5,610 research outputs found
Trust based Privacy Policy Enforcement in Cloud Computing
Cloud computing offers opportunities for organizations to reduce IT costs by using the computation and storage of a remote provider. Despite the benefits offered by cloud computing paradigm, organizations are still wary of delegating their computation and storage to a cloud service provider due to trust concerns. The trust issues with the cloud can be addressed by a combination of regulatory frameworks and supporting technologies. Privacy Enhancing Technologies (PET) and remote attestation provide the technologies for addressing the trust concerns. PET provides proactive measures through cryptography and selective dissemination of data to the client. Remote attestation mechanisms provides reactive measures by enabling the client to remotely verify if a provider is compromised. The contributions of this work are three fold. This thesis explores the PET landscape by studying in detail the implications of using PET in cloud architectures. The practicality of remote attestation in Software as a Service (SaaS) and Infrastructure as a Service (IaaS) scenarios is also analyzed and improvements have been proposed to the state of the art. This thesis also propose a fresh look at trust relationships in cloud computing, where a single provider changes its configuration for each client based on the subjective and dynamic trust assessments of clients. We conclude by proposing a plan for expanding on the completed work
Secure Cloud-Edge Deployments, with Trust
Assessing the security level of IoT applications to be deployed to
heterogeneous Cloud-Edge infrastructures operated by different providers is a
non-trivial task. In this article, we present a methodology that permits to
express security requirements for IoT applications, as well as infrastructure
security capabilities, in a simple and declarative manner, and to automatically
obtain an explainable assessment of the security level of the possible
application deployments. The methodology also considers the impact of trust
relations among different stakeholders using or managing Cloud-Edge
infrastructures. A lifelike example is used to showcase the prototyped
implementation of the methodology
Recommended from our members
Opinion Model Based Security Reputation Enabling Cloud Broker Architecture
Blockchain for IoT Access Control: Recent Trends and Future Research Directions
With the rapid development of wireless sensor networks, smart devices, and
traditional information and communication technologies, there is tremendous
growth in the use of Internet of Things (IoT) applications and services in our
everyday life. IoT systems deal with high volumes of data. This data can be
particularly sensitive, as it may include health, financial, location, and
other highly personal information. Fine-grained security management in IoT
demands effective access control. Several proposals discuss access control for
the IoT, however, a limited focus is given to the emerging blockchain-based
solutions for IoT access control. In this paper, we review the recent trends
and critical needs for blockchain-based solutions for IoT access control. We
identify several important aspects of blockchain, including decentralised
control, secure storage and sharing information in a trustless manner, for IoT
access control including their benefits and limitations. Finally, we note some
future research directions on how to converge blockchain in IoT access control
efficiently and effectively
- …