CLOUD service providers manage an enterprise-class

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "CLOUD service providers manage an enterprise-class"

Transcription

1 IEEE TRANSACTIONS ON XXXXXX, VOL X, NO X, XXXX 201X 1 Oruta: Privacy-Preserving Pubic Auditing for Shared Data in the Coud Boyang Wang, Baochun Li, Member, IEEE, and Hui Li, Member, IEEE Abstract With coud storage services, it is commonpace for data to be not ony stored in the coud, but aso shared across mutipe users However, pubic auditing for such shared data whie preserving identity privacy remains to be an open chaenge In this paper, we propose the first privacy-preserving mechanism that aows pubic auditing on shared data stored in the coud In particuar, we expoit ring signatures to compute the verification information needed to audit the integrity of shared data With our mechanism, the identity of the signer on each bock in shared data is kept private from a third party auditor (TPA), who is sti abe to pubicy verify the integrity of shared data without retrieving the entire fie Our experimenta resuts demonstrate the effectiveness and efficiency of our proposed mechanism when auditing shared data Index Terms Pubic auditing, privacy-preserving, shared data, coud computing 1 INTRODUCTION CLOUD service providers manage an enterprise-cass infrastructure that offers a scaabe, secure and reiabe environment for users, at a much ower margina cost due to the sharing nature of resources It is routine for users to use coud storage services to share data with others in a team, as data sharing becomes a standard feature in most coud storage offerings, incuding Dropbox and Googe Docs The integrity of data in coud storage, however, is subject to skepticism and scrutiny, as data stored in an untrusted coud can easiy be ost or corrupted, due to hardware faiures and human errors [1] To protect the integrity of coud data, it is best to perform pubic auditing by introducing a third party auditor (TPA), who offers its auditing service with more powerfu computation and communication abiities than reguar users The first provabe data possession (PDP) mechanism [2] to perform pubic auditing is designed to check the correctness of data stored in an untrusted server, without retrieving the entire data Moving a step forward, Wang et a [3] (referred to as WWRL in this paper) is designed to construct a pubic auditing mechanism for coud data, so that during pubic auditing, the content of private data beonging to a persona user is not discosed to the third party auditor We beieve that sharing data among mutipe users is perhaps one of the most engaging features that motivates coud storage A unique probem introduced during the Boyang Wang and Hui Li are with the State Key Laboratory of Integrated Services Networks, Xidian University, Xi an, , China Boyang Wang is aso a visiting PhD student at Department of Eectrica and Computer Engineering, University of Toronto E-mai: Baochun Li is with the Department of Eectrica and Computer Engineering, University of Toronto, Toronto, ON, M5S 3G4, Canada E-mai: process of pubic auditing for shared data in the coud is how to preserve identity privacy from the TPA, because the identities of signers on shared data may indicate that a particuar user in the group or a specia bock in shared data is a higher vauabe target than others For exampe, Aice and Bob work together as a group and share a fie in the coud The shared fie is divided into a number of sma bocks, which are independenty signed by users Once a bock in this shared fie is modified by a user, this user needs to sign the new bock using her pubic/private key pair The TPA needs to know the identity of the signer on each bock in this shared fie, so that it is abe to audit the integrity of the whoe fie based on requests from Aice or Bob Auditing Task 1 Auditing Task 2 Auditing Task 3 A A A A A A B A B B A A A A A A A B B B A A A A B A A A B B A a bock signed by Aice 8th 8th 8th B a bock signed by Bob Fig 1 Aice and Bob share a fie in the coud The TPA audits the integrity of shared data with existing mechanisms As shown in Fig 1, after performing severa auditing tasks, some private and sensitive information may revea to the TPA On one hand, most of the bocks in shared fie are signed by Aice, which may indicate that Aice is a important roe in this group, such as a group eader On the other hand, the 8-th bock is frequenty modified by different users It means this bock may contain highvaue data, such as a fina bid in an auction, that Aice TPA

2 2 IEEE TRANSACTIONS ON XXXXXX, VOL X, NO X, XXXX 201X and Bob need to discuss and change it severa times As described in the exampe above, the identities of signers on shared data may indicate which user in the group or bock in shared data is a higher vauabe target than others Such information is confidentia to the group and shoud not be reveaed to any third party However, no existing mechanism in the iterature is abe to perform pubic auditing on shared data in the coud whie sti preserving identity privacy In this paper, we propose Oruta 1, a new privacypreserving pubic auditing mechanism for shared data in an untrusted coud In Oruta, we utiize ring signatures [4], [5] to construct homomorphic authenticators [2], [6], so that the third party auditor is abe to verify the integrity of shared data for a group of users without retrieving the entire data whie the identity of the signer on each bock in shared data is kept private from the TPA In addition, we further extend our mechanism to support batch auditing, which can audit mutipe shared data simutaneousy in a singe auditing task Meanwhie, Oruta continues to use random masking [3] to support data privacy during pubic auditing, and everage index hash tabes [7] to support fuy dynamic operations on shared data A dynamic operation indicates an insert, deete or update operation on a singe bock in shared data A high-eve comparison between Oruta and existing mechanisms in the iterature is shown in Tabe 1 To our best knowedge, this paper represents the first attempt towards designing an effective privacypreserving pubic auditing mechanism for shared data in the coud TABLE 1 Comparison with Existing Mechanisms PDP [2] WWRL [3] Oruta Pubic auditing Yes Yes Yes Data privacy No Yes Yes Identity privacy No No Yes The remainder of this paper is organized as foows In Section 2, we present the system mode and threat mode In Section 3, we introduce cryptographic primitives used in Oruta The detaied design and security anaysis of Oruta are presented in Section 4 and Section 5 In Section 6, we evauates the performance of Oruta Finay, we briefy discuss reated work in Section 7, and concude this paper in Section 8 2 PROBLEM STATEMENT 21 System Mode As iustrated in Fig 2, our work in this paper invoves three parties: the coud server, the third party auditor (TPA) and users There are two types of users in a group: the origina user and a number of group users The origina user and group users are both members 1 Oruta: One Ring to Rue Them A of the group Group members are aowed to access and modify shared data created by the origina user based on access contro poices [8] Shared data and its verification information (ie signatures) are both stored in the coud server The third party auditor is abe to verify the integrity of shared data in the coud server on behaf of group members Users 1 Auditing Request Third Party Auditor (TPA) 4 Auditing Report Shared Data Fow 2 Auditing Message 3 Auditing Proof Coud Server Fig 2 Our system mode incudes the coud server, the third party auditor and users In this paper, we ony consider how to audit the integrity of shared data in the coud with static groups It means the group is pre-defined before shared data is created in the coud and the membership of users in the group is not changed during data sharing The origina user is responsibe for deciding who is abe to share her data before outsourcing data to the coud Another interesting probem is how to audit the integrity of shared data in the coud with dynamic groups a new user can be added into the group and an existing group member can be revoked during data sharing whie sti preserving identity privacy We wi eave this probem to our future work When a user (either the origina user or a group user) wishes to check the integrity of shared data, she first sends an auditing request to the TPA After receiving the auditing request, the TPA generates an auditing message to the coud server, and retrieves an auditing proof of shared data from the coud server Then the TPA verifies the correctness of the auditing proof Finay, the TPA sends an auditing report to the user based on the resut of the verification 22 Threat Mode 221 Integrity Threats Two kinds of threats reated to the integrity of shared data are possibe First, an adversary may try to corrupt the integrity of shared data and prevent users from using data correcty Second, the coud service provider may inadvertenty corrupt (or even remove) data in its storage due to hardware faiures and human errors Making matters worse, in order to avoid jeopardizing its reputation, the coud server provider may be reuctant to inform users about such corruption of data

3 WANG et a: ORUTA: PRIVACY-PRESERVING PUBLIC AUDITING FOR SHARED DATA IN THE CLOUD Privacy Threats The identity of the signer on each bock in shared data is private and confidentia to the group During the process of auditing, a semi-trusted TPA, who is ony responsibe for auditing the integrity of shared data, may try to revea the identity of the signer on each bock in shared data based on verification information Once the TPA reveas the identity of the signer on each bock, it can easiy distinguish a high-vaue target (a particuar user in the group or a specia bock in shared data) 23 Design Objectives To enabe the TPA efficienty and securey verify shared data for a group of users, Oruta shoud be designed to achieve foowing properties: (1) Pubic Auditing: The third party auditor is abe to pubicy verify the integrity of shared data for a group of users without retrieving the entire data (2) Correctness: The third party auditor is abe to correcty detect whether there is any corrupted bock in shared data (3) Unforgeabiity: Ony a user in the group can generate vaid verification information on shared data (4) Identity Privacy: During auditing, the TPA cannot distinguish the identity of the signer on each bock in shared data 3 PRELIMINARIES In this section, we briefy introduce cryptographic primitives and their corresponding properties that we impement in Oruta 31 Biinear Maps We first introduce a few concepts and properties reated to biinear maps We foow notations from [5], [9]: 1) G 1, G 2 and G T are three mutipicative cycic groups of prime order p; 2) g 1 is a generator of G 1, and g 2 is a generator of G 2 ; 3) ψ is a computabe isomorphism from G 2 to G 1, with ψ(g 2 ) g 1 ; 4) e is a biinear map e: G 1 G 2 G T with the foowing properties: Computabiity: there exists an efficienty computabe agorithm for computing the map e Biinearity: for a u G 1, v G 2 and a,b Z p, e(u a,v b ) e(u,v) ab Non-degeneracy: e(g 1 1 These properties further impy two additiona properties: (1) for any u 1, u 2 G 1 and v G 2, e(u 1 u 2,v) e(u 1,v) e(u 2,v); (2) for any u, v G 2, e(ψ(u),v) e(ψ(v),u) 32 Compexity Assumptions Definition 1: Discrete Logarithm Probem For a Z p, given g,h g a G 1, output a The Discrete Logarithm assumption hods in G 1 if no t-time agorithm has advantage at east ǫ in soving the Discrete Logarithm probem in G 1, which means it is computationa infeasibe to sove the Discrete Logarithm probem in G 1 Definition 2: Computationa Co-Diffie-Heman Probem For a Z p, given g 2,g2 a G 2 and h G 1, compute h a G 1 The co-cdh assumption hods in G 1 and G 2 if no t- time agorithm has advantage at east ǫ in soving the co-cdh probem in G 1 and G 2 When G 1 G 2 and g 1 g 2, the co-cdh probem can be reduced to the standard CDH probem in G 1 The co-cdh assumption is a stronger assumption than the Discrete Logarithm assumption Definition 3: Computationa Diffie-Heman Probem For a,b Z p, given g 1,g1,g a 1 b G 1, compute g1 ab G 1 The CDH assumption hods in G 1 if no t-time agorithm has advantage at east ǫ in soving the CDH probem in G 1 33 Ring Signatures The concept of ring signatures is first proposed by Rivest et a [4] in 2001 With ring signatures, a verifier is convinced that a signature is computed using one of group members private keys, but the verifier is not abe to determine which one This property can be used to preserve the identity of the signer from a verifier The ring signature scheme introduced by Boneh et a [5] (referred to as BGLS in this paper) is constructed on biinear maps We wi extend this ring signature scheme to construct our pubic auditing mechanism 34 Homomorphic Authenticators Homomorphic authenticators (aso caed homomorphic verifiabe tags) are basic toos to construct data auditing mechanisms [2], [3], [6] Besides unforgeabiity (ony a user with a private key can generate vaid signatures), a homomorphic authenticabe signature scheme, which denotes a homomorphic authenticator based on signatures, shoud aso satisfy the foowing properties: Let (pk, sk) denote the signer s pubic/private key pair, σ 1 denote a signature on bock m 1 Z p, σ 2 denote a signature on bock m 2 Z p Bockess verification: Given σ 1 and σ 2, two random vaues α 1, α 2 Z p and a bock m α 1 m 1 +α 2 m 2 Z p, a verifier is abe to check the correctness of bock m without knowing bock m 1 and m 2 Non-maeabiity Given σ 1 and σ 2, two random vauesα 1,α 2 Z p and a bockm α 1 m 1 +α 2 m 2 Z p, a user, who does not have private key sk, is not abe to generate a vaid signature σ on bock m by ineary combining signature σ 1 and σ 2 Bockess verification aows a verifier to audit the correctness of data stored in the coud server with a singe bock, which is a inear combination of a the bocks in data If the combined bock is correct, the verifier

4 4 IEEE TRANSACTIONS ON XXXXXX, VOL X, NO X, XXXX 201X beieves that the bocks in data are a correct In this way, the verifier does not need to downoad a the bocks to check the integrity of data Non-maeabiity indicates that an attacker cannot generate vaid signatures on invaid bocks by ineary combining existing signatures Other cryptographic techniques reated to homomorphic authenticabe signatures incudes aggregate signatures [5], homomorphic signatures [10] and batchverification signatures [11] If a signature scheme is bockess verifiabe and maeabe, it is a homomorphic signature scheme In the construction of data auditing mechanisms, we shoud use homomorphic authenticabe signatures, not homomorphic signatures 4 HOMOMORPHIC AUTHENTICABLE RING SIGNATURES 41 Overview In this section, we introduce a new ring signature scheme, which is suitabe for pubic auditing Then, we wi show how to buid the privacy-preserving pubic auditing mechanism for shared data in the coud based on this new ring signature scheme in the next section As we introduced in previous sections, we intend to utiize ring signatures to hide the identity of the signer on each bock, so that private and sensitive information of the group is not discosed to the TPA However, traditiona ring signatures [4], [5] cannot be directy used into pubic auditing mechanisms, because these ring signature schemes do not support bockess verification Without bockess verification, the TPA has to downoad the whoe data fie to verify the correctness of shared data, which consumes excessive bandwidth and takes ong verification times Therefore, we first construct a new homomorphic authenticabe ring signature (HARS) scheme, which is extended from a cassic ring signature scheme [5], denoted as BGLS The ring signatures generated by HARS is abe not ony to preserve identity privacy but aso to support bockess verification 42 Construction of HARS HARS contains three agorithms: KeyGen, RingSign and RingVerify In KeyGen, each user in the group generates her pubic key and private key In RingSign, a user in the group is abe to sign a bock with her private key and a the group members pubic keys A verifier is aowed to check whether a given bock is signed by a group member in RingVerify Scheme Detais Let G 1, G 2 and G T be mutipicative cycic groups of order p, g 1 and g 2 be generators of G 1 and G 2 respectivey Let e : G 1 G 2 G T be a biinear map, and ψ : G 2 G 1 be a computabe isomorphism with ψ(g 2 ) g 1 There is a pubic map-to-point hash function H 1 : {0,1} G 1 The goba parameters are (e,ψ,p,g 1,G 2,G T,g 1,g 2,H 1 ) The tota number of users in the group is d Let U denote the group that incudes a the d users KeyGen For a user u i in the group U, she randomy picks x i Z p and computes w i g xi 2 G 2 Then, user u i s pubic key is pk i w i and her private key is sk i x i RingSign Given a the d users pubic keys (pk 1,, pk d ) (w 1,,w d ), a bock m Z p, the identifier of this bock id and the private key sk s for some s, user u s randomy chooses a i Z p for a i s, where i [1,d], and et σ i g ai 1 Then, she computes and sets β H 1 (id)g m 1 G 1, (1) ( ) 1/xs β σ s ψ( i s wai i ) G 1 (2) And the ring signature of bock m is σ (σ 1,,σ d ) G d 1 RingVerify Given a the d users pubic keys (pk 1,, pk d ) (w 1,,w d ), a bock m, an identifier id and a ring signature σ (σ 1,,σ d ), a verifier first computes β H 1 (id)g m 1 G 1, and then checks e(β? e(σ i,w i ) (3) If the above equation hods, then the given bock m is signed by one of these d users in the group Otherwise, it is not 43 Security Anaysis of HARS Now, we discuss some important properties of HARS, incuding correctness, unforgeabiity, bockess verification, non-maeabiity and identity privacy Theorem 1: Given any bock and its ring signature, a verifier is abe to correcty check the integrity of this bock under HARS Proof: To prove the correctness of HARS is equivaent of proving Equation (3) is correct Based on properties of biinear maps, the correctness of this equation can be proved as foows: e(σ i,w i ) e(σ s,w s ) e(σ i,w i ) e( ( i s ) 1 xs β ψ( i s wai i ),g xs 2 ) i s i s e(g ai 1,gxi 2 ) β e( ψ( i s gxiai 2 ),g 2) e(g aixi 1 β e( i s g aixi,g 2) e( g aixi 1 1 i s β e( a i s g g ix i aixi 1 1 e(β i s

5 WANG et a: ORUTA: PRIVACY-PRESERVING PUBLIC AUDITING FOR SHARED DATA IN THE CLOUD 5 Now we prove that HARS is abe to resistance to forgery We foow the security mode and the game defined in BGLS [5] In the game, an adversary is given a the d users pubic key (pk 1,, pk d ) (w 1,,w d ), and is given access to the hash orace and the ringsigning orace The goa of the adversary is to output a vaid ring signature on a pair of bock/identifier (id, m), where this pair of bock/identifier (id,m) has never been presented to the ring-signing orace If the adversary achieves this goa, then it wins the game Theorem 2: Suppose A is a (t,ǫ )-agorithm that can generate a forgery of a ring signature on a group of users of size d Then there exists a (t,ǫ)-agorithm that can sove the co-cdh probem witht 2t +2c G1 (q H +dq s +q s +d)+2c G2 d and ǫ (ǫ /(e+eq s )) 2, where A issues at most q H hash queries and at most q s ring-signing queries,e im qs (1+ 1/q s ) qs, exponentiation and inversion on G 1 take time c G1, and exponentiation and inversion on G 2 take time c G2 Proof: The co-cdh probem can be soved by soving two random instances of the foowing probem: Given g1 ab, g2 a (and g 1, compute g1 b We sha construct an agorithm B that soves this probem This probem is easy if a 0 In what foows, we assume a 0 Initiay, B randomy picks x 2,,x n from Z p and sets x 1 1 Then, it sets pk i w i (g2) a xi Agorithm A is given the pubic keys (pk 1,, pk d ) (w 1,,w d ) Without oss of generaity, we assume A can submit distinct queries, which means for every ring-signing query on a bock m and its identifier id, A has previousy issued a hash query on bock m and identifier id On a hash query, B fips a coin that shows 0 with probabiity p c and 1 otherwise, where p c wi be determined ater Then B randomy picks r Z p, if the coin shows 0, B returns (g1 ab ) r, otherwise it returns ψ(g2) a r Suppose A issues a ring sign query on a bock m and its identifier id By the assumption, a hash query has been issued on this pair of bock/identifier (m,id) If the coin B fipped for this hash query showed 0, then B fais and exits Otherwise B has returned H(id)g1 m ψ(g2) a r for some r In this case, B chooses random a 2,,a d Z p, computes a 1 r (a 2 x a d x d ), and returns the signature σ (g a1 1,,ga d 1 ) Eventuay A outputs a forgery σ (σ 1,,σ d ) on bock m and identifier id Again by the assumption, a hash query has been issued on this pair of bock/identifier (m,id) If the coin fipped by B for this hash query did not show 0 then B fais Otherwise, H(id)g1 m g1 abr for some r chosen by B, and B can output g1 b by computing ( d σxi i ) 1/r Agorithm A cannot distinguish between B s simuation and rea ife If A successfuy forges a ring signature, then B can output g1 b The probabiity that B wi not fai is p qs c (1 p), which is maximized when p c q s /(q s + 1), then the bound of this probabiity is 1/(e (1+q s )), where e im qs (1+1/q s ) qs Agorithm B requires d exponentiations on G 2 in setup, one exponentiations on G 1 for each of A s hash queries, d + 1 exponentiations on G 1 for each of A s signature queries, and d exponentiations on G 1 in the output phase, so the running time of B is the running time of A pus c G1 (q H +dq s +q s +d)+c G2 d Because the co-cdh probem can be soved by soving two random instances of agorithm B Therefore, if A is a (t,ǫ )-agorithm that can generate a forgery of ring signature on a group of users of size d, then there exists a (t, ǫ)-agorithm that can sove the co-cdh probem with t 2t + 2c G1 (q H + dq s + q s + d) + 2c G2 d and ǫ (ǫ /(e+eq s )) 2 Theorem 3: For an adversary, it is computationa infeasibe to forge a ring signature under HARS Proof: As we aready proved in Theorem 2, if an adversary can forge a ring signature, then we can find a (t,ǫ)-agorithm to sove the co-cdh probem in G 1 and G 2, which contradicts to the fact that the co-cdh probem in G 1 and G 2 is hard Therefore, for an adversary, it is computationa infeasibe to forge a ring signature under HARS Then, based on Theorem 1 and 3, we show that HARS is a homomorphic authenticabe ring signature scheme Theorem 4: HARS is a homomorphic authenticabe ring signature scheme Proof: To prove HARS is a homomorphic authenticabe ring signature scheme, we first prove that HARS is abe to support bockess verification, which we defined in Section 3 Then we show HARS is aso non-maeabe Given a the d users pubic keys (pk 1,, pk d ) (w 1,,w d ), two identifiers id 1 and id 2, two ring signaturesσ 1 (σ 1,1,,σ 1,d ) andσ 2 (σ 2,1,,σ 2,d ), and two random vaues y 1, y 2 Z p, a verifier is abe to check the correctness of a combined bock m y 1 m 1 +y 2 m 2 Z p without knowing bock m 1 and m 2 by verifying: e(h 1 (id 1 ) y1 H 1 (id 2 ) y2 g m 1? e(σ y1 1,i σy2 2,i,w i) Based on Theorem 1, the correctness of the above equation can be proved as: e(h 1 (id 1 ) y1 H 1 (id 2 ) y2 g1 m e(h 1 (id 1 ) y1 g y1m1 1 e(h 1 (id 2 ) y2 g y2m2 1 e(β 1 y1 e(β 2 y2 e(σ 1,i,w i ) y1 e(σ 2,i,w i ) y2 e(σ y1 1,i σy2 2,i,w i) If the combined bock m is correct, the verifier aso beieves that bock m 1 and m 2 are both correct Therefore, HARS is abe to support bockess verification Meanwhie, an adversary, who does not have any user s private key, cannot generate a vaid ring signature σ on an invaid bock m by ineary combining σ 1 and σ 2 with y 1 and y 2 Because if an eement σ i in σ is computed as σ i σy1 1,i σy2 2,i, the whoe ring signature σ (σ 1,,σ d ) cannot pass Equation (3) in RingVerify

6 6 IEEE TRANSACTIONS ON XXXXXX, VOL X, NO X, XXXX 201X More specificay, if bock m 1 and m 2 are signed by the same user, for exampe, useru s, thenσ s can be computed as σ s σ y1 1,s σy2 2,s ( β y1 1 βy2 2 i s wy1a1,i 1,i w y2a2,i 2,i ) 1/xs For a i s, σ i σy1 1,i σy2 2,i g(y1a1,i+y2a2,i) 1, where a 1,i and a 2,i are random vaues When ring signature σ (σ 1,,σ d ) is verified with the invaid bock m using Equation (3): e(σ i,w i ) e(β y1 1 βy2 2,g 2) e(β, which means it aways fais to pass the verification Because β y1 1 βy2 2 H(id 1 ) y1 H(id 2 ) y2 g1 m is not equa to β H(id )g1 m If bock m 1 and m 2 are signed by different users, for exampe, user u s and user u t, then σ s and σ t can be presented as ( ) 1/xs σ s g y2a2,s 1, σ t g y1a1,t 1 β y1 1 i s wy1a1,i i ( β y2 2 i t wy2a2,i i ) 1/xt For a i s and i t, σ i σy1 1,i σy2 2,i g(y1a1,i+y2a2,i) 1, where a 1,i and a 2,i are random vaues When ring signature σ (σ 1,,σ d ) is verified with the invaid bock m using Equation (3): e(σ i,w i ) e(β y1 1 βy2 2,g 2) e(β, which means it aways fais to pass the verification Therefore, an adversary cannot output vaid ring signatures on invaid bocks by ineary combining existing signatures, which indicates that HARS is non-maeabe Because HARS is not ony bockess verifiabe and but aso non-maeabe, it is a homomorphic authenticabe signature scheme Now, foowing the theorem in [5], we show that a verifier cannot distinguish the identity of the signer among a group of users under HARS Theorem 5: For any agorithm A, any group U with d users, and a random user u s U, the probabiity Pr[A(σ) u s ] is at most 1/d under HARS, where σ is a ring signature generated with user u s s private key sk s Proof: For any h G 1, and any s, 1 s d, the distribution {g a1 1,,ga d R 1 : a i Zp for i s, a s chosen such that d gai 1 h} is identica to the distribution {g a1 1,,ga d d 1 : gai 1 h} Therefore, given σ (σ 1,,σ d ), the probabiity agorithm A distinguishes σ s, which indicates the identity of the signer, is at most 1/d Detais of the proof about identity privacy can be found in [5] 5 PRIVACY-PRESERVING PUBLIC AUDITING FOR SHARED DATA IN THE CLOUD 51 Overview Using HARS and its properties we estabished in the previous section, we now construct Oruta, our privacypreserving pubic auditing mechanism for shared data in the coud With Oruta, the TPA can verify the integrity of shared data for a group of users without retrieving the entire data Meanwhie, the identity of the signer on each bock in shared data is kept private from the TPA during the auditing 52 Reduce Signature Storage Another important issue we shoud consider in the construction of Oruta is the size of storage used for ring signatures According to the generation of ring signatures in HARS, a bock m is an eement of Z p and its ring signature contains d eements of G 1, where G 1 is a cycic group with order p It means a p -bit bock requires a d p -bit ring signature, which forces users to spend a huge amount of space on storing ring signatures It is very frustrating for users, because coud service providers, such as Amazon, wi charge users based on the storage space they used To reduce the storage for ring signatures and sti aow the TPA to audit shared data efficienty, we expoit an aggregated approach from [6] Specificay, we aggregate a bock m j (m j,1,,m j,k ) Z k p in shared data as k ηm j, instead of computing g m 1 in Equation (1), where η 1,,η k are random vaues of G 1 With the aggregation, the ength of a ring signature is ony d/k of the ength of a bock Simiar methods to reduce the storage space of signatures can aso be found in [7] Generay, to obtain a smaer size of a ring signature than the size of a bock, we choose k > d As a trade-off, the communication cost wi be increasing with an increase of k 53 Support Dynamic Operations To enabe each user in the group to easiy modify data in the coud and share the atest version of data with the rest of the group, Oruta shoud aso support dynamic operations on shared data An dynamic operation incudes an insert, deete or update operation on a singe bock However, since the computation of a ring signature incudes an identifier of a bock (as presented in HARS), traditiona methods, which ony use the index of a bock as its identifier, are not suitabe for supporting dynamic operations on shared data The reason is that, when a user modifies a singe bock in shared data by performing an insert or deete operation, the indices of bocks that after the modified bock are a changed (as shown in Figure 3 and 4), and the changes of these indices require users to re-compute the signatures of these bocks, even though the content of these bocks are not modified

7 WANG et a: ORUTA: PRIVACY-PRESERVING PUBLIC AUDITING FOR SHARED DATA IN THE CLOUD 7 Index Bock 1 m 1 2 m 2 3 m 3 n m n Insert Index Bock 1 m 1 2 m 2 3 m 2 4 m 3 n+1 m n Index Bock V R 1 m 1 δ r 1 2 m 2 2δ r 2 3 m 3 3δ r 3 n m n nδ r n Insert Index Bock V R 1 m 1 δ r 1 2 m 2 3δ/2 r 2 3 m 2 2δ r 2 4 m 3 3δ r 3 n+1 m n nδ r n Fig 3 After inserting bock m 2, a the indices after bock m 2 are changed Fig 5 Insert bock m 2 into shared data using an index hash tabe as identifiers Index Bock 1 m 1 2 m 2 3 m 3 4 m 4 n m n Deete Index Bock 1 m 1 2 m 3 3 m 4 n 1 Fig 4 After deeting bock m 2, a the indices after bock m 1 are changed By utiizing index hash tabes [7], our mechanism can aow a user to efficienty perform a dynamic operation on a singe bock, and avoid this type of re-computation on other bocks Different from [7], in our mechanism, an identifier from the index hash tabe is described as id j {v j,r j }, where v j is the virtua index of bock m j, and r j is a random generated by a coision-resistance hash function H 2 : {0,1} Z q with r j H 2 (m j v j ) Here, q is a much smaer prime than p The coision-resistance of H 2 ensures that each bock has a unique identifier The virtua indices are abe to ensure that a the bocks in shared data are in the right order For exampe, if v i < v j, then bock m i is ahead of bock m j in shared data When shared data is created by the origina user, the initia virtua index of bock m j is computed as v j j δ, where δ is a system parameter decided by the origina user If a new bock m j is inserted, the virtua index of this new bock m j is v j (v j 1 + v j )/2 Ceary, if bock m j and bock m j+1 are both originay created by the origina user, the maxima number of inserted bocks that is aowed between bock m j and bock m j+1 is δ The origina user can estimate and choose a proper vaue of δ based on the origina size of shared data, the number of users in the group, the subject of content in shared data and so on, Generay, we beieve δ 10,000 or 100,000 is good enough for the maxima insert bocks between two bocks, which are originay created by the origina user Exampes of different dynamic operations on shared data with index hash tabes are described in Figure 5 and 6 54 Construction of Oruta Now, we present the detais of our pubic auditing mechanism, Oruta It incudes five agorithms: KeyGen, SigGen, Modify, ProofGen and ProofVerify In Key- Gen, users generate their own pubic/private key pairs m n Index Bock V R 1 m 1 δ r 1 2 m 2 2δ r 2 3 m 3 3δ r 3 4 m 4 4δ r 4 5 m 5 5δ r 5 n m n nδ r n Update Deete Index Bock V R 1 m 1 δ r 1 2 m 2 2δ r 2 3 m 4 4δ r 4 4 m 5 5δ r 5 n 1 m n nδ r n Fig 6 Update bock m 1 and deete bock m 3 in shared data using an index hash tabe as identifiers In SigGen, a user (either the origina user or a group user) is abe to compute ring signatures on bocks in shared data Each user in the group is abe to perform an insert, deete or update operation on a bock, and compute the new ring signature on this new bock in Modify ProofGen is operated by the TPA and the coud server together to generate a proof of possession of shared data In ProofVerify, the TPA verifies the proof and sends an auditing report to the user Note that the group is pre-defined before shared data is created in the coud and the membership of the group is not changed during data sharing Before the origina user outsources shared data to the coud, she decides a the group members, and computes a the initia ring signatures of a the bocks in shared data with her private key and a the group members pubic keys After shared data is stored in the coud, when a group member modifies a bock in shared data, this group member aso needs to compute a new ring signature on the modified bock Scheme Detais Let G 1, G 2 and G T be mutipicative cycic groups of order p, g 1 and g 2 be generators of groups G 1, G 2, respectivey Let e : G 1 G 2 G T be a biinear map, and ψ : G 2 G 1 be a computabe isomorphism with ψ(g 2 ) g 1 There are three hash functions H 1 : {0,1} G 1, H 2 : {0,1} Z q and h : G 1 Z p The goba parameters are (e,ψ,p,q,g 1,G 2,G T,g 1,g 2,H 1,H 2,h) The tota number of users in the group is d Let U denote the group that incudes a the d users Shared datam is divided intonbocks, and each bock m j is further divided into k eements in Z p Therefore,

8 8 IEEE TRANSACTIONS ON XXXXXX, VOL X, NO X, XXXX 201X shared data M can be described as a n k matrix: m 1 m 1,1 m 1,k M Zp n k m n m n,1 m n,k KeyGen For user u i in the group U, she randomy picks x i Z p and computes w i g xi 2 The user u i s pubic key is pk i w i and her private key is sk i x i The origina user aso randomy generates a pubic aggregate key pak (η 1,,η k ), where η are random eements of G 1 SigGen Given a the d group members pubic keys (pk 1,, pk d ) (w 1,,w d ), a bock m j (m j,1,,m j,k ), its identifier id j, a private key sk s for some s, user u s computes the ring signature of this bock as foows: 1) She first aggregates bock m j with the pubic aggregate key pak, and computes β j H 1 (id j ) η m j, G 1 (4) 2) After computing β j, user u s randomy chooses a j,i Z p and sets σ j,i g aj,i 1, for a i s Then she cacuates ( ) 1/xs β j σ j,s ψ( G 1 (5) i s waj,i i ) The ring signature of bock m j is σ j (σ j,1,,σ j,d ) G d 1 Modify A user in the group modifies the j-th bock in shared data by performing one of the foowing three operations: Insert This user inserts a new bock m j into shared data She computes the new identifier of the inserted bock m j as id j {v j,r j } The virtua index v j (v j 1 + v j )/2, and r j H 2(m j v j ) For the rest of bocks, the identifiers of these bocks are not changed (as expained in Figure 5) This user outputs the new ring signature σ j of the inserted bock m j with SigGen, and upoads {m j,id j,σ j } to the coud server The tota number of bocks in shared data increases to n+1 Deete This user deetes bock m j, its identifier id j and ring signature σ j from the coud server The identifiers of other bocks in shared data are remain the same The tota number of bocks in shared data decreases to n 1 Update This user updates the j-th bock in shared data with a new bock m j The virtua index of this bock is remain the same, and r j is computed as r j H 2(m j v j) The new identifier of this updated bock is id j {v j,r j } The identifiers of other bocks in shared data are not changed This user outputs the new ring signature σ j of this new bock with SigGen, and upoads {m j,id j,σ j } to the coud server The tota number of bocks in shared data is sti n ProofGen To audit the integrity of shared data, a user first sends an auditing request to the TPA After receiving an auditing request, the TPA generates an auditing message [2] as foows: 1) The TPA randomy picks a c-eement subset J of set [1,n] to ocate the c seected bocks that wi be checked in this auditing process, where n is tota number of bocks in shared data 2) For j J, the TPA generates a random vaue y j Z q Then, the TPA sends an auditing message {(j,y j )} j J to the coud server (as iustrated in Fig 7) Third Party Auditor {(j,y j )} j J Coud Server Fig 7 The TPA sends an auditing message to the coud server After receiving an auditing message {(j,y j )} j J, the coud server generates a proof of possession of seected bocks with the pubic aggregate key pak More specificay: 1) The coud server chooses a random eement r Z q, and cacuates λ η r G 1, for [1,k] 2) To hide the inear combination of seected bocks using random masking, the coud server computes µ j J y jm j, +r h(λ ) Z p, for [1,k] 3) The coud server aggregates signatures as φ i, for i [1,d] j J σyj j,i After the computation, the coud server sends an auditing proof {λ,µ,φ,{id j } j J } to the TPA, where λ (λ 1,,λ k ), µ (µ 1,,µ k ) and φ (φ 1,,φ d ) (as shown in Fig 8) Third Party Auditor {λ,µ,φ,{id j } j J } Coud Server Fig 8 The coud server sends an auditing proof to the TPA ProofVerify With an auditing proof {λ,µ,φ,{id j } j J }, an auditing message {(j,y j )} j J, pubic aggregate key pak (η 1,,η k ), and a the group members pubic keys (pk 1,, pk d ) (w 1,,w d ), the TPA verifies the correctness of this proof by checking the foowing

9 WANG et a: ORUTA: PRIVACY-PRESERVING PUBLIC AUDITING FOR SHARED DATA IN THE CLOUD 9 equation:? e( j J H 1 (id j ) yj η µ ( ) e(φ i,w i ) e( λ h(λ ) (6) If the above equation hods, then the TPA beieves that the bocks in shared data are a correct, and sends a positive auditing report to the user Otherwise, it sends a negative one Discussion Based on the properties of biinear maps, we can further improve the efficiency of verification by computingd+2 pairing operations in verification instead of computing d + 3 pairing operations with Equation (6) Specificay, Equation (6) can aso be described as e( j J H 1 (id j ) yj η µ ( λ h(λ ) ) 1? e(φ i,w i ) In the construction of Oruta, we everage random masking [3] to support identity privacy If a user wants to protect the content of private data in the coud, this user can aso encrypt data before outsourcing it into the coud server with encryption techniques, such as attribute-based encryption (ABE) [8], [12] With samping strategies [2], the TPA can detect any corrupted bock in shared data with a high probabiity by ony choosing a subset of a bocks in each auditing task Previous work [2] has aready proved that, if the tota number of bocks in shared data is n 1,000,000 and 1% of a the bocks are ost or removed, the TPA can detect these corrupted bocks with a probabiity greater than 99% by choosing 460 random bocks 55 Security Anaysis of Oruta Now, we discuss security properties of Oruta, incuding its correctness, unforgeabiity, identity privacy and data privacy Theorem 6: During an auditing task, the TPA is abe to correcty audit the integrity of shared data under Oruta Proof: To prove the correctness of Oruta is equivaent of proving Equation (6) is correct Based on properties of biinear maps and Theorem 1, the right-hand side (RHS) (7) of Equation (6) can be expanded as foows: RHS e( σ yj j,i,w i) e( λ h(λ ) j J e(σ yj j,i,w i)) e( η r h(λ ) ( j J j J( e(σ j,i,w i ) yj ) e( η r h(λ ) j J e( j J(H 1 (id j ) e(β j yj e( η r h(λ ) e( j J H 1 (id j ) yj e( j J H 1 (id j ) yj e( j J H 1 (id j ) yj η m j, ) yj e( j J η m j,y j η r h(λ ) η r h(λ ) j J η m j,y j+r h(λ ) η µ Theorem 7: For an untrusted coud, it is computationa infeasibe to generate an invaid auditing proof that can pass the verification under Oruta Proof: As proved in Theorem??, for an untrusted coud, if co-cdh probem in G 1 and G 2 is hard, it is computationa infeasibe to compute a vaid ring signature on an invaid bock under HARS In Oruta, besides generating vaid ring signatures on arbitrary bocks, if the untrusted coud can win Game 1, it can generate an invaid auditing proof for corrupted shared data, and successfuy pass the verification We define Game 1 as foows: Game 1: The TPA sends an auditing message {j,y j } j J to the coud, the correct auditing proof shoud be {λ,µ,φ,{id j } j J }, which can pass the verification with Equation (6) The untrusted coud generates an invaid proof as{λ,µ,φ,{id j } j J }, whereµ (µ 1,,µ k ) Define µ µ µ for 1 k, and at east one eement of { µ } 1 k is nonzero If this invaid proof sti pass the verification, then the untrusted coud wins Otherwise, it fais Now, we prove that, if the untrusted coud can win Game 1, we can find a soution to the Discrete Logarithm probem, which contradicts to the fact We first assume the untrusted coud can win Game 1 Then, according to Equation (6), we have e( j J H 1 (id j ) yj η µ ( e(φ i,w i ))e( λ h(λ )

10 10 IEEE TRANSACTIONS ON XXXXXX, VOL X, NO X, XXXX 201X Because{λ,µ,φ,{id j } j J } is a correct auditing proof, we aso have e( j J H 1 (id j ) yj Then, we can earn that η µ η µ ( η µ, e(φ i,w i ))e( η µ 1 λ h(λ ) For two eements g, h G 1, there exists x Z p that g h x because G 1 is a cycic group Without oss of generaity, given g, h G 1, each η is abe to randomy and correcty generated by computing η g ξ h γ G 1, where ξ and γ are random vaues of Z p Then, we have 1 η µ (g ξ h γ ) µ g k ξ µ h k γ µ Ceary, we can find a soution to the discrete ogarithm probem More specificay, given g, h x G 1, we can compute k ξ µ k γ h g µ g x uness the denominator is zero However, as we defined in Game 1, at east one eement of{ µ } 1 k is nonzero, and γ is random eement of Z p, therefore, the denominator is zero with probabiity of 1/p, which is negigibe It means, if the untrusted coud wins Game 1, we can find a soution to the Discrete Logarithm probem with a probabiity of 1 1/p, which contradicts the fact that the Discrete Logarithm probem is hard in G 1 Therefore, for an untrusted coud, it is computationa infeasibe to win Game 1 and generate an invaid proof, which can pass the verification Now, we show that the TPA is abe to audit the integrity of shared data, but the identity of the signer on each bock in shared data is not discosed to the TPA Theorem 8: During an auditing task, the probabiity for the TPA to distinguish the identities of a the signers on the c seected bocks in shared data is at most 1/d c Proof: With Theorem 5, we have, for any agorithm A, the probabiity to revea the signer on one bock in shared data is 1/d Because the c seected bocks in an auditing task are signed independenty, the tota probabiity that the TPA can distinguish a the signers identities on the c seected bocks in shared data is at most 1/d c Let us reconsider the exampe in Sec 1 With Oruta, the TPA knows each bock in shared data is either signed by Aice or Bob, because it needs both users pubic keys to verify the correctness of shared data However, it cannot distinguish who is the signer on a singe bock (as shown in Fig 9) Therefore, this third party cannot obtain private and sensitive information, such as who signs the most bocks in shared data or which bock is frequenty modified by different group members Auditing Task 1 Auditing Task 2 Auditing Task 3 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 8th 8th 8th a bock signed by a user in the group Fig 9 Aice and Bob share a fie in the coud, and the TPA audit the integrity of shared data with Oruta Foowing a simiar theorem in [3], we show that our scheme is aso abe to support data privacy Theorem 9: Given an auditing proof {λ,µ,φ,{id j } jj }, it is computationa infeasibe for the TPA to revea any private data in shared data under Oruta Proof: If the combined eement j J y jm j,, which is a inear combination of eements in bocks, is directy sent to the TPA, the TPA can earn the content of data by soving inear equations after coecting a sufficient number of inear combinations To preserve private data from the TPA, the combined eement is computed with random masking as µ j J y jm j, +r h(λ ) In order to sti sove inear equations, the TPA must know the vaue of r Z p However, given η G 1 λ η r G 1, computing r is as hard as soving the Discrete Logarithm probem in G 1, which is computationa infeasibe Therefore, give λ and µ, the TPA cannot directy obtain any inear combination of eements in bocks, and cannot further revea any private data in shared data M by soving inear equations 56 Batch Auditing With the usage of pubic auditing in the coud, the TPA may receive amount of auditing requests from different users in a very short time Unfortunatey, aowing the TPA to verify the integrity of shared data for these users in severa separate auditing tasks woud be very inefficient Therefore, with the properties of biinear maps, we further extend Oruta to support batch auditing, which can improve the efficiency of verification on mutipe auditing tasks More concretey, we assume there are B auditing tasks need to be operated, the shared data in a theb auditing tasks are denoted as M 1,,M B and the number of users sharing data M b is described as d b, where 1 b B To efficienty audit these shared data for different users in a singe auditing task, the TPA sends an auditing message as {(j,y j )} j J to the coud server After receiving the auditing message, the coud server generates an auditing proof {λ b,µ b,φ b,{id b,j } j J } for each shared data M b as we presented in ProofGen, where 1 b B, 1 k, TPA

11 WANG et a: ORUTA: PRIVACY-PRESERVING PUBLIC AUDITING FOR SHARED DATA IN THE CLOUD 11 1 i d b and λ b, η r b, b, µ b, j J y jm b,j, +r b, h(λ b, ) φ b,i j J σyj b,j,i Here id b,j is described as id b,j {f b,v j,r j }, where f b is the identifier of shared data M b, eg the name of shared data M b Ceary, if two bocks are in the same shared data, these two bocks have the same identifier of shared data As before, when a user modifies a singe bock in shared data M b, the identifiers of other bocks in shared data M b are not changed After the computation, the coud server sends a the B auditing proofs together to the TPA Finay, the TPA verifies the correctness of these B proofs simutaneousy by checking the foowing equation with a the B b1 d b users pubic keys:? B e( H(id b,j ) yj j J b1 b1 η µ b, b, b1 ( B ) d b B e(φ b,i,w b,i ) e( λ h(λ b,) b,, (8) where pk b,i w b,i If the above verification equation hods, then the TPA beieves that the integrity of a the B shared data is correct Otherwise, there is at east one shared data is corrupted Based on the correctness of Equation (6), the correctness of batch auditing can be presented as foows: ) ( B d b e(φ b,i,w b,i ) b1 d b b1 ( d b B e( b1 ( B ) B e(φ b,i,w b,i ) e( B b1 b1 ( e(φ b,i,w b,i )) e( B b1e( H(id b,j ) yj j J B e( H(id b,j ) yj j J b1 λ h(λ b,) b, λ h(λ b,) b, λ h(λ b,) b, η µ b, b, η µ b, b, If a the B auditing requests on B shared data are from the same group, the TPA can further improve the efficiency of batch auditing by verifying? B e( H(id b,j ) yj j J b1 b1 η µ b, b, b1 ( ) B B e( φ b,i,w i ) e( λ h(λ b,) b, (9) Note that batch auditing wi fai if at east one incorrect auditing proof exists in a the B auditing ) proofs To aow most of auditing proofs to sti pass the verification when there is ony a sma number of incorrect auditing proofs, we can utiize binary search [3] during batch auditing More specificay, once the batch auditing of the B auditing proofs fais, the TPA divides the set of a the B auditing proofs into two subsets, which contains B/2 auditing proofs in each subset, and re-checks the correctness of auditing proofs in each subset using batch auditing If the verification resut of one subset is correct, then a the auditing proofs in this subset are a correct Otherwise, this subset is further divided into two sub-subsets, and the TPA rechecks the correctness of auditing proofs in the each sub-subsets with batch auditing unti a the incorrect auditing proofs are found Ceary, when the number of incorrect auditing proofs increases, the efficiency of batch auditing wi be reduced Experimenta resuts in Section 6 shows that, when ess than 12% of auditing proofs among a the B auditing proofs are incorrect, batching auditing is sti more efficient than verifying these auditing proofs one by one 6 PERFORMANCE In this section, we first anaysis the computation and communication costs of Oruta, and then evauate the performance of Oruta in experiments 61 Computation Cost The main cryptographic operations used in Oruta incude mutipications, exponentiations, pairing and hashing operations For simpicity, we omit additions in the foowing discussion, because they are much easier to be computed than the four types of operations mentioned above During auditing, the TPA first generates some random vaues to construct the auditing message, which ony introduces a sma cost in computation Then, after receiving the auditing message, the coud server needs to compute a proof {λ,µ,φ,{id j } j J } The computation cost of cacuating a proof is about (k +dc)exp G1 +dcmu G1 + ckmu Zp + khash Zp, where Exp G1 denotes the cost of computing one exponentiation in G 1, Mu G1 denotes the cost of computing one mutipication in G 1, Mu Zp and Hash Zp respectivey denote the cost of computing one mutipcation and one hashing operation in Z p To check the correctness of the proof {λ,µ,φ,{id j } j J }, the TPA verifies it based on Equation (6) The tota cost of verifying the proof is (2k + c)exp G1 + (2k + c)mu G1 + dmu GT +chash G1 +(d+2)pair G1,G 2 We use Pair G1,G 2 to denote the cost of computing one pairing operation in G 1 and G 2 62 Communication Cost The communication cost of Oruta is mainy introduced by two factors: the auditing message and the auditing proof For each auditing message {j,y j } j J, the

12 12 IEEE TRANSACTIONS ON XXXXXX, VOL X, NO X, XXXX 201X Generation time (ms) k100 k d: the size of the group Fig 10 Impact of d on signature generation time (ms) Auditing time (s) c460 c k: the number of eements per bock Fig 13 Impact of k on auditing time (s), where d 10 Average auditing time (ms) Seperate Auditing Batch Auditing-D Batch Auditing-S B: the number of audting tasks Fig 16 Impact of B on the efficiency of batch auditing, where k 100 and d 10 Generation time (ms) d10 d k: the number of eements per bock Fig 11 Impact of k on signature generation time (ms) Communication cost (KB) c460 c d: the size of the group Fig 14 Impact of d on communication cost (KB), where k 100 Average auditing time (ms) Seperate Auditing Batch Auditing-S A: the number of incorrect proofs Fig 17 Impact of A on the efficiency of batch auditing, where B 128 Auditing time (s) c460 c d: the size of the group Fig 12 Impact of d on auditing time (s), where k 100 Communication cost (KB) c460 c k: the number of eements per bock Fig 15 Impact of k on communication cost (KB), where d 10 Average auditing time (ms) Seperate Auditing Batch Auditing-D A: the number of incorrect proofs Fig 18 Impact of A on the efficiency of batch auditing, where B 128 communication cost is c( q + n ) bits, where q is the ength of an eement of Z q and n is the ength of an index Each auditing {λ,µ,φ,{id j } j J } contains(k+d) eements of G 1, k eements of Z p and c eememts of Z q, therefore the communication cost of one auditing proof is (2k +d) p +c q bits 63 Experimenta Resuts We now evauate the efficiency of Oruta in experiments To impement these compex cryptographic operations that we mentioned before, we utiize the GNU Mutipe Precision Arithmetic (GMP) 2 ibrary and Pairing Based Cryptography (PBC) 3 ibrary A the foowing experiments are based on C and tested on a 226 GHz Linux system over 1, 000 times Because Oruta needs more exponentiations than pairing operations during the process of auditing, the eiptic curve we choose in our experiments is an MNT curve with a base fied size of 159 bits, which has a better performance than other curves on computing exponentiations We choose p 160 bits and q 80 bits We assume the tota number of bocks in shared data is n 1,000,000 and n 20 bits The size of shared data is 2 GB To keep the detection probabiity greater than 99%, we set the number of seected bocks in an auditing task as c 460 [2] If ony 300 bocks are seected, the detection probabiity is greater than 95% We aso assume the size of the group d [2,20] in the foowing experiments Certainy, if a arger group size is used, the tota computation cost wi increase due to the increasing number of exponentiations and pairing operations 631 Performance of Signature Generation According to Section 5, the generation time of a ring signature on a bock is determined by the number of users in the group and the number of eements in each

Certificateless Public Auditing for Data Integrity in the Cloud

Certificateless Public Auditing for Data Integrity in the Cloud Certificateess Pubic Auditing for Data Integrity in the Coud Boyang Wang,, Baochun Li, Hui Li and Fenghua Li, State Key Laboratory of Integrated Service Networks, Xidian University,Xi an,shaanxi,china

More information

Storing Shared Data on the Cloud via Security-Mediator

Storing Shared Data on the Cloud via Security-Mediator Storing Shared Data on the Coud via Security-Mediator Boyang Wang, Sherman S. M. Chow, Ming Li, and Hui Li State Key Laboratory of Integrated Service Networks, Xidian University, Xi an, China Department

More information

Secure Network Coding with a Cost Criterion

Secure Network Coding with a Cost Criterion Secure Network Coding with a Cost Criterion Jianong Tan, Murie Médard Laboratory for Information and Decision Systems Massachusetts Institute of Technoogy Cambridge, MA 0239, USA E-mai: {jianong, medard}@mit.edu

More information

Research Article Efficient Pairing-Free Privacy-Preserving Auditing Scheme for Cloud Storage in Distributed Sensor Networks

Research Article Efficient Pairing-Free Privacy-Preserving Auditing Scheme for Cloud Storage in Distributed Sensor Networks Internationa Journa of Distributed Sensor Networks Voume 2015, Artice ID 593759, 10 pages http://dx.doi.org/10.1155/2015/593759 Research Artice Efficient Pairing-Free Privacy-Preserving Auditing Scheme

More information

SECURE AND EFFICIENT PRIVACY-PRESERVING PUBLIC AUDITING SCHEME FOR CLOUD STORAGE

SECURE AND EFFICIENT PRIVACY-PRESERVING PUBLIC AUDITING SCHEME FOR CLOUD STORAGE International Journal of Computer Network and Security(IJCNS) Vol 7. No.1 2015 Pp. 1-8 gopalax Journals, Singapore available at : www.ijcns.com ISSN: 0975-8283 ----------------------------------------------------------------------------------------------------------------------------------------------------------

More information

A Similarity Search Scheme over Encrypted Cloud Images based on Secure Transformation

A Similarity Search Scheme over Encrypted Cloud Images based on Secure Transformation A Simiarity Search Scheme over Encrypted Coud Images based on Secure Transormation Zhihua Xia, Yi Zhu, Xingming Sun, and Jin Wang Jiangsu Engineering Center o Network Monitoring, Nanjing University o Inormation

More information

Australian Bureau of Statistics Management of Business Providers

Australian Bureau of Statistics Management of Business Providers Purpose Austraian Bureau of Statistics Management of Business Providers 1 The principa objective of the Austraian Bureau of Statistics (ABS) in respect of business providers is to impose the owest oad

More information

Fast Robust Hashing. ) [7] will be re-mapped (and therefore discarded), due to the load-balancing property of hashing.

Fast Robust Hashing. ) [7] will be re-mapped (and therefore discarded), due to the load-balancing property of hashing. Fast Robust Hashing Manue Urueña, David Larrabeiti and Pabo Serrano Universidad Caros III de Madrid E-89 Leganés (Madrid), Spain Emai: {muruenya,darra,pabo}@it.uc3m.es Abstract As statefu fow-aware services

More information

Teamwork. Abstract. 2.1 Overview

Teamwork. Abstract. 2.1 Overview 2 Teamwork Abstract This chapter presents one of the basic eements of software projects teamwork. It addresses how to buid teams in a way that promotes team members accountabiity and responsibiity, and

More information

Normalization of Database Tables. Functional Dependency. Examples of Functional Dependencies: So Now what is Normalization? Transitive Dependencies

Normalization of Database Tables. Functional Dependency. Examples of Functional Dependencies: So Now what is Normalization? Transitive Dependencies ISM 602 Dr. Hamid Nemati Objectives The idea Dependencies Attributes and Design Understand concepts normaization (Higher-Leve Norma Forms) Learn how to normaize tabes Understand normaization and database

More information

LT Codes-based Secure and Reliable Cloud Storage Service

LT Codes-based Secure and Reliable Cloud Storage Service 2012 Proceedings IEEE INFOCOM LT Codes-based Secure and Reiabe Coud Storage Service Ning Cao Shucheng Yu Zhenyu Yang Wenjing Lou Y. Thomas Hou Worcester Poytechnic Institute, Worcester, MA, USA University

More information

Finance 360 Problem Set #6 Solutions

Finance 360 Problem Set #6 Solutions Finance 360 Probem Set #6 Soutions 1) Suppose that you are the manager of an opera house. You have a constant margina cost of production equa to $50 (i.e. each additiona person in the theatre raises your

More information

Design and Analysis of a Hidden Peer-to-peer Backup Market

Design and Analysis of a Hidden Peer-to-peer Backup Market Design and Anaysis of a Hidden Peer-to-peer Backup Market Sven Seuken, Denis Chares, Max Chickering, Mary Czerwinski Kama Jain, David C. Parkes, Sidd Puri, and Desney Tan December, 2015 Abstract We present

More information

Chapter 3: e-business Integration Patterns

Chapter 3: e-business Integration Patterns Chapter 3: e-business Integration Patterns Page 1 of 9 Chapter 3: e-business Integration Patterns "Consistency is the ast refuge of the unimaginative." Oscar Wide In This Chapter What Are Integration Patterns?

More information

Early access to FAS payments for members in poor health

Early access to FAS payments for members in poor health Financia Assistance Scheme Eary access to FAS payments for members in poor heath Pension Protection Fund Protecting Peope s Futures The Financia Assistance Scheme is administered by the Pension Protection

More information

Virtual trunk simulation

Virtual trunk simulation Virtua trunk simuation Samui Aato * Laboratory of Teecommunications Technoogy Hesinki University of Technoogy Sivia Giordano Laboratoire de Reseaux de Communication Ecoe Poytechnique Federae de Lausanne

More information

Avaya Remote Feature Activation (RFA) User Guide

Avaya Remote Feature Activation (RFA) User Guide Avaya Remote Feature Activation (RFA) User Guide 03-300149 Issue 5.0 September 2007 2007 Avaya Inc. A Rights Reserved. Notice Whie reasonabe efforts were made to ensure that the information in this document

More information

PRIVACY-PRESERVING PUBLIC AUDITING FOR SECURE CLOUD STORAGE

PRIVACY-PRESERVING PUBLIC AUDITING FOR SECURE CLOUD STORAGE PRIVACY-PRESERVING PUBLIC AUDITING FOR SECURE CLOUD STORAGE Abstract: Using Cloud Storage, users can remotely store their data and enjoy the on-demand high quality applications and services from a shared

More information

Multi-Robot Task Scheduling

Multi-Robot Task Scheduling Proc of IEEE Internationa Conference on Robotics and Automation, Karsruhe, Germany, 013 Muti-Robot Tas Scheduing Yu Zhang and Lynne E Parer Abstract The scheduing probem has been studied extensivey in

More information

Sorting, Merge Sort and the Divide-and-Conquer Technique

Sorting, Merge Sort and the Divide-and-Conquer Technique Inf2B gorithms and Data Structures Note 7 Sorting, Merge Sort and the Divide-and-Conquer Technique This and a subsequent next ecture wi mainy be concerned with sorting agorithms. Sorting is an extremey

More information

Enabling Public Auditing for Secured Data Storage in Cloud Computing

Enabling Public Auditing for Secured Data Storage in Cloud Computing IOSR Journal of Engineering (IOSRJEN) e-issn: 2250-3021, p-issn: 2278-8719 Vol. 3, Issue 5 (May. 2013), V3 PP 01-05 Enabling Public Auditing for Secured Data Storage in Cloud Computing 1 Er.Amandeep Kaur,

More information

A New Statistical Approach to Network Anomaly Detection

A New Statistical Approach to Network Anomaly Detection A New Statistica Approach to Network Anomay Detection Christian Caegari, Sandrine Vaton 2, and Michee Pagano Dept of Information Engineering, University of Pisa, ITALY E-mai: {christiancaegari,mpagano}@ietunipiit

More information

Betting Strategies, Market Selection, and the Wisdom of Crowds

Betting Strategies, Market Selection, and the Wisdom of Crowds Betting Strategies, Market Seection, and the Wisdom of Crowds Wiemien Kets Northwestern University w-kets@keogg.northwestern.edu David M. Pennock Microsoft Research New York City dpennock@microsoft.com

More information

Insertion and deletion correcting DNA barcodes based on watermarks

Insertion and deletion correcting DNA barcodes based on watermarks Kracht and Schober BMC Bioinformatics (2015) 16:50 DOI 10.1186/s12859-015-0482-7 METHODOLOGY ARTICLE Open Access Insertion and deetion correcting DNA barcodes based on watermarks David Kracht * and Steffen

More information

Pay-on-delivery investing

Pay-on-delivery investing Pay-on-deivery investing EVOLVE INVESTment range 1 EVOLVE INVESTMENT RANGE EVOLVE INVESTMENT RANGE 2 Picture a word where you ony pay a company once they have deivered Imagine striking oi first, before

More information

The Radix-4 and the Class of Radix-2 s FFTs

The Radix-4 and the Class of Radix-2 s FFTs Chapter 11 The Radix- and the Cass of Radix- s FFTs The divide-and-conuer paradigm introduced in Chapter 3 is not restricted to dividing a probem into two subprobems. In fact, as expained in Section. and

More information

Market Design & Analysis for a P2P Backup System

Market Design & Analysis for a P2P Backup System Market Design & Anaysis for a P2P Backup System Sven Seuken Schoo of Engineering & Appied Sciences Harvard University, Cambridge, MA seuken@eecs.harvard.edu Denis Chares, Max Chickering, Sidd Puri Microsoft

More information

ELECTRONIC FUND TRANSFERS YOUR RIGHTS AND RESPONSIBILITIES. l l

ELECTRONIC FUND TRANSFERS YOUR RIGHTS AND RESPONSIBILITIES. l l ELECTRONIC FUND TRANSFERS YOUR RIGHTS AND RESPONSIBILITIES The Eectronic Fund Transfers we are capabe of handing for consumers are indicated beow some of which may not appy your account Some of these may

More information

Artificial neural networks and deep learning

Artificial neural networks and deep learning February 20, 2015 1 Introduction Artificia Neura Networks (ANNs) are a set of statistica modeing toos originay inspired by studies of bioogica neura networks in animas, for exampe the brain and the centra

More information

Chapter 2 Traditional Software Development

Chapter 2 Traditional Software Development Chapter 2 Traditiona Software Deveopment 2.1 History of Project Management Large projects from the past must aready have had some sort of project management, such the Pyramid of Giza or Pyramid of Cheops,

More information

Business schools are the academic setting where. The current crisis has highlighted the need to redefine the role of senior managers in organizations.

Business schools are the academic setting where. The current crisis has highlighted the need to redefine the role of senior managers in organizations. c r o s os r oi a d s REDISCOVERING THE ROLE OF BUSINESS SCHOOLS The current crisis has highighted the need to redefine the roe of senior managers in organizations. JORDI CANALS Professor and Dean, IESE

More information

Keywords: - Ring Signature, Homomorphic Authenticable Ring Signature (HARS), Privacy Preserving, Public Auditing, Cloud Computing.

Keywords: - Ring Signature, Homomorphic Authenticable Ring Signature (HARS), Privacy Preserving, Public Auditing, Cloud Computing. Survey on Privacy Preserving Public Auditing Techniques for Shared Data in the Cloud Kedar Jayesh Rasal 1, Dr. S.V.Gumaste 2, Sandip A. Kahate 3 Computer Engineering, Pune University, SPCOE, Otur, Pune,

More information

Traffic classification-based spam filter

Traffic classification-based spam filter Traffic cassification-based spam fiter Ni Zhang 1,2, Yu Jiang 3, Binxing Fang 1, Xueqi Cheng 1, Li Guo 1 1 Software Division, Institute of Computing Technoogy, Chinese Academy of Sciences, 100080, Beijing,

More information

DOING BUSINESS WITH THE REGION OF PEEL A GUIDE FOR NEW AND CURRENT VENDORS

DOING BUSINESS WITH THE REGION OF PEEL A GUIDE FOR NEW AND CURRENT VENDORS DOING BUSINESS WITH THE REGION OF PEEL A GUIDE FOR NEW AND CURRENT VENDORS TABLE OF CONTENTS INTRODUCTION... 1 GOVERNANCE... 1 COMMONLY PURCHASED GOODS AND SERVICES... 1 HOW TO REGISTER YOUR COMPANY...

More information

Oracle Project Financial Planning. User's Guide Release 11.1.2.2

Oracle Project Financial Planning. User's Guide Release 11.1.2.2 Orace Project Financia Panning User's Guide Reease 11.1.2.2 Project Financia Panning User's Guide, 11.1.2.2 Copyright 2012, Orace and/or its affiiates. A rights reserved. Authors: EPM Information Deveopment

More information

Learning from evaluations Processes and instruments used by GIZ as a learning organisation and their contribution to interorganisational learning

Learning from evaluations Processes and instruments used by GIZ as a learning organisation and their contribution to interorganisational learning Monitoring and Evauation Unit Learning from evauations Processes and instruments used by GIZ as a earning organisation and their contribution to interorganisationa earning Contents 1.3Learning from evauations

More information

Advanced ColdFusion 4.0 Application Development - 3 - Server Clustering Using Bright Tiger

Advanced ColdFusion 4.0 Application Development - 3 - Server Clustering Using Bright Tiger Advanced CodFusion 4.0 Appication Deveopment - CH 3 - Server Custering Using Bri.. Page 1 of 7 [Figures are not incuded in this sampe chapter] Advanced CodFusion 4.0 Appication Deveopment - 3 - Server

More information

WHITE PAPER BEsT PRAcTIcEs: PusHIng ExcEl BEyond ITs limits WITH InfoRmATIon optimization

WHITE PAPER BEsT PRAcTIcEs: PusHIng ExcEl BEyond ITs limits WITH InfoRmATIon optimization Best Practices: Pushing Exce Beyond Its Limits with Information Optimization WHITE Best Practices: Pushing Exce Beyond Its Limits with Information Optimization Executive Overview Microsoft Exce is the

More information

With the arrival of Java 2 Micro Edition (J2ME) and its industry

With the arrival of Java 2 Micro Edition (J2ME) and its industry Knowedge-based Autonomous Agents for Pervasive Computing Using AgentLight Fernando L. Koch and John-Jues C. Meyer Utrecht University Project AgentLight is a mutiagent system-buiding framework targeting

More information

eg Enterprise vs. a Big 4 Monitoring Soution: Comparing Tota Cost of Ownership Restricted Rights Legend The information contained in this document is confidentia and subject to change without notice. No

More information

ELECTRONIC FUND TRANSFERS YOUR RIGHTS AND RESPONSIBILITIES. l l

ELECTRONIC FUND TRANSFERS YOUR RIGHTS AND RESPONSIBILITIES. l l ELECTRONIC FUND TRANSFERS YOUR RIGHTS AND RESPONSIBILITIES The Eectronic Fund Transfers we are capabe of handing for consumers are indicated beow some of which may not appy your account Some of these may

More information

READING A CREDIT REPORT

READING A CREDIT REPORT Name Date CHAPTER 6 STUDENT ACTIVITY SHEET READING A CREDIT REPORT Review the sampe credit report. Then search for a sampe credit report onine, print it off, and answer the questions beow. This activity

More information

A Description of the California Partnership for Long-Term Care Prepared by the California Department of Health Care Services

A Description of the California Partnership for Long-Term Care Prepared by the California Department of Health Care Services 2012 Before You Buy A Description of the Caifornia Partnership for Long-Term Care Prepared by the Caifornia Department of Heath Care Services Page 1 of 13 Ony ong-term care insurance poicies bearing any

More information

Maintenance activities planning and grouping for complex structure systems

Maintenance activities planning and grouping for complex structure systems Maintenance activities panning and grouping for compex structure systems Hai Canh u, Phuc Do an, Anne Barros, Christophe Berenguer To cite this version: Hai Canh u, Phuc Do an, Anne Barros, Christophe

More information

Art of Java Web Development By Neal Ford 624 pages US$44.95 Manning Publications, 2004 ISBN: 1-932394-06-0

Art of Java Web Development By Neal Ford 624 pages US$44.95 Manning Publications, 2004 ISBN: 1-932394-06-0 IEEE DISTRIBUTED SYSTEMS ONLINE 1541-4922 2005 Pubished by the IEEE Computer Society Vo. 6, No. 5; May 2005 Editor: Marcin Paprzycki, http://www.cs.okstate.edu/%7emarcin/ Book Reviews: Java Toos and Frameworks

More information

Pricing Internet Services With Multiple Providers

Pricing Internet Services With Multiple Providers Pricing Internet Services With Mutipe Providers Linhai He and Jean Warand Dept. of Eectrica Engineering and Computer Science University of Caifornia at Berkeey Berkeey, CA 94709 inhai, wr@eecs.berkeey.edu

More information

Chapter 2 TSAS: Third-Party Storage Auditing Service

Chapter 2 TSAS: Third-Party Storage Auditing Service Chapter 2 TSAS: Third-Party Storage Auditing Service Abstract In cloud storage systems, data owners host their data on cloud servers and users (data consumers) can access the data from cloud servers Due

More information

ELEVATING YOUR GAME FROM TRADE SPEND TO TRADE INVESTMENT

ELEVATING YOUR GAME FROM TRADE SPEND TO TRADE INVESTMENT Initiatives Strategic Mapping Success in The Food System: Discover. Anayze. Strategize. Impement. Measure. ELEVATING YOUR GAME FROM TRADE SPEND TO TRADE INVESTMENT Foodservice manufacturers aocate, in

More information

Lecture 7 Datalink Ethernet, Home. Datalink Layer Architectures

Lecture 7 Datalink Ethernet, Home. Datalink Layer Architectures Lecture 7 Dataink Ethernet, Home Peter Steenkiste Schoo of Computer Science Department of Eectrica and Computer Engineering Carnegie Meon University 15-441 Networking, Spring 2004 http://www.cs.cmu.edu/~prs/15-441

More information

Load Balancing in Distributed Web Server Systems with Partial Document Replication *

Load Balancing in Distributed Web Server Systems with Partial Document Replication * Load Baancing in Distributed Web Server Systems with Partia Document Repication * Ling Zhuo Cho-Li Wang Francis C. M. Lau Department of Computer Science and Information Systems The University of Hong Kong

More information

HYBRID FUZZY LOGIC PID CONTROLLER. Abstract

HYBRID FUZZY LOGIC PID CONTROLLER. Abstract HYBRID FUZZY LOGIC PID CONTROLLER Thomas Brehm and Kudip S. Rattan Department of Eectrica Engineering Wright State University Dayton, OH 45435 Abstract This paper investigates two fuzzy ogic PID controers

More information

Lexmark ESF Applications Guide

Lexmark ESF Applications Guide Lexmark ESF Appications Guide Hep your customers bring out the fu potentia of their Lexmark soutions-enabed singe-function and mutifunction printers Lexmark Appications have been designed to hep businesses

More information

ELECTRONIC FUND TRANSFERS YOUR RIGHTS AND RESPONSIBILITIES

ELECTRONIC FUND TRANSFERS YOUR RIGHTS AND RESPONSIBILITIES About ELECTRONIC FUND TRANSFERS YOUR RIGHTS AND RESPONSIBILITIES The Eectronic Fund Transfers we are capabe of handing for consumers are indicated beow, some of which may not appy your account. Some of

More information

WEBSITE ACCOUNT USER GUIDE SECURITY, PASSWORD & CONTACTS

WEBSITE ACCOUNT USER GUIDE SECURITY, PASSWORD & CONTACTS WEBSITE ACCOUNT USER GUIDE SECURITY, PASSWORD & CONTACTS Password Reset Process Navigate to the og in screen Seect the Forgot Password ink You wi be asked to enter the emai address you registered with

More information

Pricing and Revenue Sharing Strategies for Internet Service Providers

Pricing and Revenue Sharing Strategies for Internet Service Providers Pricing and Revenue Sharing Strategies for Internet Service Providers Linhai He and Jean Warand Department of Eectrica Engineering and Computer Sciences University of Caifornia at Berkeey {inhai,wr}@eecs.berkeey.edu

More information

DEGREES OF ORDERS ON TORSION-FREE ABELIAN GROUPS

DEGREES OF ORDERS ON TORSION-FREE ABELIAN GROUPS 1 DEGREES OF ORDERS ON TORSION-FREE ABELIAN GROUPS 2 ASHER M. KACH, KAREN LANGE, AND REED SOLOMON Abstract. We show that if H is an effectivey competey decomposabe computabe torsion-free abeian group,

More information

ELECTRONIC FUND TRANSFERS YOUR RIGHTS AND RESPONSIBILITIES. l l. l l. l l. l l

ELECTRONIC FUND TRANSFERS YOUR RIGHTS AND RESPONSIBILITIES. l l. l l. l l. l l ELECTRONIC FUND TRANSFERS YOUR RIGHTS AND RESPONSIBILITIES The Eectronic Fund Transfers we are capabe of handing for consumers are indicated beow some of which may not appy your account Some of these may

More information

Design Considerations

Design Considerations Chapter 2: Basic Virtua Private Network Depoyment Page 1 of 12 Chapter 2: Basic Virtua Private Network Depoyment Before discussing the features of Windows 2000 tunneing technoogy, it is important to estabish

More information

Life Contingencies Study Note for CAS Exam S. Tom Struppeck

Life Contingencies Study Note for CAS Exam S. Tom Struppeck Life Contingencies Study Note for CAS Eam S Tom Struppeck (Revised 9/19/2015) Introduction Life contingencies is a term used to describe surviva modes for human ives and resuting cash fows that start or

More information

ELECTRONIC FUND TRANSFERS YOUR RIGHTS AND RESPONSIBILITIES. l l l. l l

ELECTRONIC FUND TRANSFERS YOUR RIGHTS AND RESPONSIBILITIES. l l l. l l ELECTRONIC FUND TRANSFERS YOUR RIGHTS AND RESPONSIBILITIES The Eectronic Fund Transfers we are capabe of handing for consumers are indicated beow, some of which may not appy your account Some of these

More information

DEGREES OF ORDERS ON TORSION-FREE ABELIAN GROUPS

DEGREES OF ORDERS ON TORSION-FREE ABELIAN GROUPS DEGREES OF ORDERS ON TORSION-FREE ABELIAN GROUPS ASHER M. KACH, KAREN LANGE, AND REED SOLOMON Abstract. We show that if H is an effectivey competey decomposabe computabe torsion-free abeian group, then

More information

Online Security. Savings

Online Security. Savings Onine Security Savings What is onine security? This booket is designed to make you aware of some of the atest threats that exist when managing your money onine so you can protect your money in the same

More information

ELECTRONIC FUND TRANSFERS. l l l. l l. l l l. l l l

ELECTRONIC FUND TRANSFERS. l l l. l l. l l l. l l l Program Organization = Number "1060" = Type "123342" = "ETM2LAZCD" For = "502859" "TCCUS" "" Name "WK Number = Name "First "1001" = "1" Eectronic = "1001" = Financia "Jane Funds Doe" Northwest Xfer PG1

More information

ELECTRONIC FUND TRANSFERS YOUR RIGHTS AND RESPONSIBILITIES

ELECTRONIC FUND TRANSFERS YOUR RIGHTS AND RESPONSIBILITIES ELECTRONIC FUND TRANSFERS YOUR RIGHTS AND RESPONSIBILITIES The Eectronic Fund Transfers we are capabe of handing for consumers are indicated beow, some of which may not appy your account Some of these

More information

WIRELESS Mesh Networks (WMNs) have recently attracted

WIRELESS Mesh Networks (WMNs) have recently attracted 3968 IEEE TRANSACTIONS ON WIRELESS COMMUNICATIONS, VOL. 2, NO. 8, AUGUST 23 A New MPLS-Based Forwarding Paradigm for Muti-Radio Wireess Mesh Networks Stefano Avaone and Giovanni Di Stasi Abstract Routing

More information

Simultaneous Routing and Power Allocation in CDMA Wireless Data Networks

Simultaneous Routing and Power Allocation in CDMA Wireless Data Networks Simutaneous Routing and Power Aocation in CDMA Wireess Data Networks Mikae Johansson *,LinXiao and Stephen Boyd * Department of Signas, Sensors and Systems Roya Institute of Technoogy, SE 00 Stockhom,

More information

Business Banking. A guide for franchises

Business Banking. A guide for franchises Business Banking A guide for franchises Hep with your franchise business, right on your doorstep A true understanding of the needs of your business: that s what makes RBS the right choice for financia

More information

CONTRIBUTION OF INTERNAL AUDITING IN THE VALUE OF A NURSING UNIT WITHIN THREE YEARS

CONTRIBUTION OF INTERNAL AUDITING IN THE VALUE OF A NURSING UNIT WITHIN THREE YEARS Dehi Business Review X Vo. 4, No. 2, Juy - December 2003 CONTRIBUTION OF INTERNAL AUDITING IN THE VALUE OF A NURSING UNIT WITHIN THREE YEARS John N.. Var arvatsouakis atsouakis DURING the present time,

More information

Internal Control. Guidance for Directors on the Combined Code

Internal Control. Guidance for Directors on the Combined Code Interna Contro Guidance for Directors on the Combined Code ISBN 1 84152 010 1 Pubished by The Institute of Chartered Accountants in Engand & Waes Chartered Accountants Ha PO Box 433 Moorgate Pace London

More information

SNMP Reference Guide for Avaya Communication Manager

SNMP Reference Guide for Avaya Communication Manager SNMP Reference Guide for Avaya Communication Manager 03-602013 Issue 1.0 Feburary 2007 2006 Avaya Inc. A Rights Reserved. Notice Whie reasonabe efforts were made to ensure that the information in this

More information

Leakage detection in water pipe networks using a Bayesian probabilistic framework

Leakage detection in water pipe networks using a Bayesian probabilistic framework Probabiistic Engineering Mechanics 18 (2003) 315 327 www.esevier.com/ocate/probengmech Leakage detection in water pipe networks using a Bayesian probabiistic framework Z. Pouakis, D. Vaougeorgis, C. Papadimitriou*

More information

Chapter 1 Structural Mechanics

Chapter 1 Structural Mechanics Chapter Structura echanics Introduction There are many different types of structures a around us. Each structure has a specific purpose or function. Some structures are simpe, whie others are compex; however

More information

Computing the depth of an arrangement of axis-aligned rectangles in parallel

Computing the depth of an arrangement of axis-aligned rectangles in parallel Computing the depth of an arrangement of axis-aigned rectanges in parae Hemut At Ludmia Scharf Abstract We consider the probem of computing the depth of the arrangement of n axis-aigned rectanges in the

More information

Take me to your leader! Online Optimization of Distributed Storage Configurations

Take me to your leader! Online Optimization of Distributed Storage Configurations Take me to your eader! Onine Optimization of Distributed Storage Configurations Artyom Sharov Aexander Shraer Arif Merchant Murray Stokey sharov@cs.technion.ac.i, {shraex, aamerchant, mstokey}@googe.com

More information

AA Fixed Rate ISA Savings

AA Fixed Rate ISA Savings AA Fixed Rate ISA Savings For the road ahead The Financia Services Authority is the independent financia services reguator. It requires us to give you this important information to hep you to decide whether

More information

Betting on the Real Line

Betting on the Real Line Betting on the Rea Line Xi Gao 1, Yiing Chen 1,, and David M. Pennock 2 1 Harvard University, {xagao,yiing}@eecs.harvard.edu 2 Yahoo! Research, pennockd@yahoo-inc.com Abstract. We study the probem of designing

More information

Network/Communicational Vulnerability

Network/Communicational Vulnerability Automated teer machines (ATMs) are a part of most of our ives. The major appea of these machines is convenience The ATM environment is changing and that change has serious ramifications for the security

More information

ELECTRONIC FUND TRANSFERS YOUR RIGHTS AND RESPONSIBILITIES. l l. l l

ELECTRONIC FUND TRANSFERS YOUR RIGHTS AND RESPONSIBILITIES. l l. l l ELECTRONIC FUND TRANSFERS YOUR RIGHTS AND RESPONSIBILITIES The Eectronic Fund Transfers we are capabe of handing for consumers are indicated beow some of which may not appy your account Some of these may

More information

INDUSTRIAL AND COMMERCIAL

INDUSTRIAL AND COMMERCIAL Finance TM NEW YORK CITY DEPARTMENT OF FINANCE TAX & PARKING PROGRAM OPERATIONS DIVISION INDUSTRIAL AND COMMERCIAL ABATEMENT PROGRAM PRELIMINARY APPLICATION AND INSTRUCTIONS Mai to: NYC Department of Finance,

More information

preliminary experiment conducted on Amazon EC2 instance further demonstrates the fast performance of the design.

preliminary experiment conducted on Amazon EC2 instance further demonstrates the fast performance of the design. Privacy-Preserving Public Auditing For Secure Cloud Storage ABSTRACT: Using cloud storage, users can remotely store their data and enjoy the on-demand high-quality applications and services from a shared

More information

arxiv:1506.05851v1 [cs.ai] 18 Jun 2015

arxiv:1506.05851v1 [cs.ai] 18 Jun 2015 Smart Pacing for Effective Onine Ad Campaign Optimization Jian Xu, Kuang-chih Lee, Wentong Li, Hang Qi, and Quan Lu Yahoo Inc. 7 First Avenue, Sunnyvae, Caifornia 9489 {xuian,kcee,wentong,hangqi,qu}@yahoo-inc.com

More information

FRAME BASED TEXTURE CLASSIFICATION BY CONSIDERING VARIOUS SPATIAL NEIGHBORHOODS. Karl Skretting and John Håkon Husøy

FRAME BASED TEXTURE CLASSIFICATION BY CONSIDERING VARIOUS SPATIAL NEIGHBORHOODS. Karl Skretting and John Håkon Husøy FRAME BASED TEXTURE CLASSIFICATION BY CONSIDERING VARIOUS SPATIAL NEIGHBORHOODS Kar Skretting and John Håkon Husøy University of Stavanger, Department of Eectrica and Computer Engineering N-4036 Stavanger,

More information

Ricoh Healthcare. Process Optimized. Healthcare Simplified.

Ricoh Healthcare. Process Optimized. Healthcare Simplified. Ricoh Heathcare Process Optimized. Heathcare Simpified. Rather than a destination that concudes with the eimination of a paper, the Paperess Maturity Roadmap is a continuous journey to strategicay remove

More information

NCH Software FlexiServer

NCH Software FlexiServer NCH Software FexiServer This user guide has been created for use with FexiServer Version 1.xx NCH Software Technica Support If you have difficuties using FexiServer pease read the appicabe topic before

More information

CUSTOM. Putting Your Benefits to Work. COMMUNICATIONS. Employee Communications Benefits Administration Benefits Outsourcing

CUSTOM. Putting Your Benefits to Work. COMMUNICATIONS. Employee Communications Benefits Administration Benefits Outsourcing CUSTOM COMMUNICATIONS Putting Your Benefits to Work. Empoyee Communications Benefits Administration Benefits Outsourcing Recruiting and retaining top taent is a major chaenge facing HR departments today.

More information

Remote Data Auditing Scheme in Secured Cloud Storage Environment

Remote Data Auditing Scheme in Secured Cloud Storage Environment Remote Data Auditing Scheme in Secured Cloud Storage Environment Sangeetha.T 1,Saranya.M 2 PG Scholar 1, Assistant Professor 2 Nandha College of Technology, Erode, India sangee9110@gmail.com 1,saranyamcse88@gmail.com

More information

GWPD 4 Measuring water levels by use of an electric tape

GWPD 4 Measuring water levels by use of an electric tape GWPD 4 Measuring water eves by use of an eectric tape VERSION: 2010.1 PURPOSE: To measure the depth to the water surface beow and-surface datum using the eectric tape method. Materias and Instruments 1.

More information

TERM INSURANCE CALCULATION ILLUSTRATED. This is the U.S. Social Security Life Table, based on year 2007.

TERM INSURANCE CALCULATION ILLUSTRATED. This is the U.S. Social Security Life Table, based on year 2007. This is the U.S. Socia Security Life Tabe, based on year 2007. This is avaiabe at http://www.ssa.gov/oact/stats/tabe4c6.htm. The ife eperiences of maes and femaes are different, and we usuay do separate

More information

Face Hallucination and Recognition

Face Hallucination and Recognition Face Haucination and Recognition Xiaogang Wang and Xiaoou Tang Department of Information Engineering, The Chinese University of Hong Kong {xgwang1, xtang}@ie.cuhk.edu.hk http://mmab.ie.cuhk.edu.hk Abstract.

More information

GREEN: An Active Queue Management Algorithm for a Self Managed Internet

GREEN: An Active Queue Management Algorithm for a Self Managed Internet : An Active Queue Management Agorithm for a Sef Managed Internet Bartek Wydrowski and Moshe Zukerman ARC Specia Research Centre for Utra-Broadband Information Networks, EEE Department, The University of

More information

NCH Software BroadCam Video Streaming Server

NCH Software BroadCam Video Streaming Server NCH Software BroadCam Video Streaming Server This user guide has been created for use with BroadCam Video Streaming Server Version 2.xx NCH Software Technica Support If you have difficuties using BroadCam

More information

The Comparison and Selection of Programming Languages for High Energy Physics Applications

The Comparison and Selection of Programming Languages for High Energy Physics Applications The Comparison and Seection of Programming Languages for High Energy Physics Appications TN-91-6 June 1991 (TN) Bebo White Stanford Linear Acceerator Center P.O. Box 4349, Bin 97 Stanford, Caifornia 94309

More information

Introduction to XSL. Max Froumentin - W3C

Introduction to XSL. Max Froumentin - W3C Introduction to XSL Max Froumentin - W3C Introduction to XSL XML Documents Stying XML Documents XSL Exampe I: Hamet Exampe II: Mixed Writing Modes Exampe III: database Other Exampes How do they do that?

More information

This paper considers an inventory system with an assembly structure. In addition to uncertain customer

This paper considers an inventory system with an assembly structure. In addition to uncertain customer MANAGEMENT SCIENCE Vo. 51, No. 8, August 2005, pp. 1250 1265 issn 0025-1909 eissn 1526-5501 05 5108 1250 informs doi 10.1287/mnsc.1050.0394 2005 INFORMS Inventory Management for an Assemby System wh Product

More information

Introduction the pressure for efficiency the Estates opportunity

Introduction the pressure for efficiency the Estates opportunity Heathy Savings? A study of the proportion of NHS Trusts with an in-house Buidings Repair and Maintenance workforce, and a discussion of eary experiences of Suppies efficiency initiatives Management Summary

More information

ELECTRONIC FUND TRANSFERS YOUR RIGHTS AND RESPONSIBILITIES. l l l

ELECTRONIC FUND TRANSFERS YOUR RIGHTS AND RESPONSIBILITIES. l l l ELECTRONIC FUND TRANSFERS YOUR RIGHTS AND RESPONSIBILITIES The Eectronic Fund Transfers we are capabe of handing for consumers are indicated beow, some of which may not appy your account Some of these

More information

Order-to-Cash Processes

Order-to-Cash Processes TMI170 ING info pat 2:Info pat.qxt 01/12/2008 09:25 Page 1 Section Two: Order-to-Cash Processes Gregory Cronie, Head Saes, Payments and Cash Management, ING O rder-to-cash and purchase-topay processes

More information

l l ll l l Exploding the Myths about DETC Accreditation A Primer for Students

l l ll l l Exploding the Myths about DETC Accreditation A Primer for Students Expoding the Myths about DETC Accreditation A Primer for Students Distance Education and Training Counci Expoding the Myths about DETC Accreditation: A Primer for Students Prospective distance education

More information

Hedge Fund Capital Accounts and Revaluations: Are They Section 704(b) Compliant?

Hedge Fund Capital Accounts and Revaluations: Are They Section 704(b) Compliant? o EDITED BY ROGER F. PILLOW, LL.M. PARTNERSHIPS, S CORPORATIONS & LLCs Hedge Fund Capita Accounts and Revauations: Are They Section 704(b) Compiant? THOMAS GRAY Hedge funds treated as partnerships for

More information

A Latent Variable Pairwise Classification Model of a Clustering Ensemble

A Latent Variable Pairwise Classification Model of a Clustering Ensemble A atent Variabe Pairwise Cassification Mode of a Custering Ensembe Vadimir Berikov Soboev Institute of mathematics, Novosibirsk State University, Russia berikov@math.nsc.ru http://www.math.nsc.ru Abstract.

More information