DiSAuth: A DNS-based secure authorization framework for protecting data decoupled from applications
文献类型:期刊论文
| 作者 | Li, Ying1,2; Wei, Jiuqi1,2; Fei, Ziyu1,2; Fu, Yufan1,2; Lee, Xiaodong1 |
| 刊名 | COMPUTER NETWORKS
 |
| 出版日期 | 2024-12-01 |
| 卷号 | 254页码:18 |
| 关键词 | Authorization Data security and privacy DNS Blockchain |
| ISSN号 | 1389-1286 |
| DOI | 10.1016/j.comnet.2024.110774 |
| 英文摘要 | Nowadays, centralized applications are called for returning data ownership to owners, due to their frequent data breaches. Decoupling data from applications is a popular way to give back owners' control over data. To control data only accessed by authorized parties, authorization is critical. When faced with the new and complex relationships between applications and data, traditional authorizations cannot meet ownership and usage protection needs, and security requirements. This paper proposes DiSAuth, a secure authorization framework based on Domain Name System (DNS) and blockchain, to provide tamper-resistant, verifiable, and privacy-preserving authorization to protect data which are decoupled from applications. Our novel tree-based data structure for authorization is backward compatible with DNS, which brings high utility. Besides, our design of a hybrid encryption schema and anonymous identities provides privacy-preserving authorization. To our knowledge, DiSAuth is the first authorization framework that utilizes a robust Internet infrastructure DNS as the basis and proposes a new Internet authorization protocol for protecting data decoupled from applications. Our evaluation demonstrates the utility of DiSAuth and shows the superior efficiency of DiSAuth in authorization verification. Compared to traditional blockchain-based solutions, our combination of DNS and blockchain achieves higher efficiency while ensuring security; especially, the read time is similar to 3 orders of magnitude better. |
| 资助项目 | Ministry of Industry and Information Technology of China[TC200A00S] ; Ministry of Industry and Information Technology of China[E051570] |
| WOS研究方向 | Computer Science ; Engineering ; Telecommunications |
| 语种 | 英语 |
| WOS记录号 | WOS:001316262500001 |
| 出版者 | ELSEVIER |
| 源URL | [http://119.78.100.204/handle/2XEOYT63/39589]  |
| 专题 | 中国科学院计算技术研究所期刊论文_英文 |
| 通讯作者 | Li, Ying; Lee, Xiaodong |
| 作者单位 | 1.Chinese Acad Sci, Inst Comp Technol, Lab Infrastruct, Beijing 100190, Peoples R China 2.Univ Chinese Acad Sci, Beijing 100049, Peoples R China |
| 推荐引用方式 GB/T 7714 | Li, Ying,Wei, Jiuqi,Fei, Ziyu,et al. DiSAuth: A DNS-based secure authorization framework for protecting data decoupled from applications[J]. COMPUTER NETWORKS,2024,254:18. |
| APA | Li, Ying,Wei, Jiuqi,Fei, Ziyu,Fu, Yufan,&Lee, Xiaodong.(2024).DiSAuth: A DNS-based secure authorization framework for protecting data decoupled from applications.COMPUTER NETWORKS,254,18. |
| MLA | Li, Ying,et al."DiSAuth: A DNS-based secure authorization framework for protecting data decoupled from applications".COMPUTER NETWORKS 254(2024):18. |
入库方式: OAI收割
来源:计算技术研究所
浏览0
下载0
收藏0
其他版本
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。