24,756 research outputs found
Security aspects of e-health systems migration to the cloud
As adoption of e-health solutions advances, new computing paradigms - such as cloud computing - bring the potential to improve efficiency in managing medical health records and help reduce costs. However, these opportunities introduce new security risks which can not be ignored. Based on our experience with deploying part of the Swedish electronic health records management system in an infrastructure cloud, we make an overview of major requirements that must be considered when migrating e-health systems to the cloud. Furthermore, we describe in-depth a new attack vector inherent to cloud deployments and present a novel data confidentiality and integrity protection mechanism for infrastructure clouds. This contribution aims to encourage exchange of best practices and lessons learned in migrating public e-health systems to the cloud
Hosting critical infrastructure services in the cloud environment considerations
Critical infrastructure technology vendors will inevitability take advantage of the benefits offered by the cloud computing paradigm. While this may offer improved performance and scalability, the associated security threats impede this progression. Hosting critical infrastructure services in the cloud environment may seem inane to some, but currently remote access to the control system over the internet is commonplace. This shares the same characteristics as cloud computing, i.e., on-demand access and resource pooling. There is a wealth of data used within critical infrastructure. There needs to be an assurance that the confidentiality, integrity and availability of this data remains. Authenticity and non-repudiation are also important security requirements for critical infrastructure systems. This paper provides an overview of critical infrastructure and the cloud computing relationship, whilst detailing security concerns and existing protection methods. Discussion on the direction of the area is presented, as is a survey of current protection methods and their weaknesses. Finally, we present our observation and our current research into hosting critical infrastructure services in the cloud environment, and the considerations for detecting cloud attacks. Β© 2015 Inderscience Enterprises Ltd
A Study on Data Protection in Cloud Environment
Data protection in the online environment pertains to the safeguarding of sensitive or important data kept, analyzed, or sent in cloud-based systems. It entails assuring data confidentiality, integrity, and availability, as well as adhering to appropriate data protection requirements. In a nutshell, cloud data protection seeks to protect data against unauthorized access, deletion, or breaches while retaining its accuracy and accessible to authorized users. This is accomplished in the cloud environment using various security measures, encryption approaches, access controls, disaster recovery and backup processes, and constant monitoring and threat detection. The research significance of data protection in the cloud environment can be summarized as follows: Security and Privacy: Research in data protection in the cloud helps address the security and privacy concerns associated with storing and processing sensitive data in cloud-based systems. It explores and develops advanced security mechanisms, encryption techniques, and access controls to protect data from unauthorized access, data breaches, and privacy violations. Trust and Confidence: Research in data protection contributes to building trust and confidence in cloud computing. By developing robust security solutions and demonstrating their effectiveness, research helps alleviate concerns about data security and privacy, fostering greater adoption of cloud services by organizations and individuals. Compliance and Regulations: Cloud computing often involves compliance with data protection regulations and industry standards. Research in this area explores the legal and regulatory aspects of data protection in the cloud and helps organizations understand and comply with relevant requirements. Data Resilience and Recovery: Research in data protection focuses on ensuring data resilience and developing efficient data recovery mechanisms in the cloud. It explores backup and disaster recovery strategies, data replication techniques, and data loss prevention methods to minimize downtime, recover data promptly, and maintain business continuity in the event of system failures or disasters. By addressing these research areas, studies on data protection in the cloud environment contribute to enhancing security, privacy, compliance, and resilience in cloud computing. They provide valuable insights, practical solutions, and guidelines for organizations and service providers to protect data effectively and maintain the trust of users in cloud-based services. The weighted product method approach is commonly used to choose the best data protection in cloud environment. CCSS1, CCSS2, CCSS3, CCSS4, CCSS5 data visibility, data integrity, Maintains compliance, Data security, Data storage. From the result it is seen that CCSS2 got highest rank whereas CCSS5 got lowest rank According to the results, CCSS2 was ranked first
Security, Performance and Energy Trade-offs of Hardware-assisted Memory Protection Mechanisms
The deployment of large-scale distributed systems, e.g., publish-subscribe
platforms, that operate over sensitive data using the infrastructure of public
cloud providers, is nowadays heavily hindered by the surging lack of trust
toward the cloud operators. Although purely software-based solutions exist to
protect the confidentiality of data and the processing itself, such as
homomorphic encryption schemes, their performance is far from being practical
under real-world workloads.
The performance trade-offs of two novel hardware-assisted memory protection
mechanisms, namely AMD SEV and Intel SGX - currently available on the market to
tackle this problem, are described in this practical experience.
Specifically, we implement and evaluate a publish/subscribe use-case and
evaluate the impact of the memory protection mechanisms and the resulting
performance. This paper reports on the experience gained while building this
system, in particular when having to cope with the technical limitations
imposed by SEV and SGX.
Several trade-offs that provide valuable insights in terms of latency,
throughput, processing time and energy requirements are exhibited by means of
micro- and macro-benchmarks.Comment: European Commission Project: LEGaTO - Low Energy Toolset for
Heterogeneous Computing (EC-H2020-780681
Confidential Consortium Framework: Secure Multiparty Applications with Confidentiality, Integrity, and High Availability
Confidentiality, integrity protection, and high availability, abbreviated to
CIA, are essential properties for trustworthy data systems. The rise of cloud
computing and the growing demand for multiparty applications however means that
building modern CIA systems is more challenging than ever. In response, we
present the Confidential Consortium Framework (CCF), a general-purpose
foundation for developing secure stateful CIA applications. CCF combines
centralized compute with decentralized trust, supporting deployment on
untrusted cloud infrastructure and transparent governance by mutually untrusted
parties. CCF leverages hardware-based trusted execution environments for
remotely verifiable confidentiality and code integrity. This is coupled with
state machine replication backed by an auditable immutable ledger for data
integrity and high availability. CCF enables each service to bring its own
application logic, custom multiparty governance model, and deployment scenario,
decoupling the operators of nodes from the consortium that governs them. CCF is
open-source and available now at https://github.com/microsoft/CCF.Comment: 16 pages, 9 figures. To appear in the Proceedings of the VLDB
Endowment, Volume 1
Strengths and Vulnerabilities of Cloud Computing in Mauritius
ABSTRACT This research paper is based on the Strengths and vulnerabilities of cloud computing in Mauritius and abroad. In this research paper, a holistic view was taken on some security concern in cloud computing spanning across the possible issues and vulnerabilities connected to different infrastructures and software platforms. It will give an insight of the aspect of securities of cloud computing on data protection, confidentiality, vendor lock-in and data portability and evaluate the security systems implemented within cloud service models like Software as a Service, Platform as a Service, Infrastructure as a Service and Network as a Service. This paper will help you to identify the areas where organisations should focus before choosing an appropriate Cloud Service Provider (CSP) prior to moving to clouds
Comparative Analysis of Some Efficient Data Security Methods among Cryptographic Techniques for Cloud Data Security
The concept of cloud computing model is to grant users access to outsource data from the cloud server without them having to worry about aspects of the hardware and software management. The owner of the data encrypts it before outsourcing to a Cloud Service Provider (CSP) server for effective deployment of sensitive data. Data confidentiality is a demanding task of cloud data protection. Thus, to solve this problem, lots of techniques are needed to defend the shared data. We focus on cryptography to secure the data while transmitting in the network. We deployed Advanced Encryption Standard (AES) used as encryption method for cloud data security, to encrypt the sensitive data which is to be transmitted from sender to receiver in the network and to decrypt so that the receiver can view the original data. Arrays of encryption systems are being deployed in the world of Information Systems by various organizations. In this paper, comparative analysis of some various encryption algorithms in cryptography have been implemented by comparing their performance in terms of stimulated time during Encryption and decryption in the network.
Keywords: AES, Data Control, Data Privacy, Data Storage, Encryption Algorithms, Verification
State of The Art and Hot Aspects in Cloud Data Storage Security
Along with the evolution of cloud computing and cloud storage towards matu-
rity, researchers have analyzed an increasing range of cloud computing security
aspects, data security being an important topic in this area. In this paper, we
examine the state of the art in cloud storage security through an overview of
selected peer reviewed publications. We address the question of defining cloud
storage security and its different aspects, as well as enumerate the main vec-
tors of attack on cloud storage. The reviewed papers present techniques for key
management and controlled disclosure of encrypted data in cloud storage, while
novel ideas regarding secure operations on encrypted data and methods for pro-
tection of data in fully virtualized environments provide a glimpse of the toolbox
available for securing cloud storage. Finally, new challenges such as emergent
government regulation call for solutions to problems that did not receive enough
attention in earlier stages of cloud computing, such as for example geographical
location of data. The methods presented in the papers selected for this review
represent only a small fraction of the wide research effort within cloud storage
security. Nevertheless, they serve as an indication of the diversity of problems
that are being addressed
- β¦