IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
Mona: Secure Multi-Owner Data Sharing for Dynamic Groups in the CloudShruthi Suresh
The document discusses secure multi-owner data sharing for dynamic groups in clouds. It outlines Mona, a scheme that uses dynamic broadcast encryption for access control and group signatures for authentication. Mona allows efficient revocation without updating other users' keys and supports anonymity and traceability. The document compares Mona to other schemes and finds Mona addresses issues around identity privacy and revocation more effectively. Future work aims to make Mona more reliable and scalable by handling failures of the group manager.
A Secure Multi-Owner Data Sharing Scheme for Dynamic Group in Public Cloud. IJCERT JOURNAL
In cloud computing outsourcing group resource among cloud users is a major challenge, so cloud computing provides a low-cost and well-organized solution. Due to frequent change of membership, sharing data in a multi-owner manner to an untrusted cloud is still its challenging issue. In this paper we proposed a secure multi-owner data sharing scheme for dynamic group in public cloud. By providing AES encryption with convergent key while uploading the data, any cloud user can securely share data with others. Meanwhile, the storage overhead and encryption computation cost of the scheme are independent with the number of revoked users. In addition, I analyze the security of this scheme with rigorous proofs. One-Time Password is one of the easiest and most popular forms of authentication that can be used for securing access to accounts. One-Time Passwords are often referred to as secure and stronger forms of authentication in multi-owner manner. Extensive security and performance analysis shows that our proposed scheme is highly efficient and satisfies the security requirements for public cloud based secure group sharing.
A secure anti collusion data sharing scheme for dynamic groups in the cloudKamal Spring
Benefited from cloud computing, users can achieve an effective and economical approach for data sharing among group members in the cloud with the characters of low maintenance and little management cost. Meanwhile, we must provide security guarantees for the sharing data files since they are outsourced. Unfortunately, because of the frequent change of the membership, sharing data while providing privacy-preserving is still a challenging issue, especially for an untrusted cloud due to the collusion attack. Moreover, for existing schemes, the security of key distribution is based on the secure communication channel, however, to have such channel is a strong assumption and is difficult for practice. In this paper, we propose a secure data sharing scheme for dynamic members. Firstly, we propose a secure way for key distribution without any secure communication channels, and the users can securely obtain their private keys from group manager. Secondly, our scheme can achieve fine-grained access control, any user in the group can use the source in the cloud and revoked users cannot access the cloud again after they are revoked. Thirdly, we can protect the scheme from collusion attack, which means that revoked users cannot get the original data file even if they conspire with the untrusted cloud. In our approach, by leveraging polynomial function, we can achieve a secure user revocation scheme. Finally, our scheme can achieve fine efficiency, which means previous users need not to update their private keys for the situation either a new user joins in the group or a user is revoked from the group.
Secure data sharing for dynamic groups in multi-owner using cloudSagar Dhanake
This document summarizes a seminar presentation on secure data sharing for dynamic groups in multi-owner cloud environments. The presentation covered cloud computing fundamentals and challenges with identity privacy. It proposed a system called MONA that allows any group member to securely store and share encrypted data files on an untrusted cloud. Key features of MONA include dynamic group management such that new users can access previous data, anonymous yet traceable access control, and efficient user revocation. The presentation discussed the system architecture, models, modules including registration, login and file sharing, relevant algorithms, applications, advantages, and future work concerning reliability.
Mona secure multi owner data sharing for dynamic groups in the cloudAvinash K S
1) The document proposes a secure multi-owner data sharing scheme called Mona for dynamic groups in the cloud. Mona allows any user in a group to anonymously share data with others using techniques like group signatures and dynamic broadcast encryption.
2) Mona supports efficient membership changes without updating secret keys. New users can decrypt pre-existing files and revoking users does not require updating keys of remaining users.
3) Mona provides privacy-preserving access control where users can anonymously access cloud resources while allowing identity tracing by the group manager when needed. It aims to achieve secure and flexible data sharing for dynamic groups in the cloud.
A secure-anti-collusion-data-sharing-scheme-for-dynamic-groups-in-the-cloudPvrtechnologies Nellore
This document proposes a secure data sharing scheme for dynamic groups in the cloud. It allows group members to securely access and share data files stored in the cloud. The scheme provides secure key distribution without requiring secure communication channels. It also enables fine-grained access control and prevents collusion attacks between revoked users and the cloud. When users join or leave the group, other users do not need to update their private keys. The scheme aims to address limitations of existing approaches that require updating file-block keys for revocations and have overhead linearly increasing with member/revocation changes.
SMONA: Secure Multi Owner Data Sharing for Dynamic Groups in the Cloudijsrd.com
The data is stored in the cloud. Storing data should be risky. Cloud provider should be trustful because the data is confidentential. The Group manager keeps the record of group members. The key distribution is done to the group of each department. The Group members can access the stored data from cloud. The encryption-decryption technique is used to store the data. Any cloud user can anonymously share data with others by providing group signature and dynamic broadcast encryption techniques. When new member joined in the group, new granted users can directly decrypt data files uploaded without contacting with data owners. Proposing a new model for Sharing Secure Data in the Cloud for the Multiuser Group.
Mona: Secure Multi-Owner Data Sharing for Dynamic Groups in the CloudShruthi Suresh
The document discusses secure multi-owner data sharing for dynamic groups in clouds. It outlines Mona, a scheme that uses dynamic broadcast encryption for access control and group signatures for authentication. Mona allows efficient revocation without updating other users' keys and supports anonymity and traceability. The document compares Mona to other schemes and finds Mona addresses issues around identity privacy and revocation more effectively. Future work aims to make Mona more reliable and scalable by handling failures of the group manager.
A Secure Multi-Owner Data Sharing Scheme for Dynamic Group in Public Cloud. IJCERT JOURNAL
In cloud computing outsourcing group resource among cloud users is a major challenge, so cloud computing provides a low-cost and well-organized solution. Due to frequent change of membership, sharing data in a multi-owner manner to an untrusted cloud is still its challenging issue. In this paper we proposed a secure multi-owner data sharing scheme for dynamic group in public cloud. By providing AES encryption with convergent key while uploading the data, any cloud user can securely share data with others. Meanwhile, the storage overhead and encryption computation cost of the scheme are independent with the number of revoked users. In addition, I analyze the security of this scheme with rigorous proofs. One-Time Password is one of the easiest and most popular forms of authentication that can be used for securing access to accounts. One-Time Passwords are often referred to as secure and stronger forms of authentication in multi-owner manner. Extensive security and performance analysis shows that our proposed scheme is highly efficient and satisfies the security requirements for public cloud based secure group sharing.
A secure anti collusion data sharing scheme for dynamic groups in the cloudKamal Spring
Benefited from cloud computing, users can achieve an effective and economical approach for data sharing among group members in the cloud with the characters of low maintenance and little management cost. Meanwhile, we must provide security guarantees for the sharing data files since they are outsourced. Unfortunately, because of the frequent change of the membership, sharing data while providing privacy-preserving is still a challenging issue, especially for an untrusted cloud due to the collusion attack. Moreover, for existing schemes, the security of key distribution is based on the secure communication channel, however, to have such channel is a strong assumption and is difficult for practice. In this paper, we propose a secure data sharing scheme for dynamic members. Firstly, we propose a secure way for key distribution without any secure communication channels, and the users can securely obtain their private keys from group manager. Secondly, our scheme can achieve fine-grained access control, any user in the group can use the source in the cloud and revoked users cannot access the cloud again after they are revoked. Thirdly, we can protect the scheme from collusion attack, which means that revoked users cannot get the original data file even if they conspire with the untrusted cloud. In our approach, by leveraging polynomial function, we can achieve a secure user revocation scheme. Finally, our scheme can achieve fine efficiency, which means previous users need not to update their private keys for the situation either a new user joins in the group or a user is revoked from the group.
Secure data sharing for dynamic groups in multi-owner using cloudSagar Dhanake
This document summarizes a seminar presentation on secure data sharing for dynamic groups in multi-owner cloud environments. The presentation covered cloud computing fundamentals and challenges with identity privacy. It proposed a system called MONA that allows any group member to securely store and share encrypted data files on an untrusted cloud. Key features of MONA include dynamic group management such that new users can access previous data, anonymous yet traceable access control, and efficient user revocation. The presentation discussed the system architecture, models, modules including registration, login and file sharing, relevant algorithms, applications, advantages, and future work concerning reliability.
Mona secure multi owner data sharing for dynamic groups in the cloudAvinash K S
1) The document proposes a secure multi-owner data sharing scheme called Mona for dynamic groups in the cloud. Mona allows any user in a group to anonymously share data with others using techniques like group signatures and dynamic broadcast encryption.
2) Mona supports efficient membership changes without updating secret keys. New users can decrypt pre-existing files and revoking users does not require updating keys of remaining users.
3) Mona provides privacy-preserving access control where users can anonymously access cloud resources while allowing identity tracing by the group manager when needed. It aims to achieve secure and flexible data sharing for dynamic groups in the cloud.
A secure-anti-collusion-data-sharing-scheme-for-dynamic-groups-in-the-cloudPvrtechnologies Nellore
This document proposes a secure data sharing scheme for dynamic groups in the cloud. It allows group members to securely access and share data files stored in the cloud. The scheme provides secure key distribution without requiring secure communication channels. It also enables fine-grained access control and prevents collusion attacks between revoked users and the cloud. When users join or leave the group, other users do not need to update their private keys. The scheme aims to address limitations of existing approaches that require updating file-block keys for revocations and have overhead linearly increasing with member/revocation changes.
SMONA: Secure Multi Owner Data Sharing for Dynamic Groups in the Cloudijsrd.com
The data is stored in the cloud. Storing data should be risky. Cloud provider should be trustful because the data is confidentential. The Group manager keeps the record of group members. The key distribution is done to the group of each department. The Group members can access the stored data from cloud. The encryption-decryption technique is used to store the data. Any cloud user can anonymously share data with others by providing group signature and dynamic broadcast encryption techniques. When new member joined in the group, new granted users can directly decrypt data files uploaded without contacting with data owners. Proposing a new model for Sharing Secure Data in the Cloud for the Multiuser Group.
Mona secure multi owner data sharing for dynamic groups in the cloudKrushna Panda
Any user in a dynamic group can anonymously share data on the cloud using Mona, a secure multi-owner data sharing scheme. Mona leverages group signatures and dynamic broadcast encryption so that the storage overhead and encryption costs are independent of the number of revoked users. It allows efficient user revocation without updating others' secret keys and new users can access previously shared data. Mona provides anonymity, access control, and traces misbehavior. It achieves efficient and secure data sharing for dynamic groups on an untrusted cloud.
secure multi-owner data sharing for dynamic groupsSuchithra Balan
The document presents a secure data sharing scheme for dynamic groups in cloud computing. The scheme leverages group signature and dynamic broadcast encryption techniques to allow cloud users to anonymously share data with others in a group while preserving identity privacy from an untrusted cloud. It aims to securely support data sharing in dynamic groups where attributes are not fixed and multiple owners are possible. The scheme's storage overhead and encryption costs are independent of the number of revoked users.
Multi Owner Data Sharing & Outsourced Revocation Using Identity Based Encrypt...Eswar Publications
Cloud computing is an economical and effective solution for sharing group resource among cloud users. Unfortunately, sharing data in a multi-owner manner while protect data and identity privacy from an un trusted cloud is still a challenging issue, due to the recurrent change of the membership.The major aims of this method a secure multi-owner data sharing scheme.That is any user in the group can securely share data with others by un trusted cloud. Moreover, the real identities of data owners can be exposed by the group manager when disputes occur. User revocation can be achieved by a novel revocation list and no need to update the secret Keys of the
remaining users.The drawback of IBE is computation over head. To overcome the drawback introduces outsourcing computation.
The document proposes a secure multi-owner data sharing scheme called Mona for dynamic groups in the cloud. Mona leverages group signature and dynamic broadcast encryption techniques to allow any cloud user to anonymously share data with others. It supports efficient dynamic groups where new users can access previously shared data without contacting owners. Mona provides secure access control and privacy preservation for group members while storing data on untrusted cloud storage. It aims to address limitations of existing schemes regarding user participation, revocation, and single data owner restrictions.
This document proposes a secure multi-owner attribute authorities based data sharing scheme for dynamic groups in the cloud. It aims to enable secure data sharing in dynamic groups where there is no fixed attribute authority, using a key policy attribute-based encryption method to select dynamic attribute authorities. The proposed scheme uses group signatures, signed receipts, and dynamic broadcast encryption to allow cloud users to anonymously share data. It reduces computation cost and storage overhead compared to existing works, as the encryption computation cost and storage overhead are independent of the number of revoked users.
A cloud storage system for sharing data securely with privacy preservation an...eSAT Journals
Abstract Cloud computing provides much-known services for storing user data over cloud server and it provides attention towards a broad set of technologies, rules and controls deployed to provide security for applications and data. As the more and more firm uses the cloud, security in cloud environment is becoming very important issue. It is much needed that companies should work with partners doing best practices of cloud security and which facilitate transparency for their solutions. Number of security solutions today depends on the authentication for security but it did not provide solution for the privacy problems while sharing data in the cloud environment. Data access request from the user itself may expose users’ private data no matter his request approved or not. So this becomes very important in sharing data in the cloud environment. In this paper we proposed a system which provides attention towards the above mentioned problem. In proposed system we used the concept of data anonymity for sending data access request to data owner and also provide the data auditing facility to detect fraud in the integrity of users shared data. Keywords: Cloud computing, privacy preservation, data integrity, data sharing, authentication
Iaetsd an efficient secure scheme for multi user in cloudIaetsd Iaetsd
This document proposes a secure multi-owner data sharing scheme for dynamic groups in the cloud. The scheme allows any user within a group to securely share data with others through a trusted cloud. It supports efficient dynamic groups where new users can directly access and modify files uploaded before their participation without contacting owners. User revocation is achieved through a public revocation list without changing remaining user keys. The scheme provides anonymity and security while ensuring storage and computation overhead remain constant regardless of revoked users. It aims to address challenges with existing systems through increasing redundancy of group managers and distributing workload across managers.
Oruta is a privacy-preserving public auditing mechanism for shared data in the cloud that:
1) Utilizes ring signatures to construct homomorphic authenticators, allowing a third party auditor to verify the integrity of shared data without retrieving the entire data while keeping the identity of the signer private.
2) Extends the mechanism to support batch auditing, enabling the verification of multiple shared data simultaneously in a single auditing task.
3) Continues to use random masking to support data privacy during public auditing and leverages index hash tables to support fully dynamic operations on shared data.
The document proposes a shared authority based privacy-preserving authentication protocol (SAPA) for cloud data storage. SAPA allows for authentication and authorization without compromising a user's private information. It addresses privacy issues during data sharing in cloud storage by implementing an anonymous access request matching mechanism and applying attribute-based access control with proxy re-encryption for temporary authorized data sharing between users. The proposed system provides advantages over existing systems by allowing data owners to control access and sharing privileges while preserving user privacy during authentication and authorization.
IRJET- Secure Data Sharing Scheme for Mobile Cloud Computing using SEDASCIRJET Journal
1) The document proposes a Secure Data Sharing in Clouds (SeDaSC) methodology for secure data sharing in cloud computing.
2) SeDaSC provides data confidentiality and integrity, access control, secure data sharing without reencryption, protection from insider threats, and forward/backward access control.
3) It encrypts files with a single key, and generates two shares of the key - one given to the user and the other stored by a trusted third party, to prevent insider threats from malicious users.
Shared authority based privacy preserving authentication protocol in cloud co...Adz91 Digital Ads Pvt Ltd
This document proposes a shared authority based privacy-preserving authentication protocol (SAPA) for cloud storage. SAPA allows for anonymous access requests and attribute-based access control, while encrypting data to preserve privacy. It aims to address privacy issues when a user requests data sharing from other users and the cloud server, where the request itself could reveal private information. The protocol uses anonymous matching of access requests, encryption of data, and temporary authorized data sharing between users through proxy re-encryption. It is designed to simultaneously provide access control, sharing of access authority, and privacy preservation for collaborative cloud applications.
1) The document proposes a system model for secure data sharing in cloud environments using cryptography.
2) It aims to provide data confidentiality, access control of shared data, remove the burden of key management and file encryption/decryption for users, and support dynamic changes to user membership without requiring the data owner to always be online.
3) The proposed system addresses common challenges with secure data sharing in cloud computing like data security, access control, key management, and user revocation and rejoining.
This document discusses privacy-preserving public auditing for shared data stored in the cloud. It proposes a mechanism called ORUTA that allows a third party auditor (TPA) to efficiently audit the integrity of shared data in the cloud while preserving the identity privacy of users. The mechanism has two phases - a setup phase and an audit phase. It also supports batch auditing which allows the TPA to concurrently handle multiple auditing tasks, improving efficiency. The mechanism further extends to allow for dynamic operations like insert, delete and modify on the outsourced data.
Iaetsd secure data sharing of multi-owner groups in cloudIaetsd Iaetsd
This document proposes a secure multi-owner data sharing scheme for dynamic groups in the cloud. It allows any user in a group to securely store and share data with others in the cloud. The key contributions are:
1) Any user can store and share data files with others through the cloud in a multi-owner manner.
2) The computation overhead and ciphertext size are constant and independent of the number of revoked users.
3) User revocation can be achieved without updating remaining users' private keys.
4) New users can directly decrypt files stored before their participation.
The proposed scheme uses group signatures for anonymous authentication and dynamic broadcast encryption for secure data sharing. It aims to address challenges like
Shared authority based privacy preserving authentication protocol in cloud co...Pvrtechnologies Nellore
The document proposes a shared authority based privacy-preserving authentication protocol (SAPA) for cloud storage to address privacy issues when users request to share access to each other's authorized data fields.
The SAPA allows for shared access authority through an anonymous access request matching mechanism that considers authentication, data anonymity, user privacy, and forward security. It also uses attribute based access control for users to only access their own data fields and proxy re-encryption for temporary data sharing among users.
The protocol is designed to enhance user privacy during access requests by not revealing a user's interests or access desires, whether or not they receive access permissions. It aims to simultaneously provide data access control, shared access authority, and privacy preservation
1. The document proposes a privacy-preserving public auditing mechanism called Oruta for shared data stored in the cloud.
2. Oruta allows a third party auditor (TPA) to efficiently verify the integrity of shared data for a group of users while preserving their identity privacy.
3. It exploits ring signatures to generate verification information for shared data blocks while keeping the identity of the signer private from the TPA.
Secure Data Sharing For Dynamic Groups in Multi-Attorney Manner Using Cloudpaperpublications3
Abstract: Cloud computing provides an economical and efficient solution for sharing data among the cloud users in the group , users sharing data in a multi-attorney manner preserving data and identity privacy from an untrusted cloud, it is still a challenging issue, due to frequent change of the membership in the group. In this paper, we propose a multi-attorney data sharing scheme for the dynamic groups in the cloud. By combing group signature and Tripple DES encryption techniques, any cloud user anonymously share the data with others. In addition, we analyze the security of our scheme with rigorous proofs, and demonstrate the efficiency of our scheme in experiments.Keywords: cloud computing, data sharing, privacy-preserving, access control, and dynamic groups.
Title: Secure Data Sharing For Dynamic Groups in Multi-Attorney Manner Using Cloud
Author: Vijaya Kumar Patil C, Manjunath H
International Journal of Recent Research in Mathematics Computer Science and Information Technology
ISSN 2350-1022
Paper Publications
This document summarizes a proposed scheme for secure data sharing in dynamic groups in the cloud. It addresses key challenges including how to securely share data with fine-grained access control when group membership changes frequently. The proposed scheme uses key policy attribute-based encryption (KP-ABE) and group signatures to allow any cloud user to anonymously share data. It leverages techniques like dynamic broadcast encryption and signed receipts to reduce computation and storage overhead, making the costs independent of the number of revoked users. The scheme aims to enable secure multi-owner data sharing where attribute authorities are also dynamic.
A Privacy Preserving Attribute Based Access Control Mechanism In Distributed ...Editor IJCATR
We propose a new decentralized access control scheme for secure data storage in clouds that supports anonymous
authentication. In the proposed scheme, the cloud verifies the authenticity of the series without knowing the user’s identity before
storing data. Our scheme also has the added feature of access control in which only valid users are able to decrypt the stored
information. The scheme prevents replay attacks and supports creation, modification, and reading data stored in the cloud. We also
address user revocation. Moreover, our authentication and access control scheme is decentralized and robust, unlike other access
control schemes designed for clouds which are centralized. The communication, computation, and storage overheads are comparable
to centralized approaches.
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09666155510, 09849539085 or mail us - ieeefinalsemprojects@gmail.com-Visit Our Website: www.finalyearprojects.org
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09666155510, 09849539085 or mail us - ieeefinalsemprojects@gmail.com-Visit Our Website: www.finalyearprojects.org
Mona secure multi owner data sharing for dynamic groups in the cloudKrushna Panda
Any user in a dynamic group can anonymously share data on the cloud using Mona, a secure multi-owner data sharing scheme. Mona leverages group signatures and dynamic broadcast encryption so that the storage overhead and encryption costs are independent of the number of revoked users. It allows efficient user revocation without updating others' secret keys and new users can access previously shared data. Mona provides anonymity, access control, and traces misbehavior. It achieves efficient and secure data sharing for dynamic groups on an untrusted cloud.
secure multi-owner data sharing for dynamic groupsSuchithra Balan
The document presents a secure data sharing scheme for dynamic groups in cloud computing. The scheme leverages group signature and dynamic broadcast encryption techniques to allow cloud users to anonymously share data with others in a group while preserving identity privacy from an untrusted cloud. It aims to securely support data sharing in dynamic groups where attributes are not fixed and multiple owners are possible. The scheme's storage overhead and encryption costs are independent of the number of revoked users.
Multi Owner Data Sharing & Outsourced Revocation Using Identity Based Encrypt...Eswar Publications
Cloud computing is an economical and effective solution for sharing group resource among cloud users. Unfortunately, sharing data in a multi-owner manner while protect data and identity privacy from an un trusted cloud is still a challenging issue, due to the recurrent change of the membership.The major aims of this method a secure multi-owner data sharing scheme.That is any user in the group can securely share data with others by un trusted cloud. Moreover, the real identities of data owners can be exposed by the group manager when disputes occur. User revocation can be achieved by a novel revocation list and no need to update the secret Keys of the
remaining users.The drawback of IBE is computation over head. To overcome the drawback introduces outsourcing computation.
The document proposes a secure multi-owner data sharing scheme called Mona for dynamic groups in the cloud. Mona leverages group signature and dynamic broadcast encryption techniques to allow any cloud user to anonymously share data with others. It supports efficient dynamic groups where new users can access previously shared data without contacting owners. Mona provides secure access control and privacy preservation for group members while storing data on untrusted cloud storage. It aims to address limitations of existing schemes regarding user participation, revocation, and single data owner restrictions.
This document proposes a secure multi-owner attribute authorities based data sharing scheme for dynamic groups in the cloud. It aims to enable secure data sharing in dynamic groups where there is no fixed attribute authority, using a key policy attribute-based encryption method to select dynamic attribute authorities. The proposed scheme uses group signatures, signed receipts, and dynamic broadcast encryption to allow cloud users to anonymously share data. It reduces computation cost and storage overhead compared to existing works, as the encryption computation cost and storage overhead are independent of the number of revoked users.
A cloud storage system for sharing data securely with privacy preservation an...eSAT Journals
Abstract Cloud computing provides much-known services for storing user data over cloud server and it provides attention towards a broad set of technologies, rules and controls deployed to provide security for applications and data. As the more and more firm uses the cloud, security in cloud environment is becoming very important issue. It is much needed that companies should work with partners doing best practices of cloud security and which facilitate transparency for their solutions. Number of security solutions today depends on the authentication for security but it did not provide solution for the privacy problems while sharing data in the cloud environment. Data access request from the user itself may expose users’ private data no matter his request approved or not. So this becomes very important in sharing data in the cloud environment. In this paper we proposed a system which provides attention towards the above mentioned problem. In proposed system we used the concept of data anonymity for sending data access request to data owner and also provide the data auditing facility to detect fraud in the integrity of users shared data. Keywords: Cloud computing, privacy preservation, data integrity, data sharing, authentication
Iaetsd an efficient secure scheme for multi user in cloudIaetsd Iaetsd
This document proposes a secure multi-owner data sharing scheme for dynamic groups in the cloud. The scheme allows any user within a group to securely share data with others through a trusted cloud. It supports efficient dynamic groups where new users can directly access and modify files uploaded before their participation without contacting owners. User revocation is achieved through a public revocation list without changing remaining user keys. The scheme provides anonymity and security while ensuring storage and computation overhead remain constant regardless of revoked users. It aims to address challenges with existing systems through increasing redundancy of group managers and distributing workload across managers.
Oruta is a privacy-preserving public auditing mechanism for shared data in the cloud that:
1) Utilizes ring signatures to construct homomorphic authenticators, allowing a third party auditor to verify the integrity of shared data without retrieving the entire data while keeping the identity of the signer private.
2) Extends the mechanism to support batch auditing, enabling the verification of multiple shared data simultaneously in a single auditing task.
3) Continues to use random masking to support data privacy during public auditing and leverages index hash tables to support fully dynamic operations on shared data.
The document proposes a shared authority based privacy-preserving authentication protocol (SAPA) for cloud data storage. SAPA allows for authentication and authorization without compromising a user's private information. It addresses privacy issues during data sharing in cloud storage by implementing an anonymous access request matching mechanism and applying attribute-based access control with proxy re-encryption for temporary authorized data sharing between users. The proposed system provides advantages over existing systems by allowing data owners to control access and sharing privileges while preserving user privacy during authentication and authorization.
IRJET- Secure Data Sharing Scheme for Mobile Cloud Computing using SEDASCIRJET Journal
1) The document proposes a Secure Data Sharing in Clouds (SeDaSC) methodology for secure data sharing in cloud computing.
2) SeDaSC provides data confidentiality and integrity, access control, secure data sharing without reencryption, protection from insider threats, and forward/backward access control.
3) It encrypts files with a single key, and generates two shares of the key - one given to the user and the other stored by a trusted third party, to prevent insider threats from malicious users.
Shared authority based privacy preserving authentication protocol in cloud co...Adz91 Digital Ads Pvt Ltd
This document proposes a shared authority based privacy-preserving authentication protocol (SAPA) for cloud storage. SAPA allows for anonymous access requests and attribute-based access control, while encrypting data to preserve privacy. It aims to address privacy issues when a user requests data sharing from other users and the cloud server, where the request itself could reveal private information. The protocol uses anonymous matching of access requests, encryption of data, and temporary authorized data sharing between users through proxy re-encryption. It is designed to simultaneously provide access control, sharing of access authority, and privacy preservation for collaborative cloud applications.
1) The document proposes a system model for secure data sharing in cloud environments using cryptography.
2) It aims to provide data confidentiality, access control of shared data, remove the burden of key management and file encryption/decryption for users, and support dynamic changes to user membership without requiring the data owner to always be online.
3) The proposed system addresses common challenges with secure data sharing in cloud computing like data security, access control, key management, and user revocation and rejoining.
This document discusses privacy-preserving public auditing for shared data stored in the cloud. It proposes a mechanism called ORUTA that allows a third party auditor (TPA) to efficiently audit the integrity of shared data in the cloud while preserving the identity privacy of users. The mechanism has two phases - a setup phase and an audit phase. It also supports batch auditing which allows the TPA to concurrently handle multiple auditing tasks, improving efficiency. The mechanism further extends to allow for dynamic operations like insert, delete and modify on the outsourced data.
Iaetsd secure data sharing of multi-owner groups in cloudIaetsd Iaetsd
This document proposes a secure multi-owner data sharing scheme for dynamic groups in the cloud. It allows any user in a group to securely store and share data with others in the cloud. The key contributions are:
1) Any user can store and share data files with others through the cloud in a multi-owner manner.
2) The computation overhead and ciphertext size are constant and independent of the number of revoked users.
3) User revocation can be achieved without updating remaining users' private keys.
4) New users can directly decrypt files stored before their participation.
The proposed scheme uses group signatures for anonymous authentication and dynamic broadcast encryption for secure data sharing. It aims to address challenges like
Shared authority based privacy preserving authentication protocol in cloud co...Pvrtechnologies Nellore
The document proposes a shared authority based privacy-preserving authentication protocol (SAPA) for cloud storage to address privacy issues when users request to share access to each other's authorized data fields.
The SAPA allows for shared access authority through an anonymous access request matching mechanism that considers authentication, data anonymity, user privacy, and forward security. It also uses attribute based access control for users to only access their own data fields and proxy re-encryption for temporary data sharing among users.
The protocol is designed to enhance user privacy during access requests by not revealing a user's interests or access desires, whether or not they receive access permissions. It aims to simultaneously provide data access control, shared access authority, and privacy preservation
1. The document proposes a privacy-preserving public auditing mechanism called Oruta for shared data stored in the cloud.
2. Oruta allows a third party auditor (TPA) to efficiently verify the integrity of shared data for a group of users while preserving their identity privacy.
3. It exploits ring signatures to generate verification information for shared data blocks while keeping the identity of the signer private from the TPA.
Secure Data Sharing For Dynamic Groups in Multi-Attorney Manner Using Cloudpaperpublications3
Abstract: Cloud computing provides an economical and efficient solution for sharing data among the cloud users in the group , users sharing data in a multi-attorney manner preserving data and identity privacy from an untrusted cloud, it is still a challenging issue, due to frequent change of the membership in the group. In this paper, we propose a multi-attorney data sharing scheme for the dynamic groups in the cloud. By combing group signature and Tripple DES encryption techniques, any cloud user anonymously share the data with others. In addition, we analyze the security of our scheme with rigorous proofs, and demonstrate the efficiency of our scheme in experiments.Keywords: cloud computing, data sharing, privacy-preserving, access control, and dynamic groups.
Title: Secure Data Sharing For Dynamic Groups in Multi-Attorney Manner Using Cloud
Author: Vijaya Kumar Patil C, Manjunath H
International Journal of Recent Research in Mathematics Computer Science and Information Technology
ISSN 2350-1022
Paper Publications
This document summarizes a proposed scheme for secure data sharing in dynamic groups in the cloud. It addresses key challenges including how to securely share data with fine-grained access control when group membership changes frequently. The proposed scheme uses key policy attribute-based encryption (KP-ABE) and group signatures to allow any cloud user to anonymously share data. It leverages techniques like dynamic broadcast encryption and signed receipts to reduce computation and storage overhead, making the costs independent of the number of revoked users. The scheme aims to enable secure multi-owner data sharing where attribute authorities are also dynamic.
A Privacy Preserving Attribute Based Access Control Mechanism In Distributed ...Editor IJCATR
We propose a new decentralized access control scheme for secure data storage in clouds that supports anonymous
authentication. In the proposed scheme, the cloud verifies the authenticity of the series without knowing the user’s identity before
storing data. Our scheme also has the added feature of access control in which only valid users are able to decrypt the stored
information. The scheme prevents replay attacks and supports creation, modification, and reading data stored in the cloud. We also
address user revocation. Moreover, our authentication and access control scheme is decentralized and robust, unlike other access
control schemes designed for clouds which are centralized. The communication, computation, and storage overheads are comparable
to centralized approaches.
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09666155510, 09849539085 or mail us - ieeefinalsemprojects@gmail.com-Visit Our Website: www.finalyearprojects.org
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09666155510, 09849539085 or mail us - ieeefinalsemprojects@gmail.com-Visit Our Website: www.finalyearprojects.org
A self destruction system for dynamic group data sharing in cloudeSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
IRJET- Security Enhancement for Sharing Data within Group Members in CloudIRJET Journal
1) The document proposes a secure data sharing scheme for sharing data within group members in the cloud. It aims to prevent collusion attacks and allow for secure sharing of data even as group membership changes dynamically.
2) The scheme uses encryption with private keys so that if a user's key is leaked, it will be difficult for others to access the shared data. A trusted authority authenticates users and stores encryption keys to determine responsibility if issues arise.
3) The scheme achieves secure key distribution without requiring secure communication channels by using public key verification. It also allows for fine-grained access control and secure revocation such that revoked users cannot access shared data even by colluding with the cloud.
Panda: Public Auditing for Shared Data with Efficient User Revocation in the ...1crore projects
IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
Mona secure multi owner data sharing for dynamic groups in the cloudJPINFOTECH JAYAPRAKASH
The document proposes a secure multi-owner data sharing scheme called Mona for dynamic groups in the cloud. Mona allows any user in a group to anonymously share data with others in the cloud using group signatures and dynamic broadcast encryption. It aims to address challenges with existing schemes that have complexities increasing linearly with the number of owners and revoked users. The proposed Mona scheme achieves independent storage overhead and encryption costs from the number of revoked users and supports dynamic groups where new users can access previous files without owners.
Integrity Privacy to Public Auditing for Shared Data in Cloud ComputingIJERA Editor
In cloud computing, many mechanisms have been proposed to allow not only a data owner itself but also a public verifier to efficiently perform integrity checking without downloading the entire data from the cloud, which is referred to as public auditing . In these mechanisms, data is divided into many small blocks, where each block is independently signed by the owner; and a random combination of all the blocks instead of the whole data is retrieved during integrity checking .However, public auditing for such shared data— while preserving identity privacy — remains to be an open challenge. Here, we only consider how to audit the integrity of shared data in the cloud with static groups. It means the group is pre-defined before shared data is created in the cloud and the membership of users in the group is not changed during data sharing. The original user is responsible for deciding who is able to share her data before outsourcing data to the cloud. Another interesting problem is how to audit the integrity of shared data in the cloud with dynamic groups — a new user can be added into the group and an existing group member can be revoked during data sharing.
Mona secure multi owner data sharing for dynamic groups in the cloudJPINFOTECH JAYAPRAKASH
This document summarizes the "Mona: Secure Multi-Owner Data Sharing for Dynamic Groups in the Cloud" paper. It proposes a scheme called Mona that allows any user in a dynamic group to anonymously share data on the cloud. Mona uses group signatures and dynamic broadcast encryption so encryption costs are independent of revoked users. It provides anonymous yet traceable access control and efficient user revocation without updating keys.
Messages addressed to specific users can be decrypted by Key Generation Centre (KGC) by generating their private keys. Data owner wants the data to be delivered only to specified user and not to unauthorized person that is the data owner makes their private data accessible only to authorized person. We propose attribute based encryption and escrow problem which means written agreement delivered to a third party to overcome this problem. Attribute based Encryption (ABE) is a type of public-key encryption in which the private key of a user and the cipher text are dependent upon attributes. It is a promising cryptographic approach.
Secure Data Sharing In an Untrusted CloudIJERA Editor
Cloud computing is a huge area which basically provides many services on the basis of pay as you go. One of the fundamental services provided by cloud is data storage. Cloud provides cost efficiency and an efficient solution for sharing resource among cloud users. A secure and efficient data sharing scheme for groups in cloud is not an easy task. On one hand customers are not ready to share their identity but on other hand want to enjoy the cost efficiency provided by the cloud. It needs to provide identity privacy, multiple owner and dynamic data sharing without getting effected by the number of cloud users revoked. In this paper, any member of a group can completely enjoy the data storing and sharing services by the cloud. A secure data sharing scheme for dynamic cloud users is proposed in this paper. For which it uses group signature and dynamic broadcast encryption techniques such that any user in a group can share the information in a secured manner. Additionally the permission option is proposed for the security reasons. This means the file access permissions are generated by the admin and given to the user using Role Based Access Control (RBA) algorithm. The file access permissions are read, write and delete. In this, owner can provide files with options and accepts the users using that option. The revocation of cloud user is a function generated by the Admin for security purpose. The encryption computational cost and storage overhead is not dependent on the number of users revoked. We analyze the security by proofs and produce the cloud efficiency report using cloudsim.
Maintaining Data Integrity for Shared Data in Cloud IJERA Editor
This document summarizes a research paper on maintaining data integrity for shared data in the cloud. It discusses how data can be easily shared and modified by users in a group stored in the cloud. To protect data integrity, each data block is assigned a signature by the data owner. If a user is revoked from the group, existing users must re-sign the blocks that were previously signed by the revoked user. The paper also proposes allowing a public auditor to verify data integrity without downloading the entire data file, preserving data confidentiality. It describes using proxy re-signatures and secret keys during login for security.
Public Integrity Auditing for Shared Dynamic Cloud Data with Group User Revoc...1crore projects
This document describes a public integrity auditing scheme for shared dynamic cloud data with group user revocation. It discusses the problem of collusion attacks between cloud servers and revoked group users in existing schemes. The proposed scheme uses vector commitment and verifier-local revocation group signatures to enable public checking, efficient user revocation, and prevent collusion attacks. It aims to achieve security, correctness, efficiency, countability, and traceability. The scheme relies on strong Diffie-Hellman and decision linear assumptions.
A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...Editor IJCATR
The Data sharing is an important functionality in cloud storage. In this article, we show how to securely, efficiently, and
flexibly share data with others in cloud storage. We describe new public-key cryptosystems which produce constant-size ciphertexts
such that efficient delegation of decryption rights for any set of ciphertexts are possible. The novelty is that one can aggregate any set
of secret keys and make them as compact as a single key, but encompassing the power of all the keys being aggregated. In other
words, the secret key holder can release a constant-size aggregate key for flexible choices of ciphertext set in cloud storage, but the
other encrypted files outside the set remain confidential. This compact aggregate key can be conveniently sent to others or be stored in
a smart card with very limited secure storage. We provide formal security analysis of our schemes in the standard model. We also
describe other application of our schemes. In particular, our schemes give the first public-key patient controlled encryption for flexible
hierarchy, which was yet to be known.
SURVEY ON DYNAMIC DATA SHARING IN PUBLIC CLOUD USING MULTI-AUTHORITY SYSTEMijiert bestjournal
The continuous development of cloud computing,seve ral trends are opening up to new forms of outsourci ng. Public data integrity auditing is not secure and efficient for shared dynamic data. In existing scheme figure out the collusion attack and provide an efficient public integrity au diting scheme,with the help of secure group user r evocation based on vector commitment and verifier�local revocation group signature. It provides secure and efficient s cheme which support public checking and efficient user revocati on. Problem of existing work they used TPA (Third p arty auditor) for key generation and key agreement. Use of TPA as central system if it fails then whole system gets failed. If we are working with cloud,user identity is major conc ern because user doesn�t want to reveal his persona l information to public. This concept not included in it. In this paper,based these con�s we proposed a dynamic dat a sharing in public cloud using multi-authority system. The prop osed scheme is able to protect user�s privacy again st each single authority. .
Key-Aggregate Searchable Encryption (KASE) for Group Data Sharing via Cloud S...1crore projects
IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
Secure Redundant Data Avoidance over Multi-Cloud Architecture. IJCERT JOURNAL
Redundant data avoidance systems, the Private Cloud are involved as a proxy to allow data owner/users to securely perform duplicate check with differential privileges. Such architecture is practical and has attracted much attention from researchers. The data owners only outsource their data storage by utilizing public cloud while the data operation is managed in private cloud, in this connection our presented system has follows traditional encryption while providing data confidentiality, is incompatible with redundant data avoidance. Identical data copies of different users will lead to different ciphertexts, making data avoidance impossible. To address above issues convergent encryption technique has been proposed to encrypt the data before outsourcing. To better protect data security, this paper makes the first attempt to formally address the problem of authorized redundant data avoidance. Different from traditional redundant data avoidance systems, the differential privileges of users are further considered in duplicate check besides the data itself. We also present several new redundant data avoidance constructions supporting authorized duplicate check in a multi-cloud architecture. Security analysis demonstrates that our scheme is secure in terms of the definitions specified in the proposed security model. In order to perform secure access controlling scheme user may satisfy fine-grained approach at cloud level towards access restricting from unauthorized users or adversaries.
Public integrity auditing for shared dynamic cloud data with group user revoc...Pvrtechnologies Nellore
This document describes a public integrity auditing scheme for shared dynamic cloud data that supports secure group user revocation. It identifies limitations in existing schemes, such as lack of consideration for data secrecy during updates and potential collusion attacks during revocation. The proposed scheme uses vector commitment, asymmetric group key agreement, and group signatures to enable encrypted data updates among group users and efficient yet secure user revocation. It aims to provide public auditing of data integrity, as well as properties like traceability and accountability. The security and performance of the scheme are analyzed and shown to improve upon relevant existing works.
Similar to A secure anti collusion data sharing scheme for dynamic groups in the cloud (20)
Batteries -Introduction – Types of Batteries – discharging and charging of battery - characteristics of battery –battery rating- various tests on battery- – Primary battery: silver button cell- Secondary battery :Ni-Cd battery-modern battery: lithium ion battery-maintenance of batteries-choices of batteries for electric vehicle applications.
Fuel Cells: Introduction- importance and classification of fuel cells - description, principle, components, applications of fuel cells: H2-O2 fuel cell, alkaline fuel cell, molten carbonate fuel cell and direct methanol fuel cells.
Introduction- e - waste – definition - sources of e-waste– hazardous substances in e-waste - effects of e-waste on environment and human health- need for e-waste management– e-waste handling rules - waste minimization techniques for managing e-waste – recycling of e-waste - disposal treatment methods of e- waste – mechanism of extraction of precious metal from leaching solution-global Scenario of E-waste – E-waste in India- case studies.
CHINA’S GEO-ECONOMIC OUTREACH IN CENTRAL ASIAN COUNTRIES AND FUTURE PROSPECTjpsjournal1
The rivalry between prominent international actors for dominance over Central Asia's hydrocarbon
reserves and the ancient silk trade route, along with China's diplomatic endeavours in the area, has been
referred to as the "New Great Game." This research centres on the power struggle, considering
geopolitical, geostrategic, and geoeconomic variables. Topics including trade, political hegemony, oil
politics, and conventional and nontraditional security are all explored and explained by the researcher.
Using Mackinder's Heartland, Spykman Rimland, and Hegemonic Stability theories, examines China's role
in Central Asia. This study adheres to the empirical epistemological method and has taken care of
objectivity. This study analyze primary and secondary research documents critically to elaborate role of
china’s geo economic outreach in central Asian countries and its future prospect. China is thriving in trade,
pipeline politics, and winning states, according to this study, thanks to important instruments like the
Shanghai Cooperation Organisation and the Belt and Road Economic Initiative. According to this study,
China is seeing significant success in commerce, pipeline politics, and gaining influence on other
governments. This success may be attributed to the effective utilisation of key tools such as the Shanghai
Cooperation Organisation and the Belt and Road Economic Initiative.
Using recycled concrete aggregates (RCA) for pavements is crucial to achieving sustainability. Implementing RCA for new pavement can minimize carbon footprint, conserve natural resources, reduce harmful emissions, and lower life cycle costs. Compared to natural aggregate (NA), RCA pavement has fewer comprehensive studies and sustainability assessments.
Literature Review Basics and Understanding Reference Management.pptxDr Ramhari Poudyal
Three-day training on academic research focuses on analytical tools at United Technical College, supported by the University Grant Commission, Nepal. 24-26 May 2024
TIME DIVISION MULTIPLEXING TECHNIQUE FOR COMMUNICATION SYSTEMHODECEDSIET
Time Division Multiplexing (TDM) is a method of transmitting multiple signals over a single communication channel by dividing the signal into many segments, each having a very short duration of time. These time slots are then allocated to different data streams, allowing multiple signals to share the same transmission medium efficiently. TDM is widely used in telecommunications and data communication systems.
### How TDM Works
1. **Time Slots Allocation**: The core principle of TDM is to assign distinct time slots to each signal. During each time slot, the respective signal is transmitted, and then the process repeats cyclically. For example, if there are four signals to be transmitted, the TDM cycle will divide time into four slots, each assigned to one signal.
2. **Synchronization**: Synchronization is crucial in TDM systems to ensure that the signals are correctly aligned with their respective time slots. Both the transmitter and receiver must be synchronized to avoid any overlap or loss of data. This synchronization is typically maintained by a clock signal that ensures time slots are accurately aligned.
3. **Frame Structure**: TDM data is organized into frames, where each frame consists of a set of time slots. Each frame is repeated at regular intervals, ensuring continuous transmission of data streams. The frame structure helps in managing the data streams and maintaining the synchronization between the transmitter and receiver.
4. **Multiplexer and Demultiplexer**: At the transmitting end, a multiplexer combines multiple input signals into a single composite signal by assigning each signal to a specific time slot. At the receiving end, a demultiplexer separates the composite signal back into individual signals based on their respective time slots.
### Types of TDM
1. **Synchronous TDM**: In synchronous TDM, time slots are pre-assigned to each signal, regardless of whether the signal has data to transmit or not. This can lead to inefficiencies if some time slots remain empty due to the absence of data.
2. **Asynchronous TDM (or Statistical TDM)**: Asynchronous TDM addresses the inefficiencies of synchronous TDM by allocating time slots dynamically based on the presence of data. Time slots are assigned only when there is data to transmit, which optimizes the use of the communication channel.
### Applications of TDM
- **Telecommunications**: TDM is extensively used in telecommunication systems, such as in T1 and E1 lines, where multiple telephone calls are transmitted over a single line by assigning each call to a specific time slot.
- **Digital Audio and Video Broadcasting**: TDM is used in broadcasting systems to transmit multiple audio or video streams over a single channel, ensuring efficient use of bandwidth.
- **Computer Networks**: TDM is used in network protocols and systems to manage the transmission of data from multiple sources over a single network medium.
### Advantages of TDM
- **Efficient Use of Bandwidth**: TDM all
KuberTENes Birthday Bash Guadalajara - K8sGPT first impressionsVictor Morales
K8sGPT is a tool that analyzes and diagnoses Kubernetes clusters. This presentation was used to share the requirements and dependencies to deploy K8sGPT in a local environment.
Presentation of IEEE Slovenia CIS (Computational Intelligence Society) Chapte...University of Maribor
Slides from talk presenting:
Aleš Zamuda: Presentation of IEEE Slovenia CIS (Computational Intelligence Society) Chapter and Networking.
Presentation at IcETRAN 2024 session:
"Inter-Society Networking Panel GRSS/MTT-S/CIS
Panel Session: Promoting Connection and Cooperation"
IEEE Slovenia GRSS
IEEE Serbia and Montenegro MTT-S
IEEE Slovenia CIS
11TH INTERNATIONAL CONFERENCE ON ELECTRICAL, ELECTRONIC AND COMPUTING ENGINEERING
3-6 June 2024, Niš, Serbia
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODELgerogepatton
As digital technology becomes more deeply embedded in power systems, protecting the communication
networks of Smart Grids (SG) has emerged as a critical concern. Distributed Network Protocol 3 (DNP3)
represents a multi-tiered application layer protocol extensively utilized in Supervisory Control and Data
Acquisition (SCADA)-based smart grids to facilitate real-time data gathering and control functionalities.
Robust Intrusion Detection Systems (IDS) are necessary for early threat detection and mitigation because
of the interconnection of these networks, which makes them vulnerable to a variety of cyberattacks. To
solve this issue, this paper develops a hybrid Deep Learning (DL) model specifically designed for intrusion
detection in smart grids. The proposed approach is a combination of the Convolutional Neural Network
(CNN) and the Long-Short-Term Memory algorithms (LSTM). We employed a recent intrusion detection
dataset (DNP3), which focuses on unauthorized commands and Denial of Service (DoS) cyberattacks, to
train and test our model. The results of our experiments show that our CNN-LSTM method is much better
at finding smart grid intrusions than other deep learning algorithms used for classification. In addition,
our proposed approach improves accuracy, precision, recall, and F1 score, achieving a high detection
accuracy rate of 99.50%.
ISPM 15 Heat Treated Wood Stamps and why your shipping must have one
A secure anti collusion data sharing scheme for dynamic groups in the cloud
1. 1045-9219 (c) 2013 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See
http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/TPDS.2015.2388446, IEEE Transactions on Parallel and Distributed Systems
1
A Secure Anti-Collusion Data Sharing Scheme for
Dynamic Groups in the Cloud
Zhongma Zhu
School of Information Science and
Engineering
Southeast University
Nanjing, China
zhuzhongma@163.com
Rui Jiang (Corresponding author)
School of Information Science and
Engineering
Southeast University
Nanjing, China
R.Jiang@seu.edu.cn
Abstract: Benefited from cloud computing, users can achieve an effective and
economical approach for data sharing among group members in the cloud with the
characters of low maintenance and little management cost. Meanwhile, we must
provide security guarantees for the sharing data files since they are outsourced.
Unfortunately, because of the frequent change of the membership, sharing data while
providing privacy-preserving is still a challenging issue, especially for an untrusted
cloud due to the collusion attack. Moreover, for existing schemes, the security of key
distribution is based on the secure communication channel, however, to have such
channel is a strong assumption and is difficult for practice. In this paper, we propose a
secure data sharing scheme for dynamic members. Firstly, we propose a secure way
for key distribution without any secure communication channels, and the users can
securely obtain their private keys from group manager. Secondly, our scheme can
achieve fine-grained access control, any user in the group can use the source in the
cloud and revoked users cannot access the cloud again after they are revoked. Thirdly,
we can protect the scheme from collusion attack, which means that revoked users
cannot get the original data file even if they conspire with the untrusted cloud. In our
approach, by leveraging polynomial function, we can achieve a secure user revocation
scheme. Finally, our scheme can achieve fine efficiency, which means previous users
need not to update their private keys for the situation either a new user joins in the
group or a user is revoked from the group.
2. 1045-9219 (c) 2013 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See
http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/TPDS.2015.2388446, IEEE Transactions on Parallel and Distributed Systems
2
Key words: Access control, Privacy-preserving, Key distribution, Cloud computing
1 INTRODUCTION
Cloud computing, with the characteristics of intrinsic data sharing and low
maintenance, provides a better utilization of resources. In cloud computing, cloud
service providers offer an abstraction of infinite storage space for clients to host data
[1]. It can help clients reduce their financial overhead of data managements by
migrating the local managements system into cloud servers.
However, security concerns become the main constraint as we now outsource the
storage of data, which is possibly sensitive, to cloud providers. To preserve data
privacy, a common approach is to encrypt data files before the clients upload the
encrypted data into the cloud [2]. Unfortunately, it is difficult to design a secure and
efficient data sharing scheme, especially for dynamic groups in the cloud.
Kallahalla et al [3] presented a cryptographic storage system that enables secure
data sharing on untrustworthy servers based on the techniques that dividing files into
filegroups and encrypting each file_group with a file-block key. However, the
file-block keys need to be updated and distributed for a user revocation, therefore, the
system had a heavy key distribution overhead. Other schemes for data sharing on
untrusted servers have been proposed in [4],[5]. However, the complexities of user
participation and revocation in these schemes are linearly increasing with the number
of data owners and the revoked users.
Yu et al [6] exploited and combined techniques of key policy attribute-based
encryption [7], proxy re-encryption and lazy re-encryption to achieve fine-grained
data access control without disclosing data contents. However, the single-owner
manner may hinder the implementation of applications, where any member in the
group can use the cloud service to store and share data files with others.
Lu et al [8] proposed a secure provenance scheme by leveraging group signatures
and ciphertext-policy attribute-based encryption techniques [9]. Each user obtains two
keys after the registration while the attribute key is used to decrypt the data which is
3. 1045-9219 (c) 2013 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See
http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/TPDS.2015.2388446, IEEE Transactions on Parallel and Distributed Systems
3
encrypted by the attribute-based encryption and the group signature key is used for
privacy-preserving and traceability. However, the revocation is not supported in this
scheme.
Liu et al [10] presented a secure multi-owner data sharing scheme, named Mona.
It is claimed that the scheme can achieve fine-grained access control and revoked
users will not be able to access the sharing data again once they are revoked. However,
the scheme will easily suffer from the collusion attack by the revoked user and the
cloud [13]. The revoked user can use his private key to decrypt the encrypted data file
and get the secret data after his revocation by conspiring with the cloud. In the phase
of file access, first of all, the revoked user sends his request to the cloud, then the
cloud responds the corresponding encrypted data file and revocation list to the
revoked user without verifications. Next, the revoked user can compute the decryption
key with the help of the attack algorithm. Finally, this attack can lead to the revoked
users getting the sharing data and disclosing other secrets of legitimate members.
Zhou et al [14] presented a secure access control scheme on encrypted data in
cloud storage by invoking role-based encryption technique. It is claimed that the
scheme can achieve efficient user revocation that combines role-based access control
policies with encryption to secure large data storage in the cloud. Unfortunately, the
verifications between entities are not concerned, the scheme easily suffer from attacks,
for example, collusion attack. Finally, this attack can lead to disclosing sensitive data
files.
Zou et al. [15] presented a practical and flexible key management mechanism for
trusted collaborative computing. By leveraging access control polynomial, it is
designed to achieve efficient access control for dynamic groups. Unfortunately, the
secure way for sharing the personal permanent portable secret between the user and
the server is not supported and the private key will be disclosed once the personal
permanent portable secret is obtained by the attackers.
Nabeel et al. [16] proposed a privacy preserving policy-based content sharing
scheme in public clouds. However, this scheme is not secure because of the weak
4. 1045-9219 (c) 2013 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See
http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/TPDS.2015.2388446, IEEE Transactions on Parallel and Distributed Systems
4
protection of commitment in the phase of identity token issuance.
In this paper, we propose a secure data sharing scheme, which can achieve secure
key distribution and data sharing for dynamic group. The main contributions of our
scheme include:
1. We provide a secure way for key distribution without any secure
communication channels. The users can securely obtain their private keys
from group manager without any Certificate Authorities due to the
verification for the public key of the user.
2. Our scheme can achieve fine-grained access control, with the help of the
group user list, any user in the group can use the source in the cloud and
revoked users cannot access the cloud again after they are revoked.
3. We propose a secure data sharing scheme which can be protected from
collusion attack. The revoked users can not be able to get the original
data files once they are revoked even if they conspire with the untrusted
cloud. Our scheme can achieve secure user revocation with the help of
polynomial function.
4. Our scheme is able to support dynamic groups efficiently, when a new
user joins in the group or a user is revoked from the group, the private
keys of the other users do not need to be recomputed and updated.
5. We provide security analysis to prove the security of our scheme. In
addition, we also perform simulations to demonstrate the efficiency of
our scheme.
The remainder of the paper proceeds as follows. In section 2, we describe the
system model and our design goals. Our proposed scheme is presented in detail in
section 3, followed by the security analysis and performance evaluation in section 4
and 5, respectively. Finally, the conclusion is made in section 6.
5. 1045-9219 (c) 2013 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See
http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/TPDS.2015.2388446, IEEE Transactions on Parallel and Distributed Systems
5
2 THREAT MODEL, SYSTEM MODEL AND DESIGN GOALS
2.1 Threat Model
As the threat model, in this paper, we propose our scheme based on the
Dolev-Yao model [17], in which the adversary can overhear, intercept, and synthesis
any message at the communication channels. With the Dolev-Yao model, the only
way to protect the information from attacking by the passive eavesdroppers and active
saboteurs is to design the effective security protocols. This means there is not any
secure communication channels between the communication entities. Therefore, this
kind of threaten model can be more effective and practical to demonstrate the
communication in the real world.
2.2 System Model
Cloud
Group Manager Group Members
Registration
Key distribution
Data file Data file
Figure 1 System model
As illustrated in figure 1, the system model consists of three different entities: the
cloud, a group manager and a large number of group members.
The cloud, maintained by the cloud service providers, provides storage space for
hosting data files in a pay-as-you-go manner. However, the cloud is untrusted since
the cloud service providers are easily to become untrusted. Therefore, the cloud will
try to learn the content of the stored data.
Group manager takes charge of system parameters generation, user registration,
6. 1045-9219 (c) 2013 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See
http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/TPDS.2015.2388446, IEEE Transactions on Parallel and Distributed Systems
6
and user revocation. In the practical applications, the group manager usually is the
leader of the group. Therefore, we assume that the group manager is fully trusted by
the other parties.
Group members (users) are a set of registered users that will store their own data
into the cloud and share them with others. In the scheme, the group membership is
dynamically changed, due to the new user registration and user revocation.
2.3 Design Goals
We describe the main design goals of the proposed scheme including key
distribution, data confidentiality, access control and efficiency as follows:
Key Distribution: The requirement of key distribution is that users can securely
obtain their private keys from the group manager without any Certificate Authorities.
In other existing schemes, this goal is achieved by assuming that the communication
channel is secure, however, in our scheme, we can achieve it without this strong
assumption.
Access control: First, group members are able to use the cloud resource for data
storage and data sharing. Second, unauthorized users cannot access the cloud resource
at any time, and revoked users will be incapable of using the cloud resource again
once they are revoked.
Data confidentiality: Data confidentiality requires that unauthorized users
including the cloud are incapable of learning the content of the stored data. To
maintain the availability of data confidentiality for dynamic groups is still an
important and challenging issue. Specifically, revoked users are unable to decrypt the
stored data file after the revocation.
Efficiency: Any group member can store and share data files with others in the
group by the cloud. User revocation can be achieved without involving the others,
which means that the remaining users do not need to update their private keys.
7. 1045-9219 (c) 2013 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See
http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/TPDS.2015.2388446, IEEE Transactions on Parallel and Distributed Systems
7
3 THE PROPOSED SCHEME
3.1 Preliminaries
3.1.1 Bilinear Maps
Let 1G and 2G be additive cyclic groups of the same prime order q [18]. Let
1 1 2:e G G G denote a bilinear map constructed with the following properties:
1. Bilinear: For all *
, qa b Z and 1, , , , .
ab
P Q G e aP bQ e P Q
2. Nondegenerate: There exists a point Q such that , 1.e Q Q
3. Computable: There is an efficient algorithm to compute ,e P Q for any
1, .P Q G
3.1.2 Complexity Assumptions
Definition 1 (Basic Diffie-Hellman Problem (BDHP) Assumption [19]). Given base
point P and a value *
,qZ it is easy to compute .P However, given , ,P P it
is infeasible to compute because of the discrete logarithm problem.
Definition 2 (Decisional Diffie-Hellman Problem (DDHP) Assumption[20]). Similar
to definition 1, given base point P and , ,aP a b P it is infeasible to compute P.b
Definition 3 (Weak Bilinear Diffie-Hellman Exponent (WBDHE) Assumption[21]).
For unknown *
,qa Z given 2
1, , ,..., , ,l
Y aY a Y a Y P G it is infeasible to compute
1
, .ae Y P
3.1.3 Notations
Each user has a pair of keys , ,pk sk which is used in the asymmetric
encryption algorithm, and pk needs to be negotiated with the group manager on the
condition that no Certificate Authorities and security channels are involved in. KEY
is the private key of the user and is used for data sharing in the scheme. UL is the
group user list which records part of the private keys of the legal group users. DL is
the data list which records the identity of the sharing data and the time that they are
updated. The description of notation used in our scheme is illustrated in figure 2.
8. 1045-9219 (c) 2013 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See
http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/TPDS.2015.2388446, IEEE Transactions on Parallel and Distributed Systems
8
iID the identity of user i
Notation Description
pk
the public key of the user that needs to
be negociated with the group manager
sk the corresponding private key to pk
, ,i i ix A BKEY the private key which is distributed to the user from
the group manager and used for data sharing
kEnc gsymmetric encryption al orithm
used the encryption key k
kAENC gasymmetric encryption al orithm
used the encryption key k
UL group user list
DL data list
idataID ithe identity of data
Figure 2 Notation used in our scheme description
3.2 Scheme Description
The scheme of our scheme includes system initialization, user registration for
existing user, file upload, user revocation, registration for new user and file download.
3.2.1 System Initialization
The group manager takes charge of this operation. He generates a bilinear map
group system 1 2, , , , ,S q G G e then selects two random elements 1,P G G and a
number *
,qZ then computes ,W P Y G and , .Z e G P At last, the
group manager publishes the parameters 1, , , , , , , ,S P W Y Z f f Enc where f is hash
function:
* *
0,1 ,qZ 1f is hash function:
*
10,1 ,G and Enc is a symmetric
encryption algorithm. Besides, the group manager will keep the parameters ,G as
the secret master key.
3.2.2 Registration for Existing User
As illustrated in Figure 3, this operation is performed by user, the group manager
9. 1045-9219 (c) 2013 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See
http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/TPDS.2015.2388446, IEEE Transactions on Parallel and Distributed Systems
9
and the cloud.
Group managerUser
1, ,ac,iID pk v
,U R
2 1, , , ,i sk iID v AENC ID v ac
2,pkAENC KEY v
Cloud
?
|| || , , .iR e v f pk ac ID P W e U P
Group User List UL
?
1, ,e W f UL e P sig UL
Figure 3 Registration for existing user
First of all, the user sends 1, ,iID pk v as a request to the group manager, where
iID is the identity of the user, pk is the public key used in the asymmetric
encryption algorithm, such as ECC, ac is the account user used to pay for the
registration, which is related to the identity of the user, and *
1 qv Z is a random
number selected by the user.
On receiving the request, the group manager then chooses a random number
*
qr Z and computes , ,
r
R e P P 1 || || .i
U r v f pk ac ID P At last, the
group manager sends ,U R to the user for verification.
Then the verification is performed by user through checking the equation
?
1 || || , , .i
R e v f pk ac ID P W e U P The user sends the message
2 1, , , ,i sk iID v AENC ID v ac to the group manager after successful verification, where
*
2 qv Z is a random number, AENC is a asymmetric encryption algorithm, such
as ECC, and sk is the corresponding private key to the public key pk used in the
asymmetric encryption algorithm.
The group manager compares the received iID message with the identity iID
computed by decrypting 1, , .sk iAENC ID v ac In addition, the group manager verifies if
the decrypted number 1v is equal to the random number 1v in the first step. After
successful verifications, the group manager generates the message KEY as follows
when the iID message matches the identity in the first step:
The group manager selects a random number *
i qx Z and computes the following
10. 1045-9219 (c) 2013 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See
http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/TPDS.2015.2388446, IEEE Transactions on Parallel and Distributed Systems
10
equations:
1
1
1
i
i
i
i
i
i i
A P G
x
x
B G G
x
V f B
(1)
, ,i i ix A B constructs the message .KEY
The group manager then sends the encrypted message 2,pkAENC KEY v to user
and stores , , ,i i i ix A V ID in the local storage space. In addition, the group manager
adds ,i iA x to the group user list UL, which is illustrated in Table 1. To guarantee
the freshness of the group user list, the group manager adds a time stamp ult to it.
Then the group manager signs his signature 1sig UL f UL and sends the group
user list to the cloud. The cloud verifies the signature by checking the equation
?
1, ,e W f UL e P sig UL and stores the group user list, which is only available for
the cloud, in the cloud after successful verification.
Finally, the user decrypts the message 2,pkAENC KEY v by his private key in ECC
and then he can obtain his private key , , .i i ix A B After successful registration, the
user becomes a group member.
Table 1 Group user list
groupID 1A 1x
2A 2x
rA rx ult sig UL
3.2.3 File Upload
The operation of file upload is performed as illustrated in Figure 4.
First of all, the group member chooses a unique data file identity dataID and a
random number *
,qk Z then computes these parameters as the following equation:
11. 1045-9219 (c) 2013 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See
http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/TPDS.2015.2388446, IEEE Transactions on Parallel and Distributed Systems
11
1 1
2 1
2
k
K
C k Y G
C k P G
K Z G
C Enc M
(2)
Then the group member encrypts 1 2, , , ,data dataID C C C t with his private key ,iB
where datat is the real time stamp. At last, the group member sends
1 2
, , , ,i
B data dataEnc ID C C C t to the group manager.
Group manager
Cloud
0,...,r mEK K W W
1 2, ,
rK
CE C C C
Group member
1 1
2 1
2
k
K
C k Y G
C k P G
K Z G
C Enc M
1 2, , , ,iB data dataEnc ID C C C t
data list DL
, , , , ,group data data DFDF ID ID CE EK t
Figure 4 File upload
After getting this message 1 2
, , , , ,i
B data dataEnc ID C C C t the group manager decrypts
it and gets 1 2, , , ,dataID C C C then the group manager checks the legal group members
in his local storage space and if iB is the private key of a legal user, then the group
manager constructs the polynomial function 1 0 modm m i
p j j i if x x V a x q
and the exponential function 0
0 ,..., ,..., .ma a
mW W G G After that, the group manager
selects a random re-encryption key rK and constructs 0 ,..., .r mEK K W W Finally,
the group manager encrypts cipher-text 1 2, ,
rK
CE C C C with the re-encryption key
and sends , , , , ,group data data DFDF ID ID CE EK t to the cloud, where datat is the time
that the data file is uploaded and 1DF f DF is the signature of the group
manager for the data file.
In addition, the group manager also sends the data list to the cloud in order to let
the users verify the freshness of the data file. As illustrated in Table 2, the group
manager adds ,data dataID t and the current time DLt to the data list DL. To guarantee
that both users can obtain the latest version of data file and the cloud can update the
data file, the group manager updates the data list everyday. At last, the group manager
12. 1045-9219 (c) 2013 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See
http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/TPDS.2015.2388446, IEEE Transactions on Parallel and Distributed Systems
12
adds his signature 1sig DL f DL to the data list and sends the data list to the
cloud for storage.
Table 2 Data list
groupID 1dataID 1datat
2dataID 2datat
rdataID rdatat DLt sig DL
Finally, on receiving the message, the cloud verifies the identity of the group
manager by checking the equation
?
1, , DFe W f DF e P and stores the message
after successful verification.
3.2.4 User Revocation
User revocation is performed by the group manager and the cloud, which is
illustrated in figure 5.
Group manager Cloud
'
, , , , ,group data data DFDF ID ID CE EK t
'
0 1,..., .r mEK K W W
'1 2, ,
rK
CE C C C
Figure 5 User revocation
When a user i with identity iID is revoked, the group manager performs the
following operations:
1. Removing user i from the group user list in the local storage space and
updating the group user list which is stored in the cloud.
2. Checking the new group user list, suppose that there are m legal group
members in the list. According to the list, group manager then constructs
the new polynomial function ' 1
1 0 modm m j
p j j j j
j i
f x x V a x q
and
the new exponential function 0 1
0 1,..., ,..., ,ma a
mW W G G
where 1.G G
3. Selecting a new random re-encryption key '
rK and constructing
13. 1045-9219 (c) 2013 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See
http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/TPDS.2015.2388446, IEEE Transactions on Parallel and Distributed Systems
13
'
0 1,..., .r mEK K W W
4. Computing cipher-text '1 2, ,
rK
CE C C C with the new re-encryption key
'
.rK
5. Signing his signature ( )DF to the modified message
'
, , , , ,group data data
DF ID ID CE EK t where '
data
t is the time stamp.
6. Sending the message '
, , , , ,group data data DFDF ID ID CE EK t to the cloud.
Having received the modified message, first of all, the cloud verifies the signature
by checking the equation
?
1, , .DFe W f DF e P After successful verification, the
cloud The cloud replaces the old data file with the new data file.
In addition, the group manager updates all the time stamp '
datat of the data files in
the group for the data list. Then the group manager sends the new data list to the cloud
for storage. Finally, the cloud updates the data list.
3.2.5 Registration for New User
For the registration of a new user with its identity 1m
ID
, the group manager
performs the same operations as registration for existing user, which is illustrated in
section 3.2.2.
In addition, the group manager updates the data files stored in the cloud. First of all,
the group manager checks the rest of the legal users, then he constructs the new
polynomial function 1 1
1 0 modm m j
p j j j jf x x V a x q
and the new
exponential function 0 1
0 1,..., ,..., .ma a
mW W G G
After that, the group manager
selects a new random re-encryption key ''
rK and constructs ''
0 1,..., .r mEK K W W
Finally, the group manager encrypts cipher-text ''1 2, ,
rK
CE C C C with the new
re-encryption key and sends ''
, , , , ,group data data DFDF ID ID CE EK t to the cloud.
At last, the group manager updates all the time stamp ''
datat of the data files in the
group for the data list. Then the group manager sends the new data list to the cloud for
storage.
3.2.6 File Download
This operation is performed by the group member and the cloud, as illustrated in
figure 6, the group member encrypts dataID with his key iA and sends
14. 1045-9219 (c) 2013 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See
http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/TPDS.2015.2388446, IEEE Transactions on Parallel and Distributed Systems
14
, , ( )igroup i A dataID ID Enc ID as a request to the cloud. On receiving the message, the
cloud decrypts it and compares the encryption key iA with keys in the group user list,
if the encryption key iA is in the list, the cloud then sends the corresponding data file
, , , , ,group data data DFDF ID ID CE EK t and the data list to the group member.
Having received the message sent by the cloud, the group member verifies the
validity of the data file and the list by checking the equation
?
1, , DFe W f DF e P
and
?
1, , ( ) .e W f DL e P sig DL Then the group member checks if the time stamp
stored in the DF and the data list is the same. Finally, the group member starts to
decrypt the data file after successful verification.
Cloud
, , , , , ,group data dataID ID CE EK t DL
Group member
, , ( )igroup i A dataID ID Enc ID
Check UL
?
1, , DFe W f DF e P
?
1, , ( ) .e W f DL e P sig DL
Figure 6 file download
In order to decrypt the original data, the group member needs to perform two
decryptions. For the decryption of the re-encryption, the group member computes
i iV f B with his private key, then he computes the re-encryption key
0 1 .
j
i p i
V f Vm
r j j r rK W W K G K Finally, the group member decrypts CE and gets
1 2, , .C C C For the decryption of the first encryption, the group member computes
^
1 2, , ,K e C A e C B and the member can decrypt the correct ciphertext due to the
following equation:
^
1 2, ,
1
, ,
, ,
.
k kx
x x
k
K e C A e C B
x
e k Y P e k P G
x x
e G P e P G
Z K
(3)
Finally, the group member can decrypt the encrypted data C and get the original
15. 1045-9219 (c) 2013 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See
http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/TPDS.2015.2388446, IEEE Transactions on Parallel and Distributed Systems
15
data file M by leveraging the encryption key
^
.K
4 SECURITY ANALYSIS
In this section, we prove the security of our scheme in terms of key distribution,
access control and data confidentiality.
4.1 Key Distribution
Theorem 1. In our scheme, the communication entities can securely negotiate the
public key pk and distribute the private key , ,i i iKEY x A B to users without any
Certificate Authorities and secure communication channels.
Proof. As illustrated in Figure 3, in the phase of user registration, the user sends his
public key pk and a random number *
1 qv Z to the group manager with his
identity iID . Then the group manager computes corresponding value , .U R
Moreover, the user can verify the identity of the group manager by the equation
?
1
|| || , , .i
R e v f pk ac ID P W e U P The pk becomes the negotiated public key
after successful verification equation. Then the group manager can securely distribute
the private key ,KEY which is used for data sharing, to users with the help of
negotiated public key and without any Certificate Authorities and secure
communication channels. The correctness of the above verification equation is
elaborated in equation (4).
1
1
1 1
1
1
|| ||
|| ||
1
|| || , , || || ,
, || || ,
, || || ,
, ,
,
|| || ,
,
i
i
r
i i
r
i
r
i
r v f pk ac ID
r v f pk ac ID
i
R e v f pk ac ID P W e P P e v f pk ac ID P W
e P P e v f pk ac ID P P
e P P e v f pk ac ID P P
e P P e P P
e P P
e r v f pk ac ID P P
e U P
(4)
If an attacker wants to pass the verification, he needs to compute
1 || || ,iU r v f pk ac ID P which means that given , ,P R he needs to
16. 1045-9219 (c) 2013 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See
http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/TPDS.2015.2388446, IEEE Transactions on Parallel and Distributed Systems
16
compute 1 || || iU r v f pk ac ID P for unknown *
.qZ However, this
contradicts with the DDHP assumption. Therefore, the user can verify the identity of
the group manager by the verification equation above and they can securely negotiate
the public key without any Certificate Authorities and secure communication
channels.
In addition, our scheme can guarantee the user and the group manager to obtain
the correct message which is sent by the legal communication entity. As illustrated in
figure 3, in the third step of user registration, the group manager performs
verifications after receiving the message from the user. First of all, he decrypts
1, ,sk iAENC ID v ac and obtains 1, .iID v Then he compares them with the received iID
message and the random number 1v in the first step. If either of them is not equal,
the manager stops the registration and informs the user to send new request in the
third step. Moreover, the user sends a random number 2v to the manager and the
manager encrypts it with the public key .pk Therefore, the attacker cannot cheat the
legal users and our scheme can be protected from replay attack. ■
4.2 Access Control
Theorem 2. Benefited from the group user list, which is generated by the group
manager, our scheme can achieve efficient access control.
Proof. The access control is based on the security of the group user list, which is
signed by the group manager with his signature 1sig UL f UL and this operation
is generally performed by the cloud. The cloud verifies the identity of the group
manager by checking the equation
?
1, , .e W f UL e P sig UL The correctness of
above verification equation is based on the following relation:
1 1
1
1
, ,
,
,
,
e W f UL e P f UL
e P f UL
e P f UL
e P sig UL
(5)
Suppose that an attacker can forge the signature, which means that given , ,P P he
needs to compute , where *
.qZ However, this contradicts with BDHP
17. 1045-9219 (c) 2013 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See
http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/TPDS.2015.2388446, IEEE Transactions on Parallel and Distributed Systems
17
assumption. Therefore, there is no one except the group manager that can modify and
update the group user list to make sure that the resources in the cloud is available for
the legal users and unavailable for the revoked users and attackers. ■
4.3 Data Confidentiality
Theorem 3. Our scheme can protect data confidentiality, the cloud is unable to
learn the content of the stored files , , , ,group data dataDF ID ID CE EK t even under
the collusion with the revoked users.
Proof. Theorem 3 can be deduced from the following two lemmas.
Lemma 3.1. The cloud is unable to learn the content of the stored files
, , , , .group data dataDF ID ID CE EK t
Proof. First of all, the cloud cannot obtain the re-encryption key, even the cloud
can get the re-encryption key, then he can get 1 2, , ,C C C where
1 2, , , .k
KC k Y C k P K Z C Enc M Suppose that the cloud can compute the
encryption key, which means that given 1 , ,C k Y P for unknown , the cloud can
compute
1
1, , .
k
e C P e G P K However, this contradicts with WBDHE
assumption which is mentioned in [11].
Lemma 3.2. Even under the collusion with the revoked users, the cloud is
incapable of learning the content of the stored files , , , , .group data dataDF ID ID CE EK t
Proof. When a user is revoked, the group manager updates the data files stored in
the cloud with a new re-encryption key '
rK and constructs the new polynomial
function ' 1
1 0 modm m j
p j j j j
j i
f x x V a x q
and the new exponential function
0 1
0 1,..., ,..., .ma a
mW W G G
From the original polynomial function in the phase of file
upload, we can obtain that when , [1, ],ix V i m then
2
0 1 2 0
1
1
...
[1, ]
0
m m i
m i i
p
m
j j
m
j i j
a a x a x a x a x
f x
x V
V V i m
(6)
And for other values of ,x the value of the polynomial function is not zero.
At last, the group manager constructs '
0 1,...,r mEK K W W and sends it to the
18. 1045-9219 (c) 2013 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See
http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/TPDS.2015.2388446, IEEE Transactions on Parallel and Distributed Systems
18
cloud with a signature so that others cannot fake it. Only the legal users can recover
the re-encryption key due to the following equation:
0
2 1
0 1 2
'
1 1
0 1 1
...
j j
i j i
m
i i m i
p i
V a Vam m
r j j r j
a a V a V a V
r
f V
r
r
K W W K G G
K G
K G
K
(7)
When a user is revoked, the group manager constructs new polynomial function
'
.pf x From the equation above, we can know that the revoked user cannot recover
the re-encryption key due to the equation '
' '
.p if V
r rK G K Suppose that the revoked
user can compute the re-encryption key, which means that given '
0 ,rK W he can
compute '
.rK Obviously, this contradicts with the BDHP assumption.
In addition, to make sure that the cloud updates the data files, the group manager
adds a time stamp datat to the data files and signs his signature 1DF f DF for
verification. Moreover, the group manager updates the data file list by using his
signature 1sig DL f DL for the verifications of group members. Therefore, the
keys that the revoked users hold cannot be used to decrypt the re-encryption data files
anymore since the users are revoked. Thus the cloud is unable to learn the content of
the stored files even under the collusion with the revoked users. ■
4.4 Security Comparison
Table 3 Security performance comparison
Secure key
distribution
Access
control
Secure user
revocation
Anti-collusion
attack
Data
confidentiality
Mona √
RBAC
scheme
√
ODBE √ √ √
Our
scheme
√ √ √ √ √
In general, our scheme can achieve secure key distribution, fine access control
and secure user revocation. For clearly seeing the advantages of security of our
proposed scheme, as illustrated in table 3, we list a table compared with Mona, which
is Liu et al.’s scheme, the RBAC scheme, which is Zhou et al.’s scheme and ODBE
19. 1045-9219 (c) 2013 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See
http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/TPDS.2015.2388446, IEEE Transactions on Parallel and Distributed Systems
19
scheme, which is Delerablee et al.’s scheme. The √ in the blank means the scheme
can achieve the corresponding goal.
5 PERFORMANCE EVALUATION
We make the performance simulation with NS2 and compare with Mona in [10]
and the original dynamic broadcast encryption (ODBE) scheme in [12]. Without loss
of generality, we set 160p and the elements in 1G and 2G to be 161 and 1,024
bits, respectively. In addition, we assume the size of the data identity is 16 bits, which
yield a group capacity of 16
2 data files. Similarly, the size of user and group identity
are also set 16 bits. Both group members and group managers processes are conducted
on a laptop with Core 2 T5800 2.0 GHz, DDR2 800 2G, Ubuntu 12.04 X86. The
cloud process is implemented on a laptop with Core i7-3630 2.4 GHz, DDR3 1600 8G,
Ubuntu 12.04 X64. We select an elliptic curve with 160 bits group order.
5.1 Member Computation Cost
10 20 30 40 50 60 70 80 90 100
0.2
0.4
0.6
0.8
1
1.2
1.4
1.6
The number of revokrd users
computationofmember-side
ODBE
RBAC
Mona
our scheme
10 20 30 40 50 60 70 80 90 100
1.4
1.6
1.8
2
2.2
2.4
2.6
2.8
The number of revokrd users
computationofmember-side
ODBE
RBAC
Mona
our scheme
(a) Generating a 10 MB file (b) Generating a 100 MB file
Figure 7 Comparison on computation cost of members for file upload among
ODBE, RBAC, Mona and our scheme
As illustrated in figure 7, we list the comparison on computation cost of members
for file upload among ODBE, RBAC, Mona and our scheme. It is obviously observed
that the computation cost for members in our scheme is irrelevant to the number of
revoked users. The reason is that in our scheme, we move the operation of user
20. 1045-9219 (c) 2013 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See
http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/TPDS.2015.2388446, IEEE Transactions on Parallel and Distributed Systems
20
revocation to the group manager so that the legal clients can encrypt the data files
alone without involving information of other clients, including both legal and revoked
clients. On the contrary, the computation cost increases with the number of revoked
users in ODBE. The reason is that several operations including point multiplications
and exponentiations have to be performed by clients to compute the parameters in
ODBE.
The computation cost of members for file download operations with the size of 10
and 100Mbytes are illustrated in figure 8. The computation cost is irrelevant to the
number of revoked users in RBAC scheme. The reason is that no matter how many
users are revoked, the operations for members to decrypt the data files almost remain
the same. The computation cost in Mona increases with the number of revoked users,
because the users need to perform computing for revocation verification and check
whether the data owner is a revoked user. Besides the above operations, more
parameters need to be computed by members in ODBE. On the contrary, the
computation cost decreases with the number of revoked users in our scheme because
of the computation for the recovery of the secret parameter decreases with the number
of revoked users.
10 20 30 40 50 60 70 80 90 100
0.2
0.4
0.6
0.8
1
1.2
1.4
1.6
1.8
2
The number of revokrd users
computationofmember-side
ODBE
RBAC
Mona
our scheme
10 20 30 40 50 60 70 80 90 100
1.6
1.8
2
2.2
2.4
2.6
2.8
3
3.2
3.4
3.6
The number of revokrd users
computationofmember-side
ODBE
RBAC
Mona
our scheme
(a) Downloading a 10 MB file (b) Downloading a 100 MB file
Figure 8 Comparison on computation cost of members for file download among
ODBE, RBAC, Mona and our scheme
21. 1045-9219 (c) 2013 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See
http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/TPDS.2015.2388446, IEEE Transactions on Parallel and Distributed Systems
21
5.2 Cloud Computation Cost
As illustrated in figure 9, we list the comparison on computation cost of the cloud
for file upload between Mona and our scheme. In general, it can be obviously seen
that both the computation costs of the cloud in two schemes are acceptable. In detail,
the cost in Mona increases with the number of revoked users, as the revocation
verification cost increases. However, in our scheme, the cost is irrelevant to the
number of the revoked users. The reason is that the computation cost of the cloud for
file upload in our scheme consists of two verifications for signature, which is
irrelevant to the number of the revoked users. The reason for the small computation
cost of the cloud in the phase of file upload in RBAC scheme is that the verifications
between communication entities are not concerned in this scheme.
10 20 30 40 50 60 70 80 90 100
0
0.05
0.1
0.15
0.2
0.25
The number of revokrd users
computationofcloud-side
RBAC
Mona
our scheme
10 20 30 40 50 60 70 80 90 100
0
0.05
0.1
0.15
0.2
0.25
0.3
0.35
The number of revokrd users
computationofcloud-side
RBAC
Mona
our scheme
(a) Uploading a 10 MB file (b) Uploading a 100 MB file
Figure 9 Comparison on computation cost of members for file upload among
RBAC, Mona and our scheme
The computation cost of the cloud for file download operations with the size of 10
and 100Mbytes are illustrated in figure 10. Similar to the operation of file upload, the
computation cost of the cloud is mainly determined by the revocation verification
operation. Therefore, the cost increases with the number of revoked users. However,
in our scheme, the cloud just simply verifies the signature. Therefore, the computation
cost of the cloud for file download is irrelevant to the number of the revoked users.
The reason for the high computation cost of the cloud in RBAC scheme is that the
22. 1045-9219 (c) 2013 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See
http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/TPDS.2015.2388446, IEEE Transactions on Parallel and Distributed Systems
22
cloud performs some algorithm operations to help the user to decrypt data files. In
addition, it can be seen that in these schemes, the computation cost is independent
with the size of the file, since both the signature in Mona and the encrypted message
in our scheme are irrelevant to the size of the requested file and the operations of
cloud for decryption in RBAC scheme is also irrelevant to the size of the encrypted
data files.
10 20 30 40 50 60 70 80 90 100
0
0.2
0.4
0.6
0.8
1
1.2
1.4
The number of revokrd users
computationofcloud-side
RBAC
Mona
our scheme
10 20 30 40 50 60 70 80 90 100
0
0.2
0.4
0.6
0.8
1
1.2
1.4
The number of revokrd users
computationofcloud-side
RBAC
Mona
our scheme
(a) Downloading a 10 MB file (b) Downloading a 100 MB file
Figure 10 Comparison on computation cost of the cloud for file download among
RBAC, Mona and our scheme
6 CONCLUSION
In this paper, we design a secure anti-collusion data sharing scheme for dynamic
groups in the cloud. In our scheme, the users can securely obtain their private keys
from group manager Certificate Authorities and secure communication channels. Also,
our scheme is able to support dynamic groups efficiently, when a new user joins in the
group or a user is revoked from the group, the private keys of the other users do not
need to be recomputed and updated. Moreover, our scheme can achieve secure user
revocation, the revoked users can not be able to get the original data files once they
are revoked even if they conspire with the untrusted cloud.
Acknowledgements
This work is supported by the National Natural Science Foundation of China
23. 1045-9219 (c) 2013 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See
http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/TPDS.2015.2388446, IEEE Transactions on Parallel and Distributed Systems
23
(NO.61202448), and the Key Laboratory Program of Information Network Security of
Ministry of Public Security (No.C14610).
References
[1] M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. Katz, A. Konwinski, G. Lee, D.
Patterson, A. Rabkin, I. Stoica, and M. Zaharia. “A View of Cloud Computing,”
Comm. ACM, vol. 53, no. 4, pp. 50-58, Apr.2010.
[2] S. Kamara and K. Lauter, “Cryptographic Cloud Storage,” Proc. Int’l Conf.
Financial Cryptography and Data Security (FC), pp.136- 149, Jan. 2010.
[3] M. Kallahalla, E. Riedel, R. Swaminathan, Q. Wang, and K. Fu, “Plutus: Scalable
Secure File Sharing on Untrusted Storage,” Proc. USENIX Conf. File and Storage
Technologies, pp. 29-42, 2003.
[4] E. Goh, H. Shacham, N. Modadugu, and D. Boneh, “Sirius: Securing Remote
Untrusted Storage,” Proc. Network and Distributed Systems Security Symp. (NDSS),
pp. 131-145, 2003.
[5] G. Ateniese, K. Fu, M. Green, and S. Hohenberger, “Improved Proxy
Re-Encryption Schemes with Applications to Secure Distributed Storage,” Proc.
Network and Distributed Systems Security Symp. (NDSS), pp. 29-43, 2005.
[6] Shucheng Yu, Cong Wang, Kui Ren, and Weijing Lou, “Achieving Secure,
Scalable, and Fine-grained Data Access Control in Cloud Computing,” Proc. ACM
Symp. Information, Computer and Comm. Security, pp. 282-292, 2010.
[7] V. Goyal, O. Pandey, A. Sahai, and B. Waters, “Attribute-Based Encryption for
Fine-Grained Access Control of Encrypted Data,” Proc. ACM Conf. Computer and
Comm. Security (CCS), pp. 89-98, 2006
[8] R. Lu, X. Lin, X. Liang, and X. Shen, “Secure Provenance: The Essential of Bread
and Butter of Data Forensics in Cloud Computing,” Proc. ACM Symp. Information,
Computer and Comm. Security, pp. 282-292, 2010.
[9] B. Waters, “Ciphertext-Policy Attribute-Based Encryption: An Expressive,
Efficient, and Provably Secure Realization,” Proc. Int’l Conf. Practice and Theory in
24. 1045-9219 (c) 2013 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See
http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/TPDS.2015.2388446, IEEE Transactions on Parallel and Distributed Systems
24
Public Key Cryptography Conf. Public Key Cryptography,
http://eprint.iacr.org/2008/290.pdf, 2008
[10] Xuefeng Liu, Yuqing Zhang, Boyang Wang, and Jingbo Yang, “Mona: Secure
Multi-Owner Data Sharing for Dynamic Groups in the Cloud,” IEEE Transactions on
Parallel and Distributed Systems, vol. 24, no. 6, pp. 1182-1191, June 2013.
[11] D. Boneh, X. Boyen, and E. Goh, “Hierarchical Identity Based Encryption with
Constant Size Ciphertext,” Proc. Ann. Int’l Conf. Theory and Applications of
Cryptographic Techniques (EUROCRYPT), pp. 440-456, 2005.
[12] C. Delerablee, P. Paillier, and D. Pointcheval, “Fully Collusion Secure Dynamic
Broadcast Encryption with Constant-Size Ci-phertexts or Decryption Keys,” Proc.
First Int’l Conf. Pairing-Based Cryptography, pp. 39-59, 2007.
[13] Zhongma Zhu, Zemin Jiang, Rui Jiang, “The Attack on Mona: Secure
Multi-Owner Data Sharing for Dynamic Groups in the Cloud,” Proceedings of 2013
International Conference on Information Science and Cloud Computing (ISCC 2013 ),
Guangzhou, Dec.7, 2013, pp. 185-189.
[14] Lan Zhou, Vijay Varadharajan, and Michael Hitchens, “Achieving Secure
Role-Based Access Control on Encrypted Data in Cloud Storage,” IEEE Transactions
on Information Forensics and Security, vol. 8, no. 12, pp. 1947-1960, December
2013.
[15] Xukai Zou, Yuan-shun Dai, and Elisa Bertino, “A practical and flexible key
management mechanism for trusted collaborative computing,” INFOCOM 2008, pp.
1211-1219.
[16] M. Nabeel, N. Shang, and E. Bertino, “Privacy preserving policy based content
sharing in public clouds,” IEEE Trans. on Know. and Data Eng., vol. 25, no. 11, pp.
2602-2614, 2013.
[17] Dolev, D., Yao A. C., "On the security of public key protocols", IEEE trans. on
Information Theory, vol. IT-29, no. 2, pp. 198–208, 1983
[18] Boneh Dan, Franklin Matt, “Identity-based encryption from the weil pairing,”
Lecture Notes in Computer Science, vol. 2139 LNCS, pp. 213-229, 2001
25. 1045-9219 (c) 2013 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See
http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/TPDS.2015.2388446, IEEE Transactions on Parallel and Distributed Systems
25
[19] B. den Boer, Diffie–Hellman is as strong as discrete log for certain primes in
Advances in Cryptology – CRYPTO 88, Lecture Notes in Computer Science 403,
Springer, p. 530, 1988.
[20] D. Boneh, X. Boyen, H. shacham, “Short group signature,” Proc. Int’l
Cryptology Conf. Advances in Cryptology, pp.41-55, 2004.
[21] D. Boneh, X. Boyen, and E. Goh, “Hierarchical Identity Based Encryption with
Constant Size Ciphertext,” Proc. Ann. Int’l Conf. Theory and Applications of
Cryptographic Techniques (EUROCRYPT), pp. 440-456, 2005.
Zhongma Zhu is a student in the Information Science and
Engineering Department at Southeast University, China. He
majored in information security, mainly engaged in cloud storage
security protocols research.
Rui Jiang is now an associate professor at Southeast University,
China. He received his Ph D degree at Shanghai Jiaotong University,
Shanghai, China in 2005. His current research interests include
secure analysis and design of communication protocols, secure
mobile cloud computing, secure network and systems
communications, mobile voice end-to-end secure
communications, and applied cryptography.