4,254 research outputs found
A Novel Technique for Cloud Computing Data Security and Public Auditing
In prior years, the fast improvement of cloud storage services makes it simpler than at any other time for cloud clients to disseminate information (data) with everyone. To ensure client's trust in the dependability of their public information on the cloud, various strategies have been proposed for information trustworthiness assessing with spotlights on different viable components, secure data destructing, public integrity auditing and so forth.. Since it is not achievable to execute full lifecycle protection security, access control turns into a testing assignment, particularly when we share delicate information on cloud servers. To handle this issue, proposed framework presents a key strategy trait based encryption with time-determined properties (KP-TSABE), another safe information self-destructing framework in distributed computing. Moreover open respectability inspecting frameworks presented for cloud information sharing administrations that check the uprightness of client's delicate information being put away in the cloud. In the KP-TABE plan, each figure content is marked with a period interim while the private key is connected with a period moment. The figure message just is unscrambled if both the time instant is in the permitted time interim and traits which are connected with the figure content guarantee the key's entrance structure. Also, Third Party Auditing (TPA) is acquainted with help clients to assess the danger of their subscribed cloud data administrations. The review result from TPA would likewise be useful for the cloud administration suppliers to upgrade cloud-based administration stage
Protecting patients’ electronic health records using enhanced active bundles
We propose a solution that provides protection for patients' electronic health/medical records disseminated among different authorized healthcare information systems. The solution is known as Active Bundles using a Trusted Third Party (ABTTP). It is based on the use of trusted third parties, and the construct named active bundles. The latter keep electronic health/medical records as sensitive data; include metadata with information describing sensitive data and prescribing their use; and encompass a virtual machine (VM), which controls and manages how its active bundle behaves. An essential task of the VM is enforcement of the privacy and other policies specified by metadata. We also propose enhancements to the ABTTP scheme. They include adding to ABTTP an algorithm finding the degree of privacy policy inclusion between two privacy policies, and a scheme, known as Agent-Based Active Bundles, which replaces trusted third parties with intelligent agents
Practical cryptographic strategies in the post-quantum era
We review new frontiers in information security technologies in
communications and distributed storage technologies with the use of classical,
quantum, hybrid classical-quantum, and post-quantum cryptography. We analyze
the current state-of-the-art, critical characteristics, development trends, and
limitations of these techniques for application in enterprise information
protection systems. An approach concerning the selection of practical
encryption technologies for enterprises with branched communication networks is
introduced.Comment: 5 pages, 2 figures; review pape
End-to-End Privacy for Open Big Data Markets
The idea of an open data market envisions the creation of a data trading
model to facilitate exchange of data between different parties in the Internet
of Things (IoT) domain. The data collected by IoT products and solutions are
expected to be traded in these markets. Data owners will collect data using IoT
products and solutions. Data consumers who are interested will negotiate with
the data owners to get access to such data. Data captured by IoT products will
allow data consumers to further understand the preferences and behaviours of
data owners and to generate additional business value using different
techniques ranging from waste reduction to personalized service offerings. In
open data markets, data consumers will be able to give back part of the
additional value generated to the data owners. However, privacy becomes a
significant issue when data that can be used to derive extremely personal
information is being traded. This paper discusses why privacy matters in the
IoT domain in general and especially in open data markets and surveys existing
privacy-preserving strategies and design techniques that can be used to
facilitate end to end privacy for open data markets. We also highlight some of
the major research challenges that need to be address in order to make the
vision of open data markets a reality through ensuring the privacy of
stakeholders.Comment: Accepted to be published in IEEE Cloud Computing Magazine: Special
Issue Cloud Computing and the La
Achieving trust-oriented data protection in the cloud environment
University of Technology, Sydney. Faculty of Engineering and Information Technology.Cloud computing has gained increasing acceptance in recent years. In privacy-conscious domains such as healthcare and banking, however, data security and privacy are the greatest obstacles to the widespread adoption of cloud computing technology. Despite enjoying the benefits brought by this innovative technology, users are concerned about losing the control of their own data in the outsourced environment. Encrypting data can resolve confidentiality and integrity challenges, but the key to mitigating users’ concerns and encouraging broader adoption of cloud computing is the establishment of a trustworthy relationship between cloud providers and users.
In this dissertation, we investigate a novel trust-oriented data protection framework adapted to the cloud environment. By investigating cloud data security, privacy, and control related issues, we propose a novel data protection approach that combines active and passive protection mechanisms. The active protection is used to secure data in an independent and smart data cube that can survive even when the host is in danger. The passive protection covers the actions and mechanisms taken to monitor and audit data based on third party security services such as access control services and audit services. Furthermore, by incorporating full mobility and replica management with the active and passive mechanisms, the proposed framework can satisfy confidentiality, integrity, availability, scalability, intrusion-tolerance, authentication, authorization, auditability, and accountability, increasing users’ confidence in consuming cloud-based data services.
In this work we begin by introducing cloud data storage characteristics and then analyse the reasons for issues of data security, privacy and control in cloud. On the basis of results of analysis, we identify desirable properties and objectives for protecting cloud data. In principle, cryptography-based and third party based approaches are insufficient to address users’ concerns and increase confidence in consuming cloud-based data services, because of possible intrusion attacks and direct tampering of data. Hence, we propose a novel way of securing data in an active data cube (ADCu) with smart and independent functionality. Each ADCu is a deployable data protection unit encapsulating sensitive data, networking, data manipulation, and security verification functions within a coherent data structure. A sealed and signed ADCu encloses dynamic information-flow tracking throughout the data cube that can precisely monitor the inner data and the derivatives. Any violations of policy or tampering with data would be compulsorily recorded and reported to bundled users via the mechanisms within the ADCu. This active and bundled architecture is designed to establish a trustworthy relationship between cloud and users.
Subsequently, to establish a more comprehensive security environment cooperating with an active data-centric (ADC) framework, we propose a cloud-based privacy-aware role-based access control (CPRBAC) service and an active auditing service (AAS). These components in the entire data protection framework contribute to the passive security mechanisms. They provide access control management and audit work based on a consistent security environment. We also discuss and implement full mobility management and data replica management related to the ADCu, which are regarded as significant factors to satisfy data accountability, availability, and scalability.
We conduct a set of practical experiments and security evaluation on a mini-private cloud platform. The outcome of this research demonstrates the efficiency, feasibility, dependability, and scalability of protecting outsourced data in cloud by using the trust-oriented protection framework. To that end, we introduce an application applying the components and mechanisms of the trust-oriented security framework to protecting eHealth data in cloud.
The novelty of this work lies in protecting cloud data in an ADCu that is not highly reliant on strong encryption schemes and third-party protection schemes. By proposing innovative structures, concepts, algorithms, and services, the major contribution of this thesis is that it helps cloud providers to deliver trust actively to cloud users, and encourages broader adoption of cloud-based solutions for data storage services in sensitive areas
Privacy Intelligence: A Survey on Image Sharing on Online Social Networks
Image sharing on online social networks (OSNs) has become an indispensable
part of daily social activities, but it has also led to an increased risk of
privacy invasion. The recent image leaks from popular OSN services and the
abuse of personal photos using advanced algorithms (e.g. DeepFake) have
prompted the public to rethink individual privacy needs when sharing images on
OSNs. However, OSN image sharing itself is relatively complicated, and systems
currently in place to manage privacy in practice are labor-intensive yet fail
to provide personalized, accurate and flexible privacy protection. As a result,
an more intelligent environment for privacy-friendly OSN image sharing is in
demand. To fill the gap, we contribute a systematic survey of 'privacy
intelligence' solutions that target modern privacy issues related to OSN image
sharing. Specifically, we present a high-level analysis framework based on the
entire lifecycle of OSN image sharing to address the various privacy issues and
solutions facing this interdisciplinary field. The framework is divided into
three main stages: local management, online management and social experience.
At each stage, we identify typical sharing-related user behaviors, the privacy
issues generated by those behaviors, and review representative intelligent
solutions. The resulting analysis describes an intelligent privacy-enhancing
chain for closed-loop privacy management. We also discuss the challenges and
future directions existing at each stage, as well as in publicly available
datasets.Comment: 32 pages, 9 figures. Under revie
The Active Bundle Scheme for Protecting Electronic Medical Records
Adoption of the electronic medical records (EMRs) or electronic health records (EHRs) by healthcare providers will improve the quality of the American healthcare and reduce the annual bill. However, it will also increase privacy threats due to easier dissemination of EMRs/EHRs than “paper” medical records. Current privacy protection solutions for patient EMRs/EHRs have two main limitations: (1) they require an extensive exchange of messages between computer systems of healthcare providers; and (2) they depend only on data encryption.
In this position paper, we propose a solution that provides protection for the patients\u27 EMRs/EHRs disseminated among different authorized healthcare provider systems. This is achieved through the use of the construct named active bundles (ABs). ABs keep EMRs/EHRs as sensitive data, include metadata containing privacy policies, and encompass a virtual machine that enforces privacy policies
- …