学术讲座
学术讲座
 基地新闻 
 学术讲座 
海外引进优质课程《云计算和物联网安全初探》 开课通知
2017-06-01

  
由网络与信息安全学院负责引进的海外优质课程G00CE1206《云计算和物联网安全初探》即将开课

上课时间为:6月5、12、19、26日及7月3日下午5-8节;
上课地点为:北校区J-110。

任课教师简介:
杨侃教授,目前就职于美国孟菲斯大学,是孟菲斯大学计算机系信息保障中心(CfiA)的副主任。杨侃教授的主要研究涉及云计算,大数据,物联网和分布式系统等方面的安全和隐私保护工作,目前已经在IEEE TIFS, TDSC, TPDS, TVT, TMM, TWC, ComMag, WirelessMag, IEEE INFOCOM’13-15, ICDCS’12, ACM AsiaCCS’13等期刊和会议上发表了30余篇的高水平论文,在google学术上的他引次数已达到1150次(H-index 13)。

课程的主要内容:
杨侃老师将围绕云计算与物联网安全的最新研究技术和内容展开介绍,主要将包括:“公有云安全数据外包技术”、“云数据动态审计框架下的隐私保护技术”、“云数据基于属性的高效访问控制技术”、“云端加密数据安全高效搜索技术”、“从云到物:物联网安全与隐私技术探讨”以及“移动群智网络的安全与隐私保护”等主要内容
 
请有意选修此课程的同学于第一次上课时在任课教师处登记个人信息,研究生院培养办负责录入个人选课记录。



BIO:

Dr. Kan Yang received his B.Eng. degree in Information Security from University of Science and Technology of China (USTC) in 2008, and his Ph.D. degree in computer science with outstanding research thesis award from City University of Hong Kong in 2013 supervised by Prof. Xiaohua Jia. During his Ph.D. study, he was a visiting student in the Dept. of Computer Science and Engineering at the State University of New York at Buffalo, supervised by Prof. Kui Ren. From Sept. 2013 to July 2014, he was a postdoctoral fellow in the Dept. of Computer Science at the City University of Hong Kong. From July 2014 to June 2016, he was a postdoctoral fellow, the coordinator of security group, at the Broadband Communications Research (BBCR) group in the Dept. of Electrical and Computer Engineering at University of Waterloo, co-supervised by Prof. Xuemin (Sherman) Shen and Prof. Anwar Hasan.
He joined the Department of Computer Science at the University of Memphis as a tenure-track assistant professor and associate director of Center for Information Assurance (CfIA) in January 2017. He is looking for self-motivated Ph.D. students to join his research group. His research interests are in the area of cloud computing, big data, internet of things and distributed systems, with the focus on security and privacy. He has published more than 30 high quality papers that appear in prestigious venues including IEEE TIFS, TDSC, TPDS, TVT, TMM, TWC, ComMag, WirelessMag, IEEE INFOCOM’13-15, ICDCS’12, ACM AsiaCCS’13, etc. His research is well recognized, and his publications have received over 1150 citations (H-index 13) as of May 2017 according to Google Scholar. He has served as the TPC member for many international conferences, e.g., Globecom’16-17, ICC’17, ICNC’17, ICCCN’15-17, IPCCC’15-16, AsiaCCS-SCC’14, etc. He is also an active reviewer for many top journals and conferences, such as IEEE JSAC, TPDS, TIFS, TDSC, TCOM, TCC, TMC, TKDE, TSC, INFOCOM, etc.

Contents:

Title: Secure and Scalable Data Outsourcing in the Public Cloud
 
Abstract
Data outsourcing is one of the most significant services offered by cloud computing, where end-users buy or lease storage capacity from cloud service providers in a pay-per-use billing model. However, when hosting data into the public cloud, data security and privacy is always the first concern, as few cloud service providers can be fully trusted by end-users. Therefore, enabling secure data outsourcing mechanisms in the public cloud becomes imperative while being challenging. In this seminar, we will introduce some security and privacy issues when outsourcing data to the public cloud. Then, we will present some of our research works which will be discussed in detail in the following talks. Specifically, the topics cover: 1) Storage Auditing for Cloud Data; 2) Access Control of Cloud Data; and 3) Search on Encrypted Data.
Title: Privacy-Preserving Data Dynamic Auditing for Cloud Data
 
Abstract
When outsourcing data into the cloud, data owners may worry that their data may be corrupted or tampered in the cloud as the cloud may not be fully trusted. In this talk, I will present our research work on guaranteeing the integrity of cloud data with storage auditing service. Our contribution is three-fold. Firstly, a third-party storage auditing mechanism is proposed to ensure that end-users’ data are not corrupted or deleted in the public cloud, while protecting data from being accessed by the third-party auditor. Secondly, the proposed mechanism not only serves for static archived data but also supports scalable and dynamical updates (i.e., block insertion, block modification, block deletion) of cloud data. Thirdly, the proposed mechanism supports batching auditing for multiple users to check the integrity of data stored on multiple cloud servers, which significantly improves the auditing efficiency in large-scale cloud storage systems.
Title: Attribute-based Access Control with Efficient Revocation and Decryption for Cloud Data
 

Abstract
Data access control is an effective way to ensure the data security in the cloud. However, due to data outsourcing and untrusted cloud servers, the data access control becomes a challenging issue in cloud storage systems. Existing access control schemes are no longer applicable to cloud storage systems, because they either produce multiple encrypted copies of the same data or require a fully trusted cloud server. Ciphertext-Policy Attribute-based Encryption (CP-ABE) is a promising technique for access control of encrypted data. It requires a trusted authority manages all the attributes and distributes keys in the system. In cloud storage systems, there are usually multiple authorities co-exist and each authority is able to issue attributes independently. However, existing CP-ABE schemes cannot be directly applied to data access control for multi-authority cloud storage systems, due to the inefficiency of decryption and revocation. In this talk, I will describe one of our research works, DAC-MACS (Data Access Control for Multi-Authority Cloud Storage), an effective and secure data access control scheme with efficient decryption and revocation. Specifically, we construct a new multi-authority CP-ABE scheme with efficient decryption and also design an efficient attribute revocation method that can achieve both forward security and backward security. 
Title: Enabling Efficient and Secure Search over Encrypted Data in Cloud Storage Systems
 
Abstract
The emerging cloud computing provides us an excellent option to outsource the data to the cloud. However, data outsourcing raises many security and privacy concerns. An effective method is to encrypt sensitive data before outsourcing them to the cloud. Towards the large amount of data stored in the cloud, how to search on those encrypted data becomes a challenging problem. To perform a search on encrypted data, it is infeasible for users to start the search locally after downloading and decrypting all the encrypted data, especially when the amount of data is very huge. In this talk, I will present some searchable encryption schemes which enabling users to conduct search over encrypted data. Specifically, I will introduce both symmetric searchable encryption (SSE) and public-key encryption with keyword search (PEKS). Then, I will describe one of our research works (multi-owner multi-user searchable encryption), which enables multiple owners to encrypt data and multiple users can do the search over encrypted data.
Title: From Cloud to IoT - Security and Privacy Issues in Internet of Things
 
Abstract
The Internet of Things (IoT) is a vision for interconnecting all of the world’s “things”—from vehicles to diet scales, smart homes and electrical grids. In this talk, I will present some security and privacy issues in the Internet of Things. Firstly, I will describe a fundamental Cloud-Fog-Things architecture and discuss the security and privacy challenges under this architecture. Then, I will focus on discussing the security and privacy issues in Fog Computing and End-devices (Things). Specifically, I will introduce some of examples including Crowdsourcing, Augmented Reality, and Wearable Device Assisted Authentication, etc. 
Title: Security and Privacy in Mobile Crowdsourcing Networks: Challenges and Opportunities
 
Abstract:
Mobile Crowdsourcing Network (MCN) is a promising network architecture that applies the principles of crowdsourcing to perform tasks with human involvements and powerful mobile devices. However, it also raises some critical security and privacy issues which impede the applications of MCNs. In this talk, in order to better understand these critical security and privacy challenges, we first introduce a general architecture for mobile crowdsourcing network comprising of both crowdsourcing sensing and crowdsourcing computing. After that, we set forth several critical security and privacy challenges that essentially capture the characteristics of MCNs. We also formulate some research problems leading to possible research directions. We expect this talk will bring more attention to further investigation on security and privacy solutions for mobile crowdsourcing networks.

关闭窗口
西安电子科技大学 移动互联网安全创新引智基地   版权所有2016-2017
地址:陕西省西安市太白南路2号西安电子科技大学 邮编:710071 电话:029-88204749
技术支持:电院网络中心