nach oben

Peer-to-Peer Networking and Applications

Erschienen in:

01.11.2015

A full lifecycle privacy protection scheme for sensitive data in cloud computing

verfasst von: Jinbo Xiong, Fenghua Li, Jianfeng Ma, Ximeng Liu, Zhiqiang Yao, Patrick S. Chen

Erschienen in: Peer-to-Peer Networking and Applications | Ausgabe 6/2015

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

With the rapid development of versatile cloud services, it becomes increasingly susceptible to expose users’ sensitive data into the cloud computing environment. In this paper, we propose a full lifecycle privacy protection scheme for sensitive data (FullPP), which is based on identity-based timed-release encryption (ID-TRE) algorithm and distributed hash table (DHT) network. In the FullPP scheme, we first encrypt the sensitive data into a ciphertext, which is broken up into extracted ciphertext and encapsulated ciphertext by using an extracting algorithm. Then, we leverage the ID-TRE algorithm to encrypt the decryption key and combine the key’s ciphertext with the extracted ciphertext to generate ciphertext shares. Finally, we distribute the ciphertext shares into the DHT network and store the encapsulated ciphertext into cloud servers. To recover the plaintext of the sensitive data, sufficient ciphertext shares, ID-TRE private key and the encapsulated ciphertext should be obtained during the lifecycle of the sensitive data. As a result, FullPP is able to provide full lifecycle privacy protection for users’ sensitive data by making it unreadable before a predefined time and automatically destructed after expiration. Security analysis indicates that the FullPP scheme is able to resist against both traditional attacks on the cloud servers and Sybil attacks on the DHT network. Experiment result shows that the FullPP scheme proposed by us is more effective and efficient than other existing schemes.

Vorheriger Artikel Guest editorial: Security and privacy of P2P networks in emerging smart city

Nächster Artikel A lightweight identity authentication method by exploiting network covert channel

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Wang G, Yue F, Liu Q (2013) A secure self-destructing scheme for electronic data. J Comput Syst Sci 79(2):279–290MathSciNetCrossRef

Xiong J, Yao Z, Ma J, Li F, Liu X (2014) A secure self-destruction scheme with ibe for the internet content privacy. Chin J Comput 37(1):139–150

Gheorghe G, Lo Cigno R, Montresor A (2011) Security and privacy issues in p2p streaming systems: a survey. Peer-to-Peer Netw Appl 4(2):75–91CrossRef

Chan ACF, Blake IF (2005) Scalable, server-passive, user-anonymous timed release cryptography. In: Proceedings of the international conference on distributed computing systems. IEEE, pp 504–513

Rivest RL, Shamir A, Wagner DA (1996) Time-lock puzzles and timed-release crypto. Technical Report

Chalkias K, Hristu-Varsakelis D, Stephanides G (2007) Improved anonymous timed-release encryption. In: Proceedings of the 12th european symposium on research in computer security. Springer, pp 311–326

Cathalo J, Libert B, Quisquater J-J (2005) Efficient and non-interactive timed-release encryption. In: Proceedings of the information and communications security. Springer, pp 291–303

Dent AW, Tang Q (2007) Revisiting the security model for timed-release encryption with pre-open capability. In: Proceedings of the information security. Springer, pp 158–174

Kikuchi R, Fujioka A, Okamoto Y, Saito T (2012) Strong security notions for timed-release public-key encryption revisited. In: Proceedings of the information security and cryptology. Springer, pp 88–108

10.

Chow SSM, Yiu S-M (2008) Timed-release encryption revisited. In: Proceedings of the provable security. Springer, pp 38–51

11.

Hwang YH, Yum DH, Lee PJ (2005) Timed-release encryption with pre-open capability and its application to certified e-mail system. In: Information security. Springer, pp 344–358

12.

Liang K, Huang Q, Schlegel R, Wong DS, Tang C (2013) A conditional proxy broadcast re-encryption scheme supporting timed-release. In: Information security practice and experience. Springer, pp 132–146

13.

Boneh D, Franklin M (2003) Identity-based encryption from the weil pairing. SIAM J Comput 32(3):586–615MathSciNetCrossRefMATH

14.

Reardon J, Basin D, Capkun S (2013) Sok: secure data deletion. In: Proceedings of the 34th IEEE symposium on security and privacy. IEEE, pp 1–15

15.

Popper C, Basin D, Capkun S, Cremers C (2010) Keeping data secret under full compromise using porter devices. In: Proceedings of the 26th annual computer security applications conference. ACM, pp 241–250

16.

Boneh D, Lipton R (1996) A revocable backup system. In: Proceedings of the USENIX security symposium. USENIX, pp 91–96

17.

Diesburg SM, Andy Wang A-I (2010) A survey of confidential data storage and deletion methods. ACM Comput Surv (CSUR) 43(1):2CrossRef

18.

Reardon J, Capkun S, David A, Capkun S, Capkun S, David A, David A (2012) Data node encrypted file system: Efficient secure deletion for flash memory. In: Proceedings of the USENIX Security Symposium. USENIX, pp 1–16

19.

Cachin C, Haralambiev K, Hsiao H-C, Sorniotti A (2013) Policy-based secure deletion. In: Proceedings of the ACM conference computer and communications security. ACM, pp 152–167

20.

Reardon J, Ritzdorf H, Basin D, Capkun S (2013) Secure data deletion from persistent media. In: Proceedings of the 2013 ACM SIGSAC conference on computer and communications security. ACM, pp 271–284

21.

Li H, Lu R, Zhou L, Yang B, Shen X (2013) An efficient merkle-tree-based authentication scheme for smart grid. IEEE Syst J 1–9

22.

Li H, Liang X, Lu R, Lin X, Shen X (2012) Edr: an efficient demand response scheme for achieving forward secrecy in smart grid. In: Proceedings of the 2012 IEEE global communications conference (GLOBECOM). IEEE, pp 929–934

23.

Li H, Lin X, Yang H, Liang X, Lu R, Shen X (2013) Eppdr: an efficient privacy-preserving demand response scheme with adaptive key evolution in smart grid. IEEE Trans Parallel Distrib Syst 1–11

24.

Perlman R (2005) File system design with assured delete. In: Proceedings of the third IEEE international security in storage workshop. IEEE, pp 83–88

25.

Perlman R (2005) The ephemerizer: making data disappear. J Inf Syst Secur 1(1):21–32

26.

Tang Y, Lee PPC, Lui JCS, Perlman R (2012) Secure overlay cloud storage with access control and assured deletion. IEEE Trans Dependable Secure Comput 9(6):903–916CrossRef

27.

Geambasu R, Kohno T, Levy A, Levy HM (2009) Vanish: Increasing data privacy with self-destructing data. In: Proceedings of the 18th USENIX security symposium. USENIX, pp 299–315

28.

Zeng L, Chen S, Wei Q, Feng D (2013) Sedas: a self-destructing data system based on active storage framework. IEEE Trans Magn 49(6):2548–2554CrossRef

29.

Xiong J, Yao Z, Ma J, Liu X, Li Q (2013) A secure document self-destruction scheme: an abe approach. In: Proceedings of the 15th IEEE international conference on high performance computing and communications. IEEE, pp 59–64

30.

Xiong J, Yao Z, Ma J, Li F, Liu X, Li Q (2014) A secure self-destruction scheme for composite documents with attribute based encryption. Acta Electronica Sinica 42(2):366–376

31.

Liu X, Ma J, Xiong J, Liu G (2014) Ciphertext-policy hierarchical attribute-based encryption for fine-grained access control of encryption data. Int J Netw Secur 16(4):351–357

32.

Wang G, Liu Q, Wu J, Guo M (2011) Hierarchical attribute-based encryption and scalable user revocation for sharing data in cloud servers. Comput Secur 30(5):320–331CrossRef

33.

Falkner J, Piatek M, John JP, Krishnamurthy A, Anderson T (2007) Profiling a million user dht. In: Proceedings of the 7th ACM SIGCOMM conference on Internet measurement. ACM, 129–134

34.

Wolchok S, Hofmann OS, Heninger N, Felten EW, Halderman JA, Rossbach CJ, Waters B, Witchel E (2010) Defeating vanish with low-cost sybil attacks against large dhts. In: Proceedings of the 17th annual network and distributed system security conference, NDSS. ISOC, pp 1–15

35.

Shamir A (1979) How to share a secret. Commun ACM 22(11):612–613MathSciNetCrossRefMATH

36.

Zeng L, Shi Z, Xu S, Feng D (2010) Safevanish: an improved data self-destruction for protecting data privacy. In: Proceedings of the second international conference on cloud computing technology and science. IEEE, pp 521–528

Titel: A full lifecycle privacy protection scheme for sensitive data in cloud computing
verfasst von: Jinbo Xiong
Fenghua Li
Jianfeng Ma
Ximeng Liu
Zhiqiang Yao
Patrick S. Chen
Publikationsdatum: 01.11.2015
Verlag: Springer US
Erschienen in: Peer-to-Peer Networking and Applications / Ausgabe 6/2015
Print ISSN: 1936-6442
Elektronische ISSN: 1936-6450
DOI: https://doi.org/10.1007/s12083-014-0295-x

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 6/2015

An efficient privacy-preserving authentication scheme with adaptive key evolution in remote health monitoring system

PDAFT: A privacy-preserving data aggregation scheme with fault tolerance for smart grid communications

A lightweight identity authentication method by exploiting network covert channel

On storage partitioning of internet routing tables: A P2P-based enhancement for scalable routers

Relay selection for peer-to-peer cooperative OFDMA with channel distribution uncertainty

Securing distributed storage for Social Internet of Things using regenerating code and Blom key agreement