This document summarizes a research paper on providing privacy and security in cloud Database-as-a-Service. The paper proposes using a RADIUS server for authentication, authorization, and accounting to secure the cloud service provider's main server and data center storing user databases. When users access or store data in the cloud data center, their passwords will be used to encrypt and decrypt their data, providing privacy while the RADIUS server monitors access.
CLOUD COMPUTING: SECURITY ISSUES AND CHALLENGESP singh
Cloud storage is defined as "the storage of data online in the cloud," wherein a company's data is stored in and accessible from multiple distributed and connected resources that comprise a cloud. Although cloud service providers implement the best security standards and industry certifications, storing data and important files on external service providers always opens up risks. Using cloud-powered technologies means you need to provide your service provider with access to important business data. Meanwhile, being a public service opens up cloud service providers to security challenges on a routine basis. The ease in procuring and accessing cloud services can also give nefarious users the ability to scan, identify and exploit loopholes and vulnerabilities within a system. For instance, in a multi-tenant cloud architecture where multiple users are hosted on the same server, a hacker might try to break into the data of other users hosted and stored on the same server. The following paper deals with the service models of cloud computing along with types of cloud computing & characteristics of cloud. Further challenges and security issues in cloud computing is also discussed and at last conclusion and future demand for research in the field of cloud computing.
SURVEY ON KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARINGEditor IJMTER
Public-key cryptosystems produce constant-size cipher texts with efficient delegation
of decryption rights for any set of cipher texts. One can aggregate any set of secret keys and make
them as compact as a single key. The secret key holder can release a constant-size aggregate key for
flexible choices of cipher text set in cloud storage. In KAC, users encrypt a message not only under a
public-key, but also under an identifier of cipher text called class. That means the cipher texts are
further categorized into different classes. The key owner holds a master-secret called master-secret
key, which can be used to extract secret keys for different classes. More importantly, the extracted
key have can be an aggregate key which is as compact as a secret key for a single class, but
aggregates the power of many such keys, i.e., the decryption power for any subset of cipher text
classes. The key aggregate cryptosystem is enhanced with boundary less cipher text classes. The
system is improved with device independent key distribution mechanism. The key distribution
process is enhanced with security features to protect key leakage. The key parameter transmission
process is integrated with the cipher text download process.
The success of application deployment on cloud depends a lot on the architecture style which in turn depends on your business needs. This presentation talks about the commonly used Architecture and business use cases.
Though service-oriented architecture advocates "everything as a service" (with the acronyms EaaS or XaaS,[62] or simply aas), cloud-computing providers offer their "services" according to different models, of which the three standard models per NIST are Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS).[61] These models offer increasing abstraction; they are thus often portrayed as a layers in a stack: infrastructure-, platform- and software-as-a-service, but these need not be related.
Cloud computing is the on-demand availability of computer system resources, especially data storage and computing power, without direct active management by the user. The term is generally used to describe data centers available to many users over the Internet.
CLOUD COMPUTING: SECURITY ISSUES AND CHALLENGESP singh
Cloud storage is defined as "the storage of data online in the cloud," wherein a company's data is stored in and accessible from multiple distributed and connected resources that comprise a cloud. Although cloud service providers implement the best security standards and industry certifications, storing data and important files on external service providers always opens up risks. Using cloud-powered technologies means you need to provide your service provider with access to important business data. Meanwhile, being a public service opens up cloud service providers to security challenges on a routine basis. The ease in procuring and accessing cloud services can also give nefarious users the ability to scan, identify and exploit loopholes and vulnerabilities within a system. For instance, in a multi-tenant cloud architecture where multiple users are hosted on the same server, a hacker might try to break into the data of other users hosted and stored on the same server. The following paper deals with the service models of cloud computing along with types of cloud computing & characteristics of cloud. Further challenges and security issues in cloud computing is also discussed and at last conclusion and future demand for research in the field of cloud computing.
SURVEY ON KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARINGEditor IJMTER
Public-key cryptosystems produce constant-size cipher texts with efficient delegation
of decryption rights for any set of cipher texts. One can aggregate any set of secret keys and make
them as compact as a single key. The secret key holder can release a constant-size aggregate key for
flexible choices of cipher text set in cloud storage. In KAC, users encrypt a message not only under a
public-key, but also under an identifier of cipher text called class. That means the cipher texts are
further categorized into different classes. The key owner holds a master-secret called master-secret
key, which can be used to extract secret keys for different classes. More importantly, the extracted
key have can be an aggregate key which is as compact as a secret key for a single class, but
aggregates the power of many such keys, i.e., the decryption power for any subset of cipher text
classes. The key aggregate cryptosystem is enhanced with boundary less cipher text classes. The
system is improved with device independent key distribution mechanism. The key distribution
process is enhanced with security features to protect key leakage. The key parameter transmission
process is integrated with the cipher text download process.
The success of application deployment on cloud depends a lot on the architecture style which in turn depends on your business needs. This presentation talks about the commonly used Architecture and business use cases.
Though service-oriented architecture advocates "everything as a service" (with the acronyms EaaS or XaaS,[62] or simply aas), cloud-computing providers offer their "services" according to different models, of which the three standard models per NIST are Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS).[61] These models offer increasing abstraction; they are thus often portrayed as a layers in a stack: infrastructure-, platform- and software-as-a-service, but these need not be related.
Cloud computing is the on-demand availability of computer system resources, especially data storage and computing power, without direct active management by the user. The term is generally used to describe data centers available to many users over the Internet.
In 1999, Salesforce.com started delivering of applications to users using a simple website. The applications were delivered to enterprises over the Internet, and this way the dream of computing sold as utility were true.
In 2002, Amazon started Amazon Web Services, providing services like storage, computation and even human intelligence. However, only starting with the launch of the Elastic Compute Cloud in 2006 a truly commercial service open to everybody existed.
In 2009, Google Apps also started to provide cloud computing enterprise applications.
The availability of high-capacity networks, low-cost computers and storage devices as well as the widespread adoption of hardware virtualization, service-oriented architecture and autonomic and utility computing has led to growth in cloud computing.By 2019, Linux was the most used type of operating systems used, including in Microsoft's offering and thus described as dominant.
Overview of cloud computing architectureeSAT Journals
Abstract
This Research paper explores cloud computing architecture, service delivery models, Security & Privacy Issues and Trust Challenges. Evaluates all three service delivery models Software-as-a-Service (Saas), Platform-as-a-Service (PaaS) and Infrastructure-as-a-service (IaaS) and their deployment, requirements and services they provide. In the next section Security & Privacy Issues has been discussed and focus is on potential reasons for them to cause. Also discusses the lack of common cloud security standards with constructive discussion on public cloud providers and on their proprietary security standards. Overview on Challenges with Trust between Cloud provider and cloud user and suggests solutions for inculcating trust among cloud provider and cloud user with the help of trusted thrid party. Solutions and recommendations are suggested to safeguard user Data in the cloud by implementing Data security measures such as use of Crypotography and Trusted platform module (TPM), Data integrity etc. This research paper also focuses on future scope of cloud computing and its evolution in the field of outsourcing and urges on the need of global security standards for mitigating security issues, privacy threats and Trust challenges for wide acceptance of cloud computing in organizations. Keywords: Cloud Computing Challenges, Service Delivery Models, Data Security, Security & Privacy Issues, Trust
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Cloud infrastructure mechanisms are foundational building blocks of cloud environments that establish primary artifacts to form the basis of fundamental cloud technology architecture.
Comparison of Several IaaS Cloud Computing Platformsijsrd.com
Today, the question is less about whether or not to use Infrastructure as a Services (IaaS), but rather which providers to use. Cloud infrastructure services, known as Infrastructure as a Service (IaaS), are self-service models for accessing, monitoring, and managing remote data center infrastructures, such as compute, storage, networking, and networking services. Instead of having to purchase hardware outright, users can purchase Infrastructure as a Service (IaaS) based on consumption, similar to electricity or other utility billing. Most providers offer the core services of server instances, storage and load balancing. When choosing and evaluating a service, it is important to look at issues around location, resiliency and security as well as the features and cost. In order to evaluate which provider best suits requirements.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
“The chapter is organized into two primary sections that explore cloud delivery model issues pertaining to cloud providers and cloud consumers respectively.”
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITE...Pushpa
we discuss security issues for cloud computing and present a layered framework for secure clouds and then focus on two of the layers, i.e., the storage layer and the data layer. In particular, we discuss a scheme for secure third party publications of documents in a cloud. Next, we will converse secure federated query processing with map Reduce and Hadoop, and discuss the use of secure co-processors for cloud computing. Finally, we discuss XACML implementation for Hadoop and discuss their beliefs that building trusted applications from untrusted components will be a major aspect of secure
cloud computing.
A Novel Computing Paradigm for Data Protection in Cloud ComputingIJMER
International Journal of Modern Engineering Research (IJMER) is Peer reviewed, online Journal. It serves as an international archival forum of scholarly research related to engineering and science education.
International Journal of Modern Engineering Research (IJMER) covers all the fields of engineering and science: Electrical Engineering, Mechanical Engineering, Civil Engineering, Chemical Engineering, Computer Engineering, Agricultural Engineering, Aerospace Engineering, Thermodynamics, Structural Engineering, Control Engineering, Robotics, Mechatronics, Fluid Mechanics, Nanotechnology, Simulators, Web-based Learning, Remote Laboratories, Engineering Design Methods, Education Research, Students' Satisfaction and Motivation, Global Projects, and Assessment…. And many more.
“The upcoming sections cover introductory topic areas pertaining to the fundamental models used to categorize and define clouds and their most common service offerings, along with definitions of organizational roles and the specific set of characteristics that collectively distinguish a cloud.”
Pulse Compression Sequence (PCS) are widely used in radar to increase the range resolution. Binary sequence has the limitation that the compression ratio is small. Ternary code is suggested as an alternative. The design of ternary sequence with good Discriminating Factor (DF) and merit factor can be considered as a nonlinear multivariable optimization problem which is difficult to solve. In this paper, we proposed a new method for designing ternary sequence by using Modified Simulated Annealing Algorithm (MSAA). The general features such as global convergence and robustness of the statistical algorithm are revealed.
In 1999, Salesforce.com started delivering of applications to users using a simple website. The applications were delivered to enterprises over the Internet, and this way the dream of computing sold as utility were true.
In 2002, Amazon started Amazon Web Services, providing services like storage, computation and even human intelligence. However, only starting with the launch of the Elastic Compute Cloud in 2006 a truly commercial service open to everybody existed.
In 2009, Google Apps also started to provide cloud computing enterprise applications.
The availability of high-capacity networks, low-cost computers and storage devices as well as the widespread adoption of hardware virtualization, service-oriented architecture and autonomic and utility computing has led to growth in cloud computing.By 2019, Linux was the most used type of operating systems used, including in Microsoft's offering and thus described as dominant.
Overview of cloud computing architectureeSAT Journals
Abstract
This Research paper explores cloud computing architecture, service delivery models, Security & Privacy Issues and Trust Challenges. Evaluates all three service delivery models Software-as-a-Service (Saas), Platform-as-a-Service (PaaS) and Infrastructure-as-a-service (IaaS) and their deployment, requirements and services they provide. In the next section Security & Privacy Issues has been discussed and focus is on potential reasons for them to cause. Also discusses the lack of common cloud security standards with constructive discussion on public cloud providers and on their proprietary security standards. Overview on Challenges with Trust between Cloud provider and cloud user and suggests solutions for inculcating trust among cloud provider and cloud user with the help of trusted thrid party. Solutions and recommendations are suggested to safeguard user Data in the cloud by implementing Data security measures such as use of Crypotography and Trusted platform module (TPM), Data integrity etc. This research paper also focuses on future scope of cloud computing and its evolution in the field of outsourcing and urges on the need of global security standards for mitigating security issues, privacy threats and Trust challenges for wide acceptance of cloud computing in organizations. Keywords: Cloud Computing Challenges, Service Delivery Models, Data Security, Security & Privacy Issues, Trust
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Cloud infrastructure mechanisms are foundational building blocks of cloud environments that establish primary artifacts to form the basis of fundamental cloud technology architecture.
Comparison of Several IaaS Cloud Computing Platformsijsrd.com
Today, the question is less about whether or not to use Infrastructure as a Services (IaaS), but rather which providers to use. Cloud infrastructure services, known as Infrastructure as a Service (IaaS), are self-service models for accessing, monitoring, and managing remote data center infrastructures, such as compute, storage, networking, and networking services. Instead of having to purchase hardware outright, users can purchase Infrastructure as a Service (IaaS) based on consumption, similar to electricity or other utility billing. Most providers offer the core services of server instances, storage and load balancing. When choosing and evaluating a service, it is important to look at issues around location, resiliency and security as well as the features and cost. In order to evaluate which provider best suits requirements.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
“The chapter is organized into two primary sections that explore cloud delivery model issues pertaining to cloud providers and cloud consumers respectively.”
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITE...Pushpa
we discuss security issues for cloud computing and present a layered framework for secure clouds and then focus on two of the layers, i.e., the storage layer and the data layer. In particular, we discuss a scheme for secure third party publications of documents in a cloud. Next, we will converse secure federated query processing with map Reduce and Hadoop, and discuss the use of secure co-processors for cloud computing. Finally, we discuss XACML implementation for Hadoop and discuss their beliefs that building trusted applications from untrusted components will be a major aspect of secure
cloud computing.
A Novel Computing Paradigm for Data Protection in Cloud ComputingIJMER
International Journal of Modern Engineering Research (IJMER) is Peer reviewed, online Journal. It serves as an international archival forum of scholarly research related to engineering and science education.
International Journal of Modern Engineering Research (IJMER) covers all the fields of engineering and science: Electrical Engineering, Mechanical Engineering, Civil Engineering, Chemical Engineering, Computer Engineering, Agricultural Engineering, Aerospace Engineering, Thermodynamics, Structural Engineering, Control Engineering, Robotics, Mechatronics, Fluid Mechanics, Nanotechnology, Simulators, Web-based Learning, Remote Laboratories, Engineering Design Methods, Education Research, Students' Satisfaction and Motivation, Global Projects, and Assessment…. And many more.
“The upcoming sections cover introductory topic areas pertaining to the fundamental models used to categorize and define clouds and their most common service offerings, along with definitions of organizational roles and the specific set of characteristics that collectively distinguish a cloud.”
Pulse Compression Sequence (PCS) are widely used in radar to increase the range resolution. Binary sequence has the limitation that the compression ratio is small. Ternary code is suggested as an alternative. The design of ternary sequence with good Discriminating Factor (DF) and merit factor can be considered as a nonlinear multivariable optimization problem which is difficult to solve. In this paper, we proposed a new method for designing ternary sequence by using Modified Simulated Annealing Algorithm (MSAA). The general features such as global convergence and robustness of the statistical algorithm are revealed.
Traffic Detection System is an Android application that aims at determining the behavior of traffic in a particular location. It calculates the speed of the vehicle and the level of congestion or the amount of traffic is determined on the basis of the values of sensors. If any such obstruct found, then the driver is provided an option to send messages regarding high traffic to his/her friends. After a distinct number of repeated low speed and breaks, the location of the vehicle (latitude and longitude) send to a pre-specified contact (selected in case of traffic congestion) through an SMS. This application uses the features of the Global positioning system. The Latitude, as well as the longitude of the location where traffic jams are formed, is sent to the friends of the user. The Goggle map of the location also sends to the friends. It uses the SMS Manager a functionality of Android. The friends receiving the messages will thereby avoid taking the congested route and hence the level of traffic on the congested road will decrease, and the friends will reach the destination in comparatively less time.
Implementation and evaluation of novel scheduler of UC/OS (RTOS)Editor Jacotech
At present, there are more than a billion embedded applications either real time or non-real time. Among them, many appli cations require Prioritized queue of periodic tasks. UC/OS, one of the most widely Used real-time kernels in industry, has preemptive scheduler and doesn't Support two tasks at same priority level. This work proposes a modification in scheduler of UC/OS (RTOS) to make it more exible in handling a periodic and periodic task. The proposed scheduler allows assigning same priority to more than one task. Tasks with same priority are in queue, where their position is decided on first come (created) first Served basis. Time-slicing is used for scheduling tasks in same queue. Emendations in the task management and scheduler have been explained in detailed. Evaluation, to observe the effect of modified scheduling on Overhead of system calls is done on an evaluation board.
An educational overview of the Cloud Computing Ecosystem or Framework. This presentation is geared toward those who are just beginning to understand Cloud Computing.
A Secure Cloud Storage System with Data Forwarding using Proxy Re-encryption ...IJTET Journal
Cloud computing provides the facility to access shared resources and common support which contributes services on demand over the network to perform operations that meet changing business needs. A cloud storage system, consisting of a collection of storage servers, affords long-term storage services over the internet. Storing the data in a third party cloud system cause serious concern over data confidentiality, without considering the local infrastructure limitations, the cloud services allow the user to enjoy the cloud applications. As the different users may be working in the collaborative relationship, the data sharing becomes significant to achieve productive benefit during the data accessing. The existing security system only focuses on the authentication; it shows that user’s private data cannot be accessed by the fake users. To address the above cloud storage privacy issue shared authority based privacy-preserving authentication protocol is used. In the SAPA, the shared access authority is achieved by anonymous access request and privacy consideration, attribute based access control allows the user to access their own data fields. To provide the data sharing among the multiple users proxy re-encryption scheme is applied by the cloud server. The privacy-preserving data access authority sharing is attractive for multi-user collaborative cloud applications.
A Secure Cloud Storage System with Data Forwarding using Proxy Re-encryption ...IJTET Journal
Cloud computing provides the facility to access shared resources and common support which contributes services on
demand over the network to perform operations that meet changing business needs. A cloud storage system, consisting of a collection
of storage servers, affords long-term storage services over the internet. Storing the data in a third party cloud system cause serious
concern over data confidentiality, without considering the local infrastructure limitations, the cloud services allow the user to enjoy the
cloud applications. As the different users may be working in the collaborative relationship, the data sharing becomes significant to
achieve productive benefit during the data accessing. The existing security system only focuses on the authentication; it shows that
user’s private data cannot be accessed by the fake users. To address the above cloud storage privacy issue shared authority based
privacy-preserving authentication protocol is used. In the SAPA, the shared access authority is achieved by anonymous access request
and privacy consideration, attribute based access control allows the user to access their own data fields. To provide the data sharing
among the multiple users proxy re-encryption scheme is applied by the cloud server. The privacy-preserving data access authority
sharing is attractive for multi-user collaborative cloud applications.
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
An efficient and secure data storage in cloud computing using modified RSA pu...IJECEIAES
Cloud Computing is the ability to improve the utility or train new human resources without investing in new infrastructure, or add capabilities to existence without the latest software licensing. It expanded the capabilities of Information Technology (IT). From the past few years, cloud computing has developed from a good business concept in the best rising sectors of the IT industry. But more information on individuals and companies was put in the cloud, and concerns began to think about how secure the cloud environment was. Despite cloud surrounding structures, enterprise users still do not want to expand their business in the cloud. Security reduces the growth of cloud computing and continues to spread the market with complexity with data privacy and data protection. The security of cloud computing has constantly been an significant aspect of improved quality of service from cloud service providers. Data storage in the cloud has a problem related to data security. However, cloud computing construct many new security challenges which have not been well examine. In order to ensure that the user's data in the cloud is secure, we have proposed an effective mechanism with a distinctive feature of data integrity and privacy. This paper focusing on problems relating to the cloud data storage techniques and security in virtual environment. We recommend a method for providing data storage and security in cloud using public key Cryptosystem, which uses the concept of the modified RSA algorithm to provide better security for the data stored in the cloud.
Abstract--The paper identifies the issues and the solution to overcome these problems. Cloud computing is a subscription based service where we can obtain networked storage space and computer resources. This technology has the capacity to admittance a common collection of resources on request. It is the application provided in the form of service over the internet and system hardware in the data centers that gives these services. But having many advantages for IT organizations cloud has some issues that must be consider during its deployment. The main concern is security privacy and trust. There are various issues that need to be dealt with respect to security and privacy in a cloud computing scenario [4].
Keywords--Cloud, Issues, Security, Privacy, Resources, Technology.
A Secure, Scalable, Flexible and Fine-Grained Access Control Using Hierarchic...Editor IJCATR
Cloud Computing is going to be very popular technology in IT enterprises. For any enterprise the data stored is very huge
and invaluable. Since all tasks are performed through network it has become vital to have the secured use of legitimate data. In cloud
computing the most important matter of concern are data security and privacy along with flexibility, scalability and fine grained access
control of data being the other requirements to be maintained by cloud systems Access control is one of the prominent research topics
and hence various schemes have been proposed and implemented. But most of them do not provide flexibility, scalability and fine
grained access control of the data on the cloud. In order to address the issues of flexibility, scalability and fine grained access control
of remotely stored data on cloud we have proposed the hierarchical attribute set-based encryption (HASBE) which is the extension of
attribute- set-based encryption(ASBE) with a hierarchical structure of users. The proposed scheme achieves scalability by handling the
authority to appropriate entity in the hierarchical structure, inherits flexibility by allowing easy transfer and access to the data in case
of location switch. It provides fine grained access control of data by showing only the requested and authorized details to the user thus
improving the performance of the system. In addition, it provides efficient user revocation within expiration time, request to view
extra-attributes and privacy in the intra-level hierarchy is achieved. Thus the scheme is implemented to show that is efficient in access
control of data as well as security of data stored on cloud with comprehensive experiments
NEW SECURE CONCURRECY MANEGMENT APPROACH FOR DISTRIBUTED AND CONCURRENT ACCES...ijiert bestjournal
Handover the critical data to the cloud provider sh ould have the guarantee of security and availabilit y for data at rest,in motion,and in use. Many alternatives sys tems exist for storage services,but the data confi dentiality in the database as a service paradigm are still immature. We propose a novel architecture that integrates clo ud database services paradigm with data confidentiality and exe cuting concurrent operations on encrypted data. Thi s is the method supporting geographically distributed client s to connect directly and access to an encrypted cl oud database,and to execute concurrent and independent operation s by using modifying the database structure. The proposed architecture has also the more advanta ge of removing intermediate proxies that limit the flexibility,availability,and expandability properties that are inbuilt in cloud-based systems. The efficacy of th e proposed architecture is evaluated by theoretical analyses a nd extensive experimental results with the help of prototype implementation related to the TPC-C standard benchm ark for various categories of clients and network l atencies. We propose a multi-keyword ranked search method for the encrypted cloud data databases,which simultan eously fulfill the needs of privacy requirements. The prop osed scheme could return not only the exact matchin g files,but also the files including the terms latent semantica lly associated to the query keyword.
This is a literature survey about security issues and countermeasures on cloud computing. This paper discusses about an overview of cloud computing and security issues of cloud computing.
Performance of Wideband Mobile Channel with Perfect Synchronism BPSK vs QPSK ...Editor Jacotech
Direct-sequence code-division multiple access (DS-CDMA) is
currently the subject of much research as it is a promising
multiple access capability for third and fourth generations
mobile communication systems. The synchronous DS-CDMA
system is well known for eliminating the effects of multiple
access interference (MAI) which limits the capacity and
degrades the BER performance of the system. In this paper,
we investigate the bit error rate (BER) performance of a
synchronous DS-CDMA system over a wideband mobile
radio channel. The BER performance is affected by the
difference in path length ΔL and the number of arriving
signals N. Furthermore, the effect of these parameters is
examined on the synchronous DS-CDMA system for different
users’ number as well as different processing gain Gp. In this
environment and under the above conditions the performances
of the BPSK (Binary Phase Shift Keying) and the QPSK
(Quadrature Phase Shift Keying) modulations are compared.
The promising simulation results showed the possibility of
applying this system to the wideband mobile radio channel.
MOVIE RATING PREDICTION BASED ON TWITTER SENTIMENT ANALYSISEditor Jacotech
With microblogging platforms such as Twitter generating
huge amounts of textual data every day, the possibilities of
knowledge discovery through Twitter data becomes
increasingly relevant. Similar to the public voting mechanism
on websites such as the Internet Movie Database (IMDb) that
aggregates movies ratings, Twitter content contains
reflections of public opinion about movies. This study aims to
explore the use of Twitter content as textual data for
predicting the movie rating. In this study, we extract number
of tweets and compiled to predict the rating scores of newly
released movies. Predictions were done with the algorithms,
exploring the tweet polarity. In addition, this study explores
the use of several different kinds of tweet classification
Algorithm and movie rating algorithm. Results show that
movie rating developed by our application is compared to
IMDB and Rotten Tomatoes.
Non integer order controller based robust performance analysis of a conical t...Editor Jacotech
The design of robust controller for any non linear process is a
challenging task because of the presence of various types of
uncertainties. In this paper, various design methods of robust
PID controller for the level control of conical tank are
discussed. Uncertainties are of different types, among that
structured uncertainty of 30% is introduced to the nominal
plant for analysing the robustness. As a first step, the control
of level is done by using conventional integer order controller
for both nominal and uncertain system. Then, the control is
done by means of Fractional Order Proportional Integral
Derivative (FOPID) controller for achieving robustness. With
the help of time series parameters, a comparison is made
between conventional PID and FOPID with respect to the
simulated output using MATLAB and also analyzed the
robustness.
FACTORS CAUSING STRESS AMONG FEMALE DOCTORS (A COMPARATIVE STUDY BETWEEN SELE...Editor Jacotech
It is an important task of working women to handle two
important tasks. Balancing these two roles at home and
work is very challenging task and causes stress at different
levels. Different dimension of working women’s life
involves in evolving the stress in working women’s life.
These stresses cause the imbalance at the front of and
handling family responsibility. In the current scenario,
doctors face many stressors that are peculiar to the medical
profession and doctors are required to have more
competencies than before in diagnosis ongoing
management of medical conditions. This means increased
responsibilities which may contribute to stress. Stress
experienced at work can have adverse outcomes for the
well-being of individual employees and organization as
whole. My study is focusing on identifying the factors
causing stress among female doctors working for public
and private hospitals and their stress levels associations
with respect to sector. A sample of 300 female doctors
from urban area participated in this study. Out of this, 150
each are from public and private hospitals respectively. A
self-made standardized tool was administered based on five
point scale. Results indicates that the values were found to
be 0.000 in all the cases except, psychosomatic problems
(0.004) which is lesser than (0.05) p-value resulting into
rejection of null hypotheses , consequently revealing an
association between sector of female doctors and stress due
to workload, working condition, physical exertion,
emotional exhaustion, job security, organizational support,
work family conflict, family adjustment, task demands,
psychosomatic problems, patient’s expectation and working
hours.
ANALYSIS AND DESIGN OF MULTIPLE WATERMARKING IN A VIDEO FOR AUTHENTICATION AN...Editor Jacotech
Watermarking technique be employ instance & for a second time for
validation and protection of digital data (images, video and audio
files, digital repositories and libraries, web publishing). It is helpful
to copyright protection and illegal copying of digital data like video
frames and making digital data more robust and imperceptible. With
the advent of internet, creation and delivery of digital data has grown
many fold. In that Scenario has to need a technique for transferring
digital data securely without changing their originality and
robustness. In this paper proposed a plan of latest watermarking
method which involves inserting and adding two or more digital data
or pictures in a single video frame for the principle of protection and
replicate the similar procedure for N no video frames for
authentication of entire digital video. After that digital video is
encrypted and decrypted by using motion vector bit-xor encryption
and decryption technique.
The Impact of Line Resistance on the Performance of Controllable Series Compe...Editor Jacotech
In recent years controllable FACTS devices are increasingly
integrated into the transmission system. FACTS devices that
provide series control such as Controllable Series Compensator
(CSC) has significant effect on the voltage stability of Electric
Power system. In this work impact of line resistance on the
performance of CSC in a single-load infinitive-bus (SLIB)
model is investigated. The proposed framework is applied to
SLIB model and obtained results demonstrates that line
resistance has considerable effect on voltage stability limits and
performance of CSC.
Security Strength Evaluation of Some Chaos Based Substitution-BoxesEditor Jacotech
Recently, handful amount of S-boxes, using the various
methods such as affine transformations, gray coding,
optimization, chaotic systems, etc, have been suggested. It is
prudent to use cryptographically strong S-boxes for the design
of powerful ciphers. In this paper, we sampled some widely
used 8×8 S-boxes which are recently synthesized and security
analysis and evaluation is executed to uncover the best
candidate(s). The performance analysis is exercised against
the crucial measures like nonlinearity, linear approximation
probability, algebraic immunity, algebraic complexity,
differential uniformity. These parameters are custom selected
because their scores decide the security strength against
cryptographic assaults like linear cryptanalysis, algebraic
attacks, and differential cryptanalysis. The anticipated
analysis in this work facilitates the cryptographers, designers,
researchers to choose suitable candidate decided over many
parameters and can be engaged in modern block encryption
systems that solely rely on 8×8 S-box. Moreover, the analysis
assists in articulating efficient S-boxes and to evaluate the
attacks resistivity of their S-boxes.
Traffic Detection System is an Android application that aims at determining the behavior of traffic in a particular location. It calculates the speed of the vehicle and the level of congestion or the amount of traffic is determined on the basis of the values of sensors. If any such obstruct found, then the driver is provided an option to send messages regarding high traffic to his/her friends. After a distinct number of repeated low speed and breaks, the location of the vehicle (latitude and longitude) send to a pre-specified contact (selected in case of traffic congestion) through an SMS. This application uses the features of the Global positioning system. The Latitude, as well as the longitude of the location where traffic jams are formed, is sent to the friends of the user. The Goggle map of the location also sends to the friends. It uses the SMS Manager a functionality of Android. The friends receiving the messages will thereby avoid taking the congested route and hence the level of traffic on the congested road will decrease, and the friends will reach the destination in comparatively less time.
Performance analysis of aodv with the constraints of varying terrain area and...Editor Jacotech
Mobile Ad Hoc Networks (MANETs) are wireless networks,
where there is no requirement for any infrastructure support to
transfer data packets between mobile nodes. These nodes
communicate in a multi-hop mode; each mobile node acts
both as a host and router. The main job of Quality of Service
(QoS)[1][2] routing in MANETs is to search and establish
routes among different mobile nodes for satisfying QoS
requirements of wireless sensor networks as PDR, Average
end-to-end delay, Average Throughput. The QoS routing
protocols efficient for commercial, real-time and multimedia
applications are in demand for day to day activities[2].
Modeling of solar array and analyze the current transient response of shunt s...Editor Jacotech
Spacecraft bus voltage is regulated by power
conditioning unit using switching shunt voltage regulator having
solar array cells as the primary source of power. This source
switches between the bus loads and the shunt switch for fine
control of spacecraft bus voltage. The effect of solar array cell
capacitance [5][6] along with inductance and resistance of the
interface wires between solar cells and power conditioning
unit[1], generates damped sinusoidal currents superimposed on
the short circuit current of solar cell when shunted through
switch. The peak current stress on the shunt switch is to be
considered in the selection of shunt switch in power conditioning
unit. The analysis of current transients of shunt switch in PCU
considering actual spacecraft interface wire length by
illumination of solar panel (combination of series and parallel
solar cells) is difficult with hardware simulation. Software
simulation by modeling solar cell is carried out for a single string
(one parallel) in Pspice [6]. Since in spacecrafts number of
parallels and interface cable length are variable parameters the
analysis of current transients of shunt switch is carried out by
modeling solar array with the help of solar cell model[6] for the
actual spacecraft condition.
License plate recognition an insight to the proposed approach for plate local...Editor Jacotech
License Plate Recognition (LPR) system for vehicles is an innovative and a very challenging area for research due to the innumerous plate formats and the nonuniform outdoor illumination conditions during which images are acquired. Thus, most approaches developed, work under certain restrictions such as fixed illumination, stationary background and limited speed. Algorithms developed for LPR systems are generally composed of three significant stages: 1] localization of the license plate from an entire scene image; 2] segmentation of the characters on the plate; 3] recognition of each of the segmented characters. A simple approach for preprocessing of the images, localization and extraction phase has been described in this paper. Numerous procedures have been developed for LPR systems and are assessed in this paper taking into consideration issues like processing time, computational power and recognition rate wherever available.
Design of airfoil using backpropagation training with mixed approachEditor Jacotech
Levenberg-Marquardt back-propagation training method has some limitations associated with over fitting and local optimum problems. Here, we proposed a new algorithm to increase the convergence speed of Backpropagation learning to design the airfoil. The aerodynamic force coefficients corresponding to series of airfoil are stored in a database along with the airfoil coordinates. A feedforward neural network is created with aerodynamic coefficient as input to produce the airfoil coordinates as output. In the proposed algorithm, for output layer, we used the cost function having linear & nonlinear error terms then for the hidden layer, we used steepest descent cost function. Results indicate that this mixed approach greatly enhances the training of artificial neural network and may accurately predict airfoil profile.
Ant colony optimization based routing algorithm in various wireless sensor ne...Editor Jacotech
Wireless Sensor Network has several issues and challenges due to limited battery backup, limited computation capability, and limited computation capability. These issues and challenges must be taken care while designing the algorithms to increase the Network lifetime of WSN. Routing, the act of moving information across an internet world from a source to a destination is one of the vital issue associated with Wireless Sensor Network. The Ant Colony Optimization (ACO) algorithm is a probabilistic technique for solving computational problems that can be used to find optimal paths through graphs. The short route will be increasingly enhanced therefore become more attractive. The foraging behavior and optimal route finding capability of ants can be the inspiration for ACO based algorithm in WSN. The nature of ants is to wander randomly in search of food from their nest. While moving, ants lay down a pheromone trail on the ground. This chemical pheromone has the ability to evaporate with the time. Ants have the ability to smell pheromone. When selecting their path, they tend to select, probably the paths that has strong pheromone concentrations. As soon as an ant finds a food source, carries some of it back to the nest. While returning, the quantity of chemical pheromone that an ant lay down on the ground may depend on the quantity and quality of the food. The pheromone trails will lead other ants towards the food source. The path which has the strongest pheromone concentration is followed by the ant which is the shortest paths between their nest and food source. This paper surveys the ACO based routing in various Networking domains like Wireless Sensor Networks and Mobile Ad Hoc Networks.
An efficient ant optimized multipath routing in wireless sensor networkEditor Jacotech
Today, the Wireless Sensor Network is increasingly gaining popularity and importance. It is the more interesting and stimulating area of research. Now, the WSN is applied in object tracking and environmental monitoring applications. This paper presents the self-optimized model of multipath routing algorithm for WSN which considers definite parameters like delay, throughput level and loss and generates the outcomes that maximizes data throughput rate and minimizes delay and loss. This algorithm is based on ANT optimization technique that will bring out an optimal and organized route for WSN and is also to avoid congestion in WSN, the algorithm incorporate multipath capability..
A mobile monitoring and alert sms system with remote configuration – a case s...Editor Jacotech
One of the parent´s main concerns nowadays it to know their children´s whereabouts. Some applications exist to address this issue and most of them rely on internet connection which makes the solution expensive. In this paper we present a low cost solution, based on SMS, and with the ability to remotely configure the child monitoring process. We also present the architecture and the full flowchart of the child application whenever a SMS is received. This case study uses Android and the more recent location API – the Fused Location Provider. For obvious reasons, the security issue has been a concern, which resulted in a configuration module in the child application to specify authorized senders
Leader Election Approach: A Comparison and SurveyEditor Jacotech
In distributed system, the coordinator is needed to manage the use of the resources in the shared environment. Many algorithms have been proposed for the same. They have various positive and negative parts. Here we will discuss those issues which ensure the efficiency of the algorithm for election leader. Here a comparison will be provided to show the advantages and disadvantages of different election algorithms. The comparison would be based on the number of messages passing and the order of time complexity.
Leader election approach a comparison and surveyEditor Jacotech
In distributed system, the coordinator is needed to manage the use of the resources in the shared environment. Many algorithms have been proposed for the same. They have various positive and negative parts. Here we will discuss those issues which ensure the efficiency of the algorithm for election leader. Here a comparison will be provided to show the advantages and disadvantages of different election algorithms. The comparison would be based on the number of messages passing and the order of time complexity
Modeling of solar array and analyze the current transientEditor Jacotech
Spacecraft bus voltage is regulated by power
conditioning unit using switching shunt voltage regulator having
solar array cells as the primary source of power. This source
switches between the bus loads and the shunt switch for fine
control of spacecraft bus voltage. The effect of solar array cell
capacitance [5][6] along with inductance and resistance of the
interface wires between solar cells and power conditioning
unit[1], generates damped sinusoidal currents superimposed on
the short circuit current of solar cell when shunted through
switch. The peak current stress on the shunt switch is to be
considered in the selection of shunt switch in power conditioning
unit. The analysis of current transients of shunt switch in PCU
considering actual spacecraft interface wire length by
illumination of solar panel (combination of series and parallel
solar cells) is difficult with hardware simulation. Software
simulation by modeling solar cell is carried out for a single string
(one parallel) in Pspice [6]. Since in spacecrafts number of
parallels and interface cable length are variable parameters the
analysis of current transients of shunt switch is carried out by
modeling solar array with the help of solar cell model[6] for the
actual spacecraft condition.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
1376842823 2982373
1. Journal of Advanced Computing and Communication Technologies (ISSN: 2347 - 2804)
Volume No.1 Issue No. 1, August 2013
Cloud Computing: Provide privacy and Security in Databaseas-a-Service
By
Alok Kumar, Saurabh Sharma, Sandeep Saxena
IIT,Mumbai,India
BSACET, Mathura,India
NIT,Durgapur,India
Godinall.kumar1@gmail.com, Sourabhcs27@gmail.com,sandeep.research29@gmail.com
ABSTRACT
Cloud computing Environment provides the platform to share
computing resources and provide different services like SaaS,
PaaS and IaaS that will used by organization as private, public
or Hybrid. Cloud computing basically known as Everythingas-a-service .Since cloud computing is used shared distributed
resources over the world wide network (e.g., internet) in the
open environment, thus it will create various security issues in
cloud environment and their application. On our personal
computer we have full control on data and processes but in
cloud environment we used data and application services
which are provided by some of other Cloud Service Providers
(CSP) (e.g., AWS, Google docs, Go Grid etc.).We overcome
these issues of security and privacy by using Radius server
which is known as AAA server (Authentication,
Authorization and Accounting). Using this we will secure our
CSP main server that further link with Data Center which
store database of various cloud users. We use client password
to encrypt and decrypt their data when they access or store
data in Cloud Data Center (CDC).
Keywords
Cloud computing, Radius server, cloud security, database-asa-Service, privacy, information security
1. INTRODUCTION
1.1 Cloud Computing
Cloud computing is an increasingly popular technology for
accessing computing resources using network connections.
There are lots of cloud computing definitions [1], [2], [3] but
the most accepted definition is from USA NIST (National
Institute of Standards and Technology), which lays out five
essential characteristics: on-demand self-service, broad
network access, resource pooling, rapid elasticity and
measured service. Cloud computing is a model for enabling
convenient, on-demand network access
to a shared pool of configurable computing resources (e.g.,
networks, servers, storage, applications, and services) that
can be rapidly provisioned and released with minimal
management effort or service provider interaction. [4]
Physical resources, infrastructure, middleware platforms and
applications are being provided and consumed as services in
the cloud computing. Main service models include:
Infrastructure as a service (IaaS) displaces in-house servers,
storage and networks by providing those resources ondemand. Instead of purchasing a server, users can now
provision one within minutes and discard it when they are
finished, often paying by the hour only for what they actually
used.
Platform as a service (PaaS) adds a layer to the infrastructure,
providing a platform upon which applications can be written
and deployed. These platforms aim to focus the programmers
on the business logic, freeing them from the worries of the
physical (or virtual) infrastructure.
Software as a service (SaaS) refers to applications running on
cloud infrastructures, typically delivered to the end user via a
web browser.
Cloud Database-as-a-Service (DaaS) hosts databases in the
cloud environment and provides database features such as
data definition, storage and retrieval, on a subscription basis
over the Internet. Main cloud computing providers (Amazon,
Google, IBM, Microsoft, Oracle) are targeting the DaaS
market with their cloud DaaS solutions. DaaS solutions
started as very simple, such as Amazon SimpleDB a keyvalue type of database, but more sophisticated offerings
evolved to support larger and more
complex applications, such as Amazon Relational Database
Service (RDS) with the full features and capabilities of a
relational database.
A.
Amazon Web Services (AWS)
The most prominent cloud computing provider today is
Amazon with its Amazon Web Services (AWS). Amazon
1
2. Journal of Advanced Computing and Communication Technologies (ISSN: 2347 - 2804)
Volume No.1 Issue No. 1, August 2013
not only offers the most complete stack of services, but makes
it especially easy to integrate different services. [5]
There are three database solutions available at AWS:
i) Amazon Relational Database Service (RDS) [6]
ii) Amazon EC2 [7]
iii) Amazon SimpleDB [8]
B.
Microsoft SQL Azure
Microsoft SQL Azure Database is a cloud-based relational
database service built on SQL Server technologies. It provides
a highly available, scalable, multi-tenant database service
hosted in the cloud. SQL Azure Database helps to ease
provisioning and deployment of multiple databases. [9]
C.
Google AppEngine Datastore
Google AppEngine Data store is built on BigTable [10],
Google's internal storage system for handling structured data.
In and of itself, the AppEngine Data store is not a direct
access mechanism to BigTable, but can be thought of as a
simplified interface on top of BigTable. The AppEngine Data
store supports much richer data types within items than
SimpleDB, including list types, which contain collections
within a single item. [11]
When sharing of physical resources in a cloud infrastructure,
data security and privacy cannot be guaranteed by physical
boundaries of machines or networks. [12], [13], [14]
Interfaces offered by DaaS providers are proprietary in nature
and thus can be difficult to leverage from applications that
need to access the data So users need to understand and test
their interfaces and/or APIs. Some DaaS providers offer only
a subset of the capabilities found in traditional on-premise
enterprise databases. For example, stored procedures and
triggers may not be supported in the same manner as in onpremise databases. Scalability, traditional databases do not
scale effectively to thousands of nodes being deployed in a
massively shared infrastructure though advance planning
must be applied [15]
Cloud computing will need to find ways to protect client
privacy. One way is to use authentication techniques such as
user names and passwords. Another is to employ an
authorization format -- each user can access only the data and
applications relevant to his or her job. Cloud has centralized
server administration system Centralized server administers
the system, balances client supply, adjusts demands, monitors
traffic Here, all the data are backed up at multiple locations.
In cloud computing, it is very common to store data of
multiple customers at one common location. Cloud computing
should have provide proper techniques for data security and
confidentiality.
1.2 Radius Server
RADIUS technology was developed in the nineties as an
access server authentication and accounting protocol,
massively deployed in order to solve authentication concerns
raised by the increasing number of users who aimed to reach
their Internet Service Provider by mean of modems based on
PPP protocols. It was then again largely exploited when IEEE
802.1x architecture was introduced, for RADIUS is the key
protocol of AAA architecture (Authentication, Authorization
and Accounting) and it supports access control mechanisms
for wired and wireless infrastructures. RADIUS enables
centralized management of authentication data, such as
usernames and passwords. When a user attempts to login to a
RADIUS client, such as a router, the router send the
authentication request to the RADIUS server. The
communication between the RADIUS client and the RADIUS
server are authenticated and encrypted through the use of a
shared secret, which is not transmitted over the network. The
RADIUS server may store the authentication data locally, but
it can also store authentication data in an external SQL
database or an external UNIX /etc/password file. It can also
plug into PAM (Pluggable Authentication Service)
architecture to retrieve authentication data.
The role of the RADIUS server as the centralized
authentication server makes is an excellent choice for also
performing accounting. It can significantly increase security
by enabling the centralization of password management. Of
course, the other side of that argument is that once you take
over the RADIUS server, you have everything. RADIUS
servers are available from many vendors. In addition, GNU
RADIUS is an excellent non-commercial option. It utilizes the
MD5 algorithm for secure password hashing.
.
2. RELATED WORK
Cloud Computing has been envisioned as the next generation
architecture of IT Enterprise. In contrast to traditional
solutions, where the IT services are under proper physical,
logical and personnel controls, Cloud Computing moves the
Application software, System software and databases to the
large data centers, where the management and security of the
data and services may not be fully trustworthy. This unique
attribute, however, poses many new security issues which
have not been well understood.
Cong Wang et al. were focus on cloud data storage security,
which has always been an important aspect of quality of
service. To ensure the correctness of users’ data in the cloud,
they propose an effective and flexible distributed scheme with
two salient features, opposing to its predecessors. By utilizing
the homomorphic token with distributed verification of
erasure-coded data, our scheme achieves the integration of
storage correctness insurance and data error localization, i.e.,
the identification of misbehaving server(s). Unlike most prior
works, the new scheme further supports secure and efficient
dynamic operations on data blocks, including: data update,
delete and append. Extensive security and performance
analysis shows that the proposed scheme is highly efficient
and resilient against Byzantine failure, malicious data
modification attack, and even server colluding attacks. [16]
Jian Wang et al. where says that Privacy is an important issue
for cloud computing, both in terms of legal compliance and
user trust, and needs to be considered at every phase of
design. Their paper provides some privacy preserving
technologies used in cloud computing services. Basically used
Anonymity based method for privacy preservation in cloud
computing. [17]
Zhang Jian-hua et al. was proposed an architecture of cloud
storage and presents the deployment of the disaster recovery
and other applications in inter-private cloud storage, which
can achieve a true cloud computing shown in figure 1. [18]
2
3. Journal of Advanced Computing and Communication Technologies (ISSN: 2347 - 2804)
Volume No.1 Issue No. 1, August 2013
3. PROPOSED WORK
As well as technology grow; security issues are rapidly
increasing in various dimensions and it very difficult to make
any system completely free from vulnerability.
In any system three major issues are concerns that are
unforgettable as follow:
Authentication
Authorization
Accounting
In this research we focus on client privacy and security when
he store his data on cloud and take database-as-a-service from
cloud Service Provider (CSP).
Figure 1: The typical architecture of disaster recovery system
V. Mateljan et al. were Proposed Return On Investment (ROI)
analysis outlines how to decide and the things to consider
whether an application is suited for a cloud computing
environment, on-premise (inhouse) infrastructure or to
outsourcing to managed services. They give formula to
calculate ROI in DaaS. [19]
The most appropriate ROI formula (1) for evaluating IT
investments is net project benefits divided by cost. The ratio is
usually expressed as a percentage when the fractional values
are multiplied by 100. Net benefits are project benefits minus
project costs. [20]
Second aspect of database security is also cover in basic level
to ensure that secure the data of client on cloud storage
servers. It will manage with the help of encryption /decryption
management scheme on cloud server.
We start our research from AAA services analysis and we
select Radius server for these services and install and check
out it and will add in cloud environment.
We find that Radius server is a best suited for cloud
environments to make sure client identity authenticated and
what type of authorized services is provisioned to client. It
will also used to accounting services through which we can
account the client cloud provisioning services.
ROI (%) = (Net Project Benefits *100)/Project Costs
………………. (1)
Yan Zhao et al. were propose a novel privacy preserving
approach based on k-anonymity model and multidimensional
model, which combines global recoding and local recoding
technology and provides privacy preserving in data
publishing. The novel anonymity strategy can efficiently and
Dynamically designate sensitive information according to the
requirements of users. Then we develop an anonymous
strategy algorithm which adapts to the anonymity strategy and
achieves the purpose of preventing homogeneity attack and
background knowledge attack. [21]
Figure 2: Working of AAA Server (E.g. Radius Server) [24]
Chenguang Wang, Huaizhi Yan were proposed a method to
solve cloud computing security issue with private face
recognition. The method has three parts: user part provides
face images; cloud initialization part has a face subspace and
templates database; cloud private matching identification part
contains the core algorithm of the method, comparing two
encrypted numbers under double-encrypted conditions. The
experimental results show the method can ensure that cloud
neither know user’s real face data, nor the face private
matching identification result, to make user’s face data secure,
we develop a credible, efficient, low-complex method to
guarantee cloud computing security. [22]
Lior Okman et al. were reviews two of the most popular
NoSQL databases (Cassandra and MongoDB) and outlines
their main security features and problems. [23]
Figure 2 represent working of Radius Server , in which shows
how client interact with cloud server to use their space for
uploading/ downloading data files on cloud server.
To connect with Cloud server (Database Server), three steps
involve in this process.
Step 1: client send connect request to NAS client which
forward request to Radius Server. Which authenticate user
and send acknowledge to NAS client.
Step 2: if user is authenticated then access Accept otherwise
Request Reject and process is end here.
Step 3: if user is authenticated then accounting request is
start and Accounting Session is start during complete login
period till disconnected.
3
4. Journal of Advanced Computing and Communication Technologies (ISSN: 2347 - 2804)
Volume No.1 Issue No. 1, August 2013
4. Experimental Setup
keys to encrypt and decrypt data during access and this key is
private and takes from cloud user as database password.
In this research we use Linux environment to implement our
model, we are simply deploy Eucalyptus in Virtual Machine
to create a cloud Environment for testing. In which we are
create a single server as cloud server (CSP) and create
multiple client to access the services provides CSP.
6. Conclusion
Here is not need to discuss complete implementation setup.
The cloud services is rapidly growing and favoring the new
advent of service providers. User confidence and its privacy is
the biggest challenging phenomenon for cloud service
providers. In this paper we proposed a novel Authentication
and privacy and its legal jurisdiction to assure the
confidentiality of user of clouds. In order to perform
Authentication, Authorization and Accounting of users
accounts To make this process right there is a procedure of
service level agreement with customer. In future we will focus
on the rule base of security matrix and integrity part of user’s
data.
7. REFERENCES
Figure 3: Eucalyptus cloud capacity in cloud environment.
5. CONCEPT IMPLEMENTAION
[1] B. Hayes, "Cloud computing", Communications of the
ACM, (7):9–11, 2008.
[2] J. Geelan, "Twenty one experts define cloud computing",
Electronic Magazine, 2008.
[3] G. Gruman and E. Knorr, "What cloud computing really
means", InfoWorld, 2008.
[4] P. Mell and T. Grance, “The NIST Definition of Cloud
Computing;
http://csrc.nist.gov/groups/SNS/cloudcomputing/
(accessed 12.01.2010)
h
[5] Amazon Web Services (AWS), http://aws.amazon.com/,
(accessed 10.01.2010)
[6] Amazon EC2 - Relational Database Amazon Machine
Image (AMI), http://aws.amazon.com/running_databases
/#relational, (accessed 10.01.2010)
[7] Amazon Relational Database Service (RDS),
http://aws.amazon.com/rds/, (accessed 10.01.2010)
Figure 4: cloud architecture for DaaS with Radius Server
In this research we have install RADIUS server in our
proposed architecture in which we are used some
cryptographic techniques to encrypt/decrypt our database
during storage/retrieval. This is very much secure and useful
service which provide more privacy and security to client user
in comparative we had discuss in previous proposed
techniques in related work in this paper.
In this architecture, when external user try to access cloud
resources in cloud environment they first interact with
RADIUS installed Gateway on which they authenticate itself
that he is right user. On the basis of their authenticated
account we identified their authorized services to which they
are allow to access. In run time when user access resources in
cloud environment Radius Server monitor their access each
and every time. If Radius Server fined any unauthorized
access then it reports to main cloud server and save details of
that cloud user in main server. In this implementation cloud
main server used some cryptographic techniques and used
[8] Amazon SimpleDB, http://aws.amazon.com/simpledb/,
(accessed 10.01.2010)
[9] Microsoft SQL Azure,
http://www.microsoft.com/windowsazure/sqlazure/,
(accessed 14.01.2010)
[10] BigTable, http://labs.google.com/papers/bigtable.html,
(accessed 20.01.2010)
[11] Google AppEngine Datastore,
http://code.google.com/appengine/, (accessed 15.01.2010)
[12] E. Mykletun and G. Tsudik, “Incorporating a secure
coprocessor in the database-as-a-service model”, IWIA,
2005.
[13] S. Pearson, "Taking Account of Privacy when Designing
Cloud Computing Services", CLOUD’09, 2009.
[14] W. K. Wong, W. Cheung, B. Kao, and N. Mamoulis,
“Secure kNN Computation on Encrypted Databases”,
4
5. Journal of Advanced Computing and Communication Technologies (ISSN: 2347 - 2804)
Volume No.1 Issue No. 1, August 2013
SIGMOD, 2009
[15] Z. Wei, G. Pierre and C.H. Chi, "Scalable Transactions
for Web Applications in the Cloud", Proceedings of the EuroPar conference, 2009.
[16] Cong Wang, Qian Wang, and Kui Ren “Ensuring Data
Storage Security in Cloud Computing ”published in IEEE
2009.
[17] Jian Wang Yan Zhao Shuo Jiang Jiajin Le “Providing
Privacy Preserving in cloud computing” published in IEEE
2009 International Conference on Test and Measurement.
[18] Zhang Jian-hua and Zhang Nan “Cloud Computing-based
Data Storage and Disaster Recovery” published in IEEE 2011
International Conference on Future Computer Science and
Education.
[19] V. Mateljan et al. “Cloud Database-as-a-Service (DaaS) ROI” published in IEEE MIPRO 2010, May 24-28, 2010,
Opatija, Croatia.
[20] B. Roulstone and J.J. Phillips, "ROI for Technology
Projects: Measuring and Delivering Value", Elsevier, 2008.
[21] Yan Zhao,Yongcheng Luo, Jian Wang and Jiajin Le,” A
Novel Privacy Preserving Approach for Database Security”
2009 International Conference on Test and Measurement.
[22] Chenguang Wang, Huaizhi Yan “Study of Cloud
Computing Security Based on Private Face Recognition”
published in IEEE 2010.
[23] Lior Okman, Nurit Gal-Oz, Yaron Gonen, Ehud Gudes
and Jenny Abramov, “Security Issues in NoSQL Databases”
published in 2011 International Joint Conference of IEEE
TrustCom-11/IEEE ICESS-11/FCST-11
[24] Image hosted on http://www.wi-fiplanet.com
5