Person:
Liu, Ling

Associated Organization(s)
Organizational Unit
ORCID
ArchiveSpace Name Record

Publication Search Results

Now showing 1 - 10 of 46
Thumbnail Image
Item

Authentication of Freshness for OutsourcedMulti-Version Key-Value Stores

2014 , Tang, Yuzhe , Wang, Ting , Hu, Xin , Jang, Jiyong , Liu, Ling , Pietzuch, Peter

Data outsourcing offers cost-effective computing power to manage massive data streams and reliable access to data. For example, data owners can forward their data to clouds, and the clouds provide data mirroring, backup, and online access services to end users. However, outsourcing data to untrusted clouds requires data authentication and query integrity to remain in the control of the data owners and users. In this paper, we address this problem specifically for multiversion key-value data that is subject to continuous updates under the constraints of data integrity, data authenticity, and “freshness” (i.e., ensuring that the value returned for a key is the latest version).We detail this problem and propose INCBMTREE, a novel construct delivering freshness and authenticity. Compared to existing work, we provide a solution that offers (i) lightweight signing and verification on massive data update streams for data owners and users (e.g., allowing for small memory footprint and CPU usage on mobile user devices), (ii) integrity of both real-time and historic data, and (iii) support for both real-time and periodic data publication. Extensive benchmark evaluations demonstrate that INCBMTREE achieves more throughput (in an order of magnitude) for data stream authentication than existing work. For data owners and end users that have limited computing power, INCBM-TREE can be a practical solution to authenticate the freshness of outsourced data while reaping the benefits of broadly available cloud services.

Thumbnail Image
Item

CT-T: MedVault-ensuring security and privacy for electronic medical records

2011-08-31 , Blough, Douglas M. , Liu, Ling , Sainfort, Francois , Ahamad, Mustaque

Thumbnail Image
Item

GeoCast: An Efficient Overlay System for Multicast Applications

2009 , Liu, Ling , Pu, Calton , Wang, Yuehua , Zhang, Gong

In this paper, we present GeoCast, a geographical location aware overlay network framework designed for providing efficient group communication services. GeoCast can be seen as an extension to the CAN network in the term of topology management and routing protocol. Geocast design has three important properties that attractive to group communication applications. First, it uses geographical mapping of nodes to regions to take advantage of the similarity between physical and network proximity. Second, a shortcut enabled geo-distance routing protocol is employed in GeoCast, which is more resilient than Chord-like or Pastry-like overlay networks due to the availability of multiple independent routing paths. Third and most importantly, a novel routing table management scheme is designed to allow the applications based on that have ability to manage their maintenance overhead in terms of network resource constrains.

Thumbnail Image
Item

ITR/SI: Guarding the next internet frontier: countering denial of information

2008-12-19 , Ahamad, Mustaque , Omiecinski, Edward , Pu, Calton , Mark, Leo , Liu, Ling

Thumbnail Image
Item

Write-Optimized Indexing for Log-Structured Key-Value Stores

2014 , Tang, Yuzhe , Iyengar, Arun , Tan, Wei , Fong, Liana , Liu, Ling

The recent shift towards write-intensive workload on big data (e.g., financial trading, social user-generated data streams) has pushed the proliferation of the log-structured key-value stores, represented by Google’s BigTable, HBase and Cassandra; these systems optimize write performance by adopting a log-structured merge design. While providing key-based access methods based on a Put/Get interface, these key-value stores do not support value-based access methods, which significantly limits their applicability in many web and Internet applications, such as real-time search for all tweets or blogs containing “government shutdown”. In this paper, we present HINDEX, a write-optimized indexing scheme on the log-structured key-value stores. To index intensively updated big data in real time, the index maintenance is made lightweight by a design tailored to the unique characteristic of the underlying log-structured key-value stores. Concretely, HINDEX performs append-only index updates, which avoids the reading of historic data versions, an expensive operation in the log-structure store. To fix the potentially obsolete index entries, HINDEX proposes an offline index repair process through tight coupling with the routine compactions. HINDEX’s system design is generic to the Put/Get interface; we implemented a prototype of HINDEX based on HBase without internal code modification. Our experiments show that the HINDEX offers significant performance advantage for the write-intensive index maintenance.

Thumbnail Image
Item

Spatial Alarm Processing and Algorithms

2011 , Doo, Myungcheol , Liu, Ling

One of the most challenging problems in scaling spatial alarm processing is to compute alarm free regions (AFR) such that mobile objects traveling within an AFR can safely hibernate the alarm evaluation process until approaching the nearest alarm of interest. In this paper we argue that maintaining an index of both spatial alarms and empty regions (AFR in the context of spatial alarm processing) is critical for scalable processing of spatial alarms. Unfortunately, conventional spatial indexing methods, such as R-tree family, k-d tree, Quadtree, and Grid, are not well suited to index empty regions. We present Mondrian Tree - a region partitioning tree for indexing both spatial alarms and alarm free regions. We first introduce the Mondrian tree indexing algorithms, including index construction, search, and maintenance. Then we describe a suite of Mondrian tree optimizations to further enhance the performance of spatial alarm processing. Our experimental evaluation shows that the Mondrian tree index outperforms traditional index methods, such as R-tree, Grid, Quadtree, and k-d tree, for spatial alarm processing.

Thumbnail Image
Item

A Patient-centric, Attribute-based, Source-verifiable Framework for Health Record Sharing

2009 , Mohan, Apurva , Bauer, David , Blough, Douglas M. , Ahamad, Mustaque , Bamba, Bhuvan , Krishnan, Ramkumar , Liu, Ling , Mashima, Daisuke , Palanisamy, Balaji

The storage of health records in electronic format, and the wide-spread sharing of these records among different health care providers, have enormous potential benefits to the U.S. healthcare system. These benefits include both improving the quality of health care delivered to patients and reducing the costs of delivering that care. However, maintaining the security of electronic health record systems and the privacy of the information they contain is paramount to ensure that patients have confidence in the use of such systems. In this paper, we propose a framework for electronic health record sharing that is patient centric, i.e. it provides patients with substantial control over how their information is shared and with whom; provides for verifiability of original sources of health information and the integrity of the data; and permits fine-grained decisions about when data can be shared based on the use of attribute-based techniques for authorization and access control. We present the architecture of the framework, describe a prototype system we have built based on it, and demonstrate its use within a scenario involving emergency responders' access to health record information.

Thumbnail Image
Item

𝜖-PPI: Searching Information Networks with Quantitative Privacy Guarantee

2014 , Tang, Yuzhe , Liu, Ling , Iyengar, Arun

In information sharing networks, having a privacy preserving index (or PPI) is critically important for providing efficient search on access controlled content across distributed providers while preserving privacy. An understudied problem for PPI techniques is how to provide controllable privacy preservation, given the innate difference of privacy of the different content and providers. In this paper we present a configurable privacy preserving index, coined 𝜖-PPI, which allows for quantitative privacy protection levels on fine-grained data units. We devise a new common-identity attack that breaks existing PPI’s and propose an identity-mixing protocol against the attack in 𝜖-PPI. The proposed 𝜖-PPI construction protocol is the first without any trusted third party and/or trust relationship between providers. We have implemented our 𝜖-PPI construction protocol by using generic MPC techniques (secure multiparty computation) and optimized the performance to a practical level by minimizing the costly MPC computation part.

Thumbnail Image
Item

Mondrian Tree: Efficient Indexing Structure for Scalable Spatial Triggers Processing over Mobile Environment

2010 , Doo, Myungcheol , Liu, Ling , Narasimhan, Nitya , Vasudevan, Venu

Spatial Alarms are reminders for mobile users upon their arrival of certain spatial location of interest. Spatial alarm processing requires meeting two demanding objectives: high accuracy, which ensures zero or very low alarm misses, and high scalability, which requires highly efficient and optimal processing of spatial alarms. Existing techniques for processing spatial alarms cannot solve these two problems at the same time. In this paper we present the design and implementation of a new indexing technique, Mondrian tree. The Mondrian tree indexing method partitions the entire universe of discourse into spatial alarm monitoring regions and alarm-free regions. This enables us to reduce the number of on-demand alarm-free region computations, significant saving of both server load and client to server communication cost. We evaluate the efficiency of the Mondrian tree indexing approach using a road network simulator and show that the Mondrian tree offers significant performance enhancements on spatial alarm processing at both the server side and the client side.

Thumbnail Image
Item

Mobile Identity Management: Concepts, Issues, and Techniques

2009 , Li, Yun , Liu, Ling

This paper takes a systematic approach to examining the basic concepts, the research issues and the state of art technologies in mobile identity management. We examine the concept of mobile identity and argue that mobile identity should be defined by combining mobile device identity and mobile user identity in a location-aware computing environment. Thus mobile identity management deals with the management of user identity and mobile device identity, as well as the management of the linking of human, devices, and locations in different mobile contexts. Based on this understanding, we review the state of art research on techniques for mobile user identity support, techniques for mobile device identity support, techniques for linking of a human and her mobile devices, and techniques and issues of linking a mobile device and its location. The survey ends with a summary and an outlook of the future research and technology development trends.