A Scheme for improving data confidentiality in the cloud computing environment

Thesis submitted in partial fulfillment of the requirements for the Degree of Master of Science in Computer-Based Information Systems (MSIS) at Strathmore UniversityCloud computing has ushered in an era whereby small and medium sized companies enjoy computing power which was usually a preserve for big corporations. Despite these benefits, the present cloud data confidentiality techniques are still evolving, and as they evolve so are the threats, hence posing security and privacy challenges, thus becoming an impediment to cloud adoption. Currently, cases have been cited where hackers have stolen stored cloud data, later to appear in social media embarrassing the firms. Among the key vulnerabilities attributed to loss of cloud data include: account hijacking, malicious insider breaches, data breaches attributed to weak Identity and access management, phishing, SQL injection, among others. Several research articles have been reviewed with some proposed solutions but these solutions have fallen short of addressing account hijacking and malicious insider threats. In addition, the online survey conducted highlighted that insider breaches are among the main form of vulnerability to cloud data. These challenges within the cloud storage informed the basis for the design of a scheme for improving data confidentiality in the cloud computing environment. The data confidentiality is achieved by implementing authentication login which triggers a six digit code to be sent to a client mobile or e-mail for further authentication, thus, enabling situational awareness of data breaches in real-time. This approach will enhance reliability and trust of cloud services enabling users to maximize on potential benefits offered by the cloud environment

A systematic literature review of cloud computing in eHealth

Cloud computing in eHealth is an emerging area for only few years. There needs to identify the state of the art and pinpoint challenges and possible directions for researchers and applications developers. Based on this need, we have conducted a systematic review of cloud computing in eHealth. We searched ACM Digital Library, IEEE Xplore, Inspec, ISI Web of Science and Springer as well as relevant open-access journals for relevant articles. A total of 237 studies were first searched, of which 44 papers met the Include Criteria. The studies identified three types of studied areas about cloud computing in eHealth, namely (1) cloud-based eHealth framework design (n=13); (2) applications of cloud computing (n=17); and (3) security or privacy control mechanisms of healthcare data in the cloud (n=14). Most of the studies in the review were about designs and concept-proof. Only very few studies have evaluated their research in the real world, which may indicate that the application of cloud computing in eHealth is still very immature. However, our presented review could pinpoint that a hybrid cloud platform with mixed access control and security protection mechanisms will be a main research area for developing citizen centred home-based healthcare applications

Will SDN be part of 5G?

For many, this is no longer a valid question and the case is considered settled with SDN/NFV (Software Defined Networking/Network Function Virtualization) providing the inevitable innovation enablers solving many outstanding management issues regarding 5G. However, given the monumental task of softwarization of radio access network (RAN) while 5G is just around the corner and some companies have started unveiling their 5G equipment already, the concern is very realistic that we may only see some point solutions involving SDN technology instead of a fully SDN-enabled RAN. This survey paper identifies all important obstacles in the way and looks at the state of the art of the relevant solutions. This survey is different from the previous surveys on SDN-based RAN as it focuses on the salient problems and discusses solutions proposed within and outside SDN literature. Our main focus is on fronthaul, backward compatibility, supposedly disruptive nature of SDN deployment, business cases and monetization of SDN related upgrades, latency of general purpose processors (GPP), and additional security vulnerabilities, softwarization brings along to the RAN. We have also provided a summary of the architectural developments in SDN-based RAN landscape as not all work can be covered under the focused issues. This paper provides a comprehensive survey on the state of the art of SDN-based RAN and clearly points out the gaps in the technology.Comment: 33 pages, 10 figure