A Survey on Implementation of Homomorphic Encryption Scheme in Cloud based Medical Analytical System

The privacy of sensitive personal information is more and more important topic as a result of the increased availability of cloud services. These privacy issues arise due to the legitimate concern of a) having a security breach on these cloud servers or b) the leakage of this sensitive information due to an honest but curious individual at the cloud service provider. Standard encryption schemes try to address the ?rst concern by devising encryption schemes that are harder to break, yet they don’t solve the possible misuse of this sensitive data by the cloud service providers. Homomorphic encryption presents a tool that can solve both types of privacy concerns. The clients are given the possibility of encrypting their sensitive information before sending it to the cloud. The cloud will then compute over their encrypted data without the need for the decryption key. By using homomorphic encryption, servers guarantee to the clients that their valuable information to have no problems after being in a difficult situation.

Medical Data Analytics for Secure Multi-party-primarily based Cloud Computing utilizing Homomorphic Encryption

692-698Cloud computing has emerged as a vibrant part of today's modern world, providing computer services such as data storage, managing and processing via the internet. For the most part, cloud applications emphasize a multi-tenant structure to provide support for several customers in a single instance. A multi-tenancy situation involving the allocation of resources in cloud storage and the risks associated with it, in which confidentiality or integrity may be compromised. Homomorphic encryption is one such technique which guarantees to franchise in safeguarding information under cryptographic domain. The proposed modified Algebra Homomorphic Encryption scheme based on updated ElGamal (AHEE) encryption scheme is designed in such a way that the cloud administrators do not obtain any information about the medical data. This scheme is quantitatively evaluated using metrics such as encryption time and decryption time. The experimental results using UCI Machine Learning Repository ECG data set show that the proposed scheme achieved shorter encryption time of 6.61 ms and decryption time of 5.94 ms and also analyze this secured datum using big data analytics

Medical Data Analytics for Secure Multi-party-primarily based Cloud Computing utilizing Homomorphic Encryption

Cloud computing has emerged as a vibrant part of today's modern world, providing computer services such as data storage, managing and processing via the internet. For the most part, cloud applications emphasize a multi-tenant structure to provide support for several customers in a single instance. A multi-tenancy situation involving the allocation of resources in cloud storage and the risks associated with it, in which confidentiality or integrity may be compromised. Homomorphic encryption is one such technique which guarantees to franchise in safeguarding information under cryptographic domain. The proposed modified Algebra Homomorphic Encryption scheme based on updated ElGamal (AHEE) encryption scheme is designed in such a way that the cloud administrators do not obtain any information about the medical data. This scheme is quantitatively evaluated using metrics such as encryption time and decryption time. The experimental results using UCI Machine Learning Repository ECG data set show that the proposed scheme achieved shorter encryption time of 6.61 ms and decryption time of 5.94 ms and also analyze this secured datum using big data analytics

An efficient framework for privacy-preserving computations on encrypted IoT data

There are two fundamental expectations from Cloud-IoT applications using sensitive and personal data: data utility and user privacy. With the complex nature of cloud-IoT ecosystem, there is a growing concern about data utility at the cost of privacy. While the current state-of-the-art encryption schemes protect users’ privacy, they preclude meaningful computations on encrypted data. Thus, the question remains “how to help IoT device users benefit from cloud computing without compromising data confidentiality and user privacy”? Cloud service providers (CSP) can leverage Fully homomorphic encryption (FHE) schemes to deliver privacy-preserving services. However, there are limitations in directly adopting FHE-based solutions for real-world Cloud-IoT applications. Thus, to foster real-world adoption of FHE-based solutions, we propose a framework called Proxy re-ciphering as a service. It leverages existing schemes such as distributed proxy servers, threshold secret sharing, chameleon hash function and FHE to tailor a practical solution that enables long-term privacy-preserving cloud computations for IoT ecosystem. We also encourage CSPs to store minimal yet adequate information from processing the raw IoT device data. Furthermore, we explore a way for IoT devices to refresh their device keys after a key-compromise. To evaluate the framework, we first develop a testbed and measure the latencies with real-world ECG records from TELE ECG Database. We observe that i) although the distributed framework introduces computation and communication latencies, the security gains outweighs the latencies, ii) the throughput of the servers providing re-ciphering service can be greatly increased with pre-processing iii) with a key refresh scheme we can limit the upper bound on the attack window post a key-compromise. Finally, we analyze the security properties against major threats faced by Cloud-IoT ecosystem. We infer that Proxy re-ciphering as a service is a practical, secure, scalable and an easy-to-adopt framework for long-term privacy-preserving cloud computations for encrypted IoT data

Selected Computing Research Papers Volume 6 June 2017

Critical Analysis of Online Transaction Verification Technologies in Financial Industries (Baboni Mmaopinkie Beleng) .............................................................................. 1 Improving the Effectiveness of Network Security Training Using Experimental Programmes (John Bolam) ................................................................................................... 9 A Critical Evaluation of the Effectiveness of Animation within Education (Frances Byers) .................................................................................................................................. 15 Evaluating Current Research on the Educational Effectiveness of Augmented Reality (Michael Jopling) ................................................................................................................ 21 A Critical Evaluation of Current Research in DDoS Filtering Techniques within Cloud Computing Environments (Dean Richard McKinnel) ............................................. 27 An Evaluation of Security Strategies Aimed At Improving Cloud Computing (Gofaone Oatile) ................................................................................................................. 35 An Evaluation of Current Research into the Potential Negative Impact from Violent Video Games on Teenagers’ Aggression (Christopher Riddell) ........................................ 43 Evaluation of Current Computing Research Aimed at Improving Fingerprint Recognition Systems (Shaun Nkgasapane) ........................................................................ 49 A Critical Evaluation of Current Research into Improving Botnet Detection Rates (Andrew Thompson) ........................................................................................................... 5

Securing clouds using cryptography and traffic classification

Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction. Over the last decade, cloud computing has gained popularity and wide acceptance, especially within the health sector where it offers several advantages such as low costs, flexible processes, and access from anywhere. Although cloud computing is widely used in the health sector, numerous issues remain unresolved. Several studies have attempted to review the state of the art in eHealth cloud privacy and security however, some of these studies are outdated or do not cover certain vital features of cloud security and privacy such as access control, revocation and data recovery plans. This study targets some of these problems and proposes protocols, algorithms and approaches to enhance the security and privacy of cloud computing with particular reference to eHealth clouds. Chapter 2 presents an overview and evaluation of the state of the art in eHealth security and privacy. Chapter 3 introduces different research methods and describes the research design methodology and processes used to carry out the research objectives. Of particular importance are authenticated key exchange and block cipher modes. In Chapter 4, a three-party password-based authenticated key exchange (TPAKE) protocol is presented and its security analysed. The proposed TPAKE protocol shares no plaintext data; all data shared between the parties are either hashed or encrypted. Using the random oracle model (ROM), the security of the proposed TPAKE protocol is formally proven based on the computational Diffie-Hellman (CDH) assumption. Furthermore, the analysis included in this chapter shows that the proposed protocol can ensure perfect forward secrecy and resist many kinds of common attacks such as man-in-the-middle attacks, online and offline dictionary attacks, replay attacks and known key attacks. Chapter 5 proposes a parallel block cipher (PBC) mode in which blocks of cipher are processed in parallel. The results of speed performance tests for this PBC mode in various settings are presented and compared with the standard CBC mode. Compared to the CBC mode, the PBC mode is shown to give execution time savings of 60%. Furthermore, in addition to encryption based on AES 128, the hash value of the data file can be utilised to provide an integrity check. As a result, the PBC mode has a better speed performance while retaining the confidentiality and security provided by the CBC mode. Chapter 6 applies TPAKE and PBC to eHealth clouds. Related work on security, privacy preservation and disaster recovery are reviewed. Next, two approaches focusing on security preservation and privacy preservation, and a disaster recovery plan are proposed. The security preservation approach is a robust means of ensuring the security and integrity of electronic health records and is based on the PBC mode, while the privacy preservation approach is an efficient authentication method which protects the privacy of personal health records and is based on the TPAKE protocol. A discussion about how these integrated approaches and the disaster recovery plan can ensure the reliability and security of cloud projects follows. Distributed denial of service (DDoS) attacks are the second most common cybercrime attacks after information theft. The timely detection and prevention of such attacks in cloud projects are therefore vital, especially for eHealth clouds. Chapter 7 presents a new classification system for detecting and preventing DDoS TCP flood attacks (CS_DDoS) for public clouds, particularly in an eHealth cloud environment. The proposed CS_DDoS system offers a solution for securing stored records by classifying incoming packets and making a decision based on these classification results. During the detection phase, CS_DDOS identifies and determines whether a packet is normal or from an attacker. During the prevention phase, packets classified as malicious are denied access to the cloud service, and the source IP is blacklisted. The performance of the CS_DDoS system is compared using four different classifiers: a least-squares support vector machine (LS-SVM), naïve Bayes, K-nearest-neighbour, and multilayer perceptron. The results show that CS_DDoS yields the best performance when the LS-SVM classifier is used. This combination can detect DDoS TCP flood attacks with an accuracy of approximately 97% and a Kappa coefficient of 0.89 when under attack from a single source, and 94% accuracy and a Kappa coefficient of 0.9 when under attack from multiple attackers. These results are then discussed in terms of the accuracy and time complexity, and are validated using a k-fold cross-validation model. Finally, a method to mitigate DoS attacks in the cloud and reduce excessive energy consumption through managing and limiting certain flows of packets is proposed. Instead of a system shutdown, the proposed method ensures the availability of service. The proposed method manages the incoming packets more effectively by dropping packets from the most frequent requesting sources. This method can process 98.4% of the accepted packets during an attack. Practicality and effectiveness are essential requirements of methods for preserving the privacy and security of data in clouds. The proposed methods successfully secure cloud projects and ensure the availability of services in an efficient way