Sharif Digital Repository

Outsourcing as a useful strategy in the industry can be integrated into scheduling problems. Moreover, batch outsourcing is a practical assumption owing to the logistics issues for transferring the parts between the manufacturer and the subcontractors. However, this assumption is rarely addressed in the scheduling literature. In this paper, a novel single machine scheduling problem with the option of batch outsourcing is studied. The objective is to minimize the sum of the total completion time of the jobs and the total outsourcing cost. To solve the problem, first, two mixed-integer linear programming (MILP) models, named MP1 and MP2, are developed, which respectively use a straightforward... 

In cloud storage services, public auditing mechanisms allow a third party to verify integrity of the outsourced data on behalf of data owners without the need to retrieve data from the cloud server. In some applications, the identity of data users should be kept private from the third party auditor. Oruta is a privacy preserving public auditing scheme for shared data in the cloud which exploits ring signatures to protect the identity privacy. In this paper, we propose two attacks and demonstrate that the scheme is insecure and a dishonest server can arbitrarily tamper the outsourced data without being detected by the auditor. We also propose a solution to remedy this weakness with the... 

An adjustable join (AdjoinAdjoin) scheme [4] is a symmetric-key primitive that enables a user to securely outsource his database to a server, and later to issue join queries for a pair of columns. When queries are extended to a list of columns, the 3Partition3Partition security of Adjoin schemes [8] does not capture the expected security. To address this deficiency, we introduce the syntax and security notion of multi-adjustable join (M-AdjoinM-Adjoin) schemes. We propose a new security notion for this purpose, which we refer to as M3PartitionM3Partition. The 3Partition3Partition security of AdjoinAdjoin extends to the M3PartitionM3Partition security of M-AdjoinM-Adjoin in a straightforward... 

We study the problem of multi-user dynamic searchable symmetric encryption (DMUSSE) where a data owner stores its encrypted documents on an untrusted remote server and wishes to selectively allow multiple users to access them by issuing keyword search queries. Specifically, we consider the case where some of the users may be corrupted and colluding with the server to extract additional information about the dataset (beyond what they have access to). We provide the first formal security definition for the dynamic setting as well as forward and backward privacy definitions. We then propose SE, the first provably secure DMUSSE scheme and instantiate it in two versions, one based on oblivious... 

We introduce the notion of private set operations (PSO) as a symmetric-key primitive in the cloud scenario, where a client securely outsources his dataset to a cloud service provider and later privately issues queries in the form of common set operations. We define a syntax and security notion for PSO and propose a general construction that satisfies it. There are two main ingredients to our PSO scheme: an adjustable join (Adjoin) scheme (MIT-CSAIL-TR-2012-006 (2012) Cryptographic treatment of CryptDB's adjustable join. http://people.csail.mit.edu/nickolai/papers/popa-join-tr.pdf) and a tuple set (TSet) scheme (Cash, D., Jarecki, S., Jutla, C. S., Krawczyk, H., Rosu, M.-C., and Steiner, M.... 

Private set intersection (PSI) is a fundamental cryptographic protocol which has a wide range of applications. It enables two clients to compute the intersection of their private datasets without revealing non-matching elements. The advent of cloud computing drives the ambition to reduce computation and data management overhead by outsourcing such computations. However, since the cloud is not trustworthy, some cryptographic methods should be applied to maintain the confidentiality of datasets. But, in doing so, data owners may be excluded from access control on their outsourced datasets. Therefore, to control access rights and to interact with authorized users, they have to be online during... 

With the development of cloud computing, many enterprises have been interested in outsourcing their data to cloud servers to decrease IT costs and rise capabilities of provided services. To afford confidentiality and fine-grained data access control, attribute-based encryption (ABE) was proposed and used in several cloud storage systems. However, scalability and flexibility in key delegation and user revocation mechanisms are primary issues in ABE systems. In this paper, we introduce the concept of a fully distributed revocable ciphertext-policy hierarchical ABE (FDR-CP-HABE) and design the first FDR-CP-HABE scheme. Our scheme offers a high level of flexibility and scalability in the key... 

Cloud storage has significantly reduced data management costs for data owners. However, loss of physical control over the data after outsourcing, triggers some security concerns such as data integrity. Provable Data Possession (PDP) protocols, enable data owners to audit the integrity of their outsourced data without the need to retrieve the file from cloud server. However, most existing PDP schemes require resource-constrained users to perform costly operations for generating metadata on file blocks. In online/offline PDP mechanisms introduced most recently, the user’s computation is divided into online/offline phases, where the costly operations are allowed to be carried out in the offline... 

Cloud storage auditing is considered as a significant service used to verify the integrity of data stored in public cloud. However, most existing auditing protocols suffer form complex certificate management/verification since they rely on expensive Public Key Infrastructure (PKI). On the other hand, most cloud users have constrained computational resources. The few existing ID-based storage auditing protocols in the literature, require resource-constrained users to perform costly operations for generating metadata on file blocks. In this paper, we propose a storage auditing protocol which benefits from ID-based structure and lightweight user computations, simultaneously. Our construction... 

Large technology-intensive enterprises and companies face a constant challenge: How can a set of selected high-tech projects get done in a manner that would minimize the total cost across all projects? In majority of cases, projects are assumed independent, leading to a separate cost evaluation. This assumption often does not hold for real-world project portfolios, frequently sharing overlapping technologies. In this paper, we show how the order of the execution of the projects can directly affect the total cost of the portfolio, due to shared dependencies. Modeling the problems in this area can be achieved by combining two main fields: graph theory and technology mining. A novel method is... 

In this paper, we develop a stochastic programming model for the capacitated location-allocation problem in the heterogeneous environment where the demands are distributed according to the Bernoulli function with different probabilities. The capacitated sub-sources of facilities are also involved to satisfy customers’ demands in this work. This study aims to find optimal locations of facilities and optimal allocations of existing customers to the facilities so that the total cost of operating facilities, allocating the customers, expected servicing and outsourcing is minimized. Due to the large amount of customers with different demand probabilities, accurate estimation of the outsourcing... 

Incorporating outsourcing in scheduling is addressed by several researchers recently. However, this scope is not investigated thoroughly, particularly in the job shop environment. In this paper, a new job shop scheduling problem is studied with the option of jobs outsourcing. The problem objective is to minimise a weighted sum of makespan and total outsourcing cost. With the aim of solving this problem optimally, two solution approaches of combinatorial optimisation problems, i.e. mathematical programming and constraint programming are examined. Furthermore, two problem relaxation approaches are developed to obtain strong lower bounds for some large scale problems for which the optimality is... 

Enforcing dynamic and confidential access control policies is a challenging issue of data outsourcing to external servers due to the lack of trust towards the servers. In this paper, we propose a scalable yet flexible access control enforcement mechanism when the underlying relational data, on which access policies are defined, has been shared through a secret sharing scheme. For sharing values of an attribute in a relation, the attribute is assigned a secret distribution key and its values are split and distributed among data servers according to a Shamir based secret sharing scheme. Given access control policies over attributes of the relation schema, access to distribution keys, used... 

Enforcing dynamic and confidential access control policies is a challenging issue of data outsourcing to external servers due to the lack of trust towards the servers. In this paper, we propose a scalable yet flexible access control enforcement mechanism when the underlying relational data, on which access policies are defined, has been shared through a secret sharing scheme. For sharing values of an attribute in a relation, the attribute is assigned a secret distribution key and its values are split and distributed among data servers according to a Shamir based secret sharing scheme. Given access control policies over attributes of the relation schema, access to distribution keys, used... 

Abstract In a recent work, Alizadeh et al. (2013) studied a capacitated multi-facility location-allocation problem in which customers had stochastic demands based on the Bernoulli distribution function. Authors considered capacitated sub-sources of facilities to satisfy customer demands. In this discrete stochastic problem, the goal was to find optimal locations of facilities among candidate locations and optimal allocations of existing customers to operating facilities so that the total sum of fixed costs of operating facilities, allocation costs of customers and expected values of servicing and outsourcing costs was minimized. The model was formulated as a mixed-integer nonlinear... 

A major challenge organizations face when hosting or moving their data to the Cloud is how to support complex queries over outsourced data while preserving their confidentiality. In principle, encryption-based systems can support querying encrypted data, but their high complexity has severely limited their practical use. In this paper, we propose an efficient yet secure secret sharing-based approach for outsourcing relational data to honest-but-curious data servers. The problem with using secret sharing in a data outsourcing scenario is how to efficiently search within randomly generated shares. We present multiple partitioning methods that enable clients to efficiently search among shared... 

Researchers have been studying security challenges of database outsourcing for almost a decade. Privacy of outsourced data is one of the main challenges when the "Database As a Service" model is adopted in the service oriented trend of the cloud computing paradigm. This is due to the insecurity of the network environment or even the untrustworthiness of the service providers. This paper proposes a method to preserve privacy of outsourced data based on Shamir's secret sharing scheme. We split attribute values into several parts and distribute them among untrusted servers. The problem of using secret sharing in data outsourcing scenario is how to search efficiently within the randomly... 

An important security challenge in database outsourcing scenarios is the correctness verification of query results. The proposed approaches in the literature, impose high overhead on both the service provider and specially the clients. In this paper, we propose the Trust-Based Fake Tuples approach to audit the correctness of query results. In this approach, some fake tuples are included among the real ones in order to verify the correctness of the results. The experience learnt from past results is used in this paper to evaluate the trust toward the service provider. This trust value is used to tune the number of fake tuples and subsequently the imposed overhead. As the trust value toward... 

Security of database outsourcing, due to the untrustworthiness of service provider, is a basic challenge to have Database As a Service in a cloud computing environment. Having disparate assumptions to solve different aspects of security such as confidentiality and integrity is an obstacle for an integrated secure solution through the combination of existing approaches. Concentrating on confidentiality and integrity aspects of database outsourcing, this paper proposes an approach in which each attribute value is split up between several data servers using a customized threshold secret sharing scheme. Our approach preserves data confidentiality and at the same time provides the correctness... 

This paper proposes a horizontal fragmentation method to preserve privacy in data outsourcing. The basic idea is to identify sensitive tuples, anonymize them based on a privacy model and store them at the external server. The remaining non-sensitive tuples are also stored at the server side. While our method departs from using encryption, it outsources all the data to the server; the two important goals that existing methods are unable to achieve simultaneously. The main application of the method is for scenarios where encrypting or not outsourcing sensitive data may not guarantee the privacy