Visible to the public Biblio

Found 1057 results

Filters: Keyword is data privacy  [Clear All Filters]
2023-09-20
Mantoro, Teddy, Fahriza, Muhammad Elky, Agni Catur Bhakti, Muhammad.  2022.  Effective of Obfuscated Android Malware Detection using Static Analysis. 2022 IEEE 8th International Conference on Computing, Engineering and Design (ICCED). :1—5.
The effective security system improvement from malware attacks on the Android operating system should be updated and improved. Effective malware detection increases the level of data security and high protection for the users. Malicious software or malware typically finds a means to circumvent the security procedure, even when the user is unaware whether the application can act as malware. The effectiveness of obfuscated android malware detection is evaluated by collecting static analysis data from a data set. The experiment assesses the risk level of which malware dataset using the hash value of the malware and records malware behavior. A set of hash SHA256 malware samples has been obtained from an internet dataset and will be analyzed using static analysis to record malware behavior and evaluate which risk level of the malware. According to the results, most of the algorithms provide the same total score because of the multiple crime inside the malware application.
2023-09-08
Das, Debashis, Banerjee, Sourav, Chatterjee, Pushpita, Ghosh, Uttam, Mansoor, Wathiq, Biswas, Utpal.  2022.  Design of an Automated Blockchain-Enabled Vehicle Data Management System. 2022 5th International Conference on Signal Processing and Information Security (ICSPIS). :22–25.
The Internet of Vehicles (IoV) has a tremendous prospect for numerous vehicular applications. IoV enables vehicles to transmit data to improve roadway safety and efficiency. Data security is essential for increasing the security and privacy of vehicle and roadway infrastructures in IoV systems. Several researchers proposed numerous solutions to address security and privacy issues in IoV systems. However, these issues are not proper solutions that lack data authentication and verification protocols. In this paper, a blockchain-enabled automated data management system for vehicles has been proposed and demonstrated. This work enables automated data verification and authentication using smart contracts. Certified organizations can only access vehicle data uploaded by the vehicle user to the Interplanetary File System (IPFS) server through that vehicle user’s consent. The proposed system increases the security of vehicles and data. Vehicle privacy is also maintained here by increasing data privacy.
ISSN: 2831-3844
Yadav, Ranjeet, Ritambhara, Vaigandla, Karthik Kumar, Ghantasala, G S Pradeep, Singh, Rajesh, Gangodkar, Durgaprasad.  2022.  The Block Chain Technology to protect Data Access using Intelligent Contracts Mechanism Security Framework for 5G Networks. 2022 5th International Conference on Contemporary Computing and Informatics (IC3I). :108–112.
The introduction of the study primarily emphasises the significance of utilising block chain technologies with the possibility of privacy and security benefits from the 5G Network. One may state that the study’s primary focus is on all the advantages of adopting block chain technology to safeguard everyone’s access to crucial data by utilizing intelligent contracts to enhance the 5G network security model on information security operations.Our literature evaluation for the study focuses primarily on the advantages advantages of utilizing block chain technology advance data security and privacy, as well as their development and growth. The whole study paper has covered both the benefits and drawbacks of employing the block chain technology. The literature study part of this research article has, on the contrary hand, also studied several approaches and tactics for using the blockchain technology facilities. To fully understand the circumstances in this specific case, a poll was undertaken. It was possible for the researchers to get some real-world data in this specific situation by conducting a survey with 51 randomly selected participants.
2023-08-11
Suwandi, Rifki, Wuryandari, Aciek Ida.  2022.  A Safe Approach to Sensitive Dropout Data Collection Systems by Utilizing Homomorphic Encryption. 2022 International Symposium on Information Technology and Digital Innovation (ISITDI). :168—171.
The student's fault is not the only cause of dropping out of school. Often, cases of dropping out of school are only associated with too general problems. However, sensitive issues that can be detrimental to certain parties in this regard, such as the institution's reputation, are usually not made public. To overcome this, an in-depth analysis of these cases is needed for proper handling. Many risks are associated with creating a single repository for this sensitive information. Therefore, some encryption is required to ensure data is not leaked. However, encryption at rest and in transit is insufficient as data leakage is a considerable risk during processing. In addition, there is also a risk of abuse of authority by insiders so that no single entity is allowed to have access to all data. Homomorphic encryption presents a viable solution to this challenge. Data may be aggregated under the security provided by Homomorphic Encryption. This method makes the data available for computation without being decrypted first and without paying the risk of having a single repository.
Wang, Jing, Wu, Fengheng, Zhang, Tingbo, Wu, Xiaohua.  2022.  DPP: Data Privacy-Preserving for Cloud Computing based on Homomorphic Encryption. 2022 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC). :29—32.
Cloud computing has been widely used because of its low price, high reliability, and generality of services. However, considering that cloud computing transactions between users and service providers are usually asynchronous, data privacy involving users and service providers may lead to a crisis of trust, which in turn hinders the expansion of cloud computing applications. In this paper, we propose DPP, a data privacy-preserving cloud computing scheme based on homomorphic encryption, which achieves correctness, compatibility, and security. DPP implements data privacy-preserving by introducing homomorphic encryption. To verify the security of DPP, we instantiate DPP based on the Paillier homomorphic encryption scheme and evaluate the performance. The experiment results show that the time-consuming of the key steps in the DPP scheme is reasonable and acceptable.
2023-07-21
Gao, Kai, Cheng, Xiangyu, Huang, Hao, Li, Xunhao, Yuan, Tingyu, Du, Ronghua.  2022.  False Data Injection Attack Detection in a Platoon of CACC in RSU. 2022 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :1324—1329.
Intelligent connected vehicle platoon technology can reduce traffic congestion and vehicle fuel. However, attacks on the data transmitted by the platoon are one of the primary challenges encountered by the platoon during its travels. The false data injection (FDI) attack can lead to road congestion and even vehicle collisions, which can impact the platoon. However, the complexity of the cellular - vehicle to everything (C-V2X) environment, the single source of the message and the poor data processing capability of the on board unit (OBU) make the traditional detection methods’ success rate and response time poor. This study proposes a platoon state information fusion method using the communication characteristics of the platoon in C-V2X and proposes a novel platoon intrusion detection model based on this fusion method combined with sequential importance sampling (SIS). The SIS is a measured strategy of Monte Carlo integration sampling. Specifically, the method takes the status information of the platoon members as the predicted value input. It uses the leader vehicle status information as the posterior probability of the observed value to the current moment of the platoon members. The posterior probabilities of the platoon members and the weights of the platoon members at the last moment are used as input to update the weights of the platoon members at the current moment and obtain the desired platoon status information at the present moment. Moreover, it compares the status information of the platoon members with the desired status information to detect attacks on the platoon. Finally, the effectiveness of the method is demonstrated by simulation.
Almutairi, Mishaal M., Apostolopoulou, Dimitra, Halikias, George, Abi Sen, Adnan Ahmed, Yamin, Mohammad.  2022.  Enhancing Privacy and Security in Crowds using Fog Computing. 2022 9th International Conference on Computing for Sustainable Global Development (INDIACom). :57—62.
Thousands of crowded events take place every year. Often, management does not properly implement and manage privacy and security of data of the participants and personnel of the events. Crowds are also prone to significant security issues and become vulnerable to terrorist attacks. The aim of this paper is to propose a privacy and security framework for large, crowded events like the Hajj, Kumbh, Arba'een, and many sporting events and musical concerts. The proposed framework uses the latest technologies including Internet of Things, and Fog computing, especially in the Location based Services environments. The proposed framework can also be adapted for many other scenarios and situations.
2023-07-20
Steffen, Samuel, Bichsel, Benjamin, Baumgartner, Roger, Vechev, Martin.  2022.  ZeeStar: Private Smart Contracts by Homomorphic Encryption and Zero-knowledge Proofs. 2022 IEEE Symposium on Security and Privacy (SP). :179—197.
Data privacy is a key concern for smart contracts handling sensitive data. The existing work zkay addresses this concern by allowing developers without cryptographic expertise to enforce data privacy. However, while zkay avoids fundamental limitations of other private smart contract systems, it cannot express key applications that involve operations on foreign data.We present ZeeStar, a language and compiler allowing non-experts to instantiate private smart contracts and supporting operations on foreign data. The ZeeStar language allows developers to ergonomically specify privacy constraints using zkay’s privacy annotations. The ZeeStar compiler then provably realizes these constraints by combining non-interactive zero-knowledge proofs and additively homomorphic encryption.We implemented ZeeStar for the public blockchain Ethereum. We demonstrated its expressiveness by encoding 12 example contracts, including oblivious transfer and a private payment system like Zether. ZeeStar is practical: it prepares transactions for our contracts in at most 54.7s, at an average cost of 339k gas.
Shetty, Pallavi, Joshi, Kapil, Raman, Dr. Ramakrishnan, Rao, K. Naga Venkateshwara, Kumar, Dr. A. Vijaya, Tiwari, Mohit.  2022.  A Framework of Artificial Intelligence for the Manufacturing and Image Classification system. 2022 5th International Conference on Contemporary Computing and Informatics (IC3I). :1504—1508.
Artificial intelligence (AI) has been successfully employed in industries for decades, beginning with the invention of expert systems in the 1960s and continuing through the present ubiquity of deep learning. Data-driven AI solutions have grown increasingly common as a means of supporting ever-more complicated industrial processes owing to the accessibility of affordable computer and storage infrastructure. Despite recent optimism, implementing AI to smart industrial applications still offers major difficulties. The present paper gives an executive summary of AI methodologies with an emphasis on deep learning before detailing unresolved issues in AI safety, data privacy, and data quality — all of which are necessary for completely automated commercial AI systems.
Vadlamudi, Sailaja, Sam, Jenifer.  2022.  Unified Payments Interface – Preserving the Data Privacy of Consumers. 2022 International Conference on Cyber Resilience (ICCR). :1—6.
With the advent of ease of access to the internet and an increase in digital literacy among citizens, digitization of the banking sector has throttled. Countries are now aiming for a cashless society. The introduction of a Unified Payment Interface (UPI) by the National Payments Corporation of India (NPCI) in April 2016 is a game-changer for cashless models. UPI payment model is currently considered the world’s most advanced payment system, and we see many countries adopting this cashless payment mode. With the increase in its popularity, there arises the increased need to strengthen the security posture of the payment solution. In this work, we explore the privacy challenges in the existing data flow of UPI models and propose approaches to preserve the privacy of customers using the Unified Payments Interface.
Tomaras, Dimitrios, Tsenos, Michail, Kalogeraki, Vana.  2022.  A Framework for Supporting Privacy Preservation Functions in a Mobile Cloud Environment. 2022 23rd IEEE International Conference on Mobile Data Management (MDM). :286—289.
The problem of privacy protection of trajectory data has received increasing attention in recent years with the significant grow in the volume of users that contribute trajectory data with rich user information. This creates serious privacy concerns as exposing an individual's privacy information may result in attacks threatening the user's safety. In this demonstration we present TP$^\textrm3$ a novel practical framework for supporting trajectory privacy preservation in Mobile Cloud Environments (MCEs). In TP$^\textrm3$, non-expert users submit their trajectories and the system is responsible to determine their privacy exposure before sharing them to data analysts in return for various benefits, e.g. better recommendations. TP$^\textrm3$ makes a number of contributions: (a) It evaluates the privacy exposure of the users utilizing various privacy operations, (b) it is latency-efficient as it implements the privacy operations as serverless functions which can scale automatically to serve an increasing number of users with low latency, and (c) it is practical and cost-efficient as it exploits the serverless model to adapt to the demands of the users with low operational costs for the service provider. Finally, TP$^\textrm3$'s Web-UI provides insights to the service provider regarding the performance and the respective revenue from the service usage, while enabling the user to submit the trajectories with recommended preferences of privacy.
2023-07-18
Lin, Decong, Cao, Hongbo, Tian, Chunzi, Sun, Yongqi.  2022.  The Fast Paillier Decryption with Montgomery Modular Multiplication Based on OpenMP. 2022 IEEE 13th International Symposium on Parallel Architectures, Algorithms and Programming (PAAP). :1—6.
With the increasing awareness of privacy protection and data security, people’s concerns over the confidentiality of sensitive data still limit the application of distributed artificial intelligence. In fact, a new encryption form, called homomorphic encryption(HE), has achieved a balance between security and operability. In particular, one of the HE schemes named Paillier has been adopted to protect data privacy in distributed artificial intelligence. However, the massive computation of modular multiplication in Paillier greatly affects the speed of encryption and decryption. In this paper, we propose a fast CRT-Paillier scheme to accelerate its decryption process. We first introduce the Montgomery algorithm to the CRT-Paillier to improve the process of the modular exponentiation, and then compute the modular exponentiation in parallel by using OpenMP. The experimental results show that our proposed scheme has greatly heightened its decryption speed while preserving the same security level. Especially, when the key length is 4096-bit, its speed of decryption is about 148 times faster than CRT-Paillier.
2023-07-14
Reis, Lúcio H. A., de Oliveira, Marcela T., Olabarriaga, Sílvia D..  2022.  Fine-grained Encryption for Secure Research Data Sharing. 2022 IEEE 35th International Symposium on Computer-Based Medical Systems (CBMS). :465–470.
Research data sharing requires provision of adequate security. The requirements for data privacy are extremely demanding for medical data that is reused for research purposes. To address these requirements, the research institutions must implement adequate security measurements, and this demands large effort and costs to do it properly. The usage of adequate access controls and data encryption are key approaches to effectively protect research data confidentiality; however, the management of the encryption keys is challenging. There are novel mechanisms that can be explored for managing access to the encryption keys and encrypted files. These mechanisms guarantee that data are accessed by authorised users and that auditing is possible. In this paper we explore these mechanisms to implement a secure research medical data sharing system. In the proposed system, the research data are stored on a secure cloud system. The data are partitioned into subsets, each one encrypted with a unique key. After the authorisation process, researchers are given rights to use one or more of the keys and to selectively access and decrypt parts of the dataset. Our proposed solution offers automated fine-grain access control to research data, saving time and work usually made manually. Moreover, it maximises and fortifies users' trust in data sharing through secure clouds solutions. We present an initial evaluation and conclude with a discussion about the limitations, open research questions and future work around this challenging topic.
ISSN: 2372-9198
Priya, M Janani, Yamuna, G.  2022.  Privacy preserving Data security model for Cloud Computing Technology. 2022 International Conference on Smart Technologies and Systems for Next Generation Computing (ICSTSN). :1–5.
New advancements in cloud computing technology enable the usage of cloud platforms for business purposes rapidly increasing every day. Data accumulation related to business transactions, Communications, business model architecture and much other information are stored in the cloud platform and access Dubai the business Associates commonly. Considering the security point of view data stored in the cloud need to be highly secured and accessed through authentication. The proposed system is focused on evaluating a cloud integrity auditing model in which the security and privacy preserving system is being audited, privacy is decided using a machine learning algorithm. The proposed model is developed using a hybrid CatBoost algorithm (HCBA) in which the input data is stored into the cloud platform using Bring your own encryption Key (BYOEK). The security of BYOEK model is evaluated and validated with respect to the given test model in terms of Execution time comparison Vs. Data transactions.
Chen, Xiaofeng, Gao, Ying.  2022.  CDEdit: Redactable Blockchain with Cross-audit and Diversity Editing. 2022 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :945–952.
Redactable blockchain allows modifiers or voting committees with modification privileges to edit the data on the chain. Among them, trapdoor holders in chameleon-based hash redactable blockchains can quickly compute hash collisions for arbitrary data without breaking the link of the hash-chain. However, chameleon-based hash redactable blockchain schemes have difficulty solving issues such as editing operations with different granularity or conflicts and auditing modifiers that abuse editing privileges. To address the above challenges, we propose a redactable blockchain with Cross-audit and Diversity Editing (CDEdit). The proposed scheme distributes subdivided transaction-level and block-level tokens to the matching modifier committee to weaken the influence of central power. A number of modifiers are unpredictably selected based on reputation value proportions and the mapping of the consistent hash ring to enable diversity editing operations, and resist Sybil attacks. Meanwhile, an adaptive cross-auditing protocol is proposed to adjust the roles of modifiers and auditors dynamically. This protocol imposes a reputation penalty on the modifiers of illegal edits and solves the problems of abuse of editing privileges and collusion attacks. In addition, We used ciphertext policy attribute-based encryption (CP-ABE) and chameleon hashes with ephemeral trapdoor (CHET) for data modification, and present a system steps and security analysis of CDEdit. Finally, the extensive comparisons and evaluations show that our scheme costs less time overhead than other schemes and is suitable for complex application scenarios, e.g. IoT data management.
ISSN: 2324-9013
2023-07-12
Dwiko Satriyo, U. Y. S, Rahutomo, Faisal, Harjito, Bambang, Prasetyo, Heri.  2022.  DNA Cryptography Based on NTRU Cryptosystem to Improve Security. 2022 IEEE 8th Information Technology International Seminar (ITIS). :27—31.
Information exchange occurs all the time in today’s internet era. Some of the data are public, and some are private. Asymmetric cryptography plays a critical role in securing private data transfer. However, technological advances caused private data at risk due to the presence of quantum computers. Therefore, we need a new method for securing private data. This paper proposes combining DNA cryptography methods based on the NTRU cryptosystem to enhance security data confidentiality. This method is compared with conventional public key cryptography methods. The comparison shows that the proposed method has a slow encryption and decryption time compared to other methods except for RSA. However, the key generation time of the proposed method is much faster than other methods tested except for ECC. The proposed method is superior in key generation time and considerably different from other tested methods. Meanwhile, the encryption and decryption time is slower than other methods besides RSA. The test results can get different results based on the programming language used.
2023-06-22
Xu, Yi, Wang, Chong Xiao, Song, Yang, Tay, Wee Peng.  2022.  Preserving Trajectory Privacy in Driving Data Release. ICASSP 2022 - 2022 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP). :3099–3103.
Real-time data transmissions from a vehicle enhance road safety and traffic efficiency by aggregating data in a central server for data analytics. When drivers share their instantaneous vehicular information for a service provider to perform a legitimate task, a curious service provider may also infer private information it has not been authorized for. In this paper, we propose a privacy preservation framework based on the Hilbert Schmidt Independence Criterion (HSIC) to sanitize driving data to protect the vehicle’s trajectory from adversarial inference while ensuring the data is still useful for driver behavior detection. We develop a deep learning model to learn the HSIC sanitizer and demonstrate through two datasets that our approach achieves better utility-privacy trade-offs when compared to three other benchmarks.
ISSN: 2379-190X
Raghav, Nidhi, Bhola, Anoop Kumar.  2022.  Secured framework for privacy preserving healthcare based on blockchain. 2022 International Conference on Computer Communication and Informatics (ICCCI). :1–5.
Healthcare has become one of the most important aspects of people’s lives, resulting in a surge in medical big data. Healthcare providers are increasingly using Internet of Things (IoT)-based wearable technologies to speed up diagnosis and treatment. In recent years, Through the Internet, billions of sensors, gadgets, and vehicles have been connected. One such example is for the treatment and care of patients, technology—remote patient monitoring—is already commonplace. However, these technologies also offer serious privacy and data security problems. Data transactions are transferred and logged. These medical data security and privacy issues might ensue from a pause in therapy, putting the patient’s life in jeopardy. We planned a framework to manage and analyse healthcare large data in a safe manner based on blockchain. Our model’s enhanced privacy and security characteristics are based on data sanitization and restoration techniques. The framework shown here make data and transactions more secure.
ISSN: 2329-7190
2023-06-16
Haifeng, Ma, Ji, Zhang.  2022.  Block-chain based cloud storage integrity verifycation scheme for recoverable data. 2022 7th International Conference on Intelligent Informatics and Biomedical Science (ICIIBMS). 7:280—285.
With the advent of the era of big data, the files that need to be stored in the storage system will increase exponentially. Cloud storage has become the most popular data storage method due to its powerful convenience and storage capacity. However, in order to save costs, some cloud service providers, Malicious deletion of the user's infrequently accessed data causes the user to suffer losses. Aiming at data integrity and privacy issues, a blockchain-based cloud storage integrity verification scheme for recoverable data is proposed. The scheme uses the Merkle tree properties, anonymity, immutability and smart contracts of the blockchain to effectively solve the problems of cloud storage integrity verification and data damage recovery, and has been tested and analyzed that the scheme is safe and effective.
Li, Bin, Fu, Yu, Wang, Kun.  2022.  A Review on Cloud Data Assured Deletion. 2022 Global Conference on Robotics, Artificial Intelligence and Information Technology (GCRAIT). :451—457.
At present, cloud service providers control the direct management rights of cloud data, and cloud data cannot be effectively and assured deleted, which may easily lead to security problems such as data residue and user privacy leakage. This paper analyzes the related research work of cloud data assured deletion in recent years from three aspects: encryption key deletion, multi-replica association deletion, and verifiable deletion. The advantages and disadvantages of various deletion schemes are analysed in detail, and finally the prospect of future research on assured deletion of cloud data is given.
2023-06-09
Béatrix-May, Balaban, Ştefan, Sacală Ioan, Alina-Claudia, Petrescu-Niţă, Radu, Simen.  2022.  Security issues in MCPS when using Wireless Sensor Networks. 2022 E-Health and Bioengineering Conference (EHB). :1—4.
Considering the evolution of technology, the need to secure data is growing fast. When we turn our attention to the healthcare field, securing data and assuring privacy are critical conditions that must be accomplished. The information is sensitive and confidential, and the exchange rate is very fast. Over the years, the healthcare domain has gradually seen a growth of interest regarding the interconnectivity of different processes to optimize and improve the services that are provided. Therefore, we need intelligent complex systems that can collect and transport sensitive data in a secure way. These systems are called cyber-physical systems. In healthcare domain, these complex systems are named medical cyber physical systems. The paper presents a brief description of the above-mentioned intelligent systems. Then, we focus on wireless sensor networks and the issues and challenges that occur in securing sensitive data and what improvements we propose on this subject. In this paper we tried to provide a detailed overview about cyber-physical systems, medical cyber-physical systems, wireless sensor networks and the security issues that can appear.
2023-05-19
Yarava, Rokesh Kumar, Rao, G.Rama Chandra, Garapati, Yugandhar, Babu, G.Charles, Prasad, Srisailapu D Vara.  2022.  Analysis on the Development of Cloud Security using Privacy Attribute Data Sharing. 2022 First International Conference on Electrical, Electronics, Information and Communication Technologies (ICEEICT). :1—5.
The data sharing is a helpful and financial assistance provided by CC. Information substance security also rises out of it since the information is moved to some cloud workers. To ensure the sensitive and important data; different procedures are utilized to improve access manage on collective information. Here strategies, Cipher text-policyattribute based encryption (CP-ABE) might create it very helpful and safe. The conventionalCP-ABE concentrates on information privacy only; whereas client's personal security protection is a significant problem as of now. CP-ABE byhidden access (HA) strategy makes sure information privacy and ensures that client's protection isn't exposed also. Nevertheless, the vast majority of the current plans are ineffectivein correspondence overhead and calculation cost. In addition, the vast majority of thismechanism takes no thought regardingabilityauthenticationor issue of security spillescapein abilityverificationstage. To handle the issues referenced over, a security protectsCP-ABE methodby proficient influenceauthenticationis presented in this manuscript. Furthermore, its privacy keys accomplish consistent size. In the meantime, the suggestedplan accomplishes the specific safetyin decisional n-BDHE issue and decisional direct presumption. The computational outcomes affirm the benefits of introduced method.
Zhang, Lingyun, Chen, Yuling, Qian, Xiaobin.  2022.  Data Confirmation Scheme based on Auditable CP-ABE. 2022 IEEE International Conferences on Internet of Things (iThings) and IEEE Green Computing & Communications (GreenCom) and IEEE Cyber, Physical & Social Computing (CPSCom) and IEEE Smart Data (SmartData) and IEEE Congress on Cybermatics (Cybermatics). :439—443.
Ensuring data rights, openness and transaction flow is important in today’s digital economy. Few scholars have studied in the area of data confirmation, it is only with the development of blockchain that it has started to be taken seriously. However, blockchain has open and transparent natures, so there exists a certain probability of exposing the privacy of data owners. Therefore, in this paper we propose a new measure of data confirmation based on Ciphertext-Policy Attribute-Base Encryption(CP-ABE). The information with unique identification of the data owner is embedded in the ciphertext of CP-ABE by paillier homomorphic encryption, and the data can have multiple sharers. No one has access to the plaintext during the whole confirmation process, which reduces the risk of source data leakage.
Wang, Jingyi, Huang, Cheng, Ma, Yiming, Wang, Huiyuan, Peng, Chao, Yu, HouHui.  2022.  BA-CPABE : An auditable Ciphertext-Policy Attribute Based Encryption Based on Blockchain. 2022 International Conference on Blockchain Technology and Information Security (ICBCTIS). :193—197.
At present, the ciphertext-policy attribute based encryption (CP-ABE) has been widely used in different fields of data sharing such as cross-border paperless trade, digital government and etc. However, there still exist some challenges including single point of failure, key abuse and key unaccountable issues in CP-ABE. To address these problems. We propose an accountable CP-ABE mechanism based on block chain system. First, we establish two authorization agencies MskCA and AttrVN(Attribute verify Network),where the MskCA can realize master key escrow, and the AttrVN manages and validates users' attributes. In this way, our system can avoid the single point of failure and improve the privacy of user attributes and security of keys. Moreover, in order to realize auditability of CP-ABE key parameter transfer, we introduce the did and record parameter transfer process on the block chain. Finally, we theoretically prove the security of our CP-ABE. Through comprehensive comparison, the superiority of CP-ABE is verified. At the same time, our proposed schemes have some properties such as fast decryption and so on.
2023-05-12
Lai, Chengzhe, Wang, Menghua, Zheng, Dong.  2022.  SPDT: Secure and Privacy-Preserving Scheme for Digital Twin-based Traffic Control. 2022 IEEE/CIC International Conference on Communications in China (ICCC). :144–149.
With the increasing complexity of the driving environment, more and more attention has been paid to the research on improving the intelligentization of traffic control. Among them, the digital twin-based internet of vehicle can establish a mirror system on the cloud to improve the efficiency of communication between vehicles, provide warning and safety instructions for drivers, avoid driving potential dangers. To ensure the security and effectiveness of data sharing in traffic control, this paper proposes a secure and privacy-preserving scheme for digital twin-based traffic control. Specifically, in the data uploading phase, we employ a group signature with a time-bound keys technique to realize data source authentication with efficient members revocation and privacy protection, which can ensure that data can be securely stored on cloud service providers after it synchronizes to its twin. In the data sharing stage, we employ the secure and efficient attribute-based access control technique to provide flexible and efficient data sharing, in which the parameters of a specific sub-policy can be stored during the first decryption and reused in subsequent data access containing the same sub-policy, thus reducing the computing complexity. Finally, we analyze the security and efficiency of the scheme theoretically.
ISSN: 2377-8644