Your search keyword '"Liu, Jiqiang"' showing total 13 results

1. Attribute-based proxy re-encryption with keyword search.

Author

Shi Y, Liu J, Han Z, Zheng Q, Zhang R, and Qiu S

Subjects

Algorithms, Humans, Internet, Search Engine, User-Computer Interface, Computer Security legislation & jurisprudence, Information Storage and Retrieval methods

Abstract

Keyword search on encrypted data allows one to issue the search token and conduct search operations on encrypted data while still preserving keyword privacy. In the present paper, we consider the keyword search problem further and introduce a novel notion called attribute-based proxy re-encryption with keyword search (ABRKS), which introduces a promising feature: In addition to supporting keyword search on encrypted data, it enables data owners to delegate the keyword search capability to some other data users complying with the specific access control policy. To be specific, ABRKS allows (i) the data owner to outsource his encrypted data to the cloud and then ask the cloud to conduct keyword search on outsourced encrypted data with the given search token, and (ii) the data owner to delegate other data users keyword search capability in the fine-grained access control manner through allowing the cloud to re-encrypted stored encrypted data with a re-encrypted data (embedding with some form of access control policy). We formalize the syntax and security definitions for ABRKS, and propose two concrete constructions for ABRKS: key-policy ABRKS and ciphertext-policy ABRKS. In the nutshell, our constructions can be treated as the integration of technologies in the fields of attribute-based cryptography and proxy re-encryption cryptography.

Published

2014

2. Toward conditionally anonymous Bitcoin transactions: A lightweight-script approach.

Author

Li, Lun, Liu, Jiqiang, Chang, Xiaolin, Liu, Tianhao, and Liu, Jingxian

Subjects

*BITCOIN, *INTERNET of things, *CRYPTOGRAPHY, *ALGORITHMS, *COMPUTER security

Abstract

Bitcoin is being explored for applications in various Internet of Things (IoT) scenarios as a peer-to-peer payment platform. However, security and anonymity problems exist with Bitcoin, which threaten vulnerable IoT facilities. This paper aims to achieve conditional anonymity inside Bitcoin transactions. We first propose an identity-based conditionally anonymous signature (ICAS) algorithm and then design a lightweight Bitcoin script scheme (named pay-to-public-key-hash-with-conditional-anonymity or P2PKHCA), which applies the ICAS algorithm to make conditionally anonymous Bitcoin transactions. P2PKHCA allows the identity manager to trace the real identity of users while preserving users' anonymity. Furthermore, P2PKHCA is backward compatible in terms of being able to work seamlessly with the existing Bitcoin script scheme pay-to-public-key-hash (P2PKH) in the Bitcoin network. We conduct a security analysis to verify the security features of P2PKHCA and employ a performance evaluation in terms of the cryptographic time and space costs by comparison with P2PKH. The simulation results demonstrate the effectiveness of P2PKHCA in reducing both time cost and data size. [ABSTRACT FROM AUTHOR]

Published

2020

3. The Strategy of TC 3.0: A Revolutionary Evolution in Trusted Computing

Author

Shen Changxiang, Zhang Dawei, Liu Jiqiang, Ye Heng, Qiu Shuo

Subjects

Engineering, business.industry, 0202 electrical engineering, electronic engineering, information engineering, General Earth and Planetary Sciences, 020206 networking & telecommunications, 020201 artificial intelligence & image processing, 02 engineering and technology, Trusted Computing, Computer security, computer.software_genre, business, computer, General Environmental Science

Published

2016

4. TC Assurance Architecture for Cybersecurity Infrastructure Based on Active Defense

Author

Zhang Dawei,Shen Changxiang,Liu Jiqiang

Subjects

World Wide Web, Engineering, business.industry, General Earth and Planetary Sciences, Active Defense, Architecture, Computer security, computer.software_genre, business, computer, General Environmental Science

Published

2016

5. USB key-based approach for software protection

Author

Li Meihong and Liu Jiqiang

Subjects

Password, Computer science, business.industry, Mutual authentication, USB, Security token, Computer security, computer.software_genre, law.invention, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, law, Embedded system, Key (cryptography), Message authentication code, Challenge–response authentication, business, Replay attack, computer

Abstract

With the help of the key technologies including the integrity verification, access control, and sealed storage, a kind of USB key-based approach for software protection is presented. At first, the integrity verification is used to protect the data consistency in USB key. Secondly, the mutual authentication is performed between the software and USB key to check the validity, in which identity authentication is based on the dynamic password technology. Lastly, the data is encrypted between the software and USB key using Triple DES, and the communication data is integrated with the MAC (message authentication code). Above all, the mutual authentication is to avoid the fake attack, the encrypted text is used for information hiding, the MAC is adopted to protect the communication text from being tampered, the dynamic password is used to prevent the replay attack. In addition, the play-and-plug USB interface is convenient to use.

Published

2009

6. Trust extended object-oriented security model

Author

Shen Chang-xiang, Liu Jiqiang, Han Zhen, and Liu Weiwei

Subjects

business.industry, Computer science, Mobile computing, Access control, Trusted Computing, Computer security model, Trusted Network Connect, Computer security, computer.software_genre, Code (cryptography), The Internet, Mobile technology, business, computer

Abstract

With the development of Internet and its application, mobile code technique has become a hot research area in latest years. Because mobile codes have strong ability of being independent, autonomic, mobile, and mixed with data, it's ineffective to handle their security issues with traditional access control systems. Inspired by the integration of trusted computing and object-oriented method, we propose a new trust extended object-oriented security model-TEOOSM, which can be applied to the access control system of mobile codes. Our model encapsulates the code and data, utilizes the trusted status measurement, and then effectively protects platforms, codes and data from being destroyed by malicious codes or systems.

Published

2008

7. The First International Symposium on Data, Privacy, and E-Commerce - Table of Contents

Author

Zhao Jia, Liu Jiqiang, and Chen Jing

Subjects

Information privacy, Software_OPERATINGSYSTEMS, Computer science, business.industry, Principle of least privilege, Data security, Access control, Trusted Computing, Information security, Computer security model, Computer security, computer.software_genre, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Confidentiality, business, computer

Abstract

Some secure models protect the confidentiality and some secure models protect the integrity. How to combine the two types secure models faultlessly is still a problem. At present, a serious of secure models protect both confidentiality and integrity are based on the privilege subject, but it does not satisfy the least privilege principle. In the paper, a multi-level security model based on trusted computing is proposed, and it can limit the privilege of subjects efficiently. Key words: multi-level security model, trusted computing, confidential level, integrity level, trusted subject, the least privilege

Published

2007

8. Security enhancement for two remote user authentication schemes

Author

Liu Jiqiang, Peng Shuang-he, and Han Zhen

Subjects

Challenge-Handshake Authentication Protocol, Computer science, computer.internet_protocol, Data_MISCELLANEOUS, Hash function, Email authentication, Denial-of-service attack, Computer security, computer.software_genre, One-time password, NTLMSSP, S/KEY, Password strength, Lightweight Extensible Authentication Protocol, Password authentication protocol, Message authentication code, Data Authentication Algorithm, Password, Password policy, Length extension attack, business.industry, Pass the hash, Multi-factor authentication, Hash-based message authentication code, Chip Authentication Program, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Authentication protocol, Challenge–response authentication, Reflection attack, business, computer, Computer network

Abstract

In 2002, Lee, Li, and Hwang proposed a hash-based password authentication scheme that is efficient and can be easily implemented. Recently Ku, Chen, and Lee demonstrated that Lee-Li-Hwang's hash-based password authentication scheme is vulnerable to the off line guessing attack, the denial of service attack, and the stolen verifier attack. In 2003, Chih-Wei Lin et al. proposed a security enhancement for optimal strong password authentication protocol. This paper, however, will demonstrate that Chih-Wei Lin's scheme is vulnerable to the denial of service attack. In this article, we shall propose improved schemes to these two remote user authentication schemes, which make them able to withstand denial of service attack and have about the same computational cost as originals.

Published

2005

9. Notice of Violation of IEEE Publication Principles: Secure audit logs with forward integrity message authentication codes

Author

Liu Jiqiang, Han Zhen, and Jiang Tao

Subjects

Notice, business.industry, Computer science, Message authentication code, Cryptography, Audit, Computer security, computer.software_genre, business, System monitoring, computer

Abstract

In this paper, we propose a forward integrity message authentication codes (MACs) method making all log entries generated prior to the logging machine's compromise impossible for the attacker to modify or destroy undetectably. As a good solution to keep the log data from being tempered with, the method is used in a system called secure log server in which we collect the log information for further system monitoring and auditing in our own way. A prototype was developed and the impact of its deployment in a real environment was measured.

Published

2004

10. Abstracting massive data for lightweight intrusion detection in computer networks.

Author

Wang, Wei, Liu, Jiqiang, Pitsilis, Georgios, and Zhang, Xiangliang

Subjects

*INTRUSION detection systems (Computer security), *BIG data, *FUZZY logic, *DATA analysis, *SUPPORT vector machines

Abstract

Abstract Anomaly intrusion detection in big data environments calls for lightweight models that are able to achieve real-time performance during detection. Abstracting audit data provides a solution to improve the efficiency of data processing in intrusion detection. Data abstraction refers to abstract or extract the most relevant information from the massive dataset. In this work, we propose three strategies of data abstraction, namely, exemplar extraction, attribute selection and attribute abstraction. We first propose an effective method called exemplar extraction to extract representative subsets from the original massive data prior to building the detection models. Two clustering algorithms, Affinity Propagation (AP) and traditional k -means, are employed to find the exemplars from the audit data. k -Nearest Neighbor (k -NN), Principal Component Analysis (PCA) and one-class Support Vector Machine (SVM) are used for the detection. We then employ another two strategies, attribute selection and attribute extraction, to abstract audit data for anomaly intrusion detection. Two http streams collected from a real computing environment as well as the KDD'99 benchmark data set are used to validate these three strategies of data abstraction. The comprehensive experimental results show that while all the three strategies improve the detection efficiency, the AP-based exemplar extraction achieves the best performance of data abstraction. [ABSTRACT FROM AUTHOR]

Published

2018

11. A universally composable secure grouping-proof protocol for RFID tags.

Author

Yuan, Bianqing and Liu, Jiqiang

Subjects

RADIO frequency identification systems, INTERNET protocols, COMPUTER security, ACCESS control, CYBERTERRORISM

Abstract

A grouping-proof protocol is to generate a proof that a group of tags have been scanned simultaneously in the range of a reader. Security and efficiency become the core issues when designing a grouping-proof protocol. In this paper, we first describe the deployment model, adversary model, and security requirements of a grouping-proof protocol. Then, we propose an offline reading order-independent grouping-proof protocol. To demonstrate security of our scheme, we present an ideal grouping-proof functionality in the universally composable framework. Subsequently, we prove that the proposed protocol realizes the defined ideal functionality. Compared with the existing grouping-proof protocols, our scheme satisfies the privacy and security requirements of a grouping-proof protocol including tag/reader anonymity, tag/reader location privacy, mutual authorized access, anti-active attack, anti-replay attack, concurrent security, and so on. Meanwhile, our scheme has desirable performance. It conforms to the computational constraints of low-cost passive radio frequency identification tags, which makes it suitable for large-scale application. Copyright © 2015 John Wiley & Sons, Ltd. [ABSTRACT FROM AUTHOR]

Published

2016

12. Analysis of Kim-Jeon-Yoo Password Authentication Schemes.

Author

Liu, Jiqiang and Zhong, Sheng

Subjects

*COMPUTER network security, *COMPUTER security, *DATA encryption, *PUBLIC key cryptography, *DIGITAL signatures, *ACCESS control of computer networks

Abstract

Password authentication is a type of authentication protocol for communications over an insecure network. Recently, Kim, Jeon, and Yoo gave an improvement of Yang-Shieh password authentication schemes to resist an existing forgery attack. However, in this paper, we construct a new forgery attack and show that Kim-Jeon-Yoo schemes are not secure under our attack. [ABSTRACT FROM AUTHOR]

Published

2009

13. An efficient protocol for private and accurate mining of support counts

Author

Wu, Fan, Liu, Jiqiang, and Zhong, Sheng

Subjects

*DATA mining, *COMPUTER network protocols, *COMPUTER security, *DATA encryption, *DECISION support systems

Abstract

Abstract: In recent years, a large number of data mining tools were developed, which may reveal costumers’ privacy if proper protection measure is not taken. On the other hand, customers are becoming increasingly concerned about privacy. They are reluctant to provide personal information unless privacy-preserving techniques are used. In this paper, we propose a privacy-preserving protocol for mining support counts, which maintains high accuracy and strong privacy while achieving very good efficiency. Compared with existing works with similar privacy and accuracy guarantees, our solution is much more efficient. We use identity-based cryptography, which has an additional advantage that no public key certificate is needed. Further, our evaluation results show that the protocol is very efficient and practical. [Copyright &y& Elsevier]

Published

2009