Jiawei Han,Yanheng Liu,Xin Sun,Lijun Song

DOI: https://doi.org/10.1109/icsess.2016.7883094

2016-01-01

Abstract:A quantum cryptography security model in mobile cloud computing is proposed in this paper, so as to achieve highly-secure data and privacy cryptography in mobile cloud computing environment. In the model, quantum keys are distributed to users' phones through two phases. Firstly, existing classical optical network has been transformed as quantum distribution network conveniently through multiplexing technique, the BB84 quantum key distribution protocol realized based on decoy state is adopted; Then, the security authentication protocol based on the quantum keys and distance-bounding HKQ is put forward, and through the near field communication (NFC) technology, quantum keys are transmitted into the security storage area of users' phone in the trusted area; Mobile users can get access to data on the cloud through quantum secret keys, protecting users' data and privacy. Experiments in the real quantum cryptography environment prove the validity of the proposed QCMC model.

Marmik Pandya

DOI: https://doi.org/10.48550/arXiv.1512.02196

2015-12-08

Abstract:Confidentiality, Integrity, and Availability are basic goals of security architecture. To ensure CIA, many authentication scheme has been introduced in several years. Currently deployment of Public Key Infrastructure (PKI) is a most significant solution. PKI involving exchange key using certificates via a public channel to a authenticate users in the cloud infrastructure. It is exposed to widespread security threats such as eavesdropping, the man in the middle attack, masquerade et al. Quantum cryptography is of the most prominent fields in the modern world of information security. Quantum cryptography is considered to be a future replica of classical cryptography along with a vital stance to break existing classical cryptography. This paper aims to look into basic security architecture in place currently and further it tries to introduce a new proposed security architecture for cloud computing environment, which makes use of the knowledge of Quantum Mechanics and current advances in research in Quantum Computing, to provide a more secure architecture.

Cryptography and Security

Lirong Qiu,Feng Cai,Guixian Xu

DOI: https://doi.org/10.1016/j.future.2018.03.053

IF: 7.307

2018-01-01

Future Generation Computer Systems

Abstract:In our paper we focus on the application of quantum digital signature in the access control of sensitive data such as those data appears in areas like healthcare in order to protect users personal information. There are three parties in our protocol: the signer, the arbitrator and the receiver. Different from most existing protocols developed in arbitrated quantum signature, in which the arbitrator is either assumed to be honest or dishonest, in our protocol we assume the arbitrator is partially honest in the sense that the arbitrator is honest-but-curious. The quantum protocol we propose in this paper have various advantages over existing protocols of the same purpose. The technology we proposed can guarantee the unconditional secure, and it is implementable by the current technology, so the method we proposed can guarantee the security of user’ personal information in the big data era.

Chao-sheng FENG,Zhi-guang QIN,Ding YUAN,Yu QING

DOI: https://doi.org/10.3969/j.issn.0372-2112.2015.02.017

2015-01-01

Abstract:The loss of on-board domain and appearance of multi-tenant context bring some new problems and challenges to access control .In this paper ,these problems are listed and the reasons are analyzed first .And then ,aiming at these problems ,the corresponding solutions and techniques are introduced in terms of identity provision ,authentication ,authorization ,identity federation and single sign-on .Next ,latest works about access control of cloud computing are reviewed in terms of access control models ,at-tribute based access control of cipher text ,and access control of outsourcing data .At last ,the trend of study on access control of cloud computing is analyzed and predicted .

Qianqian Jia,Run-hua Shi,Huijie Li

DOI: https://doi.org/10.1088/1402-4896/ad69e0

2024-08-02

Physica Scripta

Abstract:Cloud computing, as a popular technology in recent years, has greatly facilitated the development of data outsourcing services. However, when users access sensitive data stored in the cloud, ensuring the security of data remains a pressing challenge. In this paper, we present a privacy-preserving keyword query scheme for outsourced data in cloud environment. Furthermore, to implement this scheme, we propose a series of quantum basic protocols with single qubits. The proposed basic protocols do not require the execution of quantum gate operations, and the necessary measurements are only Bell measurements based on measurement-device-independence. Therefore, it is practical and feasible under current technology. Moreover, compared with classical schemes, our scheme has higher security (i.e., quantum security). Finally, we conduct simulation experiments in IBM Qiskit to verify the correctness and feasibility of the critical parts of the scheme.

physics, multidisciplinary

Xiaojun Zhang,Chunxiang Xu,Chunhua Jin

DOI: https://doi.org/10.1504/ijesdf.2016.073736

2016-01-01

International Journal of Electronic Security and Digital Forensics

Abstract:With the rapid development of cloud storage technology, users choose to store their data in the cloud server remotely. Without the burden of local data storage and maintenance, users can enjoy on-demand high quality cloud storage services. Recently, lattice-based cryptography has been considered as the best choice for post-quantum cryptography, which can resist quantum computer attacks. Considering the forthcoming of the quantum computer in the near future, in this paper, we propose an efficient identity-based cloud storage public auditing scheme, which is constructed based on lattice. We prove our scheme can guarantee public verifiability, unforgeability. Moreover, our scheme can prevent the third party auditor (TPA) from revealing the primitive data blocks of cloud users. In particular, to achieve efficient data dynamics, by utilising index hash tables, our auditing scheme can efficiently perform dynamic operations. Efficient performance analysis demonstrates that our public auditing scheme is more efficient and more practical even in the post-quantum cryptographic era.

Atul Kumar Srivastava,Dhiraj Pandey,Alok Agarwal

DOI: https://doi.org/10.1007/s11277-024-11021-6

IF: 2.017

2024-04-27

Wireless Personal Communications

Abstract:Due to the exponential growth of cloud data and network services, computational resources and cloud data security have one of the most attractive research issues in the real-time cloud environment. Numerous types of cloud services are combined into various domain applications, including, e-health, defence, clinical databases, and so on, for data storage and resource computing. However, a traditional challenge to consider is that the Data Owner (DO) no longer has the ability to modify the access control policy or key policy, resulting in data sharing inflexibility, inefficiency, and key abusers. To address these concerns, we propose an enhanced d level cut-off point-Quantum Secret Sharing (EdLCp-QSS) scheme based on an efficient Monitoring Key Ciphertext-ABE (MKCABE) –access control with Blockchain and Key Controller (EQMBK) mechanism for security. The proposed EQMBK mechanism provides security for monitoring the data from getting accessed by un-authorized users as well as offers updating security when a new user joins the cloud environment. The proposed EQMBK system ensures that data is not accessible by unauthorised users and that security is updated when a new user joins the cloud environment. Finally, experimental simulation reveals that the suggested technique is very efficient in preserving the privacy of the user's data against unauthorised parties in terms of computation time encryption time, system initialization time, key generation time, and decryption time. Furthermore, when compared to state-of-the-art techniques, the proposed methods are more resilient and provide greater performance.

telecommunications

Niu Shaozhang,Tu Shanshan,Huang Yongfeng

DOI: https://doi.org/10.1049/cje.2015.07.015

IF: 1.019

2015-01-01

Chinese Journal of Electronics

Abstract:Cloud computing services have got rapid development in the field of the lightweight terminal, especially wireless communications. The comprehensive access control system framework is proposed for the cloud. A kind of access control scheme based on attribute encryption is designed, in which lightweight devices can safely use cloud computing resources to outsource encrypt/decrypt operations, and not worry for exposing terminal sensitive data. The scheme is verified by performance evaluation about the security, computing, storage, to ensure the legitimate interests of users in the cloud.

Min Wang,Gui-Lu Long

DOI: https://doi.org/10.1007/s11432-024-4177-5

2024-11-10

Science China Information Sciences

Abstract:Access authentication scheme plays a foundational role in ensuring the security of communication networks. However, an access authentication scheme with high security and efficiency is still lacking in quantum communication networks. In this paper, we propose a lattice-based access authentication scheme for quantum communication networks in the manner of real-time interaction with the network control center, which could achieve properties of mutual authentication, conditional anonymity, data confidentiality, unforgeability, undeniability, and data integrity. We utilize the digital signature algorithm CRYSTALS-Dilithium and the key-establishment algorithm CRYSTALS-KYBER, both of which have been selected for standardization by the National Institute of Standards and Technology, to realize secure access authentication for users of the quantum communication networks. Specifically, in the quantum secure direct communication network, key-establishment is replaced by the verification of signatures encoded in quantum states. Our results demonstrate the feasibility of establishing a quantum-secure communication network.

computer science, information systems,engineering, electrical & electronic

Li Jian,Li Na,Zhang Yu,Wen Shuang,Du Wei,Chen Wei,Ma Wenping

DOI: https://doi.org/10.1049/cje.2018.01.017

IF: 1.019

2018-01-01

Chinese Journal of Electronics

Abstract:Quantum cryptography (QC) as an important technology to protect the security of the future network communication, has gained extensive attention from both academia and industry in recent years. This paper provides a concise up-to-date review of QC, including Quantum key distribution (QKD), Quantum authentication, Quantum public-key cryptography (QPKC), and so on. Our aim is to pave a comprehensive and solid starting ground for interested readers. We firstly clarify the definition of QC. Secondly, we present the current understanding of QC from different levels, including the basic knowledge of quantum information processing, QC protocols and the attacks in QC. Finally, we discuss the challenges and opportunities in this hopeful field.

Mingsheng Ying,Yuan Feng,Nengkun Yu

DOI: https://doi.org/10.1109/csf.2013.16

2013-01-01

Abstract:Quantum cryptography has been extensively studied in the last twenty years, but information-flow security of quantum computing and communication systems has been almost untouched in the previous research. Due to the essential difference between classical and quantum systems, formal methods developed for classical systems, including probabilistic systems, cannot be directly applied to quantum systems. This paper defines an automata model in which we can rigorously reason about information-flow security of quantum systems. The model is a quantum generalisation of Goguen and Meseguer's noninterference. The unwinding proof technique for quantum noninterference is developed, and a certain compositionality of security for quantum systems is established. The proposed formalism is then used to prove security of access control in quantum systems.

Vamshi Adouth,Eswari Rajagopal

DOI: https://doi.org/10.1002/cpe.8192

2024-06-13

Concurrency and Computation Practice and Experience

Abstract:In the era of digital proliferation, individuals opt for cloud servers to store their data due to the diverse advantages they offer. However, entrusting data to cloud servers relinquishes users' control, potentially compromising data confidentiality and integrity. Traditional auditing methods designed to ensure data integrity in cloud servers typically depend on Trusted Third Party Auditors. Yet, many of these existing auditing approaches grapple with intricate certificate management and key escrow issues. Furthermore, the imminent threat of powerful quantum computers poses a risk of swiftly compromising these methods in polynomial time. To overcome these challenges, this paper introduces a Quantum‐based Secure Key Communication and Key Generation Scheme QSKCG for Outsourced Data in the Cloud. Leveraging Elliptic Curve Cryptography, the BB84 secure communication protocol, certificateless signature, and blockchain network, the proposed scheme is demonstrated through security analysis, affirming its robustness and high efficiency. Additionally, performance analysis underscores the practicality of the proposed scheme in achieving post‐quantum security in cloud storage.

computer science, theory & methods, software engineering

Yu-Ding WANG,Jia-Hai YANG,Cong XU,Xiao LING,Yang YANG

DOI: https://doi.org/10.13328/j.cnki.jos.004820

2015-01-01

Abstract:With the intensive and large scale development of cloud computing, security becomes one of the most important problems. As an important part of security domain, access control technique is used to limit users' capability and scope to access data and ensure the information resources not to be used and accessed illegally. This paper focuses on the state-of-the-art research of access control technology in cloud computing environment. First, it briefly introduces access control theory, and discusses the access control framework in cloud computing environment. Then, it thoroughly surveys the access control problems in cloud computing environment from three aspects including cloud access control model, cloud access control based on ABE (attribute-based encryption) cryptosystem, and multi-tenant and virtualization access control in cloud. In addition, it probes the best current practices of access control technologies within the major cloud service providers and open source cloud platforms. Finally, it summarizes the problems in the current research and prospects the development of future research.

Lingling Xu,Shaohua Tang

DOI: https://doi.org/10.1007/s11227-013-1039-z

IF: 3.3

2013-01-01

The Journal of Supercomputing

Abstract:With the tremendous growth of cloud computing, verifiable computation has been firstly formalized by Gennaro et al. and then studied widely to provide integrity guarantees in the outsourced computation. However, existing verifiable computation protocols either work in the secret key setting or in the public key setting, namely, work either for single client or for all clients, which rules out some practical applications with access control policies. In this paper, we introduce and formalize the notion of verifiable computation with access control (AC-VC), in which only the computationally weak clients with necessary access control permissions can be allowed by a trusted source to apply the outsourced computation of a function to a server. We present a formal security definition and a proved secure black-box construction for AC-VC. This construction is built based on any verifiable computation in the secret key model and ciphertext-policy attribute-based encryption (CP-ABE). The access control policies that our AC-VC can realize depend on that realized in the based CP-ABE.

xiao wei gao,ze min jiang,Rui Jiang

DOI: https://doi.org/10.4028/www.scientific.net/AMR.756-759.2649

2012-01-01

Advanced Materials Research

Abstract:Recently, Hota et al. present a Capability-based Cryptographic Data Access Control in Cloud Computing. This scheme implements data storage, user authorization, data access and integrity checking. However, we find two fatal attacks in the data exchange between CSP and User. These attacks makes a registered user can intercept another legal user's file and decipher it. To avoid these attacks, we give an improvement to Hota et al's scheme and can resist theses attacks. Meantime, to make Hota's scheme be applicable, we propose a novel data access protocol in cloud computing. Our scheme guarantees data confidentiality and secure data access between User and CSP. Security analysis shows that the scheme can resist various attacks.

Shaohua Tang,Xiaoyu Li,Xinyi Huang,Yang Xiang,Lingling Xu

DOI: https://doi.org/10.1109/tc.2015.2479609

IF: 3.183

2016-01-01

IEEE Transactions on Computers

Abstract:Access control is an indispensable security component of cloud computing, and hierarchical access control is of particular interest since in practice one is entitled to different access privileges. This paper presents a hierarchical key assignment scheme based on linear-geometry as the solution of flexible and fine-grained hierarchical access control in cloud computing. In our scheme, the encryption key of each class in the hierarchy is associated with a private vector and a public vector, and the inner product of the private vector of an ancestor class and the public vector of its descendant class can be used to derive the encryption key of that descendant class. The proposed scheme belongs to direct access schemes on hierarchical access control, namely each class at a higher level in the hierarchy can directly derive the encryption key of its descendant class without the need of iterative computation. In addition to this basic hierarchical key derivation, we also give a dynamic key management mechanism to efficiently address potential changes in the hierarchy. Our scheme only needs light computations over finite field and provides strong key indistinguishability under the assumption of pseudorandom functions. Furthermore, the simulation shows that our scheme has an optimized trade-off between computation consumption and storage space.

Henry Chima Ukwuoma,Gabriel Arome,Aderonke Thompson,Boniface Kayode Alese

DOI: https://doi.org/10.1515/comp-2022-0235

2022-01-01

Open Computer Science

Abstract:Abstract Data security in the cloud has been a major issue since the inception and adoption of cloud computing. Various frameworks have been proposed, and yet data breach prevails. With encryption being the dominant method of cloud data security, the advent of quantum computing implies an urgent need to proffer a model that will provide adequate data security for both classical and quantum computing. Thus, most cryptosystems will be rendered susceptible and obsolete, though some cryptosystems will stand the test of quantum computing. The article proposes a model that comprises the application of a variant of McEliece cryptosystem, which has been tipped to replace Rivest–Shamir–Adleman (RSA) in the quantum computing era to secure access control data and the application of a variant of N-th degree truncated polynomial ring units (NTRU) cryptosystem to secure cloud user data. The simulation of the proposed McEliece algorithm showed that the algorithm has a better time complexity than the existing McEliece cryptosystem. Furthermore, the novel tweaking of parameters S and P further improves the security of the proposed algorithms. More so, the simulation of the proposed NTRU algorithm revealed that the existing NTRU cryptosystem had a superior time complexity when juxtaposed with the proposed NTRU cryptosystem.

Tianqi Zhou,Jian Shen,Xiong Li,Chen Wang,Jun Shen

DOI: https://doi.org/10.1155/2018/8214619

IF: 1.968

2018-01-01

Security and Communication Networks

Abstract:Cyberspace has become the most popular carrier of information exchange in every corner of our life, which is beneficial for our life in almost all aspects. With the continuous development of science and technology, especially the quantum computer, cyberspace security has become the most critical problem for the Internet in near future. In this paper, we focus on analyzing characteristics of the quantum cryptography and exploring of the advantages of it in the future Internet. It is worth noting that we analyze the quantum key distribution (QKD) protocol in the noise-free channel. Moreover, in order to simulate real situations in the future Internet, we also search the QKD protocol in the noisy channel. The results reflect the unconditional security of quantum cryptography theoretically, which is suitable for the Internet as ever-increasing challenges are inevitable in the future.

computer science, information systems,telecommunications

Ze Yang,Qin Shi,Teng Cheng,Xunji Wang,Rutong Zhang,Lin Yu

DOI: https://doi.org/10.1016/j.vehcom.2024.100789

IF: 6.7

2024-01-01

Vehicular Communications

Abstract:The Internet of vehicles (IoV) is an essential part of modern intelligent transportation systems (ITS). In the ITS, intelligent connected vehicle can access a variety of latency-sensitive cloud services through the vulnerable wireless communication channel, which could lead to security and privacy issues. To prevent access by malicious nodes, a large number of authentication schemes have been proposed. However, with the diversification of cloud services and the rapid development of quantum computing, there are many drawbacks remain, including timeliness of authentication and resisting quantum computing. In light of this, we propose a lattice-based secure and efficient multi-cloud authentication and key agreement scheme for quantum key distribution (QKD) enabled IoV. Its features are as follows: i) Security-enhanced and Efficient Authentication: We combine the lattice-based lightweight signatures and quantum authentication keys to guarantee security-enhanced authentication. Meanwhile, we propose the quantum security service cloud (QSC) to manage the authentication of all vehicles and cloud server providers (CSPs) to reduce the authentication rounds and improve efficiency. ii) Extended Quantum Key Distribution (eQKD): In wireless networks, quantum key agreement is achieved through the pre-filled quantum keys. In wired networks, quantum key is accomplished by QKD with Bennett-Brassard 1984 (BB84) protocol. Furthermore, formal and informal security demonstrates that the scheme could resist potential security attacks. The performance comparison illustrates that our scheme could decrease the computational overhead by 27.23%-81.78% and authentication rounds by 81.34%-93.10%.

Yibing Kong,Jennifer Seberry,Janusz R. Getta,Ping Yu

DOI: https://doi.org/10.1007/11556992_33

2005-01-01

Abstract:As one of the most popular information safeguarding mechanisms, access control is widely deployed in information systems. However, access control approach suffers from a tough problem, i.e. system administrators must be unconditionally trusted. Cryptographic substitutes have been developed to solve the above problem. In particular, hierarchical encryption, as an alternate solution of access control in a hierarchy, has been intensively studied. In this paper, we propose a cryptographic solution for general access control based on Chinese Remainder Theorem. Our solution has two categories: data based solution and key based solution. In contrast to the most recent hierarchical encryption system: Ray, Ray and Narasimhamurthi's system [1], our solution is more efficient, secure and flexible. Moreover, we introduce an efficient mechanism for authorization alterations. This paper ends with a set of experimental results that support our research.