Cloud data security and various cryptographic algorithms

Cloud computing has spread widely among different organizations due to its advantages, such as cost reduction, resource pooling, broad network access, and ease of administration. It increases the abilities of physical resources by optimizing shared use. Clients’ valuable items (data and applications) are moved outside of regulatory supervision in a shared environment where many clients are grouped together. However, this process poses security concerns, such as sensitive information theft and personally identifiable data leakage. Many researchers have contributed to reducing the problem of data security in cloud computing by developing a variety of technologies to secure cloud data, including encryption. In this study, a set of encryption algorithms (advance encryption standard (AES), data encryption standard (DES), Blowfish, Rivest-Shamir-Adleman (RSA) encryption, and international data encryption algorithm (IDEA) was compared in terms of security, data encipherment capacity, memory usage, and encipherment time to determine the optimal algorithm for securing cloud information from hackers. Results show that RSA and IDEA are less secure than AES, Blowfish, and DES). The AES algorithm encrypts a huge amount of data, takes the least encipherment time, and is faster than other algorithms, and the Blowfish algorithm requires the least amount of memory space

Hybrid Workload Enabled and Secure Healthcare Monitoring Sensing Framework in Distributed Fog-Cloud Network

The Internet of Medical Things (IoMT) workflow applications have been rapidly growing in practice. These internet-based applications can run on the distributed healthcare sensing system, which combines mobile computing, edge computing and cloud computing. Offloading and scheduling are the required methods in the distributed network. However, a security issue exists and it is hard to run different types of tasks (e.g., security, delay-sensitive, and delay-tolerant tasks) of IoMT applications on heterogeneous computing nodes. This work proposes a new healthcare architecture for workflow applications based on heterogeneous computing nodes layers: an application layer, management layer, and resource layer. The goal is to minimize the makespan of all applications. Based on these layers, the work proposes a secure offloading-efficient task scheduling (SEOS) algorithm framework, which includes the deadline division method, task sequencing rules, homomorphic security scheme, initial scheduling, and the variable neighbourhood searching method. The performance evaluation results show that the proposed plans outperform all existing baseline approaches for healthcare applications in terms of makespan

Efficient two-stage cryptography scheme for secure distributed data storage in cloud computing

Cloud computing environment requires secure access for data from the cloud server, small execution time, and low time complexity. Existing traditional cryptography algorithms are not suitable for cloud storage. In this paper, an efficient two-stage cryptography scheme is proposed to access and store data into cloud safely. It comprises both user authentication and encryption processes. First, a two-factor authentication scheme one-time password is proposed. It overcomes the weaknesses in the existing authentication schemes. The proposed authentication method does not require specific extra hardware or additional processing time to identity the user. Second, the plaintext is divided into two parts which are encrypted separately using a unique key for each. This division increases the security of the proposed scheme and in addition decreases the encryption time. The keys are generated using logistic chaos model theory. Chaos equation generates different values of keys which are very sensitive to initial condition and control parameter values entered by the user. This scheme achieves high-security level by introducing different security processes with different stages. The simulation results demonstrate that the proposed scheme reduces the size of the ciphertext and both encryption and decryption times than competing schemes without adding any complexity

TD2SecIoT: Temporal, Data-Driven and Dynamic Network Layer Based Security Architecture for Industrial IoT

The Internet of Things (IoT) is an emerging technology, which comprises wireless smart sensors and actuators. Nowadays, IoT is implemented in different areas such as Smart Homes, Smart Cities, Smart Industries, Military, eHealth, and several real-world applications by connecting domain-specific sensors. Designing a security model for these applications is challenging for researchers since attacks (for example, zero-day) are increasing tremendously. Several security methods have been developed to ensure the CIA (Confidentiality, Integrity, and Availability) for Industrial IoT (IIoT). Though these methods have shown promising results, there are still some security issues that are open. Thus, the security and authentication of IoT based applications become quite significant. In this paper, we propose TD2SecIoT (Temporal, Data-Driven and Dynamic Network Layer Based Security Architecture for Industrial IoT), which incorporates Elliptic Curve Cryptography (ECC) and Nth-degree Truncated Polynomial Ring Units (NTRU) methods to ensure confidentiality and integrity. The proposed method has been evaluated against different attacks and performance measures (quantitative and qualitative) using the Cooja network simulator with Contiki-OS. The TD2SecIoT has shown a higher security level with reduced computational cost and time

Combining Cryptographic Primitives According to Security Metrics and Vulnerabilities in Real Systems

There are so many applications and data that flow during our daily activities, either personal or institutional ones. Also the companies and business do transactions or their real operations through the Web and other Internet facilities. Security breaches are costing individuals or companies millions so information security has to be a major priority. There are several forms of security technology available, but encryption is one that everyday computer users should know about. Encryption and the performance of cryptographic algorithms are variable according to implemented platforms, software and hardware components or application scenarios. According to specific security metrics and requirements we have to use algorithms even in a combined manner that should be more efficient and best suited. Multi-level encryption and hybrid encryption should be a fine solution to protect our data. In this paper we specify the security musts according to Alfa software using cryptographic algorithms

Managing IT Operations in a Cloud-driven Enterprise: Case Studies

Enterprise IT needs a new approach to manage processes, applications and infrastructure which are distributed across a mix of environments. In an Enterprise traditionally a request to deliver an application to business could take weeks or months due to decision-making functions, multiple approval bodies and processes that exist within IT departments. These delays in delivering a requested service can lead to dissatisfaction, with the result that the line-of-business group may seek alternative sources of IT capabilities. Also the complex IT infrastructure of these enterprises cannot keep up with the demand of new applications and services from an increasingly dispersed and mobile workforce which results in slower rollout of critical applications and services, limited resources, poor operation visibility and control. In such scenarios, it’s better to adopt cloud services to substitute for new application deployment otherwise most Enterprise IT organizations face the risk of losing 'market share' to the Public Cloud. Using Cloud Model the organizations should increase ROI, lower TCO and operate with seamless IT operations. It also helps to beat shadow IT and the practice of resource over-or under provisioning. In this research paper we have given two case studies where we migrated two Enterprise IT application to public clouds for the purpose of lower TCO and higher ROI. By migrating, the IT organizations improved IT agility, enterprise-class software for performance, security and control. In this paper, we also focus on the advantages and challenges while adopting cloud services