Sharif Digital Repository

While data outsourcing provides some benefits, it suffers from new privacy and security concerns, mainly about the confidentiality and integrity of the stored sensitive data, as well as enforcing access control policies. Current solutions to these aims are not comprehensive and consider only one aspect of security requirements. A secure DBMS architecture is introduced that simultaneously considers confidentiality, integrity and access control enforcement requirements. The transparency of security functions from data owner, service providers, and applications facilitates the operationality of the solution.Additionally, a new indexing technique for character encrypted data is proposed that... 

Cloud computing is a new computing environment where computing infrastructure, platform and software are provided as a service. Rapid growth of cloud environments has increased the importance of security requirements and challenges for both service providers and users in cloud. Two main security issues in software as a service (SaaS) delivery model are access control and privacy preserving in basic web services and also in composite services obtaining through the automatic composition and inference of policies from the ones specified for basic services. In this thesis, we present a privacy preserving access control model and framework for service composition in SaaS delivery model of cloud... 

The rapid growth of Android operating system alongside its open-source nature has made it as the most popular operating system of mobile devices. On the other hand, regarding the increasing computational power of mobile devices, a wide variety of applications are coming to this type of devices. Meanwhile unfortunately many malicious softwares trying to keep up with other applications, are targeting this popular operating system. Therefore with regard to the fact that this type of devices usually store private and sensitive information of their users, security of mobile operating systems is considered very important. Having this matter in mind, the goal of this research work has been... 

Increasing use of new data technologies have made data collection possible in large scales. Practicallity of the data relies upon the extraction of meaningful knowledge.Data mining is a solution to this problem. One of the new areas in data mining is consideration of the concern of privacy alongside the usefulness of the mining results.Main goal of privacy preserving data mining is to develop data mining models which only extract the useful knowledge. In recent years, many researches have been done in this area. Since the literature and notation of these published works vary, a survey would help to better understand these concepts. This thesis tries to explain, analyse,unify and categorize... 

Real-time applications play a significant role in the area of VANET, and are mainly required for these kinds of networks. On the other hand, when the number of messages received by vehicles increases in the network, then the applied computation load becomes extremely high and consequently, delay on the message authentication process significantly increases. This thesis, is presented with the aim of introducing a novel cooperative message authentication (CMA) scheme for VANET, the main purpose of which is alleviating the computation load on vehicles while verifying messages by using two-part identity-based signature. The scheme enables vehicles to verify only a limited number of the total... 

In some applications in the field of information technology such as social networks and medical databases in different hospitals, sometimes an entity needs to calculate the extent of its sharing of information documents with other institutions. Access to one entity's information is not possible due to the confidentiality of users' information. Therefore, in order to calculate common documents, users should be able to do so without revealing their private information. Therefore, it is required protocols such that can only obtain the shared information between two mentioned entities, while preserving the confidentiality of uncommon information. The schemes that meet the above objectives are... 

Design of anonymous authentication scheme is one of the most important challenges in Vehicular Ad hoc Networks (VANET). Most of the existing schemes have high computational and communication overhead and they do not meet security requirements. Recently, Azees et al. have introduced an Efficient Anonymous Authentication with Conditional Privacy-Preserving (EAAP) scheme for VANET and claimed that it is secure. We show that this protocol is vulnerable against replay attack, impersonation attack and message modification attack. Also, we show that the messages sent by a vehicle are linkable. Therefore, an adversary can easily track the vehicles. In addition, it is shown that vehicles face with... 

One of the applications of Internet of things (IoT) is its usage in the eHealth area. Various types of sensors (e.g., sensor to measure heart health, blood sugar levels, and respiratory) exist that not only provide required information for patients, but also send the health information to hospital staff through the network. Leveraging this technology in various intensive care units of hospital facilitate nurses and medical staff in monitoring of patients. However, moving towards these environments leads to new security challenges. One of the most important challenges is controlling access to sensors’ data and preserving patients privacy so that doctor and nurses should access patients’... 

The Internet of Things (IoT) is rapidly expanding as an emerging concept. The connection of billions of objects and human beings creates serious challenges. Security is one of the major challenges faced by the Internet of Things, and a standardized scheme to meet security requirements has not yet been introduced. Authentication and privacy preserving users is one of the important security requirements. In this thesis, a user and a message authentication scheme in the Internet of Things are introduced, which simultaneously preserving the conditional privacy of the users. The scheme that proposed on Identity Based signature, in the verification phase user signature is verified Simultaneous,... 

The Internet of Things is one of the most common technologies in today's world where its security is an important issue. Lightweight authentication protocols are crucial for privacy preserving in Internet of Things (IoT). IoT authentication protocols must meet security requirements and resist against cryptographic threats. On the other hand, these protocols should be implementable for devices with constrained memory and computational power in this area and should not impose a heavy computational load on such devices. In some IoT devices, such as RFIDs, resource constraints are critical, such that using standard hash functions is not practical. In this applications, security requirements is... 

In this thesis, we argue that in many basic algorithms for machine learning, including support vector machine (SVM) for classification, principal component analysis (PCA) for dimensionality reduction, and regression for dependency estimation, we need the inner products of the data samples, rather than the data samples themselves. Motivated by the above observation, we introduce the problem of private inner product retrieval for distributed machine learning, where we have a system including a database of some files, duplicated across some non-colluding servers. A user intends to retrieve a subset of specific size of the inner products of the data files with minimum communication load, without... 

The internet of things is a network of interconnected things (people, electronic devices, mechanical machines, etc.) that are able to transfer data. The applications of internet of things in electronic health (eHealth) are becoming increasingly interested. Deployment of eHealth facilitates the access of users to healthcare services, and improves the quality of the services. Using cloud computing provides the accessibility of healthcare services, and enables a data owner to share his health data with doctors and healthcare service providers. Health data is considered sensitive. So, leakage of any information about it endangers data owner privacy. Attribute-based encryption is a cryptographic... 

Privacy preserving data mining helps organizations and companies not only to deal with privacy concerns of customers and regular limitations, but also to benefit from collaborative data mining. Utilizing cryptographic techniques and secure multiparty computation (SMC) are among widely employed approaches for preserving privacy in distributed data mining. The general purpose of secure multiparty computation protocols to compute specific functions on private inputs of parties in a collaborative manner and without revealing their private inputs. Providing rigorous security proof of secure multiparty computation makes it a good choice for privacy preservation, despite of its cryptographic... 

Development of Smart Grid and deployment of smart meters in large scale has raised a lot of concerns regarding customers’ privacy. Consequently, several schemes have been proposed to overcome the above mentioned issue. These schemes mainly rely on data aggregation as a method of protecting users’ privacy from the grid operators. However, the main problem with most of these schemes is the fact that they require a large amount of processing power at the meter side. This, together with the fact that smart meters don’t usually have a powerful processor, can cause the unavailability of smart meter data at the required time for operators of the grid, and at the same time disables smart meters from... 

The expansion of technology and the increasing use of mobile devices and smartphones have aected various aspects of personal and social life. These include the use of personal mobile devices in enterprise environments called BYODs have a number of positive and negative eects. On the one hand, it would be more cost-eective for an organization or business environment for users to use their own devices, but on the other hand, it poses numerous security and information challenges that are important to manage. These include disrupting the user’s privacy or disseminating organization information to personal devices and thus violating the organization’s security policies. In this study, a model is... 

The emerging applications of machine learning algorithms on mobile devices motivate us to offload the computation tasks of training a model or deploying a trained one to the cloud or at the edge of the network. One of the major challenges in this setup is to guarantee the privacy of the client data. Various methods have been proposed to protect privacy in the literature. Those include (i) adding noise to the client data, which reduces the accuracy of the result, (ii) using secure multiparty computation (MPC), which requires significant communication among the computing nodes or with the client, (iii) relying on homomorphic encryption (HE) methods, which significantly increases computation... 

In the problem of Distributed Multi¬User Secret Sharing (DMUSS), in which K users are connected through some error¬free links to N distinct storage nodes with the same size M information unit, the users desire to retrieve their corresponding secret message through an arbitrary set of accessible storage nodes. A trusted master node, which knows all of the secret messages transmits correctly and privately, the messages with a means of coding. The capacity of Distributed Multi¬User Secret Sharing is the supremum of all achievable schemes satisfying privacy and correctness conditions. In this thesis we have investigated two notions of privacy namely, individual and joint privacy. Individual... 

Vehicle Ad-hoc Network (VANET) is a type of mobile Ad-hoc network (MANETs) which vehicles are mobile nodes of this network and it can be used for various applications such as secure data sharing between vehicles, sending road information to vehicles, traffic controlling and reducing road accidents, also primary types of these networks are implemented in some systems such as “Waze” and “Balad”. On the other hand, if the security requirments are not provide in these networks, attackers can use this network to cause disruptions in this network, including intentional accidents, so providing security requirements in these networks seems necessary. Data authentication and preserving privacy of the... 

Cloud computing has a significant role in expanding applications of the Internet of Things (IoT). Currently, applications such as virtual reality and augmented reality require low latency, which is not achievable using traditional cloud computing in some scenarios. Edge computing is a new approach in IoT, which solves some of the limitations of the cloud computing by extending and developing its operations. Reducing response time and network traffic are some of the most important achievements of edge computing. Despite of its numerous advantages over cloud computing, edge computing faces serious challenges such as virtualization, implementation infrastructure, resource allocation and task... 

Lightweight clients are a type of blockchain users who do not store all the blocks in the blockchain due to limited resources. These users store only a small part of each block and when needed, request transactions from full nodes that store the entire blockchain. These users have no role in block validation and only want to receive transactions related to their addresses with proof of the inclusion in the block from full nodes.Since light clients rely on full nodes for receiving transactions, their privacy against full nodes is important. The current implementation of Bitcoin uses Bloom filters for privacy, but this offers very little privacy to the users.In this thesis, we study the...