Gå til hovedinnhold
0
Hopp til hovedinnhold

Sikkerhet i sky-lagring

Huihui Yang disputerer med en avhandling om sikkerhet ved datalagring i skyene - «Cryptographic Enforcement of Attribute-based Authentication». (Foto: Privat)

The main focus of this dissertation is to investigate on the cryptographic implementations of ABA schemes, or ways to construct different types of ABA schemes according to various security requirements.

Huihui Yang

ph.d.-stipendiat

HuiHui Yang disputerer med en avhandling der hun forsker på hvordan dataskyer kan brukes til datalagring på en så sikker måte som mulig – også i forhold til identitet til den som lagrer dataene.

Huihui Yang disputerer på Fakultet for teknologi og realfags doktorgradsprogram med spesialisering i IKT den 28. juni 2016.

Slik beskriver kandidaten selv essensen i avhandlingen:

Cryptographic Enforcement of Attribute-based Authentication

There are currently a lot of cloud-based services, such as cloud storage, cloud computing and data outsourcing.

Consider Dropbox, one of the most popular cloud storage applications via which users can create special folders on their computers and save files within. Later, users can access these files from elsewhere, like mobiles, iPads or other computers. In addition, users can share files saved in Dropbox folders with other people.

Cloud users can also employ cloud resources to perform complicated calculations.

When utilizing cloud facilities, on the one hand, cloud users wish to keep their data safe and undisclosed from other Internet users and even service providers. On the other hand, users may also need more fine-grained control over their data, for example in term of how the data can be accessed.

Attribute-based authentication

To better protect users’ privacy, attribute-based authentication (ABA) offers a more privacy-preserving means of authentication in different access control systems.

ABA is an approach of authenticating users according to their attributes, including name, address, phone number and age. By using attributes in place of users' identity information, ABA presents anonymous authentication, or more specifically, ABA enables keeping users anonymous from their authenticators.

In addition, the property of least information leakage provides superior protection of users' privacy over popular public key-based authentication approaches. This property makes it possible to apply attribute-based authentication schemes in privacy preserving scenarios, like, cloud-based applications.

Cryptographic implementations of ABA schemes

The main focus of this dissertation is to investigate on the cryptographic implementations of ABA schemes, or ways to construct different types of ABA schemes according to various security requirements.

In a traceable ABA scheme, normal users cannot acquire any information about the identity of a signer given their signature, but a special authority is necessary to trace the signer’s identity.

On the contrary, neither normal users nor authorities can reveal signers’ identities in an untraceable ABA scheme.

More flexible and fine-grained authentication

Based on these two types of basic ABA schemes, hierarchical schemes can be achieved in combination with a hierarchical structure of users or attributes. By using hierarchical ABA schemes, a more flexible and fine-grained authentication and access control approach feasible.

Disputasfakta:

Kandidaten: Huihui Yang er bachelor i computer science fra Wuhan University, Wuhan, China, (2007) og har mastergrad i Information security fra the Chinese Academy of Sciences, Beijing, China (2011). Hun er nå tilknyttet Institutt for IKT ved UiA. Hennes forskerinteresse er først og fremst innenfor feltet sikkerhet og personvern – eller som hun selv skriver: «Her research interests are in the areas of security and privacy, applied cryptography, secure protocols and formal methods.»

Prøveforelesning og disputas finner sted i Rom C2 040, Campus Grimstad

Instituttleder ved Institutt for IKT, Folke Haugland, leder disputasen.

Tid for prøveforelesning: Tirsdag 28. juni 2016 kl 10:00

Oppgitt emne for prøveforelesning: «Security in cloud storage»

Tid for disputas: Tirsdag 28. juni 2016 kl 12:00

Tittel på avhandling: «Cryptographic Enforcement of Attribute-based Authentication»

Søk etter avhandlingen i AURA - Agder University Research Archive, som er et digitalt arkiv for vitenskapelige artikler, avhandlinger og masteroppgaver fra ansatte og studenter ved Universitetet i Agder. AURA blir jevnlig oppdatert.

Opponenter:

Førsteopponent: Professor Valtteri Niemi, Department of Computer Science, University of Helsinki, Finland.

Annenopponent:Professor Chunming Rong, Institutt for data- og elektronikk, Universitetet i Stavanger

Bedømmelseskomitéen er ledet av professor Ole-Christoffer Granmo, UiA

Veiledere i doktorgradsarbeidet var professor Vladimir Oleshchuk, UiA (hovedveileder) og førsteamanuensis Geir Køien, UiA (bi-veileder)