3 research outputs found
Towards the design of secure and privacy-oriented Information systems in the cloud: Identifying the major concepts
Cloud computing is without a doubt one of the most significant innovations presented in the
global technological map. This new generation of technology has the potential to positively
change our lives since on the one hand it provides capabilities that make our digital lives
much easier, than before, while on the other hand it assists developers in creating services
that can be disseminated easier and faster, than before, and with significantly less cost.
However, one of the major research challenges for the successful deployment of cloud
services is a clear understanding of security and privacy issues on a cloud environment, since
the cloud architecture has dissimilarities comparing to the traditional distributed systems.
Such differences might introduce new threats and require different treatment of security and
privacy issues. Nevertheless, current security and privacy requirements engineering
techniques and methodologies have not been developed with cloud computing in mind and
fail to capture the unique characteristics of such domain. It is therefore important to
understand security and privacy within the context of cloud computing and identify relevant
security and privacy properties and threats that will support techniques and methodologies
aimed to analyze and design secure cloud based systems. The contribution of this paper to the
literature is two-fold. Firstly, it provides a clear linkage between a set of critical cloud
computing areas with security and privacy threats and properties. Secondly, it introduces a
number of requirements for analysis and design methodologies to consider for security and
privacy concerns in the cloud
Client-side encryption and key management: enforcing data confidentiality in the cloud.
Master of Science in Computer Science. University of KwaZulu-Natal, Durban 2016.Cloud computing brings flexible, scalable and cost effective services. This is a computing paradigm
whose services are driven by the concept of virtualization and multi-tenancy. These concepts bring
various attractive benefits to the cloud. Among the benefits is reduction in capital costs, pay-per-use
model, enormous storage capacity etc. However, there are overwhelming concerns over data
confidentiality on the cloud. These concerns arise from various attacks that are directed towards
compromising data confidentiality in virtual machines (VMs). The attacks may include inter-VM and VM
sprawls. Moreover, weaknesses or lack of data encryption make such attacks to thrive. Hence, this
dissertation presents a novel client-side cryptosystem derived from evolutionary computing concepts. The
proposed solution makes use of chaotic random noise to generate a fitness function. The fitness function
is used to generate strong symmetric keys. The strength of the encryption key is derived from the chaotic
and randomness properties of the input noise. Such properties increase the strength of the key without
necessarily increasing its length. However, having the strongest key does not guarantee confidentiality if
the key management system is flawed. For example, encryption has little value if key management
processes are not vigorously enforced. Hence, one of the challenges of cloud-based encryption is key
management. Therefore, this dissertation also makes an attempt to address the prevalent key management
problem. It uses a counter propagation neural network (CPNN) to perform key provision and revocation.
Neural networks are used to design ciphers. Using both supervised and unsupervised machine learning
processes, the solution incorporates a CPNN to learn a crypto key. Using this technique there is no need
for users to store or retain a key which could be compromised. Furthermore, in a multi-tenant and
distributed environment such as the cloud, data can be shared among multiple cloud users or even
systems. Based on Shamir's secret sharing algorithm, this research proposes a secret sharing scheme to
ensure a seamless and convenient sharing environment. The proposed solution is implemented on a live
openNebula cloud infrastructure to demonstrate and illustrate is practicability