Sharif Digital Repository

With the development of cloud computing, many enterprises have been interested in outsourcing their data to cloud servers to decrease IT costs and rise capabilities of provided services. To afford confidentiality and fine-grained data access control, attribute-based encryption (ABE) was proposed and used in several cloud storage systems. However, scalability and flexibility in key delegation and user revocation mechanisms are primary issues in ABE systems. In this paper, we introduce the concept of a fully distributed revocable ciphertext-policy hierarchical ABE (FDR-CP-HABE) and design the first FDR-CP-HABE scheme. Our scheme offers a high level of flexibility and scalability in the key... 

Cloud storage has significantly reduced data management costs for data owners. However, loss of physical control over the data after outsourcing, triggers some security concerns such as data integrity. Provable Data Possession (PDP) protocols, enable data owners to audit the integrity of their outsourced data without the need to retrieve the file from cloud server. However, most existing PDP schemes require resource-constrained users to perform costly operations for generating metadata on file blocks. In online/offline PDP mechanisms introduced most recently, the user’s computation is divided into online/offline phases, where the costly operations are allowed to be carried out in the offline... 

Cloud storage auditing is considered as a significant service used to verify the integrity of data stored in public cloud. However, most existing auditing protocols suffer form complex certificate management/verification since they rely on expensive Public Key Infrastructure (PKI). On the other hand, most cloud users have constrained computational resources. The few existing ID-based storage auditing protocols in the literature, require resource-constrained users to perform costly operations for generating metadata on file blocks. In this paper, we propose a storage auditing protocol which benefits from ID-based structure and lightweight user computations, simultaneously. Our construction... 

We study the problem of multi-user dynamic searchable symmetric encryption (DMUSSE) where a data owner stores its encrypted documents on an untrusted remote server and wishes to selectively allow multiple users to access them by issuing keyword search queries. Specifically, we consider the case where some of the users may be corrupted and colluding with the server to extract additional information about the dataset (beyond what they have access to). We provide the first formal security definition for the dynamic setting as well as forward and backward privacy definitions. We then propose SE, the first provably secure DMUSSE scheme and instantiate it in two versions, one based on oblivious... 

We introduce the notion of private set operations (PSO) as a symmetric-key primitive in the cloud scenario, where a client securely outsources his dataset to a cloud service provider and later privately issues queries in the form of common set operations. We define a syntax and security notion for PSO and propose a general construction that satisfies it. There are two main ingredients to our PSO scheme: an adjustable join (Adjoin) scheme (MIT-CSAIL-TR-2012-006 (2012) Cryptographic treatment of CryptDB's adjustable join. http://people.csail.mit.edu/nickolai/papers/popa-join-tr.pdf) and a tuple set (TSet) scheme (Cash, D., Jarecki, S., Jutla, C. S., Krawczyk, H., Rosu, M.-C., and Steiner, M.... 

Outsourcing as a useful strategy in the industry can be integrated into scheduling problems. Moreover, batch outsourcing is a practical assumption owing to the logistics issues for transferring the parts between the manufacturer and the subcontractors. However, this assumption is rarely addressed in the scheduling literature. In this paper, a novel single machine scheduling problem with the option of batch outsourcing is studied. The objective is to minimize the sum of the total completion time of the jobs and the total outsourcing cost. To solve the problem, first, two mixed-integer linear programming (MILP) models, named MP1 and MP2, are developed, which respectively use a straightforward... 

In cloud storage services, public auditing mechanisms allow a third party to verify integrity of the outsourced data on behalf of data owners without the need to retrieve data from the cloud server. In some applications, the identity of data users should be kept private from the third party auditor. Oruta is a privacy preserving public auditing scheme for shared data in the cloud which exploits ring signatures to protect the identity privacy. In this paper, we propose two attacks and demonstrate that the scheme is insecure and a dishonest server can arbitrarily tamper the outsourced data without being detected by the auditor. We also propose a solution to remedy this weakness with the... 

An adjustable join (AdjoinAdjoin) scheme [4] is a symmetric-key primitive that enables a user to securely outsource his database to a server, and later to issue join queries for a pair of columns. When queries are extended to a list of columns, the 3Partition3Partition security of Adjoin schemes [8] does not capture the expected security. To address this deficiency, we introduce the syntax and security notion of multi-adjustable join (M-AdjoinM-Adjoin) schemes. We propose a new security notion for this purpose, which we refer to as M3PartitionM3Partition. The 3Partition3Partition security of AdjoinAdjoin extends to the M3PartitionM3Partition security of M-AdjoinM-Adjoin in a straightforward...