LI Zong-Yu , GUI Xiao-Lin , GU Ying-Jie , LI Xue-Song , DAI Hui-Jun , ZHANG Xue-Jun
2018, 29(7):1830-1851. DOI: 10.13328/j.cnki.jos.005354
Abstract:Cloud service mode has obtained broad application space with the rapid development of cloud computing technology. Such mode has provided users with incomparable computing power and storage space. However, privacy security of users is a primary problem in the promotion and application of the service mode. How to guarantee both the privacy and availability of data in the process of data computation remains a major challenge, and as a key means to solve this problem, homomorphic encryption technique has been a hot subject in international and domestic academic circles in recent years. In this paper, the privacy security of cloud computing, the research progress of homomorphic encryption and the application of homomorphic encryption technique in privacy protection of cloud computing are introduced. Analysis of advantages and disadvantages of various homomorphic encryption schemes is emphasized, and the future research direction is proposed.
XU Ming-Yan , ZHAO Hua , JI Xin-Sheng , SHEN Juan
2018, 29(7):1852-1862. DOI: 10.13328/j.cnki.jos.005355
Abstract:The mobile peer-to-peer environment is easier to implement in location privacy preserving research. The mobile users cooperate through P2P multi-hop routing to blur their accurate locations into a spatial cloaking region, but most existing spatial cloaking algorithm cannot work well because of the high communication overhead, time consumption and the lower success rate. This paper proposes an algorithm that can recommend user's privacy requirements by collecting users' weighed density information in their neighborhood, and therefore help mobile users to find enough collaborative users quickly. The approach shows great anonymization success rate by 92% through extensive simulation experiments for a range of P2P environment scenarios. It achieves lower communication cost and less than 500ms of searching time at the same time.
SHA Le-Tian , XIAO Fu , CHEN Wei , SUN Jing , WANG Ru-Chuan
2018, 29(7):1863-1879. DOI: 10.13328/j.cnki.jos.005356
Abstract:Leakage of backdoor privacy has become a major challenge with rapid development of industry Internet of Things (ⅡoT), causing serious threat to security and stability of industrial control system and internet of things. In this paper, some basic attributes are defined based on data feature of backdoor privacy in ⅡoT, upper semantics are extracted based on security threat in static and dynamic data flow, static and dynamic leakage degrees are generated based on multi-attribute decision-making, and finally security level and threshold are computed with grey correlation analysis. As a result, perception for leakage scenarios of backdoor privacy can be accomplished in static binary structure and dynamic data flow. Twenty seven types of backdoor privacy are chosen for testing in target environment to compute and analyze basic definitions, upper semantics and judgment semantics, and successful perception for leakage scenarios is performed via comparison between security level and threshold. In addition, effectiveness of this work is validated through comparison with other models and prototypes.
LAI Qi-Qi , YANG Bo , CHEN Yuan , HAN Lu-Lu , BAI Jian
2018, 29(7):1880-1892. DOI: 10.13328/j.cnki.jos.005357
Abstract:Privacy protection is an important security issue in today's big data information era. As one of theoretical and technical bases, cryptography can be utilized to protect several kinds of privacy information, such as content and identity. Identity-Based hash proof system is a basic cryptographic primitive, which can be used to construct lots of schemes for privacy protection. Through analyzing all existing identity-based hash proof systems based on lattices, this work reveals that one of their common deficiencies is the large bit size of ciphertext, which further results in the low efficiency of the related cryptographic schemes. Thus it is of great significance to reduce the size of their cipheretexts. In this paper, a new hash proof system is first presented based on the learning with errors assumption in the standard model, and the smoothness of the system is proved through employing the properties of discrete Gaussian distribution and smooth parameter over lattices. Then, in order to transform this new hash proof system into the identity setting, the preimage sampling function proposed by Gentry, et al. is used to sample the identity secret key for any identity id with the help of random oracle. As an extension for this new hash proof system based on lattices, an updatable hash proof system can also be obtained in the standard model. Finally, the efficiency of these new constructions is analyzed, and a comparison with other existing constructions is performed.
LI Shun-Dong , KANG Jia , YANG Xiao-Yi , DOU Jia-Wei
2018, 29(7):1893-1908. DOI: 10.13328/j.cnki.jos.005358
Abstract:Secure multiparty computation is a research focus in the international cryptographic community and a pivotal privacy preserving technology in cyberspaces. Privacy-Preserving lexicographical string sorting, as a completely new problem of secure multi-party computation, has important practical significance and broad application prospects in information security. It can not only improve the efficiency of secure database query but also solve the millionaires' problem in the case that the numbers to be compared are very large. In this study, to privately determine the lexicographical order of two private strings, an encoding scheme is first proposed to encode private numbers, then based on a homomorphic encryption algorithm supported by cloud computing outsourcing, a simple and efficient protocol is developed. Furthermore, a proof is provided to shoe that this protocol is secure in the semi-honest model, and its correctness is also analyzed. At the same time, the computational complexities and communication complexities of the protocol are analyzed, and the efficiency of the protocol on a PC is demonstrated. Finally, as a fundamental solution, the scheme is applied to solve the millionaires' problem in the case that the numbers to be compared are very large.
ZHANG Shu-Guang , XIAN He-Qun , WANG Ya-Zhe , LIU Hong-Yan , HOU Rui-Tao
2018, 29(7):1909-1921. DOI: 10.13328/j.cnki.jos.005359
Abstract:Secure data deduplication has received great attention from both academic and industrial societies. It is highly motivated for cloud service providers to delete duplicated data from their storage. Plaintext data deduplication is a simple problem, but users tend to encrypt their data with their own keys before uploading them to the cloud, which makes it difficult to perform cross user deduplication. Most current solutions to the problem rely on trusted third parties. In this study, an encrypted data deduplication scheme is presented based on an offline key distribution protocol. A bilinear mapping is constructed to verify whether different encrypted data originate from the same plaintext. Secure key storage and key delivery is achieved by using the broadcast encryption technique. An original uploading user of some data can validate successive uploading users via the cloud service provider, and the data encryption key can be distributed in an offline manner. The cloud service provider can accomplish encrypted data deduplication with no online interaction with any trusted third party. The security of the proposed scheme is analyzed and proven. Simulation experiments show that the scheme is efficient and applicable.
HUANG Wei-Qing , DING Chang , CUI Yue , WANG Si-Ye , ZHANG Yan-Fang , ZHAO Bo-Bai , ZHU Shao-Yi , MAO Rui , CHEN Chao
2018, 29(7):1922-1936. DOI: 10.13328/j.cnki.jos.005360
Abstract:With the continuous development of RFID technology, its applications in logistics management, cargo monitoring, conference security and other fields are becoming broader and broader. In wireless communication technology, the air interface defines the technical specification of the radio link between the terminal device and the network device. Most of the current RFID devices use common standardized communication protocol for data transmission, which makes the RFID systems suffer air interface intrusion by malicious devices. The air interface intrusion can then cause the security threats and data privacy protection problem in RFID systems. This study accomplishes the detection of air interface intrusion based on the real-time discovery of malicious readers. It avoids theft of data and ensures the security of data transmission. The paper mainly uses passive sensing technology for the analysis and calculation of the RFID signal, channel state and throughput information. Parameters are extracted from the received signal strength, phase and other state information to describe the wireless channel state. The extracted parameters and finite-state machine theory are used to build a perception data inference model of RFID signal and to obtain an initial steady state according to the adaptive algorithm. As a result, the specific change of RFID signal can be analyzed to complete the detection of RFID air interface intrusions.
WANG Ding , LI Wen-Ting , WANG Ping
2018, 29(7):1937-1952. DOI: 10.13328/j.cnki.jos.005361
Abstract:The design of secure and efficient user authentication protocols for multi-server environment is becoming a hot research topic in the cryptographic protocol community. Based on the widely accepted adversary model, this paper analyzes three representative, recently proposed user authentication schemes for multi-server environment. The paper reveals that:(1) Wan, et al.'s scheme is subject to offline password guessing attack as opposed to the authors' claim, and it also cannot provide user anonymity and forward secrecy; (2) Amin, et al.'s scheme cannot withstand offline password guessing attack, cannot preserve user anonymity and is vulnerable to two kinds of forward secrecy issues; (3) Reedy, et al.'s scheme cannot resist against user impersonation attack and offline password guessing attack, and also falls short of user un-traceability. The paper highlights three principles for designing more robust anonymous multi-factor authentication schemes:Public key principle, user anonymity principle and forward secrecy principle, explaining the essential reasons for the security flaws of the above protocols. It further proposes some amendments for the identified security flaws.
YIN Xin , TIAN You-Liang , WANG Hai-Long
2018, 29(7):1953-1962. DOI: 10.13328/j.cnki.jos.005362
Abstract:The verification process of the traditional delegation computation has higher computation and communication overhead as the participants are either honest or malicious. The rational delegation computation is the introduction of rational participants, and the utility function is used to guarantee the reliability of the computational results. This paper first introduces game theory into the delegation computation, and gives the only stable equilibrium solution. Second, based on the bitcoin and Micali-Rabin's random vector representation technique, a new rational delegation computation protocol is devised. The involved players, for the protocol's fairness, commit a special structured bitcoin deposit respectively, which guarantees the interests of both parties. The Micali-Rabin's technique is used for tackling the protocol's complex verification, and the verification is simple and efficient without any leak about the results. Finally, the security and performance analysis results show that the proposed protocol not only solves the complex traditional verification problem, but also ensures the interests of the honest parties.
XIONG Jin-Bo , WANG Min-Shen , TIAN You-Liang , MA Rong , YAO Zhi-Qiang , LIN Ming-Wei
2018, 29(7):1963-1980. DOI: 10.13328/j.cnki.jos.005363
Abstract:Privacy protection technology is an important guarantee to prevent the privacy disclosure of sensitive information in the cloud computing environment. In order to design better privacy protection schemes, a privacy measurement technique is required that can reflect the privacy protection intensity by measuring the disclosure risk of privacy information in the privacy protection schemes. Therefore, privacy measurement is of great significance for the privacy protection of the cloud data. This paper systematically reviews the existing methods of privacy measurement for the cloud data. Firstly, an overview of the privacy protection and privacy measurement is provided along with descriptions of some quantitative methods of the background knowledge for the attacks, some performance evaluation indexes and a comprehensive evaluation framework of the privacy protection schemes for the cloud data. Moreover, an abstract model of the privacy measurement for the cloud data is proposed, and the existing privacy measurement methods are elaborated based on anonymity, information entropy, set pair analysis theory and differential privacy respectively from the perspective of working principle and the specific implementation. Furthermore, the advantages and disadvantages and the application scopes of the above four types of privacy measurement methods are analyzed by the privacy measurement indexes and effectiveness. Finally, the development trends and the future problems of the privacy measurement for the cloud data are summarized in terms of the privacy measurement processes, effects and methods.
YE Qing-Qing , MENG Xiao-Feng , ZHU Min-Jie , HUO Zheng
2018, 29(7):1981-2005. DOI: 10.13328/j.cnki.jos.005364
Abstract:With the development of information technology in the big data era, there has been a growing concern for privacy of personal information. Privacy preserving is a key challenge when releasing and analyzing data. Centralized differential privacy is based on the assumption of a trustworthy data collector; however, it is actually a bit difficult to realize in practice. To address this issue, local differential privacy has emerged as a new model for privacy preserving with strong privacy guarantees. By resisting adversaries with any background knowledge and preventing attacks from untrustworthy data collector, local differential privacy can protect private information thoroughly. Starting with an introduction to the mechanisms and properties, this paper surveys the state of the art of local differential privacy, focusing on the frequency estimation, mean value estimation and the design of perturbation model. Following a comprehensive comparison and analysis of existing techniques, further research challenges are put forward.
ZHONG Hong , CUI Jie , ZHU Wen-Long , XU Yan
2018, 29(7):2006-2017. DOI: 10.13328/j.cnki.jos.005365
Abstract:Mobile cloud computing is a revolutionary computing paradigm for mobile applications, which enables storage and computation migration from mobile users to resource-rich and powerful cloud server. This migration causes some privacy issues in providing secure data storage, fine-grained access control and anonymity of users. The existing multi-authority ciphertext policy attribute based encryption (CP-ABE) access control scheme guarantees the confidentiality of sensitive data in the cloud server and provides fine-grained access control using defined policies. However it costs too much computation time on encryption and decryption and consumes enormous power resources, making it unsuitable for the mobile devices which are usually equipped with a limited power support. To cope with these challenging concerns, this paper proposes a new data access control scheme for cloud computing by using a new cryptographic primitive known as online/offline multi-authority ABE and the transform key technique. This scheme implements fine-grained access of data and reduces online computation cost of the encryption and decryption on the user side. The proposed scheme acquires user's secret key received from different authorities. That results in protecting privacy of each user against single authority. At last, the security and performance analysis demonstrate that this scheme has high security in terms of data confidentiality and high efficiency in terms of online computation cost.
YAO Di , ZHANG Chao , HUANG Jian-Hui , CHEN Yue-Xin , BI Jing-Ping
2018, 29(7):2018-2045. DOI: 10.13328/j.cnki.jos.005576
Abstract:With the development of mobile internet and widespread use of mobile phones, a large amount of data that contains user' time and space attributes has been generated and collected. Investigating the semantic information of the collective data plays an important role in understanding the needs, analyzing preference of the user, even recommending and predicting space and time. Recently, many researchers all over the world have turned their focus on understanding the spatio-temporal semantic data. This paper summarizes the related works regarding the spatio-temporal semantic data. Firstly, according to the tasks, the basic concepts and research frameworks are introduced; then, the works of location semantic understanding, user behavior semantic understanding and event semantic understanding are summarized. Additionally, the application scenarios of recommending and predicting space and time field are described. Finally, the future research directions of spatio-temporal data semantic understanding are discussed.
CHANG Yao-Cheng , ZHANG Yu-Xiang , WANG Hong , WAN Huai-Yu , XIAO Chun-Jing
2018, 29(7):2046-2070. DOI: 10.13328/j.cnki.jos.005538
Abstract:Keyphrases that efficiently represent the main topics discussed in a document are widely used in various document processing tasks, and automatic keyphrase extraction has been one of fundamental problems and hot research issues in the field of natural language processing (NLP). Although automatic keyphrase extraction has received a lot of attention and the extraction technologies have developed quickly, the state-of-the-art performance on this task is far from satisfactory. In order to help to solve the keyphrase extraction problem, this paper presents a survey of the latest development in keyphrase extraction, mainly including candidate keyphrase generation, feature engineering and keyphrase extraction models. In addition, some published datasets are listed, the evaluation approaches are analyzed, and the challenges and trends of automatic keyword extraction techniques are also discussed. Different from the existing surveys that mainly focus on the models of keyphrase extraction, this paper provides a features oriented survey of automatic keyphrase extraction. This perspective may help to utilize the existing features and propose the new effective extraction approaches.
2018, 29(7):2071-2091. DOI: 10.13328/j.cnki.jos.005561
Abstract:As a popular research direction in the field of machine learning, deep neural networks are prone to the phenomenon of unstable gradients in training, which has become an important element that restricts their development. How to avoid and control unstable gradients is an important research topic of deep neural networks. This paper analyzes the cause and effect of the unstable gradients, and reviews the main models and methods of solving the unstable gradients. Furthermore, the future research trends in the unstable gradients is discussed.
LIU Ao-Di , DU Xue-Hui , WANG Na , LI Shao-Zhuo
2018, 29(7):2092-2115. DOI: 10.13328/j.cnki.jos.005589
Abstract:Blockchain is a distributed public ledger technology that originates from the digital cryptocurrency, bitcoin. Its development has attracted wide attention in industry and academia fields. Blockchain has the advantages of de-centralization, trustworthiness, anonymity and immutability. It breaks through the limitation of traditional center-based technology and has broad development prospect. This paper introduces the research progress of blockchain technology and its application in the field of information security. Firstly, the basic theory and model of blockchain are introduced from five aspects:Basic framework, key technology, technical feature, and application mode and area. Secondly, from the perspective of current research situation of blockchain in the field of information security, this paper summarizes the research progress of blockchain in authentication technology, access control technology and data protection technology, and compares the characteristics of various researches. Finally, the application challenges of blockchain technology are analyzed, and the development outlook of blockchain in the field of information security is highlighted. This study intends to provide certain reference value for future research work.
ZHANG Xiao-Li , YANG Jia-Hai , SUN Xiao-Qing , WU Jian-Ping
2018, 29(7):2116-2132. DOI: 10.13328/j.cnki.jos.005555
Abstract:Cloud computing as a new computing model, provides computing and storage services to users by the virtualization technology. Users then can request and access elastic cloud resources on demand to run their applications via the Internet. Recently geo-distributed cloud has been a hot research topic in both academia and industry. It federates multiple cloud sites to maintain huge and distributed virtual resources, so as to provide better services for users. Based on fundamental research problems in geo-distributed cloud systems, this acticle describes the international and domestic research progress of this area, including architecture design, resource scheduling schemes, and security mechanisms. It also points out some of the research trends in the field.
YANG Fu-Qiang , ZHANG Ding-Hua , HUANG Kui-Dong , GAO Zong-Zhao , LIAO Jin-Ming
2018, 29(7):2133-2151. DOI: 10.13328/j.cnki.jos.005546
Abstract:Computed tomography (CT) is an imaging technique which produces cross sectional map of object from its projections. Image reconstruction algorithms require collection of projections covering the whole measurement range. Incomplete projection is still a hot research topic. This paper reviews the relationship between projection data and image reconstruction in computed tomography, and summarizes the effect of computed tomography on reconstruction quality. For the incomplete projection data acquired by different sampling strategies, the iterative algorithm is used to reconstruct the projection data. The effects of different data structures on the reconstructed image quality under uniform sampling and non-uniform sampling are studied, and the results are compared and analyzed. Meanwhile, the reasons of the reconstruction quality of the pros and cons are discussed in conjunction with the projection data distribution with different strategies. This paper provides a comprehensive sampling method for researchers in the field of CT reconstruction, and offers some ideas for the improvement of the corresponding algorithm for incomplete projection data. Furthermore, it also points out current focus of the study and research direction in future.
CHEN Gang , GUAN Nan , LÜ Ming-Song , WANG Yi
2018, 29(7):2152-2176. DOI: 10.13328/j.cnki.jos.005580
Abstract:As computer systems are more and more closely integrated into the physical world, real-time systems are required to perform more and more complex computation tasks. The development of multi-core processors makes it possible to fulfill the requirements of both real-time constraints and high computation demands. The research on real-time multicore system has attracted a lot of attention in recent years. This paper presents a survey on the research of real-time multicore system. The survey first introduces the main research problems and challenges. Then, a detailed review is provided covering the various topics, such as shared resource interference, real-time scheduling in multi-core system, parallel real-time software design, multicore virtualization, and power management under real-time constraints. Open issues and research directions are also identified in this survey.