Service Migration from Cloud to Multi-tier Fog Nodes for Multimedia Dissemination with QoE Support.

A wide range of multimedia services is expected to be offered for mobile users via various wireless access networks. Even the integration of Cloud Computing in such networks does not support an adequate Quality of Experience (QoE) in areas with high demands for multimedia contents. Fog computing has been conceptualized to facilitate the deployment of new services that cloud computing cannot provide, particularly those demanding QoE guarantees. These services are provided using fog nodes located at the network edge, which is capable of virtualizing their functions/applications. Service migration from the cloud to fog nodes can be actuated by request patterns and the timing issues. To the best of our knowledge, existing works on fog computing focus on architecture and fog node deployment issues. In this article, we describe the operational impacts and benefits associated with service migration from the cloud to multi-tier fog computing for video distribution with QoE support. Besides that, we perform the evaluation of such service migration of video services. Finally, we present potential research challenges and trends

Mobile crowd sensing architectural frameworks: A comprehensive survey

Mobile Crowd Sensing has emerged as a new sensing paradigm, efficiently exploiting human intelligence and mobility in conjunction with advanced capabilities and proliferation of mobile devices. In order for MCS applications to reach their full potentials, a number of research challenges should be sufficiently addressed. The aim of this paper is to survey representative mobile crowd sensing applications and frameworks proposed in related research literature, analyze their distinct features and discuss on their relative merits and weaknesses, highlighting also potential solutions, in order to take a step closer to the definition of a unified MCS architectural framework

An extensive research survey on data integrity and deduplication towards privacy in cloud storage

Owing to the highly distributed nature of the cloud storage system, it is one of the challenging tasks to incorporate a higher degree of security towards the vulnerable data. Apart from various security concerns, data privacy is still one of the unsolved problems in this regards. The prime reason is that existing approaches of data privacy doesn't offer data integrity and secure data deduplication process at the same time, which is highly essential to ensure a higher degree of resistance against all form of dynamic threats over cloud and internet systems. Therefore, data integrity, as well as data deduplication is such associated phenomena which influence data privacy. Therefore, this manuscript discusses the explicit research contribution toward data integrity, data privacy, and data deduplication. The manuscript also contributes towards highlighting the potential open research issues followed by a discussion of the possible future direction of work towards addressing the existing problems

Cryptography-based secure data storage and sharing using HEVC and public clouds

© 2016 Elsevier Inc. Mobile devices are widely used for uploading/downloading media files such as audio, video and images to/from the remote servers. These devices have limited resources and are required to offload resource-consuming media processing tasks to the clouds for further processing. Migration of these tasks means that the media services provided by the clouds need to be authentic and trusted by the mobile users. The existing schemes for secure exchange of media files between the mobile devices and the clouds have limitations in terms of memory support, processing load, battery power, and data size. These schemes lack the support for large-sized video files and are not suitable for resource-constrained mobile devices. This paper proposes a secure, lightweight, robust, and efficient scheme for data exchange between the mobile users and the media clouds. The proposed scheme considers High Efficiency Video Coding (HEVC) Intra-encoded video streams in unsliced mode as a source for data hiding. Our proposed scheme aims to support real-time processing with power-saving constraint in mind. Advanced Encryption Standard (AES) is used as a base encryption technique by our proposed scheme. The simulation results clearly show that the proposed scheme outperforms AES-256 by decreasing the processing time up to 4.76% and increasing the data size up to 0.72% approximately. The proposed scheme can readily be applied to real-time cloud media streaming

A User-Centric Access Control Framework for Cloud Computing

A huge amount of data is generated due to the growth of advanced information technology, online availability and easy access to cloud computing. In cloud computing, user can easily store and share their information across the cloud. With the rapid growth of cloud computing, user’s security and privacy has become a serious concern. Despite various existing security mechanisms, enterprises are still afraid of losing their outsourced data and unauthorized access. In most cases, access control mechanism and authorization rule follow a web application. This makes it limited, tightly bound to web application functionality and also doesn’t complete the security requirements for the individual user that results in poor protection against unauthorized access. To overcome the issue of privacy and protection, a suggestion is given in this study to empower the owner of any piece of data and information to protect their resource according to their own semantics. In this thesis, a new approach is presented that externalize access control policy and empower the user to control access on their data according to their semantics and wishes. The proposed framework provides PKI standard base secure access control mechanism and describes the protocol interface between the different components to enforce user-centric access control policy

Unified System on Chip RESTAPI Service (USOCRS)

Abstract. This thesis investigates the development of a Unified System on Chip RESTAPI Service (USOCRS) to enhance the efficiency and effectiveness of SOC verification reporting. The research aims to overcome the challenges associated with the transfer, utilization, and interpretation of SoC verification reports by creating a unified platform that integrates various tools and technologies. The research methodology used in this study follows a design science approach. A thorough literature review was conducted to explore existing approaches and technologies related to SOC verification reporting, automation, data visualization, and API development. The review revealed gaps in the current state of the field, providing a basis for further investigation. Using the insights gained from the literature review, a system design and implementation plan were developed. This plan makes use of cutting-edge technologies such as FASTAPI, SQL and NoSQL databases, Azure Active Directory for authentication, and Cloud services. The Verification Toolbox was employed to validate SoC reports based on the organization’s standards. The system went through manual testing, and user satisfaction was evaluated to ensure its functionality and usability. The results of this study demonstrate the successful design and implementation of the USOCRS, offering SOC engineers a unified and secure platform for uploading, validating, storing, and retrieving verification reports. The USOCRS facilitates seamless communication between users and the API, granting easy access to vital information including successes, failures, and test coverage derived from submitted SoC verification reports. By automating and standardizing the SOC verification reporting process, the USOCRS eliminates manual and repetitive tasks usually done by developers, thereby enhancing productivity, and establishing a robust and reliable framework for report storage and retrieval. Through the integration of diverse tools and technologies, the USOCRS presents a comprehensive solution that adheres to the required specifications of the SOC schema used within the organization. Furthermore, the USOCRS significantly improves the efficiency and effectiveness of SOC verification reporting. It facilitates the submission process, reduces latency through optimized data storage, and enables meaningful extraction and analysis of report data

OmniShare : Encrypted Cloud Storage for the Multi-Device Era

Two attractive features of cloud storage services are (1) the automatic synchronization of files between multiple devices and (2) the possibility of sharing files with other users. However, many users are concerned about the security and privacy of data stored in the cloud. Client-side encryption is an effective safeguard, but it requires all client devices to have the decryption key. Current solutions derive these keys from user-chosen passwords, which are easily guessed. We present OmniShare, the first scheme to combine strong client-side encryption with intuitive key distribution mechanisms to enable access from multiple client devices and sharing between users. OmniShare uses a novel combination of out-of-band channels (including QR codes and ultrasonic communication), as well as the cloud storage service itself, to authenticate new devices. We describe the design and implementation of OmniShare and explain how we evaluated its security (using formal methods), its performance (benchmarks), and its usability (cognitive walkthrough).Two attractive features of cloud storage services are (1) the automatic synchronization of files between multiple devices and (2) the possibility of sharing files with other users. However, many users are concerned about the security and privacy of data stored in the cloud. Client-side encryption is an effective safeguard, but it requires all client devices to have the decryption key. Current solutions derive these keys from user-chosen passwords, which are easily guessed. We present OmniShare, the first scheme to combine strong client-side encryption with intuitive key distribution mechanisms to enable access from multiple client devices and sharing between users. OmniShare uses a novel combination of out-of-band channels (including QR codes and ultrasonic communication), as well as the cloud storage service itself, to authenticate new devices. We describe the design and implementation of OmniShare and explain how we evaluated its security (using formal methods), its performance (benchmarks), and its usability (cognitive walkthrough).Peer reviewe

Towards Blockchain-based Remote Management Systems for Patients with Movement Disorders

Secure storage and sharing of patients' medical data over the Internet are part of the challenges for emerging healthcare systems. The use of blockchain technology in medical Internet of things systems can be considered a safe and novel solution to overcome such challenges. Patients with movement disorders require multi-disciplinary management and must continuously receive medical care from a specialist. Due to the increasing costs of face-to-face treatment, especially during the pandemic, patients would highly benefit from remote monitoring and management. The proposed work presents a model for blockchain-based remote management systems for patients with movement disorders, especially those with Parkinson's disease. The model ensures a high level of integrity and decreases the security risks of medical data sharing.Comment: Presented at the 31th International Conference on Electrical Engineering (ICEE), Tehran, Iran, May 202

Data security in cloud storage services

Cloud Computing is considered to be the next-generation architecture for ICT where it moves the application software and databases to the centralized large data centers. It aims to offer elastic IT services where clients can benefit from significant cost savings of the pay-per-use model and can easily scale up or down, and do not have to make large investments in new hardware. However, the management of the data and services in this cloud model is under the control of the provider. Consequently, the cloud clients have less control over their outsourced data and they have to trust cloud service provider to protect their data and infrastructure from both external and internal attacks. This is especially true with cloud storage services. Nowadays, users rely on cloud storage as it offers cheap and unlimited data storage that is available for use by multiple devices (e.g. smart phones, tablets, notebooks, etc.). Besides famous cloud storage providers, such as Amazon, Google, and Microsoft, more and more third-party cloud storage service providers are emerging. These services are dedicated to offering more accessible and user friendly storage services to cloud customers. Examples of these services include Dropbox, Box.net, Sparkleshare, UbuntuOne or JungleDisk. These cloud storage services deliver a very simple interface on top of the cloud storage provided by storage service providers. File and folder synchronization between different machines, sharing files and folders with other users, file versioning as well as automated backups are the key functionalities of these emerging cloud storage services. Cloud storage services have changed the way users manage and interact with data outsourced to public providers. With these services, multiple subscribers can collaboratively work and share data without concerns about their data consistency, availability and reliability. Although these cloud storage services offer attractive features, many customers have not adopted these services. Since data stored in these services is under the control of service providers resulting in confidentiality and security concerns and risks. Therefore, using cloud storage services for storing valuable data depends mainly on whether the service provider can offer sufficient security and assurance to meet client requirements. From the way most cloud storage services are constructed, we can notice that these storage services do not provide users with sufficient levels of security leading to an inherent risk on users\u27 data from external and internal attacks. These attacks take the form of: data exposure (lack of data confidentiality); data tampering (lack of data integrity); and denial of data (lack of data availability) by third parties on the cloud or by the cloud provider himself. Therefore, the cloud storage services should ensure the data confidentiality in the following state: data in motion (while transmitting over networks), data at rest (when stored at provider\u27s disks). To address the above concerns, confidentiality and access controllability of outsourced data with strong cryptographic guarantee should be maintained. To ensure data confidentiality in public cloud storage services, data should be encrypted data before it is outsourced to these services. Although, users can rely on client side cloud storage services or software encryption tools for encrypting user\u27s data; however, many of these services fail to achieve data confidentiality. Box, for example, does not encrypt user files via SSL and within Box servers. Client side cloud storage services can intentionally/unintentionally disclose user decryption keys to its provider. In addition, some cloud storage services support convergent encryption for encrypting users\u27 data exposing it to “confirmation of a file attack. On the other hand, software encryption tools use full-disk encryption (FDE) which is not feasible for cloud-based file sharing services, because it encrypts the data as virtual hard disks. Although encryption can ensure data confidentiality; however, it fails to achieve fine-grained access control over outsourced data. Since, public cloud storage services are managed by un-trusted cloud service provider, secure and efficient fine-grained access control cannot be realized through these services as these policies are managed by storage services that have full control over the sharing process. Therefore, there is not any guarantee that they will provide good means for efficient and secure sharing and they can also deduce confidential information about the outsourced data and users\u27 personal information. In this work, we would like to improve the currently employed security measures for securing data in cloud store services. To achieve better data confidentiality for data stored in the cloud without relying on cloud service providers (CSPs) or putting any burden on users, in this thesis, we designed a secure cloud storage system framework that simultaneously achieves data confidentiality, fine-grained access control on encrypted data and scalable user revocation. This framework is built on a third part trusted (TTP) service that can be employed either locally on users\u27 machine or premises, or remotely on top of cloud storage services. This service shall encrypts users data before uploading it to the cloud and decrypts it after downloading from the cloud; therefore, it remove the burden of storing, managing and maintaining encryption/decryption keys from data owner\u27s. In addition, this service only retains user\u27s secret key(s) not data. Moreover, to ensure high security for these keys, it stores them on hardware device. Furthermore, this service combines multi-authority ciphertext policy attribute-based encryption (CP-ABE) and attribute-based Signature (ABS) for achieving many-read-many-write fine-grained data access control on storage services. Moreover, it efficiently revokes users\u27 privileges without relying on the data owner for re-encrypting massive amounts of data and re-distributing the new keys to the authorized users. It removes the heavy computation of re-encryption from users and delegates this task to the cloud service provider (CSP) proxy servers. These proxy servers achieve flexible and efficient re-encryption without revealing underlying data to the cloud. In our designed architecture, we addressed the problem of ensuring data confidentiality against cloud and against accesses beyond authorized rights. To resolve these issues, we designed a trusted third party (TTP) service that is in charge of storing data in an encrypted format in the cloud. To improve the efficiency of the designed architecture, the service allows the users to choose the level of severity of the data and according to this level different encryption algorithms are employed. To achieve many-read-many-write fine grained access control, we merge two algorithms (multi-authority ciphertext policy attribute-based encryption (MA- CP-ABE) and attribute-based Signature (ABS)). Moreover, we support two levels of revocation: user and attribute revocation so that we can comply with the collaborative environment. Last but not least, we validate the effectiveness of our design by carrying out a detailed security analysis. This analysis shall prove the correctness of our design in terms of data confidentiality each stage of user interaction with the cloud