Query:
学者姓名:张建标
Refining:
Year
Type
Indexed by
Source
Complex
Co-Author
Language
Clean All
Abstract :
Symmetric searchable encryption (SSE) enables users to search the ciphertext stored on the untrusted cloud without revealing the search keywords, effectively protecting users' privacy. However, most of the existing SSE schemes reveal the search or access pattern during the keyword query, which can be used by the adversary to infer the sensitive information in ciphertext, thus posing a great threat to users' privacy. To address this, we propose an SSE scheme supporting search pattern and access pattern protection in multi-cloud, called SAPM-SSE. In our scheme, an index shuffle protocol is proposed to change the content and location of the index after each query, which helps to achieve the protection of search and access pattern. Furthermore, with the purpose of improving the efficiency of shuffling, we construct a shuffling algorithm based on index cache, the number of index entries for shuffling reduced from gamma to gamma/n (n >= 1). Besides, our scheme supports the dynamic update of documents and achieves the forward security in update. Finally, security analysis and experimental results show that our scheme can achieve the protection of search pattern and access pattern with high efficiency.
Keyword :
symmetric searchable encryption symmetric searchable encryption multi-cloud multi-cloud dynamic dynamic pattern protection pattern protection
Cite:
Copy from the list or Export to your reference management。
| GB/T 7714 | Xu, Wanshan , Zhang, Jianbiao , Yuan, Yilin et al. Symmetric searchable encryption with supporting search pattern and access pattern protection in multi-cloud [J]. | CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE , 2023 , 35 (9) . |
| MLA | Xu, Wanshan et al. "Symmetric searchable encryption with supporting search pattern and access pattern protection in multi-cloud" . | CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE 35 . 9 (2023) . |
| APA | Xu, Wanshan , Zhang, Jianbiao , Yuan, Yilin , Wang, Xiao . Symmetric searchable encryption with supporting search pattern and access pattern protection in multi-cloud . | CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE , 2023 , 35 (9) . |
| Export to | NoteExpress RIS BibTex |
Abstract :
Public cloud computing has become increasingly popular due to the rapid advancements in communication and networking technology. As a result, it is widely used by businesses, corporations, and other organizations to boost the productivity. However, the result generated by millions of network-enabled IoT devices and kept on the public cloud server, as well as the latency in response and safe transmission, are important issues that IoT faces when using the public cloud computing. These concerns and obstacles can only be overcome by designing a robust mutual authentication and secure cross-verification mechanism. Therefore, we have attempted to design a cryptographic protocol based on a simple hash function, xor operations, and the exchange of random numbers. The security of the proposed protocol has formally been verified using the ROR model, ProVerif2.03, and informally using realistic discussion. In contrast, the performance metrics have been analyzed by looking into the security feature, communication, and computation costs. To sum it up, we have compared our proposed security mechanism with the state-of-the-art protocols, and we recommend it to be effectively implemented in the public cloud computing environment.
Cite:
Copy from the list or Export to your reference management。
| GB/T 7714 | Khan, Naveed , Zhang, Jianbiao , Ali, Jehad et al. A Provable Secure Cross-Verification Scheme for IoT Using Public Cloud Computing [J]. | SECURITY AND COMMUNICATION NETWORKS , 2022 , 2022 . |
| MLA | Khan, Naveed et al. "A Provable Secure Cross-Verification Scheme for IoT Using Public Cloud Computing" . | SECURITY AND COMMUNICATION NETWORKS 2022 (2022) . |
| APA | Khan, Naveed , Zhang, Jianbiao , Ali, Jehad , Pathan, Muhammad Salman , Chaudhry, Shehzad Ashraf . A Provable Secure Cross-Verification Scheme for IoT Using Public Cloud Computing . | SECURITY AND COMMUNICATION NETWORKS , 2022 , 2022 . |
| Export to | NoteExpress RIS BibTex |
Abstract :
Everyone desires to avail online services provided by different service providers securely, efficiently, and effectively. In this regard, security is still a significant concern for them. However, no one guarantees secure communication by browsing different applications remotely. To ensure confidentiality, authorization, availability, nonrepudiation, and removing eavesdropping, without a robust authentication scheme, nothing will go right. Therefore, we attempted to design a robust and privacy-preserving authentication scheme for end-users to securely access public cloud servers' services remotely without losing performance. Our proposed scheme security has been evaluated formally using the random oracle model (ROM) and ProVerif2.03 and informally using proposition and discussion. At the same time, the performance metric has been analyzed by considering the scheme's computation and communication costs. Upon comparing the proposed scenario with state-of-the-artwork, it has been demonstrated that the scheme is much better in terms of security and performance, as these are contradicting metrics, and the change in one conversely affects the other.
Cite:
Copy from the list or Export to your reference management。
| GB/T 7714 | Khan, Naveed , Zhang, Jianbiao , Jan, Saeed Ullah . A Robust and Privacy-Preserving Anonymous User Authentication Scheme for Public Cloud Server [J]. | SECURITY AND COMMUNICATION NETWORKS , 2022 , 2022 . |
| MLA | Khan, Naveed et al. "A Robust and Privacy-Preserving Anonymous User Authentication Scheme for Public Cloud Server" . | SECURITY AND COMMUNICATION NETWORKS 2022 (2022) . |
| APA | Khan, Naveed , Zhang, Jianbiao , Jan, Saeed Ullah . A Robust and Privacy-Preserving Anonymous User Authentication Scheme for Public Cloud Server . | SECURITY AND COMMUNICATION NETWORKS , 2022 , 2022 . |
| Export to | NoteExpress RIS BibTex |
Abstract :
The flow of data across nodes has become the dominant feature of data sharing in distributed environments with increasingly blurred boundaries, where it is crucial to maintain data access dynamic, trusted, and efficient. However, traditional centralized access control models are not only difficult to apply in distributed environments but also ignore trusted verification of authorized entities. What's worse, existing access control models rarely consider themselves security, lack independence, at a high risk of being bypassed or tampered with. Thus, we propose in this paper a distributed, dynamic, and trusted access control model, DDTAC-BSS, where the standard Attribute-Based Access Control (ABAC) architecture is modified and extended. To reduce the attack surface, we separate policy enforcement point (PEP) from other core components, they are located in the node system and access control system, respectively. Then, the access control entry point (ACEP) is added as the only interface for the node system to interact with the access control system. Subsequently, the model introduces the entity trusted assessment mechanism to improve the trustworthiness of access control services. Driven by the dynamic attributes, our model can achieve dynamic trusted authorization and fine-grained access control. Moreover, we implement a lightweight, independent, and distributed security subsystem to achieve unified management of policies and decision-making autonomy by message-driven. By considering the independence of the security subsystem, a trusted operating environment is built based on Trusted Execution Environment (TEE) to ensure the security of the access control mechanism itself. The security of our model is proved rigorously based on the non-interference theory. Comprehensive experiments and comparisons have demonstrated the superior functionality, comparable performance, and strong security of our model.
Keyword :
Data models Data models non-interference non-interference decision-making autonomy decision-making autonomy Distributed databases Distributed databases Cross node access control Cross node access control Standards Standards trusted assessment trusted assessment Trusted computing Trusted computing Dynamic scheduling Dynamic scheduling Security Security independent independent Authorization Authorization
Cite:
Copy from the list or Export to your reference management。
| GB/T 7714 | Huang, Haoxiang , Zhang, Jianbiao , Hu, Jun et al. Research on Distributed Dynamic Trusted Access Control Based on Security Subsystem [J]. | IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY , 2022 , 17 : 3306-3320 . |
| MLA | Huang, Haoxiang et al. "Research on Distributed Dynamic Trusted Access Control Based on Security Subsystem" . | IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY 17 (2022) : 3306-3320 . |
| APA | Huang, Haoxiang , Zhang, Jianbiao , Hu, Jun , Fu, Yingfang , Qin, Chenggang . Research on Distributed Dynamic Trusted Access Control Based on Security Subsystem . | IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY , 2022 , 17 , 3306-3320 . |
| Export to | NoteExpress RIS BibTex |
Abstract :
Almost all existing data integrity verification schemes upload outsourced files and tags set to the CSP simultaneously. Thus, in this paper, we provide a novel idea to construct the integrity verification scheme via blockchain. The construction of the proposed scheme is based on identity-based encryption (IBE) which avoids the complex certificate management caused by the public key infrastructure (PKI). Our scheme decides to upload tags set to the blockchain to achieve the separate storage of the tags set and files. The characteristics of the blockchain determine that the tags set will not be forged. But separate storage may cause the information returned by the three parties participating in the public auditing to be out of sync; thus, a small data structure-audit log is introduced to solve this problem. The advantages of audit log can not only guarantee the correct and smooth implementation of the proposed scheme, but also prove the TPA's innocence when necessary. Moreover, the security of our scheme is strictly proved. Finally, a series of performance evaluations demonstrate that our scheme is efficient and feasible.
Keyword :
Cloud security storage Cloud security storage Identity-based encryption Identity-based encryption Public auditing Public auditing Blockchain Blockchain Integrity verification Integrity verification
Cite:
Copy from the list or Export to your reference management。
| GB/T 7714 | Yuan, Yilin , Zhang, Jianbiao , Xu, Wanshan et al. Identity-based public data integrity verification scheme in cloud storage system via blockchain [J]. | JOURNAL OF SUPERCOMPUTING , 2022 , 78 (6) : 8509-8530 . |
| MLA | Yuan, Yilin et al. "Identity-based public data integrity verification scheme in cloud storage system via blockchain" . | JOURNAL OF SUPERCOMPUTING 78 . 6 (2022) : 8509-8530 . |
| APA | Yuan, Yilin , Zhang, Jianbiao , Xu, Wanshan , Li, Zheng . Identity-based public data integrity verification scheme in cloud storage system via blockchain . | JOURNAL OF SUPERCOMPUTING , 2022 , 78 (6) , 8509-8530 . |
| Export to | NoteExpress RIS BibTex |
Abstract :
As the public cloud becomes one of the leading ways in data-sharing nowadays, data confidentiality and user privacy are increasingly critical. Partially policy-hidden ciphertext policy attribute-based encryption (CP-ABE) can effectively protect data confidentiality while reducing privacy leakage by hiding part of the access structure. However, it cannot satisfy the need of data sharing in the public cloud with complex users and large amounts of data, both in terms of less expressive access structures and limited granularity of policy hiding. Moreover, the verification of access right to shared data and correctness of decryption are ignored or conducted by an untrusted third party, and the prime-order groups are seldom considered in the expressive policy-hidden schemes. This article proposes a fully policy-hidden CP-ABE scheme constructed on linear secret sharing scheme (LSSS) access structure and prime-order groups for public cloud data sharing. To help users decrypt, hidden vector encryption (HVE) with a "convert step" is applied, which is more compatible with CP-ABE. Meanwhile, decentralized credible verification of access right to shared data and correctness of decryption based on blockchain are also provided. We prove the security of our scheme rigorously and compare the scheme with others comprehensively. The results show that our scheme performs better.
Keyword :
Data privacy Data privacy Costs Costs policy-hidden ciphertext policy attribute-based encryption (CP-ABE) policy-hidden ciphertext policy attribute-based encryption (CP-ABE) Blockchains Blockchains hidden vector encryption (HVE) hidden vector encryption (HVE) Encryption Encryption privacy preserving privacy preserving Servers Servers Blockchain Blockchain linear secret sharing scheme (LSSS) linear secret sharing scheme (LSSS) Cloud computing Cloud computing Privacy Privacy
Cite:
Copy from the list or Export to your reference management。
| GB/T 7714 | Zhang, Zhaoqian , Zhang, Jianbiao , Yuan, Yilin et al. An Expressive Fully Policy-Hidden Ciphertext Policy Attribute-Based Encryption Scheme With Credible Verification Based on Blockchain [J]. | IEEE INTERNET OF THINGS JOURNAL , 2022 , 9 (11) : 8681-8692 . |
| MLA | Zhang, Zhaoqian et al. "An Expressive Fully Policy-Hidden Ciphertext Policy Attribute-Based Encryption Scheme With Credible Verification Based on Blockchain" . | IEEE INTERNET OF THINGS JOURNAL 9 . 11 (2022) : 8681-8692 . |
| APA | Zhang, Zhaoqian , Zhang, Jianbiao , Yuan, Yilin , Li, Zheng . An Expressive Fully Policy-Hidden Ciphertext Policy Attribute-Based Encryption Scheme With Credible Verification Based on Blockchain . | IEEE INTERNET OF THINGS JOURNAL , 2022 , 9 (11) , 8681-8692 . |
| Export to | NoteExpress RIS BibTex |
Abstract :
基于BMC的服务器可信启动方法研究
Keyword :
主动度量 主动度量 可信启动 可信启动 星型链 星型链 BMC BMC
Cite:
Copy from the list or Export to your reference management。
| GB/T 7714 | 徐万山 , 张建标 , 袁艺林 et al. 基于BMC的服务器可信启动方法研究 [J]. | 徐万山 , 2021 , (5) : 67-73 . |
| MLA | 徐万山 et al. "基于BMC的服务器可信启动方法研究" . | 徐万山 5 (2021) : 67-73 . |
| APA | 徐万山 , 张建标 , 袁艺林 , 李铮 , 信息网络安全 . 基于BMC的服务器可信启动方法研究 . | 徐万山 , 2021 , (5) , 67-73 . |
| Export to | NoteExpress RIS BibTex |
Abstract :
一种基于区块链的域间访问控制模型
Keyword :
访问控制 访问控制 数据共享 数据共享 区块链 区块链 ABAC ABAC 跨域 跨域
Cite:
Copy from the list or Export to your reference management。
| GB/T 7714 | 张建标 , 张兆乾 , 徐万山 et al. 一种基于区块链的域间访问控制模型 [J]. | 张建标 , 2021 , 32 (5) : 1547-1564 . |
| MLA | 张建标 et al. "一种基于区块链的域间访问控制模型" . | 张建标 32 . 5 (2021) : 1547-1564 . |
| APA | 张建标 , 张兆乾 , 徐万山 , 吴娜 , 软件学报 . 一种基于区块链的域间访问控制模型 . | 张建标 , 2021 , 32 (5) , 1547-1564 . |
| Export to | NoteExpress RIS BibTex |
Abstract :
云计算、物联网和移动互联网等新型计算模式的出现,使得域间相互访问以及数据共享的需求不断扩大,而目前"中心化"的传统访问控制技术所显现出的访问控制策略执行不透明、动态数据管理不灵活、资源拥有者自主性差,使其难以满足海量、动态和分布的新型计算模式.提出了一种以ABAC模型为基础、以区块链为交互方式的域间访问控制模型.介绍了ABAC模型和区块链的技术原理、特点、研究现状,详细阐述了模型框架,对ABAC模型进行了形式化定义;同时,对模型中的智能合约进行了具体描述,给出了本模型在具体场景中的应用和具体的访问控制流程;最后对比了现有的研究方案.该模型可以为域间访问提供标准化的安全、便捷、自主且细粒度的访问...
Keyword :
区块链 区块链 数据共享 数据共享 访问控制 访问控制 跨域 跨域 ABAC ABAC
Cite:
Copy from the list or Export to your reference management。
| GB/T 7714 | 张建标 , 张兆乾 , 徐万山 et al. 一种基于区块链的域间访问控制模型 [J]. | 软件学报 , 2021 , 32 (05) : 1547-1564 . |
| MLA | 张建标 et al. "一种基于区块链的域间访问控制模型" . | 软件学报 32 . 05 (2021) : 1547-1564 . |
| APA | 张建标 , 张兆乾 , 徐万山 , 吴娜 . 一种基于区块链的域间访问控制模型 . | 软件学报 , 2021 , 32 (05) , 1547-1564 . |
| Export to | NoteExpress RIS BibTex |
Abstract :
Security of sensing network is the core of the security of the Internet of Things (IoT). The available researches cannot guarantee to prevent attacks from malicious nodes. We propose a trusted measurement scheme of behaviors for IoT. First, we construct a formal model for the behaviors of sensing nodes and of the whole sensing network, and proposed a framework of a trusted measurement of behaviors, which contains both direct and indirect trusted measurements. Afterward, we verify the efficacy of the proposed methods. Experiments suggest that the proposed trusted measurement scheme provides efficient anti-attack performance. © 2020 THE AUTHORS
Keyword :
Internet of things Internet of things Trusted computing Trusted computing
Cite:
Copy from the list or Export to your reference management。
| GB/T 7714 | Ye, Tao , Ning, Zhenhu , Zhang, Jianbiao et al. Trusted measurement of behaviors for the Internet of Things [J]. | Alexandria Engineering Journal , 2021 , 60 (1) : 1477-1488 . |
| MLA | Ye, Tao et al. "Trusted measurement of behaviors for the Internet of Things" . | Alexandria Engineering Journal 60 . 1 (2021) : 1477-1488 . |
| APA | Ye, Tao , Ning, Zhenhu , Zhang, Jianbiao , Xu, Meng . Trusted measurement of behaviors for the Internet of Things . | Alexandria Engineering Journal , 2021 , 60 (1) , 1477-1488 . |
| Export to | NoteExpress RIS BibTex |
Export
| Results: |
Selected to |
| Format: |
