MODEL KONTROLE PRISTUPA USLUGAMA U OBLAKU NA OSNOVU RAZLIČITIH ULOGA KORISNIKA

The rapid development of computer technology, cloud-based services have become a hot topic. They not only provide users with convenience, but also bring many security issues, such as data sharing and privacy issue. In this paper, we present an access control system with privilege separation based on privacy protection (PS-ACS). In the PS-ACS scheme, we divide users into private domain (PRD) and public domain (PUD) logically. In PRD, to achieve read access permission and write access permission, we adopt the Key-Aggregate Encryption (KAE) and the Improved Attribute-based Signature (IABS) respectively. In PUD, we construct new multi-authority cipher text policy attribute-based encryption (CP-ABE) scheme with efficient decryption to avoid the issues of single point of failure and complicated key distribution, and design an efficient attribute revocation method for it. The analysis and simulation result shows that our scheme is feasible and superior to protect users’ privacy in cloud-based services.Nagli razvoj računalne tehnologije, usluge temeljene na oblaku, postale su aktualna tema. Oni ne samo da korisnicima pružaju praktičnost, nego i donose mnoga sigurnosna pitanja, kao što je dijeljenje podataka i problem privatnosti. U ovom radu predstavljamo sustav kontrole pristupa s razdvajanjem povlastica na temelju zaštite privatnosti (PS-ACS). U PS-ACS shemi, podijelimo korisnike na privatnu domenu (PRD) i javnu domenu (PUD) logično. U PRD-u, da bi se postiglo dopuštenje pristupa za čitanje i dopuštenje za pisanje, usvajamo ključno šifriranje (KAE) i poboljšani potpis na temelju atributa (IABS). U PUD-u konstruiramo novu shemu šifriranja (CP-ABE) koja se temelji na pravilima šifriranog teksta s učinkovitim dešifriranjem kako bismo izbjegli probleme s jednom točkom neuspjeha i komplicirane distribucije ključeva i dizajnirali učinkovitu metodu opoziva atributa za nju. Rezultati analize i simulacije pokazuju da je naša shema izvediva i superiorna za zaštitu privatnosti korisnika u uslugama temeljenim na oblaku

An Efficient Separation of Users And Improve Access Permissions to Protect User Identity In Cloud

With the quick advancement of PC innovation, cloud-based services have turned into a hotly debated issue. They give clients comfort, as well as bring numerous security issues, for example, information sharing and protection issue. In this, we display an access control framework with privilege separation based on privacy protection (PS-ACS). In the PS-ACS conspire; we isolate clients into private domain (PRD) and public domain (PUD) sensibly. In PRD, to accomplish read get to authorization and compose get to consent, we embrace the Key-Aggregate Encryption (KAE) and the Improved Attribute-based Signature(IABS) separately. In PUD, we develop another multi-specialist cipher text policy attribute-based encryption (CP-ABE) conspire with proficient decoding to maintain a strategic distance from the issues of single purpose of failure and confounded key dissemination, and outline an effective property repudiation technique for it

PREVENTIVNE MJERE PROTIV RAČUNALNOG KRIMINALA: PRIBLIŽAVANJE POJEDINCU

Cybercrime is a combination of information, financial and personal security threats. The purpose of this research is to target statistical data to allocate the most effective preventive measures against cybercrime that would contribute to the combat at the level of potential (or real) cyber victims and cyber criminals. Brining the so-called Cyberethics into the life of people will be preventive against cybercrimes, as it will add to their culture of cyberspace through educational and popular science projects (such-like program that was put into action in Nigeria stroke positively). With the rapid spread of cybercrime, preventive measures geared towards individuals such as anti-criminalization, anti-bullying and anti-phishing propaganda, the practice of shaping negative attitude towards crimes, and discovery of responsibility for committing cybercrimes gain in importance. Society improvement as a counter-move to cut out criminal factors provoking a positive or neutral attitude to cybercrimes should be geared towards better living, as the higher is the standard the lower is the level of cybercrime. Taking individualized preventing measures to people prone to commit cybercrimes will prevent against such even before they take place (with cyber extortion and ransomware threats, such actions gain in relevance). For the fight against cybercrime, special programs are to level down victimization in the field of cybersecurity by fostering a shielding attitude in persons who can become victims. The path of designing such programs will lead to a drop cybercrime activity. Specific public authorities and non-governmental organizations should take part in the preventive process. All-encompassing preventive measures against cybercrime approaching individual at the international level will allow designing specific pilot programs for individualized prevention.Kibernetički kriminal je kombinacija informacijskih, financijskih i osobnih sigurnosnih prijetnji. Svrha ovog istraživanja je ciljati statističke podatke za dodjelu najučinkovitijih preventivnih mjera protiv cyber kriminala koje bi doprinijele borbi na razini potencijalnih (ili stvarnih) cyber žrtava i cyber kriminalaca. Uvođenjem tzv. Cyber-etike u život ljudi bit će preventiva protiv cyber kriminala, jer će doprinijeti njihovoj kulturi korištenja cyber-prostora kroz obrazovne i popularno-znanstvene projekte (takav program je pozitivno djelovao u Nigeriji). S naglim širenjem cyber kriminala, preventivne mjere usmjerene prema pojedincima kao što su anti-kriminalizacija, propaganda protiv zlostavljanja i anti-phishing, praksa oblikovanja negativnog stava prema zločinima i otkrivanje odgovornosti za počinjenje kibernetičkih kriminala dobivaju na važnosti. Poboljšanje društva kao protupotez za izostavljanje kriminalnih čimbenika koji izazivaju pozitivan ili neutralan stav prema kiberkriminalitetu treba biti usmjereno prema boljem životu, jer što je viši standard, to je niža razina cyber kriminala. Poduzimanje individualiziranih mjera za sprječavanje ljudi koji su skloni počiniti kibernetički kriminal spriječit će takve napade čak i prije nego što se dogode (s prijetnjama cyber iznuđivanja i ransomwarea, takve akcije dobivaju na važnosti). Za borbu protiv kibernetičkog kriminala, posebni programi su smanjivanje viktimizacije u području kibernetičke sigurnosti poticanjem zaštitnog stava osoba koje mogu postati žrtve. Put izrade takvih programa dovest će do pada aktivnosti cyber kriminala. U preventivnom procesu trebaju sudjelovati posebna javna tijela i nevladine organizacije. Sveobuhvatne preventivne mjere protiv cyber kriminala koje se približavaju pojedincu na međunarodnoj razini omogućit će osmišljavanje specifičnih pilot-programa za individualiziranu prevenciju