[Home ] [Archive]   [ فارسی ]  
:: Main :: About :: Current Issue :: Archive :: Search :: Submit :: Contact ::
Main Menu
Home::
Journal Information::
Articles archive::
For Authors::
For Reviewers::
Registration::
Site Facilities::
Indexing::
Contact us::
::
Search in website

Advanced Search
..
Receive site information
Enter your Email in the following box to receive the site news and information.
..
Print ISSN
Print ISSN: 2476-3047
..
:: Search published articles ::
Showing 15 results for Privacy

, , ,
Volume 3, Issue 1 (9-2014)
Abstract

  The Cloud computing is a low-cost high performance model of computing services in response to the needs of users of Information Technology. Current security and privacy challenges in cloud environment have led to distaste some users and organizations to apply cloud instead of traditional infrastructures. Although many prevention efforts and acts are performed in current network architectures, detection and tracing of the attacker is necessary after the event is occurred. But current architecture of cloud computing does not satisfy the cloud forensics needs. Therefore, in this field the cloud forensic investigation have many different challenges. Regarding the low cost and high performance services of cloud computing, for the sake of security issues it can never be ignored. So far several solutions have been proposed regardingcloud’s security issues based on dynamic and elastic nature of cloud computing and legal issues. The main goal of this survey is to classify and and explore the cloud forensics issues and challenges.


, , ,
Volume 4, Issue 2 (3-2016)
Abstract

With emerging of the Internet, the way we communicate with each other has fundamentally revolutionized. The second development wave of the Internet is not about people, but will be about smart connected devices. Although more than a decade passes from the proposing of "Internet of Things" concept, the deployment of this concept has been done slowly for various reasons such as lack of required technologies development and security challenges. We must spend more time to understand the security challenges and available solutions, when we speak about smarter environments and technologies such as IoT. In this paper, we attempt to analysis existent threats and vulnerabilities in the area of security and privacy of Internet of Things using a systematic approach, while presenting a survey of the solutions proposed in the literature. Finally, research opportunities of this area will be discussed.


Mr Saeid Rezaei, Mr Mohammad Ali Doostari, Mr Majid Bayat,
Volume 5, Issue 1 (9-2016)
Abstract

Cloud environment are known as a revolution in IT industry in the recent decade and many organizations have used this service for data processing and data storage. Despite of fast growing and numerous advantages, some organizations still do not use this service due to security problems and privacy issues related to storing sensitive data on the untrusted cloud servers. Access control management utilizing encryption techniques is one of the most common methods to solve these kinds of problems. Attribute based encryption is a new cryptographic model which uses descriptive attributes and access structures for managing access control. This article discusses the most recent methods of access control in cloud environment using attribute based encryption. We classify these protocols with respect of efficiently and security features. Finally, all the strengths and weaknesses points of reviewed articles are discussed and a comprehensive security and practical comparison is presented.


Mr. Mehdi Sadeghpour, Dr. Reza Ebrahimi Atani,
Volume 5, Issue 2 (3-2017)
Abstract

Data collection and storage has facilitated by the growth in electronic services, and has led to recording vast amounts of personal information in public and private organizations' databases. These records often include sensitive personal information (such as income and diseases) and must be covered from others access. But in some cases, mining the data and extraction of knowledge from these valuable sources, creates the need for sharing them with other organizations. This would bring security challenges in users' privacy. “Privacy preserving data publishing” is a solution to ensure secrecy of sensitive information in a data set, after publishing it in a hostile environment. This process aimed to hide sensitive information and keep published data suitable for knowledge discovery techniques. Grouping data set records is a broad approach to data anonymization. This technique prevents access to sensitive attributes of a specific record by eliminating the distinction between a number of data set ‌records. In this paper an overview of privacy preserving Data Publishing Techniques will be presented.


Shadi Azizi, Maede Ashouri-Talouki, Hamid Mala,
Volume 5, Issue 2 (3-2017)
Abstract

Location-based services (LBSs) provide appropriate information based on users’ locations. These services can be invoked by an individual user or a group of users. Using these services requires users to reveal their locations; thus, providing uses’ location privacy during the use of these services is an important issue. There are many works to protect users’ location privacy. In this paper, we have reviewed the related works to provide the location privacy for a group of users during the use of LBSs. We have classified them into two categories: the first category consists of the solutions that protect an individual user location privacy through group formation, while the second category contains the specific solutions to provide group location privacy. We have then analyzed and compared the performance and security properties of the related works, and have identified the open issues and future works in this field.


, ,
Volume 5, Issue 2 (3-2017)
Abstract

The Identity Management System (IDM) is a set of policies, rules, procedures, and systems that manage authentication, access control, and audit activity based on digital identity. In the Identity Management System, given the storage of user identity attributes in the identity provider, users will lose their physical and traditional control over their personal identity, and on the other hand, user attributes are subject to more attacks from The inside of the system and the external attackers. Therefore, to ensure user's privacy control is keeping awareness of the release of his / her  identity information, So providing security mechanisms in the area of privacy is essential. The current mechanisms have failed to satisfy users confidence in maintaining the security and privacy associated with their identity information. The designs presented in this area will increase user intervention and involvement during system interactions , and the user must act as an interface role. The Problems of the proposed designs, the high computational burden on a part of the system. In this article, the process of improving privacy control and user awareness for solving problems has been investigated.
Kamaleddin Ghezavati, Alireza Nowroozi,
Volume 6, Issue 2 (3-2018)
Abstract

Online social networks (OSNs) is one of the most popular medium for communicating, sharing, and publishing a considerable amount of information. OSN popularity often faces the challenge of dealing with unwanted messages and hidden malicious purposes in it. Based on recent studies, social network users can easily expose their confidential details with others. Misuse of this information can cause damage in virtual and real world. In this paper, main categories attacks are given on social network online security and privacy in four categories classic, modern, hybrid and children special attacks and ways that can be used to protect against different types of attacks used OSN users is the social network operators, security companies, and researchers are provided. Finally, eight ways to prevent these threats is presented.
 


Mr Mohammad Hossein Noorallahzadeh, Mr Ahmad Gholami, Mr Reza Alimoradi,
Volume 9, Issue 2 (2-2021)
Abstract

With the advent of cloud computing, data owners tend to submit their data to cloud servers and allow users to access data when needed. However, outsourcing sensitive data will lead to privacy issues. Encrypting data before outsourcing solves privacy issues, but in this case, we will lose the ability to search the data. Searchable encryption (SE) schemes have been proposed to achieve this feature of searching encrypted data without compromising privacy. This method will protect both the user's sensitive information and the ability to search for encrypted data. In this article, we review the various SE designs. In this review, we present the classification of SE designs: symmetric searchable encryption, public key searchable encryption, and search attribute-based encryption schemes, and then a detailed discussion of SE designs in terms of index structure. And provide search functionality. There is also a comparison of SE design analysis in terms of security, performance and security. In addition, we talked about the challenges, leading directions and applications of SE schemes.
Ali Samouti, Yaser Elmi Sola,
Volume 9, Issue 2 (2-2021)
Abstract

In recent decades, video surveillance systems have an increasing development that are used to prevent crime and manage facilities with rapid diffusion of  (CCTV)cameras to prevent crime and manage facilities. The video stored in the video surveillance system should be managed comfortably, but sometimes the movies are leaking out to unauthorized people or by unauthorized people, thus violating individual boundaries . CCTV cameras and video surveillance systems are needed today because of the increasing number of crimes, These cameras and video surveillance systems. but because of unsafe storage and data sharing methods, access to movies saved by unauthorized people is possible. The use of existing protocols and security techniques has already been defeated several times by the attackers. It requires an alternative system that should not only be highly secure but not changeable. Video stream generated by surveillance cameras play a crucial role in preventing crime in smart cities. CCTV cameras are necessary for a range of public applications in a smart city; they can become smart sensors that help ensure safety and safety. in this paper, we review the methods and articles presented in the context of blockchain application in visual surveillance systems and compare them.
Mahsa Rezaei, Sadegh Dorri Nogoorani ,
Volume 11, Issue 1 (9-2022)
Abstract

The development and use of electronic health records (EHR) have had remarkable impacts on human life, such as improvements in the quality of medical care, better research results, and enhancements in treatment methods. Despite these improvements, availability, security and privacy concerns have remained to be very important in this field. In this article, we propose a decentralized and distributed system for electronic health records management with the help of the blockchain technology and its potential benefits. In this system, patient information is stored in the cloud. Also, the real owner of the electronic records is the patient, and with the help of smart contracts and encryption, he/she controls how to access his/her health information. In the proposed solution, the problem of sharing and storing the patients’ keys has been solved with the help of smart contracts. In addition, we proposed solutions to special cases which are raised by transferring the control of the records to the patients such as permissions for underage patients, in emergency situations, and after the death of the patient. Comparison of the related works shows that the proposed system has solved the problems of competing systems while maintaining a high level of privacy.

Hadi Norouzi Cholcheh, Salman Niksefat,
Volume 12, Issue 2 (2-2024)
Abstract

Financial transactions in Bitcoin are stored in a distributed database called the block chain. All transactions are publicly available for all network nodes with the aim of transparency and the possibility of verifying the correctness. But this blockchain transparency feature, exploited by transaction analysis techniques, can lead to the violation of users’ privacy and the disclosure of their identities. Researchers have proposed various techniques such as transaction mixing or fair exchange with the aim of improving privacy in Bitcoin transactions. In this paper, we present a new mixing scheme that overcomes some of the weaknesses of previous schemes. Obviously, in the proposed scheme, users can mix different amounts of Bitcoin in each round of the protocol implementation, which leads to achieving the result in a shorter time and at a lower cost. Also, this scheme is more resistant to denial of service attacks by malicious users.
Dr Saeed Banaeian Far, Dr Maryam Rajabzadeh Asaar,
Volume 13, Issue 1 (8-2024)
Abstract

Data outsourcing to reliable centers for data maintenance, protection and accessibility is simple and low-cost and does not require physical infrastructure, hardware, software and human resources. However, real-world events and recent researches have shown that even reliable centers can abuse users' trust. For example, 1) make changes in the data they have, 2) delete them, or 3) make them temporarily/permanently unavailable. Data audit methods assure the data owners that the data recorded in the database is the same as the data sent by the user and reveals the changes made in it. But they only solve the first problem. In 2008, the introduction of a technology called blockchain, which had several attractive features such as transparency, immutability, and autonomy, caused the problems of many systems that needed the mentioned features to be solved. In this article, after reviewing and addressing several blockchain-based data auditing architectures and protocols, we review and analyze their general framework. Finally, we compare the reviewed works and specify some future horizons of this field.

Babak Siabi, Parvin Rastegari,
Volume 13, Issue 1 (8-2024)
Abstract

Due to the increasing amount of data collection and processing in today’s digital world, preserving individual and organizational privacy has become an undeniable necessity. In this regard, alongside the efforts of scientific and research centers to address privacy issues, several laws have been established in different countries. Among these, the General Data Protection Regulation (GDPR) at the European level is widely regarded by researchers as the most significant change in the field of privacy laws in recent decades and serves as a strong model for managing personal data. Based on this, in this article, to explore the multifaceted nature of privacy, we first review the history of privacy protection, then focus on the GDPR law. Some of the most important points and considerations regarding the nature and structure of this law, as well as the necessity and challenges of compliance with it, are presented. Additionally, the extensive measures outlined in this law for the implementation and enforcement of privacy protection mechanisms are discussed. Finally, by mapping the discussed content to the current state of privacy in Iran, some key points for the practical implementation of privacy laws in Iran are highlighted.

Fatemeh Gholami Sabzevar, Masoumeh Safkhani,
Volume 13, Issue 2 (12-2024)
Abstract

Privacy preservation in healthcare monitoring systems has always been a concern for both patients and doctors. To address this issue, many protocols have been designed. In this article, we examine the proposed scheme by Nasr Esfahani and colleagues, evaluating it from a security perspective. Their proposed scheme uses a three-layer hierarchical template chain to store and maintain critical medical information of patients in a centralized and secure manner. Additionally, by using Zero-Knowledge Proof (ZKP) and ring signature methods, they demonstrate that their scheme protects medical data against both internal and external attacks. According to potential scenarios, the Nasr Esfahani et al. protocol has shown good performance against many attacks, such as storage attacks and replay attacks, but it is vulnerable to integrity violation attacks. The success probability of the attacks presented in this article is one, and the complexity is only a single execution of the protocol.

Fatemeh Charlank Bakhtiari, Abbas Ghaemi Bafghi,
Volume 14, Issue 1 (9-2025)
Abstract

With the rapid development of digital technolo gies, the need for new solutions to protect privacy and data security has increased. One technology that has attracted much attention is blockchain, a distributed ledger known for its features like transparency, de centralization, and security, particularly regarding privacy. However, this technology can pose a threat to users’ privacy, especially concerning the origin, destination, and flow of cryptocurrency transactions. Therefore, anonymity in blockchain transactions and the protection of users’ privacy are key aspects of this technology. In this paper, we review the secu rity features of blockchain, which include integrity, transparency, traceability, honesty, anonymity, and immutability. Each feature plays a fundamental role in maintaining the security and integrity of blockchain-based systems. Also, the problems in pro tecting privacy in permissionless blockchains have been examined. For this purpose, a systematic re view of the existing articles and research in this field has been reviewed and categorized. A systematic literature review is an efficient research tool. It in cludes three main stages: planning, implementation, and reporting. In the planning phase, research ques tions are extracted and appropriate databases are selected for searching. In the implementation phase, data is extracted from various articles and publi cations, and in the reporting phase, the results are  presented in detail. Finally, this research method answers fundamental questions in various blockchain f ields, including privacy, anonymity, and threats. The four main research questions are: 1) What are the characteristics, advantages, and disadvantages of different types of blockchains? 2) What are the concepts of anonymity, pseudo-anonymity, privacy, and confidentiality, and how are privacy practices implemented? 3) What are the vulnerabilities and threats to privacy and anonymity? 4) What methods can address threats to privacy and anonymity? To carry out this research, a detailed plan was de veloped to search for and collect scientific articles and resources from reputable databases, including IEEE Xplore, ACM, ScienceDirect, Springer, and Google Scholar. The searches were conducted using keywords like ”blockchain,” ”privacy,” ”anonymity,” and ”se curity.” A review was conducted of articles published between 2018 and 2023. Based on the established in clusion and exclusion criteria, duplicate studies were eliminated, refining the final results. The initial stage of searching using the keyword ”Blockchain” in various databases identified numer ous articles from diverse fields such as the Internet of Things, healthcare, smart contracts, banking and f inance, and other fields. After reviewing the titles, keywords, and abstracts, it was determined that a sig nificant challenge in this field is ensuring the privacy and security of users’ identities in the blockchain. In the nextstage, thekeywords”Blockchain,””Privacy,” ”Anonymity,” and ”Security” were used to search and identify morearticles. The article filtering process was divided into three stages. In the first stage, the ini tial review of titles and keywords reduced the number  of articles from 1,233 to 947. In the second stage, af ter reviewing the abstracts, 404 relevant articles were identified. Finally, in the third stage, the full texts of the remaining articles were read, and the same num ber of articles was selected for more accurate infor mation extraction. The distribution of articles was analyzed in three ways: year of publication, source of publication, and topic. This survey indicates that the scientific com munity’s attention has fluctuated, increasing and then decreasing until 2019. IEEE and ScienceDirect have contributed the most to this topic, with 328 and 251 papers, respectively, while ACM has contributed the least. Figures 1, 2, and 3 demonstrate an increas ing use of blockchain technology across various fields, including cybersecurity, privacy, and anonymity. Answer to the first research question: Blockchains can be classified into three categories: public (permis sionless), private (permissioned), and consortium. Public chains like Bitcoin and Ethereum offer high transparency and decentralized security, enabling participation from everyone. The need for widespread consensus leads to decreased efficiency and increased energy consumption. In contrast, private chains allow access only to specific individuals or organizations and are suitable for corporate applications with high efficiency, faster processing, and greater control over data, but may lead to centralization and are vulner able to changes. Consortium chains blend elements of both public and private blockchains. They main tain a balance between transparency and privacy by being managed by a group of trusted organizations. Nonetheless, this management approach can compli cate processes because it necessitates coordination among the various network members. Answertothesecondresearchquestion:Anonymity, pseudo-anonymity, privacy, and confidentiality are key concepts in blockchain security. Anonymity refers to the concealment of users’ identities, while pseudo-anonymity refers to the use of pseudonymous addresses that still allow indirect identification of users. Privacy gives users control over their personal information and transactions, while confidentiality protects against unauthorized disclosure of that in formation. Although these concepts are related, they have distinct differences. Anonymity can improve user security but may also foster abuse, while privacy mainly focuses on the management of user data. To preserve privacy on the blockchain, methods such as one-time addresses (generating a new address for each transaction), group signatures (allowing an in dividual’s identity to remain hidden among a group of users), zero-knowledge proofs (which allow a claim to be verified without revealing information), and transaction mixers (which combine transaction data to prevent tracking) are used, each of which offers different levels of security and efficiency. The follow ing is a comparison of various privacy methods and their key features, including security level, efficiency, level of anonymity, and implementation challenges. Some methods, such as zero-knowledge proofs, are highly secure but computationally expensive, while methods such as one-time addresses are simpler but provide a lower level of anonymity. This table helps you decide which method is best for your needs. Answer to the third research question: Blockchain threats and vulnerabilities are categorized into nine main groups: application attacks, consensus attacks, cryptanalysis, double spending, identity privacy, net work attacks, smart contracts, mining attacks, and unclassified attacks, each of which threatens user se curity and privacy differently. Network attacks such as sibyl attacks, denial of service, and data inter ception are the most common threats that can ex pose user information and reduce network perfor mance. Consensus and cryptanalysis attacks can dis rupttransactionsecurityandputuserdataatrisk.On the other hand, double spending attacks and smart contract vulnerabilities (such as the DAO attack) mayleadtofinancialfraudandassettheft. Also, iden tity privacy attacks such as impersonation and wal let information leakage can reveal user identities. Ad dressing these threats necessitates the use of stronger cryptography, enhanced consensus mechanisms, and the application of privacy-preserving methods. Addi tionally, the focus of the scientific community high lights that network attacks are particularly critical due to their direct impact on the security and per formance of blockchain technology. To address the fourth research question, various security solutions have been evaluated to counter threats to the chain of custody, tailored to the specific type of attack. Self-organizing maps, access control layer encryption, and rigorous transaction validation are employed to combat application and consensus attacks. Network attacks and cryptanalysis can be mitigated through data encryption, traffic analysis, security protocols like BGPsec,andstrongdigitalsignatures. Toprevent double spending, techniques such as utilizing nonces in transactions and combining digital signatures are employed. Smart contracts are secured through dy namicrules, secure payment methods, and smart con tracts. Also, to prevent user identity extraction and general threats, techniques such as zero-knowledge proofs, zero-blocks, anonymity, and intrusion detec tion are implemented in the network, which plays an important role in maintaining user security and pri vacy. This study can be used as a research basis to identify open issues and create new research direc tions in the future. The statistical data presented in tables and graphs indicate the positive impact of  the blockchain on improving the performance of in formation systems and reducing costs. The findings of this study can guide the development of secure blockchain-based systems in the future and provide new directions for further research.

Page 1 from 1     

دوفصل نامه علمی  منادی امنیت فضای تولید و تبادل اطلاعات( افتا) Biannual Journal Monadi for Cyberspace Security (AFTA)
Persian site map - English site map - Created in 0.07 seconds with 41 queries by YEKTAWEB 4714