20,788 research outputs found
ACTIVE-HASH-TABLE BASED PUBLIC AUDITING FOR SECURE CLOUD STORAGE
Public auditing scheme for secure cloud storage based on dynamic hash table, which is a new two-dimensional data structure located at a third-party auditor (TPA) to record the data property information for dynamic auditing. Differing form the existing works, the proposed scheme migrates the authorized information from the cloud services provider to the TPA and thereby significantly reduces the computational cost and communication overhead. Our scheme can also achieve higher updating efficiency than the state of the art schemes. In addition, we extend our scheme to support privacy preservation by combining the homomorphic authenticator based on the public key with the random masking generated by the TPA and achieve batch auditing by employing the aggregate BLS signature technique. We formally prove the security of the proposed scheme and evaluate the auditing performance by detailed experiments and comparisons with the existing ones. The results demonstrate that the proposed scheme can effectively achieve secure auditing for cloud storage and outperform the previous schemes’ in computation complexity, storage costs, and communication overhead
Recommended from our members
Cyber insurance of information systems: Security and privacy cyber insurance contracts for ICT and helathcare organizations
Nowadays, more-and-more aspects of our daily activities are digitalized. Data and assets in the cyber-space, both for individuals and organizations, must be safeguarded. Thus, the insurance sector must face the challenge of digital transformation in the 5G era with the right set of tools. In this paper, we present CyberSure-an insurance framework for information systems. CyberSure investigates the interplay between certification, risk management, and insurance of cyber processes. It promotes continuous monitoring as the new building block for cyber insurance in order to overcome the current obstacles of identifying in real-time contractual violations by the insured party and receiving early warning notifications prior the violation. Lightweight monitoring modules capture the status of the operating components and send data to the CyberSure backend system which performs the core decision making. Therefore, an insured system is certified dynamically, with the risk and insurance perspectives being evaluated at runtime as the system operation evolves. As new data become available, the risk management and the insurance policies are adjusted and fine-tuned. When an incident occurs, the insurance company possesses adequate information to assess the situation fast, estimate accurately the level of a potential loss, and decrease the required period for compensating the insured customer. The framework is applied in the ICT and healthcare domains, assessing the system of medium-size organizations. GDPR implications are also considered with the overall setting being effective and scalable
Advanced Cloud Privacy Threat Modeling
Privacy-preservation for sensitive data has become a challenging issue in
cloud computing. Threat modeling as a part of requirements engineering in
secure software development provides a structured approach for identifying
attacks and proposing countermeasures against the exploitation of
vulnerabilities in a system . This paper describes an extension of Cloud
Privacy Threat Modeling (CPTM) methodology for privacy threat modeling in
relation to processing sensitive data in cloud computing environments. It
describes the modeling methodology that involved applying Method Engineering to
specify characteristics of a cloud privacy threat modeling methodology,
different steps in the proposed methodology and corresponding products. We
believe that the extended methodology facilitates the application of a
privacy-preserving cloud software development approach from requirements
engineering to design
When the Hammer Meets the Nail: Multi-Server PIR for Database-Driven CRN with Location Privacy Assurance
We show that it is possible to achieve information theoretic location privacy
for secondary users (SUs) in database-driven cognitive radio networks (CRNs)
with an end-to-end delay less than a second, which is significantly better than
that of the existing alternatives offering only a computational privacy. This
is achieved based on a keen observation that, by the requirement of Federal
Communications Commission (FCC), all certified spectrum databases synchronize
their records. Hence, the same copy of spectrum database is available through
multiple (distinct) providers. We harness the synergy between multi-server
private information retrieval (PIR) and database- driven CRN architecture to
offer an optimal level of privacy with high efficiency by exploiting this
observation. We demonstrated, analytically and experimentally with deployments
on actual cloud systems that, our adaptations of multi-server PIR outperform
that of the (currently) fastest single-server PIR by a magnitude of times with
information theoretic security, collusion resiliency, and fault-tolerance
features. Our analysis indicates that multi-server PIR is an ideal
cryptographic tool to provide location privacy in database-driven CRNs, in
which the requirement of replicated databases is a natural part of the system
architecture, and therefore SUs can enjoy all advantages of multi-server PIR
without any additional architectural and deployment costs.Comment: 10 pages, double colum
Icebergs in the Clouds: the Other Risks of Cloud Computing
Cloud computing is appealing from management and efficiency perspectives, but
brings risks both known and unknown. Well-known and hotly-debated information
security risks, due to software vulnerabilities, insider attacks, and
side-channels for example, may be only the "tip of the iceberg." As diverse,
independently developed cloud services share ever more fluidly and aggressively
multiplexed hardware resource pools, unpredictable interactions between
load-balancing and other reactive mechanisms could lead to dynamic
instabilities or "meltdowns." Non-transparent layering structures, where
alternative cloud services may appear independent but share deep, hidden
resource dependencies, may create unexpected and potentially catastrophic
failure correlations, reminiscent of financial industry crashes. Finally, cloud
computing exacerbates already-difficult digital preservation challenges,
because only the provider of a cloud-based application or service can archive a
"live," functional copy of a cloud artifact and its data for long-term cultural
preservation. This paper explores these largely unrecognized risks, making the
case that we should study them before our socioeconomic fabric becomes
inextricably dependent on a convenient but potentially unstable computing
model.Comment: 6 pages, 3 figure
- …