The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Outsourcing data backup to third-party cloud storage services is always a cost effective choice and doesn't require much technical knowledge from users. However, security concerns arise in terms of ensuring the privacy and integrity of the outsourced data. Many frameworks have been introduced to address these concerns by adopting huge number of encryption/decryption process based on the number of...
Cloud storage is an important development trend in information technology. Data access control is an effective method to insure data security in cloud storage services. Attribute-based encryption is a promising technique for access control of encrypted data. However, existing data access control schemes for multi-authority cloud storage are not secure due to the possible single point failure of the...
Web applications are often vulnerable to code injection attacks and to attacksthrough buggy or malicious libraries. Unfortunately, the current protectionmechanisms are frequently ad-hoc, as a response to attacks after the fact. Thishad lead to a plethora of specialized protection mechanisms that are oftenbrittle and insufficient to guarantee security. This extended abstract accompanies a tutorial...
In this paper, we propose a new Attribute-Based Encryption (ABE) scheme applicable to mobile cloud environments. A key issue in mobile cloud environments is how to reduce the computational cost on mobile devices and delegate the remaining computation to cloud environments. We also consider two additional issues: an efficient key revocation mechanism for ABE based on a concept of token-controlled public...
Web of Things (WoT) can be considered as a merger of newly emerging paradigms of Internet of Things (IoT) and cloud computing. Rapidly varying, highly volatile and heterogeneous data traffic is a characteristic of the WoT. Hence, the capture, processing, storage and exchange of huge volumes of data is a key requirement in this environment. The crucial resources in the WoT are the sensing devices and...
By moving data storage and processing from lightweight mobile devices to powerful and centralized computing platforms located in clouds, Mobile Cloud Computing (MCC) can greatly enhance the capability of mobile devices. However, when data owners outsource sensitive data to mobile cloud for sharing, the data is outside of their trusted domain and can potentially be granted to untrusted parties which...
Recent advances in information technology make remote collaboration and resource sharing easier for next generation of distributed systems. The Intercloud is an interconnection system of several cloud provider infrastructures that allows the dynamic coordination of the deployment of applications and the distribution of the load across multiple data centers. In this paper, we propose a new design to...
In large organizations, handling personnel authorization for access to various sites within the building has always proved to be a challenge for security departments. In this work, we develop a prototype that utilizes an identity-based identification scheme to provide access control for incoming and outgoing personnel from the building, as well as their activities within. Our prototype is built using...
Electronic Health Record (EHR) systems have an abundance of convenience for telediagnosis, medical data sharing and management. The main obstacle for wide adoption of EHR systems is due to the privacy concerns of patients. In this work, we propose a role-based access control (RBAC) scheme for EHR systems to secure private EHRs. In our RBAC, there are two main types of roles, namely independent patients...
Resource discovery in special operations has been recognized as a challenging research issue. This is due to the dynamic nature of emergency intervention with its normally limited resources. We believe that the security of communications among involved parties in special operations such as military intervention missions is crucial for the success of such operations. In this paper, we develop a solution...
Collaborative sharing of information is becoming much more needed technique to achieve complex goals in today's fast-paced tech-dominant world. In our context, Personal Health Record (PHR) system has become a popular research area for sharing patients information very quickly among health professionals. PHR systems store and process sensitive information, which should have proper security mechanisms...
In the above paper, Yang et al. have proposed a multi-authority ciphertext-policy attribute-based encryption-based data access control for cloud storage, in which the authors claimed that the mechanism in dealing with attribute revocation could achieve both forward security and backward security. Unfortunately, our further analysis and investigation show that their work adopts a bidirectional re-encryption...
Security concerns are frequently mentioned among the reasons why organizations hesitate to adopt cloud computing. Given the numerous choices of cloud-resource providers, clients often find it difficult to assess their relative advantages and shortcomings with respect to security, which may prevent them from making any choice. In this paper, we describe our methodology for a hierarchical security-audit...
In service oriented computing, authentication factors have their vulnerabilities when considered exclusively. Cross-platform and service composition architectures require a complex integration procedure and limit adoptability of newer authentication models. Authentication is generally based on a binary success or failure and relies on credentials proffered at the present moment without considering...
With the rapid development of cloud computing, it is attractive for enterprise companies to outsource their data files for sharing in cloud servers, as cloud computing can offer desirable characteristics, such as on-demand self-service, broad network access, and rapid elasticity. However, by uploading data files onto cloud servers, data owners (i.e. the companies) will lose control over their own...
This demo exemplifies the use of different wireless protocols, such as BLE and NFC, to manage and control multiple door locks. Each lock is able to transfer data to a router through a wireless protocol, MiWi™. The latter is connected trough an Ethernet network to a computer that manages the permissions for each lock, logging all the events.
In cloud services, users may frequently be required to reveal their personal private information which could be stored in the cloud to used by different parts for different purposes. However, in a cloud-wide storage network, the servers are easily under strong attacks and also commonly experience software/hardware faults. As such, the private information could be under great risk in such an untrusted...
Application-based access control technologies are used to protect systems from malicious or compromised software. Existing rule-based access control systems rely on a comprehensive policy, which defines the resources an application is allowed to access. The generation of these policies is a hard and error-prone task for system engineers. In this work, we provide a framework to automate this task and...
Cloud computing is a newfound service that has a rapid growth in IT industry during recent years. Despite the several advantages of this technology there are some issues such as security and privacy that affect the reliability of cloud computing models. Access control and user authentication are the most important security issues in cloud computing. Therefore, the research has been prepared to provide...
The term big data refers to the massive amounts of digital information, which can be efficiently stored and processed on a cloud computing platform. However, security and privacy issues are magnified by high volume, variety, and velocity of big data. Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is a promising cryptographic primitive for the security of cloud storage system and can bring together...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.