Accelerating Security on Cloud Based Data

The rapid emergence of cloud computing is transforming the way organizations promoting their IT resources. Studying the diversified security aspects, data security can be contemplated as one of the challenging factor to organizations retaining cloud infrastructure. This paper reviews the data security challenges. Based on which we propose a model for storing confidential data over cloud, using enhanced public key cryptographic scheme of RSA. This model proposes a strong and fast cryptography along with user access control

Modified RSA-based algorithm: a double secure approach

Security algorithms like RSA are becoming increasingly important for communications to provide companies, organizations, and users around the world, secure applications who rely heavily on them in their daily work. Security algorithms use different acquaintances among companies which might belong to various countries or even cities. Such data should essentially be encrypted to make sure that there is security in transportation. Thus, the current research paper leads to the novel system of security for the safe transfer of data. This paper examines the general principles of encryption and focuses on the development of RSA and the complexity of the encryption key so that it becomes more secure in the applications used. In this project, we will work on the RSA algorithm by adding some complexity to the 3keys (3k). This addition will increase the security and complexity of the algorithm's speed while maintaining encryption and decryption time. The paper also presents an approach by means of public key encryption to enhance cryptographic security. Moreover, double security is provided by the algorithm of RSA. This novel RSA algorithm was investigated in MATLAB. Numerical results for the various parameters such as Mean Square Error (MSE), correlation and Bit Error Ratio (BER) were implemented for the encryption of the message. The experimental results demonstrated that the proposed algorithm for 3 keys has small error rate in the retrieval of the encoded text

Light-Weight Accountable Privacy Preserving Protocol in Cloud Computing Based on a Third-Party Auditor

Cloud computing is emerging as the next disruptive utility paradigm [1]. It provides extensive storage capabilities and an environment for application developers through virtual machines. It is also the home of software and databases that are accessible, on-demand. Cloud computing has drastically transformed the way organizations, and individual consumers access and interact with Information Technology. Despite significant advancements in this technology, concerns about security are holding back businesses from fully adopting this promising information technology trend. Third-party auditors (TPAs) are becoming more common in cloud computing implementations. Hence, involving auditors comes with its issues such as trust and processing overhead. To achieve productive auditing, we need to (1) accomplish efficient auditing without requesting the data location or introducing processing overhead to the cloud client; (2) avoid introducing new security vulnerabilities during the auditing process. There are various security models for safeguarding the CCs (Cloud Client) data in the cloud. The TPA systematically examines the evidence of compliance with established security criteria in the connection between the CC and the Cloud Service Provider (CSP). The CSP provides the clients with cloud storage, access to a database coupled with services. Many security models have been elaborated to make the TPA more reliable so that the clients can trust the third-party auditor with their data. Our study shows that involving a TPA might come with its shortcomings, such as trust concerns, extra overhead, security, and data manipulation breaches; as well as additional processing, which leads to the conclusion that a lightweight and secure protocol is paramount to the solution. As defined in [2] privacy-preserving is making sure that the three cloud stakeholders are not involved in any malicious activities coming from insiders at the CSP level, making sure to remediate to TPA vulnerabilities and that the CC is not deceitfully affecting other clients. In our survey phase, we have put into perspective the privacy-preserving solutions as they fit the lightweight requirements in terms of processing and communication costs, ending up by choosing the most prominent ones to compare with them our simulation results. In this dissertation, we introduce a novel method that can detect a dishonest TPA: The Light-weight Accountable Privacy-Preserving (LAPP) Protocol. The lightweight characteristic has been proven simulations as the minor impact of our protocol in terms of processing and communication costs. This protocol determines the malicious behavior of the TPA. To validate our proposed protocol’s effectiveness, we have conducted simulation experiments by using the GreenCloud simulator. Based on our simulation results, we confirm that our proposed model provides better outcomes as compared to the other known contending methods

Cloud Computing Security: A Survey

Today, the world of Internet and Information technology, which is turned into a crucial part of human life, is growing rapidly. In this direction, the needs of societies` members including: information security, fast processing, immediate & dynamic access and the most important one, cost saving have been taken into consideration. Security issues used to be the main challenge of the systems` users constantly. A crucial achievement, by which users` data are accessed broadly & comprehensively, is cloud computing and storage in clouds, but this requires establishing data security in a very reliable environment. Cloud based computing, as a new generation of computing infrastructure, was created to reduce the costs of hardware & software resource management and it`s success is due to it`s efficacy, flexibility and it`s security in comparison to other computing approaches. Supporting security of stored data is one of the difficulties and issues discussed in cloud computing field. Our goal is to understand present challenges and solutions in cloud based environment; furthermore, we investigate present algorithms, in terms of application`s speed both in cloud based environment and local networks

Cloud based privacy preserving data mining model using hybrid k-anonymity and partial homomorphic encryption

The evolution of information and communication technologies have encourage numerous organizations to outsource their business and data to cloud computing to perform data mining and other data processing operations. Despite the great benefits of the cloud, it has a real problem in the security and privacy of data. Many studies explained that attackers often reveal the information from third-party services or third-party clouds. When a data owners outsource their data to the cloud, especially the SaaS cloud model, it is difficult to preserve the confidentiality and integrity of the data. Privacy-Preserving Data Mining (PPDM) aims to accomplish data mining operations while protecting the owner's data from violation. The current models of PPDM have some limitations. That is, they suffer from data disclosure caused by identity and attributes disclosure where some private information is revealed which causes the success of different types of attacks. Besides, existing solutions have poor data utility and high computational performance overhead. Therefore, this research aims to design and develop Hybrid Anonymization Cryptography PPDM (HAC-PPDM) model to improve the privacy-preserving level by reducing data disclosure before outsourcing data for mining over the cloud while maintaining data utility. The proposed HAC-PPDM model is further aimed reducing the computational performance overhead to improve efficiency. The Quasi-Identifiers Recognition algorithm (QIR) is defined and designed depending on attributes classification and Quasi-Identifiers dimension determine to overcome the identity disclosure caused by Quasi-Identifiers linking to reduce privacy leakage. An Enhanced Homomorphic Scheme is designed based on hybridizing Cloud-RSA encryption scheme, Extended Euclidean algorithm (EE), Fast Modular Exponentiation algorithm (FME), and Chinese Remainder Theorem (CRT) to minimize the computational time complexity while reducing the attribute disclosure. The proposed QIR, Enhanced Homomorphic Scheme and k-anonymity privacy model have been hybridized to obtain optimal data privacy-preservation before outsourced it on the cloud while maintaining the utility of data that meets the needs of mining with good efficiency. Real-world datasets have been used to evaluate the proposed algorithms and model. The experimental results show that the proposed QIR algorithm improved the data privacy-preserving percentage by 23% while maintaining the same or slightly better data utility. Meanwhile, the proposed Enhanced Homomorphic Scheme is more efficient comparing to the related works in terms of time complexity as represented by Big O notation. Moreover, it reduced the computational time of the encryption, decryption, and key generation time. Finally, the proposed HAC-PPDM model successfully reduced the data disclosures and improved the privacy-preserving level while preserved the data utility as it reduced the information loss. In short, it achieved improvement of privacy preserving and data mining (classification) accuracy by 7.59 % and 0.11 % respectively

Wireless body area network revisited

Rapid growth of wireless body area networks (WBANs) technology allowed the fast and secured acquisition as well as exchange of vast amount of data information in diversified fields. WBANs intend to simplify and improve the speed, accuracy, and reliability of communica-tions from sensors (interior motors) placed on and/or close to the human body, reducing the healthcare cost remarkably. However, the secu-rity of sensitive data transfer using WBANs and subsequent protection from adversaries attack is a major issue. Depending on the types of applications, small and high sensitive sensors having several nodes obtained from invasive/non-invasive micro- and nano- technology can be installed on the human body to capture useful information. Lately, the use of micro-electro-mechanical systems (MEMS) and integrated circuits in wireless communications (WCs) became widespread because of their low-power operation, intelligence, accuracy, and miniaturi-zation. IEEE 802.15.6 and 802.15.4j standards have already been set to specifically regulate the medical networks and WBANs. In this view, present communication provides an all-inclusive overview of the past development, recent progress, challenges and future trends of security technology related to WBANs

Health data in cloud environments

The process of provisioning healthcare involves massive healthcare data which exists in different forms on disparate data sources and in different formats. Consequently, health information systems encounter interoperability problems at many levels. Integrating these disparate systems requires the support at all levels of a very expensive infrastructures. Cloud computing dramatically reduces the expense and complexity of managing IT systems. Business customers do not need to invest in their own costly IT infrastructure, but can delegate and deploy their services effectively to Cloud vendors and service providers. It is inevitable that electronic health records (EHRs) and healthcare-related services will be deployed on cloud platforms to reduce the cost and complexity of handling and integrating medical records while improving efficiency and accuracy. The paper presents a review of EHR including definitions, EHR file formats, structures leading to the discussion of interoperability and security issues. The paper also presents challenges that have to be addressed for realizing Cloudbased healthcare systems: data protection and big health data management. Finally, the paper presents an active data model for housing and protecting EHRs in a Cloud environment

Building standardized and secure mobile health services based on social media

Mobile devices and social media have been used to create empowering healthcare services. However, privacy and security concerns remain. Furthermore, the integration of interoperability biomedical standards is a strategic feature. Thus, the objective of this paper is to build enhanced healthcare services by merging all these components. Methodologically, the current mobile health telemonitoring architectures and their limitations are described, leading to the identification of new potentialities for a novel architecture. As a result, a standardized, secure/private, social-media-based mobile health architecture has been proposed and discussed. Additionally, a technical proof-of-concept (two Android applications) has been developed by selecting a social media (Twitter), a security envelope (open Pretty Good Privacy (openPGP)), a standard (Health Level 7 (HL7)) and an information-embedding algorithm (modifying the transparency channel, with two versions). The tests performed included a small-scale and a boundary scenario. For the former, two sizes of images were tested; for the latter, the two versions of the embedding algorithm were tested. The results show that the system is fast enough (less than 1 s) for most mHealth telemonitoring services. The architecture provides users with friendly (images shared via social media), straightforward (fast and inexpensive), secure/private and interoperable mHealth services

A Dynamic Four-Step Data Security Model for Data in Cloud Computing Based on Cryptography and Steganography

Cloud computing is a rapidly expanding field. It allows users to access computer system resources as needed, particularly data storage and computational power, without managing them directly. This paper aims to create a data security model based on cryptography and steganography for data in cloud computing that seeks to reduce existing security and privacy concerns, such as data loss, data manipulation, and data theft. To identify the problem and determine its core cause, we studied various literature on existing cloud computing security models. This study utilizes design science research methodology. The design science research approach includes problem identification, requirements elicitation, artifact design and development, demonstration, and assessment. Design thinking and the Python programming language are used to build the artifact, and discussion about its working is represented using histograms, tables, and algorithms. This paper’s output is a four-step data security model based on Rivest–Shamir–Adleman, Advanced Encryption Standard, and identity-based encryption algorithms alongside Least Significant Bit steganography. The four steps are data protection and security through encryption algorithms, steganography, data backup and recovery, and data sharing. This proposed approach ensures more cloud data redundancy, flexibility, efficiency, and security by protecting data confidentiality, privacy, and integrity from attackers

Şifreleme Yöntemleri ve RSA Algoritması Üzerine Bir İnceleme

Günümüzde, bilişim teknolojilerinin gelişmesiyle birlikte haberleşme ve bilgi güvenliğinin sağlanması için şifrelemenin önemi giderek artmaktadır. Özellikle internet teknolojisinin gelişmesiyle birlikte veri güvenliğinin sağlanması için birçok şifreleme algoritmaları kullanılmaktadır. Şifreleme algoritmaları simetrik ve asimetrik olmak üzere iki başlık altında incelenmektedir. Bu çalışmada ise simetrik ve asimetrik şifreleme algoritmalarının genel özelliklerine yer vermekle birlikte literatürde önemli bir yere sahip asimetrik şifreleme algoritmalarından biri olan RSA algoritması incelenerek RSA algoritmasının şifreleme yöntemleri üzerindeki etkisi analiz edilmiştir. RSA algoritmasının yapısı, genel özellikleri, avantajı ve dezavantajı hakkında bilgilere yer verilmiştir