In the IoT scenario, things at the edge can create significantly large amounts of data. Fog Computing has recently emerged as the paradigm to address the needs of edge computing in the Internet of Things (IoT) and Industrial Internet of Things (IIoT) applications. In a Fog Computing environment, much of the processing would take place closer to the edge in a router device, rather than having to be transmitted to the Fog. Authentication is an important issue for the security of fog computing since services are offered to massive-scale end users by front fog nodes.Fog computing faces new security and privacy challenges besides those inherited from cloud computing. Authentication helps to ensure and confirms a user's identity. The existing traditional password authentication does not provide enough security for the data and there have been instances when the password-based authentication has been manipulated to gain access into the data. Since the conventional methods such as passwords do not serve the purpose of data security, research worksare focused on biometric user authentication in fog computing environment. In this paper, we present biometric smartcard authentication to protect the fog computing environment.
Assurance of Security and Privacy Requirements for Cloud Deployment ModelIJMTST Journal
Regardless of the few advantages of relocating endeavor basic resources for the Cloud, there are challenges particularly identified with security and protection. It is imperative that Cloud Users comprehend their security and protection needs, in light of their particular setting and select cloud show best fit to help these requirements. The writing gives works that attention on talking about security and protection issues for cloud frameworks yet such works don't give a nitty gritty methodological way to deal with evoke security and security necessities neither one of the to choose cloud arrangement models in view of fulfillment of these prerequisites by Cloud Service Providers. This work propels the present best in class towards this bearing. Specifically, we consider necessities designing ideas to inspire and dissect security and protection prerequisites and their related instruments utilizing an applied structure and an orderly procedure. The work presents confirmation as proof for fulfilling the security and protection necessities as far as culmination and reportable of security occurrence through review. This enables point of view cloud clients to characterize their confirmation prerequisites with the goal that proper cloud models can be chosen for a given setting. To exhibit our work, we display comes about because of a genuine contextual analysis in view of the Greek National Gazette.
Security and Privacy Issues of Fog Computing: A SurveyHarshitParkar6677
Abstract. Fog computing is a promising computing paradigm that ex-
tends cloud computing to the edge of networks. Similar to cloud comput-
ing but with distinct characteristics, fog computing faces new security
and privacy challenges besides those inherited from cloud computing. In
this paper, we have surveyed these challenges and corresponding solu-
tions in a brief manner.
In cloud computing IT (Information Technology) related resources like infrastructure, platform and software can be utilized using web based tools and application through internet. Here Organizations are moving to the cloud computing some faster than others. However, moving to the cloud presents the organization with a number of risks to assess. Information security is the most critical risk for many organizations. This is because the intellectual property, trade secrets, personally identifiable information,
or other sensitive information can be powered by protecting information. This paper classified cloud
security based on the three service models of cloud computing SaaS, PaaS and IaaS. Attributes for each
type of security has also identified and briefly described here. We compared securities provided in different
services by world's best known cloud service providing companies such as Amazon AWS, Google App Engine, Windows Azure etc. considering cloud security category. Furthermore, we included recommendations for organizations who have decided to move their data into the cloud, but confused to choose the best service provider for their organization regarding information security.
Today, in the world of communication, connected systems is growing at a rapid pace. To accommodate this growth the need for computational power and storage is also increasing at a similar rate. Companies are investing a large amount of resources in buying, maintaining and ensuring availability of the system to their customers. To mitigate these issues, cloud computing is playing a major role [1]. The underlying concept of cloud computing dates back to the ‘50s but the term entering into widespread usage can be traced to 2006 when Amazon.com announced the Elastic Compute Cloud. In this paper, we will discuss about cloud security approaches. We have used the term “CloudDrain” to define data leakage in case of security compromise.
A Study on Cloud and Fog Computing Security Issues and SolutionsAM Publications
Cloud computing is the significant part of the data world. The security level in cloud is undefined. Fog computing is the new buzz word added to the technical world. And the term Fog was coined by CISCO. The need for Fog computing is security and gets the data more closely to the end-user. Fog Computing is not going to replace the Cloud computing, it will be acting as the intermediate layer for securing the data which is stored inside the cloud. The principal idea of this paper is to provide data safety measures to the Cloud storage through Fog Computing. Fog Computing will be playing the vital role for the future technology. The Internet of Things (IoT) will be using the Fog computing to implement the smart World concept. So, in the future we have to handle huge amount of data and we need to provide the security for the Data. This study gives the security solutions available for the different issues.
Assurance of Security and Privacy Requirements for Cloud Deployment ModelIJMTST Journal
Regardless of the few advantages of relocating endeavor basic resources for the Cloud, there are challenges particularly identified with security and protection. It is imperative that Cloud Users comprehend their security and protection needs, in light of their particular setting and select cloud show best fit to help these requirements. The writing gives works that attention on talking about security and protection issues for cloud frameworks yet such works don't give a nitty gritty methodological way to deal with evoke security and security necessities neither one of the to choose cloud arrangement models in view of fulfillment of these prerequisites by Cloud Service Providers. This work propels the present best in class towards this bearing. Specifically, we consider necessities designing ideas to inspire and dissect security and protection prerequisites and their related instruments utilizing an applied structure and an orderly procedure. The work presents confirmation as proof for fulfilling the security and protection necessities as far as culmination and reportable of security occurrence through review. This enables point of view cloud clients to characterize their confirmation prerequisites with the goal that proper cloud models can be chosen for a given setting. To exhibit our work, we display comes about because of a genuine contextual analysis in view of the Greek National Gazette.
Security and Privacy Issues of Fog Computing: A SurveyHarshitParkar6677
Abstract. Fog computing is a promising computing paradigm that ex-
tends cloud computing to the edge of networks. Similar to cloud comput-
ing but with distinct characteristics, fog computing faces new security
and privacy challenges besides those inherited from cloud computing. In
this paper, we have surveyed these challenges and corresponding solu-
tions in a brief manner.
In cloud computing IT (Information Technology) related resources like infrastructure, platform and software can be utilized using web based tools and application through internet. Here Organizations are moving to the cloud computing some faster than others. However, moving to the cloud presents the organization with a number of risks to assess. Information security is the most critical risk for many organizations. This is because the intellectual property, trade secrets, personally identifiable information,
or other sensitive information can be powered by protecting information. This paper classified cloud
security based on the three service models of cloud computing SaaS, PaaS and IaaS. Attributes for each
type of security has also identified and briefly described here. We compared securities provided in different
services by world's best known cloud service providing companies such as Amazon AWS, Google App Engine, Windows Azure etc. considering cloud security category. Furthermore, we included recommendations for organizations who have decided to move their data into the cloud, but confused to choose the best service provider for their organization regarding information security.
Today, in the world of communication, connected systems is growing at a rapid pace. To accommodate this growth the need for computational power and storage is also increasing at a similar rate. Companies are investing a large amount of resources in buying, maintaining and ensuring availability of the system to their customers. To mitigate these issues, cloud computing is playing a major role [1]. The underlying concept of cloud computing dates back to the ‘50s but the term entering into widespread usage can be traced to 2006 when Amazon.com announced the Elastic Compute Cloud. In this paper, we will discuss about cloud security approaches. We have used the term “CloudDrain” to define data leakage in case of security compromise.
A Study on Cloud and Fog Computing Security Issues and SolutionsAM Publications
Cloud computing is the significant part of the data world. The security level in cloud is undefined. Fog computing is the new buzz word added to the technical world. And the term Fog was coined by CISCO. The need for Fog computing is security and gets the data more closely to the end-user. Fog Computing is not going to replace the Cloud computing, it will be acting as the intermediate layer for securing the data which is stored inside the cloud. The principal idea of this paper is to provide data safety measures to the Cloud storage through Fog Computing. Fog Computing will be playing the vital role for the future technology. The Internet of Things (IoT) will be using the Fog computing to implement the smart World concept. So, in the future we have to handle huge amount of data and we need to provide the security for the Data. This study gives the security solutions available for the different issues.
Maintaining Secure Cloud by Continuous Auditingijtsrd
Increases in cloud computing capacity, as well as decreases in the cost of processing, are moving at a fast pace. These patterns make it incumbent upon organizations to keep pace with changes in technology that significantly influence security. Cloud security auditing depends upon the environment, and the rapid growth of cloud computing is an important new context in world economics. The small price of entry, bandwidth, and processing power capability means that individuals and organizations of all sizes have more capacity and agility to exercise shifts in computation and to disrupt industry in cyberspace than more traditional domains of business economics worldwide. An analysis of prevalent cloud security issues and the utilization of cloud audit methods can mitigate security concerns. This verification methodology indicates how to use frameworks to review cloud service providers (CSPs). The key barrier to widespread uptake of cloud computing is the lack of trust in clouds by potential customers. While preventive controls for security and privacy are actively researched, there is still little focus on detective controls related to cloud accountability and auditability. The complexity resulting from large-scale virtualization and data distribution carried out in current clouds has revealed an urgent research agenda for cloud accountability, as has the shift in focus of customer concerns from servers to data. M. Kanimozhi | A. Aishwarya | S. Triumal"Maintaining Secure Cloud by Continuous Auditing" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-2 | Issue-3 , April 2018, URL: http://www.ijtsrd.com/papers/ijtsrd10829.pdf http://www.ijtsrd.com/engineering/computer-engineering/10829/maintaining-secure-cloud-by-continuous-auditing/m-kanimozhi
The paradigm called “Cloud computing” acts as a mechanism for attaining the resources of shared technology and infrastructure cost-effectively. The on-demand services are accomplished to execute the various operations across the network. Regularly, the last client doesn't know about the area of open physical assets and devices. Developing, using, and dealing with their applications 'on the cloud', which includes virtualization of assets that keeps and guides itself are led by arranged activities to clients. Calculation experience the new methodology of cloud computing which perhaps keeps the world and can set up all the human necessities. At the end of the day, cloud computing is the ensuing normal step in the development of on-request data innovation administrations and items. The Cloud is an allegory for the Internet and is an idea for the secured confused foundation; it likewise relies upon drawing network graphs on a computer. In this work, thorough investigations of distributed computing security and protection concerns are given. The work distinguishes both the identified and unidentified attacks, vulnerabilities in the cloud, security attacks and also the solutions to control these threats and attacks. Moreover, the restrictions of the present solutions and offers various perceptions of security viewpoints are distinguished and explored. At long last, a cloud security system is given in which the different lines of protection and the reliance levels among them are identified.
Cloud Computing Security Issues and ChallengesCSCJournals
Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.
Comparison of data security in grid and cloud computingeSAT Journals
Abstract In the current era, Grid computing and cloud computing are the main fields in the research work. This thesis define which are the main security issues to be considered in cloud computing and grid computing, and how some of these security issues are solved. Comparative study shows the grid security is tighter than the cloud. It also shows cloud computing is less secure and faced security problems. This research work is based on main security problems in cloud computing such as authentication, authorization, access control and security infrastructure (SLA). Cloud infrastructure is based on service level agreement; simply cloud providers provide different services to cloud’s users and organizations with an agreement known SLA. So the security and privacy of user’s data is the main problem, because unauthorized person can’t access the data of cloud user. Hacking and data leakage are the common threats in cloud computing. As the security due to hackers increase over internet and the cloud computing is totally on internet. At this time, cloud computing demand the tight password protection and strong authentication and authorization procedure. For an increased level of security, privacy and password protection, we provide a new strong authentication model named “Two factor authentications using graphical password with pass point scheme”. This authentication model includes the login procedure, access control that is based on service level agreement (SLA) in cloud computing. Index Terms: Cloud computing, Authentication, login, Recognition, Recall, Pass point, security, Cloud Provider, Service level Agreement, Two Factor Authentication
Abstract: Distributed computing is a situated of IT administrations that are given to a client more than a system on a rented premise and with the capacity to scale up or down their administration necessities. Generally cloud registering administrations are conveyed by an outsider supplier who possesses the foundation. It favorable circumstances to specify yet a couple incorporate versatility, strength, adaptability, productivity and outsourcing non-center exercises. Distributed computing offers an imaginative plan of action for associations to receive IT benefits without forthright speculation. Notwithstanding the potential increases accomplished from the distributed computing, the associations are moderate in tolerating it because of security issues and difficulties connected with it. Security is one of the significant issues which hamper the development of cloud. The thought of giving over vital information to another organization is troubling; such that the shoppers should be cautious in comprehension the dangers of information breaks in this new environment. This paper presents a point by point examination of the distributed computing security issues furthermore, difficulties concentrating on the distributed computing sorts and the administration conveyance sorts.Keywords: Cloud Computing, Scalability, Infrastructure, IT.
Title: Cloud Computing Security Issues and Challenges
Author: Nishant Katiyar
ISSN 2350-1022
International Journal of Recent Research in Mathematics Computer Science and Information Technology
Paper Publications
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
The term “fog computing” or “edge computing” means that rather than hosting and working from a centralized cloud, fog systems operate on network ends. It is a term for placing some processes and resources at the edge of the cloud, instead of establishing channels for cloud storage and utilization.
A Data Sharing Protocol to Minimize Security and Privacy Risks in Cloud Storageijtsrd
Data contribution in the cloud is a procedure so as to allow users to expediently right of entry information in excess of the cloud. The information holder outsources their data in the cloud due to cost lessening and the huge amenities provided by cloud services. Information holder is not able to manage over their information, since cloud examination contributor is a third party contributor. The main disaster with data partaking in the cloud is the seclusion and safety measures issues. Different techniques are obtainable to sustain user seclusion and protected data sharing. This paper focal point on different schemes to contract by means of protected data partaking such as information contribution with forward security, protected information partaking for energetic groups, quality based information partaking, encrypted data sharing and mutual influence Based Privacy Preserving verification set of rules for right to use manage of outsourced information. S. Nandhini Devi | Mr. S. Rajarajan "A Data Sharing Protocol to Minimize Security and Privacy Risks in Cloud Storage" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-6 , October 2019, URL: https://www.ijtsrd.com/papers/ijtsrd29345.pdf Paper URL: https://www.ijtsrd.com/computer-science/computer-security/29345/a-data-sharing-protocol-to-minimize-security-and-privacy-risks-in-cloud-storage/s-nandhini-devi
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
Cloud computing is a distributed computing system that offers managed, scalable and secured and high available computation resources and software as a service. Mobile computing is the combination of the heterogeneous domains like Mobile computing, Cloud computing & wireless networks.This paper mainly discusses the literature review on Cloud and the Mobile cloud computing. Here in this paper we analyse existing security challenges and issues involved in the cloud computing and Mobile cloud environment. This paper identifies key issues, which are believed to have long-term significance in cloud computing & mobile cloud security and privacy, based on documented problems and exhibited weaknesses.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
Research proposal on Computing Security and Reliability - Phdassistance.comPhD Assistance
From introducing new international standards to having an important role to play in several industries, computer science is one of the powerful subjects right now. You cannot guess a single area that does not need computer systems or efficient networking options. Because Technology and Computer Science go together for any field.
Stating this, there are a few core subjects inside computer science that are unpredictable in its future use. One such case is with computing technologies.
Visite : https://www.phdassistance.com/blog/
Contact Us:
UK NO: +44-1143520021
India No: +91-8754446690
Email: info@phdassistance.com
EFFECTIVE METHOD FOR MANAGING AUTOMATION AND MONITORING IN MULTI-CLOUD COMPUT...IJNSA Journal
Multi-cloud is an advanced version of cloud computing that allows its users to utilize different cloud systems from several Cloud Service Providers (CSPs) remotely. Although it is a very efficient computing
facility, threat detection, data protection, and vendor lock-in are the major security drawbacks of this infrastructure. These factors act as a catalyst in promoting serious cyber-crimes of the virtual world. Privacy and safety issues of a multi-cloud environment have been overviewed in this research paper. The
objective of this research is to analyze some logical automation and monitoring provisions, such as monitoring Cyber-physical Systems (CPS), home automation, automation in Big Data Infrastructure (BDI), Disaster Recovery (DR), and secret protection. The Results of this research investigation indicate that it is possible to avoid security snags of a multi-cloud interface by adopting these scientific solutions methodically.
It auditing to assure a secure cloud computingingenioustech
Dear Students
Ingenious techno Solution offers an expertise guidance on you Final Year IEEE & Non- IEEE Projects on the following domain
JAVA
.NET
EMBEDDED SYSTEMS
ROBOTICS
MECHANICAL
MATLAB etc
For further details contact us:
enquiry@ingenioustech.in
044-42046028 or 8428302179.
Ingenious Techno Solution
#241/85, 4th floor
Rangarajapuram main road,
Kodambakkam (Power House)
http://www.ingenioustech.in/
Maintaining Secure Cloud by Continuous Auditingijtsrd
Increases in cloud computing capacity, as well as decreases in the cost of processing, are moving at a fast pace. These patterns make it incumbent upon organizations to keep pace with changes in technology that significantly influence security. Cloud security auditing depends upon the environment, and the rapid growth of cloud computing is an important new context in world economics. The small price of entry, bandwidth, and processing power capability means that individuals and organizations of all sizes have more capacity and agility to exercise shifts in computation and to disrupt industry in cyberspace than more traditional domains of business economics worldwide. An analysis of prevalent cloud security issues and the utilization of cloud audit methods can mitigate security concerns. This verification methodology indicates how to use frameworks to review cloud service providers (CSPs). The key barrier to widespread uptake of cloud computing is the lack of trust in clouds by potential customers. While preventive controls for security and privacy are actively researched, there is still little focus on detective controls related to cloud accountability and auditability. The complexity resulting from large-scale virtualization and data distribution carried out in current clouds has revealed an urgent research agenda for cloud accountability, as has the shift in focus of customer concerns from servers to data. M. Kanimozhi | A. Aishwarya | S. Triumal"Maintaining Secure Cloud by Continuous Auditing" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-2 | Issue-3 , April 2018, URL: http://www.ijtsrd.com/papers/ijtsrd10829.pdf http://www.ijtsrd.com/engineering/computer-engineering/10829/maintaining-secure-cloud-by-continuous-auditing/m-kanimozhi
The paradigm called “Cloud computing” acts as a mechanism for attaining the resources of shared technology and infrastructure cost-effectively. The on-demand services are accomplished to execute the various operations across the network. Regularly, the last client doesn't know about the area of open physical assets and devices. Developing, using, and dealing with their applications 'on the cloud', which includes virtualization of assets that keeps and guides itself are led by arranged activities to clients. Calculation experience the new methodology of cloud computing which perhaps keeps the world and can set up all the human necessities. At the end of the day, cloud computing is the ensuing normal step in the development of on-request data innovation administrations and items. The Cloud is an allegory for the Internet and is an idea for the secured confused foundation; it likewise relies upon drawing network graphs on a computer. In this work, thorough investigations of distributed computing security and protection concerns are given. The work distinguishes both the identified and unidentified attacks, vulnerabilities in the cloud, security attacks and also the solutions to control these threats and attacks. Moreover, the restrictions of the present solutions and offers various perceptions of security viewpoints are distinguished and explored. At long last, a cloud security system is given in which the different lines of protection and the reliance levels among them are identified.
Cloud Computing Security Issues and ChallengesCSCJournals
Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.
Comparison of data security in grid and cloud computingeSAT Journals
Abstract In the current era, Grid computing and cloud computing are the main fields in the research work. This thesis define which are the main security issues to be considered in cloud computing and grid computing, and how some of these security issues are solved. Comparative study shows the grid security is tighter than the cloud. It also shows cloud computing is less secure and faced security problems. This research work is based on main security problems in cloud computing such as authentication, authorization, access control and security infrastructure (SLA). Cloud infrastructure is based on service level agreement; simply cloud providers provide different services to cloud’s users and organizations with an agreement known SLA. So the security and privacy of user’s data is the main problem, because unauthorized person can’t access the data of cloud user. Hacking and data leakage are the common threats in cloud computing. As the security due to hackers increase over internet and the cloud computing is totally on internet. At this time, cloud computing demand the tight password protection and strong authentication and authorization procedure. For an increased level of security, privacy and password protection, we provide a new strong authentication model named “Two factor authentications using graphical password with pass point scheme”. This authentication model includes the login procedure, access control that is based on service level agreement (SLA) in cloud computing. Index Terms: Cloud computing, Authentication, login, Recognition, Recall, Pass point, security, Cloud Provider, Service level Agreement, Two Factor Authentication
Abstract: Distributed computing is a situated of IT administrations that are given to a client more than a system on a rented premise and with the capacity to scale up or down their administration necessities. Generally cloud registering administrations are conveyed by an outsider supplier who possesses the foundation. It favorable circumstances to specify yet a couple incorporate versatility, strength, adaptability, productivity and outsourcing non-center exercises. Distributed computing offers an imaginative plan of action for associations to receive IT benefits without forthright speculation. Notwithstanding the potential increases accomplished from the distributed computing, the associations are moderate in tolerating it because of security issues and difficulties connected with it. Security is one of the significant issues which hamper the development of cloud. The thought of giving over vital information to another organization is troubling; such that the shoppers should be cautious in comprehension the dangers of information breaks in this new environment. This paper presents a point by point examination of the distributed computing security issues furthermore, difficulties concentrating on the distributed computing sorts and the administration conveyance sorts.Keywords: Cloud Computing, Scalability, Infrastructure, IT.
Title: Cloud Computing Security Issues and Challenges
Author: Nishant Katiyar
ISSN 2350-1022
International Journal of Recent Research in Mathematics Computer Science and Information Technology
Paper Publications
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
The term “fog computing” or “edge computing” means that rather than hosting and working from a centralized cloud, fog systems operate on network ends. It is a term for placing some processes and resources at the edge of the cloud, instead of establishing channels for cloud storage and utilization.
A Data Sharing Protocol to Minimize Security and Privacy Risks in Cloud Storageijtsrd
Data contribution in the cloud is a procedure so as to allow users to expediently right of entry information in excess of the cloud. The information holder outsources their data in the cloud due to cost lessening and the huge amenities provided by cloud services. Information holder is not able to manage over their information, since cloud examination contributor is a third party contributor. The main disaster with data partaking in the cloud is the seclusion and safety measures issues. Different techniques are obtainable to sustain user seclusion and protected data sharing. This paper focal point on different schemes to contract by means of protected data partaking such as information contribution with forward security, protected information partaking for energetic groups, quality based information partaking, encrypted data sharing and mutual influence Based Privacy Preserving verification set of rules for right to use manage of outsourced information. S. Nandhini Devi | Mr. S. Rajarajan "A Data Sharing Protocol to Minimize Security and Privacy Risks in Cloud Storage" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-6 , October 2019, URL: https://www.ijtsrd.com/papers/ijtsrd29345.pdf Paper URL: https://www.ijtsrd.com/computer-science/computer-security/29345/a-data-sharing-protocol-to-minimize-security-and-privacy-risks-in-cloud-storage/s-nandhini-devi
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
Cloud computing is a distributed computing system that offers managed, scalable and secured and high available computation resources and software as a service. Mobile computing is the combination of the heterogeneous domains like Mobile computing, Cloud computing & wireless networks.This paper mainly discusses the literature review on Cloud and the Mobile cloud computing. Here in this paper we analyse existing security challenges and issues involved in the cloud computing and Mobile cloud environment. This paper identifies key issues, which are believed to have long-term significance in cloud computing & mobile cloud security and privacy, based on documented problems and exhibited weaknesses.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
Research proposal on Computing Security and Reliability - Phdassistance.comPhD Assistance
From introducing new international standards to having an important role to play in several industries, computer science is one of the powerful subjects right now. You cannot guess a single area that does not need computer systems or efficient networking options. Because Technology and Computer Science go together for any field.
Stating this, there are a few core subjects inside computer science that are unpredictable in its future use. One such case is with computing technologies.
Visite : https://www.phdassistance.com/blog/
Contact Us:
UK NO: +44-1143520021
India No: +91-8754446690
Email: info@phdassistance.com
EFFECTIVE METHOD FOR MANAGING AUTOMATION AND MONITORING IN MULTI-CLOUD COMPUT...IJNSA Journal
Multi-cloud is an advanced version of cloud computing that allows its users to utilize different cloud systems from several Cloud Service Providers (CSPs) remotely. Although it is a very efficient computing
facility, threat detection, data protection, and vendor lock-in are the major security drawbacks of this infrastructure. These factors act as a catalyst in promoting serious cyber-crimes of the virtual world. Privacy and safety issues of a multi-cloud environment have been overviewed in this research paper. The
objective of this research is to analyze some logical automation and monitoring provisions, such as monitoring Cyber-physical Systems (CPS), home automation, automation in Big Data Infrastructure (BDI), Disaster Recovery (DR), and secret protection. The Results of this research investigation indicate that it is possible to avoid security snags of a multi-cloud interface by adopting these scientific solutions methodically.
It auditing to assure a secure cloud computingingenioustech
Dear Students
Ingenious techno Solution offers an expertise guidance on you Final Year IEEE & Non- IEEE Projects on the following domain
JAVA
.NET
EMBEDDED SYSTEMS
ROBOTICS
MECHANICAL
MATLAB etc
For further details contact us:
enquiry@ingenioustech.in
044-42046028 or 8428302179.
Ingenious Techno Solution
#241/85, 4th floor
Rangarajapuram main road,
Kodambakkam (Power House)
http://www.ingenioustech.in/
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...ijccsa
The introduction of Internet of Things (IoT) applications into daily life has raised serious privacy concerns
among consumers, network service providers, device manufacturers, and other parties involved. This paper
gives a high-level overview of the three phases of data collecting, transmission, and storage in IoT systems
as well as current privacy-preserving technologies. The following elements were investigated during these
three phases:(1) Physical and data connection layer security mechanisms(2) Network remedies(3)
Techniques for distributing and storing data. Real-world systems frequently have multiple phases and
incorporate a variety of methods to guarantee privacy. Therefore, for IoT research, design, development,
and operation, having a thorough understanding of all phases and their technologies can be beneficial. In
this Study introduced two independent methodologies namely generic differential privacy (GenDP) and
Cluster-Based Differential privacy ( Cluster-based DP) algorithms for handling metadata as intents and
intent scope to maintain privacy and security of IoT data in cloud environments. With its help, we can
virtual and connect enormous numbers of devices, get a clearer understanding of the IoT architecture, and
store data eternally. However, due of the dynamic nature of the environment, the diversity of devices, the
ad hoc requirements of multiple stakeholders, and hardware or network failures, it is a very challenging
task to create security-, privacy-, safety-, and quality-aware Internet of Things apps. It is becoming more
and more important to improve data privacy and security through appropriate data acquisition. The
proposed approach resulted in reduced loss performance as compared to Support Vector Machine (SVM) ,
Random Forest (RF) .
Cloud data security and various cryptographic algorithms IJECEIAES
Cloud computing has spread widely among different organizations due to its advantages, such as cost reduction, resource pooling, broad network access, and ease of administration. It increases the abilities of physical resources by optimizing shared use. Clients’ valuable items (data and applications) are moved outside of regulatory supervision in a shared environment where many clients are grouped together. However, this process poses security concerns, such as sensitive information theft and personally identifiable data leakage. Many researchers have contributed to reducing the problem of data security in cloud computing by developing a variety of technologies to secure cloud data, including encryption. In this study, a set of encryption algorithms (advance encryption standard (AES), data encryption standard (DES), Blowfish, Rivest-Shamir-Adleman (RSA) encryption, and international data encryption algorithm (IDEA) was compared in terms of security, data encipherment capacity, memory usage, and encipherment time to determine the optimal algorithm for securing cloud information from hackers. Results show that RSA and IDEA are less secure than AES, Blowfish, and DES). The AES algorithm encrypts a huge amount of data, takes the least encipherment time, and is faster than other algorithms, and the Blowfish algorithm requires the least amount of memory space.
Efficient ECC-Based Authentication Scheme for Fog-Based IoT EnvironmentIJCNCJournal
The rapid growth of cloud computing and Internet of Things (IoT) applications faces several threats, such as latency, security, network failure, and performance. These issues are solved with the development of fog computing, which brings storage and computation closer to IoT-devices. However, there are several challenges faced by security designers, engineers, and researchers to secure this environment. To ensure the confidentiality of data that passes between the connected devices, digital signature protocols have been applied to the authentication of identities and messages. However, in the traditional method, a user's private key is directly stored on IoTs, so the private key may be disclosed under various malicious attacks. Furthermore, these methods require a lot of energy, which drains the resources of IoT-devices. A signature scheme based on the elliptic curve digital signature algorithm (ECDSA) is proposed in this paper to improve the security of the private key and the time taken for key-pair generation. ECDSA security is based on the intractability of the Elliptic Curve Discrete Logarithm Problem (ECDLP), which allows one to use much smaller groups. Smaller group sizes directly translate into shorter signatures, which is a crucial feature in settings where communication bandwidth is limited, or data transfer consumes a large amount of energy. In this paper, we have chosen the safe curve types of elliptic-curve cryptography (ECC) such as M221, SECP256r1, curve 25519, Brainpool P256t1, and M-551. These types of curves are the most secure curves of other curves of ECC as their security is based on the complexity of the ECDLP of the curve. And these types of curves exceed the complexity of the ECDLP. A valid signature can be generated without reestablishing the whole private key. ECDSA ensures data security and successfully reduces intermediate attacks. The efficiency and effectiveness of ECDSA in the IoT environment are validated by experimental evaluation and comparison analysis. The results indicate that, in comparison to the two-party ECDSA and RSA, the proposed ECDSA decreases computation time by 65% and 87%, respectively. Additionally, as compared to two-party ECDSA and RSA, respectively, it reduces energy consumption by 77% and 82%.
Efficient ECC-Based Authentication Scheme for Fog-Based IoT EnvironmentIJCNCJournal
The rapid growth of cloud computing and Internet of Things (IoT) applications faces several threats, such as latency, security, network failure, and performance. These issues are solved with the development of fog computing, which brings storage and computation closer to IoT-devices. However, there are several challenges faced by security designers, engineers, and researchers to secure this environment. To ensure the confidentiality of data that passes between the connected devices, digital signature protocols have been applied to the authentication of identities and messages. However, in the traditional method, a user's private key is directly stored on IoTs, so the private key may be disclosed under various malicious attacks. Furthermore, these methods require a lot of energy, which drains the resources of IoT-devices. A signature scheme based on the elliptic curve digital signature algorithm (ECDSA) is proposed in this paper to improve the security of the private key and the time taken for key-pair generation. ECDSA security is based on the intractability of the Elliptic Curve Discrete Logarithm Problem (ECDLP), which allows one to use much smaller groups. Smaller group sizes directly translate into shorter signatures, which is a crucial feature in settings where communication bandwidth is limited, or data transfer consumes a large amount of energy. In this paper, we have chosen the safe curve types of elliptic-curve cryptography (ECC) such as M221, SECP256r1, curve 25519, Brainpool P256t1, and M-551. These types of curves are the most secure curves of other curves of ECC as their security is based on the complexity of the ECDLP of the curve. And these types of curves exceed the complexity of the ECDLP. A valid signature can be generated without reestablishing the whole private key. ECDSA ensures data security and successfully reduces intermediate attacks. The efficiency and effectiveness of ECDSA in the IoT environment are validated by experimental evaluation and comparison analysis. The results indicate that, in comparison to the two-party ECDSA and RSA, the proposed ECDSA decreases computation time by 65% and 87%, respectively. Additionally, as compared to two-party ECDSA and RSA, respectively, it reduces energy consumption by 77% and 82%.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
A data quarantine model to secure data in edge computingIJECEIAES
Edge computing provides an agile data processing platform for latencysensitive and communication-intensive applications through a decentralized cloud and geographically distributed edge nodes. Gaining centralized control over the edge nodes can be challenging due to security issues and threats. Among several security issues, data integrity attacks can lead to inconsistent data and intrude edge data analytics. Further intensification of the attack makes it challenging to mitigate and identify the root cause. Therefore, this paper proposes a new concept of data quarantine model to mitigate data integrity attacks by quarantining intruders. The efficient security solutions in cloud, ad-hoc networks, and computer systems using quarantine have motivated adopting it in edge computing. The data acquisition edge nodes identify the intruders and quarantine all the suspected devices through dimensionality reduction. During quarantine, the proposed concept builds the reputation scores to determine the falsely identified legitimate devices and sanitize their affected data to regain data integrity. As a preliminary investigation, this work identifies an appropriate machine learning method, linear discriminant analysis (LDA), for dimensionality reduction. The LDA results in 72.83% quarantine accuracy and 0.9 seconds training time, which is efficient than other state-of-the-art methods. In future, this would be implemented and validated with ground truth data.
Review on Security Aspects for Cloud Architecture IJECEIAES
Cloud computing is one of the fastest growing and popular technology in the field of computing. As the concept of cloud computing was introduced in 2006. Since then large number of IT industries join the queue to develop many cloud services and put sensitive information over cloud. In fact cloud computing is no doubt the great innovation in the field of computing but at the same time also poses many challenges. Since a large number of organizations migrate their business to cloud and hence it appears as an attractive target for the malicious attack. The purpose of the paper is to review the available literature for security concerns and highlight a relationship between vulnerabilities, attacks and threats in SaaS model. A mapping is being presented to highlight the impact of vulnerabilities and attacks.
Proposed system for data security in distributed computing in using triple d...IJECEIAES
Cloud computing is considered a distributed computing paradigm in which resources are provided as services. In cloud computing, the applications do not run from a user’s personal computer but are run and stored on distributed servers on the Internet. The resources of the cloud infrastructures are shared on cloud computing on the Internet in the open environment. This increases the security problems in security such as data confidentiality, data integrity and data availability, so the solution of such problems are conducted by adopting data encryption is very important for securing users data. In this paper, a comparative study is done between the two security algorithms on a cloud platform called eyeOS. From the comparative study it was found that the Rivest Shamir Adlemen (3kRSA) algorithm outperforms that triple data encryption standard (3DES) algorithm with respect to the complexity, and output bytes. The main drawback of the 3kRSA algorithm is its computation time, while 3DES is faster than that 3kRSA. This is useful for storing large amounts of data used in the cloud computing, the key distribution and authentication of the asymmetric encryption, speed, data integrity and data confidentiality of the symmetric encryption are also important also it enables to execute required computations on this encrypted data.
Security Issues’ in Cloud Computing and its Solutions. IJCERT JOURNAL
Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...IJERA Editor
In this paper, SMCSaaS is proposed to secure email system based on Web Service and Cloud Computing
Model. The model offers end-to-end security, privacy, and non-repudiation of PKI without the associated
infrastructure complexity. The Proposed Model control risks in Cloud Computing like Insecure Application
Programming Interfaces, Malicious Insiders, Data Loss Shared Technology Vulnerabilities, or Leakage,
Account, Service, Traffic Hijacking and Unknown Risk Profile
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdffxintegritypublishin
Advancements in technology unveil a myriad of electrical and electronic breakthroughs geared towards efficiently harnessing limited resources to meet human energy demands. The optimization of hybrid solar PV panels and pumped hydro energy supply systems plays a pivotal role in utilizing natural resources effectively. This initiative not only benefits humanity but also fosters environmental sustainability. The study investigated the design optimization of these hybrid systems, focusing on understanding solar radiation patterns, identifying geographical influences on solar radiation, formulating a mathematical model for system optimization, and determining the optimal configuration of PV panels and pumped hydro storage. Through a comparative analysis approach and eight weeks of data collection, the study addressed key research questions related to solar radiation patterns and optimal system design. The findings highlighted regions with heightened solar radiation levels, showcasing substantial potential for power generation and emphasizing the system's efficiency. Optimizing system design significantly boosted power generation, promoted renewable energy utilization, and enhanced energy storage capacity. The study underscored the benefits of optimizing hybrid solar PV panels and pumped hydro energy supply systems for sustainable energy usage. Optimizing the design of solar PV panels and pumped hydro energy supply systems as examined across diverse climatic conditions in a developing country, not only enhances power generation but also improves the integration of renewable energy sources and boosts energy storage capacities, particularly beneficial for less economically prosperous regions. Additionally, the study provides valuable insights for advancing energy research in economically viable areas. Recommendations included conducting site-specific assessments, utilizing advanced modeling tools, implementing regular maintenance protocols, and enhancing communication among system components.
Vaccine management system project report documentation..pdfKamal Acharya
The Division of Vaccine and Immunization is facing increasing difficulty monitoring vaccines and other commodities distribution once they have been distributed from the national stores. With the introduction of new vaccines, more challenges have been anticipated with this additions posing serious threat to the already over strained vaccine supply chain system in Kenya.
Quality defects in TMT Bars, Possible causes and Potential Solutions.PrashantGoswami42
Maintaining high-quality standards in the production of TMT bars is crucial for ensuring structural integrity in construction. Addressing common defects through careful monitoring, standardized processes, and advanced technology can significantly improve the quality of TMT bars. Continuous training and adherence to quality control measures will also play a pivotal role in minimizing these defects.
Welcome to WIPAC Monthly the magazine brought to you by the LinkedIn Group Water Industry Process Automation & Control.
In this month's edition, along with this month's industry news to celebrate the 13 years since the group was created we have articles including
A case study of the used of Advanced Process Control at the Wastewater Treatment works at Lleida in Spain
A look back on an article on smart wastewater networks in order to see how the industry has measured up in the interim around the adoption of Digital Transformation in the Water Industry.
Cosmetic shop management system project report.pdfKamal Acharya
Buying new cosmetic products is difficult. It can even be scary for those who have sensitive skin and are prone to skin trouble. The information needed to alleviate this problem is on the back of each product, but it's thought to interpret those ingredient lists unless you have a background in chemistry.
Instead of buying and hoping for the best, we can use data science to help us predict which products may be good fits for us. It includes various function programs to do the above mentioned tasks.
Data file handling has been effectively used in the program.
The automated cosmetic shop management system should deal with the automation of general workflow and administration process of the shop. The main processes of the system focus on customer's request where the system is able to search the most appropriate products and deliver it to the customers. It should help the employees to quickly identify the list of cosmetic product that have reached the minimum quantity and also keep a track of expired date for each cosmetic product. It should help the employees to find the rack number in which the product is placed.It is also Faster and more efficient way.
Final project report on grocery store management system..pdfKamal Acharya
In today’s fast-changing business environment, it’s extremely important to be able to respond to client needs in the most effective and timely manner. If your customers wish to see your business online and have instant access to your products or services.
Online Grocery Store is an e-commerce website, which retails various grocery products. This project allows viewing various products available enables registered users to purchase desired products instantly using Paytm, UPI payment processor (Instant Pay) and also can place order by using Cash on Delivery (Pay Later) option. This project provides an easy access to Administrators and Managers to view orders placed using Pay Later and Instant Pay options.
In order to develop an e-commerce website, a number of Technologies must be studied and understood. These include multi-tiered architecture, server and client-side scripting techniques, implementation technologies, programming language (such as PHP, HTML, CSS, JavaScript) and MySQL relational databases. This is a project with the objective to develop a basic website where a consumer is provided with a shopping cart website and also to know about the technologies used to develop such a website.
This document will discuss each of the underlying technologies to create and implement an e- commerce website.
TECHNICAL TRAINING MANUAL GENERAL FAMILIARIZATION COURSEDuvanRamosGarzon1
AIRCRAFT GENERAL
The Single Aisle is the most advanced family aircraft in service today, with fly-by-wire flight controls.
The A318, A319, A320 and A321 are twin-engine subsonic medium range aircraft.
The family offers a choice of engines
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
1. International Journal of Network Security & Its Applications (IJNSA) Vol. 10, No.6, November 2018
DOI: 10.5121/ijnsa.2018.10604 35
BIOMETRIC SMARTCARD AUTHENTICATION FOR
FOG COMPUTING
Kashif Munir and Lawan A. Mohammed
University of Hafr Al Batin, KSA
ABSTRACT:
In the IoT scenario, things at the edge can create significantly large amounts of data. Fog Computing has
recently emerged as the paradigm to address the needs of edge computing in the Internet of Things (IoT)
and Industrial Internet of Things (IIoT) applications. In a Fog Computing environment, much of the
processing would take place closer to the edge in a router device, rather than having to be transmitted to
the Fog. Authentication is an important issue for the security of fog computing since services are offered to
massive-scale end users by front fog nodes.Fog computing faces new security and privacy challenges
besides those inherited from cloud computing. Authentication helps to ensure and confirms a user's
identity. The existing traditional password authentication does not provide enough security for the data and
there have been instances when the password-based authentication has been manipulated to gain access
into the data. Since the conventional methods such as passwords do not serve the purpose of data security,
research worksare focused on biometric user authentication in fog computing environment. In this paper,
we present biometric smartcard authentication to protect the fog computing environment.
KEYWORDS:
Biometric Authentication, Fog Computing, Security
1. INTRODUCTION
Fog computing, also known as fogging/edge computing, is a model in which data, processing,and
applications are concentrated in devices at the network edge rather than existing almost entirely in
the fog as per Cisco [6]. The concentration means that data can be processed locally in smart
devices rather than being sent to the fog for processing. As per [26], Fog computing is one
approach to dealing with the demands of the ever-increasing number of Internet-connected
devices sometimes referred to as IoT. Cisco recently delivered the vision of fog computing to run
applications on connected devices that would run directly at the network edge. Customers can
develop, manage, and run software applications on the Cisco framework of the networked
devices. This includes the difficult routes and switches. Cisco brought this new innovation where
they combined the open-source Linux and network operating system together in a single network
device.
According to [3], fog computing is considered as an extension of the cloud computing to the edge
of the network, which is a highly virtualized platform of the resource pool that provides
computation, storage, and networking services to nearby end users. As per [23], fog computing as
“a scenario where a huge number of heterogeneous (wireless and sometimes autonomous)
ubiquitous and decentralized devices communicate and potentially cooperate among them and
with the network to perform storage and processing tasks without theintervention of third parties.
These tasks can beused for supporting basic network functions or new services and applications
2. International Journal of Network Security & Its Applications (IJNSA) Vol. 10, No.6, November 2018
36
that run in a sandboxed environment. Users leasing part of their devices to host these services get
incentives for doing so.” Although those definitions are still debatable before, fog computing is
no longer a buzzword.
According to [4],Fog model provides benefits in advertising, computing, entertainment, and other
applications, well positioned for data analytics and distributed data collection points. End services
like, set-up-boxes and access points can be easily hosted using fogging. It improves QoS and
reduces latency. The main task of fogging is positioning information near to the user at the
network edge. In general, some of the major benefits of fog computing are:
The significant reduction in data movement across the network resulting in reduced
congestion, cost and latency, elimination of bottlenecks resulting from centralized
computing systems, improved security of encrypted data as it stays closer to the end user
reducing exposure to hostile elements and improved scalability arising from virtualized
systems.
Eliminates the core computing environment, thereby reducing a major block and a point
of failure.
Improves the security, as data are encoded as it is moved towards the network edge.
Edge Computing, in addition to providingthe sub-second response to end users, it also
provides high levels of scalability, reliability and fault tolerance.
Consumes less amount of bandwidth.
The OpenFog consortium released the OpenFog reference architecture (RA) recommendations for
anyone wishing to implement fog computing or any fog-based applications. The OpenFog
Reference Architecture is based on eight core technical principles, termed pillars, which represent
the key attributes that a system needs to encompass to be defined as “OpenFog.” These pillars
include security, scalability, openness, autonomy, RAS (reliability, availability, and
serviceability), agility, hierarchy and programmability.
Figure 1: The OpenFog Reference Architecture(https://www.openfogconsortium.org/ra/)
A detailed architecture stack shows the interrelationships between various hardware, software
infrastructure, and application software layers, as well as various cross-cutting concernssuchas
3. International Journal of Network Security & Its Applications (IJNSA) Vol. 10, No.6, November 2018
37
security, performance, manageability, analytics and controlthat impact the function of all
layers. As security is one of the most complex and critical aspects of IoT systems, a special
appendix dives deeply into OpenFog security guidelines. The OpenFog architecture is depicted in
figure 1 above.
2. RELATED WORK
Although there are numerous novel studies contributed tothe secure authentication system, recent
studies have mostly considered cloud storage environments rather than fog computing. In this
section, we briefly summarize some few ones among those that address fog computing and point
out their limitations and difficulties in direct adoption to the fog storage architecture.
Some authentication protocols which have been proposed for fog computing systems were
described in many articles. However, only a few of them can achieve privacy preservation. The
first type of such authentication protocols uses symmetric key encryption algorithmsdue to their
low computational cost [11][21][22]. However, these protocols can be attacked by man-in-the-
middle attacks, and the privacy information will inevitably be revealed. Another drawback of
these protocols is the inherent scalability problem for privacy preservation, which makes them
undoubtedly impractical. The second type of such authentication protocols updates an end-
device’s credentials regularly[13][24][25]. However, during the validity period of the credential,
the strong identity of an end-device can still be tracked. Furthermore, such protocols require each
end-device to store a large number of certifications and pseudonyms, which means that it is
difficult to remove a compromised end-device. The third type of such authentication protocols
uses a delegation-based mechanism [5]. The advantage is their low computational cost, but the
disadvantage is that the privacy-preserving property cannot be easily achieved. To overcome this
limitation, we proposed a three-factor authentication using both smart card and biometrics.
3. SECURITY CHALLENGES
In spite of the fact that Fog Computing can play a central role in delivering a rich portfolio of
services more effectively and efficiently to end users, it could impose security and privacy
challenges. The major security and privacy challenges in fog computing are summarized below.
TRUST MODEL.
Trust models based on reputation have been successfully deployed in many scenarios such as
online social networks. Reputation-based trust model proposed by [10]has been successful in
eCommerce, peer-to-peer (P2P), user reviews and online social networks.
Research conducted by[7], proposed a robust reputation system for resource selection in P2P
networks using a distributed polling algorithm to assess the reliability of a resource before
downloading. In designing a fog computing reputation-based reputation system, we may need to
tackle issues such as
a) How to achieve persistent, unique, and distinct identity,
b) How to treat intentional and accidental misbehavior,
c) How to conduct punishment and redemption of reputation.
4. International Journal of Network Security & Its Applications (IJNSA) Vol. 10, No.6, November 2018
38
There are also trusting models based on special hardware such as Secure Element (SE), Trusted
Execution Environment (TEE), or Trusted Platform Module (TPM), which can provide trust
utility in fog computing applications[17].
Research conducted by[18], it wassuggestedthat to design a trust model based on reputation in the
IoT, we need to tackle how to maintain the service reliability and prevent accidental failures,
handle and identify misbehavior issues, identify malicious behavior correctly, and bootstrap
building a trust model based on reputation in large-scale networks.
ROGUE FOG NODE
A rogue fog node would be a fog device or fog instance that pretends to be legitimate and coaxes
end users to connect to it. For example, in an insider attack, a fog administrator may be
authorized to manage fog instances, but may instantiate a rogue fog instance rather than a
legitimate one. [20] have demonstrated the feasibility of man-in-the-middle attack in fog
computing, before which the gateway should be either compromised or replaced by a fake one.
Once connected, the adversary can manipulate the incoming and outgoing requests from end
users or fog, collect or tamper user data stealthily, and easily launch further attacks.The existence
of fake fog node will be a big threat to user data security and privacy. This problem is hard to
address in fog computing due to several reasons
a) Complex trust situation calls for different trust management schemes,
b) Dynamic creating, deleting of virtual machine instance make it hard to maintain a
blacklist of rogue nodes.
A rogue IoT node has the potential to misuse users' data or provides malicious data to
neighboring nodes to disrupt their behaviors. Addressing this problem could be difficult in the
IoT due to the complexity in trust management in various schemes. However, a trust
measurement-based model could be applied to detect rogue nodes in IoT environments' which can
provide limited security protection.
AUTHENTICATION
Authentication is an important issue for the security of fog computing since services are offered
to massive-scale end users by front fog nodes. [20] have considered the main security issue of fog
computing as the authentication at different levels of fog nodes. Traditional PKI-based
authentication is not efficient and has poor scalability. [2] have proposed a cheap, secure and
user-friendly solution to the authentication problem in local ad-hoc wireless network, relying on a
physical contact for pre-authentication in a location-limited channel.
As the emergence of biometric authentication in mobile computing and fog computing, such as
fingerprint authentication, face authentication, touch-based or keystroke-based authentication,
etc., it will be beneficial to apply biometric-based authentication in fog computing.
5. International Journal of Network Security & Its Applications (IJNSA) Vol. 10, No.6, November 2018
39
ACCESS CONTROL
As per [1], Access control is a security technique to ensure that only authorized entities can
access a certain resource, such as an IoT device, or the collected data. In the IoT, we need access
control to make sure that only trusted parties can perform a given action such as accessing IoT
device data, issuing a command to an IoT device, or updating IoT device software.
Research conducted by[9],propose a policy-based resource access control in fog computing, to
support secure collaboration and interoperability between heterogeneous resources. In fog
computing, how to design access control spanning client-fog-fog, at the same time meet the
designing goals and resource constraints will be challenging.
INTRUSION DETECTION
As per [15],Intrusion detection techniques are widely deployed in fog system to mitigate attacks
such as insider attack, flooding attack, port scanning, attacks on VM and hypervisor. In fog
computing, Intrusion Detection System (IDS) can be deployed on fog node system side to detect
intrusive behavior by monitoring and analyzing log file, access control policies and user login
information. They can also be deployed at the fog network side to detect malicious attacks such
as denial-of-service (DoS), port scanning, etc. In fog computing, it provides new opportunities to
investigate how fog computing can help with intrusion detection on both client-side and the
centralized fog side.
Research conducted by[19], a foglet mesh based security framework which can detection
intrusion to distance fog, securing communication among mobile devices, foglet and fog. There
are also challenges such as implementing intrusion detection in geo-distributed, large-scale, high-
mobility fog computing environ men to meet the low-latency requirement.
4. BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
SERVICES – A PROTOTYPE
Biometric identification is utilized to verify a person’s identity by measuring digitally certain
human characteristics and comparing those measurements with those that have been stored in a
template for that same person. Details can be found in [10]. Templates can be stored at the
biometric device, the institution’s database, a user’s smart card, or a Trusted Third Party service
provider’s database. There are two major categories of biometric techniques: physiological
(fingerprint verification, iris analysis, hand geometry-vein patterns, ear recognition, odor
detection, DNA pattern analysis and sweat pores analysis), and behavioral (handwritten signature
verification, keystroke analysis and speech analysis) [16].Research conducted by[8], it was found
that behavior-based systems were perceived as less acceptable than those based on physiological
characteristics. Of the physiological techniques, the most commonly utilized is that of fingerprint
scanning. With biometrics, fraudulent incidents can be minimized, as an added layer of
authentication is now introduced that ensures that even with the correct pin information and in
possession of another person's card, the user’s biometric features cannot easily be faked. The
advantages of this may include: all attributes of the cards will be maintained, counterfeiting
attempts are reduced due to enrolment process that verifies identity and captures biometrics, and
it will be extremely high security and excellent user-to-card authentication. These advantages are
6. International Journal of Network Security & Its Applications (IJNSA) Vol. 10, No.6, November 2018
40
for the benefit of users as well as system administrators because the problems and costs
associated with lost, reissued or temporarily issued can be avoided, thus saving some costs of the
system management.
On the negative side, the major risk posed by the use of biometric systems is that a malicious
subject may interfere with the communication and intercept the biometric template and use it later
to obtain access [14]. Likewise, an attack may be committed by generating a template from a
fingerprint obtained from some surface. Although few biometric systems are fast and accurate in
terms of low false acceptance rate enough to allow identification (automatically recognizing the
user identity), most of the current systems are suitable for the verification only, as the false
acceptance rate is too high.
The proposed design uses a maximum of 8 characters, numbers or mix of both PIN and
fingerprint as verification factors of the authentication process. ACOS smartcards and AET60
BioCARDKey development kit were used in the proposed design. In the verification part, the
users have to submit the correct PIN DES encrypted current session key to get access to the next
level. Users have 3 successful attempts to enter the correct PIN, else the cards will be locked and
render it to useless. Lastly, Authors use the fingerprint as the biometric identifiers as it takes
shortest enrollment time. The proposed design involves two phases namely the enrollment phase
and verification phase. Each of the phases is briefly described below.
Enrollment - Prior to an individual being identified or verified by a biometric device, the
enrollment process must be completed. The objective of this enrollment process is to create a
profile of the user. The process consists of the following two steps. The screenshots of the
prototype are shown in figure also shown in figure 3:
1. Sample Capture: the user allows for a minimum of two or three biometric readings, for
example: placing a finger in a fingerprint reader. The quality of the samples, together
with the number of samples taken, will influence the level of accuracy at the time of
validation. Not all samples are stored; the technology analyzes and measures various data
points unique to each individual. The number of measured data points varies in
accordance to the type of device.
2. Conversion and Encryption: the individual’s measurements and data points are converted
to a mathematical algorithm and encrypted. These algorithms are extremely complex and
cannot be reversed engineered to obtain the original image. The algorithm may then be
stored as a user’s template in a number of places including servers and card.
A new and blank card has to be enrolled with user details before it can be verified later.
Enrollment system is usually operated by the admin to enter their user's details into the card.
However, the exception applies to the PIN entry where it should be entered by the user
themselves and need to enter the PIN again to make sure they enter the correct ones.
7. International Journal of Network Security & Its Applications (IJNSA) Vol. 10, No.6, November 2018
41
Figure2: Flowchart for the Enrollment Process
Figure3: Enrollment Process
Identification and Verification - Once the individual has been enrolled in a system, he/she
can start to use biometric technology to have access the enrolled services from the fog database
server. The screenshots of the prototype are shown in the figure also shown in figure 5:
1. Identification: a one-to-many match. The user provides a biometric sample and the
system looks at all user templates in the database. If there is a match, the user is granted
access, otherwise, it is declined.
2. Verification: a one-to-one match requiring the user provides identification such as a PIN
and valid card in addition to the biometric sample. In other words, the user is establishing
who he/she is and the system simply verifies if this is correct. The biometric sample with
the provided identification is compared to the previously stored information in the
database. If there is a match, access is provided, otherwise, it is declined.
8. International Journal of Network Security & Its Applications (IJNSA) Vol. 10, No.6, November 2018
42
Figure4: Flowchart for the Verification Process
Figure5: Verification Process
After the card has been enrolled with user data, this particular card will be the user’s ID. The PIN
and fingerprint sample from the user wasalso encrypted and save into the card. In order to get
access the fog server, the user has to present the card to the card reader, and then verify the PIN
and lastly matched their fingerprint detail with the card. The sequence diagram in Figure 6 below
summarizes the verification process.
9. International Journal of Network Security & Its Applications (IJNSA) Vol. 10, No.6, November 2018
43
Figure 6: Process for granting access to service
5. CONCLUSION
In this paper, authors have explained the concepts of fog computing, and authors have presented
the benefits, properties, and characteristics of fog computing and security issue related to it. On
the other hand, authors have explained how to achieve the authentication of fog computing using
the three-factor authentication method. Authors designed the new efficient model based on
fingerprint, the implemented model works on storage all the user's fingerprints with their
password on fog server
6. FUTURE STUDY
Biometrics increasingly form the basis of identification and recognition across many sensitive
applications. But as the use of biometric systems increases, so do the threats against them. The
secure storage of biometric templates has therefore, become a key issue in the modern era; the
acceptance of biometric authentication devices by the general public is dependent on the
perceived level of security of biometric information templates stored within databases. Privacy
concerns have grown because a biometric template is a unique identifier of a person. And while
the template cannot be decoded back to the biometric data, it may be used to track the individual.
If there is a database that ties the user to their unique biometric template, it could be used illegally
to monitor the activities of the user. Such threats need to be addressed, and one potential solution
is cancellable biometrics. This is a template transformation technique that uses intentional
repeated distortions to provide security to biometric templates; the distortions can be performed
either at the signal level or at the feature level to achieve a transformed template. It is therefore
important for further studies on cancellable biometrics and its application in IoT
REFERENCES
[1] Alrawais, A., Alhothaily, A., Hu, C., & Chang, X. (2017). Fog Computing for the Internet of Things:
Security and Privacy Issues. IEEE Internet Computing, vol. 21, no. , pp. 34-42
10. International Journal of Network Security & Its Applications (IJNSA) Vol. 10, No.6, November 2018
44
[2] Balfanz, D., Smetters, D.K., Stewart, P., & Wong, H.C. (2002). Talking to strangers: authentication in
ad-hoc wireless networks. Network and Distributed System Security Symposium (NDSS). San
Diego, CA USA.
[3] Bonomi, F., Milito, R., Zhu, J., &Addepalli, S.(2012). Fog computing and its role in the internet of
things. In Proceedings of the first edition of the MCC workshop on Mobile cloud computing. pp 13-
16
[4] Maher, A.(2015). IoT, from Cloud to Fog Computing (Cisco Blogs). Retrieved November 02, 2018,
fromhttps://blogs.cisco.com/perspectives/iot-from-cloud-to-fog-computing
Calandriello, G., Papadimitratos, P., Hubaux, J-P., &Lioy, A. (2007). , Efficient and robust
pseudonymous authentication in VANET, in: Proc. VANET, pp. 19–28.
[5] Chang, C.,& Tsai, H.-C (2010). An anonymous and self-verified mobile authentication with
authenticated key agreement for large-scale wireless networks, IEEE Trans. Wireless
Communication. 9 (11) pp. 3346–3353.
[6] Cisco the network in review (2015). Retrieved September 02, 2017, from
http://newsroom.cisco.com/featurecontent?type=webcontent&articleId=1365576
[7] Damiani, E., Vimercati, D.C., Paraboshi, S., Samarati, P., &Violante, F. (2002). A reputation-based
approach for choosing reliable resources in peer-to-peer networks. Proc. of the 9th ACM conference
on Computer and communications security, pp. 207-216.
[8] Deane, F.,Barrelle, K., Henderson, R., & Mahar, D. (2005). Perceived acceptability of biometric
security systems. Computers & Security, Vol. 14, N. 3, pp. 225-231.
[9] Dsouza, C., Ahn, G.J., &Taguinod, M. (2014). Policy-driven security management for fog computing:
preliminary framework and a case study”. Proceedings of the 2014 IEEE 15th International
Conference on Information Reuse and Integration (IEEE IRI).
[10] Gemalto (2018). Biometrics: authentication and identification (2018)- A case study. Retrieve 07
September, 2018, from https://www.gemalto.com/govt/inspired/biometrics
[11] He, D., Ma, M., Zhang, Y., Chen, C., & Bu, J. (2011). A strong user authentication scheme with
smart cards for wireless communications, Computer Communications. 34 (3) 367–374.
[12] Josang, A., Ismail, R., & Boyd, C.(2007). A survey of trust and reputation systems for online service
provision. Decis. Support Syst. 43(2), 618–644.
[13] Lu, R., Lin, X., Liang, X., & Shen, X. (2010). FLIP: An efficient privacy-preserving protocol for
finding like-minded vehicles on the road, in: Proc. IEEE Globecom, pp. 1–5.
[14] Luca, B., Bistarelli, S. &Vaccarelli, A. (2002). Biometrics authentication with smartcard. IIT TR-
08/2002, Retrieved October, 9, 2017, fromhttp://www.iat.cnr.it/attivita/progetti/parametri
biomedici.html
[15] Modi, C., Patel, D., Patel, H., Borisaniya, B., Patel, A. & Rajarajan, M. (2013). A survey of intrusion
detection techniques in Cloud. Journal of Network and Computer Applications, 36(1), pp. 42-57
[16] Renu Bhatia (2013), Biometrics and Face Recognition Techniques, International Journal of Advanced
Research in Computer Science and Software Engineering Vol. 3, Issue 5, pp 93-99
[17] Sean W. S. & Vernon A. (1998). Trusting Trusted Hardware: Towards a Formal Model for
Programmable Secure Coprocessors. Proceedings of the 3rd USENIX Workshop on Electronic
Commerce. Boston, Massachusetts, USA.
[18] Shanhe, Yi,.Zhengrui, Q., &Qun, Li. (2015). Security and Privacy Issues of Fog Computing: A
Survey. Proc. Int'l Conf. Wireless Algorithms Systems and Applications (WASA) 2015, LNCS 9204,
pp. 685–695.
11. International Journal of Network Security & Its Applications (IJNSA) Vol. 10, No.6, November 2018
[19] Shi, Y., Abhilash, S., & Hwang, K.(2015). Cloudlet mesh for securing mobile fogs from intrusions
and network attacks. In: 3rd IEEE International
and Engineering. pp. 1096-118
[20] Stojmenovic, I., & Wen, S.(2014). The fog computing paradigm: scenarios and security issues. In:
Proc. of the 2014 Federated Conference on Computer Science and Information
conference. pp. 1-8.
[21] Tsai, H., Chang, C., & Chan, K. (2009). Roaming across wireless local area networks using SIM
based authentication protocol, Computer Standard Interfaces 31 (2) pp.381
[22] Tsai, Y. & Chang, C. (2006) , SIM
networks, Computer Communications. 29 (10) pp. 1744
[23] Vaquero, L.M., &Rodero-Merino, L. (2014). Finding your way in the fog: towards a comprehensive
definition of fog computing. ACM SIGCOMM CCR44(5), 27
[24] Zhu, H., Lin, X., Lu, R., Ho, P., & Shen, X. (2008). AEMA: An aggregated emergency message
authentication scheme for enhancing the security of vehicular Ad Hoc networks, in: Proc. IEEE ICC,
pp. 1436–1440.
[25] Calandriello, G., Papadimitratos, P., Hubaux, J
pseudonymous authentication in VANET, in: Proc. VANET, pp. 19
[26] How to Geek (2014). What is Fog Computing? Retrieved September 02, 2017, From
https://www.howtogeek.com/185876/what
Author
Kashif Munir received his BSc degree in Mathematics and Physics from Islamia
University Bahawalpur, Pakistan in 1999. He received his MSc degree in
Information Technology from University Sains Malaysia in 2001. He also obtained
another MS degree in Software Engineerin
2005. He completed his PhD in Informatics from Malaysia University of Science
and Technology, Malaysia. His research interests are in the areas of Cloud
Computing Security, Software Engineering, and Project Manageme
published journal, conference papers and book chapters.
Kashif Munir has been in the field of higher education since 2002. After an initial teaching experience with
courses in Stamford College, Malaysia for around four years, he later relocated
with King Fahd University of Petroleum and Minerals, KSA from September 2006 till December 2014. He
moved into University of Hafr Al-Batin, KSA in January 2015.
Kashif Munir is a researcher and published author/editor of
such as Security in Cloud Computing, Mobile Cloud and Green Enterprises,
(https://www.amazon.com/Kashif-Munir/e/B079KP1LFJ
Lawan A. Mohammad, Holds a PhD degree in computer and communication systems engineering from
University Putra Malaysia. Research interest include smartcard security, authentication protocols, wireless
and mobile security, biometrics, mathematical programming and e
International Journal of Network Security & Its Applications (IJNSA) Vol. 10, No.6, November 2018
Shi, Y., Abhilash, S., & Hwang, K.(2015). Cloudlet mesh for securing mobile fogs from intrusions
and network attacks. In: 3rd IEEE International Conference on Mobile Cloud Computing, Services,
Stojmenovic, I., & Wen, S.(2014). The fog computing paradigm: scenarios and security issues. In:
Proc. of the 2014 Federated Conference on Computer Science and Information Systems (FedCSIS)
Tsai, H., Chang, C., & Chan, K. (2009). Roaming across wireless local area networks using SIM
based authentication protocol, Computer Standard Interfaces 31 (2) pp.381–389.
SIM-based subscriber authentication mechanism for wireless local area
networks, Computer Communications. 29 (10) pp. 1744–1753.
Merino, L. (2014). Finding your way in the fog: towards a comprehensive
g. ACM SIGCOMM CCR44(5), 27–32
Zhu, H., Lin, X., Lu, R., Ho, P., & Shen, X. (2008). AEMA: An aggregated emergency message
authentication scheme for enhancing the security of vehicular Ad Hoc networks, in: Proc. IEEE ICC,
iello, G., Papadimitratos, P., Hubaux, J-P., &Lioy, A. (2007). , Efficient and robust
pseudonymous authentication in VANET, in: Proc. VANET, pp. 19–28.
[26] How to Geek (2014). What is Fog Computing? Retrieved September 02, 2017, From
https://www.howtogeek.com/185876/what-is-fog-computing/
received his BSc degree in Mathematics and Physics from Islamia
University Bahawalpur, Pakistan in 1999. He received his MSc degree in
Information Technology from University Sains Malaysia in 2001. He also obtained
another MS degree in Software Engineering from University of Malaya, Malaysia in
2005. He completed his PhD in Informatics from Malaysia University of Science
and Technology, Malaysia. His research interests are in the areas of Cloud
Computing Security, Software Engineering, and Project Management. He has
published journal, conference papers and book chapters.
Kashif Munir has been in the field of higher education since 2002. After an initial teaching experience with
courses in Stamford College, Malaysia for around four years, he later relocated to Saudi Arabia. He worked
with King Fahd University of Petroleum and Minerals, KSA from September 2006 till December 2014. He
Batin, KSA in January 2015.
Kashif Munir is a researcher and published author/editor of 4 books on cloud computing including subjects
such as Security in Cloud Computing, Mobile Cloud and Green Enterprises,
Munir/e/B079KP1LFJ).
PhD degree in computer and communication systems engineering from
University Putra Malaysia. Research interest include smartcard security, authentication protocols, wireless
and mobile security, biometrics, mathematical programming and e-learning.
International Journal of Network Security & Its Applications (IJNSA) Vol. 10, No.6, November 2018
45
Shi, Y., Abhilash, S., & Hwang, K.(2015). Cloudlet mesh for securing mobile fogs from intrusions
Conference on Mobile Cloud Computing, Services,
Stojmenovic, I., & Wen, S.(2014). The fog computing paradigm: scenarios and security issues. In:
Systems (FedCSIS)
Tsai, H., Chang, C., & Chan, K. (2009). Roaming across wireless local area networks using SIM-
based subscriber authentication mechanism for wireless local area
Merino, L. (2014). Finding your way in the fog: towards a comprehensive
Zhu, H., Lin, X., Lu, R., Ho, P., & Shen, X. (2008). AEMA: An aggregated emergency message
authentication scheme for enhancing the security of vehicular Ad Hoc networks, in: Proc. IEEE ICC,
P., &Lioy, A. (2007). , Efficient and robust
[26] How to Geek (2014). What is Fog Computing? Retrieved September 02, 2017, From
Kashif Munir has been in the field of higher education since 2002. After an initial teaching experience with
to Saudi Arabia. He worked
with King Fahd University of Petroleum and Minerals, KSA from September 2006 till December 2014. He
on cloud computing including subjects
such as Security in Cloud Computing, Mobile Cloud and Green Enterprises,
PhD degree in computer and communication systems engineering from
University Putra Malaysia. Research interest include smartcard security, authentication protocols, wireless