A Novel Technique for Cloud Computing Data Security and Public Auditing

In prior years, the fast improvement of cloud storage services makes it simpler than at any other time for cloud clients to disseminate information (data) with everyone. To ensure client's trust in the dependability of their public information on the cloud, various strategies have been proposed for information trustworthiness assessing with spotlights on different viable components, secure data destructing, public integrity auditing and so forth.. Since it is not achievable to execute full lifecycle protection security, access control turns into a testing assignment, particularly when we share delicate information on cloud servers. To handle this issue, proposed framework presents a key strategy trait based encryption with time-determined properties (KP-TSABE), another safe information self-destructing framework in distributed computing. Moreover open respectability inspecting frameworks presented for cloud information sharing administrations that check the uprightness of client's delicate information being put away in the cloud. In the KP-TABE plan, each figure content is marked with a period interim while the private key is connected with a period moment. The figure message just is unscrambled if both the time instant is in the permitted time interim and traits which are connected with the figure content guarantee the key's entrance structure. Also, Third Party Auditing (TPA) is acquainted with help clients to assess the danger of their subscribed cloud data administrations. The review result from TPA would likewise be useful for the cloud administration suppliers to upgrade cloud-based administration stage

Distributed Random Process for a Large-Scale Peer-to-Peer Lottery

Most online lotteries today fail to ensure the verifiability of the random process and rely on a trusted third party. This issue has received little attention since the emergence of distributed protocols like Bitcoin that demonstrated the potential of protocols with no trusted third party. We argue that the security requirements of online lotteries are similar to those of online voting, and propose a novel distributed online lottery protocol that applies techniques developed for voting applications to an existing lottery protocol. As a result, the protocol is scalable, provides efficient verification of the random process and does not rely on a trusted third party nor on assumptions of bounded computational resources. An early prototype confirms the feasibility of our approach

Protecting Online Privacy

Online privacy has become one of the greatest concerns in the United States today. There are currently multiple stakeholders with interests in online privacy including the public, industry, and the United States government. This study examines the issues surrounding the protection of online privacy. Privacy laws in the United States are currently outdated and do little to protect online privacy. These laws are unlikely to be changed as both the government and industry have interests in keeping these privacy laws lax. To bridge the gap between the desired level of online privacy and what is provided legally users may turn to technological solutions

Development in Key Share Management to Protect Data over Cloud

User data may be stored in a cloud to take advantage of its scalability, accessibility, and economics. However, data of a sensitive nature must be protected from being read in the clear by an untrusted cloud provider. This triggered a l ot of research activities, resulting in a quantity of proposals targeting the various cloud security threats. A key management scheme is proposed where encrypted key shares are stored in the cloud and automatically deleted based on passage of time or user activity. The process does not require additional coordination by the data owner, which is of advantage to a very large population of resource - constrained mobile users. The rate of expiration may be controlled through the initial allocation of shares and t he heuristics for removal. A simulation of the scheme and also its implementation on commercial mobile and cloud platforms demonstrate its practical performance

Obstacles to the Adoption of Secure Communication Tools

The computer security community has advocated widespread adoption of secure communication tools to counter mass surveillance. Several popular personal communication tools (e.g., WhatsApp, iMessage) have adopted end-to-end encryption, and many new tools (e.g., Signal, Telegram) have been launched with security as a key selling point. However it remains unclear if users understand what protection these tools offer, and if they value that protection. In this study, we interviewed 60 participants about their experience with different communication tools and their perceptions of the tools' security properties. We found that the adoption of secure communication tools is hindered by fragmented user bases and incompatible tools. Furthermore, the vast majority of participants did not understand the essential concept of end-to-end encryption, limiting their motivation to adopt secure tools. We identified a number of incorrect mental models that underpinned participants' beliefs

Enhancing Data Security by Making Data Disappear in a P2P Systems

This paper describes the problem of securing data by making it disappear after some time limit, making it impossible for it to be recovered by an unauthorized party. This method is in response to the need to keep the data secured and to protect the privacy of archived data on the servers, Cloud and Peer-to-Peer architectures. Due to the distributed nature of these architectures, it is impossible to destroy the data completely. So, we store the data by applying encryption and then manage the key, which is easier to do as the key is small and it can be hidden in the DHT (Distributed hash table). Even if the keys in the DHT and the encrypted data were compromised, the data would still be secure. This paper describes existing solutions, points to their limitations and suggests improvements with a new secure architecture. We evaluated and executed this architecture on the Java platform and proved that it is more secure than other architectures.Comment: 18 page

Privacy Enhancing Technologies for solving the privacy-personalization paradox : taxonomy and survey

Personal data are often collected and processed in a decentralized fashion, within different contexts. For instance, with the emergence of distributed applications, several providers are usually correlating their records, and providing personalized services to their clients. Collected data include geographical and indoor positions of users, their movement patterns as well as sensor-acquired data that may reveal users’ physical conditions, habits and interests. Consequently, this may lead to undesired consequences such as unsolicited advertisement and even to discrimination and stalking. To mitigate privacy threats, several techniques emerged, referred to as Privacy Enhancing Technologies, PETs for short. On one hand, the increasing pressure on service providers to protect users’ privacy resulted in PETs being adopted. One the other hand, service providers have built their business model on personalized services, e.g. targeted ads and news. The objective of the paper is then to identify which of the PETs have the potential to satisfy both usually divergent - economical and ethical - purposes. This paper identifies a taxonomy classifying eight categories of PETs into three groups, and for better clarity, it considers three categories of personalized services. After defining and presenting the main features of PETs with illustrative examples, the paper points out which PETs best fit each personalized service category. Then, it discusses some of the inter-disciplinary privacy challenges that may slow down the adoption of these techniques, namely: technical, social, legal and economic concerns. Finally, it provides recommendations and highlights several research directions