To fight against malicious codes of P2P networks, it is necessary to study the malicious code propagation model of P2P networks in depth. The epidemic of malicious code threatening P2P systems can be divided into the ...To fight against malicious codes of P2P networks, it is necessary to study the malicious code propagation model of P2P networks in depth. The epidemic of malicious code threatening P2P systems can be divided into the active and passive propagation models and a new passive propagation model of malicious code is proposed, which differentiates peers into 4 kinds of state and fits better for actual P2P networks. From the propagation model of malicious code, it is easy to find that quickly making peers get their patched and upgraded anti-virus system is the key way of immunization and damage control. To distribute patches and immune modules efficiently, a new exponential tree plus (ET+) and vaccine distribution algorithm based on ET+ are also proposed. The performance analysis and test results show that the vaccine distribution algorithm based on ET+ is robust, efficient and much more suitable for P2P networks.展开更多
The dissociation between data management and data ownership makes it difficult to protect data security and privacy in cloud storage systems.Traditional encryption technologies are not suitable for data protection in ...The dissociation between data management and data ownership makes it difficult to protect data security and privacy in cloud storage systems.Traditional encryption technologies are not suitable for data protection in cloud storage systems.A novel multi-authority proxy re-encryption mechanism based on ciphertext-policy attribute-based encryption(MPRE-CPABE) is proposed for cloud storage systems.MPRE-CPABE requires data owner to split each file into two blocks,one big block and one small block.The small block is used to encrypt the big one as the private key,and then the encrypted big block will be uploaded to the cloud storage system.Even if the uploaded big block of file is stolen,illegal users cannot get the complete information of the file easily.Ciphertext-policy attribute-based encryption(CPABE)is always criticized for its heavy overload and insecure issues when distributing keys or revoking user's access right.MPRE-CPABE applies CPABE to the multi-authority cloud storage system,and solves the above issues.The weighted access structure(WAS) is proposed to support a variety of fine-grained threshold access control policy in multi-authority environments,and reduce the computational cost of key distribution.Meanwhile,MPRE-CPABE uses proxy re-encryption to reduce the computational cost of access revocation.Experiments are implemented on platforms of Ubuntu and CloudSim.Experimental results show that MPRE-CPABE can greatly reduce the computational cost of the generation of key components and the revocation of user's access right.MPRE-CPABE is also proved secure under the security model of decisional bilinear Diffie-Hellman(DBDH).展开更多
基金supported by the National Natural Science Foundation of China (60573141,60773041)National High Technology Research and Development Program of China (863 Program) (2006AA01Z439+12 种基金2007AA01Z404 2007AA01Z478)the Natural Science Foundation of Jiangsu Province (BK2008451)Science & Technology Project of Jiangsu Province (BE2009158)the Natural Science Foundation of Higher Education Institutions of Jiangsu Province (09KJB520010 09KJB520009)the Research Fund for the Doctoral Program of Higher Education(2009 3223120001)the Sepcialized Research Fund of Ministry of Education (2009117)High Technology Research Program of Nanjing(2007RZ127)Foundation of National Laboratory for Modern Communications (9140C1105040805)Postdoctoral Foundation of Jiangsu Province (0801019C)Science & Technology Innovation Fundfor Higher Education Institutions of Jiangsu Province (CX08B-085ZCX08B-086Z)
文摘To fight against malicious codes of P2P networks, it is necessary to study the malicious code propagation model of P2P networks in depth. The epidemic of malicious code threatening P2P systems can be divided into the active and passive propagation models and a new passive propagation model of malicious code is proposed, which differentiates peers into 4 kinds of state and fits better for actual P2P networks. From the propagation model of malicious code, it is easy to find that quickly making peers get their patched and upgraded anti-virus system is the key way of immunization and damage control. To distribute patches and immune modules efficiently, a new exponential tree plus (ET+) and vaccine distribution algorithm based on ET+ are also proposed. The performance analysis and test results show that the vaccine distribution algorithm based on ET+ is robust, efficient and much more suitable for P2P networks.
基金supported by the National Natural Science Foundation of China(6120200461472192)+1 种基金the Special Fund for Fast Sharing of Science Paper in Net Era by CSTD(2013116)the Natural Science Fund of Higher Education of Jiangsu Province(14KJB520014)
文摘The dissociation between data management and data ownership makes it difficult to protect data security and privacy in cloud storage systems.Traditional encryption technologies are not suitable for data protection in cloud storage systems.A novel multi-authority proxy re-encryption mechanism based on ciphertext-policy attribute-based encryption(MPRE-CPABE) is proposed for cloud storage systems.MPRE-CPABE requires data owner to split each file into two blocks,one big block and one small block.The small block is used to encrypt the big one as the private key,and then the encrypted big block will be uploaded to the cloud storage system.Even if the uploaded big block of file is stolen,illegal users cannot get the complete information of the file easily.Ciphertext-policy attribute-based encryption(CPABE)is always criticized for its heavy overload and insecure issues when distributing keys or revoking user's access right.MPRE-CPABE applies CPABE to the multi-authority cloud storage system,and solves the above issues.The weighted access structure(WAS) is proposed to support a variety of fine-grained threshold access control policy in multi-authority environments,and reduce the computational cost of key distribution.Meanwhile,MPRE-CPABE uses proxy re-encryption to reduce the computational cost of access revocation.Experiments are implemented on platforms of Ubuntu and CloudSim.Experimental results show that MPRE-CPABE can greatly reduce the computational cost of the generation of key components and the revocation of user's access right.MPRE-CPABE is also proved secure under the security model of decisional bilinear Diffie-Hellman(DBDH).
