In the case of limited mobile device performance, a Two-channel Dynamic Encryption Strategy (TDES) based on greedy algorithm was proposed to perform selective encryption to the data packet, so as to maximize the total privacy weight of packets in a limited time. First, the data packets were roughly classified into two categories according to the privacy weight of the data packets. Then, the weight ranking table was calculated by the privacy weight and the encryption time of the different data packets and sorted in descending order.The two types of data packets corresponded to two transmission channels, and the packet with the maximum privacy weight was encrypted for transmission until at the end of the transmission time. Finally, the remaining time inside the channel was checked, and the transmission channels of some packets were adjusted until the remaining time was less than the encryption time of any packet. The simulation of packet transmission tests shows that compared with Dynamic Data Encryption Strategy (D2ES) and greedy algorithm under the same time limit, the total privacy weight of the proposed strategy was increased by 9.5% and 10.3%, and the running time of the proposed strategy was reduced by 10.8% and 8.5%. Experimental results verify that the proposed TDES has shorter computation time and higher efficiency, which can well balance data security and equipment performance.

To protect the privacy data stored in mobile devices, a secure storage and self-destruction scheme for mobile devices was proposed, which was based on data compression, threshold secret sharing and mobile social networks. In this security scheme, the private data was first compressed with a lossless compression technique, and then the compressed data was encrypted symmetrically by a symmetric key to obtain primitive ciphertext, which was divided into two parts of ciphertext. With time attribute, one part of ciphertext was encapsulated into the Mobile Data Self-destructing Object (MDSO), which was stored in cloud servers. Furthermore, with the symmetric key and time attribute, the other part of ciphertext was processed by the Lagrange polynomial, and the mixture ciphertext shares were generated. At last, these mixture ciphertext shares were embedded into the pictures sharing to social networks. When the authorization was expired, no one could obtain ciphertext block to recombine the original ciphertext, so the security of the privacy data could be protected. The experimental results show that, the sum of the compression and encryption time is only 22 ms when the size of file is 10 KB, which explains the proposed scheme has low performance overhead; furthermore, the results of the comprehensive analysis indicate that the proposed scheme has high security, and it can resist against attacks effectively and protect the mobile privacy data.

To deal with the increasingly serious situation of document's security and better protect the controlled documents, in this paper, an identity-based On-The-Fly Encryption (OTFE) and decryption scheme was proposed for the controlled documents, which combined an Identity-Based Encryption (IBE) algorithm with an on-the-fly encryption technique. In the scheme, file system filter driver technology was used to monitor program's behaviors on the controlled documents; meanwhile, the IBE algorithm was used to encrypt and decrypt the controlled documents. Specifically, a new algorithm that associated the original ciphertext and divided the associated ciphertext into two parts stored in different locations was proposed. Therefore, it is impossible for an adversary to obtain the whole ciphertext and further recover the original plaintext. Finally, an elaborate description was made on the scheme from system level and algorithm level. The security analysis indicates that the proposed scheme is able to effectively protect the controlled documents.

Structured document plays a vital role in information carrier for information interaction and propagation in cloud computing. However, the existing research works lack structured document model that can describe this information carrier. In order to tackle this issue, the authors formalized the definitions of document element, atomic document element, connection, document fragment, and complex document element based on the in-depth analysis of the special characteristics of structured document in cloud computing. Furthermore, the authors proposed structured document model (referred to as the SDoc) satisfying the special characteristics in cloud computing. Finally, several open issues were indicated for structured document.