Yaping Lin

Privacy Preserving Ranked Multi-Keyword Search for Multiple Data Owners in Cloud Computing

With the advent of cloud computing, it has become increasingly popular for data owners to outsource their data to public cloud servers while allowing data users to retrieve this data. For privacy concerns, secure searches over encrypted cloud data has motivated several research works under the single owner model. However, most cloud servers in practice do not just serve one owner; instead, they support multiple owners to share the benefits brought by cloud computing. In this paper, we propose schemes to deal with privacy preserving ranked multi-keyword search in a multi-owner model (PRMSM). To enable cloud servers to perform secure search without knowing the actual data of both keywords and trapdoors, we systematically construct a novel secure search protocol. To rank the search results and preserve the privacy of relevance scores between keywords and files, we propose a novel additive order and privacy preserving function family. To prevent the attackers from eavesdropping secret keys and pretending to be legal data users submitting searches, we propose a novel dynamic secret key generation protocol and a new data user authentication protocol. Furthermore, PRMSM supports efficient data user revocation. Extensive experiments on real-world datasets confirm the efficacy and efficiency of PRMSM.

A digital watermarking approach to secure and precise range query processing in sensor networks

Two-tiered wireless sensor networks offer good scalability, efficient power usage, and space saving. However, storage nodes are more attractive to attackers than sensors because they store sensor collected data and processing sink issued queries. A compromised storage node not only reveals sensor collected data, but also may reply incomplete or wrong query results. In this paper, we propose QuerySec, a protocol that enables storage nodes to process queries correctly while prevents them from revealing both data from sensors and queries from the sink. To protect privacy, we propose an order preserving function-based scheme to encode both sensor collected data and sink issued queries, which allows storage nodes to process queries correctly without knowing the actual values of both data and queries. To preserve integrity, we proposed a link watermarking scheme, where data items are formed into a link by the watermarks embedded in them so that any deletion in query results can be detected.

Secure Ranked Multi-keyword Search for Multiple Data Owners in Cloud Computing

With the advent of cloud computing, it becomes increasingly popular for data owners to outsource their data to public cloud servers while allowing data users to retrieve these data. For privacy concerns, secure searches over encrypted cloud data motivated several researches under the single owner model. However, most cloud servers in practice do not just serve one owner, instead, they support multiple owners to share the benefits brought by cloud servers. In this paper, we propose schemes to deal with secure ranked multi-keyword search in a multi-owner model. To enable cloud servers to perform secure search without knowing the actual data of both keywords and trapdoors, we systematically construct a novel secure search protocol. To rank the search results and preserve the privacy of relevance scores between keywords and files, we propose a novel Additive Order and Privacy Preserving Function family. Extensive experiments on real-world datasets confirm the efficacy and efficiency of our proposed schemes.

Secure distributed keyword search in multiple clouds

Cloud computing provides abundant benefits including easy access, decreased costs and flexible resource management. For privacy concerns, sensitive data have to be encrypted before outsourcing, which obsoletes traditional data utilization based on plaintext keyword search. Therefore, developing a secure search service over encrypted cloud data is of paramount importance. There are several researches concerned about this problem. However, all these schemes are based on a single cloud model which has the threat of single point of failure, loss and corruption of data, loss of availability and loss of privacy. In this paper, we explore the problem of secure distributed keyword search in a multi-cloud paradigm. We first define a distributed search model. Based on this model, we propose two schemes. In scheme_I, we propose to cross-store all encrypted file slices, keywords and keys. In scheme_II, we systematically construct a keyword distributing strategy and a file distributing strategy. Further, we extend both schemes with Shamirs secret schemes to achieve better availability and robustness. Extensive experiments on real-world datasets confirm the efficacy and efficiency of our schemes.

Anonymizing popularity in online social networks with full utility

With the rapid growth of social network applications, more and more people are participating in social networks. Privacy protection in online social networks becomes an important issue. The illegal disclosure or improper use of users private information will lead to unaccepted or unexpected consequences in peoples lives. In this paper, we concern on authentic popularity disclosure in online social networks. To protect users privacy, the social networks need to be anonymized. However, existing anonymization algorithms on social networks may lead to nontrivial utility loss. The reason is that the anonymization process has changed the social networks structure. The social networks utility, such as retrieving data files, reading data files, and sharing data files among different users, has decreased. Therefore, it is a challenge to develop an effective anonymization algorithm to protect the privacy of users authentic popularity in online social networks without decreasing their utility. In this paper, we first design a hierarchical authorization and capability delegation (HACD) model. Based on this model, we propose a novel utility-based popularity anonymization (UPA) scheme, which integrates proxy re-encryption with keyword search techniques, to tackle this issue. We demonstrate that the proposed scheme can not only protect the users authentic popularity privacy, but also keep the full utility of the social network. Extensive experiments on large real-world online social networks confirm the efficacy and efficiency of our scheme.

Cooperative Data Reduction in Wireless Sensor Network

Due to the limited power constraint in sensors, dynamic scheduling with data quality management is strongly preferred in long lifetime monitoring applications. But typical techniques treat data management as an isolated process on only selected individual nodes, e.g. the centroid node. In this paper, we propose and evaluate an aggressive data reduction algorithm based on error inference within sensor segments. The architecture integrates three parallel dynamic error control mechanisms to optimize the trade-off between energy saving and data validity. We demonstrate that not only substantial energy savings can be achieved but also that an error bound specified by the application can be guaranteed. Moreover, we have investigate the system performance by using the realistic historical soil temperature data as an experimental context. The experimental results demonstrate that the system error meets the specified error tolerance and produces up to a 50 percent of the energy savings compared to several sensing schemes.

Secure and Verifiable Top-k Query in Two-Tiered Sensor Networks

Two-tiered sensor networks have been widely adopted since they offer good scalability, efficient power usage and storage saving. Storage nodes, responsible for storing data from nearby sensors and answering queries from the sink, however, are attractive to attackers. A compromised storage node would leak sensitive data to attackers and return forged or incomplete query results to the sink. In this paper, we propose SVTQ, a Secure and Verifiable Top-k Query protocol that preserves both data confidentiality and integrity of query results. To preserve data confidentiality, we propose prime aggregation whereby storage nodes can process top-k queries precisely without knowing actual data values. To preserve integrity of query results, we further propose a novel scheme called differential chain that allows the sink to verify any forged or incomplete result. Both theoretical analysis and experimental results on the real-world data set confirm the effectiveness and efficiency of SVTQ protocol.

Secure hitch in location based social networks

We propose a privacy-preserving proximity based location query (PPLQ) protocol, which enables each querier to get the location information of publisher without violating users location privacy.The proposed protocol utilizes prefix membership verification and predicate encryption technique to achieve the secure multi-dimensional keyword search and private bilateral proximity testing simultaneously.We propose a novel technique, multi-scale technique to present users location coordinates. This method enables each user to flexibly set his own location policy.We evaluate the efficacy and efficiency of the proposed scheme by using real-world dataset. The security analysis and performance evaluation show that the proposed protocol is secure and efficient. Location based services are increasingly popular, partly due to the trend of smartphone and online social network service adoption. However, it is important for location-based service provider (LBSP) to ensure user location privacy in the provision of such services. In this paper, we present a secure hitch service in location based social networks (LBSNs). To provide such a service, we propose a privacy-preserving proximity based location query (PPLQ) protocol, which is based on the hierarchical predicate encryption technique and the prefix membership verification technique. There are two types of users in this system, namely: the querier and the publisher. Our protocol allows a querier to query the location of publishers using multi-dimensional search, and it enforces distance based access control in the location queries. In order to improve the efficiency of our protocol, we use the multi-scale technique to represent users location information in the query condition and searchable index. The proposed protocol is designed to achieve multi-dimensional keyword search and bilateral private proximity testing simultaneously. Our protocol enables each user to independently define his/her own location policy for private proximity testing. In particular, we propose some solutions to reduce the search time cost of the CSP so that the time cost is acceptable for queriers. Finally, we demonstrate the utility of the protocol using simulated data on the map of the city area of Changsha and a U.S. census dataset.

Secure and Verifiable Multi-owner Ranked-Keyword Search in Cloud Computing

To preserve the privacy of cloud data, sensitive files are always encrypted by data owners, which let the keyword search be more difficult to the crucial applications. Thus, a secure and efficient keyword search protocol over encrypted files is required. Most of the prior keyword search works over encrypted cloud files focus on single-data-owner settings. However, there are a large number of data owners involved in real applications. To retrieve user required files, single-owner keyword search schemes need to be repeated several times to search over files encrypted by different unique private keys, which is a very costly way. To achieve high efficiency and privacy preserving in multi-data-owner scenario, we propose a Secure and Verifiable Multi-owner Ranked-keyword Search protocol, named SVMRS, in this paper. Specifically, to preserve privacy and to improve the keyword search precision, we combine a modified asymmetric scalar-product encryption function with the TFtimesIDF rule. Furthermore, to preserve the integrity of search results, we extend the SVMRS based on circular bidirection-linked list, which can make the query result verifiable. Detailed analysis and experiments show that the SVMRS can preserve the file privacy and integrity, and confirms the high efficacy and efficiency of SVMRS.

Privacy and integrity preserving skyline queries in tiered sensor networks

Storage nodes in two-tiered sensor networks are responsible for storing sensor-collected data and processing the sink-issued queries. Therefore, storage nodes are vulnerable to attack because of their importance. In this paper, we propose a privacy and integrity preserving protocol called SSQ, which is able to prevent compromised storage nodes from leaking sensitive data and allows the sink to detect the misbehaviors of compromised storage nodes. For privacy preserving, a size-limited bucketing technique is proposed to mix the data in a range, and a prefix membership verification technique based on Bloom filters is developed to perform skyline queries on encrypted data items. For integrity preserving, a Merkle hash tree-based technique is investigated to prevent compromised storage nodes from tampering and dropping data. Detailed performance evaluations confirm the high efficacy and efficiency of SSQ. Copyright