V. Ezhil Arasi,K. Indra Gandhi,K. Kulothungan

DOI: https://doi.org/10.1007/s11227-021-04293-3

IF: 3.3

2022-01-26

The Journal of Supercomputing

Abstract:Data security in cloud data sharing system is effectively ensured by data access control mechanism. Data access control becomes more challenging because of intruders and malicious cloud servers. Most of the traditional approaches do not consider the issues in controlling user accessing cloud data storage and sharing. Ciphertext policy attribute-based encryption is one of the most effective techniques that provide secure data access control for sensitive data outsourced in cloud storage. However, in traditional cloud data sharing system, there are several issues regarding transaction traceability, user authorization, data ownership management and access control preservation. Also, traditional access control schemes do not have an effective method to compensate cloud users whose data integrity is lost. To handle these issues, we propose a new data sharing system auditable attribute-based encryption scheme that integrates the advantages of blockchain technology with attribute-based access control. We designed a trustworthy scheme which uses blockchain to provide attribute-based secure data sharing with integrity auditing. It also provides compensation to data owners, if their data integrity is lost. The security analysis demonstrates the improvement in performance of the proposed access control scheme over existing data sharing schemes. It provides efficient and secure data sharing, reliable traceability and equitable mediation. Thus, the proposed approach preserves the integrity, privacy, security and consistency of the stored data, thereby guaranteeing authorized data access control to cloud users.

Asma Jodeiri Akbarfam,Hoda Maleki

2024-07-25

Abstract:Provenance, which traces data from its creation to manipulation, is crucial for ensuring data integrity, reliability, and trustworthiness. It is valuable for single-user applications, collaboration within organizations, and across organizations. Blockchain technology has become a popular choice for implementing provenance due to its distributed, transparent, and immutable nature. Numerous studies on blockchain designs are specifically dedicated to provenance, and specialize in this area. Our goal is to provide a new perspective in blockchain based provenance field by identifying the challenges faced and suggesting future research directions. In this paper, we categorize the problem statement into three main research questions to investigate key issues comprehensively and propose a new outlook on the use of blockchains. The first focuses on challenges in non-collaborative, single-source environments, the second examines implications in collaborative environments and different domains such as supply chain, scientific collaboration and digital forensic, and the last one analyzes communication and data exchange challenges between organizations using different blockchains. The interconnected nature of these research questions ensures a thorough exploration of provenance requirements, leading to more effective and secure systems. After analyzing the requirements of provenance in different environments, we provide future design considerations for provenance-based blockchains, including blockchain type, query mechanisms, provenance capture methods, and domain-specific considerations. We also discuss future work and possible extensions in this field.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Aravind Ramachandran,Dr. Murat Kantarcioglu

DOI: https://doi.org/10.48550/arXiv.1709.10000

2017-09-28

Cryptography and Security

Abstract:Blockchain technology has evolved from being an immutable ledger of transactions for cryptocurrencies to a programmable interactive the environment for building distributed reliable applications. Although, blockchain technology has been used to address various challenges, to our knowledge none of the previous work focused on using blockchain to develop a secure and immutable scientific data provenance management framework that automatically verifies the provenance records. In this work, we leverage blockchain as a platform to facilitate trustworthy data provenance collection, verification, and management. The developed system utilizes smart contracts and open provenance model (OPM) to record immutable data trails. We show that our proposed framework can efficiently and securely capture and validate provenance data, and prevent any malicious modification to the captured data as long as the majority of the participants are honest.

Meikang Qiu,Han Qiu,Hui Zhao,Meiqin Liu,Bhavani Thuraisingham

DOI: https://doi.org/10.1109/SmartBlock52591.2020.00010

2020-01-01

Abstract:With the rapid development of cloud technology and the huge amount of big data generation, outsourcing data storage to a cloud service provider is an efficient solution. The challenges on the trustworthiness of cloud providers are urgent to be solved due to many security and privacy violation incidents in recent years. Some enhanced data protection methods such as All-Or-Nothing Transformation (AONT) are proposed to provide additional protection on data security. However, the key management and access revocation operations will become a difficult task and the key manager will be vulnerable. In this paper, we propose to use the scalable consortium blockchain system to solve the key management for the AON-based data protection and outsourcing in the multi-clouds scenario. We propose a model that can provide secure data sharing through untrusted clouds with the key management provided by the consortium blockchain system as a service. We also provide practical case studies for using the novel AON data approaches to protect data security and tamper-proofing on key management.

Marwan Adnan Darwish,Eiad Yafi,Mohammed A. Al Ghamdi,Abdullah Almasri

DOI: https://doi.org/10.1007/s13369-020-04394-w

IF: 2.807

2020-02-14

Arabian Journal for Science and Engineering

Abstract:Cloud computing (CC) is a distributed and centralized network of interconnected and interrelated systems that has emerged as an area of incredible impact, potential, and growth in the IT domain. In the last few years, this paradigm has thrived to become the fastest evolutionary segment for business and various industries. Despite the many advantages provided by the cloud, serious challenges related to privacy and security have arisen such as privacy exposure, data loss, manipulation, service-level agreement (SLA) violation, and concerns over the service and deployment models. In this article, a blockchain-based hybrid algorithm is proposed to tackle the privacy inefficiency of existing tools. A novel hybrid technique is used to encrypt data ahead of outsourcing it to data centers, and a unique digital signature is generated at clients and stored on a decentralized set of blocks. A virtual cloud similar to actual cloud service infrastructure was built to test the proposed framework. Despite the additional computational powers needed to run the proposed framework due to blockchain integration, the results show that data integrity and reliability are preserved and user's privacy is increased. Our results are discussed and benchmarked against the standard privacy tests standards such as changes in the stored data, the negligible overheads on cloud performance, and the data records of the blockchain structure.

multidisciplinary sciences

R. Bitzur,B. Rubinovitz,Y. Sidi,H. Gur

1997-06-15

Abstract:

Jingchi Zhang,Anwitaman Datta

DOI: https://doi.org/10.48550/arXiv.2309.04125

2023-09-08

Abstract:In a traditional cloud storage system, users benefit from the convenience it provides but also take the risk of certain security and privacy issues. To ensure confidentiality while maintaining data sharing capabilities, the Ciphertext-Policy Attribute-based Encryption (CP-ABE) scheme can be used to achieve fine-grained access control in cloud services. However, existing approaches are impaired by three critical concerns: illegal authorization, key disclosure, and privacy leakage. To address these, we propose a blockchain-based data governance system that employs blockchain technology and attribute-based encryption to prevent privacy leakage and credential misuse. First, our ABE encryption system can handle multi-authority use cases while protecting identity privacy and hiding access policy, which also protects data sharing against corrupt authorities. Second, applying the Advanced Encryption Standard (AES) for data encryption makes the whole system efficient and responsive to real-world conditions. Furthermore, the encrypted data is stored in a decentralized storage system such as IPFS, which does not rely on any centralized service provider and is, therefore, resilient against single-point failures. Third, illegal authorization activity can be readily identified through the logged on-chain data. Besides the system design, we also provide security proofs to demonstrate the robustness of the proposed system.

Cryptography and Security

Jian Zhang,Yang,Yanjiao Chen,Fei Chen

DOI: https://doi.org/10.1109/iwqos.2017.7969107

2017-01-01

Abstract:With the development of cloud storage, data owners no longer physically possess their data and thus how to ensure the integrity of their outsourced data becomes a challenging task. Several protocols have been proposed to audit cloud storage, all of which rely mainly on data block tags to check data integrity. However, their block tag constructions employ cryptographic operations, which makes them computationally complex. In this paper, we investigate a secure cloud storage protocol based on the classic discrete logarithm problem. Our protocol generates data block tags with only basic algebraic operations, which brings substantial computation savings compared with previous work. We also strictly prove that the proposed protocol is secure under a definition which captures the real-world uses of cloud storage. In order to fit more application scenarios, we extend the proposed protocol to support data dynamics by employing an index vector and third-party public auditing by using a random masking number, both of which are efficient and provably secure. At last, theoretical analysis and experimental evaluation are provided to validate the superiority of the proposed protocol.

Rodrigo Dutra Garcia,Gowri Sankar Ramachandran,Raja Jurdak,Jo Ueyama

DOI: https://doi.org/10.48550/arXiv.2112.13956

2021-12-28

Abstract:Real-world applications in healthcare and supply chain domains produce, exchange, and share data in a multi-stakeholder environment. Data owners want to control their data and privacy in such settings. On the other hand, data consumers demand methods to understand when, how, and who produced the data. These requirements necessitate data governance frameworks that guarantee data provenance, privacy protection, and consent management. We introduce a decentralized data governance framework based on blockchain technology and proxy re-encryption to let data owners control and track their data through privacy-enhancing and consent management mechanisms. Besides, our framework allows the data consumers to understand data lineage through a blockchain-based provenance mechanism. We have used Digital e-prescription as the use case since it has multiple stakeholders and sensitive data while enabling the medical fraternity to manage patients' prescription data, involving patients as data owners, doctors and pharmacists as data consumers. Our proof-of-concept implementation and evaluation results based on CosmWasm, Ethereum, and pyUmbral PRE show that the proposed decentralized system guarantees transparency, privacy, and trust with minimal overhead.

Cryptography and Security

S. M. Udhaya Sankar,D. Selvaraj,G.K. Monica,Jeevaa Katiravan

DOI: https://doi.org/10.14445/22315381/IJETT-V71I3P204

2023-04-24

Abstract:With the help of a shared pool of reconfigurable computing resources, clients of the cloud-based model can keep sensitive data remotely and access the apps and services it offers on-demand without having to worry about maintaining and storing it locally. To protect the privacy of the public auditing system that supports the cloud data exchange system. The data's owner has the ability to change it using the private key and publishes it in the cloud. The RSA Technique is used to produce key codes for the cloud services atmosphere's privacy utilizing the system's baseboard number, disc number, and client passcode for validation. The method is based on a cutting-edge User End Generated (UEG) privacy technique that minimizes the involvement of a third party and improves security checks by automatically documenting destructive activities. To strengthen extensibility, various authorization-assigning modalities and block access patterns were established together with current operational design approaches. In order to meet the demands for decentralization, fine-grained auditability, extensibility, flexibility, and privacy protection for multilevel data access in networked environments, the suggested approach makes use of blockchain technology. According to a thorough performance and security assessment, the current proposal is exceptionally safe and effective.

Cryptography and Security

S. Sengupta,V. Saxena,P. Kaw,A. Sen,A. Das

DOI: https://doi.org/10.1103/PHYSREVE.79.026404

2009-02-20

Abstract:We report on spatiotemporal evolution of relativistically intense longitudinal electron plasma waves in a cold homogeneous plasma, using the physically appealing Dawson sheet model. Calculations presented here in the weakly relativistic limit clearly show that under very general initial conditions, a relativistic wave will always phase mix and eventually break at arbitrarily low amplitudes, in a time scale omegapetaumix approximately {3/64(omegape2delta3/c2k2)|Deltak/k|(|1+Deltak/k|)](1+1|1+Deltak/k|)}(-1). We have verified this scaling with respect to amplitude of perturbation delta and width of the spectrum (Deltakk) using numerical simulations. This result may be of relevance to ultrashort, ultraintense laser pulse-plasma interaction experiments where relativistically intense waves are excited.

Haoyu Chen,Shanshan Tu,Chunye Zhao,Yongfeng Huang

DOI: https://doi.org/10.1109/icoacs.2016.7563069

2016-01-01

Abstract:With the rapid development of cloud computing and distributed system, the security of data stored in cloud server becomes more and more important. In this paper, we analyze the challenges and problems of clouding security, and introduce the cloud security framework, as well as compare the different cloud security controlling methods. Meanwhile, we propose our own trusted cloud framework based on Cloud Accountability Life Cycle. To satisfy the requirements of cloud security, auditing the provenance data in cloud server is the most efficient method, and the log is a type of provenance data, which is relative easy and stable to collect. Therefore, audit based on log data plays a significant role in cloud security framework. In this paper, we also compare different security audit mechanisms, and point out their advantages and disadvantages as well as suggest how to improve these mechanisms.

Asma Jodeiri Akbarfam,Mahdieh Heidaripour,Hoda Maleki,Gokila Dorai,Gagan Agrawal

2023-08-08

Abstract:Maintaining accurate provenance records is paramount in digital forensics, as they underpin evidence credibility and integrity, addressing essential aspects like accountability and reproducibility. Blockchains have several properties that can address these requirements. Previous systems utilized public blockchains, i.e., treated blockchain as a black box, and benefiting from the immutability property. However, the blockchain was accessible to everyone, giving rise to security concerns and moreover, efficient extraction of provenance faces challenges due to the enormous scale and complexity of digital data. This necessitates a tailored blockchain design for digital forensics. Our solution, Forensiblock has a novel design that automates investigation steps, ensures secure data access, traces data origins, preserves records, and expedites provenance extraction. Forensiblock incorporates Role-Based Access Control with Staged Authorization (RBAC-SA) and a distributed Merkle root for case tracking. These features support authorized resource access with an efficient retrieval of provenance records. Particularly, comparing two methods for extracting provenance records off chain storage retrieval with Merkle root verification and a brute-force search the offchain method is significantly better, especially as the blockchain size and number of cases increase. We also found that our distributed Merkle root creation slightly increases smart contract processing time but significantly improves history access. Overall, we show that Forensiblock offers secure, efficient, and reliable handling of digital forensic data

Cryptography and Security

Xiangke Mao,Chao Li,Guigang Zhang,Xin Wei,Chunxiao Xing

DOI: https://doi.org/10.1109/qrs-c57518.2022.00024

2022-01-01

Abstract:Data provenance is a basic requirement for trusted data management in the era of big data. Before the emergence of blockchain technology, data provenance mainly used a centralized database to store data records, log records, etc., to facilitate subsequent audit tracking, but database has the security problem of data tampering. After the emergence of blockchain technology, researchers have conducted a lot of research on trusted data provenance in the Internet of Things (IoT), product supply chain, medical health and other fields based on the characteristics of blockchain decentralization, tamper resistance, and traceability, etc., to ensure the security and trustworthiness of data provenance results. This paper will sort out the research on the use of blockchain technology for data provenance in different fields in recent years, and analyze the similarities and differences between existing blockchain based data provenance methods as a whole. Finally, the possible challenges in data provenance based on blockchain technology are pointed out and the possible solutions are given.

Yogesh M Gajmal,R. Udayakumar

DOI: https://doi.org/10.13052/jwe1540-9589.2054

2021-08-30

Journal of Web Engineering

Abstract:Access control is a major factor in enhancing data security in the cloud storage system. However, the existing data sharing and the access control method have privacy data leakage and key abuse, which is a major challenge in the research community. Therefore, an effective method named Blockchain-based access control and data sharing approach is developed in the cloud storage system to increase data security. The proposed Blockchain-based access control and data sharing approach effectively solve single-point failure in the cloud system. It provides more benefits by increasing the throughput and reducing the cost. The Data user (DU) makes the registration request using the ID and password and forwards it to the Data Owner (DO), which processes the request and authenticates the Data user. The information of the data owner is embedded in the transactional blockchain using the encrypted master key. The Data owner achieves the data encryption process, and encrypted files are uploaded to the Interplanetary File System (IPFS). Based on the encrypted file location and encrypted key, the Data owner generates the ciphertext metadata and is embedded in the transactional blockchain. The proposed Blockchain-based access control and data sharing approach achieved better performance using the metrics, like a better genuine user detection rate of 95% and lower responsiveness of 25sec with the blockchain of 100 sizes.

computer science, theory & methods, software engineering

Bao-Kun Zheng,Lie-Huang Zhu,Meng Shen,Feng Gao,Chuan Zhang,Yan-Dong Li,Jing Yang

DOI: https://doi.org/10.1007/s11390-018-1840-5

2018-01-01

Abstract:With the development of network technology and cloud computing, data sharing is becoming increasingly popular, and many scholars have conducted in-depth research to promote its flourish. As the scale of data sharing expands, its privacy protection has become a hot issue in research. Moreover, in data sharing, the data is usually maintained in multiple parties, which brings new challenges to protect the privacy of these multi-party data. In this paper, we propose a trusted data sharing scheme using blockchain. We use blockchain to prevent the shared data from being tampered, and use the Paillier cryptosystem to realize the confidentiality of the shared data. In the proposed scheme, the shared data can be traded, and the transaction information is protected by using the ( p , t )-threshold Paillier cryptosystem. We conduct experiments in cloud storage scenarios and the experimental results demonstrate the efficiency and effectiveness of the proposed scheme.

Sidra Malik,Volkan Dedeoglu,Salil Kanhere,Raja Jurdak

DOI: https://doi.org/10.48550/arXiv.2104.13964

2021-04-27

Cryptography and Security

Abstract:Blockchain offers traceability and transparency to supply chain event data and hence can help overcome many challenges in supply chain management such as: data integrity, provenance and traceability. However, data privacy concerns such as the protection of trade secrets have hindered adoption of blockchain technology. Although consortium blockchains only allow authorised supply chain entities to read/write to the ledger, privacy preservation of trade secrets cannot be ascertained. In this work, we propose a privacy-preservation framework, PrivChain, to protect sensitive data on blockchain using zero knowledge proofs. PrivChain provides provenance and traceability without revealing any sensitive information to end-consumers or supply chain entities. Its novelty stems from: a) its ability to allow data owners to protect trade related information and instead provide proofs on the data, and b) an integrated incentive mechanism for entities providing valid proofs over provenance data. In particular, PrivChain uses Zero Knowledge Range Proofs (ZKRPs), an efficient variant of ZKPs, to provide origin information without disclosing the exact location of a supply chain product. Furthermore, the framework allows to compute proofs and commitments off-line, decoupling the computational overhead from blockchain. The proof verification process and incentive payment initiation are automated using blockchain transactions, smart contracts, and events. A proof of concept implementation on Hyperledger Fabric reveals a minimal overhead of using PrivChain for blockchain enabled supply chains.

Hongzhi Li,Dezhi Han,Mingdong Tang

DOI: https://doi.org/10.1109/jiot.2021.3107846

IF: 10.6

2022-03-15

IEEE Internet of Things Journal

Abstract:In recent years, traditional logistics systems are developing toward intelligence based on the Internet of Things (IoT). Sensing devices throughout the logistics network provide strong support for smart logistics. However, due to the insufficient local computing and storage resources of IoT devices, logistics records with sensitive information are generally stored in a centralized cloud center, which could easily cause privacy leakage. In this study, we propose a blockchain-assisted secure storage scheme for logistics data. To be specific, this scheme can be briefly divided into two parts. The first part involves data generation and aggregation, session establishing, records encryption and storage, wherein a blockchain network is used to assist the cloud server with data storage, and smart contracts are deployed to provide reliable storage interfaces. In the second part, an efficient consensus mechanism is introduced to improve the efficiency of the consensus process. Also, the stored records can be securely audited by leveraging the deployed blockchain network. Finally, we analyze the security and privacy properties of this scheme and evaluate its performance in terms of computation and communication overhead by developing an experimental platform. The experimental results indicate that the performance of our scheme is acceptable.

computer science, information systems,telecommunications,engineering, electrical & electronic

Jiahao Liu,Junjian Li,Ruoyu Wang,Chao Li,Wuhao Xia

DOI: https://doi.org/10.1109/DSC59305.2023.00028

2023-08-18

Abstract:In today's digital economy, data sharing has become imperative for advancing economic growth and technology development, as multi-party collaboration requires secure data exchange. During data sharing, upholding data security and privacy is paramount. However, existing data sharing solutions mostly rely on cloud storage and transfer, which have risks of single-point failure and compromise privacy and security. To tackle these challenges, we propose a novel solution that leverages proxy re-encryption and digital watermarking technologies, and employs blockchain to achieve equivalent access control functions based on the cloud environment, thereby mitigating the single point of failure issue. Moreover, our solution can effectively prevent data requesters from illegally sharing data with others. If any requester leaks data without authorization, we can trace the source based on the watermark embedded in the leaked data. In summary, our proposed solution enables more secure and privacy-preserving data sharing, which can potentially benefit a wide range of data sharing applications.

Computer Science,Engineering

Mohammed Alshehri,Brajendra Panda

DOI: https://doi.org/10.48550/arXiv.2001.04490

2020-01-13

Cryptography and Security

Abstract:People have used cloud computing approach to store their data remotely. As auspicious as this approach is, it brings forth many challenges: from data security to time latency issues with data computation as well as delivery to end users. Fog computing has emerged as an extension for cloud computing to bring data processing and storage close to end-users; however, it minimizes the time latency issue but still suffers from data security challenges. For instance, when a fog node providing services to end users is compromised, the users' data security can be violated. Thus, this paper proposes a secure and fine-grained data access control scheme by integrating the CP-ABE algorithm and blockchain concept to prevent fog nodes from violating end users' data security in a situation where a compromised fog node is being ousted. We also classify the fog nodes into fog federations, based on their attributes such as services and locations, to minimize the time latency and communication overhead between fog nodes and cloud server. Further, the exploitation and integration of the blockchain concept and the CP-ABE algorithm enables fog nodes in the same fog federation to perform the authorization process in a distributed manner. In addition, to solve time latency and communication overhead problems, we equip every fog node with an off-chain database to store most frequently accessed data files for specific time, and with an on-chain access control policies table (On-chain Files Tracking Table) which must be protected from being tampered by malicious (rogue) fog nodes. Therefore, blockchain plays a vital role here as it is tamper-proof by nature. We demonstrate our scheme's efficiency and feasibility by designing algorithms and conducting a security analysis. The provided analysis shows that the proposed scheme is efficient and feasible in ousting malicious (rogue) fog nodes.