Managing forensic recovery in the cloud

As organisations move away from locally hosted computer services toward Cloud platforms, there is a corresponding need to ensure the forensic integrity of such instances. The primary reasons for concern are (i) the locus of responsibility, and (ii) the associated risk of legal sanction and financial penalty. Building upon previously proposed techniques for intrusion monitoring, we highlight the multi-level interpretation problem, propose enhanced monitoring of Cloud-based systems at diverse operational and data storage level as a basis for review of historical change across the hosted system and afford scope to identify any data impact from hostile action or 'friendly fire'

تحسين الأمنية بتطوير نموذج للتوثيق وفحص سلامة ملفات المستخدم لتطبيقات الويب السحابية العامة

Cloud computing is being adopted generally and it has shown a high impact on the development of businesses, it enables on-demand access to a shared pool of configurable computing resources. Cloud computing faces many security problems like any other electronic system, and among these problems is the attacks on user authentication and thus on the integrity and confidentiality of data especially in the public cloud computing environment. Authentication plays a major role in keeping information secure in the cloud environment. Cloud users must ensure the integrity of their files stored in the cloud. In this study, the main objective is to develop a model for user authentication and checking the integrity of files stored in the public cloud, by studying the state of art of security models in public cloud computing and analyzing them, in particular the models for integrity of data or files and user authentication. This study uses the descriptive, deductive, applied and prototype methodology. We developed a model for the user authentication and file integrity checking for files in the cloud, in the user authentication system, we used two-factor authentication that involves password and digital signature which uses the certificate-based authentication. For the file integrity checking system, the model used a secure hashing algorithm whereby the file hash value is calculated and encrypted before sending to the cloud. All file and data transfers between the cloud provider and the user are encrypted using the symmetric and asymmetric encryption system. We used several tools and programming languages to implement the model and experiments. Our experiments proved that the model is effective and acceptable. Among the most important results is that the model provides strong user authentication and integrity checking system for cloud users and files. The model also provides confidentiality and non-repudiation. It also increases user confidence in cloud applications as we ensured secure connection between cloud users and cloud service providers, the model also uses less computation power on user devices. Future studies should be conducted to solve the problem of phishing attacks for web pages, and the model can be improved to verify the integrity of files shared by multiple users and adapt the model to new security algorithms

An Investigation into Possible Attacks on HTML5 IndexedDB and their Prevention

This thesis presents an analysis of, and enhanced security model for IndexedDB, the persistent HTML5 browser-based data store. In versions of HTML prior to HTML5, web sites used cookies to track user preferences locally. Cookies are however limited both in file size and number, and must also be added to every HTTP request, which increases web traffic unnecessarily. Web functionality has however increased significantly since cookies were introduced by Netscape in 1994. Consequently, web developers require additional capabilities to keep up with the evolution of the World Wide Web and growth in eCommerce. The response to this requirement was the IndexedDB API, which became an official W3C recommendation in January 2015. The IndexedDB API includes an Object Store, indices, and cursors and so gives HTML5 - compliant browsers a transactional database capability. Furthermore, once downloaded, IndexedDB data stores do not require network connectivity. This permits mobile web- based applications to work without a data connection. Such IndexedDB data stores will be used to store customer data, they will inevitably become targets for attackers. This thesis firstly argues that the design of IndexedDB makes it unavoidably insecure. That is, every implementation is vulnerable to attacks such as Cross Site Scripting, and even data that has been deleted from databases may be stolen using appropriate software tools. This is demonstrated experimentally on both mobile and desktop browsers. IndexedDB is however capable of high performance even when compared to servers running optimized local databases. This is demonstrated through the development of a formal performance model. The performance predictions for IndexedDB were tested experimentally, and the results showed high conformance over a range of usage scenarios. This implies that IndexedDB is potentially a useful HTML5 API if the security issues can be addressed. In the final component of this thesis, we propose and implement enhancements that correct the security weaknesses identified in IndexedDB. The enhancements use multifactor authentication, and so are resistant to Cross Site Scripting attacks. This enhancement is then demonstrated experimentally, showing that HTML5 IndexedDB may be used securely both online and offline. This implies that secure, standards compliant browser based applications with persistent local data stores may both feasible and efficient