Hodor: Robust Fine-Grained Information Flow Control With Full Data Traffic Protection for Cloud-Edge Computing

IF 6.3 1区计算机科学 Q1 COMPUTER SCIENCE, THEORY & METHODS

IEEE Transactions on Information Forensics and Security Pub Date : 2025-02-28 DOI:10.1109/TIFS.2025.3546846

Yansen Xin;Hui Ma;Rui Zhang

{"title":"Hodor: Robust Fine-Grained Information Flow Control With Full Data Traffic Protection for Cloud-Edge Computing","authors":"Yansen Xin;Hui Ma;Rui Zhang","doi":"10.1109/TIFS.2025.3546846","DOIUrl":null,"url":null,"abstract":"Cloud-edge computing has been widely-adopted for large-scale data sharing and processing. In practical data sharing systems, data are very sensitive and typically encrypted, such as health records. Unauthorized users may attempt to decrypt ciphertexts to recover the data. Due to mistakes or malice, some users might try to share sensitive information with others who do not have access. Clearly, strong access control should be employed to restrict the read and write privilege of users. There was a rich literature on mandatory fine-grained information flow control for such scenarios, but three important issues remain. First, payload privacy was often neglected. Most of the known solutions focused on the protection ciphertext header, but ignored the payload, i.e. encrypted data, which may leak information by a malicious sender. Second, no guarantee of the encrypted data. Ill-formed ciphertexts, e.g. encrypted garbage data, can pass the global policy check, causing decryption failures or disseminating bad information, hence are incapable of content distribution. Finally, the heavy computation cost of sender authentication impedes the practical deployment. In this work, we introduce Hodor, a robust fine-grained information flow control scheme that not only guards the transmission channel with mandatory fine-grained access control for massive data, but also protects whole data traffic, checks ciphertext well-formedness, and efficiently authenticates the sender. In particular, Hodor considers full data traffic protection of both the ciphertext header and encrypted payload to resist information leakage, completely verifies the consistency between the claimed access structure and the actual access structure, and achieves efficient sender authentication with a succinct challenge-response protocol. We present a formal model and give detailed proofs. We also implement and evaluate Hodor using various optimization techniques to boost its performance. The results demonstrate the efficiency and practicality of Hodor for cloud-edge data sharing.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"3074-3087"},"PeriodicalIF":6.3000,"publicationDate":"2025-02-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Information Forensics and Security","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10908204/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}

引用次数: 0

Abstract

Cloud-edge computing has been widely-adopted for large-scale data sharing and processing. In practical data sharing systems, data are very sensitive and typically encrypted, such as health records. Unauthorized users may attempt to decrypt ciphertexts to recover the data. Due to mistakes or malice, some users might try to share sensitive information with others who do not have access. Clearly, strong access control should be employed to restrict the read and write privilege of users. There was a rich literature on mandatory fine-grained information flow control for such scenarios, but three important issues remain. First, payload privacy was often neglected. Most of the known solutions focused on the protection ciphertext header, but ignored the payload, i.e. encrypted data, which may leak information by a malicious sender. Second, no guarantee of the encrypted data. Ill-formed ciphertexts, e.g. encrypted garbage data, can pass the global policy check, causing decryption failures or disseminating bad information, hence are incapable of content distribution. Finally, the heavy computation cost of sender authentication impedes the practical deployment. In this work, we introduce Hodor, a robust fine-grained information flow control scheme that not only guards the transmission channel with mandatory fine-grained access control for massive data, but also protects whole data traffic, checks ciphertext well-formedness, and efficiently authenticates the sender. In particular, Hodor considers full data traffic protection of both the ciphertext header and encrypted payload to resist information leakage, completely verifies the consistency between the claimed access structure and the actual access structure, and achieves efficient sender authentication with a succinct challenge-response protocol. We present a formal model and give detailed proofs. We also implement and evaluate Hodor using various optimization techniques to boost its performance. The results demonstrate the efficiency and practicality of Hodor for cloud-edge data sharing.

查看原文本刊更多论文

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Transactions on Information Forensics and Security 工程技术-工程：电子与电气

CiteScore

14.40

自引率

7.40%

发文量

234

审稿时长

6.5 months

期刊介绍： The IEEE Transactions on Information Forensics and Security covers the sciences, technologies, and applications relating to information forensics, information security, biometrics, surveillance and systems applications that incorporate these features