With the rapid development of very large, diverse, complex, and distributed datasets generated from internet transactions, emails, videos, business information systems, manufacturing industry, sensors and internet of things etc., cloud and big data computation have emerged as a cornerstone of modern applications. Indeed, on the one hand, cloud and big data applications are becoming a main driver for economic growth. On the other hand, cloud and big data techniques may threaten people and enterprises’ privacy and security due to ever increasing exposure of their data to massive access. In this paper, aiming at providing secure cloud data sharing services in cloud storage, we propose a scalable and controllable cloud data sharing framework for cloud users (called: Scanf). To this end, we introduce a new cryptographic primitive, namely, PRE+, which can be seen as the dual of traditional proxy re-encryption (PRE) primitive. All the traditional PRE schemes until now require the delegator (or the delegator and the delegatee cooperatively) to generate the re-encryption keys. We observe that this is not the only way to generate the re-encryption keys, the encrypter also has the ability to generate re-encryption keys. Based on this observation, we construct a new PRE+ scheme, which is almost the same as the traditional PRE scheme except the re-encryption keys generated by the encrypter. Compared with PRE, our PRE+ scheme can easily achieve the non-transferable property and message-level based fine-grained delegation. Thus our Scanf framework based on PRE+ can also achieve these two properties, which is very important for users of cloud storage sharing service. We also roughly evaluate our PRE+ scheme’s performance and the results show that our scheme is efficient and practica for cloud data storage applications.
Wang, X.; Xhafa, F.; Ma, J.; Cao, Y.; Tang, D. International journal of web and grid services Vol. 13, num. 1, p. 25-48 DOI: 10.1504/IJWGS.2017.10002839 Data de publicació: 2017-02-06 Article en revista
In this paper, we propose a novel way to provide a fully homomorphic encryption service, namely by using garbled circuits. From a high level perspective, garbled circuits and fully homomorphic encryption, both aim at implementing complex computation on ciphertexts. We define a new cryptographic primitive named reusable garbled gate, which comes from the area of garbled circuits, then based on this new primitive we show that it is very easy to construct a fully homomorphic encryption. However, the instantiation of reusable garbled gates is rather difficult, in fact, we can only instantiate this new primitive based on indistinguishable obfuscation. Furthermore, reusable garbled gates can be a core component for constructing the reusable garbled circuits, which can reduce the communication complexity of them from O(n) to O(1). We believe that reusable garbled gates promise a new way to provide fully homomorphic encryption and reusable garbled circuits service fast.
Caballé , Santi; Miguel, J.; Xhafa, F.; Capuano, N.; Conesa, J. International journal of web and grid services Vol. 13, num. 1, p. 49-74 DOI: 10.1504/IJWGS.2017.10002835 Data de publicació: 2017-01-27 Article en revista
The paper presents innovative trustworthy services to support secure e-assessment in web-based collaborative learning grids. Although e-Learning has been widely adopted, there exist still drawbacks which limit their potential. Among these limitations, we investigate information security requirements in on-line assessment learning activities, (e-assessment). In previous research, we proposed a trustworthiness model to support secure e-assessment requirements for e-Learning. In this paper, we present effective applications of our approach by integrating flexible and interoperable Web based secure e-learning services based on our trustworthiness model into e-assessment activities in on-line collaborative learning courses. Moreover, we leverage Grid technology to meet further demanding requirements of collaborative learning applications in terms of computation performance and management of large data sets, in order for the trustworthy collaborative learning services to be continuously adapted, adjusted, and personalised to each specific target learning group. Evaluation in a real context is provided while implications of this study are eventually remarked and discussed.
Nowadays Cloud computation has become a commonplace information service paradigm for all actors in ICT field, from individuals to big corporates. In particular, Cloud platforms and data centres are being used each time more for outsourcing data. However, data owners often worry about their data security and privacy before outsourcing the data to the Cloud, thus it is often a practice to first encrypt the data sets and then outsource them to the Cloud. The drawback of this approach is that, if the encryption scheme can only achieve chosen plaintext security, it cannot be assured to achieve strong security against many kinds of malicious adversaries in the Cloud setting. The chosen ciphertext security is essential for outsourcing ciphertexts to the Cloud, on the other hand, in most cases the data owners prefer to choose high-efficient encryption schemes for saving computation and communication costs. In this paper, we propose a new way to achieve chosen ciphertext security for Elgamal encryption scheme, which is a very basic and usual primitive for encapsulating block data encryption keys. We propose two new chosen ciphertext attack (CCA) secure schemes. The first one, which is a public key encryption proved secure in the random oracle based on the computational Diffie-Hellman (CDH) assumption, has almost no additional overhead compared with the traditional (indistinguishable under chosen plaintext attack secure Elgamal scheme, except one additional modular exponentiation for the decryption. The second scheme, which is a key encapsulation mechanism (KEM) proved secure in the standard model based on a new non-interactive assumption, has only two group elements as the encapsulations. Thus we solve the open problem left by Hanaoka et al. in Crypto'12, which consists in how to construct anindistinguishable under chosen ciphertext attack secure KEM without pairings based on a non-interactive assumption and with two group element encapsulations. To prove the scheme's security, we develop a new assumption called verifiable CDH assumption. We also generalise our technique to several existing well-known CCA secure KEMs, including the Boneh-Mei-Waters (BMW) KEM and the Hofheinz-Kiltz (HK) KEM, and show that our new schemes are even more efficient than these well-known schemes. Finally, we propose a new framework for efficient and secure data outsourcing to the Cloud based on our new schemes and present a rough analysis of its security.
Lala, A.; Kolici, V.; Oda, T.; Barolli, L.; Barolli, A.; Xhafa, F. International journal of web and grid services Vol. 11, num. 3, p. 327-346 DOI: 10.1504/IJWGS.2015.070986 Data de publicació: 2015-07 Article en revista
In this work, we present WMN-HC and WMN-SA systems which are based on Hill Climbing (HC) and Simulated Annealing (SA) for location assignment of mesh routers in Wireless Mesh Networks (WMNs). As evaluation metrics, we used throughput, one-way delay, jitter, fairness index and residual energy. The simulation results show that for WMN-HC, the throughput of 24 mesh routers is good for both WMN architectures. But, for WMN-SA, the throughput is almost the same. For WMN-HC, the delay and jitter of 24 mesh routers is low for both WMN architectures. However, for WMN-SA, the delay and jitter of 32 mesh routers is higher for I/B WMN architecture. For WMN-HC, the fairness index of 16 mesh routers is high for Hybrid WMN architecture. But, for WMN-SA, the fairness index of 32 mesh routers is high for I/B WMN architecture. For 16 and 32 mesh routers, the remaining energy of WMN-HC is higher than WMN-SA.
Pop, F.; Dobre, C.; Cristea , V.; Bessis, N.; Xhafa, F.; Barolli, L. International journal of web and grid services Vol. 11, num. 1, p. 4-20 DOI: 10.1504/IJWGS.2015.067159 Data de publicació: 2015-01-01 Article en revista
Self-adaptation provides software with flexibility to different behaviours (configurations) it incorporates and the (semi-) autonomous ability to switch between these behaviours in response to changes. To empower clouds with the ability to capture and respond to quality feedback provided by users at runtime, we propose a reputation guided genetic scheduling algorithm for independent tasks. Current resource management services consider evolutionary strategies to improve the performance on resource allocation procedures or tasks scheduling algorithms, but they fail to consider the user as part of the scheduling process. Evolutionary computing offers different methods to find a near-optimal solution. In this paper we extended previous work with new optimisation heuristics for the problem of scheduling. We show how reputation is considered as an optimisation metric, and analyse how our metrics can be considered as upper bounds for others in the optimisation algorithm. By experimental comparison, we show our techniques can lead to optimised results.
Oda, T.; Sakamoto, S.; Barolli, A.; Spaho, E.; Barolli, L.; Xhafa, F. International journal of web and grid services Vol. 10, num. 4, p. 371-395 DOI: 10.1504/IJWGS.2014.064932 Data de publicació: 2014-01-01 Article en revista
Grid computing have emerged as scientific and technical work, where geographically distributed computers, are used to create virtual supercomputers of vast amount of computing capacity able to solve complex problems in less time than before. Thus, within the last years we have witnessed how grid computing has helped to achieve breakthroughs in meteorology, physics and other computing-intensive fields. Wireless Mesh Networks (WMNs) are particularly suited for providing the communications required for a robust, self-healing grid architecture. The good performance and operability of WMNs depend on placement of mesh routers nodes in the geographical deployment area. In this paper, we consider the grid topology and evaluate the performance of WMN-GA system for node placement problem in WMNs. We consider different distributions of mesh clients and different grid shapes. The simulation results show the effect of grid shapes in the performance of WMN-GA. The system performs better for normal distribution.
Self-adaptation enables distributed software to modify its behaviour based on changes in the operating environment. In large-scale information systems for cloud computing that use hierarchical data aggregation, self-adaption may be used to respond to an approximate query, thereby reducing use of network bandwidth and retrieval time. We present a novel algorithm that uses an Analytic Hierarchical Process (AHP) in order to apply self-adaption to approximate queries based on network-awareness. The AHP-based algorithm provides a trade-off among network usage, retrieval time and the accuracy of the retrieved results. Simulations show that the number of needed messages reduces with AHP to a constant upper bound. The retrieval time reduces to a constant factor under an increasing number of nodes. Our results demonstrate that the algorithm is able to provide responses with the required accuracy, primarily by adapting the depth of the query based on the number of messages and the network conditions.
Xhafa, F.; Kolodziej, J.; Barolli, L.; Kolici, V.; Miho, R.; Takizawa, M. International journal of web and grid services Vol. 8, num. 2, p. 134-152 DOI: 10.1504/IJWGS.2012.048402 Data de publicació: 2012-08 Article en revista
Bessis, N.; Sotiriadis, S.; Xhafa, F.; POP, F.; Cristea , V. International journal of web and grid services Vol. 8, num. 2, p. 153-172 DOI: 10.1504/IJWGS.2012.048403 Data de publicació: 2012 Article en revista
Xhafa, F.; Paniagua, C.; Barolli, L.; Caballe, S. International journal of web and grid services Vol. 6, num. 2, p. 124-140 DOI: 10.1504/IJWGS.2010.033788 Data de publicació: 2010-06 Article en revista
Francesc, G.; Rodero, I.; Corbalan, J.; Labarta, J.; Oleksiak, A.; Nabrzyski, J. International journal of web and grid services Vol. 3, num. 3, p. 333-353 DOI: 10.1504/IJWGS.2007.014956 Data de publicació: 2007-08 Article en revista
Computational Grids (CGs) are nowadays successfully responding to increasing needs for high computation power. A key issue in CGs is the scheduling, which demands for efficient methods. In this work, we consider the scheduling problem in immediate mode, in which jobs are allocated as soon as they arrive in the system. This type of scheduling arises in many grid-based applications, especially, in real-time applications. We have implemented five immediate scheduling methods and have measured their performance with respect to four parameters: makespan, flowtime, resource utilisation and matching proximity by using a simulation benchmark for heterogeneous distributed systems. The computational results showed the performance of the immediate scheduling methods and allowed us to evaluate the advantages of these methods if we knew in advance certain grid characteristics (consistency of computing, heterogeneity of jobs and resources). The usefulness of the presented methods in web and grid scheduling services is also discussed.
Despite recent advances, grid and P2P systems remain difficult for many users to bring to real-world applications. One difficulty is the lack of schedulers for such systems. In this work, we consider the allocations of jobs to resources using batch mode methods. These methods are able to provide fast planning by exploring characteristics of distributed and highly heterogeneous systems. In evaluating these methods, four parameters of the system are measured: makespan, flowtime, resource utilisation and matching proximity. These methods were tested using the benchmark model of Braun et al. (2001) for distributed heterogeneous systems. Based on the computational results, we evaluate the performance of these methods with regard to the four considered metrics. Also, we evaluate the usefulness of batch methods when grid characteristics, such as degree of consistency of computing and heterogeneity of jobs and resources, are known in advance. We observe that batch mode methods are beneficial to grid scheduling services, for adaptively providing these services according to the grid infrastructure characteristics.