Enhance Data Security Protection for Data Sharing in Cloud Storage System

Cloud computing technology can be used in all types of organizations. There are many benefits to use cloud storage. The most notable is data accessibility. Data stored in the cloud can be accessed at any time any place. Another advantage of cloud storage is data sharing between users. By sharing storage and networks with many users it is also possible for unauthorized users to access our data. To provide confidentiality of shared sensitive data, the cryptographic techniques are applied. So protect the data from unauthorized users, the cryptographic key is main challenge. In this method a data protection for cloud storage 1) The key is protected by two factors: Secret key is stored in the computer and personal security device 2) The key can be revoked efficiently by implementing proxy re-encryption and key separation techniques. 3) The data is protected in a fine grained way by adopting the attribute based encryption technique. So our proposed method provides confidentiality on data

An Improved Integrated Hash and Attributed based Encryption Model on High Dimensional Data in Cloud Environment

Cloud computing is a distributed architecture where user can store their private, public or any application software components on it. Many cloud based privacy protection solutions have been implemented, however most of them only focus on limited data resources and storage format. Data confidentiality and inefficient data access methods are the major issues which block the cloud users to store their high dimensional data. With more and more cloud based applications are being available and stored on various cloud servers, a novel multi-user based privacy protection mechanism need to design and develop to improve the privacy protection on high dimensional data. In this paper, a novel integrity algorithm with attribute based encryption model was implemented to ensure confidentiality for high dimensional data security on cloud storage. The main objective of this model is to store, transmit and retrieve the high dimensional cloud data with low computational time and high security. Experimental results show that the proposed model has high data scalability, less computational time and low memory usage compared to traditional cloud based privacy protection models

Achieving trust-oriented data protection in the cloud environment

University of Technology, Sydney. Faculty of Engineering and Information Technology.Cloud computing has gained increasing acceptance in recent years. In privacy-conscious domains such as healthcare and banking, however, data security and privacy are the greatest obstacles to the widespread adoption of cloud computing technology. Despite enjoying the benefits brought by this innovative technology, users are concerned about losing the control of their own data in the outsourced environment. Encrypting data can resolve confidentiality and integrity challenges, but the key to mitigating users’ concerns and encouraging broader adoption of cloud computing is the establishment of a trustworthy relationship between cloud providers and users. In this dissertation, we investigate a novel trust-oriented data protection framework adapted to the cloud environment. By investigating cloud data security, privacy, and control related issues, we propose a novel data protection approach that combines active and passive protection mechanisms. The active protection is used to secure data in an independent and smart data cube that can survive even when the host is in danger. The passive protection covers the actions and mechanisms taken to monitor and audit data based on third party security services such as access control services and audit services. Furthermore, by incorporating full mobility and replica management with the active and passive mechanisms, the proposed framework can satisfy confidentiality, integrity, availability, scalability, intrusion-tolerance, authentication, authorization, auditability, and accountability, increasing users’ confidence in consuming cloud-based data services. In this work we begin by introducing cloud data storage characteristics and then analyse the reasons for issues of data security, privacy and control in cloud. On the basis of results of analysis, we identify desirable properties and objectives for protecting cloud data. In principle, cryptography-based and third party based approaches are insufficient to address users’ concerns and increase confidence in consuming cloud-based data services, because of possible intrusion attacks and direct tampering of data. Hence, we propose a novel way of securing data in an active data cube (ADCu) with smart and independent functionality. Each ADCu is a deployable data protection unit encapsulating sensitive data, networking, data manipulation, and security verification functions within a coherent data structure. A sealed and signed ADCu encloses dynamic information-flow tracking throughout the data cube that can precisely monitor the inner data and the derivatives. Any violations of policy or tampering with data would be compulsorily recorded and reported to bundled users via the mechanisms within the ADCu. This active and bundled architecture is designed to establish a trustworthy relationship between cloud and users. Subsequently, to establish a more comprehensive security environment cooperating with an active data-centric (ADC) framework, we propose a cloud-based privacy-aware role-based access control (CPRBAC) service and an active auditing service (AAS). These components in the entire data protection framework contribute to the passive security mechanisms. They provide access control management and audit work based on a consistent security environment. We also discuss and implement full mobility management and data replica management related to the ADCu, which are regarded as significant factors to satisfy data accountability, availability, and scalability. We conduct a set of practical experiments and security evaluation on a mini-private cloud platform. The outcome of this research demonstrates the efficiency, feasibility, dependability, and scalability of protecting outsourced data in cloud by using the trust-oriented protection framework. To that end, we introduce an application applying the components and mechanisms of the trust-oriented security framework to protecting eHealth data in cloud. The novelty of this work lies in protecting cloud data in an ADCu that is not highly reliant on strong encryption schemes and third-party protection schemes. By proposing innovative structures, concepts, algorithms, and services, the major contribution of this thesis is that it helps cloud providers to deliver trust actively to cloud users, and encourages broader adoption of cloud-based solutions for data storage services in sensitive areas

Securing Fog Federation from Behavior of Rogue Nodes

As the technological revolution advanced information security evolved with an increased need for confidential data protection on the internet. Individuals and organizations typically prefer outsourcing their confidential data to the cloud for processing and storage. As promising as the cloud computing paradigm is, it creates challenges; everything from data security to time latency issues with data computation and delivery to end-users. In response to these challenges CISCO introduced the fog computing paradigm in 2012. The intent was to overcome issues such as time latency and communication overhead and to bring computing and storage resources close to the ground and the end-users. Fog computing was, however, considered an extension of cloud computing and as such, inherited the same security and privacy challenges encountered by traditional cloud computing. These challenges accelerated the research community\u27s efforts to find practical solutions. In this dissertation, we present three approaches for individual and organizational data security and protection while that data is in storage in fog nodes or in the cloud. We also consider the protection of these data while in transit between fog nodes and the cloud, and against rogue fog nodes, man-in-the-middle attacks, and curious cloud service providers. The techniques described successfully satisfy each of the main security objectives of confidentiality, integrity, and availability. Further we study the impact of rogue fog nodes on end-user devices. These approaches include a new concept, the Fog-Federation (FF): its purpose to minimize communication overhead and time latency between the Fog Nodes (FNs) and the Cloud Service Provider (CSP) during the time the system is unavailable as a rogue Fog Node (FN) is being ousted. Further, we considered the minimization of data in danger of breach by rogue fog nodes. We demonstrate the efficiency and feasibility of each approach by implementing simulations and analyzing security and performance

A Study on Data Protection in Cloud Environment

Data protection in the online environment pertains to the safeguarding of sensitive or important data kept, analyzed, or sent in cloud-based systems. It entails assuring data confidentiality, integrity, and availability, as well as adhering to appropriate data protection requirements. In a nutshell, cloud data protection seeks to protect data against unauthorized access, deletion, or breaches while retaining its accuracy and accessible to authorized users. This is accomplished in the cloud environment using various security measures, encryption approaches, access controls, disaster recovery and backup processes, and constant monitoring and threat detection.  The research significance of data protection in the cloud environment can be summarized as follows: Security and Privacy: Research in data protection in the cloud helps address the security and privacy concerns associated with storing and processing sensitive data in cloud-based systems. It explores and develops advanced security mechanisms, encryption techniques, and access controls to protect data from unauthorized access, data breaches, and privacy violations. Trust and Confidence: Research in data protection contributes to building trust and confidence in cloud computing. By developing robust security solutions and demonstrating their effectiveness, research helps alleviate concerns about data security and privacy, fostering greater adoption of cloud services by organizations and individuals. Compliance and Regulations: Cloud computing often involves compliance with data protection regulations and industry standards. Research in this area explores the legal and regulatory aspects of data protection in the cloud and helps organizations understand and comply with relevant requirements. Data Resilience and Recovery: Research in data protection focuses on ensuring data resilience and developing efficient data recovery mechanisms in the cloud. It explores backup and disaster recovery strategies, data replication techniques, and data loss prevention methods to minimize downtime, recover data promptly, and maintain business continuity in the event of system failures or disasters. By addressing these research areas, studies on data protection in the cloud environment contribute to enhancing security, privacy, compliance, and resilience in cloud computing. They provide valuable insights, practical solutions, and guidelines for organizations and service providers to protect data effectively and maintain the trust of users in cloud-based services. The weighted product method approach is commonly used to choose the best data protection in cloud environment. CCSS1, CCSS2, CCSS3, CCSS4, CCSS5 data visibility, data integrity, Maintains compliance, Data security, Data storage. From the result it is seen that CCSS2 got highest rank whereas CCSS5 got lowest rank According to the results, CCSS2 was ranked first

Location-Based Services and Privacy Protection under Mobile Cloud Computing

Location-based services can provide personalized services based on location information of moving objects and have already been widely used in public safety services, transportation, entertainment and many other areas. With the rapid development of mobile communication technology and popularization of intelligent terminals, there will be great commercial prospects to provide location-based services under mobile cloud computing environment. However, the high adhesion degree of mobile terminals to users not only brings facility but also results in the risk of privacy leak. The paper introduced the necessities and advantages to provide location-based services under mobile cloud computing environment, stressed the importance to protect location privacy in LBS services, pointed out new security risks brought by mobile cloud computing, and proposed a new framework and implementation method of LBS service. The cloud-based LBS system proposed in this paper is able to achieve privacy protection from the confidentiality of outsourced data and integrity of service results, and can be used as a reference while developing LBS system under mobile cloud computing environment

Secure policies for the distributed virtual machines in mobile cloud computing

Mobile Cloud Computing (MCC) is a combination of cloud computing and mobile computing through wireless technology in order to overcome mobile devices' resource limitations. In MCC, virtualization plays a key role whereas the cloud resources are shared among many users to help them achieve an efficient performance and exploiting the maximum capacity of the cloud’s servers. However, the lack of security aspect impedes the benefits of virtualization techniques, whereby malicious users can violate and damage sensitive data in distributed Virtual Machines (VMs). Thus, this study aims to provide protection of distributed VMs and mobile user’s sensitive data in terms of security and privacy. This study proposes an approach based on cloud proxy known as Proxy-3S that combines three security policies for VMs; user’s access control, secure allocation, and secure communication. The Proxy-3S keeps the distributed VMs safe in different servers on the cloud. It enhances the grants access authorization for permitted distributed intensive applications’ tasks. Furthermore, an algorithm that enables secure communication among distributed VMs and protection of sensitive data in VMs on the cloud is proposed. A prototype is implemented on a NetworkCloudSim simulator to manage VMs security and data confidentiality automatically. Several experiments were conducted using real-world healthcare distributed application in terms of efficiency, coverage and execution time. The experiments show that the proposed approach achieved lower attacker’s efficiency and coverage ratios; equal to 0.35 and 0.41 respectively in all experimented configurations compared with existing works. In addition, the execution time of the proposed approach is satisfactory ranging from 441ms to 467ms of small and large cloud configurations. This study serves to provide integrity and confidentiality in exchanging sensitive information among multistakeholder in distributed mobile applications

Comparative Analysis of Some Efficient Data Security Methods among Cryptographic Techniques for Cloud Data Security

The concept of cloud computing model is to grant users access to outsource data from the cloud server without them having to worry about aspects of the hardware and software management. The owner of the data encrypts it before outsourcing to a Cloud Service Provider (CSP) server for effective deployment of sensitive data. Data confidentiality is a demanding task of cloud data protection. Thus, to solve this problem, lots of techniques are needed to defend the shared data. We focus on cryptography to secure the data while transmitting in the network. We deployed Advanced Encryption Standard (AES) used as encryption method for cloud data security, to encrypt the sensitive data which is to be transmitted from sender to receiver in the network and to decrypt so that the receiver can view the original data. Arrays of encryption systems are being deployed in the world of Information Systems by various organizations. In this paper, comparative analysis of some various encryption algorithms in cryptography have been implemented by comparing their performance in terms of stimulated time during Encryption and decryption in the network. Keywords: AES, Data Control, Data Privacy, Data Storage, Encryption Algorithms, Verification

Confidential Data with Safeguard Access Control in distributed Cloud Computing

Cloud computing is a safeguard technology which means that privileging permissions for the users   and stowing of data on world wide web. Mainly cloud computing focus on Protection and mystery represent major concerns in the acceptance of cloud technologies for data insertions . A major issue  is how to safe access control policies such that 2 layer encryption can be achieved internally. Solve  these problem by using this proposed in the decentralization process in two layer broadcast encryption schema, by eliminate the group manager preliminary unit of the set, with an advantage of the addition of supporting members to the coordination, does not want any central authorization. Our model is represent AES method for secrecy data management purpose and it will provide accuracy data for authorised person only .That person get main key for access the data this key will be produced by key generation algorithm. In this we are having like search engine. This engine defends on cloud previous engines not provide accurate info and also previous technologies provides inaccurate info and secure data retrieved unauthorised also.    Our coordination assures the confidentiality of the data and preserves the privacy of users from the cloud although delegating most of the access power enforcement to the cloud. Existing market inclination need Products to be developed at elevated swiftness. To meet those requirements sometimes it requires collaboration between the organizations. Since of the proficient services that are being obtainable by the cloud service providers today, lots of business organizations started compelling advantage of cloud services. Specifically, Cloud computing enables a new form of service in that a service can be realized by components provided by different enterprises or entities in a collaborative manner. Contributing parties are commonly loosely connected and they are responsible for managing and protecting resources/data consign to them. Such situation demands advanced and modern mechanisms for better security and privacy protection of data shared among multiple participating parties. In this, we are presented access control policy. This policy is included priveligation function and accurate info function. Our contribution is mainly focus on assures the confidentiality of the data and preserves the privacy of users