608 research outputs found
A Novel Technique for Cloud Computing Data Security and Public Auditing
In prior years, the fast improvement of cloud storage services makes it simpler than at any other time for cloud clients to disseminate information (data) with everyone. To ensure client's trust in the dependability of their public information on the cloud, various strategies have been proposed for information trustworthiness assessing with spotlights on different viable components, secure data destructing, public integrity auditing and so forth.. Since it is not achievable to execute full lifecycle protection security, access control turns into a testing assignment, particularly when we share delicate information on cloud servers. To handle this issue, proposed framework presents a key strategy trait based encryption with time-determined properties (KP-TSABE), another safe information self-destructing framework in distributed computing. Moreover open respectability inspecting frameworks presented for cloud information sharing administrations that check the uprightness of client's delicate information being put away in the cloud. In the KP-TABE plan, each figure content is marked with a period interim while the private key is connected with a period moment. The figure message just is unscrambled if both the time instant is in the permitted time interim and traits which are connected with the figure content guarantee the key's entrance structure. Also, Third Party Auditing (TPA) is acquainted with help clients to assess the danger of their subscribed cloud data administrations. The review result from TPA would likewise be useful for the cloud administration suppliers to upgrade cloud-based administration stage
Distributed Random Process for a Large-Scale Peer-to-Peer Lottery
Most online lotteries today fail to ensure the verifiability of the random
process and rely on a trusted third party. This issue has received little
attention since the emergence of distributed protocols like Bitcoin that
demonstrated the potential of protocols with no trusted third party. We argue
that the security requirements of online lotteries are similar to those of
online voting, and propose a novel distributed online lottery protocol that
applies techniques developed for voting applications to an existing lottery
protocol. As a result, the protocol is scalable, provides efficient
verification of the random process and does not rely on a trusted third party
nor on assumptions of bounded computational resources. An early prototype
confirms the feasibility of our approach
Protecting Online Privacy
Online privacy has become one of the greatest concerns in the United States today. There are currently multiple stakeholders with interests in online privacy including the public, industry, and the United States government. This study examines the issues surrounding the protection of online privacy. Privacy laws in the United States are currently outdated and do little to protect online privacy. These laws are unlikely to be changed as both the government and industry have interests in keeping these privacy laws lax. To bridge the gap between the desired level of online privacy and what is provided legally users may turn to technological solutions
Development in Key Share Management to Protect Data over Cloud
User data may be stored in a cloud to take advantage of its scalability, accessibility, and economics. However, data of a sensitive nature must be protected from being read in the clear by an untrusted cloud provider. This triggered a l ot of research activities, resulting in a quantity of proposals targeting the various cloud security threats. A key management scheme is proposed where encrypted key shares are stored in the cloud and automatically deleted based on passage of time or user activity. The process does not require additional coordination by the data owner, which is of advantage to a very large population of resource - constrained mobile users. The rate of expiration may be controlled through the initial allocation of shares and t he heuristics for removal. A simulation of the scheme and also its implementation on commercial mobile and cloud platforms demonstrate its practical performance
Obstacles to the Adoption of Secure Communication Tools
The computer security community has advocated widespread adoption of secure communication tools to counter mass surveillance. Several popular personal communication tools (e.g., WhatsApp, iMessage) have adopted end-to-end encryption, and many new tools (e.g., Signal, Telegram) have been launched with security as a key selling point. However it remains unclear if users understand what protection these tools offer, and if they value that protection. In this study, we interviewed 60 participants about their experience with different communication tools and their perceptions of the tools' security properties. We found that the adoption of secure communication tools is hindered by fragmented user bases and incompatible tools. Furthermore, the vast majority of participants did not understand the essential concept of end-to-end encryption, limiting their motivation to adopt secure tools. We identified a number of incorrect mental models that underpinned participants' beliefs
Enhancing Data Security by Making Data Disappear in a P2P Systems
This paper describes the problem of securing data by making it disappear
after some time limit, making it impossible for it to be recovered by an
unauthorized party. This method is in response to the need to keep the data
secured and to protect the privacy of archived data on the servers, Cloud and
Peer-to-Peer architectures. Due to the distributed nature of these
architectures, it is impossible to destroy the data completely. So, we store
the data by applying encryption and then manage the key, which is easier to do
as the key is small and it can be hidden in the DHT (Distributed hash table).
Even if the keys in the DHT and the encrypted data were compromised, the data
would still be secure. This paper describes existing solutions, points to their
limitations and suggests improvements with a new secure architecture. We
evaluated and executed this architecture on the Java platform and proved that
it is more secure than other architectures.Comment: 18 page
Privacy Enhancing Technologies for solving the privacy-personalization paradox : taxonomy and survey
Personal data are often collected and processed in a decentralized fashion, within
different contexts. For instance, with the emergence of distributed applications,
several providers are usually correlating their records, and providing personalized services to their clients. Collected data include geographical and indoor
positions of users, their movement patterns as well as sensor-acquired data that
may reveal users’ physical conditions, habits and interests. Consequently, this
may lead to undesired consequences such as unsolicited advertisement and even
to discrimination and stalking. To mitigate privacy threats, several techniques
emerged, referred to as Privacy Enhancing Technologies, PETs for short.
On one hand, the increasing pressure on service providers to protect users’ privacy resulted in PETs being adopted. One the other hand, service providers
have built their business model on personalized services, e.g. targeted ads and
news. The objective of the paper is then to identify which of the PETs have the
potential to satisfy both usually divergent - economical and ethical - purposes.
This paper identifies a taxonomy classifying eight categories of PETs into three
groups, and for better clarity, it considers three categories of personalized services. After defining and presenting the main features of PETs with illustrative
examples, the paper points out which PETs best fit each personalized service
category.
Then, it discusses some of the inter-disciplinary privacy challenges that may
slow down the adoption of these techniques, namely: technical, social, legal and
economic concerns. Finally, it provides recommendations and highlights several
research directions
- …