Database Security Issues and Challenges in Cloud Computing

The majority of enterprises have recently enthusiastically embraced cloud computing, and at the same time, the database has moved to the cloud. This cloud database paradigm can lower data administration expenses and free up new business to concentrate on the product that is being delivered. Furthermore, issues with scalability, flexibility, performance, availability, and affordability can be resolved with cloud computing. Security, however, has been noted as posing a serious risk to cloud databases and has been essential in fostering public acceptance of cloud computing. Several security factors should be taken into account before implementing any cloud database management system. These features comprise, but are not restricted to, data privacy, data isolation, data availability, data integrity, confidentiality, and defense against insider threats. In this paper, we discuss the most recent research that took into account the security risks and problems associated with adopting cloud databases. In order to better comprehend these problems and how they affect cloud databases, we also provide a conceptual model. Additionally, we look into these problems to the extent that they are relevant and provide two instances of vendors and security features that were used for cloud-based databases. Finally, we provide an overview of the security risks associated with open cloud databases and suggest possible future paths

Topological changes in data-driven dynamic security assessment for power system control

The integration of renewable energy sources into the power system requires new operating paradigms. The higher uncertainty in generation and demand makes the operations much more dynamic than in the past. Novel operating approaches that consider these new dynamics are needed to operate the system close to its physical limits and fully utilise the existing grid assets. Otherwise, expensive investments in redundant grid infrastructure become necessary. This thesis reviews the key role of digitalisation in the shift toward a decarbonised and decentralised power system. Algorithms based on advanced data analytic techniques and machine learning are investigated to operate the system assets at the full capacity while continuously assessing and controlling security. The impact of topological changes on the performance of these data-driven approaches is studied and algorithms to mitigate this impact are proposed. The relevance of this study resides in the increasingly higher frequency of topological changes in modern power systems and in the need to improve the reliability of digitalised approaches against such changes to reduce the risks of relying on them. A novel physics-informed approach to select the most relevant variables (or features) to the dynamic security of the system is first proposed and then used in two different three-stages workflows. In the first workflow, the proposed feature selection approach allows to train classification models from machine learning (or classifiers) close to real-time operation improving their accuracy and robustness against uncertainty. In the second workflow, the selected features are used to define a new metric to detect high-impact topological changes and train new classifiers in response to such changes. Subsequently, the potential of corrective control for a dynamically secure operation is investigated. By using a neural network to learn the safety certificates for the post-fault system, the corrective control is combined with preventive control strategies to maintain the system security and at the same time reduce operational costs and carbon emissions. Finally, exemplary changes in assumptions for data-driven dynamic security assessment when moving from high inertia to low inertia systems are questioned, confirming that using machine learning based models will make significantly more sense in future systems. Future research directions in terms of data generation and model reliability of advanced digitalised approaches for dynamic security assessment and control are finally indicated.Open Acces

Thoughts on hypervisor-based virtualization threats and vulnerabilities / Pensamentos sobre ameaças e vulnerabilidades de virtualização baseadas no hipervisor

As vulnerability and threat analysis play a vital role in software security in an ever-increasing digital world of virtualized computer and information systems, it is paramount that key security concepts are understood and that crucial security practices are applied in order to safeguard these types of assets. For that, this work attempts to provide an insight at vulnerabilities and threats related to the hypervisor model of virtualization while also fomenting a discussion about the security demands and challenges that this technology brings

LeakWatch: Estimating Information Leakage from Java Programs

Abstract. Programs that process secret data may inadvertently reveal information about those secrets in their publicly-observable output. This paper presents LeakWatch, a quantitative information leakage analysis tool for the Java programming language; it is based on a flexible “point-to-point ” information leakage model, where secret and publiclyobservable data may occur at any time during a program’s execution. LeakWatch repeatedly executes a Java program containing both secret and publicly-observable data and uses robust statistical techniques to provide estimates, with confidence intervals, for min-entropy leakage (using a new theoretical result presented in this paper) and mutual information. We demonstrate how LeakWatch can be used to estimate the size of information leaks in a range of real-world Java programs

Secure Virtualization and Multicore Platforms State-of-the-Art report

SVaM

Developing Secure Systems: A Comparative Study of Existing Methodologies

With the increasing demand for developing high-quality and more reliable systems, the process of developing trustworthy computer software is a challenging one. In this paper, we review various approaches to producing more secure systems. This includes established general principles for designing secure systems. It also provides an introduction to general software quality measurements including existing software security metrics. This paper also includes a comparison of the various security metrics for developing secure systems (i.e., architectural, design, and code-level metrics). Lastly, the paper examines the approach of refactoring, illustrates its objectives, and shows how refactoring is generally used for enhancing the quality of existing programs from the perspective of information security. At the end of this paper, we provide a discussion of these three approaches and how they can be used to provide guidance for future secure software development processes

Security comparison of ownCloud, Nextcloud, and Seafile in open source cloud storage solutions

Cloud storage has become one of the most efficient and economical ways to store data over the web. Although most organizations have adopted cloud storage, there are numerous privacy and security concerns about cloud storage and collaboration. Furthermore, adopting public cloud storage may be costly for many enterprises. An open-source cloud storage solution for cloud file sharing is a possible alternative in this instance. There is limited information on system architecture, security measures, and overall throughput consequences when selecting open-source cloud storage solutions despite widespread awareness. There are no comprehensive comparisons available to evaluate open-source cloud storage solutions (specifically owncloud, nextcloud, and seafile) and analyze the impact of platform selections. This thesis will present the concept of cloud storage, a comprehensive understanding of three popular open-source features, architecture, security features, vulnerabilities, and other angles in detail. The goal of the study is to conduct a comparison of these cloud solutions so that users may better understand the various open-source cloud storage solutions and make more knowledgeable selections. The author has focused on four attributes: features, architecture, security, and vulnerabilities of three cloud storage solutions ("ownCloud," "Nextcloud," and "Seafile") since most of the critical issues fall into one of these classifications. The findings show that, while the three services take slightly different approaches to confidentiality, integrity, and availability, they all achieve the same purpose. As a result of this research, the user will have a better understanding of the factors and will be able to make a more informed decision on cloud storage options