Cloud computing economically enables the paradigm of data service outsourcing. However, to protect data privacy, sensitive cloud data have to be encrypted before outsourced to the commercial public ...cloud, which makes effective data utilization service a very challenging task. Although traditional searchable encryption techniques allow users to securely search over encrypted data through keywords, they support only Boolean search and are not yet sufficient to meet the effective data utilization need that is inherently demanded by large number of users and huge amount of data files in cloud. In this paper, we define and solve the problem of secure ranked keyword search over encrypted cloud data. Ranked search greatly enhances system usability by enabling search result relevance ranking instead of sending undifferentiated results, and further ensures the file retrieval accuracy. Specifically, we explore the statistical measure approach, i.e., relevance score, from information retrieval to build a secure searchable index, and develop a one-to-many order-preserving mapping technique to properly protect those sensitive score information. The resulting design is able to facilitate efficient server-side ranking without losing keyword privacy. Thorough analysis shows that our proposed solution enjoys "as-strong-as-possible" security guarantee compared to previous searchable encryption schemes, while correctly realizing the goal of ranked keyword search. Extensive experimental results demonstrate the efficiency of the proposed solution.
Research data have expanded in their gradation of the risks associated with both re-identification and harm, which has created a need for multiple levels of access controls beyond public and ...restricted access. Public-access data have typically been available for download from websiteswhile restricted-access data usually require an application and formal authorization process. The old paradigm of classifying data as public-access or restricted-access is no longer sufficient. Access to research data requires more nuance to ensure the protection of human subjects.In this paper, we describe seven tiers of access to research data. Each tier adds requirements that are necessary to mitigate disclosure risk and confirm appropriate management of the data. Improper handling of the data includes attempting to find a specific individual or household or failing to follow disclosure protection rules for data and output included in papers and presentations. By establishing a ladder of access conditions, each higher tier meets and exceeds the requirements of the lower tiers. While the highest tier meets all requirements, this tier will impede legitimate research for most data. The challenge for repositories is to provide access in a manner that promotes research while specifying security that provides appropriate protections against the risks of re-identification and harm. The tiers operationalize risk management options. The requirements of the research data determine the appropriate tier.Several articles and reports develop frameworks for providing access to research data. We review these frameworks as well as the current practices at data archives and describe how our approach differs from these paradigms. While tiered access to research data is not a new idea, more than two or three levels are needed to meet the diverse needs of the research community. The tiered approach enables repositories to require sufficient security controls without creating unnecessary impediments to research
Sharing data produced through health research projects has been increasingly recognized as a way to advance science more rapidly by facilitating discovery and increasing rigor and reproducibility. ...Much of the data collected from human subjects includes sufficient sociodemographic detail and/or covers sensitive topics, and thus requires restricted data management and sharing practices. Over the last two decades, scientific organizations, presidential memoranda, and other sources have all called for increasing opportunities to share data. Recognizing the value of shared data, the National Institutes of Health issued a new Data Management and Sharing Policy, effective January 25, 2023. Prior to this updated policy, in 2009, the National Institute on Drug Abuse recognized the value of sharing data and established an archive, the National Addiction and HIV Data Archive Program. This program focused on sharing data, often highly sensitive, generated from social and behavioral addiction research, including quantitative and qualitative assessments as well as biomarker and imaging data. NAHDAP has developed practices and curation standards to ensure datasets are improved and usable, and provides technical assistance for both data depositors and users. We share three key lessons learned working to disseminate sensitive data over the last 13 years, including (1) protecting the confidentiality of human subjects; (2) ensuring careful consideration of costs for archiving data requiring protection ; and (3) providing support to facilitate the discovery and use of the data.
With a growing demand for data reuse and open data within the scientific ecosystem, protecting the confidentiality and privacy of survey data is increasingly important. It requires more than legal ...procedures and technological controls; it requires social and behavioral intervention. In this research note, we delineate the disclosure risks of various types of survey data (i.e., longitudinal data, social network data, sensitive information and biomarkers, and geographic data), the current motivation for data reuse and challenges to data protection. Despite rigorous efforts to protect data, there are still threats to mitigate the protection of confidentiality in microdata. Unintentional data breaches, protocol violations, and the misuse of data are observed even in well-established restricted data access systems, which indicates that the systems all may rely heavily on trust. Creating and maintaining that trust is critical to secure data access. We suggest four ways of building trust; User-Centered Design Practices; Promoting Trust for Protecting Confidential Data; General Training in Research Ethics; Specific Training in Data Security Protocols, with an example of a new project ‘Researcher Passport’ by the Inter-university Consortium for Political and Social Research. Continuous user-focused improvements in restricted data access systems are necessary so that we promote a culture of trust among the research and data user community, train both in the general topic of responsible research and in the specific requirements of these systems, and offer systematic and holistic solutions.
Cloud computing economically enables customers with limited computational resources to outsource large-scale computations to the cloud. However, how to protect customers' confidential data involved ...in the computations then becomes a major security concern. In this paper, we present a secure outsourcing mechanism for solving large-scale systems of linear equations (LE) in cloud. Because applying traditional approaches like Gaussian elimination or LU decomposition (aka. direct method) to such large-scale LEs would be prohibitively expensive, we build the secure LE outsourcing mechanism via a completely different approach-iterative method, which is much easier to implement in practice and only demands relatively simpler matrix-vector operations. Specifically, our mechanism enables a customer to securely harness the cloud for iteratively finding successive approximations to the LE solution, while keeping both the sensitive input and output of the computation private. For robust cheating detection, we further explore the algebraic property of matrix-vector operations and propose an efficient result verification mechanism, which allows the customer to verify all answers received from previous iterative approximations in one batch with high probability. Thorough security analysis and prototype experiments on Amazon EC2 demonstrate the validity and practicality of our proposed design.
Internet of Things (IoT) is a domain wherein which the transfer of data is taking place every single second. The security of these data is a challenging task; however, security challenges can be ...mitigated with cryptography and steganography techniques. These techniques are crucial when dealing with user authentication and data privacy. In the proposed work, the elliptic Galois cryptography protocol is introduced and discussed. In this protocol, a cryptography technique is used to encrypt confidential data that came from different medical sources. Next, a Matrix XOR encoding steganography technique is used to embed the encrypted data into a low complexity image. The proposed work also uses an optimization algorithm called Adaptive Firefly to optimize the selection of cover blocks within the image. Based on the results, various parameters are evaluated and compared with the existing techniques. Finally, the data that is hidden in the image is recovered and is then decrypted.
Cloud computing enables an economically promising paradigm of computation outsourcing. However, how to protect customers confidential data processed and generated during the computation is becoming ...the major security concern. Focusing on engineering computing and optimization tasks, this paper investigates secure outsourcing of widely applicable linear programming (LP) computations. Our mechanism design explicitly decomposes LP computation outsourcing into public LP solvers running on the cloud and private LP parameters owned by the customer. The resulting flexibility allows us to explore appropriate security/efficiency tradeoff via higher-level abstraction of LP computation than the general circuit representation. Specifically, by formulating private LP problem as a set of matrices/vectors, we develop efficient privacy-preserving problem transformation techniques, which allow customers to transform the original LP into some random one while protecting sensitive input/output information. To validate the computation result, we further explore the fundamental duality theorem of LP and derive the necessary and sufficient conditions that correct results must satisfy. Such result verification mechanism is very efficient and incurs close-to-zero additional cost on both cloud server and customers. Extensive security analysis and experiment results show the immediate practicability of our mechanism design.
Over the past twenty years, in various countries, secure access to data for the members of the research community was eased in a significant manner. Such data involve microdata and granular data from ...administrative records and detailed individual surveys. While some difficulties remain, the scene has been extensively redesigned, and new players emerged on both sides of the fence: data holders and users, both challenging what seemed to be well-established boundaries. In the French case, access to confidential data for research purposes has been carefully facilitated. The paper analyses the French developments and current achievements, providing insights into how obstacles can be overcome and newly emerging issues
In this article, the oceanographic data management of Taiwan is studied under the analytical framework of transnational legal ordering, whereby the evolution of transnational norm-making in the ...domain of oceanographic data management is being recast through the recursivity process. The status, issues and future challenges of Taiwan’s oceanographic data management can thus be displayed in following dimension: first, the diagnostic struggle between Taiwan’s oceanographic databases and their international counterparts for data standard congruence; second, the institutional contradiction exemplified in the uneven allocation of institutional resource required to advance data integration and exchange; third, the ideological contradiction inhered in different perception and understanding of academic professionals and governmental officials that manage these databases; fourth, wrestling between different professionals in the marine scientific research domain, the Navy and Coast Guard Agency that reifies the issue of actor mismatch and representativeness, and fifth, indeterminacy of law implied in the management of confidential oceanographic data, and rule of exchange with the international oceanographic community. Taiwan’s case also serves an opportune exemplification of how an absent state impacts upon the evolution of transnational norm-making in national oceanographic governance.
•Oceanographic data has served an indispensable role for saving the degradation of marine environment and resources.•There have been repetitive rounds of effort in Taiwan in integrating the oceanographic data scattered country wide.•The oceanographic databases in Taiwan have widely adopted international data standard in their respective field.•Taiwan has encountered serious challenges from the unsettled maritime territorial boundaries in this regard.•Taiwan’s statehood debate entails conflict of authorities between security and scientific research governmental agencies.
PDF
