This page has only limited features, please log in for full access.

Unclaimed
Sana Belguith
School of Science, Environment and Engineering, The University of Salford, Salford M5 4WT, UK

Basic Info

Basic Info is private.

Honors and Awards

The user has no records in this section


Career Timeline

The user has no records in this section.


Short Biography

The user biography is not available.
Following
Followers
Co Authors
The list of users this user is following is empty.
Following: 0 users

Feed

Journal article
Published: 26 March 2021 in Sensors
Reads 0
Downloads 0

Since the purchase of Siri by Apple, and its release with the iPhone 4S in 2011, virtual assistants (VAs) have grown in number and popularity. The sophisticated natural language processing and speech recognition employed by VAs enables users to interact with them conversationally, almost as they would with another human. To service user voice requests, VAs transmit large amounts of data to their vendors; these data are processed and stored in the Cloud. The potential data security and privacy issues involved in this process provided the motivation to examine the current state of the art in VA research. In this study, we identify peer-reviewed literature that focuses on security and privacy concerns surrounding these assistants, including current trends in addressing how voice assistants are vulnerable to malicious attacks and worries that the VA is recording without the user’s knowledge or consent. The findings show that not only are these worries manifold, but there is a gap in the current state of the art, and no current literature reviews on the topic exist. This review sheds light on future research directions, such as providing solutions to perform voice authentication without an external device, and the compliance of VAs with privacy regulations.

ACS Style

Tom Bolton; Tooska Dargahi; Sana Belguith; Mabrook Al-Rakhami; Ali Sodhro. On the Security and Privacy Challenges of Virtual Assistants. Sensors 2021, 21, 2312 .

AMA Style

Tom Bolton, Tooska Dargahi, Sana Belguith, Mabrook Al-Rakhami, Ali Sodhro. On the Security and Privacy Challenges of Virtual Assistants. Sensors. 2021; 21 (7):2312.

Chicago/Turabian Style

Tom Bolton; Tooska Dargahi; Sana Belguith; Mabrook Al-Rakhami; Ali Sodhro. 2021. "On the Security and Privacy Challenges of Virtual Assistants." Sensors 21, no. 7: 2312.

Survey paper
Published: 25 December 2020 in Transactions on Emerging Telecommunications Technologies
Reads 0
Downloads 0

Water covers approximately 71% of the earth surface, yet much of the underwater world remains unexplored due to technology limitations. Internet of Underwater Things (IoUT) is a network of underwater objects that enables monitoring subsea environment remotely. Underwater Wireless Sensor Network (UWSN) is the main enabling technology for IoUT. UWSNs are characterised by the limitations of the underlying acoustic communication medium, high energy consumption, lack of hardware resources to implement computationally intensive tasks and dynamic network topology due to node mobility. These characteristics render UNWSNs vulnerable to different attacks, such as Wormhole, Sybil, flooding, jamming, spoofing, and Denial of Service attacks. This article reviews peer‐reviewed literature that addresses the security challenges and attacks on UWSNs as well as possible mitigative solutions. Findings show that the biggest contributing factors to security threats in UWSNs are the limited energy supply, the limited communication medium and the harsh underwater communication conditions. Researchers in this field agree that the security measures of terrestrial wireless sensor networks are not directly applicable to UWSNs due to the unique nature of the underwater environment where resource management becomes a significant challenge. This article also outlines future research directions on security and privacy challenges of IoUT and UWSN.

ACS Style

Aliyu Gana Yisa; Tooska Dargahi; Sana Belguith; Mohammad Hammoudeh. Security challenges of Internet of Underwater Things: A systematic literature review. Transactions on Emerging Telecommunications Technologies 2020, 32, 1 .

AMA Style

Aliyu Gana Yisa, Tooska Dargahi, Sana Belguith, Mohammad Hammoudeh. Security challenges of Internet of Underwater Things: A systematic literature review. Transactions on Emerging Telecommunications Technologies. 2020; 32 (3):1.

Chicago/Turabian Style

Aliyu Gana Yisa; Tooska Dargahi; Sana Belguith; Mohammad Hammoudeh. 2020. "Security challenges of Internet of Underwater Things: A systematic literature review." Transactions on Emerging Telecommunications Technologies 32, no. 3: 1.

Review article
Published: 30 August 2020 in Journal of Network and Computer Applications
Reads 0
Downloads 0

Personal data are often collected and processed in a decentralized fashion, within different contexts. For instance, with the emergence of distributed applications, several providers are usually correlating their records, and providing personalized services to their clients. Collected data include geographical and indoor positions of users, their movement patterns as well as sensor-acquired data that may reveal users' physical conditions, habits and interests. Consequently, this may lead to undesired consequences such as unsolicited advertisement and even to discrimination and stalking. To mitigate privacy threats, several techniques emerged, referred to as Privacy Enhancing Technologies, PETs for short. On one hand, the increasing pressure on service providers to protect users' privacy resulted in PETs being adopted. One the other hand, service providers have built their business model on personalized services, e.g. targeted ads and news. The objective of the paper is then to identify which of the PETs have the potential to satisfy both usually divergent - economical and ethical - purposes. This paper identifies a taxonomy classifying eight categories of PETs into three groups, and for better clarity, it considers three categories of personalized services. After defining and presenting the main features of PETs with illustrative examples, the paper points out which PETs best fit each personalized service category. Then, it discusses some of the inter-disciplinary privacy challenges that may slow down the adoption of these techniques, namely: technical, social, legal and economic concerns. Finally, it provides recommendations and highlights several research directions.

ACS Style

Nesrine Kaaniche; Maryline Laurent; Sana Belguith. Privacy enhancing technologies for solving the privacy-personalization paradox: Taxonomy and survey. Journal of Network and Computer Applications 2020, 171, 102807 .

AMA Style

Nesrine Kaaniche, Maryline Laurent, Sana Belguith. Privacy enhancing technologies for solving the privacy-personalization paradox: Taxonomy and survey. Journal of Network and Computer Applications. 2020; 171 ():102807.

Chicago/Turabian Style

Nesrine Kaaniche; Maryline Laurent; Sana Belguith. 2020. "Privacy enhancing technologies for solving the privacy-personalization paradox: Taxonomy and survey." Journal of Network and Computer Applications 171, no. : 102807.

Review
Published: 28 June 2020 in Sensors
Reads 0
Downloads 0

The Internet of Things (IoT) is leading today’s digital transformation. Relying on a combination of technologies, protocols, and devices such as wireless sensors and newly developed wearable and implanted sensors, IoT is changing every aspect of daily life, especially recent applications in digital healthcare. IoT incorporates various kinds of hardware, communication protocols, and services. This IoT diversity can be viewed as a double-edged sword that provides comfort to users but can lead also to a large number of security threats and attacks. In this survey paper, a new compacted and optimized architecture for IoT is proposed based on five layers. Likewise, we propose a new classification of security threats and attacks based on new IoT architecture. The IoT architecture involves a physical perception layer, a network and protocol layer, a transport layer, an application layer, and a data and cloud services layer. First, the physical sensing layer incorporates the basic hardware used by IoT. Second, we highlight the various network and protocol technologies employed by IoT, and review the security threats and solutions. Transport protocols are exhibited and the security threats against them are discussed while providing common solutions. Then, the application layer involves application protocols and lightweight encryption algorithms for IoT. Finally, in the data and cloud services layer, the main important security features of IoT cloud platforms are addressed, involving confidentiality, integrity, authorization, authentication, and encryption protocols. The paper is concluded by presenting the open research issues and future directions towards securing IoT, including the lack of standardized lightweight encryption algorithms, the use of machine-learning algorithms to enhance security and the related challenges, the use of Blockchain to address security challenges in IoT, and the implications of IoT deployment in 5G and beyond.

ACS Style

Hichem Mrabet; Sana Belguith; Adeeb Alhomoud; Abderrazak Jemai. A Survey of IoT Security Based on a Layered Architecture of Sensing and Data Analysis. Sensors 2020, 20, 3625 .

AMA Style

Hichem Mrabet, Sana Belguith, Adeeb Alhomoud, Abderrazak Jemai. A Survey of IoT Security Based on a Layered Architecture of Sensing and Data Analysis. Sensors. 2020; 20 (13):3625.

Chicago/Turabian Style

Hichem Mrabet; Sana Belguith; Adeeb Alhomoud; Abderrazak Jemai. 2020. "A Survey of IoT Security Based on a Layered Architecture of Sensing and Data Analysis." Sensors 20, no. 13: 3625.

Journal article
Published: 15 November 2019 in Future Generation Computer Systems
Reads 0
Downloads 0

The ever-growing number of Internet connected devices poses several cybersecurity risks. Most of the exchanged data between the Internet of Things (IoT) devices are not adequately secured due to resource constraints on IoT devices. Attribute Based SignCryption (ABSC) is a powerful cryptographic mechanism suitable for distributed environments, providing flexible access control and data secrecy. However, it imposes high designcryption costs, and does not support access policy update (user addition/revocation). This paper presents PROUD, an ABSC solution, to securely outsource data designcryption process to edge servers in order to reduce the computation overhead on the user side. PROUD allows end-users to offload most of the designcryption overhead to an edge server and verify the correctness of the received partially designcrypted data from the edge server. Moreover, PROUD provides the access policy update feature with neither involving a proxy-server, nor re-signcrypting the signcrypted message and re-distributing the users’ secret keys. The access policy update feature in PROUD does not affect the size of the message received by the end-user which reduces the bandwidth and the storage usage. Our comprehensive theoretical and experimental analysis prove that PROUD outperforms existing schemes in terms of functionality, communication and computation overhead.

ACS Style

Sana Belguith; Nesrine Kaaniche; Mohammad Hammoudeh; Tooska Dargahi. PROUD: Verifiable Privacy-preserving Outsourced Attribute Based SignCryption supporting access policy Update for cloud assisted IoT applications. Future Generation Computer Systems 2019, 111, 899 -918.

AMA Style

Sana Belguith, Nesrine Kaaniche, Mohammad Hammoudeh, Tooska Dargahi. PROUD: Verifiable Privacy-preserving Outsourced Attribute Based SignCryption supporting access policy Update for cloud assisted IoT applications. Future Generation Computer Systems. 2019; 111 ():899-918.

Chicago/Turabian Style

Sana Belguith; Nesrine Kaaniche; Mohammad Hammoudeh; Tooska Dargahi. 2019. "PROUD: Verifiable Privacy-preserving Outsourced Attribute Based SignCryption supporting access policy Update for cloud assisted IoT applications." Future Generation Computer Systems 111, no. : 899-918.

Journal article
Published: 17 September 2019 in Journal of Parallel and Distributed Computing
Reads 0
Downloads 0

In this paper, we propose an accountable privacy preserving attribute-based framework, called Ins-PAbAC, that combines attribute based encryption and attribute based signature techniques for securely sharing outsourced data contents via public cloud servers. The proposed framework presents several advantages. First, it provides an encrypted access control feature, enforced at the data owner’s side, while providing the desired expressiveness of access control policies. Second, Ins-PAbAC preserves users’ privacy, relying on an anonymous authentication mechanism, derived from a privacy preserving attribute based signature scheme that hides the users’ identifying information. Furthermore, our proposal introduces an accountable attribute based signature that enables an inspection authority to reveal the identity of the anonymously-authenticated user if needed. Third, Ins-PAbAC is provably secure, as it is resistant to both curious cloud providers and malicious users adversaries. Finally, experimental results, built upon OpenStack Swift testbed, point out the applicability of the proposed scheme in real world scenarios.

ACS Style

Sana Belguith; Nesrine Kaaniche; Maryline Laurent; Abderrazak Jemai; Rabah Attia. Accountable privacy preserving attribute based framework for authenticated encrypted access in clouds. Journal of Parallel and Distributed Computing 2019, 135, 1 -20.

AMA Style

Sana Belguith, Nesrine Kaaniche, Maryline Laurent, Abderrazak Jemai, Rabah Attia. Accountable privacy preserving attribute based framework for authenticated encrypted access in clouds. Journal of Parallel and Distributed Computing. 2019; 135 ():1-20.

Chicago/Turabian Style

Sana Belguith; Nesrine Kaaniche; Maryline Laurent; Abderrazak Jemai; Rabah Attia. 2019. "Accountable privacy preserving attribute based framework for authenticated encrypted access in clouds." Journal of Parallel and Distributed Computing 135, no. : 1-20.

Special issue article
Published: 02 September 2019 in Security and Privacy
Reads 0
Downloads 0

The ever‐growing number of internet connected devices, coupled with the new computing trends, namely within emerging opportunistic networks, engenders several security concerns. Most of the exchanged data between the internet of things (IoT) devices are not adequately secured due to resource constraints on IoT devices. Attribute‐based encryption is a promising cryptographic mechanism suitable for distributed environments, providing flexible access control to encrypted data contents. However, it imposes high decryption costs, and does not support access policy update, for highly dynamic environments. This paper presents CUPS, an ABE‐based framework for opportunistic cloud of things applications, that securely outsources data decryption process to edge nodes in order to reduce the computation overhead on the user side. CUPS allows end‐users to offload most of the decryption overhead to an edge node and verify the correctness of the received partially decrypted data from the edge node. Moreover, CUPS provides the access policy update feature with neither involving a proxy‐server, nor re‐encrypting the enciphered data contents and re‐distributing the users' secret keys. The access policy update feature in CUPS does not affect the size of the message received by the end‐user, which reduces the bandwidth and the storage usage. Our comprehensive theoretical analysis proves that CUPS outperforms existing schemes in terms of functionality, communication and computation overheads.

ACS Style

Sana Belguith; Nesrine Kaaniche; Giovanni Russello. CUPS: Secure opportunistic cloud of things framework based on attribute‐based encryption scheme supporting access policy update. Security and Privacy 2019, 3, 1 .

AMA Style

Sana Belguith, Nesrine Kaaniche, Giovanni Russello. CUPS: Secure opportunistic cloud of things framework based on attribute‐based encryption scheme supporting access policy update. Security and Privacy. 2019; 3 (4):1.

Chicago/Turabian Style

Sana Belguith; Nesrine Kaaniche; Giovanni Russello. 2019. "CUPS: Secure opportunistic cloud of things framework based on attribute‐based encryption scheme supporting access policy update." Security and Privacy 3, no. 4: 1.

Special issue article
Published: 17 June 2019 in Transactions on Emerging Telecommunications Technologies
Reads 0
Downloads 0

Recent technological advances such as the internet of things, fog computing, and cloud applications lead to exponential growth in the amount of generated data. Indeed, cloud storage services have experienced unprecedented usage demand. The loss of user control over their cloud stored data introduced several security and privacy concerns. To address these concerns, cryptographic techniques are widely adopted at the user side. Attribute‐based cryptography is commonly used to provide encrypted and/or authenticated access to outsourced data in remote servers. However, the use of these cryptographic mechanisms often increase the storage and computation costs; consequently, the energy consumption in the entire cloud ecosystem. In this paper, we provide a comparative analysis of different attribute‐based cryptographic mechanisms suitable for cloud data sharing services. We also provide a detailed discussion of different reviewed schemes, w.r.t. supported features, namely, security, privacy, and functional requirements. In addition, we explore the limitations of existing attribute‐based cryptographic mechanisms and propose future research directions to better fit the growing needs of this cloud environment in terms of energy savings, processing and storage efficiency, and availability requirements.

ACS Style

Sana Belguith; Nesrine Kaaniche; Mohammad Ali Hammoudeh. Analysis of attribute‐based cryptographic techniques and their application to protect cloud services. Transactions on Emerging Telecommunications Technologies 2019, 1 .

AMA Style

Sana Belguith, Nesrine Kaaniche, Mohammad Ali Hammoudeh. Analysis of attribute‐based cryptographic techniques and their application to protect cloud services. Transactions on Emerging Telecommunications Technologies. 2019; ():1.

Chicago/Turabian Style

Sana Belguith; Nesrine Kaaniche; Mohammad Ali Hammoudeh. 2019. "Analysis of attribute‐based cryptographic techniques and their application to protect cloud services." Transactions on Emerging Telecommunications Technologies , no. : 1.

Journal article
Published: 13 February 2019 in IEEE Transactions on Professional Communication
Reads 0
Downloads 0
ACS Style

Shujie Cui; Sana Belguith; Pramodya De Alwis; Muhammad Rizwan Asghar; Giovanni Russello. Collusion Defender: Preserving Subscribers' Privacy in Publish and Subscribe Systems. IEEE Transactions on Professional Communication 2019, 1 -1.

AMA Style

Shujie Cui, Sana Belguith, Pramodya De Alwis, Muhammad Rizwan Asghar, Giovanni Russello. Collusion Defender: Preserving Subscribers' Privacy in Publish and Subscribe Systems. IEEE Transactions on Professional Communication. 2019; ():1-1.

Chicago/Turabian Style

Shujie Cui; Sana Belguith; Pramodya De Alwis; Muhammad Rizwan Asghar; Giovanni Russello. 2019. "Collusion Defender: Preserving Subscribers' Privacy in Publish and Subscribe Systems." IEEE Transactions on Professional Communication , no. : 1-1.

Conference paper
Published: 18 December 2018 in Privacy Enhancing Technologies
Reads 0
Downloads 0

Recent years have witnessed the trend of increasingly relying on remote and distributed infrastructures. This increases the complexity of access control to data, where access control policies should be flexible and distinguishable among users with different privileges. In this paper, we present \(\mathsf {EMA}\)-\(\mathsf {LAB}\), a novel Multi Authorisation Level Attribute Based Access Control with short ciphertexts size. It relies on the usage of a constant-size threshold attribute based encryption scheme. The \(\mathsf {EMA}\)-\(\mathsf {LAB}\) scheme is multifold. First, it ensures a selective access to encrypted data with respect to different security levels. Second, the proposed construction protects the secrecy of enciphered contents against malicious adversaries, even in case of colluding users. Third, \(\mathsf {EMA}\)-\(\mathsf {LAB}\) relies on low computation and communication processes, mainly for resource-constrained devices, compared to most closely related schemes.

ACS Style

Nesrine Kaaniche; Sana Belguith; Giovanni Russello. EMA-LAB: Efficient Multi Authorisation Level Attribute Based Access Control. Privacy Enhancing Technologies 2018, 187 -201.

AMA Style

Nesrine Kaaniche, Sana Belguith, Giovanni Russello. EMA-LAB: Efficient Multi Authorisation Level Attribute Based Access Control. Privacy Enhancing Technologies. 2018; ():187-201.

Chicago/Turabian Style

Nesrine Kaaniche; Sana Belguith; Giovanni Russello. 2018. "EMA-LAB: Efficient Multi Authorisation Level Attribute Based Access Control." Privacy Enhancing Technologies , no. : 187-201.

Conference paper
Published: 18 October 2018 in Transactions on Petri Nets and Other Models of Concurrency XV
Reads 0
Downloads 0

The deployment of IoT devices is gaining an expanding interest in our daily life. Indeed, IoT networks consist in interconnecting several smart and resource constrained devices to enable advanced services. Security management in IoT is a big challenge as personal data are shared by a huge number of distributed services and devices. In this paper, we propose a Cooperative Data Aggregation solution based on a novel use of Attribute Based signcryption scheme (\(\mathsf {Coop}\)-\(\mathsf {DAAB}\)). \(\mathsf {Coop}\)-\(\mathsf {DAAB}\) consists in distributing data signcryption operation between different participating entities (i.e., IoT devices). Indeed, each IoT device encrypts and signs in only one step the collected data with respect to a selected sub-predicate of a general access predicate before forwarding to an aggregating entity. This latter is able to aggregate and decrypt collected data if a sufficient number of IoT devices cooperates without learning any personal information about each participating device. Thanks to the use of an attribute based signcryption scheme, authenticity of data collected by IoT devices is proved while protecting them from any unauthorized access.

ACS Style

Sana Belguith; Nesrine Kaaniche; Mohamed Mohamed; Giovanni Russello. Coop-DAAB: Cooperative Attribute Based Data Aggregation for Internet of Things Applications. Transactions on Petri Nets and Other Models of Concurrency XV 2018, 498 -515.

AMA Style

Sana Belguith, Nesrine Kaaniche, Mohamed Mohamed, Giovanni Russello. Coop-DAAB: Cooperative Attribute Based Data Aggregation for Internet of Things Applications. Transactions on Petri Nets and Other Models of Concurrency XV. 2018; ():498-515.

Chicago/Turabian Style

Sana Belguith; Nesrine Kaaniche; Mohamed Mohamed; Giovanni Russello. 2018. "Coop-DAAB: Cooperative Attribute Based Data Aggregation for Internet of Things Applications." Transactions on Petri Nets and Other Models of Concurrency XV , no. : 498-515.

Conference paper
Published: 01 August 2018 in 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE)
Reads 0
Downloads 0

Publish and subscribe (pub/sub) system is a decoupled communication paradigm that allows routing of publications. Through a set of dedicated third party servers, referred to as brokers, publications are disseminated without establishing any link between publishers and subscribers. However, the involvement of these brokers raises security and privacy issues as they can harvest sensitive data about subscribers. Furthermore, a malicious broker may collude with malicious subscribers and/or publishers to infer subscribers' interests. Our solution is such that subscribers' interests are not revealed to curious brokers and published data can only be accessed by the authorised subscribers. Moreover, the proposed protocol is secure against the collusion attacks between malicious brokers, publishers, and subscribers.

ACS Style

Shujie Cui; Sana Belguith; Pramodya De Alwis; Muhammad Rizwan Asghar; Giovanni Russello. Malicious Entities are in Vain: Preserving Privacy in Publish and Subscribe Systems. 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE) 2018, 1624 -1627.

AMA Style

Shujie Cui, Sana Belguith, Pramodya De Alwis, Muhammad Rizwan Asghar, Giovanni Russello. Malicious Entities are in Vain: Preserving Privacy in Publish and Subscribe Systems. 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). 2018; ():1624-1627.

Chicago/Turabian Style

Shujie Cui; Sana Belguith; Pramodya De Alwis; Muhammad Rizwan Asghar; Giovanni Russello. 2018. "Malicious Entities are in Vain: Preserving Privacy in Publish and Subscribe Systems." 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE) , no. : 1624-1627.

Conference paper
Published: 01 July 2018 in 2018 IEEE 11th International Conference on Cloud Computing (CLOUD)
Reads 0
Downloads 0

Cloud-assisted IoT applications are gaining an expanding interest, such that IoT devices are deployed in different distributed environments to collect and outsource sensed data to remote servers for further processing and sharing among users. On the one hand, in several applications, collected data are extremely sensitive and need to be protected before outsourcing. Generally, encryption techniques are applied at the data producer side to protect data from adversaries as well as curious cloud provider. On the other hand, sharing data among users requires fine grained access control mechanisms. To ensure both requirements, Attribute Based Encryption (ABE) has been widely applied to ensure encrypted access control to outsourced data. Although, ABE ensures fine grained access control and data confidentiality, updates of used access policies after encryption and outsourcing of data remains an open challenge. In this paper, we design PU-ABE, a new variant of key policy attribute based encryption supporting efficient access policy update that captures attributes addition to access policies. PU-ABE contributions are multifold. First, access policies involved in the encryption can be updated without requiring sharing secret keys between the cloud server and the data owners neither re-encrypting data. Second, PU-ABE ensures privacy preserving and fine grained access control to outsourced data. Third, ciphertexts received by the end-user are constant sized and independent from the number of attributes used in the access policy which affords low communication and storage costs.

ACS Style

Sana Belguith; Nesrine Kaaniche; Giovanni Russello. PU-ABE: Lightweight Attribute-Based Encryption Supporting Access Policy Update for Cloud Assisted IoT. 2018 IEEE 11th International Conference on Cloud Computing (CLOUD) 2018, 924 -927.

AMA Style

Sana Belguith, Nesrine Kaaniche, Giovanni Russello. PU-ABE: Lightweight Attribute-Based Encryption Supporting Access Policy Update for Cloud Assisted IoT. 2018 IEEE 11th International Conference on Cloud Computing (CLOUD). 2018; ():924-927.

Chicago/Turabian Style

Sana Belguith; Nesrine Kaaniche; Giovanni Russello. 2018. "PU-ABE: Lightweight Attribute-Based Encryption Supporting Access Policy Update for Cloud Assisted IoT." 2018 IEEE 11th International Conference on Cloud Computing (CLOUD) , no. : 924-927.

Conference paper
Published: 01 July 2018 in 2018 27th International Conference on Computer Communication and Networks (ICCCN)
Reads 0
Downloads 0

Outsourcing sensitive data and operations to untrusted cloud providers is considered a challenging issue. To perform a search operation, even if both the data and the query are encrypted, attackers still can learn which data locations match the query and what results are returned to the user. This kind of leakage is referred to as data access pattern. Indeed, using access pattern leakage, attackers can easily infer the content of the data and the query. Oblivious RAM (ORAM), Fully Homomorphic Encryption (FHE), and secure Multi- Party Computation (MPC) offer a higher level of security but incur high computation and communication overheads. One promising practical approach to process the outsourced data efficiently and securely is leveraging trusted hardware like Intel SGX. Recently, several SGX- based solutions have been proposed in the literature. However, those solutions suffer from side channel attacks, high overheads of context switching, or limited SGX memory. In this paper, we present an SGX-assisted scheme for performing search over encrypted data. Our solution protects access pattern against side channel attacks while ensuring search efficiency. It can process large databases without requiring any long-term storage on SGX. We have implemented a prototype of the scheme and evaluated its performance using a dataset of 1 million records. The equality query and range query can be completed in 11 and 40 milliseconds, respectively. Comparing with ORAM- based solutions, such as ObliDB, our scheme is more than 10x faster.

ACS Style

Shujie Cui; Sana Belguith; Ming Zhang; Muhammad Rizwan Asghar; Giovanni Russello. Preserving Access Pattern Privacy in SGX-Assisted Encrypted Search. 2018 27th International Conference on Computer Communication and Networks (ICCCN) 2018, 1 -9.

AMA Style

Shujie Cui, Sana Belguith, Ming Zhang, Muhammad Rizwan Asghar, Giovanni Russello. Preserving Access Pattern Privacy in SGX-Assisted Encrypted Search. 2018 27th International Conference on Computer Communication and Networks (ICCCN). 2018; ():1-9.

Chicago/Turabian Style

Shujie Cui; Sana Belguith; Ming Zhang; Muhammad Rizwan Asghar; Giovanni Russello. 2018. "Preserving Access Pattern Privacy in SGX-Assisted Encrypted Search." 2018 27th International Conference on Computer Communication and Networks (ICCCN) , no. : 1-9.

Conference paper
Published: 01 July 2018 in 2018 IEEE International Conference on Services Computing (SCC)
Reads 0
Downloads 0

In this paper, we present C-ABSC, a cooperative privacy preserving attribute based signcryption mechanism. It consists on performing the combined signing and encrypting processes of a set of data devices' inputs in a secure collaborative manner. The main idea behind C-ABSC relies on the distribution of the signcrypting operation among different devices, with respect to selected sub-sets of a general access predicate, such as an untrusted aggregating entity is capable of decrypting the received aggregated data only if a sufficient number of IoT devices cooperates. The C-ABSC scheme is multifold. First, it provides a selective access to authenticated aggregated data contents. Second, it provides a privacy preserving signcrypting process, such that a curious aggregator can neither infer the used IoT device's attributes for signing nor deciphering single data chunks. Third, C-ABSC relies on low computation and communication processes, mainly for resource-constrained devices.

ACS Style

Sana Belguith; Nesrine Kaaniche; Mohamed Mohamed; Giovanni Russello. C-ABSC: Cooperative Attribute Based SignCryption Scheme for Internet of Things Applications. 2018 IEEE International Conference on Services Computing (SCC) 2018, 245 -248.

AMA Style

Sana Belguith, Nesrine Kaaniche, Mohamed Mohamed, Giovanni Russello. C-ABSC: Cooperative Attribute Based SignCryption Scheme for Internet of Things Applications. 2018 IEEE International Conference on Services Computing (SCC). 2018; ():245-248.

Chicago/Turabian Style

Sana Belguith; Nesrine Kaaniche; Mohamed Mohamed; Giovanni Russello. 2018. "C-ABSC: Cooperative Attribute Based SignCryption Scheme for Internet of Things Applications." 2018 IEEE International Conference on Services Computing (SCC) , no. : 245-248.

Conference paper
Published: 01 May 2018 in 2018 IEEE Conference on Communications and Network Security (CNS)
Reads 0
Downloads 0

In dynamic environments such as disaster management, mechanisms for the controlled override of access restrictions, a.k.a. break-glass need to be supported. These access control mechanisms should ensure access to facilities, for example, an office building, in an emergency situation, without relying on the use of an online authentication server as connectivity might not be available. In this paper, we propose a break-glass access control mechanism based on a novel use of QR codes, Shamir's Secret Sharing Scheme and Attribute Based Encryption. Our proposed solution is such that a secret access key is split using Shamir's secret sharing scheme and encrypted using attribute based encryption, then encoded in a QR code. Subsequently, emergency actors scan the QR code and recover the individual secret key using their attributes satisfying an access policy associated with the ciphertext. The novelty of our solution lies in the fact that a flexible access control is ensured only when a sufficient number of authorized users collaborate to get access to a building without requiring an online third party. In addition, the access secret key is only decrypted by the authorized users thanks to the use of an attribute based encryption scheme. Finally, we demonstrate the feasibility and the efficiency of the solution by implementing a prototype and analysing its performance.

ACS Style

Sana Belguith; Sarada Prasad Gochhayat; Mauro Conti; Giovanni Russello. Emergency Access Control Management Via Attribute Based Encrypted QR Codes. 2018 IEEE Conference on Communications and Network Security (CNS) 2018, 1 -8.

AMA Style

Sana Belguith, Sarada Prasad Gochhayat, Mauro Conti, Giovanni Russello. Emergency Access Control Management Via Attribute Based Encrypted QR Codes. 2018 IEEE Conference on Communications and Network Security (CNS). 2018; ():1-8.

Chicago/Turabian Style

Sana Belguith; Sarada Prasad Gochhayat; Mauro Conti; Giovanni Russello. 2018. "Emergency Access Control Management Via Attribute Based Encrypted QR Codes." 2018 IEEE Conference on Communications and Network Security (CNS) , no. : 1-8.

Conference paper
Published: 09 April 2018 in Proceedings of the 33rd Annual ACM Symposium on Applied Computing
Reads 0
Downloads 0
ACS Style

Sana Belguith; Shujie Cui; Muhammad Rizwan Asghar; Giovanni Russello. Secure publish and subscribe systems with efficient revocation. Proceedings of the 33rd Annual ACM Symposium on Applied Computing 2018, 388 -394.

AMA Style

Sana Belguith, Shujie Cui, Muhammad Rizwan Asghar, Giovanni Russello. Secure publish and subscribe systems with efficient revocation. Proceedings of the 33rd Annual ACM Symposium on Applied Computing. 2018; ():388-394.

Chicago/Turabian Style

Sana Belguith; Shujie Cui; Muhammad Rizwan Asghar; Giovanni Russello. 2018. "Secure publish and subscribe systems with efficient revocation." Proceedings of the 33rd Annual ACM Symposium on Applied Computing , no. : 388-394.

Journal article
Published: 01 March 2018 in Computer Networks
Reads 0
Downloads 0

Attribute based encryption (ABE) is an encrypted access control mechanism that ensures efficient data sharing among dynamic group of users. Nevertheless, this encryption technique presents two main drawbacks, namely high decryption cost and publicly shared access policies, thus leading to possible users’ privacy leakage. In this paper, we introduce PHOABE, a Policy-Hidden Outsourced ABE scheme. Our construction presents several advantages. First, it is a multi-attribute authority ABE scheme. Second, the expensive computations for the ABE decryption process is partially delegated to a Semi Trusted Cloud Server. Third, users’ privacy is protected thanks to a hidden access policy. Fourth, PHOABE is proven to be selectively secure, verifiable and policy privacy preserving under the random oracle model. Five, estimation of the processing overhead proves its feasibility in IoT constrained environments.

ACS Style

Sana Belguith; Nesrine Kaaniche; Maryline Laurent; Abderrazak Jemai; Rabah Attia. PHOABE: Securely outsourcing multi-authority attribute based encryption with policy hidden for cloud assisted IoT. Computer Networks 2018, 133, 141 -156.

AMA Style

Sana Belguith, Nesrine Kaaniche, Maryline Laurent, Abderrazak Jemai, Rabah Attia. PHOABE: Securely outsourcing multi-authority attribute based encryption with policy hidden for cloud assisted IoT. Computer Networks. 2018; 133 ():141-156.

Chicago/Turabian Style

Sana Belguith; Nesrine Kaaniche; Maryline Laurent; Abderrazak Jemai; Rabah Attia. 2018. "PHOABE: Securely outsourcing multi-authority attribute based encryption with policy hidden for cloud assisted IoT." Computer Networks 133, no. : 141-156.

Conference paper
Published: 01 January 2018 in Proceedings of the 10th International Conference on Security and Cryptography
Reads 0
Downloads 0
ACS Style

Sana Belguith; Nesrine Kaaniche; Giovanni Russello. Lightweight Attribute-based Encryption Supporting Access Policy Update for Cloud Assisted IoT. Proceedings of the 10th International Conference on Security and Cryptography 2018, 1 .

AMA Style

Sana Belguith, Nesrine Kaaniche, Giovanni Russello. Lightweight Attribute-based Encryption Supporting Access Policy Update for Cloud Assisted IoT. Proceedings of the 10th International Conference on Security and Cryptography. 2018; ():1.

Chicago/Turabian Style

Sana Belguith; Nesrine Kaaniche; Giovanni Russello. 2018. "Lightweight Attribute-based Encryption Supporting Access Policy Update for Cloud Assisted IoT." Proceedings of the 10th International Conference on Security and Cryptography , no. : 1.

Conference paper
Published: 01 January 2018 in Proceedings of the 10th International Conference on Security and Cryptography
Reads 0
Downloads 0

Cloud-assisted IoT applications are gaining an expanding interest, such that IoT devices are deployed in different distributed environments to collect and outsource sensed data to remote servers for further processing and sharing among users. On the one hand, in several applications, collected data are extremely sensitive and need to be protected before outsourcing. Generally, encryption techniques are applied at the data producer side to protect data from adversaries as well as curious cloud provider. On the other hand, sharing data among users requires fine grained access control mechanisms. To ensure both requirements, Attribute Based Encryption (ABE) has been widely applied to ensure encrypted access control to outsourced data. Although, ABE ensures fine grained access control and data confidentiality, updates of used access policies after encryption and outsourcing of data remains an open challenge. In this paper, we design PU-ABE, a new variant of key policy attribute based encr

ACS Style

Sana Belguith; Nesrine Kaaniche; Giovanni Russello. Lightweight Attribute-based Encryption Supporting Access Policy Update for Cloud Assisted IoT. Proceedings of the 10th International Conference on Security and Cryptography 2018, 135 -146.

AMA Style

Sana Belguith, Nesrine Kaaniche, Giovanni Russello. Lightweight Attribute-based Encryption Supporting Access Policy Update for Cloud Assisted IoT. Proceedings of the 10th International Conference on Security and Cryptography. 2018; ():135-146.

Chicago/Turabian Style

Sana Belguith; Nesrine Kaaniche; Giovanni Russello. 2018. "Lightweight Attribute-based Encryption Supporting Access Policy Update for Cloud Assisted IoT." Proceedings of the 10th International Conference on Security and Cryptography , no. : 135-146.