Journal of Information Security and Applications最新文献

Fed-LSAE: Thwarting poisoning attacks against federated cyber threat detection system via Autoencoder-based latent space inspection Fed-LSAE：通过基于自动编码器的潜空间检测挫败针对联合网络威胁检测系统的中毒攻击

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2024-11-16 DOI: 10.1016/j.jisa.2024.103916

Tran Duc Luong, Vuong Minh Tien, Nguyen Huu Quyen, Do Thi Thu Hien, Phan The Duy, Van-Hau Pham

{"title":"Fed-LSAE: Thwarting poisoning attacks against federated cyber threat detection system via Autoencoder-based latent space inspection","authors":"Tran Duc Luong, Vuong Minh Tien, Nguyen Huu Quyen, Do Thi Thu Hien, Phan The Duy, Van-Hau Pham","doi":"10.1016/j.jisa.2024.103916","DOIUrl":"10.1016/j.jisa.2024.103916","url":null,"abstract":"<div><div>The rise of security concerns in conventional centralized learning has driven the adoption of federated learning. However, the risks posed by poisoning attacks from internal adversaries against federated systems necessitate robust anti-poisoning frameworks. While previous defensive mechanisms relied on outlier detection, recent approaches focus on latent space representation. In this paper, we investigate a novel robust aggregation method for federated learning, namely Fed-LSAE, which leverages latent space representation via the penultimate layer and Autoencoder to exclude malicious clients from the training process. Specifically, Fed-LSAE measures the similarity level of each local latent space vector to the global one using the Center Kernel Alignment algorithm in every training round. The results of this algorithm are categorized into benign and attack groups, in which only the benign cluster is sent to the central server for federated averaging aggregation. In other words, adversaries would be detected and eliminated from the federated training procedure. The experimental results on the CIC-ToN-IoT and N-BaIoT datasets confirm the feasibility of our defensive mechanism against cutting-edge poisoning attacks for developing a robust federated-based threat detector in the Internet of Things (IoT) context. The evaluation of the federated approach witnesses an upward trend of approximately 98% across all metrics when integrating with our Fed-LSAE defense.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"87 ","pages":"Article 103916"},"PeriodicalIF":3.8,"publicationDate":"2024-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142656878","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

BCRS-DS: A Privacy-protected data sharing scheme for IoT based on blockchain and certificateless ring signature BCRS-DS：基于区块链和无证书环签名的物联网隐私保护数据共享方案

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2024-11-15 DOI: 10.1016/j.jisa.2024.103914

Qi Liu , Guijuan Wang , Biwei Yan , Anming Dong , Hao Yu , Jiguo Yu

{"title":"BCRS-DS: A Privacy-protected data sharing scheme for IoT based on blockchain and certificateless ring signature","authors":"Qi Liu , Guijuan Wang , Biwei Yan , Anming Dong , Hao Yu , Jiguo Yu","doi":"10.1016/j.jisa.2024.103914","DOIUrl":"10.1016/j.jisa.2024.103914","url":null,"abstract":"<div><div>The Internet of Things (IoT) has created opportunities for collaboration across organizations and domains through data sharing. However, existing data sharing schemes in IoT face challenges, including privacy breaches, inefficiency, and lack of incentives. To address these issues, blockchain is a promising infrastructure for data sharing due to its decentralization, auditability, and immutability. This paper proposes a novel data sharing scheme based on blockchain and certificateless ring signature (BCRS-DS), which utilizes the certificateless ring signature algorithm to protect the privacy of participants and improves the authentication efficiency. Moreover, BCRS-DS integrates a decentralized anonymous incentive mechanism based on zero-knowledge proof. After completing the data sharing process, participants can provide the zero-knowledge proof data to the smart contract to demonstrate their eligibility for rewards without compromising the privacy. Finally, we verified the effectiveness and practicality of BCRS-DS through theoretical analysis and experiments.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"87 ","pages":"Article 103914"},"PeriodicalIF":3.8,"publicationDate":"2024-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142656876","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Privacy-preserving verifiable fuzzy phrase search over cloud-based data 基于云数据的隐私保护可验证模糊短语搜索

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2024-11-15 DOI: 10.1016/j.jisa.2024.103910

Yunfeng Zhang , Rong Hao , Xinrui Ge , Jia Yu

{"title":"Privacy-preserving verifiable fuzzy phrase search over cloud-based data","authors":"Yunfeng Zhang , Rong Hao , Xinrui Ge , Jia Yu","doi":"10.1016/j.jisa.2024.103910","DOIUrl":"10.1016/j.jisa.2024.103910","url":null,"abstract":"<div><div>Today, cloud computing plays an increasingly important role in cloud-based data processing systems. Privacy-preserving phrase search is one critical search technique in cloud-based data processing systems, which allows for the retrieval of cipher documents containing a set of consecutive keywords. However, the existing privacy-preserving phrase search schemes rarely support fault tolerance and result verification at the same time. To deal with these problems, this paper presents a Privacy-Preserving Verifiable Fuzzy Phrase Search scheme over cloud-based data (PPVFPS). We construct a novel keyword matching list by the keyword transformation techniques and the secure <span><math><mrow><mi>k</mi><mi>N</mi><mi>N</mi></mrow></math></span> algorithm to support fuzzy search. To enhance search efficiency and achieve the dynamic update, we generate a counting Bloom filter based on the virtual binary tree, which can help find the documents containing the search keywords. In order to securely judge the position relationship between two search keywords, we employ the techniques of homomorphic encryption and bilinear mapping to encrypt the positions of the keywords. We generate the verification tags based on the MAC technique and build a document index table to realize result verification. We demonstrate the security analysis of PPVFPS scheme, and the experimental result shows that PPVFPS scheme can achieve high accuracy.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"87 ","pages":"Article 103910"},"PeriodicalIF":3.8,"publicationDate":"2024-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142656877","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Lightweight privacy-preserving authenticated key agreements using physically unclonable functions for internet of drones 为无人机互联网使用物理不可克隆函数的轻量级隐私保护认证密钥协议

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2024-11-15 DOI: 10.1016/j.jisa.2024.103915

Tian-Fu Lee , Xiucai Ye , Wei-Jie Huang

{"title":"Lightweight privacy-preserving authenticated key agreements using physically unclonable functions for internet of drones","authors":"Tian-Fu Lee , Xiucai Ye , Wei-Jie Huang","doi":"10.1016/j.jisa.2024.103915","DOIUrl":"10.1016/j.jisa.2024.103915","url":null,"abstract":"<div><div>The Internet of Drones (IoD) means the cooperative collection and transmission of data by multiple drones in a cluster or decentralized way of working to decrease the energy consumption of mobile devices, increase overall performance, and reduce the cost of building infrastructure. It is widely applied in various fields, including environmental scouting and monitoring, emergency assistance and logistics transportation, etc. Recently, many related authentication schemes were proposed for IoD. Due to the limitation that the drones use lightweight components for development, these authentication schemes mostly use lightweight components for development. However, many authentication schemes cannot overcome security issues such as providing user privacy protection and resisting drone capture attacks. This study discusses these security issues of related schemes, and develops an authentication scheme for IoD by using Physically Unclonable Functions (PUF). Due to its own microscopic characteristics, the PUF can generate unpredictable and duplicate information, which can be regarded as a device fingerprint and is suitable for device authentication. Additionally, this study utilizes the commutative and invertible properties of BS-PUF to develop the key exchange of the proposed scheme and to protect user privacy. This proposed scheme overcomes the previous problems in security, has more security features, and maintains lightweight computational costs.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"87 ","pages":"Article 103915"},"PeriodicalIF":3.8,"publicationDate":"2024-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142656875","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Robust coverless video steganography based on pose estimation and object tracking 基于姿势估计和物体跟踪的鲁棒无掩码视频隐写术

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2024-11-14 DOI: 10.1016/j.jisa.2024.103912

Nan Li, Jiaohua Qin, Xuyu Xiang, Yun Tan

{"title":"Robust coverless video steganography based on pose estimation and object tracking","authors":"Nan Li, Jiaohua Qin, Xuyu Xiang, Yun Tan","doi":"10.1016/j.jisa.2024.103912","DOIUrl":"10.1016/j.jisa.2024.103912","url":null,"abstract":"<div><div>Existing coverless video steganography methods have not adequately exploited the stable features within and between video frames, and they have neglected the subtlety required for carrier transmission. To address these issues, this paper proposes a coverless video steganography method based on pose estimation and object tracking. By analyzing the intra-frame and inter-frame features of human posture within videos, this method hides secret information in videos depicting human activities, thereby enhancing concealment through simulating social behaviors. The scheme initially utilizes pose estimation network to localize target persons and their respective pose keypoints. Subsequently, a multi-object tracking algorithm is employed to track the detected targets within the video, coupled with a filtering mechanism to identify and prioritize tracking targets with larger areas, thus ensuring robustness in the tracking process. Then, corresponding hash mapping rules are established based on the inter-frame movement direction and the intra-frame angle features of the tracking targets. Finally, an inverted index is constructed to accelerate the speed of matching carrier videos containing the secret information and complete information hiding. Experimental results demonstrate that the proposed approach exhibits superior robustness against a variety of traditional attacks, video compression attacks, and frame dropping attacks compared to latest methods, while also enhancing the hiding capacity.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"87 ","pages":"Article 103912"},"PeriodicalIF":3.8,"publicationDate":"2024-11-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142656874","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

SteriCNN: Cloud native stego content sterilization framework SteriCNN：云原生偷窃内容消毒框架

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2024-11-09 DOI: 10.1016/j.jisa.2024.103908

Abhisek Banerjee , Sreeparna Ganguly , Imon Mukherjee , Nabanita Ganguly

{"title":"SteriCNN: Cloud native stego content sterilization framework","authors":"Abhisek Banerjee , Sreeparna Ganguly , Imon Mukherjee , Nabanita Ganguly","doi":"10.1016/j.jisa.2024.103908","DOIUrl":"10.1016/j.jisa.2024.103908","url":null,"abstract":"<div><div>Modern robust steganography-based cyber attacks often bypass intrinsic cloud security measures, and contemporary steganalysis methods struggle to address these covert threats due to recent advancements in deep learning (DL)-based steganography techniques. Existing steganography removal methods are constrained by trade-offs involving high processing times, poor quality of sanitized images, and insufficient removal of steganographic content. This paper introduces SteriCNN, a lightweight deep residual neural network model designed for steganography removal. SteriCNN effectively eliminates embedded steganographic information while preserving the visual integrity of the sanitized images. We employ a series of convolutional blocks with three residual connections for feature extraction, feature learning, feature attention, and image reconstruction from the residue. The proposed model utilizes the correlation of channel features to achieve a faster learning rate, and by varying the dilation rate in convolutional blocks, the model achieves wider receptive fields, enabling it to cover larger areas of the input image at each layer. SteriCNN is targeted for blind image sterilization for real-time use cases due to its low training and prediction time costs. Our study shows impressive results for both traditional and deep learning-based stego vulnerabilities, with approximately 90% of steganograms eliminated while maintaining an average PSNR value of 46 dB and an SSIM of 0.99 when tested with popular steganography methods.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"87 ","pages":"Article 103908"},"PeriodicalIF":3.8,"publicationDate":"2024-11-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142657177","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

3D point cloud encryption algorithm based on hybrid key and spatial maintenance 基于混合密钥和空间维护的三维点云加密算法

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2024-11-08 DOI: 10.1016/j.jisa.2024.103896

Xusheng Li , Jinqing Li , Xiaoqiang Di , Hongmei Guan , Mingao Zhang , Mengli Gao , Makram Ibrahim

{"title":"3D point cloud encryption algorithm based on hybrid key and spatial maintenance","authors":"Xusheng Li , Jinqing Li , Xiaoqiang Di , Hongmei Guan , Mingao Zhang , Mengli Gao , Makram Ibrahim","doi":"10.1016/j.jisa.2024.103896","DOIUrl":"10.1016/j.jisa.2024.103896","url":null,"abstract":"<div><div>With the development of LiDAR technology, 3D point cloud data have a rich information-carrying capacity and environmental perception capabilities, have been widely applied in fields such as the Internet of Vehicles(IoV) and smart homes. However, the privacy and sensitive content contained within them faces significant security risks. To address these challenges, we propose a selective encryption scheme for 3D point cloud based on hybrid key with spatial maintenance. Firstly, a new SH-CCM map is introduced, which exhibits excellent sensitivity to initial conditions, randomness, and unpredictability. Secondly, a hybrid key generation scheme is designed, where the hybrid key is composed of an agreement session key and a user’s private key. Then, a spatial maintenance encryption method is designed using the proposed chaotic map to maintain the spatial stability of the selected regions during encryption, preventing data confusion and loss that could arise from overlap with adjacent point clouds in the encrypted domain. Finally, the security and robustness of this method are verified through simulation experiments and numerical analysis, demonstrating high encryption efficiency and effective resistance against known plaintext/chosen plaintext attacks, differential attacks, brute force attacks, and other statistical analysis attacks.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"87 ","pages":"Article 103896"},"PeriodicalIF":3.8,"publicationDate":"2024-11-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142657178","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

MinCloud: Trusted and transferable MinHash-based framework for unknown malware detection for Linux cloud environments MinCloud：基于 MinHash 的可信和可转移框架，用于检测 Linux 云环境中的未知恶意软件

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2024-11-06 DOI: 10.1016/j.jisa.2024.103907

Tomer Panker , Aviad Cohen , Tom Landman , Chen Bery , Nir Nissim

{"title":"MinCloud: Trusted and transferable MinHash-based framework for unknown malware detection for Linux cloud environments","authors":"Tomer Panker , Aviad Cohen , Tom Landman , Chen Bery , Nir Nissim","doi":"10.1016/j.jisa.2024.103907","DOIUrl":"10.1016/j.jisa.2024.103907","url":null,"abstract":"<div><div>Linux clouds have become an attractive target for cyber-attacks. However, existing detection solutions for Linux clouds have variety of limitations. Some of the solutions are untrusted, incapable of detecting unknown malware, or rely on a human expert to define the features. Other solutions are trusted but require a large amount of computational resources or have a limited ability to detect rootkits, fileless malware, or malware on a different server. In this study, we propose MinCloud, a trusted and transferable MinHash-based framework for unknown malware detection in Linux virtual servers that overcomes the limitations of existing solutions. In the first stage, we acquired volatile memory dumps from virtual servers by querying the hypervisor in a trusted manner and then analyzed them using the MinHash method. Finally, the MinHash characteristics are harnessed by applying machine learning classifiers to achieve precise malware detection. MinCloud was evaluated on widely used Linux virtual servers, various benign and malicious applications, and 23,000 volatile memory dumps, each representing different behaviors of the examined servers and the executed applications over time. MinCloud's evaluation shows it can (1) detect unknown malware, (2) classify unknown malware according to its malware category, (3) detect fileless attacks and rootkit malware, and (4) provide accurately transfer detection between different Linux servers. MinCloud outperformed state-of-the-art trusted detection methods and commonly used antiviruses.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"87 ","pages":"Article 103907"},"PeriodicalIF":3.8,"publicationDate":"2024-11-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142592992","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Reversible data hiding in encrypted images using Pixel Shifting Approach (PSA) 利用像素移动方法（PSA）在加密图像中进行可逆数据隐藏

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2024-11-05 DOI: 10.1016/j.jisa.2024.103909

Cheonshik Kim , Ching-Nung Yang , Yu-Quan Lu

{"title":"Reversible data hiding in encrypted images using Pixel Shifting Approach (PSA)","authors":"Cheonshik Kim , Ching-Nung Yang , Yu-Quan Lu","doi":"10.1016/j.jisa.2024.103909","DOIUrl":"10.1016/j.jisa.2024.103909","url":null,"abstract":"<div><div>This study proposes a novel technique for reversibly embedding data within encrypted images, specifically utilizing a Pixel Shifting Approach (PSA). Traditional data hiding methods commonly employ the modification of the least significant bits (LSBs) of pixels in the original image. In contrast, methods using encrypted cover images offer a wider range of data hiding techniques that are not constrained by LSB modifications. The proposed data hiding method embeds data into an encrypted cover image by dividing it into non-overlapping blocks and then permuting pixels within each block according to a defined rule, rather than modifying the LSBs of pixels. The entropy of the image remains preserved after data embedding, making it difficult to detect the location of hidden data. To extract the hidden data, the encrypted image is decrypted, and the smoothness of each block is measured. The block with the lowest smoothness is identified as the one containing the hidden data, which is also the original block. This is because the pixels within each block have different statistical properties compared to other blocks, allowing for data recovery. The proposed method offers the advantage of embedding 4 bits of data per block, surpassing the performance of the existing Modified Pixel Shifting Approach (MPSA). Moreover, the entropy preservation of the stego-image is comparable to MPSA, while the algorithm’s execution time is more efficient. The simpler data hiding rule compared to MPSA enables faster encoding and decoding. Reversibility is guaranteed by preserving the correlation among pixels within each block when extracting data from the stego-image and restoring the original image. Experimental results demonstrate that the proposed method significantly outperforms existing techniques in terms of data hiding efficiency and security.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"87 ","pages":"Article 103909"},"PeriodicalIF":3.8,"publicationDate":"2024-11-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142586067","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Guaranteeing anonymity in attribute-based authorization 在基于属性的授权中保证匿名性

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2024-11-04 DOI: 10.1016/j.jisa.2024.103895

Erin Lanus , Charles J. Colbourn , Gail-Joon Ahn

{"title":"Guaranteeing anonymity in attribute-based authorization","authors":"Erin Lanus , Charles J. Colbourn , Gail-Joon Ahn","doi":"10.1016/j.jisa.2024.103895","DOIUrl":"10.1016/j.jisa.2024.103895","url":null,"abstract":"<div><div>Attribute-based methods such as attribute-based access control make decisions based on attributes possessed by a subject rather than the subject’s identity. This allows for anonymous authorization but does not guarantee anonymity. If a policy can be composed that few subjects possess attributes to satisfy and is used for access control, the system can guess with high probability the requesting subject’s identity. Other approaches to achieving anonymity in attribute-based authorization do not address this attribute distribution problem. Suppose polices contain conjunctions of at most <span><math><mi>t</mi></math></span> attributes and the system must not be able to guess with probability greater than <span><math><mfrac><mrow><mn>1</mn></mrow><mrow><mi>r</mi></mrow></mfrac></math></span> the identity of a subject using a policy for authorization. The anonymity guarantee is <span><math><mi>r</mi></math></span> for maximum credential size <span><math><mi>t</mi></math></span>. An anonymizing array is a combinatorial array proposed as an abstraction to address the distribution problem by ensuring that any assignment of values to <span><math><mi>t</mi></math></span> attributes appearing in the array appears at least <span><math><mi>r</mi></math></span> times. Anonymizing arrays are related to covering arrays with higher coverage, but have an additional property, homogeneity, due to their application domain. We discuss the application of anonymizing arrays to guarantee anonymous authorization in attribute-based methods. Additionally, we develop metrics to compare arrays with the same parameters.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"87 ","pages":"Article 103895"},"PeriodicalIF":3.8,"publicationDate":"2024-11-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142578892","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0