With continuous expansion of cloud computing, problems of third-party data security become increasingly prominent. However, effective retrieval of encrypted data and other operations are difficult to achieve by tradit...
详细信息
With continuous expansion of cloud computing, problems of third-party data security become increasingly prominent. However, effective retrieval of encrypted data and other operations are difficult to achieve by traditional cryptogram systems. Thus, a practical simple fully homomorphic encryption scheme, using only elementary modular arithmetic, derived from Gentry cryptosystem is put forward to ensure the privacy-preserving in cloud storage, in which encrypted data can be operated directly without affecting the confidentiality of the encryption systems, so that it can excellently realize the need of cipertext retrieval and other processing in untrusted servers. Compared with the previous protocols Marten van Dijk et al. proposed at Advances in Cryptology-EUROCRYPT 2010 and Craig Gentry proposed in the March 2010 issue of Communications of the ACM, especially in the aspect of cipertext retrieval, the proposed scheme is much more secure and feasible. And the performance evaluation and security analysis demonstrate the practice and validity of the proposed scheme.
In this paper, an efficient two-stage segmentation framework was proposed to address the plant leaf image with overlapping phenomenon, which is built based on the leaf approximate symmetry and level set evolution theo...
详细信息
The rapid growth of new information services, especially like new media services, providing content distribution to clients with good quality of service(QoS) while retaining efficient is a great challenge. This paper ...
详细信息
The rapid growth of new information services, especially like new media services, providing content distribution to clients with good quality of service(QoS) while retaining efficient is a great challenge. This paper investigates the QoS-aware replica placement problem (QRPP) for distributed caching system. We propose a dynamic programming algorithm for the problem in general graph, it first ensures the QoS requirement is satisfied of each request, then places the replica along the request forward path to minimize the total cost. The simulation results show the dynamic programming algorithm can achive a good balance between the access latency and the requested availability. When the request is more concentrated, the dynamic programming algorithm can have better performance than the MODULO and LRU both in access latency and requested availability.
Boolean functions with large algebraic immunity resist algebraic attacks to a certain degree, but they may not resist fast algebraic attacks (FAA's). It is necessary to study the resistance of Boolean functions ag...
详细信息
Proxy re-encryption (PRE) allows the proxy to translate a ciphertext encrypted under Alice's public key into another ciphertext that can be decrypted by Bob's secret key. Identity-based proxy re-encryption (IB...
详细信息
Security has been regarded as one of the hardest problems in the development of cloud computing. This paper proposes an AllianceAuthentication protocol among Hybrid Clouds that include multiple private clouds and/or p...
详细信息
Security has been regarded as one of the hardest problems in the development of cloud computing. This paper proposes an AllianceAuthentication protocol among Hybrid Clouds that include multiple private clouds and/or public clouds. Mu tual authentication protocol among entities in the IntraCloud and InterCloud is proposed. Blind signature and bilinear mapping of automorphism groups are adopted to achieve the InterCloud Alli anceAuthentication, which overcome the complexi ty of certificate transmission and the problem of communication bottlenecks that happen in tradi tional certificatebased scheme. Blind key, instead of private key, is adopted for register, which avoids
A novel trust transmission method which is based on the similarities of nodes in trust models is proposed in this paper. Trust transmission is evaluated by calculating the similarity between recommenders when trustor ...
详细信息
The privilege in the operating system (OS) often results in the break of confidentiality and integrity of the system. To solve this problem, several security mechanisms are proposed, such as Role-based Access Control,...
详细信息
The privilege in the operating system (OS) often results in the break of confidentiality and integrity of the system. To solve this problem, several security mechanisms are proposed, such as Role-based Access Control, Separation of Duty. However, these mechanisms can not eliminate the privilege in OS kernel layer. This paper proposes a Separation of Three Powers Architecture (STPA). The authorizations in OS are divided into three parts: System Management Subsystem (SMS), Security Management Subsystem (SEMS) and Audit Subsystem (AS). Mutual support and mutual checks and balances which are the design principles of STPA eliminate the administrator in the kernel layer. Furthermore, the paper gives the formal description for authorization division using the graph theory. Finally, the implementation of STPA is given. Proved by experiments, the Separation of Three Powers Architecture we proposed can provide reliable protection for the OS through authorization division.
With the development of web service, more and more attention has been drawn to web service in recent years. However, the damage caused by service security problems is becoming more and more serious nowadays. This pape...
详细信息
The privilege in the operating system(OS) often results in the break of confidentiality and integrity of the system. To solve this problem, several security mechanisms are proposed, such as Role-based Access Control, ...
详细信息
The privilege in the operating system(OS) often results in the break of confidentiality and integrity of the system. To solve this problem, several security mechanisms are proposed, such as Role-based Access Control, Separation of Duty. However, these mechanisms can not eliminate the privilege in OS kernel layer. This paper proposes a Separation of Three Powers Architecture(STPA). The authorizations in OS are divided into three parts: System Management Subsystem(SMS), Security Management Subsystem(SEMS) and Audit Subsystem(AS). Mutual support and mutual checks and balances which are the design principles of STPA eliminate the administrator in the kernel layer. Furthermore, the paper gives the formal description for authorization division using the graph theory. Finally, the implementation of STPA is given. Proved by experiments, the Separation of Three Powers Architecture we proposed can provide reliable protection for the OS through authorization division.
暂无评论