Dr Nazatul Sultan

Research Associate

School of Information and Physical Sciences

Email:nazatul.sultan@newcastle.edu.au
Phone:0434023651

Career Summary

Biography

Dr. Nazatul Haque Sultan received his Ph.D. degree from the Indian Institute of Information Technology Guwahati, India in 2019. He is currently working as a Research Associate in a joint venture R&D project between the Advanced Cyber Security Engineering Research Centre (ACSRC) at the University of Newcastle and Distributed Systems Security (DSS) group at the CSIRO Data61, Australia. Prior to that, he worked as a Research and Development Engineer at Telecom SudParis, France on a European Union's sponsored R&D project. He also worked as a Senior Research Fellow at IIIT Guwahati and Tezpur University, India on two different Govt. of India sponsored R&D projects. He has high-quality publications on international conferences and journals, such as ESORICS, SRDS, IEEE TCC, FGCS, etc. Dr. Sultan also served as a reviewer and PC member of many international conferences. His research interests include Information Security, Applied Cryptography, Privacy, Cloud Security, Emerging Network Security, Searchable Encryption, and Blockchain.

Qualifications

Doctor of Philosophy, Indian Institute of Information TechnologyGuwahati
Master of Technology, Tezpur University, India

Keywords

Applied Cryptography
Cloud & IoT Security
Emerging Network Security
Information Security
Privacy
Searchable Encryption

Languages

Hindi (Fluent)
Assamese (Mother)
English (Fluent)

Fields of Research

Code	Description	Percentage
460401	Cryptography	30
460402	Data and information privacy	50
460407	System and network security	20

Professional Experience

UON Appointment

Title	Organisation / Department
Casual Academic	University of Newcastle School of Electrical Engineering and Computing Australia
Research Associate	University of Newcastle School of Electrical Engineering and Computing Australia

Academic appointment

Dates	Title	Organisation / Department
1/4/2019 - 30/9/2019	Research and Development Engineer	Telecom SudParis France
6/2/2018 - 27/3/2019	Senior Research Fellow	Indian Institute of Information Technology Guwahati India
2/1/2015 - 13/4/2015	Senior Research Fellow	Tezpur University India

Edit

Publications

For publications that are currently unpublished or in-press, details are shown in italics.

Journal article (4 outputs)

Year

Citation

Altmetrics

Link

2021

Malina L, Dzurenda P, Ricci S, Hajny J, Srivastava G, Matulevicius R, et al., 'Post-Quantum Era Privacy Protection for Intelligent Infrastructures', IEEE ACCESS, 9 36038-36077 (2021)

DOI	10.1109/ACCESS.2021.3062201
Citations	Scopus - 5Web of Science - 2

2021

Sultan NH, Laurent M, Varadharajan V, 'Securing Organization's Data: A Role-Based Authorized Keyword Search Scheme with Efficient Decryption', IEEE Transactions on Cloud Computing, (2021)

For better data availability and accessibility while ensuring data secrecy, organizations often tend to outsource their encrypted data to the cloud storage servers, thus bringing ... [more]

For better data availability and accessibility while ensuring data secrecy, organizations often tend to outsource their encrypted data to the cloud storage servers, thus bringing the challenge of keyword search over encrypted data. In this paper, we propose a novel authorized keyword search scheme using Role-Based Encryption (RBE) technique in a cloud environment. The contributions of this paper are multi-fold. First, it presents a keyword search scheme which enables only authorized users, having properly assigned roles, to delegate keyword-based data search capabilities over encrypted data to the cloud providers without disclosing any sensitive information. Second, it supports a multi-organization cloud environment, where the users can be associated with more than one organization. Third, the proposed scheme provides efficient decryption, conjunctive keyword search and revocation mechanisms. Fourth, the proposed scheme outsources expensive cryptographic operations in decryption to the cloud in a secure manner. Fifth, we have provided a formal security analysis to prove that the proposed scheme is semantically secure against Chosen Plaintext and Chosen Keyword Attacks. Finally, our performance analysis shows that the proposed scheme is suitable for practical applications.

DOI	10.1109/TCC.2021.3071304
Citations	Scopus - 1
Co-authors	Vijay Varadharajan

2019

Sultan NH, Kaaniche N, Laurent M, Barbhuiya FA, 'Authorized Keyword Search over Outsourced Encrypted Data in Cloud Environment', IEEE Transactions on Cloud Computing, (2019)

For better data availability and accessibility while ensuring data secrecy, end-users often tend to outsource their data to the cloud servers in an encrypted form. However, this b... [more]

For better data availability and accessibility while ensuring data secrecy, end-users often tend to outsource their data to the cloud servers in an encrypted form. However, this brings a major challenge to perform the search for some keywords over encrypted content without disclosing any information to unintended entities. This paper proposes a novel expressive authorized keyword search scheme relying on the concept of ciphertext-policy attribute-based encryption. The originality of the proposed scheme is multifold. First, it supports the generic and convenient multi-owner and multi-user scenario, where the encrypted data are outsourced by several data owners and searchable by multiple users. Second, the formal security analysis proves that the proposed scheme is semantically secure against chosen keyword and outsider's keyword guessing attacks. Third, an interactive protocol is introduced which avoids the need of any secure channels between users and service provider. Fourth, due to the concept of bilinear-map accumulator, the system can efficiently revoke users and/or their attributes, and authenticate them prior to launching any expensive search operations. Fifth, conjunctive keyword search is provided thus enabling to search for multiple keywords simultaneously, with minimal cost. Sixth, the performance analysis shows that the proposed scheme outperforms closely-related works.

DOI	10.1109/TCC.2019.2931896
Citations	Scopus - 5

2018

Sultan NH, Barbhuiya FA, Laurent M, 'ICAuth: A secure and scalable owner delegated inter-cloud authorization', Future Generation Computer Systems, 88 319-332 (2018)

This paper proposes a secure inter-cloud authorization scheme using ciphertext-policy attribute-based encryption (CP-ABE). The proposed scheme enables data owners to access files ... [more]

This paper proposes a secure inter-cloud authorization scheme using ciphertext-policy attribute-based encryption (CP-ABE). The proposed scheme enables data owners to access files which are stored in cloud storage servers, managed by a service provider, using web applications which may be registered with another service provider. To access the stored files using a web application, the data owner can issue one time access tokens. For issuing the access tokens, the data owner does not need collaboration with any other entities in the cloud environments. In addition, single access token can be used to access several files, which reduces the number of required access tokens. Moreover, ciphertext re-encryption is performed to prevent unauthorized access. The re-encryption is delegated to a cloud storage service provider to reduce overhead on the data owner side. The security analysis of the proposed scheme has been done under the Decisional Bilinear Diffie¿Hellman assumption and it is proven to be secure against Chosen Plaintext Attack. Moreover, performance analysis of the proposed scheme shows that it incurs low overhead in terms of communication and storage and it takes minimum delay and computation costs while providing better functionality.

DOI	10.1016/j.future.2018.05.066
Citations	Scopus - 5Web of Science - 4

Show 1 more journal article

Conference (7 outputs)

Year

Citation

Altmetrics

Link

2020

Sultan NH, Varadharajan V, Camtepe S, Nepal S, 'An accountable access control scheme for hierarchical content in named data networks with revocation', Computer Security ESORICS 2020 25th European Symposium on Research in Computer Security, Guildford, UK (2020) [E1]

DOI	10.1007/978-3-030-58951-6_28
Co-authors	Vijay Varadharajan

2019

Hasan SS, Sultan NH, Barbhuiya FA, 'Cloud data provenance using IPFS and blockchain technology', SCC 2019 - Proceedings of the 7th International Workshop on Security in Cloud Computing, co-located with AsiaCCS 2019 (2019)

Cloud is widely used for data storage. A user who has uploaded his/her private or commercial data to the cloud is always keen to know whether the data that he/she has stored is se... [more]

Cloud is widely used for data storage. A user who has uploaded his/her private or commercial data to the cloud is always keen to know whether the data that he/she has stored is secure or not. Access logs of stored data can be used to trace the integrity of the data. Access logs are also known as provenance data. Provenance data contains private information of users. As provenance data can be used to check the integrity so, it becomes very important to securely store the provenance data. The stored provenance data should be immutable and also unreachable to adversaries, as it contains private information of users. Cloud users will be assured of their stored data, and Cloud Storage Providers can use this implementation to improve their brand value and performance. This paper aims at providing an efficient way to store provenance data securely using Blockchain technology and InterPlanetary File System (IPFS) so that it is out of reach of adversaries. This paper also proposed a framework through which a user can verify the integrity of its own data. This model is implemented, tested and analyzed using IPFS which is a decentralized storage mechanism backed by blockchain to store cloud provenance data and uses publicly available Tierion api to store the hash value of the provenance entries.

DOI	10.1145/3327962.3331457
Citations	Scopus - 8

2018

Sultan NH, Barbhuiya FA, Sarma N, 'Scauth: Selective cloud user authorization for ciphertext-policy attribute-based access control', Proceedings - 2017 IEEE International Conference on Cloud Computing in Emerging Markets, CCEM 2017 (2018)

Cloud storage service allows its users to outsource and share data in a cloud environment. To achieve data privacy along with access control, cryptographic mechanisms are used. Ci... [more]

Cloud storage service allows its users to outsource and share data in a cloud environment. To achieve data privacy along with access control, cryptographic mechanisms are used. Ciphertext-policy attribute-based encryption (CP-ABE) is a widely used cryptographic mechanism, which facilitates data privacy and access control over encrypted data. Any user, having a qualified access right, can gain access to the data. As the cloud is a dynamic environment, sometimes it may need to allow only a few users, from the set of users having qualified access rights, to access the data. However, access right revocation or user revocation, in CP-ABE, is a tedious and costly event. This paper proposes the first CP-ABE based access control scheme, named as SCAuth in short, which allows selected users, from the set of users having sufficient access rights, to gain access to the data. It neither requires user revocation nor re-encryption of the data using a fresh access policy. The security analysis has been done using Information Theory Tools and it establishes that the proposed scheme is unconditionally secure and collusion resistant.

DOI	10.1109/CCEM.2017.14
Citations	Scopus - 1Web of Science - 1

2017

Sultan NH, Barbhuiya FA, Sarma N, 'A Universal Cloud User Revocation Scheme With Key-Escrow Resistance for Ciphertext-Policy Attribute-Based Access Control', ACM International Conference Proceeding Series (2017)

Cloud storage service allows its users to store and share data in a cloud environment. To secure the data from unauthorized entities while sharing, cryptographic mechanisms are us... [more]

Cloud storage service allows its users to store and share data in a cloud environment. To secure the data from unauthorized entities while sharing, cryptographic mechanisms are used. Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is one such mechanism, which has been widely used to achieve fine-grained access control over encrypted data. However, user revocation and key-escrow, in CP-ABE, are still remaining as challenging problems. In this paper, we propose a key-escrow resistant CP-ABE based access control scheme to provide efficient user revocation. The security analysis of the scheme has been done using Information Theory Tools. The security analysis establishes that it is unconditionally secure and provides any-wise revocation capability. Moreover, comparison with the other notable works in the area shows that it outperforms them in terms of computational and communication overheads.

DOI	10.1145/3136825.3136877
Citations	Scopus - 3Web of Science - 2

2016

Sultan NH, Barbhuiya FA, Sarma N, 'PairVoting: A secure online voting scheme using Pairing-Based Cryptography and Fuzzy Extractor', International Symposium on Advanced Networks and Telecommunication Systems, ANTS (2016)

With the increase in popularity of electronic voting, it has become necessary to have secure online voting mechanism. This paper presents a novel online voting scheme by using com... [more]

With the increase in popularity of electronic voting, it has become necessary to have secure online voting mechanism. This paper presents a novel online voting scheme by using combination of biometric and password based security. The scheme uses Fuzzy Extractor to provide biometric based authentication, while secret password is used to provide password based protection of the voter. In addition, Pairing-Based Cryptography is used to provide the necessary security requirements of an online voting system. A prototype of the proposed scheme is implemented and its performance and security analysis shows that the proposed scheme is cost-effective and at the same time satisfies the security requirements of an online voting system.

DOI	10.1109/ANTS.2015.7413634
Citations	Scopus - 2

2016

Sultan NH, Barbhuiya FA, 'A Secure Re-encryption Scheme for Data Sharing in Unreliable Cloud Environment', Proceedings - 2016 IEEE World Congress on Services, SERVICES 2016 (2016)

To share encrypted data in cloud storage, data owner provides decryption keys to authorised users. When such a user is revoked, the encrypted data related to revoked user is re-en... [more]

To share encrypted data in cloud storage, data owner provides decryption keys to authorised users. When such a user is revoked, the encrypted data related to revoked user is re-encrypted and new decryption keys are re-distributed among the non-revoked users. In this paper, an efficient and secure re-encryption scheme has been proposed for data sharing in unreliable cloud environment. The scheme is built on top of Ciphertext-Policy based Attribute-Based Encryption (CP-ABE), which will provide fine-grained access control to share data. The scheme can achieve user revocation without whole ciphertexts re-encryption and key re-distributions. In addition, re-encryption is not performed until a user requests for that data, which reduces overheads. Further, it does not need any clock synchronization. Moreover, the scheme is proven to be secured under Computational Bilinear Diffie-Hellman (CBDH) assumption. A comparison with the other notable work in this area shows that the performance is better in terms of functionality, computational and communication overheads.

DOI	10.1109/SERVICES.2016.16
Citations	Scopus - 5Web of Science - 4

2014

Sultan NH, Sarma N, 'PAPAR: Pairing based authentication protocol with anonymous roaming for wireless mesh networks', Proceedings - 2014 13th International Conference on Information Technology, ICIT 2014 (2014)

In wireless networks, secure authentication protocol should enable a legitimate roaming user to get roaming services from foreign server when he/she is away from home domain. Howe... [more]

In wireless networks, secure authentication protocol should enable a legitimate roaming user to get roaming services from foreign server when he/she is away from home domain. However, a basic authentication protocol requires participation of home server, foreign server and roaming user during the authentication between roaming user and foreign server. Recently, two-party based anonymous authentication protocols have been proposed, which does not require home server's participation, to protect identity, location and route information of the roaming users. But, the available anonymous authentication protocols are not efficient due to the shortcomings in security and high computational cost. This paper addresses those problems and proposes a novel two-party based anonymous authentication protocol for the roaming users, named PAPAR. PAPAR uses pairing-based cryptography to secure and to provide computationally efficient authentication. Further, PAPAR uses pseudo identities to ensure user anonymity. Moreover, PAPAR efficiently mitigates the effect of DoS (Denial of Service) attack by using light computational operations, such as Message Authentication Code. Comparison and experimental results show that PAPAR outperforms the existing works in terms of security and computational cost.

DOI	10.1109/ICIT.2014.36
Citations	Scopus - 1Web of Science - 1

Show 4 more conferences

Edit