Pub Date : 2017-08-31DOI: 10.14257/IJSIA.2017.11.8.06
Hisham S. Elganzoury, A. A. Hafez, A. A. Hegazy
The rising vogue of smart phones and tablets has led users to complete their daily works (such as M-Banking) with these devices. Therefore, mobile banking needs to become more proper, reliable, effective; and secure. Security is the most crucial requirement in mobile banking, since all the communications are via unsecure networks such as the Internet. Providing main security services; Confidentiality, Integrity, and Authentication (CIA) between any two communicating parties must be ensured and guaranteed. Many vulnerabilities may make Users’ confidential information vulnerable to risks. These vulnerabilities can take different shapes, such as fixed values-based security techniques, one factor authentication, separate hard token-based authentication, hardware thievery, and Android OS based attacks. This paper proposes a new secure scheme for mobile banking applications to overcome these risks. Then, the proposed scheme is analyzed, and compared to the most powered approaches. Finally, performance key identifiers are assessed and validated.
{"title":"A Provably Secure Android-Based Mobile Banking Protocol","authors":"Hisham S. Elganzoury, A. A. Hafez, A. A. Hegazy","doi":"10.14257/IJSIA.2017.11.8.06","DOIUrl":"https://doi.org/10.14257/IJSIA.2017.11.8.06","url":null,"abstract":"The rising vogue of smart phones and tablets has led users to complete their daily works (such as M-Banking) with these devices. Therefore, mobile banking needs to become more proper, reliable, effective; and secure. Security is the most crucial requirement in mobile banking, since all the communications are via unsecure networks such as the Internet. Providing main security services; Confidentiality, Integrity, and Authentication (CIA) between any two communicating parties must be ensured and guaranteed. Many vulnerabilities may make Users’ confidential information vulnerable to risks. These vulnerabilities can take different shapes, such as fixed values-based security techniques, one factor authentication, separate hard token-based authentication, hardware thievery, and Android OS based attacks. This paper proposes a new secure scheme for mobile banking applications to overcome these risks. Then, the proposed scheme is analyzed, and compared to the most powered approaches. Finally, performance key identifiers are assessed and validated.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-08-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"44883179","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-08-31DOI: 10.14257/ijsia.2017.11.8.05
H. Yue, Yuqing Zhang
Large amounts of Android apps (applications) are found to open network ports to handle network requests to realize some specific functions, e.g., access from web page to Android app, communication between computer and Android device, file transmission in LAN (Local Area Network) environment, etc. However, an opened network port also provides an interface for attackers to visit the app. If a network request can trigger sensitive behaviors of a port-opening app without being e ff ective authorized by the app, it would pose security threats to the user, and we consider this app has port-opening vulnerability. In this paper, we first study the universality of port-opening apps in current Android app stores, the purposes of opening network ports and the possible attacks that the vulnerable apps may su ff er from. Then we propose a detection method of port-opening vulnerability of Android app based on static analysis and implement a detection tool— APOVD (Android Port-Opening Vulnerability Detection). APOVD first judges whether an opened port can lead to the occurrence of sensitive behaviors by the method of reachability analysis and taint analysis. Then the technique of static program slicing is used to judge whether there exists adequate access controls in the paths to reach each sensitive behavior. If there exists a path to reach a sensitive behavior and no adequate access control in this path, APOVD considers that the app under test has port-opening vulnerability. 1187 port-opening Android apps are found in 15600 popular apps, and 407 of them are identified as having port-opening vulnerability with the help of APOVD. The result shows that APOVD is e ff ective in detecting port-opening vulnerability.
{"title":"When Android Apps Open Ports to Handle Network Requests: Functionality or Security Vulnerability?","authors":"H. Yue, Yuqing Zhang","doi":"10.14257/ijsia.2017.11.8.05","DOIUrl":"https://doi.org/10.14257/ijsia.2017.11.8.05","url":null,"abstract":"Large amounts of Android apps (applications) are found to open network ports to handle network requests to realize some specific functions, e.g., access from web page to Android app, communication between computer and Android device, file transmission in LAN (Local Area Network) environment, etc. However, an opened network port also provides an interface for attackers to visit the app. If a network request can trigger sensitive behaviors of a port-opening app without being e ff ective authorized by the app, it would pose security threats to the user, and we consider this app has port-opening vulnerability. In this paper, we first study the universality of port-opening apps in current Android app stores, the purposes of opening network ports and the possible attacks that the vulnerable apps may su ff er from. Then we propose a detection method of port-opening vulnerability of Android app based on static analysis and implement a detection tool— APOVD (Android Port-Opening Vulnerability Detection). APOVD first judges whether an opened port can lead to the occurrence of sensitive behaviors by the method of reachability analysis and taint analysis. Then the technique of static program slicing is used to judge whether there exists adequate access controls in the paths to reach each sensitive behavior. If there exists a path to reach a sensitive behavior and no adequate access control in this path, APOVD considers that the app under test has port-opening vulnerability. 1187 port-opening Android apps are found in 15600 popular apps, and 407 of them are identified as having port-opening vulnerability with the help of APOVD. The result shows that APOVD is e ff ective in detecting port-opening vulnerability.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-08-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"46670624","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-08-31DOI: 10.14257/IJSIA.2017.11.8.03
Gagandeep Kaur, V. Saxena, J. Gupta
In this paper, we have reviewed state of the art works done in the field of anomaly detection in general and network based anomaly detection in particular. The current anomaly detection techniques with respect to rate based network anomalies have been examined and their strengths and weaknesses have been highlighted. The applicability of scale-invariant property of self-similarity as a parameter for detection of anomalies from normal network traffic behaviors has been studied in depth. From the studies of scaleinvariance and it's usage in detecting anomalies like flash crowds, DDoS attacks, outages, portscans, etc. it was realized that wavelets are a good tool that can be used for n-level decomposition of aggregated network traffic.
{"title":"Study of Self-Similarity for Detection of Rate-based Network Anomalies","authors":"Gagandeep Kaur, V. Saxena, J. Gupta","doi":"10.14257/IJSIA.2017.11.8.03","DOIUrl":"https://doi.org/10.14257/IJSIA.2017.11.8.03","url":null,"abstract":"In this paper, we have reviewed state of the art works done in the field of anomaly detection in general and network based anomaly detection in particular. The current anomaly detection techniques with respect to rate based network anomalies have been examined and their strengths and weaknesses have been highlighted. The applicability of scale-invariant property of self-similarity as a parameter for detection of anomalies from normal network traffic behaviors has been studied in depth. From the studies of scaleinvariance and it's usage in detecting anomalies like flash crowds, DDoS attacks, outages, portscans, etc. it was realized that wavelets are a good tool that can be used for n-level decomposition of aggregated network traffic.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-08-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45244411","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-08-31DOI: 10.14257/IJSIA.2017.11.8.01
Karanbir Singh, Dr. Kanwalvir Singh Dhindsa, B. Bhushan
{"title":"Collaborative Agent-based Model for Distributed Defense against DDoS Attacks in ISP Networks","authors":"Karanbir Singh, Dr. Kanwalvir Singh Dhindsa, B. Bhushan","doi":"10.14257/IJSIA.2017.11.8.01","DOIUrl":"https://doi.org/10.14257/IJSIA.2017.11.8.01","url":null,"abstract":"","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-08-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"43693534","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-08-16DOI: 10.14257/IJSIA.2017.11.10.03
M. Hassan, A. Shuriye, Momoh J. E. Salam, A. Abdalla, O. Khalifa
Abstract The internet brings unprecedented connectivity and communications for both social and commercial settings. There have been many businesses that offer their products and services completely online. Nowadays, even the break and mortar businesses use the internet in a way or another to promote their offerings and to reach people and places they would have never thought of reaching them before the internet era. Conventional online payment systems such as credit and debit cards have enabled such a revolutionary way of doing business. However, conventional financial system has been generating catastrophic disasters to the world. The great depression of 1930s, the World War II, the dot com bubble at the beginning of the new century, and the recent financial crisis that has begun on 2008; to name a few. This will persist if we keep trusting the old ways of finance. This paper investigates the relatively new online payment system termed “Bitcoin” which embraces intentionally or unintentionally the principle of Islamic finance such as saving, compared to the conventional financial system of borrowing, lending and “Riba” (interest).
{"title":"Towards an ethical online payment system through cryptography and next generation communication network","authors":"M. Hassan, A. Shuriye, Momoh J. E. Salam, A. Abdalla, O. Khalifa","doi":"10.14257/IJSIA.2017.11.10.03","DOIUrl":"https://doi.org/10.14257/IJSIA.2017.11.10.03","url":null,"abstract":"Abstract The internet brings unprecedented connectivity and communications for both social and commercial settings. There have been many businesses that offer their products and services completely online. Nowadays, even the break and mortar businesses use the internet in a way or another to promote their offerings and to reach people and places they would have never thought of reaching them before the internet era. Conventional online payment systems such as credit and debit cards have enabled such a revolutionary way of doing business. However, conventional financial system has been generating catastrophic disasters to the world. The great depression of 1930s, the World War II, the dot com bubble at the beginning of the new century, and the recent financial crisis that has begun on 2008; to name a few. This will persist if we keep trusting the old ways of finance. This paper investigates the relatively new online payment system termed “Bitcoin” which embraces intentionally or unintentionally the principle of Islamic finance such as saving, compared to the conventional financial system of borrowing, lending and “Riba” (interest).","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-08-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"41659555","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-31DOI: 10.14257/IJSIA.2017.11.7.07
A. Ghazvini, Z. Shukur
Human error is recognized as the major cause of data breaches across the healthcare industry. Training and education are effective approaches to help employees adhere to appropriate behaviors that do not compromise information assets. However, not all awareness training programs are effective. One of the main failures in implementing successful awareness programs is the training content. In many cases, the training content is reported to be too informative or too advance. The aim of this paper is to propose a guideline to develop information security content for awareness training programs. Developing a rich and attractive training content is the key to an effective awareness program. It is necessary to ensure that important information security issues are effectively communicated with employees during awareness training programs, and employees are not over-trained or under-trained. The paper demonstrates the process of information security policy augmentation for a selected healthcare organization, and develops information security content from the augmented policy document. The focus of the training content is to enforce the organization’s internal information security policies.
{"title":"Information Security Content Development for Awareness Training Programs in Healthcare","authors":"A. Ghazvini, Z. Shukur","doi":"10.14257/IJSIA.2017.11.7.07","DOIUrl":"https://doi.org/10.14257/IJSIA.2017.11.7.07","url":null,"abstract":"Human error is recognized as the major cause of data breaches across the healthcare industry. Training and education are effective approaches to help employees adhere to appropriate behaviors that do not compromise information assets. However, not all awareness training programs are effective. One of the main failures in implementing successful awareness programs is the training content. In many cases, the training content is reported to be too informative or too advance. The aim of this paper is to propose a guideline to develop information security content for awareness training programs. Developing a rich and attractive training content is the key to an effective awareness program. It is necessary to ensure that important information security issues are effectively communicated with employees during awareness training programs, and employees are not over-trained or under-trained. The paper demonstrates the process of information security policy augmentation for a selected healthcare organization, and develops information security content from the augmented policy document. The focus of the training content is to enforce the organization’s internal information security policies.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"47464149","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-31DOI: 10.14257/IJSIA.2017.11.7.01
Ahmad A. A. Alkhatib, M. Alia, Adnan A. Hnaif
Wireless sensor network systems deploy a dense array of small, low-cost sensors that observe the local environment. The system can be deployed anywhere, even in inaccessible places. This technology can provide real time monitoring for forest fires. Ignition can be determined rapidly, depending on the wake/sleep schedule of the system nodes. This study investigates the coverage and fire detection ability of a wireless network system. Sub-networks in randomly-distributed nodes convert the network from being randomly distributed to being organised, and reduce the operation time and energy consumption of each node. Dividing the network into three sub-networks increases network battery lifetime by 2.7% and increases energy performance by 63% compared to conventional fire detection networks. The proposed network only requires each node to be equipped with a cheap temperature sensor. Analysis of data from multiple sensors can indicate not only the presence of a fire, but also its intensity, behaviour and direction of spread, which can greatly assist firefighting efforts.
{"title":"Smart System for Forest Fire Using Sensor Network","authors":"Ahmad A. A. Alkhatib, M. Alia, Adnan A. Hnaif","doi":"10.14257/IJSIA.2017.11.7.01","DOIUrl":"https://doi.org/10.14257/IJSIA.2017.11.7.01","url":null,"abstract":"Wireless sensor network systems deploy a dense array of small, low-cost sensors that observe the local environment. The system can be deployed anywhere, even in inaccessible places. This technology can provide real time monitoring for forest fires. Ignition can be determined rapidly, depending on the wake/sleep schedule of the system nodes. This study investigates the coverage and fire detection ability of a wireless network system. Sub-networks in randomly-distributed nodes convert the network from being randomly distributed to being organised, and reduce the operation time and energy consumption of each node. Dividing the network into three sub-networks increases network battery lifetime by 2.7% and increases energy performance by 63% compared to conventional fire detection networks. The proposed network only requires each node to be equipped with a cheap temperature sensor. Analysis of data from multiple sensors can indicate not only the presence of a fire, but also its intensity, behaviour and direction of spread, which can greatly assist firefighting efforts.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48340275","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-31DOI: 10.14257/IJSIA.2017.11.7.02
V. Padmavathi, B. Vardhan, A. V. Krishna
With the expansion in electronic communication, the significance of cryptography is apparently increasing every year. Encryption is a cryptography technique to send unintelligible information and decryption to restore the information. These techniques usually undergo difficulty with eavesdropping of plaintext and ciphertext. The conventional cryptography is vulnerable to attacks using high computational resources. Necessarily, an elegant concept of Quantum cryptography based on laws of quantum mechanics is introduced to offer secure and private communication. This paper gives a method for encryption and decryption using Toffoli quantum gate named as VBA Quantum Encryption and Decryption Algorithms. The incorporation of gate renders security which acts as a cumbersome to eavesdropping attack. Besides, a way to detect known plaintext, ciphertext only and chosen plaintext attack through public discussion is explained.
{"title":"Introducing Quantum Cryptography Based Secured Encryption and Decryption Algorithms","authors":"V. Padmavathi, B. Vardhan, A. V. Krishna","doi":"10.14257/IJSIA.2017.11.7.02","DOIUrl":"https://doi.org/10.14257/IJSIA.2017.11.7.02","url":null,"abstract":"With the expansion in electronic communication, the significance of cryptography is apparently increasing every year. Encryption is a cryptography technique to send unintelligible information and decryption to restore the information. These techniques usually undergo difficulty with eavesdropping of plaintext and ciphertext. The conventional cryptography is vulnerable to attacks using high computational resources. Necessarily, an elegant concept of Quantum cryptography based on laws of quantum mechanics is introduced to offer secure and private communication. This paper gives a method for encryption and decryption using Toffoli quantum gate named as VBA Quantum Encryption and Decryption Algorithms. The incorporation of gate renders security which acts as a cumbersome to eavesdropping attack. Besides, a way to detect known plaintext, ciphertext only and chosen plaintext attack through public discussion is explained.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"46454612","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-31DOI: 10.14257/IJSIA.2017.11.7.05
N. Nagar, U. Suman
Cloud computing provides a service based environment for data storage and resource sharing that are available to user through internet with on-demand basis. Thus, users can access their data across any geographical location at any time. Cloud environment also provides better scalability, flexibility, high performance, availability and less storage cost as compared to other physical storage of data. Maintaining data integrity and security in cloud environment is difficult especially, when the stored data is not completely reliable and trustworthy. However, the security of stored data is the major concerned for organizations and individual user to adopt cloud based environment. In this paper, we have proposed and enhanced the functionalities of third party auditor server to protect the availability and integrity of outsourced data in a cloud environment. The proposed approach uses the functionality such as, public verifiability, metadata generation, data dynamics, storage access point, encryption and decryption of data through RSA algorithm and IP range in case of private cloud. The proposed work also focuses on a solution to reliability, availability and integrity of data that are the major issues in the cloud adoption.
{"title":"Reliable and Enhanced Third Party Auditing in Cloud Server Data Storage","authors":"N. Nagar, U. Suman","doi":"10.14257/IJSIA.2017.11.7.05","DOIUrl":"https://doi.org/10.14257/IJSIA.2017.11.7.05","url":null,"abstract":"Cloud computing provides a service based environment for data storage and resource sharing that are available to user through internet with on-demand basis. Thus, users can access their data across any geographical location at any time. Cloud environment also provides better scalability, flexibility, high performance, availability and less storage cost as compared to other physical storage of data. Maintaining data integrity and security in cloud environment is difficult especially, when the stored data is not completely reliable and trustworthy. However, the security of stored data is the major concerned for organizations and individual user to adopt cloud based environment. In this paper, we have proposed and enhanced the functionalities of third party auditor server to protect the availability and integrity of outsourced data in a cloud environment. The proposed approach uses the functionality such as, public verifiability, metadata generation, data dynamics, storage access point, encryption and decryption of data through RSA algorithm and IP range in case of private cloud. The proposed work also focuses on a solution to reliability, availability and integrity of data that are the major issues in the cloud adoption.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"43017764","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-31DOI: 10.14257/IJSIA.2017.11.7.04
Qingqing Gan, Xiaoming Wang
To support encrypted keyword queries on encrypted data and to access data in a multi-user setting for cloud storage, a searchable encryption scheme is proposed by combining Chinese Remainder Theorem with Public Encryption with Keyword Search. The proposed scheme enables data owners to outsource their encrypted data to the storage of cloud servers for a number of users, who are given the ability to generate valid queries and to access data without leaking any information. More importantly, the proposed scheme does not rely on shared keys to realize multi-user searchable encryption and user dynamics. Each authorized user in the proposed scheme has a unique key and can perform encrypted keyword queries on encrypted data as well as access data without knowledge of the keys of other users, such that when some users are added or removed, other users are unaffected. We prove that the proposed scheme is secure under Bilinear Diffie-Hellman and Hash Diffie-Hellman assumptions. The performance analysis shows that the proposed scheme has lower communication and storage overheads for both cloud servers and users than other existing schemes. In addition, the proposed scheme possesses features similar to that of most existing schemes in a single-user setting and does not downgrade because of supporting multiple users.
{"title":"A Searchable Encryption Scheme in a Multi-user Setting for Cloud Storage","authors":"Qingqing Gan, Xiaoming Wang","doi":"10.14257/IJSIA.2017.11.7.04","DOIUrl":"https://doi.org/10.14257/IJSIA.2017.11.7.04","url":null,"abstract":"To support encrypted keyword queries on encrypted data and to access data in a multi-user setting for cloud storage, a searchable encryption scheme is proposed by combining Chinese Remainder Theorem with Public Encryption with Keyword Search. The proposed scheme enables data owners to outsource their encrypted data to the storage of cloud servers for a number of users, who are given the ability to generate valid queries and to access data without leaking any information. More importantly, the proposed scheme does not rely on shared keys to realize multi-user searchable encryption and user dynamics. Each authorized user in the proposed scheme has a unique key and can perform encrypted keyword queries on encrypted data as well as access data without knowledge of the keys of other users, such that when some users are added or removed, other users are unaffected. We prove that the proposed scheme is secure under Bilinear Diffie-Hellman and Hash Diffie-Hellman assumptions. The performance analysis shows that the proposed scheme has lower communication and storage overheads for both cloud servers and users than other existing schemes. In addition, the proposed scheme possesses features similar to that of most existing schemes in a single-user setting and does not downgrade because of supporting multiple users.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45750289","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: