Ayad Ibrahim

Anonymous Password Authentication Scheme by Using Digital Signature and Fingerprint in Cloud Computing

Cloud security represents a main hindrance that causes to retard its widespread adoption. Authentication considers a significance element of security in cloud environment, aiming to verify a users identity when a user wishes to request services from cloud. There are many authentication schemes that depend on username/password, but they are considered weak techniques of cloud authentication. A more secure scheme is the two-factor authentication that does not only verify the username/password pair, but also needs a second factor such as a token device, biometric. However, the feasibility of second-factor authentication is limited by the deployment complexity, high cost and the cloud security is compromised when the token is missing or purloined. Furthermore, these schemes are failed to resist well-known attacks such as replay attacks, reflection attacks. This paper proposes two-factor authentication scheme based on Schnorr digital signature and feature extraction from fingerprint to overcome above aforementioned issues. Security analysis and experimental results illustrate that our proposed scheme can withstand the common security attacks as well, and has a good performance of password authentication.

Cloud Authentication Based on Anonymous One-Time Password

Cloud computing contains many enterprise applications that require from each user to perform authenticate at first step. Then, he will gain a permit from the service provider to access resources at second step. The issue breach remains facing a modern computing model. A more secure scheme is the two-factor authentication (2FA) that requires a second factor (such as finger print, token) with username/password. Nevertheless, the feasibility of 2FA is largely limited by high device cost, malicious attack and the deployment complexity. In this paper, we propose a scheme of 2FA in cloud computing systems that depends on One-Time Password (OTP), Asymmetric Scalar-product Preserving Encryption (ASPE) and RSA digital signature as two factors. Furthermore, it overcomes aforementioned issues and does not require extra devices such as token device, card reader in smart card and scanner in physiological biometrics. The proposed scheme distinguishes to resist practical attacks, high-security level, anonymous password, mutual authentication, identity management, the cloud server and a user can establish authenticated session keys, reduces the cost, and good performance.

A Practical Privacy-preserving Password Authentication Scheme for Cloud Computing

An era of cloud computing allows users to profit from many privileges. However, there are several new security challenges. In fact, anonymous password authentication in the traditional setting has been suffered from many inherent drawbacks such as ease of exposure to malicious attacks and users registered their passwords in the server. Our scheme proposes the phenomenal context according to three main components: data owner, users, and service provider in cloud where users do not need to register their passwords in the service provider. Moreover, the data owner is contributed to make secure decisions, so that he manages the significant keys to other components distributedly. The proposal enjoys several advantages such as preserving privacy of password, unlink ability, and secrecy of session key. We have given a mechanism to prove the identity of the users authenticated without a need to reveal their passwords. Our approach has been achieved good results of reliability, and validity for cloud password authentication. The experimental results show an effective level of performance.

Secure Rank-Ordered Search of Multi-keyword Trapdoor over Encrypted Cloud Data

Advances in cloud computing and Internet technologies have pushed more and more data owners to outsource their data to remote cloud servers to enjoy with huge data management services in an efficient cost. However, despite its technical advances, cloud computing introduces many new security challenges that need to be addressed well. This is because, data owners, under such new setting, loss the control over their sensitive data. To keep the confidentiality of their sensitive data, data owners usually outsource the encrypted format of their data to the untrusted cloud servers. Several approaches have been provided to enable searching the encrypted data. However, the majority of these approaches are limited to handle either a single keyword search or a Boolean search but not a multikeyword ranked search, a more efficient model to retrieve the top documents corresponding to the provided keywords. In this paper, we propose a secure multi-keyword ranked search scheme over the encrypted cloud data. Such scheme allows an authorized user to retrieve the most relevant documents in a descending order, while preserving the privacy of his search request and the contents of documents he retrieved. To do so, data owner builds his searchable index, and associates with each term document with a relevance score, which facilitates document ranking. The proposed scheme uses two distinct cloud servers, one for storing the secure index, while the other is used to store the encrypted document collection. Such new setting prevents leaking the search result, i.e. the document identifiers, to the adversary cloud servers. We have conducted several empirical analyses on a real dataset to demonstrate the performance of our proposed scheme.

Approximate Keyword-based Search over Encrypted Cloud Data

To protect the privacy, users have to encrypt their sensitive data before outsourcing it to the cloud. However, the traditional encryption schemes are inadequate since they make the application of indexing and searching operations more challenging tasks. Accordingly, searchable encryption systems are developed to conduct search operations over a set of encrypted data. Unfortunately, these systems only allow their clients to perform an exact search but not approximate search, an important need for all the current information retrieval systems. Recently, an increased attention has been paid to the approximate searchable encryption systems to find keywords that match the submitted queries approximately. Our work focuses on constructing a flexible secure index that allows the cloud server to perform the approximate search operations without revealing the content of the query trapdoor or the index content. Specifically, the most recently cryptographic primitive, order preserving symmetric encryption (OPSE), has been employed to protect our keywords. Our proposed scheme divides the search operation into two steps. The first step finds the candidate list in terms of secure pruning codes. In particular, we have developed two methods to construct these pruning codes. The second step uses a semi honest third party to determine the best matching keyword depending on secure similarity function. We intend to reveal as little information as possible to that third party. We hope that developing such a system will enhance the utilization of retrieval information systems and make these systems more user-friendly.

Towards Privacy Preserving Mining over Distributed Cloud Databases

Due to great advances in computing and Internet technologies, organizations have been enabled to collect and generate a large amount of data. Most of these organizations tend to analyze their data to discover new patterns. Usually, analyzing such amount of data requires huge computational power and storage facilities that may not be available to these organizations. Cloud computing offers the best way to solve this problem. Storing the private data of different organizations in the same cloud server enhances the mining process, but at the same time, raises privacy concerns. Therefore, it is highly recommended to support privacy preserving data mining algorithms in the cloud environment. This paper introduces an efficient and accurate cryptography-based scheme for mining the cloud data in a secure way without loss of accuracy. Specifically, we address the problem of K-nearest neighbor (KNN) classification over horizontally distributed databases without revealing any unnecessary information. We have utilized the recently developed cryptography primitive, order preserving symmetric encryption (OPSE), to integrate securely the local classifications at a lower cost than the previously presented privacy preserving data mining schemes. Empirical results on real datasets demonstrate that the proposed scheme has similar performance with the naive mining systems in terms of classification accuracy.

Towards Efficient Yet Privacy-Preserving Approximate Search in Cloud Computing

Owing to the great advances in cloud computing and Internet technologies, data owners (DOs) have been motivated to outsource the storage of their data to remote cloud servers (CSs) in order to enjoy great data management service with an efficient cost. For security purposes, DOs usually have to encrypt their data prior to outsourcing it to the untrusted CSs. But encryption makes searching the encrypted data a challenging task. Recently, several approaches have been provided to enable searching over encrypted data. However, the majority of these systems are limited to handling an exact search, not a similarity search; but the latter is an important need for real-world applications. In this paper, we propose an efficient yet secure scheme to search encrypted cloud data, while recovering the misspellings and typographical errors that exist frequently both in the search request and in the source data. To do so, we use a metric space to construct a tree-based index, which allows retrieving only the relevant entries with a minimum number of distance evaluations. String embedding techniques are used to refine the relevant entries efficiently and securely. Our index construction maintains the privacy of the keyword trapdoors as well as the stored data. Comparing our scheme with other similarity searchable encryption systems via experiments shows that our scheme is efficient in terms of search time and storage overhead.

Encrypted remote user authentication scheme by using smart card

Smart card-based authentication is considered as one of the most excessively used and applied solutions for remote user authentication. In this paper, we display Wang et al.s scheme and indicate many shortcomings in their scheme. Password guessing, masquerade, Denial-Of-Service (DOS) and insider attacks could be effective. To outfight the drawbacks, we propose a strong, more secure and practical scheme, which is aimed to withstand well-known attacks. In addition, our proposed scheme provides many pivotal merits: more functions for security and effectiveness, mutual authentication, key agreement, freely chosen password, secure password change, and user anonymity. Moreover, our proposed scheme is shown to be secure against replay attack, password guessing attack, DOS attack, insider attack, and impersonate attack. Furthermore, the security analysis of our work gains it to appear in applications with high-security requirements.

Enc-DNS-HTTP: Utilising DNS Infrastructure to Secure Web Browsing

Online information security is a major concern for both users and companies, since data transferred via the Internet is becoming increasingly sensitive. The World Wide Web uses Hypertext Transfer Protocol (HTTP) to transfer information and Secure Sockets Layer (SSL) to secure the connection between clients and servers. However, Hypertext Transfer Protocol Secure (HTTPS) is vulnerable to attacks that threaten the privacy of information sent between clients and servers. In this paper, we propose Enc-DNS-HTTP for securing client requests, protecting server responses, and withstanding HTTPS attacks. Enc-DNS-HTTP is based on the distribution of a web server public key, which is transferred via a secure communication between client and a Domain Name System (DNS) server. This key is used to encrypt client-server communication. The scheme is implemented in the C programming language and tested on a Linux platform. In comparison with Apache HTTPS, this scheme is shown to have more effective resistance to attacks and improved performance since it does not involve a high number of time-consuming operations.

Privacy-Preserving Image Retrieval in IoT-Cloud

Within the IoT-cloud, security has a very significant role to play. One of the best means by which the security and privacy of an image may be safeguarded confidentially is through encryption. However, this methodological process engenders a disadvantage in that it is difficult to search through encrypted images. A number of different means by which encrypted image can be searched have been devised, however, certain security solutions may not be used for smart devices within an IoTcloud due to the fact that such solutions are not lightweight. We present a lightweight scheme that is able to provide a contentbased search through images that have been encrypted. More specifically, images are represented using local features. A similar methodology further described in [1] is also used for image similarity discrimination. In addition, we use a hashing method concerning a locality sensitive hash (LSH) so that the searchable index can be devised. The use of the LSH index means that the proficiency and effectiveness of the system is increased, which allows the retrieval of only relevant images with a minimum number of distance evaluations. Refining vector techniques are used to refine relevant results efficiently and securely. Our index construction process ensures that stored data and trapdoors are kept private.