HL Hu,D Chen,CQ Huang

DOI: https://doi.org/10.1007/11428862_31

2005-01-01

Abstract:The open and anonymous of grid make the task of controlling access to sharing information more difficult, which cannot be addressed by traditional access control methods. In this paper, we identify access control requirements in such environments and propose a trust based access control framework for grid resource sharing. The framework is an integrated solution involving aspects of trust and recommendation models, based the discretionary access control (DAC), and are applied to grid resource-sharing systems. In this paper, we integrate technology of web services into idea of trust for describing resources.

Zhi-Yu Peng,Shan-Ping Li

DOI: https://doi.org/10.1109/icmlc.2008.4620616

2008-01-01

Abstract:As pervasive computing leading to an increased collection of information in the computational world as well as the real world, privacy leaking becomes a serious issue. Although privacy protection has drawn great attention in recent years, the privacy-preserving trust management has not been brought forward. Credential chain discovery problem is the key issue in trust management, and traditionally credentials are full open in the whole system. This could expose users' access control policies as well as other private information, and leads to a great risk of being cheated by malicious users. This paper advocates a privacy-preserving credential chain discovery mechanism, in which credentials are no longer available to everyone. By merely learning credentials of one's logic neighbors, this mechanism still achieves good results. The simulations show that this mechanism is practical.

Guangyu Chen,Jian Liu,Ming Xian

DOI: https://doi.org/10.1088/1742-6596/1314/1/012190

2019-01-01

Journal of Physics Conference Series

Abstract:With the increase of data volume, the service of data publication and subscription is an efficient method to share massive data. It is impossible to capture and manage data with traditional database tools. Therefore, the cloud platform becomes the most suitable platform for data publication and subscription due to its huge storage, strong computing power and good economical utility. In the process of data publishing and subscription, cloud server as a third party is semi-honest, which will bring serious privacy problems. In this paper, a secure data publishing and subscription scheme based on cloud platform is proposed, which can protect the privacy of data and subscriber interest, and achieve efficient and accurate data publishing and subscription. It can realize that only data subscribers who meet the requirements of access rights can obtain and decrypt the data, and the matching of data subscriber interest and data label can be realized at the same time. In addition, this scheme also supports user cancellation, it can cancel dishonest users in the system.

Yingjie Xia,Guanghua Song,Yao Zheng,Jun Ni,Mingzhe Zhu

DOI: https://doi.org/10.1109/ICICSE.2008.7

2008-01-01

Abstract:This paper introduces a small world overlay Peer- to-peer (P2P) transfer system with role based and reputation based access control policies, through which we are able to solve several serious problems existed in traditional P2P systems, like resource piracy, user privacy and network jam. The role based access control policy is implemented by the certificate based cryptography, e.g. X509. The reputation based access control policy consists of artificial scoring and automatic scoring components, corresponding to the quality and quantity evaluation of the transfer resources respectively. This system, upon the two policies and the adaptive small world overlay P2P topology, can restrict the peer's role and select a more credible peer to upload and download without any loss of performance, for the reason of the dramatic topology. Indeed it provides a secure, controllable and efficient resource transfer community.

Yongluan Zhou,Lidan Shou,Xuan Shang,Ke Chen

DOI: https://doi.org/10.1145/2675743.2771837

2015-01-01

Abstract:With the vision of the emergence of streaming data marketplaces, we study the problem of how to use a scalable dissemination infrastructure, composed by a number of brokers, to disseminate anonymized streaming data to a large number of clients. To satisfy the clients, who are trusted at different anonymity levels and have their own urgencies in requiring the data, we propose to deeply integrate the anonymization process into the dissemination infrastructure. More specifically, we extend the existing anonymization algorithms to derive the anonymity data from other anonymity data with different privacy constraints rather than only from the original microdata, in a technique which we call version derivation. With this flexibility, the anonymous data can be generated as needed, according to the available bandwidth, on the way from the data source to the end clients. Exploiting such new opportunities, we formulate the problem of dissemination planning which aims at minimizing the information loss of the disseminated data. Furthermore, we design two dissemination plan optimization strategies to solve the problem. The experimental study using both synthetic and real datasets verifies the effectiveness of our approach.

ZD Li,XJ Ye

DOI: https://doi.org/10.1145/1121995.1122001

2006-01-01

Abstract:Dissemination control ( DCON ) is a security policy of controlling digital resource access before and after distribution. It is an extension of traditional access control within client-side domain, digital rights management by payment-free applications, and originator control on recipients' re-dissemination rights allowance. Different application domains may adopt dynamically different resource dissemination policies, but current DCON models cannot solve the multi-policy coexistence and compatibility problems. A dynamic multi-policy dissemination control model ( DMDCON ) is proposed to express the dynamic and multi-policy nature existing in reality, which are indispensable for well formed resource dissemination control application. The goal of this paper is to define and extend formally some basic concepts related with resource dissemination (such as dissemination policy, chain, tree, etc.) and further, propose a comprehensive DMDCON model to describe universal resource dissemination applications through specifying temporal dissemination features, restrictions, and policy revocation (cascade or non-cascade). Finally, we briefly discuss the importance of DCON within the usage control domain.

Linke Guo,Chi Zhang,Hao Yue,Yuguang Fang

DOI: https://doi.org/10.1109/INFCOM.2013.6567034

2013-01-01

Abstract:Mobile content dissemination is very useful for many mobile applications in delay tolerant networks (DTNs), like instant messaging, file sharing, and advertisement dissemination, etc. Recently, social-based approaches, which attempt to exploit social behaviors of DTN users to forward time-insensitive data, such as family photos and friends' sightseeing video clips, have attracted intensive attentions in designing routing schemes in DTNs. Most social-based schemes leverage users' contact history and social information (e. g., community and friendship) as metrics to improve the dissemination performance. In these schemes, users need to obtain others' social information to determine their dissemination strategy, which apparently compromises others users' privacy. Moreover, the owner of mobile contents may only want to disclose his/her data to a particular group of users rather than revealing it to the public. In this paper, we propose a privacy-preserving social-assisted mobile content dissemination scheme in DTNs. We apply users' verifiable attributes to establish their potential social relationships in terms of identical attributes in a privacy-preserving way. Besides, to provide the confidentiality of mobile contents, our approach enables users to encrypt contents before the dissemination process, and only allows users who have particular attributes to decrypt them. By trace-driven simulations and experiments, we show the security and efficiency of our proposed scheme.

Zude Li,Xiaojun Ye,Jianmin Wang

DOI: https://doi.org/10.1145/1640206.1640223

2009-01-01

Abstract:Trusted resource dissemination over Internet is still an open problem. However, it is crucial to the success of Internet-based or Internetware systems. We propose an approach that supports trusted resource dissemination between Internetware nodes. In this paper, we focus on an evidence-based trustworthiness-assurance mechanism in the approach. An architecture and a protocol that enforces this approach in Internetware systems are also described.

Junjie Yan,Dapeng Wu,Ruyan Wang

DOI: https://doi.org/10.1109/tmm.2018.2890196

IF: 7.3

2018-01-01

IEEE Transactions on Multimedia

Abstract:The continuous advances in the storage and transmission capabilities of smart devices have made them possible to share multimedia services with each other through device-to-device (D2D) communications. However, when D2D users transmit multimedia services in manner of cooperative communications, the relay users with non-cooperative behavior may lead to a sharp decline in the quality of services for the receivers. In this paper, a socially aware trust framework for multimedia delivery is proposed to choose the trustworthy D2D cooperative users from D2D relay users. By considering the different D2D cooperative scenarios, the trust relationships of entities in the network are divided into two cases: capability trust mainly from base station (BS) to relay users and social trust from sender to relay users. In particular, capability trust is quantified based on the service capability of a user, such as caching capability, processing capability, and transmission capability, and social trust is obtained based on the historical interactive behaviors among users, such as cooperative behavior, altruistic behavior, and reciprocal behavior. By analyzing such two types of trust, the trustworthy D2D cooperative users are selected from relay users to support different cooperative scenarios. The numerical results verify that the proposed trust framework can effectively identify the selfish users and notably enhance the delivery efficiency of multimedia services, such as delay and delivery success ratio.

An'an Luo,LiQin Tian,Chuang Lin

DOI: https://doi.org/10.1109/ITAPP.2010.5566399

2010-01-01

Abstract:Being a new Internet application, social-based P2P network, which merges P2P file sharing technology and social network, is drawn more and more attention. However, it also brings in new challenges when facing the problems of trust management and personal privacy protection. In this paper, we aim at social-based P2P, and design a set of trust management mechanisms with peer uncertain risk evaluation and personal privacy preserving, which is able to encourage peers cooperation and defend Bad-Mouth attack from malicious peers. Another advantage of our solution is that it is very flexible for users to define fine-grit access control policy.

Yanping Wang,Xiaosong Zhang,Xiaofen Wang,Teng Hu,Peng Lu,Mingyong Yin

DOI: https://doi.org/10.1155/2022/1317626

IF: 1.968

2022-01-01

Security and Communication Networks

Abstract:With the increasingly prominent value of big data, data sharing within enterprises and organizations has become increasingly popular, and many institutions have established data centers to achieve effective data storage and sharing. Meanwhile, cyberspace data security and privacy have become the most critical issue that people are concerned about since shared data often involves commercial secrets and sensitive information. At present, data encryption techniques have been applied to protect the security of the sensitive data stored in and shared by the data centers. However, the challenges of efficient data sharing, secure management of decryption keys, deduplication of the plaintext, and transparency and auditability of the data access arise. These challenges may obstruct the development of data sharing in data-driven systems. To meet these challenges, we propose a secure and trustworthy data sharing scheme and introduce blockchain, proxy re-encryption (PRE), and trusted execution environments (TEEs) into the data-driven systems. Our scheme mainly enables (1) automatic distribution and management of the decryption keys, (2) reduction of the reduplicative data, and (3) trustworthy data sharing and recording. Finally, we implement the proposed scheme and compare it with other existing schemes. It is demonstrated that our scheme reduces the computation and communication overhead.

Lu Chen,Qing Zhou,Gaofeng Huang,Liqiang Zhang

DOI: https://doi.org/10.1109/CIS.2014.47

2014-01-01

Abstract:Resource sharing is one of the main applications of network. How to establish a trust relationship between resources requestor and provider, and enforce authority is the key issue of efficient resource sharing. Existing models and methods are mostly focus on identity, recommendation and other information, but lack of the considering of resource requestor's conduct and environment of computing. And once authorized, it will not be able to track and control user behavior dynamically. It may cause more risks when sharing resources. Aiming to resolve the above problems, a trust-role based context aware access control model is proposed relying on the measurement and verification of the \"trust credentials and evidences\" which embody the context information of user behavior and platform environment to achieve the security, dependable and dynamic access control for resource sharing.

Yunhao Liu,Jinsong Han

DOI: https://doi.org/10.14711/thesis-b987542

2007-01-01

Abstract:Peer-to-Peer (P2P) model has become the mainstream of the applications in current and future Internet. Being effective in utilizing and managing globally distributed information over Internet, however, most current P2P systems do not provide protection to their users against the increasing threat from selfish peers or malicious adversaries. Anonymous and trustworthy computing hereby has continuously gained importance because it meets the users’ demands of privacy, fairness, trust, and reliability. In order to construct anonymous and trustworthy P2P systems, we must address several crucial challenges including (1) reliably and efficiently anonymizing the P2P network; (2) authenticating users’ identities; (3) enabling trust management in anonymous environments. Most existing approaches achieve anonymity via fixed paths, which are unreliable and inefficient in dynamic P2P systems. We propose two non-path based protocols to anonymize P2P systems. The results of trace driven simulations show that our proposed protocols are reliable, scalable and effective, and significantly reduce cryptographic overhead. The second issue is that the current authentication approaches face a dilemma in anonymous environments: authenticating other users needs their real identities; while the anonymity requires those users to hide their real identities. We propose a Zero-knowledge based protocol to allow users authenticate with each other without exposing their real identities. We show the effectiveness of our proposed protocol by simulation studies and prototype implementation. We solve the third issue by constructing a reputation based trust management architecture. We particularly focus on the feedback quality problem. In shorting of trusted authority centers in P2P systems, the feedback quality are easily wrecked by the dishonest feedback from malicious peers, which further degrades the computation accuracy of users’ reputation. Our proposed architecture effectively alleviates the damage on computing reputation caused by the feedback cheating. We believe that widely employing above proposed approaches will make P2P systems more secure and reliable. We also extend our study to other distributed systems and propose a privacy-preserving authentication protocol for RFID systems. Keywords: Peer-to-Peer, Anonymity, Privacy-Preserving, Authentication, Key Updating, Secret Sharing, Random Walk, Selected Flooding, Trustworthy Computing, Feedback Quality, Trust Management, Trace Driven Simulation, Zero-Knowledge Proof, Man-in-middle-attack

WANG Yuan,XU Feng,CAO Chun

DOI: https://doi.org/10.3969/j.issn.1002-137X.2005.08.069

2005-01-01

Computer Science

Abstract:The security problems of the open coordination software environment make great influence on the develop- ment and application of the software systems. Trust management is a new approach to solve these security problems ef- fectively. By analyzing the security problems of the open coordination software systems and the limitations of the tradi- tional trust management systems, this paper designs and implements a distributed access control system, DACBTM, based on trust management, which is suitable for the application system in the open coordination software environment. The system can evaluate the trust relationship between software entities by the approach of trust-evaluation. We also present an improved, effective algorithm for the collection of the security information, which provides a reasonable mechanism to solve the shortness of the security information in the open coordination software environment.

Linke Guo,Chi Zhang,Hao Yue,Yuguang Fang

DOI: https://doi.org/10.1109/TMC.2014.2308177

2014-01-01

Abstract:Content dissemination is very useful for many mobile applications, like instant messaging, file sharing, and advertisement broadcast, etc. In real life, for various kinds of time-insensitive contents, such as family photos and video clips, the process of content dissemination forms a delay tolerant networks (DTNs). To improve the data forwarding performance in DTNs, several social-based approaches have been proposed, most of which leverage mobile users' social information, including contact history, moving trajectory, and personal profiles as metrics to design routing schemes. However, although the social-based approaches provide better performance, the revealing of mobile users' information apparently compromises their privacy. Moreover, users' contents may only be shared with a particular group of users rather everyone in the system. In this paper, we propose the PSaD: a Privacy-preserving Social-assisted content Dissemination scheme in DTNs. We apply users' verifiable attributes to establish their social relationships in terms of identical attributes in a privacy-preserving way. Besides, to provide the confidentiality of contents, our approach enables users to encrypt contents before the dissemination process, and only allows users who have particular attributes to decrypt them. By trace-driven simulations and experiments, we show the performance, privacy preservation, and efficiency of our proposed scheme.

Li-ming Hao,Shu-tang Yang,Song-nian Lu,Gong-liang Chen

DOI: https://doi.org/10.1007/s12204-008-0086-8

2008-01-01

Abstract:Trust is one of the most important security requirements in the design and implementation of peer-to-peer (P2P) systems. In an environment where peers’ identity privacy is important, it may conflict with trustworthiness that is based on the knowledge related to the peer’s identity, while identity privacy is usually achieved by hiding such knowledge. A trust model based on trusted computing (TC) technology was proposed to enhance the identity privacy of peers during the trustworthiness evaluation process between peers from different groups. The simulation results show that, the model can be implemented in an efficient way, and when the degree of anonymity within group (DAWG) is up to 0.6 and the percentage of malicious peers is up to 70%, the service selection failure rate is less than 0.15.

Zhenquan Qin,Lei Wang,Mingchu Li,Weifeng Sun

DOI: https://doi.org/10.1109/IIHMSP.2010.185

2010-01-01

Abstract:With the proliferation of P2P application, it is critical to consider how these systems can be run in a trust environment. We present a lightweight time-window based effective dynamic trust mechanism(Tw-Trust) considering the peer’s local and global trustworthiness. Simulation results show that Tw-Trust has the advantages in countering strategic altering behavior and dishonest feedbacks of malicious peers.

Xiang Huo,Mingxi Liu

DOI: https://doi.org/10.48550/arXiv.2301.02198

2023-01-06

Abstract:The rapidly growing penetration of renewable energy resources brings unprecedented challenges to power distribution networks - management of a large population of grid-tied controllable devices encounters control scalability crises and potential end-user privacy breaches. Despite the importance, research on privacy preservation of distributed energy resource (DER) control in a fully scalable manner is lacked. To fill the gap, this paper designs a novel decentralized privacy-preserving DER control framework that 1) achieves control scalability over DER population and heterogeneity; 2) eliminates peer-to-peer communications and secures the privacy of all participating DERs against various types of adversaries; and 3) enjoys higher computation efficiency and accuracy compared to state-of-the-art privacy-preserving methods. A strongly coupled optimization problem is formulated to control the power consumption and output of DERs, including solar photovoltaics and energy storage systems, then solved using the projected gradient method. Cloud computing and secret sharing are seamlessly integrated into the proposed decentralized computing to achieve privacy preservation. Simulation results prove the capabilities of the proposed approach in DER control applications.

Optimization and Control

LIU Yansong,XIA Qi,LI Zhu,XIA Hu,ZHANG Xiaosong,GAO Jianbin

DOI: https://doi.org/10.11959/j.issn.2096-0271.2020046

IF: 3.3

2020-01-01

Big Data Research

Abstract:In view of the increasing number of people in the digital interaction process of direct or indirect disclosure of privacy issues,the establishment of a set of data security sharing system based on blockchain network,the access control algorithm based on ciphertext-policy attribute-based encryption and the homomorphic encryption algorithm provides reliable chain data sharing were mainly researched.Data sharing on chain architecture for data sharing on the chain was proposed.Finally,simulation experiments were carried out,and the results of experimental data were analyzed.The work effectively solves the problem of malicious parties using the transaction transparency of blockchain for data analysis and ensures the privacy security of user data in the sharing process.

Wu Liu,HaiXin Duan,Hong Zhang,Jianping Wu

2008-01-01

Abstract:The trust mechanism was introduced to dynamically evaluate user's behavior in P2P network, and bind user's reputation with its access control privilege in the network. In addition, the trust based dynamic access control mechanism and key algorithm was proposed and implemented. With the trust based network security management system implemented based on the trust mechanism, a malicious user will be kicked out from the network system and refused from accessing resources of the network automatically when the user's reputation is lower than some threshold.