Abstract
With recent advancements in wireless smart terminal manufacture and communication technologies, a huge amount of data are generated from a variety of sources including software applications and hardware devices. To make the most of big data, cloud computing can be exploited to store, share, and process the data. However, data privacy issues are still significantly challenging in practice where users’ secrets may be leaked because of diverse software vulnerabilities and hardware attacks. In this paper, to address the above security challenge of big data, we propose an efficient and secure big data storage system in cloud computing, in which a leakage-resilient encryption scheme serves as the main ingredient. What’s more, our formal security proofs analysis indicates that the proposed scheme can ensure users’ data privacy even if the partial key is leaked in cloud computing. Finally, the leakage resilience analysis indicates that the leakage ratio in our scheme can reach roughly 1/3 and is higher than other schemes. Performance comparisons show the practicability of our scheme for big data security in cloud computing.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Akavia A, Goldwasser S, Vaikuntanathan V (2009) Simultaneous hardcore bits and cryptography against memory attacks. In: Theory of cryptography conference, pp 474–495
Alwen J, Dodis Y, Wichs D (2009) Leakage-resilient public-key cryptography in the bounded-retrieval model. In: International cryptology conference on advances in cryptology, pp 36–54
Berti F, Pereira O, Peters T, Standaert FX (2017) On leakage-resilient authenticated encryption with decryption leakages. IACR Trans Symmetric Cryptol 2017(3):271–293
Brakerski Z, Kalai Y, Katz J, Vaikuntanathan V (2010) Overcoming the hole in the bucket: public-key cryptography resilient to continual memory leakage. In: IEEE symposium on foundations of computer science, pp 501–510
Chen X, Li J, Weng J, Ma J, Lou W (2016) Verifiable computation over large database with incremental updates. IEEE Trans Comput 65(10):3184–3195
Dodis Y, Haralambiev K, Lopez-Alt A, Wichs D (2010) Cryptography against continuous memory attacks. In: Foundations of computer science, pp 511–520
Dodis Y, Lewko A, Waters B, Wichs D (2011) Storing secrets on continually leaky devices. In: Foundations of computer science, pp 688–697
Dziembowski S, Pietrzak K (2008) Leakage-resilient cryptography. In: IEEE symposium on foundations of computer science, pp. 293–302
Gandolfi K, Mourtel C, Olivier F (2001) Electromagnetic analysis: concrete results. Lecture Notes Comput Sci 2162:251–261
Gao Cz, Cheng Q, He P, Susilo W, Li J (2018) Privacy-preserving naive bayes classifiers secure against the substitution-then-comparison attack. Inf Sci 444:72–88
Goldwasser S, Rothblum GN (2010) Securing computation against continuous leakage. In: Conference on advances in cryptology, pp 59–79
Gupta BB (2015) Editorial (thematic issue: cyber security, privacy and forensics for complex systems). Int J Sens Wirel Commun Control 5(1):2
Gupta S, Gupta BB (2016) An infrastructure-based framework for the alleviation of javascript worms from osn in mobile cloud platforms. In: International conference on network and system security, Springer, pp 98–109
Gupta B, Agrawal DP, Yamaguchi S (2016) Handbook of research on modern cryptographic solutions for computer and cyber security. IGI Global. https://doi.org/10.4018/978-1-5225-0105-3
Gupta B, Yamaguchi S, Agrawal DP (2018) Advances in security and privacy of multimedia big data in mobile and cloud computing. Multimed Tools Appl 77(7):9203–9208
Huang Z, Liu S, Mao X, Chen K, Li J (2017) Insight of the protection for data security under selective opening attacks. Inf Sci 412:223–241
Kurosawa K (2017) Anonymous and leakage resilient ibe and ipe. Des Codes Cryptogr 85(2):273–298
Li S, Zhang F (2013) Leakage-resilient identity-based encryption scheme. Int J Grid Utility Comput 4(2/3):187–196
Li J, Chen X, Huang X, Tang S, Xiang Y, Hassan MM, Alelaiwi A (2015) Secure distributed deduplication systems with improved reliability. IEEE Trans Comput 64(12):3569–3579
Li J, Teng M, Zhang Y, Yu Q (2016) A leakage-resilient cca-secure identity-based encryption scheme. Comput J 59(7):1066–1075
Li J, Yu Q, Zhang Y (2017) Identity-based broadcast encryption with continuous leakage resilience. Inf Sci 429:177–193
Li J, Chen X, Chow SS, Huang Q, Wong DS, Liu Z (2018a) Multi-authority fine-grained access control with accountability and its application in cloud. J Netw Comput Appl 112:89–96
Li J, Zhang Y, Chen X, Xiang Y (2018b) Secure attribute-based data sharing for resource-limited users in cloud computing. Comput Secur 72:1–12
Li P, Li T, Ye H, Li J, Chen X, Xiang Y (2018c) Privacy-preserving machine learning with multiple data providers. Future Gener Comput Syst 87:341–350
Li T, Li J, Liu Z, Li P, Jia C (2018d) Differentially private naive bayes learning over multiple data sources. Inf Sci 444:89–104
Lin Q, Li J, Huang Z, Chen W, Shen J (2018a) A short linearly homomorphic proxy signature scheme. IEEE Access 6:12966–12972
Lin Q, Yan H, Huang Z, Chen W, Shen J, Tang Y (2018b) An id-based linearly homomorphic signature scheme and its application in blockchain. IEEE Access 6:20632–20640
Liu Z, Huang Y, Li J, Cheng X, Shen C (2018) Divoram: towards a practical oblivious ram with variable block size. Inf Sci 447:1–11
Naor M, Segev G (2009) Public-key cryptosystems resilient to key leakage. In: International cryptology conference on advances in cryptology, pp 18–35
Psannis K, Stergiou C, Gupta BB (2018) Advanced media-based smart big data on intelligent cloud systems. IEEE Trans Sustain Comput. https://doi.org/10.1109/TSUSC.2018.2817043
Ruan O, Zhang Y, Zhang M, Zhou J, Harn L (2018) After-the-fact leakage-resilient identity-based authenticated key exchange. IEEE Syst J 12(2):2017–2026
Shen J, Wang C, Li T, Chen X, Huang X, Zhan ZH (2018) Secure data uploading scheme for a smart home system. Inf Sci 453:186–197
Simmons P (2011) Security through amnesia: a software-based solution to the cold boot attack on disk encryption. In: Proceedings of the 27th annual computer security applications conference, ACM, pp 73–82
Sun SF, Gu D, Liu S (2016) Efficient chosen ciphertext secure identity-based encryption against key leakage attacks. Secur Commun Netw 9(11):1417–1434
Taneja R, Gaur D (2018) Robust fuzzy neuro system for big data analytics. Dev Biol 85(2):344–357
Wu J, Ping L, Ge X, Wang Y, Fu J (2010) Cloud storage as the infrastructure of cloud computing. In: 2010 international conference on intelligent computing and cognitive informatics (ICICCI), IEEE, pp 380–383
Wu A, Zheng D, Zhang Y, Yang M (2018) Hidden policy attribute-based data sharing with direct revocation and keyword search in cloud computing. Sensors (Basel, Switzerland) 18(7):1–17. https://doi.org/10.3390/s18072158
Xie R, He C, Xie D, Gao C, Zhang X (2018) A secure ciphertext retrieval scheme against insider kgas for mobile devices in cloud storage. Secur Commun Netw 2018(3):1–7
Ye H, Liu J, Wang W, Li P, Li T, Li J (2018) Secure and efficient outsourcing differential privacy data release scheme in cyber-physical system. Future Gener Comput Syst. https://doi.org/10.1016/j.future.2018.03.034
Yu Z, Au MH, Xu Q, Yang R, Han J (2018) Towards leakage-resilient fine-grained access control in fog computing. Future Gener Comput Syst 78:763–777
Zhang Y, Chen X, Li H, Cao J (2012) Identity-based construction for secure and efficient handoff authentication schemes in wireless networks. Secur Commun Netw 5(10):1121–1130
Zhang Y, Li J, Chen X, Li H (2016a) Anonymous attribute-based proxy re-encryption for access control in cloud computing. Secur Commun Netw 9(14):2397–2411
Zhang Y, Zheng D, Chen X, Li J, Li H (2016b) Efficient attribute-based data sharing in mobile clouds. Pervasive Mob Comput 28:135–149
Zhang Y, Zheng D, Li Q, Li J, Li H (2016c) Online/offline unbounded multi-authority attribute-based encryption for data sharing in mobile cloud computing. Secur Commun Netw 9(16):3688–3702
Zhang Y, Chen X, Li J, Wong DS, Li H, You I (2017a) Ensuring attribute privacy protection and fast decryption for outsourced data security in mobile cloud computing. Inf Sci 379:42–61
Zhang Y, Li J, Zheng D, Chen X, Li H (2017b) Towards privacy protection and malicious behavior traceability in smart health. Personal Ubiquitous Comput 21(5):815–830
Zhang Y, Wu A, Zheng D (2017c) Efficient and privacy-aware attribute-based data sharing in mobile cloud computing. J Ambient Intell Humaniz Comput 21:1–10. https://doi.org/10.1007/s12652-017-0509-1
Zhang X, Chen X, Wang J, Zhan Z, Li J (2018a) Verifiable privacy-preserving single-layer perceptron training scheme in cloud computing. Soft Comput 1–14. https://doi.org/10.1007/s00500-018-3233-7
Zhang Y, Deng RH, Liu X, Zheng D (2018b) Blockchain based efficient and robust fair payment for outsourcing services in cloud computing. Inf Sci 462:262–277
Zhang Y, Deng RH, Shu J, Yang K, Zheng D (2018c) Tkse: trustworthy keyword search over encrypted data with two-side verifiability via blockchain. IEEE Access 6:31077–31087
Zhang Y, Zheng D, Deng RH (2018d) Security and privacy in smart health: efficient policy-hiding attribute-based access control. IEEE Internet of Things J 5(3):2130–2145
Zhang Y, Zheng D, Rui G, Qinglan Z (2018e) Fine-grained access control systems suitable for resource-constrained users in cloud computing. Comput Inf 37(2):327–348
Zheng D, Wu A, Zhang Y, Zhao Q (2018) Efficient and privacy-preserving medical data sharing in internet of things with limited computing power. IEEE Access 6:28019–28027
Zhou Y, Yang B (2017) Continuous leakage-resilient public-key encryption scheme with cca security. Comput J 60(8):1161–1172
Zhou Y, Yang B, Mu Y (2018) Continuous leakage-resilient identity-based encryption without random oracles. Comput J 61(4):586–600
Acknowledgements
We are grateful to the anonymous referees for their invaluable suggestions. This work is supported by National Key R&D Program of China (Nos. 2017YFB0802000), National Natural Science Foundation of China (Nos. 61772418, 61472472, 61402366), Natural Science Basic Research Plan in Shaanxi Province of China (Nos. 2018JZ6001 and 2015JQ6236). Yinghui Zhang is supported by New Star Team of Xi’an University of Posts and Telecommunications (2016-02).
Author information
Authors and Affiliations
Corresponding authors
Ethics declarations
Conflict of interest
The authors declare that they have no conflict of interest.
Ethical approval
This article does not contain any studies with human participants or animals performed by any of the authors.
Informed consent
Informed consent was obtained from all individual participants included in the study.
Additional information
Communicated by B. B. Gupta.
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Zhang, Y., Yang, M., Zheng, D. et al. Efficient and secure big data storage system with leakage resilience in cloud computing. Soft Comput 22, 7763–7772 (2018). https://doi.org/10.1007/s00500-018-3435-z
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00500-018-3435-z