3,604 research outputs found
Secure Cloud Storage with Client-Side Encryption Using a Trusted Execution Environment
With the evolution of computer systems, the amount of sensitive data to be
stored as well as the number of threats on these data grow up, making the data
confidentiality increasingly important to computer users. Currently, with
devices always connected to the Internet, the use of cloud data storage
services has become practical and common, allowing quick access to such data
wherever the user is. Such practicality brings with it a concern, precisely the
confidentiality of the data which is delivered to third parties for storage. In
the home environment, disk encryption tools have gained special attention from
users, being used on personal computers and also having native options in some
smartphone operating systems. The present work uses the data sealing, feature
provided by the Intel Software Guard Extensions (Intel SGX) technology, for
file encryption. A virtual file system is created in which applications can
store their data, keeping the security guarantees provided by the Intel SGX
technology, before send the data to a storage provider. This way, even if the
storage provider is compromised, the data are safe. To validate the proposal,
the Cryptomator software, which is a free client-side encryption tool for cloud
files, was integrated with an Intel SGX application (enclave) for data sealing.
The results demonstrate that the solution is feasible, in terms of performance
and security, and can be expanded and refined for practical use and integration
with cloud synchronization services
Systematic Review on Security and Privacy Requirements in Edge Computing: State of the Art and Future Research Opportunities
Edge computing is a promising paradigm that enhances the capabilities of cloud computing. In order to continue patronizing the computing services, it is essential to conserve a good atmosphere free from all kinds of security and privacy breaches. The security and privacy issues associated with the edge computing environment have narrowed the overall acceptance of the technology as a reliable paradigm. Many researchers have reviewed security and privacy issues in edge computing, but not all have fully investigated the security and privacy requirements. Security and privacy requirements are the objectives that indicate the capabilities as well as functions a system performs in eliminating certain security and privacy vulnerabilities. The paper aims to substantially review the security and privacy requirements of the edge computing and the various technological methods employed by the techniques used in curbing the threats, with the aim of helping future researchers in identifying research opportunities. This paper investigate the current studies and highlights the following: (1) the classification of security and privacy requirements in edge computing, (2) the state of the art techniques deployed in curbing the security and privacy threats, (3) the trends of technological methods employed by the techniques, (4) the metrics used for evaluating the performance of the techniques, (5) the taxonomy of attacks affecting the edge network, and the corresponding technological trend employed in mitigating the attacks, and, (6) research opportunities for future researchers in the area of edge computing security and privacy
State of The Art and Hot Aspects in Cloud Data Storage Security
Along with the evolution of cloud computing and cloud storage towards matu-
rity, researchers have analyzed an increasing range of cloud computing security
aspects, data security being an important topic in this area. In this paper, we
examine the state of the art in cloud storage security through an overview of
selected peer reviewed publications. We address the question of defining cloud
storage security and its different aspects, as well as enumerate the main vec-
tors of attack on cloud storage. The reviewed papers present techniques for key
management and controlled disclosure of encrypted data in cloud storage, while
novel ideas regarding secure operations on encrypted data and methods for pro-
tection of data in fully virtualized environments provide a glimpse of the toolbox
available for securing cloud storage. Finally, new challenges such as emergent
government regulation call for solutions to problems that did not receive enough
attention in earlier stages of cloud computing, such as for example geographical
location of data. The methods presented in the papers selected for this review
represent only a small fraction of the wide research effort within cloud storage
security. Nevertheless, they serve as an indication of the diversity of problems
that are being addressed
Multi Round Selective Encryption using AES over Storage Cloud
Cloud computing is the re-incarnation of the client-server architecture. It is highly promising technology because of its unlimited resource provisioning and data storage services which help us in managing the data as per requirements. Due to the use of internet and vital remote servers to maintain the data and applications, the cloud computing environment becomes open for the attackers to attack on the user data and communication services. This paper mainly focuses on the user authentication and data security over the Broker Cloud Computing Paradigm by purposing new cryptographic technique named as Multi Round Selective Encryption using AES. Along with this, we compared our approach with existing cryptographic techniques as AES, Blowfish and Selective encryption to find out its pros and cons. The Multi Round Selective Encryption with AES is the best suitable technique where the file size is large because it gives fast execution by maintaining the encryption complexity as compared to selective encryption technique in public and hybrid cloud
IoT Security Vulnerabilities and Predictive Signal Jamming Attack Analysis in LoRaWAN
Internet of Things (IoT) gains popularity in recent times due to its flexibility, usability, diverse applicability and ease of
deployment. However, the issues related to security is less explored. The IoT devices are light weight in nature and have low
computation power, low battery life and low memory. As incorporating security features are resource expensive, IoT devices are
often found to be less protected and in recent times, more IoT devices have been routinely attacked due to high profile security
flaws. This paper aims to explore the security vulnerabilities of IoT devices particularly that use Low Power Wide Area Networks
(LPWANs). In this work, LoRaWAN based IoT security vulnerabilities are scrutinised and loopholes are identified. An attack was
designed and simulated with the use of a predictive model of the device data generation. The paper demonstrated that by predicting
the data generation model, jamming attack can be carried out to block devices from sending data successfully. This research will
aid in the continual development of any necessary countermeasures and mitigations for LoRaWAN and LPWAN functionality of
IoT networks in general
Enhancement Data Security in Cloud Computing: Issues and Challenges
Cloud Computing can save an organization’s time and money but trusting the system is very much important because the real asset of any organization is the data which they share in the cloud to use the needed service by putting it directly in the relational database. No organization can transfer its data or information to a third party until a bridge of trust is built. This paper provides a concise and all roun小d analysis on data security and privacy protection issues associated with computing across all stages of data life cycle. It argues that, in contrast to the traditional solution where unauthorized third party can access organizational data illegally which raises a serious concern since data is scattered at different places all over the globe. The security concerns of users need to be addressed to make cloud environment safe and trustworthy. Every cloud provider solves this by encrypting data using encryption algorithm which is inadequate. The paper concludes by recommending that in addition to the traditional methods, the security of cloud computing can also be enhanced through authentication using thumb print, face, voice and image identification. Keywords: Cloud computing, Information Technology, Data Integrity, Authentication, Security and Challenges
Internet of Things-aided Smart Grid: Technologies, Architectures, Applications, Prototypes, and Future Research Directions
Traditional power grids are being transformed into Smart Grids (SGs) to
address the issues in existing power system due to uni-directional information
flow, energy wastage, growing energy demand, reliability and security. SGs
offer bi-directional energy flow between service providers and consumers,
involving power generation, transmission, distribution and utilization systems.
SGs employ various devices for the monitoring, analysis and control of the
grid, deployed at power plants, distribution centers and in consumers' premises
in a very large number. Hence, an SG requires connectivity, automation and the
tracking of such devices. This is achieved with the help of Internet of Things
(IoT). IoT helps SG systems to support various network functions throughout the
generation, transmission, distribution and consumption of energy by
incorporating IoT devices (such as sensors, actuators and smart meters), as
well as by providing the connectivity, automation and tracking for such
devices. In this paper, we provide a comprehensive survey on IoT-aided SG
systems, which includes the existing architectures, applications and prototypes
of IoT-aided SG systems. This survey also highlights the open issues,
challenges and future research directions for IoT-aided SG systems
- …