| Author: | Dou, Yi |
| Title: | Distributed trust evaluation protocol and secure data query schemes for intercloud |
| Advisors: | Chan, C. B. Henry (COMP) |
| Degree: | Ph.D. |
| Year: | 2018 |
| Subject: | Hong Kong Polytechnic University -- Dissertations Cloud computing Cloud computing -- Security measures |
| Department: | Department of Computing |
| Pages: | xx, 157 pages : color illustrations |
| Language: | English |
| Abstract: | The aim of Intercloud is to facilitate the sharing of data and cloud resources so that more co-operative cloud services can be provided. In this thesis, we investigate two important security issues for supporting Intercloud, namely distributed trust evaluation and secure data query. In the first part of the thesis, we present a distributed trust evaluation protocol with privacy protection for Intercloud. First, feedback privacy is protected by homomorphic encryption with verifiable secret sharing. Second, to cater for the dynamic nature of Intercloud, trust evaluation can be conducted in a distributed manner and is functional even when some of the parties are offline. Third, to facilitate customized trust evaluation, an innovative mechanism is used to store feedback, such that it can be processed flexibly while protecting feedback privacy. The protocol has been proved based on a formal security model. Simulations have been performed to demonstrate the effectiveness of the protocol. In the second part of the thesis, we design and evaluate a privacy-preserving range query scheme for cloud storage, which can protect the privacy of record and range queries. During range comparison, our scheme neither leaks the order relationship between the upper/lower bound of a range query and the encrypted index, nor produces false positives in the query results. The experimental result indicates that our scheme can achieve higher security while maintaining good efficiency. In the third part of the thesis, we investigate another secure data query issue, which is about access pattern leakage attack on searchable encryption under an Intercloud environment. Basically, both records and queries are distributed among servers of different cloud service providers, so that each cloud server can only have partial information about queries and their results. To minimize the query response time while protecting information disclosure, we formulate the record and query assignment as an optimization problem, and solve the problem (i.e., finding the best possible solution) by the minimum cut algorithm. Numerical results show that certain access pattern information can be saved by our assignment strategy while maintaining good query response time. |
| Rights: | All rights reserved |
| Access: | open access |
Files in This Item:
| File | Description | Size | Format | |
|---|---|---|---|---|
| 991022164557403411.pdf | For All Users | 3.8 MB | Adobe PDF | View/Open |
Copyright Undertaking
As a bona fide Library user, I declare that:
- I will abide by the rules and legal ordinances governing copyright regarding the use of the Database.
- I will use the Database for the purpose of my research or private study only and not for circulation or further reproduction or any other purpose.
- I agree to indemnify and hold the University harmless from and against any loss, damage, cost, liability or expenses arising from copyright infringement or unauthorized usage.
By downloading any item(s) listed above, you acknowledge that you have read and understood the copyright undertaking as stated above, and agree to be bound by all of its terms.
Please use this identifier to cite or link to this item:
https://theses.lib.polyu.edu.hk/handle/200/9599