State of The Art and Hot Aspects in Cloud Data Storage Security

Along with the evolution of cloud computing and cloud storage towards matu- rity, researchers have analyzed an increasing range of cloud computing security aspects, data security being an important topic in this area. In this paper, we examine the state of the art in cloud storage security through an overview of selected peer reviewed publications. We address the question of defining cloud storage security and its different aspects, as well as enumerate the main vec- tors of attack on cloud storage. The reviewed papers present techniques for key management and controlled disclosure of encrypted data in cloud storage, while novel ideas regarding secure operations on encrypted data and methods for pro- tection of data in fully virtualized environments provide a glimpse of the toolbox available for securing cloud storage. Finally, new challenges such as emergent government regulation call for solutions to problems that did not receive enough attention in earlier stages of cloud computing, such as for example geographical location of data. The methods presented in the papers selected for this review represent only a small fraction of the wide research effort within cloud storage security. Nevertheless, they serve as an indication of the diversity of problems that are being addressed

BMSQABSE: Design of a Bioinspired Model to Improve Security & QoS Performance for Blockchain-Powered Attribute-based Searchable Encryption Applications

Attribute-based searchable encryption (ABSE) is a sub-field of security models that allow intensive searching capabilities for cloud-based shared storage applications. ABSE Models require higher computational power, which limits their application to high-performance computing devices. Moreover, ABSE uses linear secret sharing scheme (LSSS), which requires larger storage when compared with traditional encryption models. To reduce computational complexity, and optimize storage cost, various researchers have proposed use of Machine Learning Models (MLMs), that assist in identification & removal of storage & computational redundancies. But most of these models use static reconfiguration, thus cannot be applied to large-scale deployments. To overcome this limitation, a novel combination of Grey Wolf Optimization (GWO) with Particle Swarm Optimization (PSO) model to improve Security & QoS performance for Blockchain-powered Attribute-based Searchable Encryption deployments is proposed in this text. The proposed model augments ABSE parameters to reduce its complexity and improve QoS performance under different real-time user request scenarios. It intelligently selects cyclic source groups with prime order & generator values to create bilinear maps that are used for ABSE operations. The PSO Model assists in generation of initial cyclic population, and verifies its security levels, QoS levels, and deployment costs under multiple real-time cloud scenarios. Based on this initial analysis, the GWO Model continuously tunes ABSE parameters in order to achieve better QoS & security performance levels via stochastic operations. The proposed BMSQABSE model was tested under different cloud configurations, and its performance was evaluated for healthcare deployments. Based on this evaluation, it was observed that the proposed model achieved 8.3% lower delay, with 4.9% lower energy consumption, 14.5% lower storage requirements when compared with standard ABSE models. It was able to mitigate Distributed Denial of Service (DDoS), Masquerading, Finney, and Sybil attacks, which assists in deploying the proposed model for QoS-aware highly secure deployments

Charlie and the CryptoFactory: Towards Secure and Trusted Manufacturing Environments

The modernisation that stems from Industry 4.0 started populating the manufacturing sector with networked devices, complex sensors, and a significant proportion of physical actuation components. However, new capabilities in networked cyber-physical systems demand more complex infrastructure and algorithms and often lead to new security flaws and operational risks that increase the attack surface area exponentially. The interconnected nature of Industry 4.0-driven operations and the pace of digital transformation mean that cyber-attacks can have far more extensive effects than ever before. Based on that, the core ideas of this paper are driven by the observation that cyber security is one of the key enablers of Industry 4.0. Having this in mind, we propose CryptoFactory – a forward looking design of a layered-based architecture that can be used as a starting point for building secure and privacy-preserving smart factories. CryptoFactory aims to change the security outlook in smart manufacturing by discussing a set of fundamental requirements and functionality that modern factories should support in order to be resistant to both internal and external attacks. To this end, CryptoFactory first focuses on how to build trust relationships between the hardware devices in the factory. Then, we look on how to use several cryptographic approaches to allow IoT devices to securely collect, store and share their data while we also touch upon the emerging topic of secure and privacy-preserving communication and collaboration between manufacturing environments and value chains. Finally, we look into the problem of how to perform privacy-preserving analytics by leveraging Trusted Execution Environments and the promising concept of Functional Encryption

Integrated, reliable and cloud-based personal health record: a scoping review.

Personal Health Records (PHR) emerge as an alternative to integrate patient’s health information to give a global view of patients' status. However, integration is not a trivial feature when dealing with a variety electronic health systems from healthcare centers. Access to PHR sensitive information must comply with privacy policies defined by the patient. Architecture PHR design should be in accordance to these, and take advantage of nowadays technology. Cloud computing is a current technology that provides scalability, ubiquity, and elasticity features. This paper presents a scoping review related to PHR systems that achieve three characteristics: integrated, reliable and cloud-based. We found 101 articles that addressed thosecharacteristics. We identified four main research topics: proposal/developed systems, PHR recommendations for development, system integration and standards, and security and privacy. Integration is tackled with HL7 CDA standard. Information reliability is based in ABE security-privacy mechanism. Cloud-based technology access is achieved via SOA.CONACYT - Consejo Nacional de Ciencia y TecnologíaPROCIENCI

Confidential Data with Safeguard Access Control in distributed Cloud Computing

Cloud computing is a safeguard technology which means that privileging permissions for the users   and stowing of data on world wide web. Mainly cloud computing focus on Protection and mystery represent major concerns in the acceptance of cloud technologies for data insertions . A major issue  is how to safe access control policies such that 2 layer encryption can be achieved internally. Solve  these problem by using this proposed in the decentralization process in two layer broadcast encryption schema, by eliminate the group manager preliminary unit of the set, with an advantage of the addition of supporting members to the coordination, does not want any central authorization. Our model is represent AES method for secrecy data management purpose and it will provide accuracy data for authorised person only .That person get main key for access the data this key will be produced by key generation algorithm. In this we are having like search engine. This engine defends on cloud previous engines not provide accurate info and also previous technologies provides inaccurate info and secure data retrieved unauthorised also.    Our coordination assures the confidentiality of the data and preserves the privacy of users from the cloud although delegating most of the access power enforcement to the cloud. Existing market inclination need Products to be developed at elevated swiftness. To meet those requirements sometimes it requires collaboration between the organizations. Since of the proficient services that are being obtainable by the cloud service providers today, lots of business organizations started compelling advantage of cloud services. Specifically, Cloud computing enables a new form of service in that a service can be realized by components provided by different enterprises or entities in a collaborative manner. Contributing parties are commonly loosely connected and they are responsible for managing and protecting resources/data consign to them. Such situation demands advanced and modern mechanisms for better security and privacy protection of data shared among multiple participating parties. In this, we are presented access control policy. This policy is included priveligation function and accurate info function. Our contribution is mainly focus on assures the confidentiality of the data and preserves the privacy of users

Secure Data Sharing in Cloud Computing: A Comprehensive Review

Cloud Computing is an emerging technology, which relies on sharing computing resources. Sharing of data in the group is not secure as the cloud provider cannot be trusted. The fundamental difficulties in distributed computing of cloud suppliers is Data Security, Sharing, Resource scheduling and Energy consumption. Key-Aggregate cryptosystem used to secure private/public data in the cloud. This key is consistent size aggregate for adaptable decisions of ciphertext in cloud storage. Virtual Machines (VMs) provisioning is effectively empowered the cloud suppliers to effectively use their accessible resources and get higher benefits. The most effective method to share information resources among the individuals from the group in distributed storage is secure, flexible and efficient. Any data stored in different cloud data centers are corrupted, recovery using regenerative coding. Security is provided many techniques like Forward security, backward security, Key-Aggregate cryptosystem, Encryption and Re-encryption etc. The energy is reduced using Energy-Efficient Virtual Machines Scheduling in Multi-Tenant Data Centers

Secure data sharing in cloud computing: a comprehensive review

Cloud Computing is an emerging technology, which relies on sharing computing resources. Sharing of data in the group is not secure as the cloud provider cannot be trusted. The fundamental difficulties in distributed computing of cloud suppliers is Data Security, Sharing, Resource scheduling and Energy consumption. Key-Aggregate cryptosystem used to secure private/public data in the cloud. This key is consistent size aggregate for adaptable decisions of ciphertext in cloud storage. Virtual Machines (VMs) provisioning is effectively empowered the cloud suppliers to effectively use their accessible resources and get higher benefits. The most effective method to share information resources among the individuals from the group in distributed storage is secure, flexible and efficient. Any data stored in different cloud data centers are corrupted, recovery using regenerative coding. Security is provided many techniques like Forward security, backward security, Key-Aggregate cryptosystem, Encryption and Re-encryption etc. The energy is reduced using Energy-Efficient Virtual Machines Scheduling in Multi-Tenant Data Centers

Fast-Sec: an approach to secure Big Data processing in the cloud

Group Security is an important concern in computer systems, which is especially remarkable when the system has to handle large amounts of data and some different users accessing this data with different accessing permissions. This work proposes an innovative approach for providing a security infrastructure support to Big Data Analytic in Cloud-based systems named Fast-sec. Fast-Sec handles systems with large volumes of data from heterogeneous sources, in which users may access the system by different platforms, consuming or providing data. The security infrastructure proposed in Fast-Sec provides an authentication mechanism for users, and data access control adapted to high demands from cloud-based Big Data environment. The reported results show the adequacy of the proposed safety infrastructure to the cloud-based systems processing Big Data. © 2017 Informa UK Limited, trading as Taylor & Franci

A role and attribute based encryption approach to privacy and security in cloud based health services

Cloud computing is a rapidly emerging computing paradigm which replaces static and expensive data centers, network and software infrastructure with dynamically scalable “cloud based” services offered by third party providers on an on-demand basis. However, with the potential for seemingly limitless scalability and reduced infrastructure costs comes new issues regarding security and privacy as processing and storage tasks are delegated to potentially untrustworthy cloud providers. For the eHealth industry this loss of control makes adopting the cloud problematic when compliance with privacy laws (such HIPAA, PIPEDA and PHIPA) is required and limits third party access to patient records. This thesis presents a RBAC enabled solution to cloud privacy and security issues resulting from this loss of control to a potentially untrustworthy third party cloud provider, which remains both scalable and distributed. This is accomplished through four major components presented, implemented and evaluated within this thesis; the DOSGi based Health Cloud eXchange (HCX) architecture for managing and exchanging EHRs between authorized users, the Role Based Access Control as a Service (RBACaaS) model and web service providing RBAC policy enforcement and services to cloud applications, the Role Based Single Sign On (RBSSO) protocol, and the Distributed Multi-Authority Ciphertext-Policy Shared Attribute-Based Encryption (DMACPSABE) scheme for limiting access to sensitive records dependent on attributes (or roles) assigned to users. We show that when these components are combined the resulting system is both scalable (scaling at least linearly with users, request, records and attributes), secure and provides a level of protection from the cloud provider which preserves the privacy of user’s records from any third party. Additionally, potential use cases are presented for each component as well as the overall system

From security to assurance in the cloud: a survey

The cloud computing paradigm has become a mainstream solution for the deployment of business processes and applications. In the public cloud vision, infrastructure, platform, and software services are provisioned to tenants (i.e., customers and service providers) on a pay-as-you-go basis. Cloud tenants can use cloud resources at lower prices, and higher performance and flexibility, than traditional on-premises resources, without having to care about infrastructure management. Still, cloud tenants remain concerned with the cloud's level of service and the nonfunctional properties their applications can count on. In the last few years, the research community has been focusing on the nonfunctional aspects of the cloud paradigm, among which cloud security stands out. Several approaches to security have been described and summarized in general surveys on cloud security techniques. The survey in this article focuses on the interface between cloud security and cloud security assurance. First, we provide an overview of the state of the art on cloud security. Then, we introduce the notion of cloud security assurance and analyze its growing impact on cloud security approaches. Finally, we present some recommendations for the development of next-generation cloud security and assurance solutions