Yao Zheng scite author profile

Abstract-Personal health record (PHR) is an emerging patient-centric model of health information exchange, which is often outsourced to be stored at a third party, such as cloud providers. However, there have been wide privacy concerns as personal health information could be exposed to those third party servers and to unauthorized parties. To assure the patients' control over access to their own PHRs, it is a promising method to encrypt the PHRs before outsourcing. Yet, issues such as risks of privacy exposure, scalability in key management, flexible access and efficient user revocation, have remained the most important challenges toward achieving fine-grained, cryptographically enforced data access control. In this paper, we propose a novel patient-centric framework and a suite of mechanisms for data access control to PHRs stored in semi-trusted servers. To achieve fine-grained and scalable data access control for PHRs, we leverage attribute based encryption (ABE) techniques to encrypt each patient's PHR file. Different from previous works in secure data outsourcing, we focus on the multiple data owner scenario, and divide the users in the PHR system into multiple security domains that greatly reduces the key management complexity for owners and users. A high degree of patient privacy is guaranteed simultaneously by exploiting multi-authority ABE. Our scheme also enables dynamic modification of access policies or file attributes, supports efficient on-demand user/attribute revocation and break-glass access under emergency scenarios. Extensive analytical and experimental results are presented which show the security, scalability and efficiency of our proposed scheme.

show abstract

DDoS attack protection in the era of cloud computing and Software-Defined Networking

Wang

et al. 2015

View full text Add to dashboard Cite

DDoS Attack Protection in the Era of Cloud Computing and Software-Defined Networking

Wang

Zheng

Lou

et al. 2014

View full text Add to dashboard Cite

Cloud computing has become the real trend of enterprise IT service model that offers cost-effective and scalable processing. Meanwhile, Software-Defined Networking (SDN) is gaining popularity in enterprise networks for flexibility in network management service and reduced operational cost. There seems a trend for the two technologies to go hand-in-hand in providing an enterprise's IT services. However, the new challenges brought by the marriage of cloud computing and SDN, particularly the implications on enterprise network security, have not been well understood. This paper sets to address this important problem. We start by examining the security impact, in particular, the impact on DDoS attack defense mechanisms, in an enterprise network where both technologies are adopted. We find that SDN technology can actually help enterprises to defend against DDoS attacks if the defense architecture is designed properly. To that end, we propose a DDoS attack mitigation architecture that integrates a highly programmable network monitoring to enable attack detection and a flexible control structure to allow fast and specific attack reaction. The simulation results show that our architecture can effectively and efficiently address the security challenges brought by the new network paradigm.

show abstract

PeerClean: Unveiling peer-to-peer botnets through dynamic group behavior analysis

Yan

Zheng

Jiang

et al. 2015

View full text Add to dashboard Cite

Radar-Based Non-Contact Continuous Identity Authentication

et al. 2020

View full text Add to dashboard Cite

Non-contact vital signs monitoring using microwave Doppler radar has shown great promise in healthcare applications. Recently, this unobtrusive form of physiological sensing has also been gaining attention for its potential for continuous identity authentication, which can reduce the vulnerability of traditional one-pass validation authentication systems. Physiological Doppler radar is an attractive approach for continuous identity authentication as it requires neither contact nor line-of-sight and does not give rise to privacy concerns associated with video imaging. This paper presents a review of recent advances in radar-based identity authentication systems. It includes an evaluation of the applicability of different research efforts in authentication using respiratory patterns and heart-based dynamics. It also identifies aspects of future research required to address remaining challenges in applying unobtrusive respiration-based or heart-based identity authentication to practical systems. With the advancement of machine learning and artificial intelligence, radar-based continuous authentication can grow to serve a wide range of valuable functions in society.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Yao Zheng

Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption

DDoS attack protection in the era of cloud computing and Software-Defined Networking

DDoS Attack Protection in the Era of Cloud Computing and Software-Defined Networking

PeerClean: Unveiling peer-to-peer botnets through dynamic group behavior analysis

Radar-Based Non-Contact Continuous Identity Authentication

Contact Info

Product

Resources

About