Database Tampering Monitoring System to Enhance Security

Nowadays, usage of internet has increased for various purposes like online shopping, online transaction, internet banking, etc. Almost everything is done online. With this increased usage of internet, websites are prone to attacks. Security system is nothing but an intrusion detection system (IDS) that models the network behavior of user sessions. It protects both the front-end web server as well as back-end database. It monitors both web and subsequent database requests. So, it is possible to identify attacks that independent IDS would not be able to identify. Our contribution is to find leaked data which is done by hacker. Next steps to detect the different attacks for preventing unauthorized access users

Efficient Database Outsource to Twin Cloud With Security and Privacy

Database is held and treated in cloud server, which is outside the control of data owners. For the numerical range query those arrangements cannot deliver adequate confidentiality defense in contradiction of practical challenges, e.g., confidentiality leakage of statistical properties, access design. Also, augmented number of queries will unavoidably leak more info to the cloud server. In this paper, we propose two-cloud building for secure database, with a series of connection protocols that deliver privacy preservation to numerous numeric-related range queries. Safety analysis demonstrates that confidentiality of arithmetical information is muscularly protected against cloud providers in our planned scheme

Lightweight Data Aggregation Scheme Against Internal Attackers in Smart Grid Using Elliptic Curve Cryptography

Recent advances of Internet and microelectronics technologies have led to the concept of smart grid which has been a widespread concern for industry, governments, and academia. The openness of communications in the smart grid environment makes the system vulnerable to different types of attacks. The implementation of secure communication and the protection of consumers’ privacy have become challenging issues. The data aggregation scheme is an important technique for preserving consumers’ privacy because it can stop the leakage of a specific consumer’s data. To satisfy the security requirements of practical applications, a lot of data aggregation schemes were presented over the last several years. However, most of them suffer from security weaknesses or have poor performances. To reduce computation cost and achieve better security, we construct a lightweight data aggregation scheme against internal attackers in the smart grid environment using Elliptic Curve Cryptography (ECC). Security analysis of our proposed approach shows that it is provably secure and can provide confidentiality, authentication, and integrity. Performance analysis of the proposed scheme demonstrates that both computation and communication costs of the proposed scheme are much lower than the three previous schemes. As a result of these aforementioned benefits, the proposed lightweight data aggregation scheme is more practical for deployment in the smart grid environment

STC database for SQL Range Queries digital apps with Privacy Preserving

Businesses and people outsource database to realize helpful and low-cost applications and administrations. In arrange to supply adequate usefulness for SQL inquiries, numerous secure database plans have been proposed. In any case, such plans are helpless to protection leakage to cloud server. The most reason is that database is facilitated and handled in cloud server, which is past the control of information proprietors. For the numerical extend inquiry (“\u3e”, “\u3c”, etc.), those plans cannot give adequate protection security against viable challenges, e.g., security spillage of measurable properties, get to design. Besides, expanded number of questions will definitely spill more data to the cloud server. In this paper, we propose a two-cloud engineering for secure database, with a arrangement of crossing point conventions that give security conservation to different numeric-related extend questions. Security analysis shows that privacy of numerical information is strongly protected against cloud providers in our proposed scheme

Verifiable Outsourced Database Model: A Game-Theoretic Approach

In the verifiable database (VDB) model, a computationally weak client (database owner) delegates his database management to a database service provider on the cloud, which is considered untrusted third party, while users can query the data and verify the integrity of query results. Since the process can be computationally costly and has a limited support for sophisticated query types such as aggregated queries, we propose in this research a framework that helps bridge the gap between security and practicality. The proposed framework remodels the verifiable database problem using Stackelberg security game. In the new model, the database owner creates and uploads to the database service provider the database and its authentication structure (AS). Next, the game is played between the defender (verifier), who is a trusted party to the database owner and runs scheduled randomized verifications using Stackelberg mixed strategy, and the database service provider. The idea is to randomize the verification schedule in an optimized way that grants the optimal payoff for the verifier while making it extremely hard for the database service provider or any attacker to figure out which part of the database is being verified next. We have implemented and compared the proposed model performance with a uniform randomization model. Simulation results show that the proposed model outperforms the uniform randomization model. Furthermore, we have evaluated the efficiency of the proposed model against different cost metrics

Information technology governance maturity and technology innovation in higher education: factors in effectiveness

Prior research has explored many facets of innovation, provided models of governance maturity, and analyzed the impact of corporate decision-making on innovation. However, there is little research on IT governance maturity in higher education or on IT innovation in organizations outside of the IT industry. Findings from previous research were ambiguous regarding whether a mature IT governance process helps or hinders innovation. This study fills a gap in existing knowledge by reviewing the literature and examining the interaction of IT governance and information technology innovation at five major U.S. universities. It provides insights into the structures and processes necessary for IT governance to facilitate technology innovation and the factors required for effective IT governance in higher education. Highly effective IT governance processes focused on collaboration and communication were associated with greater integration of radical innovation into institutional processes than effective IT governance processes that focused primarily on the prioritization of large enterprise projects. Incremental technology innovations were pervasive among all schools studied. IT governance was found to be more effective under a delegated model of decision-making authority that empowers IT governance bodies than under a CIO-centric model. The inclusion of a faculty, students and business units in IT governance committees was associated with a stronger innovation culture

Data Auditing and Security in Cloud Computing: Issues, Challenges and Future Directions

Cloud computing is one of the significant development that utilizes progressive computational power and upgrades data distribution and data storing facilities. With cloud information services, it is essential for information to be saved in the cloud and also distributed across numerous customers. Cloud information repository is involved with issues of information integrity, data security and information access by unapproved users. Hence, an autonomous reviewing and auditing facility is necessary to guarantee that the information is effectively accommodated and used in the cloud. In this paper, a comprehensive survey on the state-of-art techniques in data auditing and security are discussed. Challenging problems in information repository auditing and security are presented. Finally, directions for future research in data auditing and security have been discussed

Data auditing and security in cloud computing: issues, challenges and future directions

Cloud computing is one of the significant development that utilizes progressive computational power and upgrades data distribution and data storing facilities. With cloud information services, it is essential for information to be saved in the cloud and also distributed across numerous customers. Cloud information repository is involved with issues of information integrity, data security and information access by unapproved users. Hence, an autonomous reviewing and auditing facility is necessary to guarantee that the information is effectively accommodated and used in the cloud. In this paper, a comprehensive survey on the state-of-art techniques in data auditing and security are discussed. Challenging problems in information repository auditing and security are presented. Finally, directions for future research in data auditing and security have been discusse