54,356 research outputs found
Enhanced Cauchy Matrix Reed-Solomon Codes and Role-Based Cryptographic Data Access for Data Recovery and Security in Cloud Environment
In computer systems ensuring proper authorization is a significant challenge, particularly with the rise of open systems and dispersed platforms like the cloud. Role-Based Access Control (RBAC) has been widely adopted in cloud server applications due to its popularity and versatility. When granting authorization access to data stored in the cloud for collecting evidence against offenders, computer forensic investigations play a crucial role. As cloud service providers may not always be reliable, data confidentiality should be ensured within the system. Additionally, a proper revocation procedure is essential for managing users whose credentials have expired. With the increasing scale and distribution of storage systems, component failures have become more common, making fault tolerance a critical concern. In response to this, a secure data-sharing system has been developed, enabling secure key distribution and data sharing for dynamic groups using role-based access control and AES encryption technology. Data recovery involves storing duplicate data to withstand a certain level of data loss. To secure data across distributed systems, the erasure code method is employed. Erasure coding techniques, such as Reed-Solomon codes, have the potential to significantly reduce data storage costs while maintaining resilience against disk failures. In light of this, there is a growing interest from academia and the corporate world in developing innovative coding techniques for cloud storage systems. The research goal is to create a new coding scheme that enhances the efficiency of Reed-Solomon coding using the sophisticated Cauchy matrix to achieve fault toleranc
Concept of Trusted Transaction for Secure Cloud Transactions
In this project, we are providing accuracy and improving performance of cloud transactions in distributed transactional database system deployed over cloud servers.
Data transfer from one system to another means data will be transferred from system to database through third-party service, this third party provide the service of the transaction manager.
A distributed transactional data stored in database has access to one or more systems or suitable users (it is not system to system connection but it is database to user, client and cloud server connection). The transaction manager checks if the users, client have the privileges by checking their credentials and based on that he gives permissions This is called as host connection (Cloud server) for data accessing.
Storing the data in to cloud server means it is a global storage any one can access after checking the policy based authorization system which protect the sensitive data. It enables only suitable users to access the data.
Two-Phase Validation Commit (2PVC) protocol ensures that a transaction is safe and secure by checking if the user is authorized or not and then checks again if he has permissions or not. This improve the security and performance
ForensiBlock: A Provenance-Driven Blockchain Framework for Data Forensics and Auditability
Maintaining accurate provenance records is paramount in digital forensics, as
they underpin evidence credibility and integrity, addressing essential aspects
like accountability and reproducibility. Blockchains have several properties
that can address these requirements. Previous systems utilized public
blockchains, i.e., treated blockchain as a black box, and benefiting from the
immutability property. However, the blockchain was accessible to everyone,
giving rise to security concerns and moreover, efficient extraction of
provenance faces challenges due to the enormous scale and complexity of digital
data. This necessitates a tailored blockchain design for digital forensics. Our
solution, Forensiblock has a novel design that automates investigation steps,
ensures secure data access, traces data origins, preserves records, and
expedites provenance extraction. Forensiblock incorporates Role-Based Access
Control with Staged Authorization (RBAC-SA) and a distributed Merkle root for
case tracking. These features support authorized resource access with an
efficient retrieval of provenance records. Particularly, comparing two methods
for extracting provenance records off chain storage retrieval with Merkle root
verification and a brute-force search the offchain method is significantly
better, especially as the blockchain size and number of cases increase. We also
found that our distributed Merkle root creation slightly increases smart
contract processing time but significantly improves history access. Overall, we
show that Forensiblock offers secure, efficient, and reliable handling of
digital forensic dataComment: This work has been submitted to the IEEE for possible publication.
Copyright may be transferred without notice, after which this version may no
longer be accessibl
Secure data sharing and processing in heterogeneous clouds
The extensive cloud adoption among the European Public Sector Players empowered them to own and operate a range of cloud infrastructures. These deployments vary both in the size and capabilities, as well as in the range of employed technologies and processes. The public sector, however, lacks the necessary technology to enable effective, interoperable and secure integration of a multitude of its computing clouds and services. In this work we focus on the federation of private clouds and the approaches that enable secure data sharing and processing among the collaborating infrastructures and services of public entities. We investigate the aspects of access control, data and security policy languages, as well as cryptographic approaches that enable fine-grained security and data processing in semi-trusted environments. We identify the main challenges and frame the future work that serve as an enabler of interoperability among heterogeneous infrastructures and services. Our goal is to enable both security and legal conformance as well as to facilitate transparency, privacy and effectivity of private cloud federations for the public sector needs. © 2015 The Authors
SciTokens: Capability-Based Secure Access to Remote Scientific Data
The management of security credentials (e.g., passwords, secret keys) for
computational science workflows is a burden for scientists and information
security officers. Problems with credentials (e.g., expiration, privilege
mismatch) cause workflows to fail to fetch needed input data or store valuable
scientific results, distracting scientists from their research by requiring
them to diagnose the problems, re-run their computations, and wait longer for
their results. In this paper, we introduce SciTokens, open source software to
help scientists manage their security credentials more reliably and securely.
We describe the SciTokens system architecture, design, and implementation
addressing use cases from the Laser Interferometer Gravitational-Wave
Observatory (LIGO) Scientific Collaboration and the Large Synoptic Survey
Telescope (LSST) projects. We also present our integration with widely-used
software that supports distributed scientific computing, including HTCondor,
CVMFS, and XrootD. SciTokens uses IETF-standard OAuth tokens for
capability-based secure access to remote scientific data. The access tokens
convey the specific authorizations needed by the workflows, rather than
general-purpose authentication impersonation credentials, to address the risks
of scientific workflows running on distributed infrastructure including NSF
resources (e.g., LIGO Data Grid, Open Science Grid, XSEDE) and public clouds
(e.g., Amazon Web Services, Google Cloud, Microsoft Azure). By improving the
interoperability and security of scientific workflows, SciTokens 1) enables use
of distributed computing for scientific domains that require greater data
protection and 2) enables use of more widely distributed computing resources by
reducing the risk of credential abuse on remote systems.Comment: 8 pages, 6 figures, PEARC '18: Practice and Experience in Advanced
Research Computing, July 22--26, 2018, Pittsburgh, PA, US
- …