Guojun Ma,Qingqi Pei,Yuchen Wang,Xiaohong Jiang

DOI: https://doi.org/10.1109/iihmsp.2011.26

2011-01-01

International Journal of Digital Content Technology and its Applications

Abstract:Content sharing is one of the most significant issues of Digital Rights Management (abbr. DRM). Various schemes for content sharing have been presented in the past years. However, the main goals of these schemes are to solve portability problems instead of rational sharing between different users who are not family members. In this work, we propose an initial step toward this rational sharing and present a general sharing model based on proxy re-encryption. Our model can support the flexible sharing mechanism, with which the user can choose any of the purchased content to share with any legal device, and the content provider can know and limit the number of sharing devices to achieve some novel DRM policies such as pay-per-sharing. To our best knowledge, our sharing model is the first model for content sharing between different users' devices who are not family members using proxy re-encryption. With rational applications, our model can benefit for both the user and content provider to achieve win-win development.

Zhiwei Yu,Chaokun Wang,Clark Thomborson,Jianmin Wang,Shiguo Lian,Athanasios V. Vasilakos

DOI: https://doi.org/10.1002/spe.1088

2012-01-01

Abstract:With the rapid development of cloud computing, software applications are shifting onto cloud storage rather than remaining within local networks. Software distributions within the cloud are subject to security breaches, privacy abuses, and access control violations. In this paper, we identify an insider threat to access control which is not completely eliminated by the usual techniques of encryption, cryptographic hashes, and access-control labels. We address this threat using software watermarking. We evaluate our access-control scheme within the context of a Collaboration-oriented Architecture, as defined by The Jericho Forum. Copyright © 2011 John Wiley & Sons, Ltd.

Zhen Yang,Yongfeng Huang,Xing Li,Wenyu Wang

DOI: https://doi.org/10.3970/cmc.2018.03697

2018-01-01

Abstract:To cope with privacy leakage caused by multimedia outsourcing and sharing, data provenance is used to analyze leaked multimedia and provide reactive accountability. Existing schemes of multimedia provenance are based on watermarking protocols. In an outsourcing scenario, existing schemes face two severe challenges: 1) when data leakage occurs, there exists a probability that data provenance results can be repudiated, in which case data provenance tracking fails; and 2) when outsourced data are shared, data encryption transfer causes key management burden outside the schemes, and privacy leakage threatens users. In this paper, we propose a novel data provenance scheme with an improved LUT-based fingerprinting protocol, which integrates an asymmetric watermarking protocol, robust watermark algorithm and homomorphic encryption and digital signatures to achieve full non-repudiation provenance. We build an in-scheme stream cipher to protect outsourced multimedia data from privacy leakage and complicated key management. Our scheme is also lightweight and easy to deploy. Extensive security and performance analysis compares our scheme with the state of the art. The results show that our scheme has not only better provenance security and data confidentiality but also higher efficiency for multimedia outsourcing, sharing and provenance.

Xiaojuan DONG,Weiming ZHANG,Han FANG,Nenghai YU

DOI: https://doi.org/10.1360/ssi-2021-0213

2022-01-01

Abstract:The current cloud storage services generally launch the function of browsing files, which brings greatconvenience for users to steal information by shooting files on the screen, and also increases the risk of information leakage. As a result, users taking photos to steal information poses a potential security risk for cloud storage services.The existing method is for the cloud to embed a screen-shooting resilient watermark associated with the user's identityin an image before sending it to the user. Then the cloud can detect the user's watermark from the captured image and discover the user's identity. Both the cloud and the user have the image embedded with the user's watermark, so the leaked images cannot be confirmed to be from the cloud or from the user. To eliminate the ambiguity of the leakage source, ciphertext watermark is utilized, that is, the user's ciphertext watermark is embedded into a plaintext image in the cloud to generate the ciphertext image containing the user's watermark, which can only be decrypted by the user to obtain theplaintext image. Once this image is secretly shot and leaked, it must flow out from the user. However, the current screen-shooting resilient watermarking algorithm does not support the above functions and only supports the embedding of the plaintext watermark. This paper proposes a screen-shooting resilient ciphertext watermarkingprotocol between the cloud and users, which aims to protect the copyright users' ownership of their images and prevent other userswho use the images from stealing images by taking pictures secretly. This paper verifies the security and effectiveness of the proposed protocol through theoretical analysis and simulationexperiments.

Zhe-Ming Lu,Zong-Hui Wang,Yong-Liang Liu

DOI: https://doi.org/10.24507/ijicic.17.04.1257

2021-01-01

Abstract:Nowadays, multimedia documents can be easily recreated or modified and then distributed over the Internet or via smart mobile phones; thus copyright protection, copy protection, content authentication and source tracing have become main issues in the big data era. In the past, many multipurpose information hiding schemes have been proposed to solve these problems. However, existing schemes are mainly designed for digital audiovisual documents, but seldom designed for office files, WEB pages, PDF files or software codes. Furthermore, there are few schemes considering how to embed multilevel fingerprints to trace multiple distribution processes. Based on above backgrounds, this paper presents a multipurpose framework based on multilevel multichannel information hiding to provide a more robust and conflict-prevented scheme with whole life cycle and full protection. This framework is developed for all kinds of multimedia documents to protect and/or authenticate and/or trace a multimedia document in its entire life time. In order to make our framework work better as an organic whole, we define a watermark information structure to discriminate and recognize different watermarks and also provide some required control information for watermark extraction or further embedding. To test the effectiveness of the proposed framework, we develop three simulation interfaces for images web pages and PPT files respectively. Experimental results demonstrate that our framework is effective and our scheme can embed multiple watermarks and can extract all watermarks correctly and independently.

H. Vicky Zhao,K. J. Ray Liu

DOI: https://doi.org/10.1109/tifs.2006.885023

IF: 7.231

2006-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Multimedia security systems have many users with different objectives and they influence each other's performance and decisions. Behavior forensics analyzes how users with conflicting interests interact with and respond to each other. Such investigation enables a thorough understanding of multimedia security systems and helps the digital rights enforcer offer stronger protection of multimedia. This paper analyzes the dynamics among attackers during multiuser collusion. The colluders share not only the profit from the redistribution of multimedia but also the risk of being detected by the content owner, and an important issue in collusion is fairness of the attack (i.e., whether all attackers share the same risk) (e.g., whether they have the same probability of being detected)., While they might agree so, some selfish colluders may break their fair-play agreement in order to further lower their risk. This paper investigates the problem of "traitors within traitors" in multimedia forensics, in an effort to formulate the dynamics among attackers and understand their behavior to minimize their own risk and protect their own interests. As the first work on the analysis of this colluder dynamics, this paper explores some possible strategies that a selfish colluder can use to minimize his or her probability of being caught. We show that processing his or her fingerprinted copy before multiuser collusion helps a selfish colluder further lower his or her risk, especially when the colluded copy has high resolution and good quality. This paper also investigates the optimal precollusion processing strategies for selfish colluders to minimize their risk under the quality constraints.

Jiahao Liu,Junjian Li,Ruoyu Wang,Chao Li,Wuhao Xia

DOI: https://doi.org/10.1109/DSC59305.2023.00028

2023-08-18

Abstract:In today's digital economy, data sharing has become imperative for advancing economic growth and technology development, as multi-party collaboration requires secure data exchange. During data sharing, upholding data security and privacy is paramount. However, existing data sharing solutions mostly rely on cloud storage and transfer, which have risks of single-point failure and compromise privacy and security. To tackle these challenges, we propose a novel solution that leverages proxy re-encryption and digital watermarking technologies, and employs blockchain to achieve equivalent access control functions based on the cloud environment, thereby mitigating the single point of failure issue. Moreover, our solution can effectively prevent data requesters from illegally sharing data with others. If any requester leaks data without authorization, we can trace the source based on the watermark embedded in the leaked data. In summary, our proposed solution enables more secure and privacy-preserving data sharing, which can potentially benefit a wide range of data sharing applications.

Computer Science,Engineering

Li Xu,Chi-Yao Weng,Lun-Pin Yuan,Mu-En Wu,Raylin Tso,Hung-Min Sun

DOI: https://doi.org/10.1007/s11227-015-1515-8

2015-01-01

Abstract:Cloud storage is one of the most important applications in our daily lives. User can store their own data into cloud storage and remotely access the saved data. Owing to the social media develops, users can share the digital files to other users, leading to the amount of data growing rapidly and searching abilities necessarily. In the some cases, servers cannot avoid data leakage even if the server provides complete access control. The encrypted data is a best way to resolve this problem but it may eliminate original structure and searching may become impossible. Applying searchable encryption for each receiver may produce messy duplication and occupy the quota of cloud storage from each receiver. User requires keeping their shared documents belonging up to date which are compared with the latest version. To this aim, we thus propose a sharable ID-based encryption with keyword search in cloud computing environment, which enables users to search in data owners’ shared storage while preserving privacy of data. For the performance analysis, we demonstrate the compared resultant with others ID-based or ID-relative encryption. In addition to that, we show the formal proof to verify the security of our proposed.

Duane Wilson,Giuseppe Ateniese

DOI: https://doi.org/10.48550/arXiv.1404.2697

2014-04-10

Cryptography and Security

Abstract:With the advent of cloud computing, a number of cloud providers have arisen to provide Storage-as-a-Service (SaaS) offerings to both regular consumers and business organizations. SaaS (different than Software-as-a-Service in this context) refers to an architectural model in which a cloud provider provides digital storage on their own infrastructure. Three models exist amongst SaaS providers for protecting the confidentiality data stored in the cloud: 1) no encryption (data is stored in plain text), 2) server-side encryption (data is encrypted once uploaded), and 3) client-side encryption (data is encrypted prior to upload). This paper seeks to identify weaknesses in the third model, as it claims to offer 100% user data confidentiality throughout all data transactions (e.g., upload, download, sharing) through a combination of Network Traffic Analysis, Source Code Decompilation, and Source Code Disassembly. The weaknesses we uncovered primarily center around the fact that the cloud providers we evaluated were each operating in a Certificate Authority capacity to facilitate data sharing. In this capacity, they assume the role of both certificate issuer and certificate authorizer as denoted in a Public-Key Infrastructure (PKI) scheme - which gives them the ability to view user data contradicting their claims of 100% data confidentiality. We have collated our analysis and findings in this paper and explore some potential solutions to address these weaknesses in these sharing methods. The solutions proposed are a combination of best practices associated with the use of PKI and other cryptographic primitives generally accepted for protecting the confidentiality of shared information.

Xiaojuan Dong,Weiming Zhang,Mohsin Shah,Bei Wang,Nenghai Yu

DOI: https://doi.org/10.1109/tsc.2020.3008957

IF: 11.019

2020-01-01

IEEE Transactions on Services Computing

Abstract:In this article, we propose secure plaintext image storage protocols in the cloud environment for image owners managing and controlling their outsourced images. To solve control and privacy issues, conventional schemes suggest outsourcing images in the encrypted form. However, encrypted images lose their usability and visibility. For example, image owners cannot quickly find their stored images in the cloud. The proposed protocols encourage plaintext image storage in the cloud with copyright protection of images, visible display, lossless retrieval and controlled deletion via techniques of homomorphic encryption and digital watermarking. We allow the image owner to embed and remove the watermark in a privacy-preserving way without compromising the security of the original data and the computed results. Moreover, the image owner can securely detect the cloud's dishonest act of not completely deleting an image as required or leaking an image without permission. Compared with existing works, our work achieves more functions. We prove that the proposed work achieves the controllable management of the outsourced plaintext images without privacy leakage to unauthorized parties and demonstrate the utility and the efficiency of our protocols through experimental evaluation.

Shuanggen Liu,Hailun Pan,Xu An Wang,Siyi Zhao,Qing Li

DOI: https://doi.org/10.1016/j.sysarc.2024.103100

IF: 5.836

2024-03-08

Journal of Systems Architecture

Abstract:Medical data sharing is essential for the advancement of medical research, but the existence of malicious encryptors and malicious users poses a major challenge to the seamless sharing of information among healthcare providers. We proposed a traceable and revocable broadcast encryption scheme for preventing malicious encryptors in the Medical Internet of Things (MIoT). In 2023, Wang et al. first proposed the concept of malicious encryptor for broadcast encryption and trator tracing, and they constructed a scheme for preventing this attack. The malicious encryptor is reasonable in real broadcast encryption systems because the encryptor is not always the same as the digital content provider. When digital content providers for medical institutions want to share sensitive medical data, the employees may implement encryption. Then the employees may plant some trapdoors and sell to the black market, which can be used to construct pirated boxes. To resist malicious encryptor attacks, we rely on the uniform distribution of the output of the secure cryptographic hash function to generate the randomness needed for encryption. To prevent malicious users from selling their private keys to attackers, we set up public tracing and revocation mechanisms. Meanwhile, we enable digital content providers to share common encrypted data to different groups of authorized users protected by privacy, while also sharing individual data to designated consumers of those groups. Under the decision q -parallel BDHE assumption without random oracles, our construction is demonstrated to be adaptive IND-CPA secure. Since we have a compact communication bandwidth, a constant user secret key size, and only three bilinear operations are needed for decryption to recover the encrypted broadcast message, our scheme does not add much overhead and is therefore practical.

computer science, software engineering, hardware & architecture

Mohamed El-Hadedy,Georgios Pitsilis,Svein J. Knapskog

DOI: https://doi.org/10.48550/arXiv.1309.7640

2013-09-29

Multimedia

Abstract:Many electronic content providers today like Flickr and Google, offer space to users to publish their electronic media (e.g. photos and videos) in their cloud infrastructures, so that they can be publicly accessed. Features like including other information, such as keywords or owner information into the digital material is already offered by existing providers. Despite the useful features made available to users by such infrastructures, the authorship of the published content is not protected against various attacks such as compression. In this paper we propose a robust scheme that uses digital invisible watermarking and hashing to protect the authorship of the digital content and provide resistance against malicious manipulation of multimedia content. The scheme is enhanced by an algorithm called MMBEC, that is an extension of an established scheme MBEC, towards higher resistance.

Liu Yongliang,Wen Gao,Shaohui Liu

DOI: https://doi.org/10.1109/APCC.2004.1391793

2004-01-01

Abstract:Multicast is very useful way for large-scale distributing multimedia over the network. It can significantly reduce the bandwidth required to transmit same multimedia over the network to multiple receivers. This property makes multicast competitive and attractive. We propose a simple and efficient scheme in order to resolve the issue mentioned above. In our scheme, the content provider generates two different watermarked packets for even' data packet firstly. Next, he encrypts every two watermarked packets by two different keys, respectively. Finally, he multicasts all of encrypted packets with encrypted keys to intended receivers. In the receiver, only one of every pair of encrypted packets is decrypted relying on the ID stored in tamper-resistant hardware. Every receiver obtains unique watermarked packets because every ID is unique. So, the watermarked packets can be used to trace those receivers who make redistribution of received multimedia content illegally.

Xuexue Jin,Lingbo Wei,Mengke Yu,Nenghai Yu,Jinyuan Sun

DOI: https://doi.org/10.1109/ICCChina.2013.6671119

2013-01-01

Abstract:Cloud computing is viewed as the next generation architecture of IT companies. As promising as it is, cloud computing also brings forth many new security issues when users outsource sensitive data to cloud servers. To keep sensitive users' data confidential against untrusted servers, existing solutions usually apply cryptographic methods. With data encryption, the same file will become different from each other, thus deduplication which is widely adopted by cloud storage service providers meets some challenges. Current method to solve the problem is to make use of some information computed from the shared file to achieve deduplication of encrypted data, say convergent encryption. But this piece of information which is computable from the file via a deterministic public algorithm is not really meant to be secret. To this end, we propose a scheme to address the deduplication of encrypted data efficiently and securely with the help of ensuring the ownership of the shared file, encrypting data using keys at user's will and realizing the anonymous store through the digital credential. We achieve this aims through proof of ownership (POW), proxy re-encryption (PRE) and digital credential.

Farooq Ahmed,Lingbo Wei,Yukun Niu,Tianyu Zhao,Wei Zhang,Dong Zhang,Wenxiang Dong

DOI: https://doi.org/10.1002/int.22810

IF: 8.993

2022-01-14

International Journal of Intelligent Systems

Abstract:Video streaming applications are rapidly proliferating, allowing users to browse, download, and share videos through platforms such as YouTube, Netflix, and Amazon. Media content providers are required to register copyrights on digital platforms. With the existence of blockchain technology, users can manage their data using a smart contract, which allows them to define access and search policies and use an instant payment system without a third party in a decentralized network. We propose a secure and reliable video sharing scheme based on blockchain, using cryptographic primitives to secure the information of streamers and viewers. The use of blockchain ensures reliability and prevents the manipulating or forging of multimedia content. A smart contract system is implemented to represent contractual actions once a given access condition is satisfied. Analysis of the scheme's security and performance demonstrates that it is reliable and efficient.

Ashwani Kumar

DOI: https://doi.org/10.1007/s11042-022-12550-7

IF: 2.577

2022-03-15

Multimedia Tools and Applications

Abstract:Nowadays, cloud computing provides a platform infrastructure for the secure dealing of digital data, but privacy and copy control are the two important issues in it over a network. Cloud data is available to the end user and requires enormous security and privacy techniques to protect the data. Moreover, the access control mechanism with encryption-based technique protects the digital rights for participants in a transaction, but they do not protect the media from being illegally redistributed and do not restrict an authorized user to reveal their secret information this is referred to as you can access but you cannot leak. This brought out a need for controlling copy deterrence and preserving the privacy of digital media over the internet. To overlook this, we proposed a cloud-based buyer-seller watermarking protocol (CB-BSWP) with the use of a semi-trusted third party for copy deterrence and privacy-preserving in the cloud environment. The suggested scheme uses 1) a privacy homomorphism cryptosystem with Diffie-Hellman key exchange algorithm to provide an encrypted domain for the secure exchange of digital media 2) adopt robust and fair watermarking techniques to ensure high imperceptibility and robustness for the watermarked images against attacks 3) two services of cloud Infrastructure as a service (IaaS) to support virtualized computing infrastructure and Watermarking as a service (WaaS) to execute the speedy process of watermarking, this process is supported by watermarking generation and signing phase (WGSP) and watermark extraction and verifying phase reported in 4th section. 4) cloud service provider (CSP) considered as a "semi-trusted" third party to reduce the burden from the trusted third party (TTP) server and provide storage for the encrypted digital media on cloud databases, this frees content owner from not having a separate storage infrastructure. The proposed scheme encrypts the digital content by using SHA-512 algorithm with key size 512-bits to ensure that it doesn't affect computational time during the process of encryption. The suggested scheme addresses the problems of piracy tracing, anonymity, tamper resistance, non-framing, customer rights problem. The role of cloud is crucial because it reduces communication overhead, provides unlimited storage, supports the watermarking process and offers a solution for the secure distribution of end-to-end security of digital content over cloud. To check the performance of the suggested CB-BSWP protocol against common image processing attacks, we have conducted experiments in which the perceptual quality of watermarked digital media was found enhanced, resulting in a robust watermark.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

Zhangdong Wang,Jiaohua Qin,Xuyu Xiang,Yun Tan

DOI: https://doi.org/10.1007/s00530-020-00734-w

IF: 3.9

2021-01-09

Multimedia Systems

Abstract:To ensure the image security, a large number of ciphertext image retrieval methods have been studied and applied, such as homomorphic encryption and multi-key encryption. However, most of these algorithms do not consider the protection of image copyright, user information and traitor tracking. For this reason, this paper proposes a privacy-preserving and traitor tracking content-based image retrieval scheme in cloud computing. This method introduces the DenseNet network to strengthen statistical features. One-way hash algorithm and XOR operation are used to protect copyright and user information, and reversible information hiding algorithm is accessed for traitor tracking. Experimental results show that compared with other algorithms that support leak tracking, our method achieves higher retrieval precision, higher retrieval efficiency and simpler architecture.

computer science, information systems, theory & methods

Xiaojuan Dong,Weiming Zhang,Xianjun Hu,Keyang Liu

DOI: https://doi.org/10.4018/IJDCF.2018100109

2018-01-01

Abstract:AbstractThis article describes how cloud storage dramatically benefits people in freeing up their local storage space, while bringing the separation of the data ownership and private manipulation. Hence, it is difficult for the cloud user to make sure that the cloud storage provider CSP has obeyed the request of deletion to remove all corresponding data. To solve the issue technically, this article proposes an interactive cloud-user watermarking protocol CUW based on the homomorphic encryption. To meet security requirements, the encrypted watermark is embedded into encrypted data. Moreover, to enjoy the convenient cloud services, the uploaded data is eventually stored in the cloud server in the form of plain text. The performance of the CUW protocol is evaluated through a prototype implementation.

H. Vicky Zhao,K. J. Ray Liu

DOI: https://doi.org/10.1109/ICIP.2005.1530334

2005-01-01

Abstract:Digital fingerprinting is an important tool in multimedia forensics to trace traitors and protect multimedia content after decryption. This paper addresses the enforcement of digital rights when distributing multimedia over heterogeneous networks and studies the scalable multimedia fingerprinting systems in which users receive copies of different quality. We investigate the traitor tracing capability of such scalable fingerprinting systems, in particular, the robustness of the embedded fingerprints against multi-user collusion attacks. Under the fairness constraints on collusion that all attackers share the same risk of being captured, we analyze the maximum number of colluders that the fingerprinting systems can withstand, and our results show that multimedia fingerprints can survive collusion attacks by a few dozen colluders.