Link Before You Share: Managing Privacy Policies through Blockchain

With the advent of numerous online content providers, utilities and applications, each with their own specific version of privacy policies and its associated overhead, it is becoming increasingly difficult for concerned users to manage and track the confidential information that they share with the providers. Users consent to providers to gather and share their Personally Identifiable Information (PII). We have developed a novel framework to automatically track details about how a users' PII data is stored, used and shared by the provider. We have integrated our Data Privacy ontology with the properties of blockchain, to develop an automated access control and audit mechanism that enforces users' data privacy policies when sharing their data across third parties. We have also validated this framework by implementing a working system LinkShare. In this paper, we describe our framework on detail along with the LinkShare system. Our approach can be adopted by Big Data users to automatically apply their privacy policy on data operations and track the flow of that data across various stakeholders.Comment: 10 pages, 6 figures, Published in: 4th International Workshop on Privacy and Security of Big Data (PSBD 2017) in conjunction with 2017 IEEE International Conference on Big Data (IEEE BigData 2017) December 14, 2017, Boston, MA, US

A solution for secure use of Kibana and Elasticsearch in multi-user environment

Monitoring is indispensable to check status, activities, or resource usage of IT services. A combination of Kibana and Elasticsearch is used for monitoring in many places such as KEK, CC-IN2P3, CERN, and also non-HEP communities. Kibana provides a web interface for rich visualization, and Elasticsearch is a scalable distributed search engine. However, these tools do not support authentication and authorization features by default. In the case of single Kibana and Elasticsearch services shared among many users, any user who can access Kibana can retrieve other's information from Elasticsearch. In multi-user environment, in order to protect own data from others or share part of data among a group, fine-grained access control is necessary. The CERN cloud service group had provided cloud utilization dashboard to each user by Elasticsearch and Kibana. They had deployed a homemade Elasticsearch plugin to restrict data access based on a user authenticated by the CERN Single Sign On system. It enabled each user to have a separated Kibana dashboard for cloud usage, and the user could not access to other's one. Based on the solution, we propose an alternative one which enables user/group based Elasticsearch access control and Kibana objects separation. It is more flexible and can be applied to not only the cloud service but also the other various situations. We confirmed our solution works fine in CC-IN2P3. Moreover, a pre-production platform for CC-IN2P3 has been under construction. We will describe our solution for the secure use of Kibana and Elasticsearch including integration of Kerberos authentication, development of a Kibana plugin which allows Kibana objects to be separated based on user/group, and contribution to Search Guard which is an Elasticsearch plugin enabling user/group based access control. We will also describe the effect on performance from using Search Guard.Comment: International Symposium on Grids and Clouds 2017 (ISGC 2017

Managing the outsourcing of information security processes: the 'cloud' solution

Information security processes and systems are relevant for any organization and involve medium-to-high investment; however, the current economic downturn is causing a dramatic reduction in spending on Information Technology (IT). Cloud computing (i.e., externalization of one or more IT services) might be a solution for organizations keen to maintain a good level of security. In this paper we discuss whether cloud computing is a valid alternative to in-house security processes and systems drawing on four mini-case studies of higher education institutions in New England, US. Our findings show that the organization’s IT spending capacity affects the choice to move to the cloud; however, the perceived security of the cloud and the perceived in-house capacity to provide high quality IT (and security) services moderate this relationship. Moreover, other variables such as (low) quality of technical support, relatively incomplete contracts, poor defined Service License Agreements (SLA), and ambiguities over data ownership affect the choice to outsource IT (and security) using the cloud. We suggest that, while cloud computing could be a useful means of IT outsourcing, there needs to be a number of changes and improvements to how the service is currently delivered

Smart City IoT Data Management with Proactive Middleware

With the increased emergence of cloud-based services, users are frequently perplexed as to which cloud service to use and whether it will be beneficial to them. The user must compare various services, which can be a time-consuming task if the user is unsure of what they might need for their application. This paper proposes a middleware solution for storing Internet of Things (IoT) data produced by various sensors, such as traffic, air quality, temperature, and so on, on multiple cloud service providers depending on the type of data. Standard cloud computing technologies become insufficient to handle the data as the volume of data generated by smart city devices grows. The middleware was created after a comparative study of various existing middleware. The middleware uses the concept of the federal cloud for the purpose of storing data. The middleware solution described in this paper makes it easier to distribute and classify IoT data to various cloud environments based on its type. The middleware was evaluated using a series of tests, which revealed its ability to properly manage smart city data across multiple cloud environments. Overall, this research contributes to the development of middleware solutions that can improve the management of IoT data in settings such as smart cities

Implementing SaaS Solution for CRM

Greatest innovations in virtualization and distributed computing have accelerated interest in cloud computing (IaaS, PaaS, SaaS, aso). This paper presents the SaaS prototype for Customer Relationship Management of a real estate company. Starting from several approaches of e-marketing and SaaS features and architectures, we adopted a model for a CRM solution using SaaS Level 2 architecture and distributed database. Based on the system objective, functionality, we developed a modular solution for solve CRM and e-marketing targets in real estate companies.E-Marketing, SaaS Architecture, Modular Development

Encryption as a Service (EaaS) as a Solution for Cryptography in Cloud

AbstractIn recent years, there has been a vast interest in optimal usage of computing resources so that massive data can be processed with minimal cost. The need to use a pool of shared resources in a wide area network that provide elasticity, high capacity of computation and ability to store information on location-independent storages have led to the advent of cloud-computing. However, the global nature of cloud brings about some challenges in security domain when physical control over our information in cloud is impossible. Thus, encrypting critical data becomes essential, and strongly advisable. The server-side encryption in an untrustworthy environment like public cloud is too risky. On the other hand, client-side encryption can undermine the benefits of cloud since it is a time-consuming task for encryption and decryption. To address this issue, we developed a private cloud as an intermediary. In this paper, based on XaaS concept, we design an Encryption as a Service in order to get rid of the security risks of cloud provider's encryption and the inefficiency of client-side encryption

A New Algorithm Technique for Protection Secure Personal Key and Cloud Storage

Abstract People can only enjoy the completed advantages over astronaut computing condition we may address the entirely actual privateness or safety concerns that arrive with storing touchy private facts into databases and applications measure around the Internet. Cloud computing is the class of a computing rule the place the enormous dynamic up to expectation IT helps as like a "service" the usage of pc and web applied sciences is transferred in imitation of much out of doors customers. The proposed method offers three-level protection the usage of AES algorithm and a secure personal key. The approach also provides data tankage privateness safety because of huge groups yet the discovery about sensitive facts tankage leaks. Our order gives some on the privateness practices ancient within wind computing services