11 research outputs found
Secret Sharing for Cloud Data Security
Full text linkCloud computing helps reduce costs, increase business agility and deploy
solutions with a high return on investment for many types of applications.
However, data security is of premium importance to many users and often
restrains their adoption of cloud technologies. Various approaches, i.e., data
encryption, anonymization, replication and verification, help enforce different
facets of data security. Secret sharing is a particularly interesting
cryptographic technique. Its most advanced variants indeed simultaneously
enforce data privacy, availability and integrity, while allowing computation on
encrypted data. The aim of this paper is thus to wholly survey secret sharing
schemes with respect to data security, data access and costs in the
pay-as-you-go paradigm
fVSS: A New Secure and Cost-Efficient Scheme for Cloud Data Warehouses
Full text linkCloud business intelligence is an increasingly popular choice to deliver
decision support capabilities via elastic, pay-per-use resources. However, data
security issues are one of the top concerns when dealing with sensitive data.
In this pa-per, we propose a novel approach for securing cloud data warehouses
by flexible verifiable secret sharing, fVSS. Secret sharing encrypts and
distributes data over several cloud ser-vice providers, thus enforcing data
privacy and availability. fVSS addresses four shortcomings in existing secret
sharing-based approaches. First, it allows refreshing the data ware-house when
some service providers fail. Second, it allows on-line analysis processing.
Third, it enforces data integrity with the help of both inner and outer
signatures. Fourth, it helps users control the cost of cloud warehousing by
balanc-ing the load among service providers with respect to their pricing
policies. To illustrate fVSS' efficiency, we thoroughly compare it with
existing secret sharing-based approaches with respect to security features,
querying power and data storage and computing costs
Approches de partage de clÃĐs secrÃĻtes pour la sÃĐcurisation des entrepÃīts de donnÃĐes et de lâanalyse en ligne dans le nuage
No full textLes systÃĻmes dâinformation dÃĐcisionnels dans le cloud Computing sont des solutions de plus en plus rÃĐpandues. En effet, ces derniÃĻres offrent des capacitÃĐs pour lâaide à la dÃĐcision via lâÃĐlasticitÃĐ des ressources pay-per-use du Cloud. Toutefois, les questions de sÃĐcuritÃĐ des donnÃĐes demeurent une des principales prÃĐoccupations notamment lorsqu'il sâagit de traiter des donnÃĐes sensibles de lâentreprise. Beaucoup de questions de sÃĐcuritÃĐ sont soulevÃĐes en terme de stockage, de protection, de disponibilitÃĐ, d'intÃĐgritÃĐ, de sauvegarde et de rÃĐcupÃĐration des donnÃĐes ainsi que des transferts des donnÃĐes dans un Cloud public. Les risques de sÃĐcuritÃĐ peuvent provenir non seulement des fournisseurs de services de cloud computing mais aussi dâintrus malveillants. Les entrepÃīts de donnÃĐes dans les nuages devraient contenir des donnÃĐes sÃĐcurisÃĐes afin de permettre à la fois le traitement d'analyse en ligne hautement protÃĐgÃĐ et efficacement rafraÃŪchi. Et ceci à plus faibles coÃŧts de stockage et d'accÃĻs avec le modÃĻle de paiement à la demande. Dans cette thÃĻse, nous proposons deux nouvelles approches pour la sÃĐcurisation des entrepÃīts de donnÃĐes dans les nuages basÃĐes respectivement sur le partage vÃĐrifiable de clÃĐ secrÃĻte (bpVSS) et le partage vÃĐrifiable et flexible de clÃĐ secrÃĻte (fVSS). Lâobjectif du partage de clÃĐ cryptÃĐe et la distribution des donnÃĐes auprÃĻs de plusieurs fournisseurs du cloud permet de garantir la confidentialitÃĐ et la disponibilitÃĐ des donnÃĐes. bpVSS et fVSS abordent cinq lacunes des approches existantes traitant de partage de clÃĐs secrÃĻtes. Tout d'abord, ils permettent le traitement de lâanalyse en ligne. DeuxiÃĻmement, ils garantissent l'intÃĐgritÃĐ des donnÃĐes à l'aide de deux signatures interne et externe. TroisiÃĻmement, ils aident les utilisateurs à minimiser le coÃŧt de lâentreposage du cloud en limitant le volume global de donnÃĐes cryptÃĐes. Sachant que fVSS fait la rÃĐpartition des volumes des donnÃĐes cryptÃĐes en fonction des tarifs des fournisseurs. QuatriÃĻmement, fVSS amÃĐliore la sÃĐcuritÃĐ basÃĐe sur le partage de clÃĐ secrÃĻte en imposant une nouvelle contrainte : aucun groupe de fournisseurs de service ne peut contenir suffisamment de volume de donnÃĐes cryptÃĐes pour reconstruire ou casser le secret. Et cinquiÃĻmement, fVSS permet l'actualisation de l'entrepÃīt de donnÃĐes, mÊme si certains fournisseurs de services sont dÃĐfaillants. Pour ÃĐvaluer l'efficacitÃĐ de bpVSS et fVSS, nous ÃĐtudions thÃĐoriquement les facteurs qui influent sur nos approches en matiÃĻre de sÃĐcuritÃĐ, de complexitÃĐ et de coÃŧt financier dans le modÃĻle de paiement à la demande. Nous validons ÃĐgalement expÃĐrimentalement la pertinence de nos approches avec le Benchmark schÃĐma en ÃĐtoile afin de dÃĐmontrer son efficacitÃĐ par rapport aux mÃĐthodes existantes.Cloud business intelligence is an increasingly popular solution to deliver decision support capabilities via elastic, pay-per-use resources. However, data security issues are one of the top concerns when dealing with sensitive data. Many security issues are raised by data storage in a public cloud, including data privacy, data availability, data integrity, data backup and recovery, and data transfer safety. Moreover, security risks may come from both cloud service providers and intruders, while cloud data warehouses should be both highly protected and effectively refreshed and analyzed through on-line analysis processing. Hence, users seek secure data warehouses at the lowest possible storage and access costs within the pay-as-you-go paradigm.In this thesis, we propose two novel approaches for securing cloud data warehouses by base-p verifiable secret sharing (bpVSS) and flexible verifiable secret sharing (fVSS), respectively. Secret sharing encrypts and distributes data over several cloud service providers, thus enforcing data privacy and availability. bpVSS and fVSS address five shortcomings in existing secret sharing-based approaches. First, they allow on-line analysis processing. Second, they enforce data integrity with the help of both inner and outer signatures. Third, they help users minimize the cost of cloud warehousing by limiting global share volume. Moreover, fVSS balances the load among service providers with respect to their pricing policies. Fourth, fVSS improves secret sharing security by imposing a new constraint: no cloud service provide group can hold enough shares to reconstruct or break the secret. Five, fVSS allows refreshing the data warehouse even when some service providers fail. To evaluate bpVSS' and fVSS' efficiency, we theoretically study the factors that impact our approaches with respect to security, complexity and monetary cost in the pay-as-you-go paradigm. Moreover, we also validate the relevance of our approaches experimentally with the Star Schema Benchmark and demonstrate its superiority to related, existing methods
Secret Sharing for Cloud Data Security
No full textInternational audienceCloud computing helps reduce costs, increase business agility and deploy solutions with a high return on investment for many types of applications. However, data security is of premium importance to many users and often restrains their adoption of cloud technologies. Various approaches, i.e., data encryption, anonymization, replication and verification, help enforce different facets of data security. Secret sharing is a particularly interesting cryptographic technique. Its most advanced variants indeed simultaneously enforce data privacy, availability and integrity, while allowing computation on encrypted data. The aim of this paper is thus to wholly survey secret sharing schemes with respect to data security, data access and costs in the pay-as-you-go paradigm
Sharing-based Privacy and Availability of Cloud Data Warehouses
No full textNational audienceCloud computing can help reduce costs, increase business agility and deploy applications with a high return on investment such as data warehouses. However, storing and managing data in the cloud may not be fully trustworthy. In this article, we focus on both data security (data privacy, availability and integrity) and data analysis in the cloud. To solve the data security issue, we propose a new (m,n,t) multi secret sharing scheme based on block cryptography, secret sharing and hash functions. Moreover, we apply this solution onto a cloud data warehouse such that data security and data analysis are addressed. An extensive security and performance analysis shows that the proposed schemes can prevent most attacks, guarantee data availability and integrity, and allow analyzing data at low costs (data storage, data transfer and time computation) in the pay-as-you-go economic model in the cloud
Sharing-based Privacy and Availability of Cloud Data Warehouses
No full textNational audienceCloud computing can help reduce costs, increase business agility and deploy applications with a high return on investment such as data warehouses. However, storing and managing data in the cloud may not be fully trustworthy. In this article, we focus on both data security (data privacy, availability and integrity) and data analysis in the cloud. To solve the data security issue, we propose a new (m,n,t) multi secret sharing scheme based on block cryptography, secret sharing and hash functions. Moreover, we apply this solution onto a cloud data warehouse such that data security and data analysis are addressed. An extensive security and performance analysis shows that the proposed schemes can prevent most attacks, guarantee data availability and integrity, and allow analyzing data at low costs (data storage, data transfer and time computation) in the pay-as-you-go economic model in the cloud
A Novel Multi-Secret Sharing Approach for Secure Data Warehousing and On-Line Analysis Processing in the Cloud
No full textInternational audienceCloud computing helps reduce costs, increase business agility and deploy solutions with a high return on investment for many types of applications, including data warehouses and on-line analytical processing. However, storing and transferring sensitive data into the cloud raises legitimate security concerns. In this paper, we propose a new multi-secret sharing approach for deploying data warehouses in the cloud and allowing on-line analysis processing, while enforcing data privacy, integrity and availability. We first validate the relevance of our approach theoretically and then experimentally with both a simple random dataset and the Star Schema Benchmark. We also demonstrate its superiority to related methods
JINDEX: JSON and index search system for plant germplasm database
No full textTo facilitate the development of new varieties and conserve plant germplasm data for future needs, Thailand organizations have developed plant germplasm search systems that provide access and exchange plant genetic resource data like the international organizations. However, the development of plant germplasm search systems using traditional data warehousing creates a limitation in terms of structural flexibility and scalability, as well as search performance. Accordingly, this paper proposes a JSON and index search system for the plant germplasm database named JINDEX. JINDEX is a new approach for implementing a galaxy schema in NoSQL based a hybrid key-value/document data model. Plant germplasm data is stored in JSON files as a document data model, providing a flexible structure of genetic resources for various plants. The plant germplasm data and index files are organized as an on-disk tree structure, which can be accessed regarding a key-value data model to retrieve plant germplasm data efficiently. Experimental results showed that the JINDEX-based plant germplasm search system outperforms the previous plant germplasm search system implemented in a relational database in terms of query response time. Additionally, this JINDEX-based plant germplasm search system has been deployed since 2020, demonstrating that it can work practically
āļĢāļ°āļāļāđāļāđāļēāļŠāļąāļāđāļāļāđāļĨāļ°āļ§āļīāđāļāļĢāļēāļ°āļŦāđāļāļēāļĢāđāļāļĢāļīāļāđāļāļīāļāđāļāļāļāļāļāđāļāļĒāđāļāļĒāđāļāđāđāļāļĢāļāļŠāļąāļāđāļāļāļāļēāļĢāļāđMonitoring and Analysis System of Sugarcane Growth Using Observation Drone
No full textāļāđāļāļĒāļāļąāļāđāļāđāļāļāļ·āļāđāļĻāļĢāļĐāļāļāļīāļāļāļĩāđāļŠāļģāļāļąāļāļāļāļīāļāļŦāļāļķāđāļāļāļāļāļāļĢāļ°āđāļāļĻāđāļāļĒ āđāļĨāļ°āļŠāļēāļĄāļēāļĢāļāļāļģāđāļāđāļāđāđāļāđāļāļ§āļąāļāļāļļāļāļīāļāļŠāļģāļŦāļĢāļąāļāļāļļāļāļŠāļēāļŦāļāļĢāļĢāļĄāļāđāļģāļāļēāļĨ āļāļēāļĢāļŠāļģāļĢāļ§āļāđāļāļĨāļāļāđāļāļĒāļāļ°āļāļģāđāļŦāđāļāļĢāļēāļāļāļķāļāļāļēāļĢāđāļāļĨāļĩāđāļĒāļāđāļāļĨāļāļāļāļāļāđāļāļāđāļāļĒāđāļāđāļāļĨāļāļāđāļāļĒ āļāļąāļāļāļąāđāļāļāļķāļāļĄāļĩāļāļēāļĢāđāļāđāđāļāļĢāļāļŠāļąāļāđāļāļāļāļēāļĢāļāđāļāļīāļāļāļĨāđāļāļāđāļāļ·āđāļāļāļģāļāļēāļĢāļŠāļģāļĢāļ§āļāđāļāļĨāļāļāđāļāļĒāđāļāļāļĢāļīāđāļ§āļāļāļĩāđāđāļāđāļēāļāļķāļāđāļāđāļĒāļēāļ āļāļēāļāļ§āļīāļāļąāļĒāļāļĩāđāļāļąāļāļāļēāļāļķāđāļāđāļāļ·āđāļāļāđāļēāļĒāļ āļēāļāđāļĨāļ°āļ§āļīāđāļāļĢāļēāļ°āļŦāđāļ āļēāļāļāļāļāđāļāļĨāļāļāđāļāļĒāļāļĩāđāļāļĢāļāļāļāļĨāļļāļĄāļāļ·āđāļāļāļĩāđāļāļ§āđāļēāļāļāļķāđāļāļāļēāļĢāļŠāļąāļāđāļāļāļāđāļ§āļĒāļāļēāđāļāļĨāđāļēāļāļēāļāļāļģāđāļāđāļĒāļēāļāđāļĨāļ°āđāļĄāđāļāļąāđāļ§āļāļķāļ āļĢāļ°āļāļāļāļĩāđāļāļąāļāļāļēāļāļķāđāļāļāļĢāļ°āļāļāļāļāđāļ§āļĒāļŠāļāļāļŠāđāļ§āļāļāļ·āļāļŠāđāļ§āļāļŦāļāđāļēāđāļĨāļ°āļŠāđāļ§āļāļŦāļĨāļąāļ āļŠāļģāļŦāļĢāļąāļāļŠāđāļ§āļāļŦāļāđāļēāļāļ°āđāļāđāļāđāļ§āđāļāđāļāļāļāļĨāļīāđāļāļāļąāļāļāļāļŠāļĄāļēāļĢāđāļāđāļāļāļŠāļģāļŦāļĢāļąāļāđāļāđāļāļŠāđāļ§āļāļāđāļāļāļĢāļ°āļŠāļēāļāļāļąāļāļāļđāđāđāļāđ āļāļķāđāļāđāļāđāđāļāļāļēāļĢāļĢāļąāļāļ āļēāļāļāđāļēāļĒāļāļēāļāđāļāļĢāļāđāļĨāļ°āđāļŠāļāļāļāļĨāļāļēāļĢāļ§āļīāđāļāļĢāļēāļ°āļŦāđāļāļēāļĢāļāļĢāļ°āļĄāļ§āļĨāļāļĨāļ āļēāļ āđāļāļĒāļāļ°āļĢāļąāļāļŠāđāļāļāđāļāļĄāļđāļĨāđāļĨāļ°āļ āļēāļāļāļąāļāļŠāđāļ§āļāļŦāļĨāļąāļāļāđāļēāļāļāļēāļ Firebase Realtime Database āđāļĨāļ° Firebase Cloud Storage āđāļāļŠāđāļ§āļāļŦāļĨāļąāļāļāļ°āļāļĢāļ°āļāļāļāļāđāļ§āļĒāđāļāļĢāđāļāļĢāļĄāļāļģāļāļ§āļāđāļāļĒāđāļāđ MATLAB āļāļāđāļāļĢāļ·āđāļāļāđāļāļīāļĢāđāļāđāļ§āļāļĢāđāđāļĨāļ°āļāļĩāđāđāļāđāļāļāđāļāļĄāļđāļĨāļāļāļāļĨāļēāļ§āļāđāļāļāļ Firebase āđāļĄāđāļāļĨāļŠāļĩ HSV āđāļĨāļ° YCbCr āļĢāļ§āļĄāļāļąāđāļāļāļąāļĨāļāļāļĢāļīāļāļķāļĄ Otsu Thresholding āļāļđāļāđāļāđāļŠāļģāļŦāļĢāļąāļāļāļēāļĢāļāļĢāļ°āļĄāļ§āļĨāļāļĨāļ āļēāļāļāļīāļāļīāļāļąāļĨ āļāļēāļāļāļąāđāļāđāļāđāļŠāļāļĢāļīāļāļāđ Isgreen āļŠāļģāļŦāļĢāļąāļāļāļēāļĢāđāļĒāļāļŠāļĩāđāļāļ·āđāļāļāļģāļāļ§āļāđāļāļāļĢāđāđāļāđāļāļāđāļāļāļāļŠāļĩāđāļāļĩāļĒāļ§āļāļāļāļ āļēāļāđāļāļĨāļāļāđāļāļĒ āļāļĨāļĨāļąāļāļāđāļāļĩāđāđāļāđāļāļ°āđāļŠāļāļāđāļāđāļāļāļĢāļēāļāļāļāļŦāļāđāļēāđāļ§āđāļāđāļāļāļāļĨāļīāđāļāļāļąāļ āļāļķāđāļāļāļĨāļāļēāļĢāļ§āļīāđāļāļĢāļēāļ°āļŦāđāļāļĩāđāļāļ°āļāđāļ§āļĒāđāļŦāđāļāļđāđāđāļāđāļŦāļĢāļ·āļāđāļāļĐāļāļĢāļāļĢāļŠāļēāļĄāļēāļĢāļāļāļąāļāļŠāļīāļāđāļāđāļāļĩāđāļĒāļ§āļāļąāļāđāļ§āļĨāļēāļāļĩāđāđāļŦāļĄāļēāļ°āļŠāļĄāļāļĩāđāļāļ°āđāļāđāļāđāļāļĩāđāļĒāļ§āļāđāļāļāđāļāļĒāđāļāđ āļāļēāļāļāļēāļĢāļāļāļŠāļāļāļāļēāļĢāļāļģāļāļēāļāļāļāļāđāļ§āđāļāđāļāļāļāļĨāļīāđāļāļāļąāļāļāļāļ§āđāļēāļŠāļēāļĄāļēāļĢāļāļāļģāļāļēāļāđāļāđāļāļĒāđāļēāļāļāļđāļāļāđāļāļāļāļīāļāđāļāđāļāļĢāđāļāļĒāļĨāļ° 98.46 āđāļĨāļ°āļāļēāļāļāļēāļĢāļāļāļŠāļāļāļāļēāļĢāļāļĢāļ°āļĄāļ§āļĨāļāļĨāļ āļēāļāļāđāļēāļāđāļāļĢāđāļāļĢāļĄ MATLAB āđāļāļĒāđāļāđāļāļļāļāļāđāļāļĄāļđāļĨāļāļāļāļīāđāļĨāļ°āđāļĄāđāļāļāļāļī (āđāļāļĒāļāļēāļĢāļŦāļĄāļļāļāļ āļēāļ) āļāļāļ§āđāļēāđāļāļĢāđāļāļĢāļĄāļŠāļēāļĄāļēāļĢāļāđāļĒāļāļāļāļīāļāļāļāļāļāļ·āļāđāļāđāļāļĒāđāļēāļāļāļđāļāļāđāļāļāļāļīāļāđāļāđāļāļĢāđāļāļĒāļĨāļ° 98.89 āđāļĨāļ° 93.85 āļāļēāļĄāļĨāļģāļāļąāļSugarcane is one of the important economic crops of Thailand and generally used as a raw material for sugar industry. The survey of sugarcane field indicates the changes of sugarcane plants in sugarcane field. Therefore, the observation drone with camera is used for survey sugarcane field in hard-to-reach areas. This research is developed to take and analyze images of sugarcane field covering a wide area that cannot be observed thoroughly. The developed system consists of two parts: front-end part and backend part. The front-end part contains a web application on smartphone for user interface which is used to take the images from drone and show the results of image processing analysis. Data and images are transferred to the back-end part via Firebase Realtime Database and Firebase Cloud Storage. The back-end part includes a computational program using MATLAB on server and data storage on Firebase Cloud. HSV and YCbCr color models and also Otsu Thresholding algorithm are used for digital image processing. Then Isgreen script is used for color separation to calculate the percentage of a green color of sugarcane field images. The results are displayed in graph on the web application. These help users or farmers make a decision about the right time for harvesting sugarcane. From the functional test of the web application, it was found that 98.46% of the test was correct. Moreover, based on the image processing test via MATLAB using normal and non-normal data sets (by rotating the images), it was found that the program was able to correctly distinguish 98.89% and 93.85% of the plant species respectively
