Lightweight key management on sensitive data in the cloud

Cui, Zongmin; Zhu, Hong; Chi, Lianhua

doi:10.1002/sec.850

Cited by 10 publications

(6 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We conduct experiments to compare our work with Data Access Control for Multi‐Authority Cloud Storage (DAC‐MACS) and Encryption based on the Bridge Key (EBK) . DAC‐MACS and EBK were proposed in resent years. There are some similarities between DAC‐MACS, EBK, and IBKM: (i) DAC‐MACS and IBKM are CP‐ABE schemes.…”

Section: Methodsmentioning

confidence: 99%

“…However, methods in did not consider the scenario of multiple data providers. Moving a step forward, Cui et al , extended the "key derivation" method to support the scenario of multiple data providers by introducing the concept of “bridge key”. A legal user could derive decryption keys by his/her bridge keys.…”

Section: Related Workmentioning

confidence: 99%

“…There are some drawbacks in methods : (i) large amount of graph information are stored on the cloud for “key derivation”. (ii) Because users need the graph information to derive keys, there exists interaction between users and the cloud server during key derivation.…”

Section: Related Workmentioning

confidence: 99%

See 2 more Smart Citations

Identity‐based key management for cloud computing

Zhu

Mei

Xie

2016

Security Comm Networks

Self Cite

View full text Add to dashboard Cite

Recently, cloud computing has drawn much attention from research and industrial communities. With adoption of cloud computing, data providers can reap huge economic benefits by outsourcing their data to cloud. Because of serious privacy concerns, sensitive data should be encrypted before being outsourced. In order to share the encrypted and outsourced data, data providers need to distribute different keys to legal users. Thus, in the scenario of multiple data providers, a legal user may receive lots of keys from different providers and suffer from heavy burden from key management. In this paper, we proposed an identity-based key management scheme, which can let a legal user only maintain a single root key regardless of the number of data providers. Based on the root key, a legal user can derive different resource keys to decrypt ciphertexts from different data providers. With the help of outsourcing decryption technique, a legal user could reduce the decryption overhead by outsourcing some decryption work to cloud. We proofed the correctness and analyzed the security of the proposed scheme, further implemented the proposed scheme, and conducted extensive experiments. The results demonstrate the efficiency and practicality of our scheme.

show abstract

Section: Methodsmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Identity‐based key management for cloud computing

Zhu

Mei

Xie

2016

Security Comm Networks

Self Cite

View full text Add to dashboard Cite

show abstract

“…In the outsourcing of cloud computing, we have to consider the problem of efficiency and cost, and asymmetric encryption is less efficient than symmetric encryption . Therefore, we adopt the symmetric encryption scheme.…”

Section: Preliminariesmentioning

confidence: 99%

Privacy-preserving ranked neighbor query over encrypted graph data in the cloud

Zhu

Xie

2016

Security Comm. Networks

Self Cite

View full text Add to dashboard Cite

As cloud computing becomes prevalent, many data owners outsource their large number of graph data into the cloud for cost savings. The cloud may not be fully trusted and usually likes to learn owners' data. To protect the security of graph data, sensitive data have to be stored in an encrypted form. Neighbor queries are the most essential operations, many other operations can be built based on the neighbor queries. Ranked neighbor queries can make the queries very flexible, a query user can get ranked search results. When the graph data are encrypted, the operations over graph data are very inconvenient. Ranked neighbor queries over encrypted graph data are difficult to directly achieve. In this paper, we propose a solution to perform privacy‐preserving ranked neighbor query over encrypted graph data in the cloud, which is named as PRNQ. Our work utilizes ranking function and encryption mechanism to perform ranked neighbor query. The query users can obtain the most wanted search results by this solution. Our paper proposes a design scheme for the weighted directed graph and proves the security and correctness. Experimental results with a real graph data set demonstrate the validity and efficiency of our scheme. Copyright © 2016 John Wiley & Sons, Ltd.

show abstract

“…Effective processing and retrieval of the encrypted data can be achieved and data transmission security can be improved without requiring much storage. Cui et al [33] proposed a lightweight key management technique for ensuring high data security in the cloud system. All authorized data can be decrypted using a single key and a set of public information stored on the server.…”

mentioning

confidence: 99%

A Lightweight Hybrid Key Management Scheme using Third Party Auditor for Data Security in Cloud

vasanthi¹,

Chidambaram²

2017

IJET

View full text Add to dashboard Cite

Abstract-Authentication and key management are the key challenges in the cloud environment while exchanging the confidential information. It requires a lightweight key management protocol for communication in the cloud environment. This paper presents a lightweight hybrid key management scheme for improved data security in the cloud computing environment. A Third Party Auditor (TPA) ensures secure data communication between the data owner and cloud service provider using the proposed key management scheme. The hybrid scheme is developed by combining identity-oriented key management and pairwise probabilistic key pre-distribution schemes. The lightweight two-level session key is generated using the Hash Message Authentication Code (HMAC) and Exclusive OR (XOR) operations. It involves two level of session key establishment to reinforce the key against the traffic analysis attack. The Advanced Encryption Standard (AES) key and session key are required to download and decrypt the file. The cloud server schedules the tasks to the Virtual Machines (VMs) by applying the Genetic Algorithm (GA). The experimental analysis shows that the proposed key management scheme requires lower minimum key size, energy consumption, file uploading time, file downloading time and encryption time than the existing schemes. Keyword-Advanced Encryption Standard (AES) algorithm, Cloud Computing, Genetic Algorithm (GA), Lightweight Key Management, Third Party Auditor, Two-level Session Key I. INTRODUCTION With the rapid increase in the data sharing across the Internet, the cloud computing system is frequently used in the multiple data owner scenario. The cloud computing system offers various types of services. Platform as a Service (PaaS) is a cloud-based service that provides more choices to the subscriber for choosing the computing platform. Infrastructure as a Service (IaaS) provides the same features as the PaaS, but the customer is completely responsible for controlling the rented infrastructure. Software as a Service (SaaS) allows the business enterprises to access the functionality at a lower cost than the cost of licensed applications, as the SaaS pricing is based on a monthly fee. Due to the remote hosting of the software, the users do not need to invest in the additional hardware. The SaaS reduces the effort of installation, setup and maintenance by the business enterprises. Hence, it is referred as simply hosted applications.The data owner can upload the data to the cloud service provider and access the stored data using the software provided by the service provider. As the data received from the data owner is not enough to fill the storage space of the server, it leads to a lot of storage waste. The data received from different data owners is stored in the same server to increase the utilization rate of server storage space. There is a need to protect the confidential data for preventing the theft of confidential data by unauthorized person or other data owners. Hence, the confidential data is encrypted and stored. The data owner...

show abstract

Lightweight key management on sensitive data in the cloud

Cited by 10 publications

References 22 publications

Identity‐based key management for cloud computing

Identity‐based key management for cloud computing

Privacy-preserving ranked neighbor query over encrypted graph data in the cloud

A Lightweight Hybrid Key Management Scheme using Third Party Auditor for Data Security in Cloud

Contact Info

Product

Resources

About