Zhe-Ming Lu,Zong-Hui Wang,Yong-Liang Liu

DOI: https://doi.org/10.24507/ijicic.17.04.1257

2021-01-01

Abstract:Nowadays, multimedia documents can be easily recreated or modified and then distributed over the Internet or via smart mobile phones; thus copyright protection, copy protection, content authentication and source tracing have become main issues in the big data era. In the past, many multipurpose information hiding schemes have been proposed to solve these problems. However, existing schemes are mainly designed for digital audiovisual documents, but seldom designed for office files, WEB pages, PDF files or software codes. Furthermore, there are few schemes considering how to embed multilevel fingerprints to trace multiple distribution processes. Based on above backgrounds, this paper presents a multipurpose framework based on multilevel multichannel information hiding to provide a more robust and conflict-prevented scheme with whole life cycle and full protection. This framework is developed for all kinds of multimedia documents to protect and/or authenticate and/or trace a multimedia document in its entire life time. In order to make our framework work better as an organic whole, we define a watermark information structure to discriminate and recognize different watermarks and also provide some required control information for watermark extraction or further embedding. To test the effectiveness of the proposed framework, we develop three simulation interfaces for images web pages and PPT files respectively. Experimental results demonstrate that our framework is effective and our scheme can embed multiple watermarks and can extract all watermarks correctly and independently.

Leo Yu Zhang,Yifeng Zheng,Jian Weng,Cong Wang,Zihao Shan,Kui Ren

DOI: https://doi.org/10.1109/tdsc.2018.2864748

2020-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:The wide adoption of cloud greatly facilitates the sharing of explosively generated media content today, yet deprives content providers' direct control over the outsourced media content. Thus, it is pivotal to build an encrypted cloud media center where only authorized access is allowed. Enforcing access control alone, however, cannot fully protect content providers' interests, as authorized users may later become traitors that illegally redistribute media content to the public. Such realistic threat should have been seriously treated yet is largely overlooked in the literature. In this paper, we initiate the first study on secure media sharing with fair traitor tracing in the encrypted cloud media center, through a new marriage of proxy re-encryption (for secure media sharing) and fair watermarking (for fair traitor tracing). Our key insight is to fully leverage the homomorphic properties residing in proxy re-encryption to embrace operations in fair watermarking. Two protocols are proposed for different application scenarios. We also provide complexity analysis for performance, showing that our work can also be treated as secure outsourcing of fair watermarking, and thus kills two birds with one stone. We thoroughly analyze the security strengths and conduct extensive experiments to validate the effectiveness of our design.

Haibin Yang,Zhengge Yi,Ruifeng Li,Zheng Tu,Xu An Wang,Yuanyou Cui,Xiaoyuan Yang

DOI: https://doi.org/10.1155/2021/1805615

IF: 1.968

2021-07-22

Security and Communication Networks

Abstract:With the advent of data outsourcing, how to efficiently verify the integrity of data stored at an untrusted cloud service provider (CSP) has become a significant problem in cloud storage. In 2019, Guo et al. proposed an outsourced dynamic provable data possession scheme with batch update for secure cloud storage. Although their scheme is very novel, we find that their proposal is not secure in this paper. The malicious cloud server has ability to forge the authentication labels, and thus it can forge or delete the user’s data but still provide a correct data possession proof. Based on the original protocol, we proposed an improved one for the auditing scheme, and our new protocol is effective yet resistant to attacks.

computer science, information systems,telecommunications

Yuan Zhang,Xiaodong Lin,Chunxiang Xu

DOI: https://doi.org/10.1007/978-3-030-01950-1_1

2018-01-01

Abstract:Data provenance, which records the history of the ownership and process of a document during its lifecycle, is essential for the success of cloud storage systems. However, it also inevitably incurs some challenging security and privacy issues. In this paper, to address these challenging issues, we present an efficient and secure data provenance scheme and realize it in a system called ESP. ESP is characterized by employing a blockchain-based provenance record chain and can provide a secure and efficient system for data outsourcing, where the correctness, integrity, and timeliness of provenance records can be ensured. Furthermore, we introduce a concept of window of latching (WoL) to assess the practicality of secure provenance schemes. We analyze the security of ESP and evaluate the performance of ESP via implementation, which shows WoL of ESP is short and demonstrates ESP is secure and practical.

Mohamed El-Hadedy,Georgios Pitsilis,Svein J. Knapskog

DOI: https://doi.org/10.48550/arXiv.1309.7640

2013-09-29

Multimedia

Abstract:Many electronic content providers today like Flickr and Google, offer space to users to publish their electronic media (e.g. photos and videos) in their cloud infrastructures, so that they can be publicly accessed. Features like including other information, such as keywords or owner information into the digital material is already offered by existing providers. Despite the useful features made available to users by such infrastructures, the authorship of the published content is not protected against various attacks such as compression. In this paper we propose a robust scheme that uses digital invisible watermarking and hashing to protect the authorship of the digital content and provide resistance against malicious manipulation of multimedia content. The scheme is enhanced by an algorithm called MMBEC, that is an extension of an established scheme MBEC, towards higher resistance.

Xin Tang,Yining Qi,Yongfeng Huang

DOI: https://doi.org/10.1007/978-3-319-53465-7_22

2017-01-01

Abstract:Cloud storage is widely used to ease the storage burden of clients. Meanwhile it raises a basic issue in the security of outsourced data: whether the corruption can be detected and recovered? Focusing on this problem, most existing proofs of retrievability (POR) schemes relies on precomputed tokens or tags as well as code redundancy to achieve integrity verification and corruption recovery, which, however, results in extra storage cost for cloud storage and high computational overhead for clients. Fragile watermarking provides a new way to implement the scheme without such drawbacks. In this paper, we propose a novel fragile watermarking based public auditable POR scheme for archival cloud data, which is able to not only improve the efficiency of audit process but also ensure both privacy-preserving and replay attack resistance simultaneously. The simulation results validate both the correctness of our scheme in detecting and recovering data corruption and the large improvement in performance compared to traditional POR schemes.

Jian Chen,Peijia Zheng,Jianting Guo,Wei Zhang,Jiwu Huang

DOI: https://doi.org/10.1109/trustcom/bigdatase.2018.00023

2018-01-01

Abstract:In the scenario of cloud computing, it is necessary to consider the privacy protection of the audio content as well as copyright protection and content authentication simultaneously. In this paper, we propose an encrypted audio multipurpose watermarking scheme based on cloud storage and computing. We firstly perform encrypted domain discrete wavelet transform on the encrypted audio to obtain encrypted coefficients. By using the spread spectrum method, we embed the robust and the fragile watermarks into different sub-bands. We then propose algorithms to extract the robust and the fragile watermarks from the encrypted watermarked audio. Some experiments are conducted to verify the validity and feasibility of the proposed scheme. The results show that the proposed scheme has good performances of robustness, fragility, and tamper location.

Liu Yongliang,Wen Gao,Hongxun Yao,Yaxiao Song

DOI: https://doi.org/10.1007/3-540-36228-2_59

2004-01-01

Abstract:Digital watermark is an active research area that has received a considerable attention in multimedia applications. Copyright protection of digital contents, as one of the most important application of digital watermark, works by watermark verification. In traditional watermark authentication scheme, a prover exposed a watermark to be present in a digital data to the verifier. However, an attacker is able to spoil or remove the watermark entirely once classified information is known. Some of previous schemes proposed as solution haven’t achieved desirable result really. In this paper, we propose a secure watermark verification scheme based on commitment scheme and zero knowledge protocols in order to solve this problem. There will be no secret information that can be used for removing watermark is disclosed during the verification process. It has considerable advantages over previously proposed schemes in terms of security.

Yanbo Yang,Jiawei Zhang,Ximeng Liu,Jianfeng Ma,Qi Jiang,Yuanzhen Liu,Baoshan Li,Yongxing Du

DOI: https://doi.org/10.1109/jiot.2022.3220850

IF: 10.6

2022-01-01

IEEE Internet of Things Journal

Abstract:Smart logistics (s-Logistics) has become more and more popular driven by the intelligent Internet of Things (IoT) which deploys pervasive smart devices in s-Logistics systems. The explosive growth of s-Logistics data collected by these resource-limited IoT devices enables Fog-based s-Logistics that provides data outsourcing and sharing services via multiple clouds within small latency. Nevertheless, it also gives rise to prominent security risks of user privacy leakage considering malicious users and data integrity violation with untrusted cloud servers, which are severe to s-Logistics systems and cannot be addressed by simple encryption. To solve these issues, in this article, we propose an efficient large universe and traceable privacy-preserving data sharing (LUTPDS) for Fog-based s-Logistics. It simultaneously achieves data access control, data integrity protection, key escrow and abuse resistance, user privacy preserving, and scalability. We devise a large universe and multiauthority ciphertext-policy attribute-based encryption (CP-ABE) scheme in which access policy hiding mechanism is used for user privacy preserving, while white-box tracing and certificateless public data integrity auditing techniques are employed to resist key abuse and escrow problems. In addition, online/offline encryption and verifiable outsourced decryption are leveraged for high efficiency and cloud encryption is utilized to extend to multiple clouds. In the end, we formally prove the security of our scheme for indistinguishability of chosen plaintext attack (IND-CPA) security and traceability. Detailed performance evaluation with extensive experiments shows that our scheme is practicable for s-Logistics compared with the existing schemes.

computer science, information systems,telecommunications,engineering, electrical & electronic

Chunxiang Xu,Yuan Zhang,Yong Yu,Xiaojun Zhang,Junwei Wen

DOI: https://doi.org/10.3837/tiis.2014.11.032

2014-01-01

KSII Transactions on Internet and Information Systems

Abstract:Cloud storage provides an easy, cost-effective and reliable way of data management for users without the burden of local data storage and maintenance. Whereas, this new paradigm poses many challenges on integrity and privacy of users' data, since users losing grip on their data after outsourcing the data to the cloud server. In order to address these problems, recently, Worku et al. have proposed an efficient privacy-preserving public auditing scheme for cloud storage. However, in this paper, we point out the security flaw existing in the scheme. An adversary, who is on-line and active, is capable of modifying the outsourced data arbitrarily and avoiding the detection by exploiting the security flaw. To fix this security flaw, we further propose a secure and efficient privacy-preserving public auditing scheme, which makes up the security flaw of Worku et al.'s scheme while retaining all the features. Finally, we give a formal security proof and the performance analysis, they show the proposed scheme has much more advantages over the Worku et al.'s scheme.

Xiongjie Fang,Ruopan Lai,Zhipeng Zhou,Ziyang Chen,Peijia Zheng,Wei Lu

DOI: https://doi.org/10.1007/978-3-031-06788-4_44

2022-01-01

Abstract:Image watermark has played an important role in image copyright protection. With the development of cloud computing in recent years, more and more people are willing to outsource the watermark embedding processing to cloud servers. However, the usual watermark embedding is performed in the plaintext domain, which will lead to the leakage of private information. We propose an effective privacy-preserving outsourcing watermark embedding method. We firstly present the batched implementation of discrete cosine transform (DCT) in the encrypted domain using fully homomorphic encryption integrated with Single Instruction Multiple Data (SIMD). The watermark bits are embedded in the DC components of the DCT coefficients in the encrypted domain without any leakage of the original image data. Our experimental results indicate that our secure watermarking scheme has higher efficiency than the compared work.

Zhongqiu Xu,Liangju Li,Haibo Gao

DOI: https://doi.org/10.1504/ijics.2012.051079

2012-01-01

Abstract:Digital watermarking has been used widely for the purposes of copyright protection and copy deterrence for multimedia content. In a forensic watermarking architecture, a buyer-seller watermarking protocol can enable a seller to identify a traitor from a pirated copy, while preventing the seller from framing an innocent buyer. Existing schemes are inefficient in practice for their high bandwidth usage. This paper proposes a buyer-seller watermarking protocol that is efficient from the bandwidth usage point of view. First, multicast that is an efficient transport technology for one-to-many communication is exploited, which can reduce the bandwidth usage significantly. Second, symmetric encryption instead of public-key encryption is performed on the multimedia content, which also can reduce the complexity and communication cost.

Wei Guo,Hua Zhang,Sujuan Qin,Fei Gao,Zhengping Jin,Wenmin Li,Qiaoyan Wen

DOI: https://doi.org/10.1016/j.future.2019.01.009

IF: 7.307

2019-01-01

Future Generation Computer Systems

Abstract:With the advent of data outsourcing, how to efficiently verify the integrity of data stored at an untrusted cloud service provider (CSP) has become a significant problem in cloud storage. Provable data possession (PDP) is a model that allows clients or a trusted auditor to verify whether CSP possesses the outsourced data without downloading it. However, this model requires clients to tolerate non-negligible computation burden incurred by frequent verifications in private schemes, and does not provide any security assurances when client or/and auditor are dishonest. Therefore, it cannot be directly transformed into a secure outsourced auditing scheme, where any one of three participants (i.e., CSP, client and auditor) may be dishonest and any two participants may be colluded with each other. In this paper, we propose an outsourced dynamic provable data possession (ODPDP) scheme, which migrates frequent auditing task to an external auditor to reduce clients’ verification overhead, and simultaneously provides log audit mechanism with lower computation burden for clients to prevent from dishonest auditor. In addition, we propose a batch update algorithm that can perform and verify multiple update operations at once, avoiding repetitive calculations and transmissions. Security analysis proves that our scheme is secure in the enhanced threat model, and experimental results show that our scheme achieves high efficiency in terms of computation time and communication cost compared with existing outsourced auditing schemes.

Liu Yongliang,Wen Gao,Shaohui Liu

DOI: https://doi.org/10.1109/APCC.2004.1391793

2004-01-01

Abstract:Multicast is very useful way for large-scale distributing multimedia over the network. It can significantly reduce the bandwidth required to transmit same multimedia over the network to multiple receivers. This property makes multicast competitive and attractive. We propose a simple and efficient scheme in order to resolve the issue mentioned above. In our scheme, the content provider generates two different watermarked packets for even' data packet firstly. Next, he encrypts every two watermarked packets by two different keys, respectively. Finally, he multicasts all of encrypted packets with encrypted keys to intended receivers. In the receiver, only one of every pair of encrypted packets is decrypted relying on the ID stored in tamper-resistant hardware. Every receiver obtains unique watermarked packets because every ID is unique. So, the watermarked packets can be used to trace those receivers who make redistribution of received multimedia content illegally.

Donghui Hu,Qing Wang,Song Yan,Xiaojun Liu,Meng Li,Shuli Zheng

DOI: https://doi.org/10.1145/3589761

IF: 1.6289

2023-04-17

ACM Transactions on Database Systems

Abstract:In the era of big data, data sharing not only boosts the economy of the world but also brings about problems of privacy disclosure and copyright infringement. The collected data may contain users’ sensitive information; thus, privacy protection should be applied to the data prior to them being shared. Moreover, the shared data may be re-shared to third parties without the consent or awareness of the original data providers. Therefore, there is an urgent need for copyright tracking. There are few works satisfying the requirements of both privacy protection and copyright tracking. The main challenge is how to protect the shared data and realize copyright tracking while not undermining the utility of the data. In this paper, we propose a novel solution of a reversible database watermarking scheme based on order-preserving encryption. First, we encrypt the data using order-preserving encryption and adjust an encryption parameter within an appropriate interval to generate a ciphertext with redundant space. Then, we leverage the redundant space to embed robust reversible watermarking. We adopt grouping and K-means to improve the embedding capacity and the robustness of the watermark. Formal theoretical analysis proves that the proposed scheme guarantees correctness and security. Results of extensive experiments show that OPEW has 100% data utility, and the robustness and efficiency of OPEW are better than existing works.

computer science, information systems, software engineering

Ling Du,Wei Zhang,Huazhu Fu,Wenqi Ren,Xinpeng Zhang

DOI: https://doi.org/10.1016/j.jvcir.2019.01.027

IF: 2.887

2019-01-01

Journal of Visual Communication and Image Representation

Abstract:The advancement in video surveillance has raised significant concerns about privacy protection. The existing methods focus on identifying the sensitive region and preserving the behavior of the target, however, they ignore the recoverability of private content. In this paper, we propose a novel and efficient privacy protection scheme for data security in video surveillance, which jointly addresses several key challenges, including de-identification, behavior preservation, recoverability, and compressibility in one unified system. Our method constructs a public stream and a private residual error stream by blurring the private sensitive region. With our scheme, ordinary users could recognize the behaviors in the public identity-protected video stream for surveillance purpose, while authorized users are able to access the recovered private content (e.g., for law investigations). Moreover, the compressed privacy protected region and residual error could be able to save the costs associated with transmission and storage. The extensive experiments on two standard surveillance datasets and a user study demonstrate the effectiveness of our privacy protection system. (C) 2019 Elsevier Inc. All rights reserved.

Jianfei Sun,Guowen Xu,Tianwei Zhang,Xuehuan Yang,Mamoun Alazab,Robert H. Deng

DOI: https://doi.org/10.1109/TIFS.2022.3226577

IF: 7.231

2023-01-01

IEEE Transactions on Information Forensics and Security

Abstract:The cloud-based data sharing technology with cryptographic primitives enables data owners to outsource data into paradigms and privately share information with arbitrary recipients without geographic barriers. However, we argue that most of existing efforts for outsourced data sharing are either inefficient, inflexible, or incompletely secure due to the following problems: (1) lack of efficient strategies for dynamically designating target ciphertexts to multiple recipients; (2) how to hide the identity of the recipient and (3) how to verify the correctness of outsourced ciphertext transformation without any denial. To the best of our knowledge, no previous work has thoroughly explored the above three issues, motivating us to design such an efficient and comprehensively secure outsourced data sharing mechanism. We design VF-PPBA, the first Verifiable, Fair and Privacy-preserving Broadcast Authorization framework for flexible data sharing in clouds. In more detail, we first invent a new primitive, privacy-preserving multi-recipient broadcast proxy re-encryption (PPMR-BPRE), which enables the authorization of a given ciphertext to different recipients with efficient ciphertext transformation, and further guarantees that any malicious adversary deduces nothing about the identity of the recipient. Then, we present VF-PPBA for flexible data sharing with PPMR-BPRE as the underlying structure, which in addition to inheriting all the functionalities of PPMR-BPRE, is capable of supporting the verifiability of the outcome correctness of the outsourced conversion task, and being immune to the malicious accusation if the outsourcing outcome is correctly completed. We formalize the adversarial models and render comprehensively strict security proofs to prove the security of our proposed solutions. Its performance is also validated via experimental simulations to showcase the practicability and effectiveness.

Xudong Li,Lingbo Wei,Lidong Wang,Ying Ma,Chi Zhang,Muhammad Sohail

DOI: https://doi.org/10.1002/int.22830

IF: 8.993

2022-01-28

International Journal of Intelligent Systems

Abstract:With the prevalence of digital cameras, multimedia data have been used to record facts and provide evidence of events. However, the integrity of multimedia data is vulnerable to attacks with the proliferation of data tampering tools. In fact, an effective multimedia content authentication system should support compliant editing (cropping, rotation, compression, and so forth) and have the ability to detect malicious data tampering. Data traceability is a feasible strategy to verify the integrity and provenance of multimedia data. Besides, the privacy of multimedia data needs to be protected to prevent unauthorized access. In this paper, we trace transformations of multimedia data privately by integrating a transparent and immutable blockchain with trusted hardware that provides the capability of private computation. Our system exploits a hybrid storage pattern that separately stores multimedia data off the blockchain and their hashes on the blockchain. With this, our system ensures data integrity and addresses the issue of blockchain's storage capability. Experimental results and analysis show that our solution is efficient and verifiable. A lightweight verifier merely needs to store block headers and is able to validate query results returned by full nodes.

computer science, artificial intelligence

Linzhi Jiang,Chunxiang Xu,Xiaofang Wang,Bo Luo,Huaqun Wang

DOI: https://doi.org/10.1109/tdsc.2017.2751476

2017-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Multimedia data needs huge storage space, and application of multimedia data needs powerful capability of computing. Cloud computing can help owner of multimedia data to deal with it. But, multimedia data on cloud may reveal privacy of data owner, such as sex, hobbies, address, looks, and so on. Data owner can encrypt multimedia data for confidentiality before uploading it to cloud. However, encrypted multimedia data makes its utilization difficult. In this paper, we first discover pre-existing schemes have problems of huge storage space, security and low efficiency due to their inefficient and insecure algorithms. Then, we provide an effective and practical privacy-preserving scale-invariant feature transform (SIFT) scheme for encrypted image. It uses leveled homomorphic encryption based on our new encoding schemes, our new homomorphic comparison, division and derivative encryption. Our new secure SIFT scheme can realize higher computing efficiency, greatly reduce communication costs and interactive times between user and server, and perform correct feature key point detection, accurate feature point description and image matching. We evaluate security and efficiency of our new secure SIFT scheme, and compare our new secure SIFT scheme with other schemes in detail. The result shows that it is closest to the original SIFT algorithm.

Shamaria Engram,Tyler Kaczmarek,Alice Lee,David Bigelow

DOI: https://doi.org/10.48550/arXiv.2106.00141

2021-06-01

Abstract:Data provenance analysis has been used as an assistive measure for ensuring system integrity. However, such techniques are typically reactive approaches to identify the root cause of an attack in its aftermath. This is in part due to fact that the collection of provenance metadata often results in a deluge of information that cannot easily be queried and analyzed in real time. This paper presents an approach for proactively reasoning about provenance metadata within the Automatic Cryptographic Data Centric (ACDC) security architecture, a new security infrastructure in which all data interactions are considered at a coarse granularity, similar to the Function as a Service model. At this scale, we have found that data interactions are manageable for the proactive specification and evaluation of provenance policies -- constraints placed on provenance metadata to prevent the consumption of untrusted data. This paper provides a model for proactively evaluating provenance metadata in the ACDC paradigm as well as a case study of an electronic voting scheme to demonstrate the applicability of ACDC and the provenance policies needed to ensure data integrity.

Cryptography and Security