexible and efficient than traditional attribute-based encryption schemes, the anonymity of it can reduce the leakage of user ' s privacy, and hierarchical privilege control makes it possible to manage the operation privilege of cloud data more finely. The security analysis and simulation experiments show that, the proposed scheme is secure under decisional bilinear Diffie-Hellman assumption, and it is efficient in encryption and decryption. [ABSTRACT FROM AUTHOR]

Published

2024

43. Blockchain-enabled data governance for privacy-preserved sharing of confidential data

Author

Jingchi Zhang and Anwitaman Datta

Subjects

Attribute-based encryption, Blockchain, Data sharing, Multi-authority, Privacy, Electronic computers. Computer science, QA75.5-76.95

Abstract

In traditional cloud storage systems, users benefit from the convenience of data accessibility but face significant risks related to security. Ciphertext-policy attribute-based encryption (CP-ABE) schemes are employed to achieve fine-grained access control in cloud services to ensure confidentiality while maintaining data-sharing capabilities. However, existing approaches are impaired by two critical issues: illegal authorization and privacy leakage. Despite extensive discussions in the literature on interoperability, performance, scalability, and stability, the security of ABE-based cloud storage and data-sharing systems against adversaries—particularly those involving adaptively corrupt attribute authorities gaining unauthorized access to users’ data—has not been sufficiently explored. Notably, few existing works even address security in the presence of adversaries, raising concerns about the practicality of these systems in real-world scenarios where malicious behavior is a genuine threat. Another pressing issue is privacy leakage, where sensitive user information, such as medical histories in healthcare use cases, embedded within the access policies, may be exposed to all users. This problem is exacerbated in ABE schemes that integrate blockchain technology for enhanced decentralization and interoperability, as using a public ledger shared across multiple users can further compromise privacy. To address these, we propose an enhanced blockchain-based data governance system that employs blockchain technology and attribute-based encryption to prevent illegal authorization and privacy leakage. Our novel ABE encryption system supports multi-authority use cases while hiding access policy and ensuring identity privacy, which also protects data sharing against corrupt authorities. Utilizing the Advanced Encryption Standard (AES) for data encryption, our system is optimized for real-world efficiency. Notably, the encrypted data is stored in a decentralized storage system, like the InterPlanetary File System (IPFS), which does not rely on any centralized service provider and can, therefore, be leveraged to achieve resilience against single-point failures. With the integration of smart contracts and multi-authority attribute-based encryption, coupled with blockchain’s inherent transparency and traceability, our system realizes a balanced solution for fine-grained access control with preserved privacy, further fortifying against credential misuse. Besides the system design, we also present security proofs to demonstrate the robustness of the proposed system.

Published

2024

44. Revocable policy-based chameleon hash using lattices

Author

Klamti Jean Belo and Hasan Mohammed Anwarul

Subjects

lattice-based cryptography, hash function, chameleon hash function, attribute-based encryption, 94a60, Mathematics, QA1-939

Abstract

A chameleon hash function is a type of hash function that involves a trapdoor to help find collisions, i.e., it allows the rewriting of a message without modifying the hash. For some applications, it is important to have the feature of revoking the rewriting privilege of the trapdoor holder. In this paper, using lattice-based hard problems that are considered quantum-safe, we first introduce a lattice-based chameleon hash with an ephemeral trapdoor (CHET)\left({\mathsf{CHET}}) and then a revocable attribute-based encryption (RABE{\mathsf{RABE}}) scheme that is adaptively indistinguishable. We also give security analyses of our schemes and compare our RABE{\mathsf{RABE}} scheme to two relevant schemes proposed recently. Furthermore, we combine our CHET{\mathsf{CHET}} and RABE{\mathsf{RABE}} to design a new revocable policy-based chameleon hash.

Published

2024

45. Secure approach to sharing digitized medical data in a cloud environment

Author

Kukatlapalli Pradeep Kumar, Boppuru Rudra Prathap, Michael Moses Thiruthuvanathan, Hari Murthy, and Vinay Jha Pillai

Subjects

Electronic medical records, Cloud computing, Data privacy, Attribute-based encryption, Authentication, Electronic computers. Computer science, QA75.5-76.95

Abstract

Without proper security mechanisms, medical records stored electronically can be accessed more easily than physical files. Patient health information is scattered throughout the hospital environment, including laboratories, pharmacies, and daily medical status reports. The electronic format of medical reports ensures that all information is available in a single place. However, it is difficult to store and manage large amounts of data. Dedicated servers and a data center are needed to store and manage patient data. However, self-managed data centers are expensive for hospitals. Storing data in a cloud is a cheaper alternative. The advantage of storing data in a cloud is that it can be retrieved anywhere and anytime using any device connected to the Internet. Therefore, doctors can easily access the medical history of a patient and diagnose diseases according to the context. It also helps prescribe the correct medicine to a patient in an appropriate way. The systematic storage of medical records could help reduce medical errors in hospitals. The challenge is to store medical records on a third-party cloud server while addressing privacy and security concerns. These servers are often semi-trusted. Thus, sensitive medical information must be protected. Open access to records and modifications performed on the information in those records may even cause patient fatalities. Patient-centric health-record security is a major concern. End-to-end file encryption before outsourcing data to a third-party cloud server ensures security. This paper presents a method that is a combination of the advanced encryption standard and the elliptical curve Diffie-Hellman method designed to increase the efficiency of medical record security for users. Comparisons of existing and proposed techniques are presented at the end of the article, with a focus on the analyzing the security approaches between the elliptic curve and secret-sharing methods. This study aims to provide a high level of security for patient health records.

Published

2024

46. BGNBA-OCO based privacy preserving attribute based access control with data duplication for secure storage in cloud.

Author

Pavithra, M., Prakash, M., and Vennila, V.

Subjects

CLOUD storage, ACCESS control, DATA encryption, DATA warehousing, CLOUD computing, INFORMATION sharing

Abstract

Cloud computing technology offers flexible and expedient services that carry a variety of profits for both societies as well as individuals. De-duplication techniques were developed to minimize redundant data in the cloud storage. But, one of the main challenges of cloud storage is data deduplication with secure data storage.To overcome the issue, we propose Boneh Goh Nissim Bilinear Attribute-based Optimal Cache Oblivious (BGNBA-OCO) access control and secure de-duplication for data storage in cloud computing in this paper. The proposed method achieves fne-grained access control with low computation consumption. We design Boneh Goh Nissim Privacy Preserving Revocable Attribute-based Encryption that reinforces attribute revocation and averts the discharge of sensitive information. Furthermore, we utilize Optimal Cache Oblivious algorithm to prevent disclosure of access patterns to hide the access patterns in cloud storage via rand pattern matching. We support updating both encrypted data and access control policies to minimize communication and computation overhead of data duplication and encryption processes concurrently. We perform secure data sharing to achieve higher data confidentiality and integrity. Finally, we conducted the extensive experiments in cloud and the results illustrated that our proposed BGNBA-OCO method is more efficient than related works. [ABSTRACT FROM AUTHOR]

Published

2024

47. Novel lightweight and fine-grained fast access control using RNS properties in fog computing.

Author

Alizadeh, Mohammad Ali, Jafarali Jassbi, Somayyeh, Khademzadeh, Ahmad, and Haghparast, Majid

Subjects

*CHINESE remainder theorem, *ACCESS control, *PUBLIC key cryptography, *PRIME factors (Mathematics), *NURSES, *RSA algorithm, *NUMBER systems

Abstract

Fog computing provides a suitable development for real-time processing in the Internet of Things (IoT). Attribute-based encryption (ABE) is the main method to control data access in fog computing. A residue number system (RNS) can speed up multiplication and exponential operations by converting very large integers to small integers. This paper proposes a fine-grained lightweight access control scheme using ABE modified with RNS properties (RNS-ABE) with fog computing. Decryption is implemented with the Chinese remainder theorem (CRT), and a new access structure based on the CRT secret sharing scheme is also introduced. Security of the proposed scheme proved based on RNS properties and the complicated problem of factoring a very large integer into its large prime factors, like RSA encryption. The time cost comparison shows that the total encryption and decryption time of our scheme is more efficient than the lightweight schemes with the underlying operation of bilinear pairing. [ABSTRACT FROM AUTHOR]

Published

2024

48. A Privacy-Preserving Friend Matching Scheme Based on Attribute Encryption in Mobile Social Networks.

Author

Yu, Li, Nan, Xingxing, and Niu, Shufen

Subjects

SOCIAL networks, SOCIAL media, ACCESS control, SMART devices, PROBLEM solving, CONTRACTING out

Abstract

In mobile social networks, users can easily communicate with others through smart devices. Therefore, the protection of user privacy in social networks is becoming a significant subject. To solve this problem, this paper proposes a fine-grained data access control scheme that uses attributes to match friends. In our scheme, the friend-making parties generate friend preference and self-description lists, respectively, realizing attribute hiding by converting friendship preference into ciphertext access control policies and self-description into attribute keys. The social platform matches user profiles to quickly eliminate unmatched users and avoids invalid decryption. In order to reduce the computational burden and communication cost of mobile devices, we adopt an algorithm mechanism for outsourcing decryption. When the user meets the matching conditions, the algorithm outsources the bilinear pair operation with large computation to the friend server. After that, the user finally decrypts the ciphertext. Security analysis shows that our scheme is safe and effective. In addition, performance evaluation shows that the proposed scheme is efficient and practical. [ABSTRACT FROM AUTHOR]

Published

2024

49. Secure approach to sharing digitized medical data in a cloud environment.

Author

Kumar, Kukatlapalli Pradeep, Prathap, Boppuru Rudra, Thiruthuvanathan, Michael Moses, Murthy, Hari, and Pillai, Vinay Jha

Subjects

ELECTRONIC health records, CLOUD computing, DATA privacy, COMPUTER access control, MEDICAL records

Abstract

Without proper security mechanisms, medical records stored electronically can be accessed more easily than physical files. Patient health information is scattered throughout the hospital environment, including laboratories, pharmacies, and daily medical status reports. The electronic format of medical reports ensures that all information is available in a single place. However, it is difficult to store and manage large amounts of data. Dedicated servers and a data center are needed to store and manage patient data. However, self-managed data centers are expensive for hospitals. Storing data in a cloud is a cheaper alternative. The advantage of storing data in a cloud is that it can be retrieved anywhere and anytime using any device connected to the Internet. Therefore, doctors can easily access the medical history of a patient and diagnose diseases according to the context. It also helps prescribe the correct medicine to a patient in an appropriate way. The systematic storage of medical records could help reduce medical errors in hospitals. The challenge is to store medical records on a third-party cloud server while addressing privacy and security concerns. These servers are often semi-trusted. Thus, sensitive medical information must be protected. Open access to records and modifications performed on the information in those records may even cause patient fatalities. Patient-centric health-record security is a major concern. End-to-end file encryption before outsourcing data to a third-party cloud server ensures security. This paper presents a method that is a combination of the advanced encryption standard and the elliptical curve Diffie-Hellman method designed to increase the efficiency of medical record security for users. Comparisons of existing and proposed techniques are presented at the end of the article, with a focus on the analyzing the security approaches between the elliptic curve and secret-sharing methods. This study aims to provide a high level of security for patient health records. [ABSTRACT FROM AUTHOR]

Published

2024

50. Predicate encryption with selective-opening security for receivers: formal definition, generic construction, and concrete instantiations for several primitives.

Author

Tseng, Yi-Fan, Liu, Zi-Yuan, and Tso, Raylin

Subjects

DATA privacy, INFORMATION sharing, CONCRETE, CLOUD computing, DEFINITIONS

Abstract

With the rise of cloud computing, multi-user scenarios have become a common setting for data sharing nowadays. The conservative security notion might not be sufficient for such a data sharing model. As a response to this challenge, there has been significant research targeting security against receiver selective-opening (RSO) attacks. However, we found that none of these studies discuss RSO security specifically for predicate encryption (PE)—an encryption mechanism naturally designed for multi-user data sharing. This manuscript first formalizes the RSO security for PE. We then present a generic PE construction that achieves RSO security based on the simulation-based definition. Our work also features several instantiations for various predicate families, including attribute-based encryption for the monotone span program, which is known as one of the most expressive PE. [ABSTRACT FROM AUTHOR]

Published

2024