Visible to the public Biblio

Filters: Author is Gao, Jianbin  [Clear All Filters]
Omono, Asamoah Kwame, Wang, Yu, Xia, Qi, Gao, Jianbin.  2021.  Implicit Certificate Based Signcryption for a Secure Data Sharing in Clouds. 2021 18th International Computer Conference on Wavelet Active Media Technology and Information Processing (ICCWAMTIP). :479–484.
Signcryption is a sophisticated cryptographic tool that combines the benefits of digital signature and data encryption in a single step, resulting in reduced computation and storage cost. However, the existing signcryption techniques do not account for a scenario in which a company must escrow an employee's private encryption key so that the corporation does not lose the capacity to decrypt a ciphertext when the employee or user is no longer available. To circumvent the issue of non-repudiation, the private signing key does not need to be escrowed. As a result, this paper presents an implicit certificate-based signcryption technique with private encryption key escrow, which can assist an organization in preventing the loss of private encryption. A certificate, or more broadly, a digital signature, protects users' public encryption and signature keys from man-in-the-middle attacks under our proposed approach.
Xia, Qi, Sifah, Emmanuel Boateng, Obour Agyekum, Kwame Opuni-Boachie, Xia, Hu, Acheampong, Kingsley Nketia, Smahi, Abla, Gao, Jianbin, Du, Xiaojiang, Guizani, Mohsen.  2019.  Secured Fine-Grained Selective Access to Outsourced Cloud Data in IoT Environments. IEEE Internet of Things Journal. 6:10749–10762.
With the vast increase in data transmission due to a large number of information collected by devices, data management, and security has been a challenge for organizations. Many data owners (DOs) outsource their data to cloud repositories due to several economic advantages cloud service providers present. However, DOs, after their data are outsourced, do not have complete control of the data, and therefore, external systems are incorporated to manage the data. Several kinds of research refer to the use of encryption techniques to prevent unauthorized access to data but prove to be deficient in providing suitable solutions to the problem. In this article, we propose a secure fine-grain access control system for outsourced data, which supports read and write operations to the data. We make use of an attribute-based encryption (ABE) scheme, which is regarded as a suitable scheme to achieve access control for security and privacy (confidentiality) of outsourced data. This article considers different categories of data users, and make provisions for distinct access roles and permissible actions on the outsourced data with dynamic and efficient policy updates to the corresponding ciphertext in cloud repositories. We adopt blockchain technologies to enhance traceability and visibility to enable control over outsourced data by a DO. The security analysis presented demonstrates that the security properties of the system are not compromised. Results based on extensive experiments illustrate the efficiency and scalability of our system.