Ownership-guaranteed security framework for the private data in the entrusted management environment
详细信息    查看全文
  • 作者:SeongMin Yoo ; Jinsul Kim ; JaeHyung Park ; Jiseung Nam ; JaeCheol Ryou
  • 关键词:Security framework ; Cloud computing ; Information security ; Key management
  • 刊名:Cluster Computing
  • 出版年:2015
  • 出版时间:September 2015
  • 年:2015
  • 卷:18
  • 期:3
  • 页码:1251-1261
  • 全文大小:1,811 KB
  • 参考文献:1.Haley, K., Wood, P.: 2013 Internet security threat report. Symantec Corporation, Mountain View (2013)
    2.Shin, J.S., Yoo, S.M., Kim, S.W., Ryou, J.C., Jang, H.J.: Study on encryption methodology of optimized for digital medical imaging data. J. Next Gener. Info. Technol. 4(8), 530-37 (2013)
    3.Pianykh, O.S.: Digital imaging and communications in medicine (DICOM): a practical introduction and survival guide. Springer, New York (2011)
    4.U.S. Government. “Guidance regarding methods for de-identification of protected health information in accordance with the health insurance portability and accountability act (HIPAA) privacy rule,-Washington D. C.: U.S. Department of Health and Human Services (2012)
    5.Huang, H.K.: PACS and imaging informatics, pp. 219-36. Wiley, Hoboken (2010)
    6.Cooke, R.E. Jr, Gaeta, M.G., Kaufman, D.M. and Henrici, G. Picture archiving and communication system, U.S. Patent No. 6,574,629 (June 2003)
    7.Chen, J., Qian, F., Yan, W., Shen, B.: Translational biomedical informatics in the cloud: present and future. Biomed Res. Int. 2013, 8 (2013)
    8.Aupet, J.B., Garcia, E., Guyennet, H., Lapayre, J.C., Martins, D.: Security in medical telediagnosis. Multimed. Serv. Intell. Environ. 3, 201-26 (2010)CrossRef
    9.Stantchev, V., Palacios, R.C., Niedermayer, M.: Cloud Computing Based Systems for Healthcare. Sci. World J. 2014, 2 (2014)CrossRef
    10.Los, R., Shackleford, D., Sullivan, B.: The notorious nine: cloud computing top threats in 2013, pp. 6-1. Cloud Security Alliance, Nevada (2013)
    11.Subashini, S., Kavitha, V.: A survey on security issues in service delivery models of cloud computing. J. Netw. Comput. Appl. 34(1), 1-1 (2011)CrossRef
    12.Sun, Y., Zhang, J., Xiong, Y., Zhu, G.: Data security and privacy in cloud computing. Int. J. Distrib. Sens. Netw. 2014, 9 (2014)
    13.Wang, J., Wang, Z.: A survey on personal data cloud. Sci. World J. 2014, 13 (2014)
    14.Wang, C., Ren, K., Lou, W., Li, J.: Toward publicly auditable secure cloud data storage services. IEEE Netw. 24(4), 19-4 (2010)CrossRef
    15.Wang, H., Wu, S., Chen, M., Wang, W.: Security protection between users and the mobile media cloud. IEEE Commun. Mag. 52(3), 73-9 (2014)CrossRef
    16.Tian, F., Gui, X., An, J., Yang, P., An, J., Yang, P., Zhao, J., Zhang, X.: Protecting location privacy for outsourced spatial data in cloud storage. Sci. World J. 2014, 11 (2014)
    17.Kwon, O., Koo, D., Shin, Y., Yoon, H.: A secure and efficient audit mechanism for dynamic shared data in cloud storage. Sci. World J. 2014, 10 (2014)
    18.Chen, C.Y., Tu, J.F.: A novel cloud computing algorithm of security and privacy. Math. Probl. Eng. 2013, 6 (2013)MathSciNet
    19.Noh, G., Chun, J.Y.: Sharing privacy protected and statistically sound clinical research data using outsourced data storage. J. Appl. Math. 2014, 12 (2014)MathSciNet
    20.Haufe, K., Dzombeta, S., Brandis, K.: Proposal for a security management in cloud computing for health care. Sci. World J. 2014, 7 (2014)CrossRef
    21.Halevi, S., Harnik, D., Pinkas, B., Peleg, A. S. Proofs of ownership in remote storage systems, Proceedings of the 18th ACM conference on Computer and communications security, pp. 491-00 (2011)
    22.Fatma, E.Z.E., Hikal, N.A., Abou-Chadi, F.E.Z.: Secure medical images sharing over cloud computing environment. Int. J. Adv. Comput. Sci. Appl. 4(5), 130-37 (2013)
    23.Yin, X.C., Thiranant, N., Lee, H.: An efficient and secure data storage scheme using ECC in cloud computing. J. Internet Comput. Serv. 15(2), 49-9 (2014)CrossRef
    24.Gao, H., Zhang, Y., Liang, S., Li, D.: A new chaotic algorithm for image encryption. Chaos Solitons Fractals 29(2), 393-99 (2006)CrossRef MATH
    25.Seenivasagam, V., Velumani, R.: A QR code based zero watermarking scheme for authentication of medical images in teleradiology cloud. Comput. Math. Methods Med. 2013, 16 (2013)MathSciNet CrossRef
    26.Ko, L.T., Chen, J.E., Shieh, Y.S.: Nested quantization index modulation for reversible watermarking and its application to healthcare information management systems. Comput. Math. Methods Med. 2012, 8 (2012)MathSciNet CrossRef
    27.Massoudi, A., Lefebvre, F., Vleeschouwer, C.D., Macq, B., Quisquater, J.J.: Overview on selective encryption of image and video: challenges and perspectives. EURASIP J. Info. Secur. 2008, 18 (2008)
    28.Shamir, A.: How to share a secret. Commun. ACM 22(11), 612-13 (1979)MathSciNet CrossRef MATH
    29.BLAKLEY, G.R. Safeguarding cryptographic keys, Proceedings of the National Computer Conference, pp. 313-17 (1979)
    30.Meijering, E.: A chronology of interpolation: from ancient astronomy to modern signal and image processing. Proc. IEEE 90(3), 319-42 (2002)CrossRef
    31.Berrut, J.P., Trefethen, L.N.: Barycentric lagrange interpolation. Siam Rev. 46(3), 501-17 (2004)MathSciNet CrossRef MATH
  • 作者单位:SeongMin Yoo (1)
    Jinsul Kim (2)
    JaeHyung Park (2)
    Jiseung Nam (2)
    JaeCheol Ryou (1)

    1. Information Security Lab., Department of Computer Engineering, Chungnam National University, Daejeon, Republic of Korea
    2. School of Electronics and Computer Engineering, Chonnam National University, Daejeon, Republic of Korea
  • 刊物类别:Computer Science
  • 刊物主题:Processor Architectures
    Operating Systems
    Computer Communication Networks
  • 出版者:Springer Netherlands
  • ISSN:1573-7543
文摘
In the environment like the Cloud computing or the picture archiving and communications systems (PACS) of the hospital, the user’s data is stored in the storage of a third party. In such entrusted management environment, security is an important issue for the user’s private data. The most basic solution is to encrypt user’s private data. However, if the encryption key is directly managed by cloud service provider (CSP) or PACS service provider (PSP), there is latent threat when it comes to the data loss or leakage which may be committed by malicious insiders. The ownership-guaranteed security framework (OGSF) divides encryption key into a single mandatory fragment and multiple optional fragments while mandating user to store the mandatory fragment in the user’s personal device and mandating CSP or PSP to manage the optional fragments. Because of this division of the management on the encryption key, the OGSF can resolve both threat from the malicious insider and the user’s mistake in same time. Keywords Security framework Cloud computing Information security Key management

© 2004-2018 中国地质图书馆版权所有 京ICP备05064691号 京公网安备11010802017129号

地址:北京市海淀区学院路29号 邮编:100083

电话:办公室:(+86 10)66554848;文献借阅、咨询服务、科技查新:66554700