{"title":"Hodor: Robust Fine-Grained Information Flow Control With Full Data Traffic Protection for Cloud-Edge Computing","authors":"Yansen Xin;Hui Ma;Rui Zhang","doi":"10.1109/TIFS.2025.3546846","DOIUrl":null,"url":null,"abstract":"Cloud-edge computing has been widely-adopted for large-scale data sharing and processing. In practical data sharing systems, data are very sensitive and typically encrypted, such as health records. Unauthorized users may attempt to decrypt ciphertexts to recover the data. Due to mistakes or malice, some users might try to share sensitive information with others who do not have access. Clearly, strong access control should be employed to restrict the read and write privilege of users. There was a rich literature on mandatory fine-grained information flow control for such scenarios, but three important issues remain. First, payload privacy was often neglected. Most of the known solutions focused on the protection ciphertext header, but ignored the payload, i.e. encrypted data, which may leak information by a malicious sender. Second, no guarantee of the encrypted data. Ill-formed ciphertexts, e.g. encrypted garbage data, can pass the global policy check, causing decryption failures or disseminating bad information, hence are incapable of content distribution. Finally, the heavy computation cost of sender authentication impedes the practical deployment. In this work, we introduce Hodor, a robust fine-grained information flow control scheme that not only guards the transmission channel with mandatory fine-grained access control for massive data, but also protects whole data traffic, checks ciphertext well-formedness, and efficiently authenticates the sender. In particular, Hodor considers full data traffic protection of both the ciphertext header and encrypted payload to resist information leakage, completely verifies the consistency between the claimed access structure and the actual access structure, and achieves efficient sender authentication with a succinct challenge-response protocol. We present a formal model and give detailed proofs. We also implement and evaluate Hodor using various optimization techniques to boost its performance. The results demonstrate the efficiency and practicality of Hodor for cloud-edge data sharing.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"3074-3087"},"PeriodicalIF":8.0000,"publicationDate":"2025-02-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Information Forensics and Security","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10908204/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}
引用次数: 0
Abstract
Cloud-edge computing has been widely-adopted for large-scale data sharing and processing. In practical data sharing systems, data are very sensitive and typically encrypted, such as health records. Unauthorized users may attempt to decrypt ciphertexts to recover the data. Due to mistakes or malice, some users might try to share sensitive information with others who do not have access. Clearly, strong access control should be employed to restrict the read and write privilege of users. There was a rich literature on mandatory fine-grained information flow control for such scenarios, but three important issues remain. First, payload privacy was often neglected. Most of the known solutions focused on the protection ciphertext header, but ignored the payload, i.e. encrypted data, which may leak information by a malicious sender. Second, no guarantee of the encrypted data. Ill-formed ciphertexts, e.g. encrypted garbage data, can pass the global policy check, causing decryption failures or disseminating bad information, hence are incapable of content distribution. Finally, the heavy computation cost of sender authentication impedes the practical deployment. In this work, we introduce Hodor, a robust fine-grained information flow control scheme that not only guards the transmission channel with mandatory fine-grained access control for massive data, but also protects whole data traffic, checks ciphertext well-formedness, and efficiently authenticates the sender. In particular, Hodor considers full data traffic protection of both the ciphertext header and encrypted payload to resist information leakage, completely verifies the consistency between the claimed access structure and the actual access structure, and achieves efficient sender authentication with a succinct challenge-response protocol. We present a formal model and give detailed proofs. We also implement and evaluate Hodor using various optimization techniques to boost its performance. The results demonstrate the efficiency and practicality of Hodor for cloud-edge data sharing.
期刊介绍:
The IEEE Transactions on Information Forensics and Security covers the sciences, technologies, and applications relating to information forensics, information security, biometrics, surveillance and systems applications that incorporate these features
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
