This document discusses effective modular order preserving encryption on cloud using multivariate hypergeometric distribution (MHGD). It begins with an abstract that describes how order preserving encryption allows efficient range queries on encrypted data. It then provides background on cloud computing security concerns and discusses existing approaches to searchable encryption, including probabilistic encryption, deterministic encryption, homomorphic encryption, and order preserving encryption. The key proposed approach is to improve the security of existing modular order preserving encryption approaches by utilizing MHGD.
Secure Data Sharing In an Untrusted CloudIJERA Editor
Cloud computing is a huge area which basically provides many services on the basis of pay as you go. One of the fundamental services provided by cloud is data storage. Cloud provides cost efficiency and an efficient solution for sharing resource among cloud users. A secure and efficient data sharing scheme for groups in cloud is not an easy task. On one hand customers are not ready to share their identity but on other hand want to enjoy the cost efficiency provided by the cloud. It needs to provide identity privacy, multiple owner and dynamic data sharing without getting effected by the number of cloud users revoked. In this paper, any member of a group can completely enjoy the data storing and sharing services by the cloud. A secure data sharing scheme for dynamic cloud users is proposed in this paper. For which it uses group signature and dynamic broadcast encryption techniques such that any user in a group can share the information in a secured manner. Additionally the permission option is proposed for the security reasons. This means the file access permissions are generated by the admin and given to the user using Role Based Access Control (RBA) algorithm. The file access permissions are read, write and delete. In this, owner can provide files with options and accepts the users using that option. The revocation of cloud user is a function generated by the Admin for security purpose. The encryption computational cost and storage overhead is not dependent on the number of users revoked. We analyze the security by proofs and produce the cloud efficiency report using cloudsim.
This research analysis will go over the various encryption methods and summarize the previous research in encryption that has been done to this point. The advantages of Symmetric and Asymmetric Encryption will be discussed in terms of security and efficiency. As encryption becomes more advanced, so the need for proper key management increases as well. This paper will conclude with a look at what could be the future of cloud encryption, Homomorphic Encryption.
Cloud Storage is a branch of Cloud Computing, which plays an important role in IT world. Cloud providers are providing a huge volume of storage space as per the user needs. Due to wide usage of this, it also increases data security issues and threats. Hence efforts are being made to encrypt the data stored in the cloud. In this paper, we are going to look at different encryption and auditing techniques that are used to avoid data breaching in cloud storage. Nikhil Sreenivasan ""Data Storage Issues in Cloud Computing"" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-4 | Issue-2 , February 2020,
URL: https://www.ijtsrd.com/papers/ijtsrd30194.pdf
Paper Url : https://www.ijtsrd.com/computer-science/computer-network/30194/data-storage-issues-in-cloud-computing/nikhil-sreenivasan
Comparison of data security in grid and cloud computingeSAT Journals
Abstract In the current era, Grid computing and cloud computing are the main fields in the research work. This thesis define which are the main security issues to be considered in cloud computing and grid computing, and how some of these security issues are solved. Comparative study shows the grid security is tighter than the cloud. It also shows cloud computing is less secure and faced security problems. This research work is based on main security problems in cloud computing such as authentication, authorization, access control and security infrastructure (SLA). Cloud infrastructure is based on service level agreement; simply cloud providers provide different services to cloud’s users and organizations with an agreement known SLA. So the security and privacy of user’s data is the main problem, because unauthorized person can’t access the data of cloud user. Hacking and data leakage are the common threats in cloud computing. As the security due to hackers increase over internet and the cloud computing is totally on internet. At this time, cloud computing demand the tight password protection and strong authentication and authorization procedure. For an increased level of security, privacy and password protection, we provide a new strong authentication model named “Two factor authentications using graphical password with pass point scheme”. This authentication model includes the login procedure, access control that is based on service level agreement (SLA) in cloud computing. Index Terms: Cloud computing, Authentication, login, Recognition, Recall, Pass point, security, Cloud Provider, Service level Agreement, Two Factor Authentication
Secure Data Sharing In an Untrusted CloudIJERA Editor
Cloud computing is a huge area which basically provides many services on the basis of pay as you go. One of the fundamental services provided by cloud is data storage. Cloud provides cost efficiency and an efficient solution for sharing resource among cloud users. A secure and efficient data sharing scheme for groups in cloud is not an easy task. On one hand customers are not ready to share their identity but on other hand want to enjoy the cost efficiency provided by the cloud. It needs to provide identity privacy, multiple owner and dynamic data sharing without getting effected by the number of cloud users revoked. In this paper, any member of a group can completely enjoy the data storing and sharing services by the cloud. A secure data sharing scheme for dynamic cloud users is proposed in this paper. For which it uses group signature and dynamic broadcast encryption techniques such that any user in a group can share the information in a secured manner. Additionally the permission option is proposed for the security reasons. This means the file access permissions are generated by the admin and given to the user using Role Based Access Control (RBA) algorithm. The file access permissions are read, write and delete. In this, owner can provide files with options and accepts the users using that option. The revocation of cloud user is a function generated by the Admin for security purpose. The encryption computational cost and storage overhead is not dependent on the number of users revoked. We analyze the security by proofs and produce the cloud efficiency report using cloudsim.
This research analysis will go over the various encryption methods and summarize the previous research in encryption that has been done to this point. The advantages of Symmetric and Asymmetric Encryption will be discussed in terms of security and efficiency. As encryption becomes more advanced, so the need for proper key management increases as well. This paper will conclude with a look at what could be the future of cloud encryption, Homomorphic Encryption.
Cloud Storage is a branch of Cloud Computing, which plays an important role in IT world. Cloud providers are providing a huge volume of storage space as per the user needs. Due to wide usage of this, it also increases data security issues and threats. Hence efforts are being made to encrypt the data stored in the cloud. In this paper, we are going to look at different encryption and auditing techniques that are used to avoid data breaching in cloud storage. Nikhil Sreenivasan ""Data Storage Issues in Cloud Computing"" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-4 | Issue-2 , February 2020,
URL: https://www.ijtsrd.com/papers/ijtsrd30194.pdf
Paper Url : https://www.ijtsrd.com/computer-science/computer-network/30194/data-storage-issues-in-cloud-computing/nikhil-sreenivasan
Comparison of data security in grid and cloud computingeSAT Journals
Abstract In the current era, Grid computing and cloud computing are the main fields in the research work. This thesis define which are the main security issues to be considered in cloud computing and grid computing, and how some of these security issues are solved. Comparative study shows the grid security is tighter than the cloud. It also shows cloud computing is less secure and faced security problems. This research work is based on main security problems in cloud computing such as authentication, authorization, access control and security infrastructure (SLA). Cloud infrastructure is based on service level agreement; simply cloud providers provide different services to cloud’s users and organizations with an agreement known SLA. So the security and privacy of user’s data is the main problem, because unauthorized person can’t access the data of cloud user. Hacking and data leakage are the common threats in cloud computing. As the security due to hackers increase over internet and the cloud computing is totally on internet. At this time, cloud computing demand the tight password protection and strong authentication and authorization procedure. For an increased level of security, privacy and password protection, we provide a new strong authentication model named “Two factor authentications using graphical password with pass point scheme”. This authentication model includes the login procedure, access control that is based on service level agreement (SLA) in cloud computing. Index Terms: Cloud computing, Authentication, login, Recognition, Recall, Pass point, security, Cloud Provider, Service level Agreement, Two Factor Authentication
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Survey on securing outsourced storages in cloudeSAT Journals
Abstract Cloud computing is one of the buzzwords of technological developments in the IT industry and service sectors. Widening the social capabilities of servicing for a user on the internet while narrowing the insufficiency to store information and provide facilities locally, computing interests are shifting towards cloud services. Cloud services although contributes to major advantages for servicing also incurs notification to major security issues. The issues and the approaches that can be taken to minimise or even eliminate their effects are discussed in this paper to progress toward more secure storage services on the cloud. Keywords: Cloud computing, Cloud Security, Outsourced Storages, Storage as a Service
A Data Sharing Protocol to Minimize Security and Privacy Risks in Cloud Storageijtsrd
Data contribution in the cloud is a procedure so as to allow users to expediently right of entry information in excess of the cloud. The information holder outsources their data in the cloud due to cost lessening and the huge amenities provided by cloud services. Information holder is not able to manage over their information, since cloud examination contributor is a third party contributor. The main disaster with data partaking in the cloud is the seclusion and safety measures issues. Different techniques are obtainable to sustain user seclusion and protected data sharing. This paper focal point on different schemes to contract by means of protected data partaking such as information contribution with forward security, protected information partaking for energetic groups, quality based information partaking, encrypted data sharing and mutual influence Based Privacy Preserving verification set of rules for right to use manage of outsourced information. S. Nandhini Devi | Mr. S. Rajarajan "A Data Sharing Protocol to Minimize Security and Privacy Risks in Cloud Storage" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-6 , October 2019, URL: https://www.ijtsrd.com/papers/ijtsrd29345.pdf Paper URL: https://www.ijtsrd.com/computer-science/computer-security/29345/a-data-sharing-protocol-to-minimize-security-and-privacy-risks-in-cloud-storage/s-nandhini-devi
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Cloud storage (CS) is gaining much popularity nowadays because it offers low-cost and convenient network storage services. In this big data era, the explosive growth in digital data moves the users towards CS to store their massive data. This explosive growth of data causes a lot of storage pressure on CS systems because a large volume of this data is redundant. Data deduplication is a most-effective data reduction technique that identifies and eliminates the redundant data. Dynamic nature of data makes security and ownership of data as a very important issue. Proof-of-ownership schemes are a robust way to check the ownership claimed by any owner. However to protect the privacy of data, many users encrypt it before storing in CS. This method affects the deduplication process because encryption methods have varying characteristics. Convergent encryption (CE) scheme is widely used for secure data deduplication, but it destroys the message equality. Although, DupLESS provides strong privacy by enhancing CE, but it is also found insufficient. The problem with the CE-based scheme is that the user can decrypt the cloud data while he has lost his ownership. This paper addresses the problem of ownership revocation by proposing a secure deduplication scheme for encrypted data. The proposed scheme enhances the security against unauthorized encryption and poison attack on the predicted set of data.
Bio-Cryptography Based Secured Data Replication Management in Cloud StorageIJERA Editor
Cloud computing is new way of economical and efficient storage. The single data mart storage system is a less
secure because data remain under a single data mart. This can lead to data loss due to different causes like
hacking, server failure etc. If an attacker chooses to attack a specific client, then he can aim at a fixed cloud
provider, try to have access to the client’s information. This makes an easy job of the attackers, both inside and
outside attackers get the benefit of using data mining to a great extent. Inside attackers refer to malicious
employees at a cloud provider. Thus single data mart storage architecture is the biggest security threat
concerning data mining on cloud, so in this paper present the secure replication approach that encrypt based on
biocrypt and replicate the data in distributed data mart storage system. This approach involves the encryption,
replication and storage of data
Multi- Level Data Security Model for Big Data on Public Cloud: A New ModelEswar Publications
With the advent of cloud computing the big data has emerged as a very crucial technology. The certain type of cloud provides the consumers with the free services like storage, computational power etc. This paper is intended to make use of infrastructure as a service where the storage service from the public cloud providers is going to leveraged by an individual or organization. The paper will emphasize the model which can be used by anyone without any cost. They can store the confidential data without any type of security issue, as the data will be altered
in such a way that it cannot be understood by the intruder if any. Not only that but the user can retrieve back the original data within no time. The proposed security model is going to effectively and efficiently provide a robust security while data is on cloud infrastructure as well as when data is getting migrated towards cloud infrastructure or vice versa.
This is a common fact nowadays to use the external third party resources for data storage and sharing among
multiple personnel of the same organization or different organizations. Such external resources are collectively
known as Cloud Computing resources. Cloud Computing resources save time, cost and efforts required to
manage the huge data of organizations. Due to the rapid growth of using cloud services in many organizations
or individuals, there are many concerns resulted. The major concerns are data sharing, security and efficiency.
Since from last 15 years, there are number of solutions and researches were conducted and applied. Data
sharing both single user and multi-user in Cloud Computing, and hence it is required that data sharing is
strongly secured, number of recent cryptography base methods such as Identity Based Encryption or Attributed
Based Encryption are designed for secure data sharing among multiple users. All the recent methods have some
limitations and advantages. This paper addresses the current research problems of data security and privacy
preserving in cloud servers. The study was presented over different methods of cloud data security and their
comparative analysis first. At we discussed the research limitations of those methods.
Cloud Computing is the most emerging trend in Information Technology now days. It is attracting the organizations due to its advantages of scalability, throughput, easy and cheap access and on demand up and down grading of SaaS, PaaS and IaaS. Besides all the salient features of cloud environment, there are the big challenges of privacy and security. In this paper, a review of different security issues like trust, confidentiality, authenticity, encryption, key management and resource sharing are presented along with the efforts made on how to overcome these issues.
Role Based Access Control Model (RBACM) With Efficient Genetic Algorithm (GA)...dbpublications
Cloud computing is one the promising and emerging field in Information Technology because of its performance, low cost and great availability. Cloud computing basically gives services to an individual and the organization through the network with the capability to scale down or up their different kinds of services. The basic service of cloud computing system is known as a cloud storage system which containing a collection of storage servers. These storage servers gives long-term storage services by using the internet with free of cost. However, the storing data using cloud system of third party causes very serious problem over data confidentiality. Typically, different kinds of encryption schemes are used to protect the cloud data confidentiality, but it take more time to process even a single operation. Thus, in this paper proposes cloud data confidentiality by integrates encoding, encrypting and forwarding. Token Based Data Security Algorithm (TBDSA) along with RSA and AES is used for decryption and encryption process and Role Based Access Control Model (RBACM) is access at the time of data forwarding. Here, cloud user’s accessing password is created by using encoding process which is done by Genetic Algorithm (GA) and process of GA is presented in this paper. This
TBDSA and GA algorithms takes minimum time to execute and raises the system performance.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Survey on securing outsourced storages in cloudeSAT Journals
Abstract Cloud computing is one of the buzzwords of technological developments in the IT industry and service sectors. Widening the social capabilities of servicing for a user on the internet while narrowing the insufficiency to store information and provide facilities locally, computing interests are shifting towards cloud services. Cloud services although contributes to major advantages for servicing also incurs notification to major security issues. The issues and the approaches that can be taken to minimise or even eliminate their effects are discussed in this paper to progress toward more secure storage services on the cloud. Keywords: Cloud computing, Cloud Security, Outsourced Storages, Storage as a Service
A Data Sharing Protocol to Minimize Security and Privacy Risks in Cloud Storageijtsrd
Data contribution in the cloud is a procedure so as to allow users to expediently right of entry information in excess of the cloud. The information holder outsources their data in the cloud due to cost lessening and the huge amenities provided by cloud services. Information holder is not able to manage over their information, since cloud examination contributor is a third party contributor. The main disaster with data partaking in the cloud is the seclusion and safety measures issues. Different techniques are obtainable to sustain user seclusion and protected data sharing. This paper focal point on different schemes to contract by means of protected data partaking such as information contribution with forward security, protected information partaking for energetic groups, quality based information partaking, encrypted data sharing and mutual influence Based Privacy Preserving verification set of rules for right to use manage of outsourced information. S. Nandhini Devi | Mr. S. Rajarajan "A Data Sharing Protocol to Minimize Security and Privacy Risks in Cloud Storage" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-6 , October 2019, URL: https://www.ijtsrd.com/papers/ijtsrd29345.pdf Paper URL: https://www.ijtsrd.com/computer-science/computer-security/29345/a-data-sharing-protocol-to-minimize-security-and-privacy-risks-in-cloud-storage/s-nandhini-devi
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Cloud storage (CS) is gaining much popularity nowadays because it offers low-cost and convenient network storage services. In this big data era, the explosive growth in digital data moves the users towards CS to store their massive data. This explosive growth of data causes a lot of storage pressure on CS systems because a large volume of this data is redundant. Data deduplication is a most-effective data reduction technique that identifies and eliminates the redundant data. Dynamic nature of data makes security and ownership of data as a very important issue. Proof-of-ownership schemes are a robust way to check the ownership claimed by any owner. However to protect the privacy of data, many users encrypt it before storing in CS. This method affects the deduplication process because encryption methods have varying characteristics. Convergent encryption (CE) scheme is widely used for secure data deduplication, but it destroys the message equality. Although, DupLESS provides strong privacy by enhancing CE, but it is also found insufficient. The problem with the CE-based scheme is that the user can decrypt the cloud data while he has lost his ownership. This paper addresses the problem of ownership revocation by proposing a secure deduplication scheme for encrypted data. The proposed scheme enhances the security against unauthorized encryption and poison attack on the predicted set of data.
Bio-Cryptography Based Secured Data Replication Management in Cloud StorageIJERA Editor
Cloud computing is new way of economical and efficient storage. The single data mart storage system is a less
secure because data remain under a single data mart. This can lead to data loss due to different causes like
hacking, server failure etc. If an attacker chooses to attack a specific client, then he can aim at a fixed cloud
provider, try to have access to the client’s information. This makes an easy job of the attackers, both inside and
outside attackers get the benefit of using data mining to a great extent. Inside attackers refer to malicious
employees at a cloud provider. Thus single data mart storage architecture is the biggest security threat
concerning data mining on cloud, so in this paper present the secure replication approach that encrypt based on
biocrypt and replicate the data in distributed data mart storage system. This approach involves the encryption,
replication and storage of data
Multi- Level Data Security Model for Big Data on Public Cloud: A New ModelEswar Publications
With the advent of cloud computing the big data has emerged as a very crucial technology. The certain type of cloud provides the consumers with the free services like storage, computational power etc. This paper is intended to make use of infrastructure as a service where the storage service from the public cloud providers is going to leveraged by an individual or organization. The paper will emphasize the model which can be used by anyone without any cost. They can store the confidential data without any type of security issue, as the data will be altered
in such a way that it cannot be understood by the intruder if any. Not only that but the user can retrieve back the original data within no time. The proposed security model is going to effectively and efficiently provide a robust security while data is on cloud infrastructure as well as when data is getting migrated towards cloud infrastructure or vice versa.
This is a common fact nowadays to use the external third party resources for data storage and sharing among
multiple personnel of the same organization or different organizations. Such external resources are collectively
known as Cloud Computing resources. Cloud Computing resources save time, cost and efforts required to
manage the huge data of organizations. Due to the rapid growth of using cloud services in many organizations
or individuals, there are many concerns resulted. The major concerns are data sharing, security and efficiency.
Since from last 15 years, there are number of solutions and researches were conducted and applied. Data
sharing both single user and multi-user in Cloud Computing, and hence it is required that data sharing is
strongly secured, number of recent cryptography base methods such as Identity Based Encryption or Attributed
Based Encryption are designed for secure data sharing among multiple users. All the recent methods have some
limitations and advantages. This paper addresses the current research problems of data security and privacy
preserving in cloud servers. The study was presented over different methods of cloud data security and their
comparative analysis first. At we discussed the research limitations of those methods.
Cloud Computing is the most emerging trend in Information Technology now days. It is attracting the organizations due to its advantages of scalability, throughput, easy and cheap access and on demand up and down grading of SaaS, PaaS and IaaS. Besides all the salient features of cloud environment, there are the big challenges of privacy and security. In this paper, a review of different security issues like trust, confidentiality, authenticity, encryption, key management and resource sharing are presented along with the efforts made on how to overcome these issues.
Role Based Access Control Model (RBACM) With Efficient Genetic Algorithm (GA)...dbpublications
Cloud computing is one the promising and emerging field in Information Technology because of its performance, low cost and great availability. Cloud computing basically gives services to an individual and the organization through the network with the capability to scale down or up their different kinds of services. The basic service of cloud computing system is known as a cloud storage system which containing a collection of storage servers. These storage servers gives long-term storage services by using the internet with free of cost. However, the storing data using cloud system of third party causes very serious problem over data confidentiality. Typically, different kinds of encryption schemes are used to protect the cloud data confidentiality, but it take more time to process even a single operation. Thus, in this paper proposes cloud data confidentiality by integrates encoding, encrypting and forwarding. Token Based Data Security Algorithm (TBDSA) along with RSA and AES is used for decryption and encryption process and Role Based Access Control Model (RBACM) is access at the time of data forwarding. Here, cloud user’s accessing password is created by using encoding process which is done by Genetic Algorithm (GA) and process of GA is presented in this paper. This
TBDSA and GA algorithms takes minimum time to execute and raises the system performance.
Proposed system for data security in distributed computing in using triple d...IJECEIAES
Cloud computing is considered a distributed computing paradigm in which resources are provided as services. In cloud computing, the applications do not run from a user’s personal computer but are run and stored on distributed servers on the Internet. The resources of the cloud infrastructures are shared on cloud computing on the Internet in the open environment. This increases the security problems in security such as data confidentiality, data integrity and data availability, so the solution of such problems are conducted by adopting data encryption is very important for securing users data. In this paper, a comparative study is done between the two security algorithms on a cloud platform called eyeOS. From the comparative study it was found that the Rivest Shamir Adlemen (3kRSA) algorithm outperforms that triple data encryption standard (3DES) algorithm with respect to the complexity, and output bytes. The main drawback of the 3kRSA algorithm is its computation time, while 3DES is faster than that 3kRSA. This is useful for storing large amounts of data used in the cloud computing, the key distribution and authentication of the asymmetric encryption, speed, data integrity and data confidentiality of the symmetric encryption are also important also it enables to execute required computations on this encrypted data.
A Secure Multi-Owner Data Sharing Scheme for Dynamic Group in Public Cloud. IJCERT JOURNAL
In cloud computing outsourcing group resource among cloud users is a major challenge, so cloud computing provides a low-cost and well-organized solution. Due to frequent change of membership, sharing data in a multi-owner manner to an untrusted cloud is still its challenging issue. In this paper we proposed a secure multi-owner data sharing scheme for dynamic group in public cloud. By providing AES encryption with convergent key while uploading the data, any cloud user can securely share data with others. Meanwhile, the storage overhead and encryption computation cost of the scheme are independent with the number of revoked users. In addition, I analyze the security of this scheme with rigorous proofs. One-Time Password is one of the easiest and most popular forms of authentication that can be used for securing access to accounts. One-Time Passwords are often referred to as secure and stronger forms of authentication in multi-owner manner. Extensive security and performance analysis shows that our proposed scheme is highly efficient and satisfies the security requirements for public cloud based secure group sharing.
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...IJCNCJournal
Cloud computing is utility-based computing provides many benefits to its clients but security is one aspect which is delaying its adoptions. Security challenges include data security, network security and infrastructure security. Data security can be achieved using Cryptography. If we include location information in the encryption and decryption process then we can bind access to data with the location so that data can be accessed only from the specified locations. In this paper, we propose a method based on the symmetric cryptography, location-based cryptography and ciphertext policy – Attribute-based encryption (CP-ABE) to implements secure access control to the outsourced data. The Symmetric key is used to encrypt that data whereas CP-ABE is used to encrypt the secret key and the location lock value before uploading on the server. User will download encrypted data and the symmetric secret key XORed with the Location Lock value, using his attributes based secret key he can obtain first XORed value of Symmetric secret key and location lock value. Using anti-spoof GPS Location lock value can be obtained which can be used to retrieve the symmetric secret key. We have adopted Massage Authentication Code (MAC) to ensure Integrity and Availability of the data. This protocol can be used in the Bank, government organization, military services or any other industry those are having their offices/work location at a fixed place, so data access can be bounded to that location.
Accessing secured data in cloud computing environmentIJNSA Journal
Number of businesses using cloud computing has increased dramatically over the last few years due to the attractive features such as scalability, flexibility, fast start-up and low costs. Services provided over the web are ranging from using provider’s software and hardware to managing security and other issues. Some of the biggest challenges at this point are providing privacy and data security to subscribers of public cloud servers. An efficient encryption technique presented in this paper can be used for secure access to and storage of data on public cloud server, moving and searching encrypted data through communication channels while protecting data confidentiality. This method ensures data protection against both external and internal intruders. Data can be decrypted only with the provided by the data owner key, while public cloud server is unable to read encrypted data or queries. Answering a query does not depend on it size and done in a constant time. Data access is managed by the data owner. The proposed schema allows unauthorized modifications detection
ACCESSING SECURED DATA IN CLOUD COMPUTING ENVIRONMENTIJNSA Journal
Number of businesses using cloud computing has increased dramatically over the last few years due to the attractive features such as scalability, flexibility, fast start-up and low costs. Services provided over the web are ranging from using provider’s software and hardware to managing security and other issues. Some of the biggest challenges at this point are providing privacy and data security to subscribers of public cloud servers. An efficient encryption technique presented in this paper can be used for secure access to and storage of data on public cloud server, moving and searching encrypted data through communication channels while protecting data confidentiality. This method ensures data protection against both external and internal intruders. Data can be decrypted only with the provided by the data owner key, while public cloud server is unable to read encrypted data or queries. Answering a query does not depend on it size and done in a constant time. Data access is managed by the data owner. The proposed schema allows unauthorized modifications detection.
Cloud Computing is the revolution in current generation IT enterprise. Cloud computing displaces database and application software to the large data centres, where the management of services and data may not be predictable, where as the conventional solutions, for IT services are under proper logical, physical and personal controls. This aspect attribute, however comprises different security challenges which have not been well understood. It concentrates on cloud data storage security which has always been an important aspect of quality of service (QOS). In this paper, we designed and simulated an adaptable and efficient scheme to guarantee the correctness of user data stored in the cloud and also with some prominent features. Homomorphic token is used for distributed verification of erasure – coded data. By using this scheme, we can identify misbehaving servers. In spite of past works, our scheme supports effective and secure dynamic operations on data blocks such as data insertion, deletion and modification. In contrast to traditional solutions, where the IT services are under proper physical, logical and personnel controls, cloud computing moves the application software and databases to the large data centres, where the data management and services may not be absolutely truthful. This effective security and performance analysis describes that the proposed scheme is extremely flexible against malicious data modification, convoluted failures and server clouding attacks.
DISTRIBUTED SCHEME TO AUTHENTICATE DATA STORAGE SECURITY IN CLOUD COMPUTINGijcsit
Cloud Computing is the revolution in current generation IT enterprise. Cloud computing displaces
database and application software to the large data centres, where the management of services and data
may not be predictable, where as the conventional solutions, for IT services are under proper logical,
physical and personal controls. This aspect attribute, however comprises different security challenges
which have not been well understood. It concentrates on cloud data storage security which has always been
an important aspect of quality of service (QOS). In this paper, we designed and simulated an adaptable and
efficient scheme to guarantee the correctness of user data stored in the cloud and also with some prominent
features. Homomorphic token is used for distributed verification of erasure – coded data. By using this
scheme, we can identify misbehaving servers. In spite of past works, our scheme supports effective and
secure dynamic operations on data blocks such as data insertion, deletion and modification. In contrast to
traditional solutions, where the IT services are under proper physical, logical and personnel controls,
cloud computing moves the application software and databases to the large data centres, where the data
management and services may not be absolutely truthful. This effective security and performance analysis
describes that the proposed scheme is extremely flexible against malicious data modification, convoluted
failures and server clouding attacks.
Cloud Computing is the revolution in current generation IT enterprise. Cloud computing displaces database and application software to the large data centres, where the management of services and data may not be predictable, where as the conventional solutions, for IT services are under proper logical, physical and personal controls. This aspect attribute, however comprises different security challenges which have not been well understood. It concentrates on cloud data storage security which has always been an important aspect of quality of service (QOS). In this paper, we designed and simulated an adaptable and efficient scheme to guarantee the correctness of user data stored in the cloud and also with some prominent features. Homomorphic token is used for distributed verification of erasure – coded data. By using this scheme, we can identify misbehaving servers. In spite of past works, our scheme supports effective and secure dynamic operations on data blocks such as data insertion, deletion and modification. In contrast to traditional solutions, where the IT services are under proper physical, logical and personnel controls, cloud computing moves the application software and databases to the large data centres, where the data management and services may not be absolutely truthful. This effective security and performance analysis describes that the proposed scheme is extremely flexible against malicious data modification, convoluted failures and server clouding attacks.
Security Issues’ in Cloud Computing and its Solutions. IJCERT JOURNAL
Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.
Effective & Flexible Cryptography Based Scheme for Ensuring User`s Data Secur...ijsrd.com
Cloud computing has been envisioned as the next-generation architecture of IT enterprise. In contrast to traditional solutions, where the IT services are under proper physical, logical and personnel controls, cloud computing moves the application software and databases to the large data centers, where the management of the data and services may not be fully trustworthy. This unique attribute, however, poses many new security challenges which have not been well understood. In this article, we focus on cloud data storage security, which has always been an important aspect of quality of service. To ensure the correctness of users' data in the cloud, we propose an effective and flexible cryptography based scheme. Extensive security and performance analysis shows that the proposed scheme is highly efficient and resilient against malicious data modification attack.
Abstract: Cloud computing model are obtaining ubiquitous authorization due to the heterogeneous convenience they provide. Although, the
security & privacy problems are the main considerable encumbrance holding back the universal adoption of this new emerging technology.
Various researches are concentrated on enhancing the security on Software as well as Hardware levels on the cloud. But these interpretations do
not mainly furnish the complete security way and therefore the data security compute (measure) are still kept under the access control of service
provider. Trusted Computing is another research concept. In actuality, these furnish a set of tools controlled by the third party technologies to
secure the Virtual Machines from the cloud computing providers. These approaches provides the tools to its consumers to assess and monitor the
aspects of security their data, they don’t allocate the cloud consumers with high control capability. While as the new emerging DCS approach
aims to provide the security of data owners of their data. But the DCS approach concept is elucidate in many ways and there is not a
standardized framework of cloud computing environment model for applying this approach.
International Journal of Engineering Research and DevelopmentIJERD Editor
Electrical, Electronics and Computer Engineering,
Information Engineering and Technology,
Mechanical, Industrial and Manufacturing Engineering,
Automation and Mechatronics Engineering,
Material and Chemical Engineering,
Civil and Architecture Engineering,
Biotechnology and Bio Engineering,
Environmental Engineering,
Petroleum and Mining Engineering,
Marine and Agriculture engineering,
Aerospace Engineering.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
"Impact of front-end architecture on development cost", Viktor Turskyi
C017421624
1. IOSR Journal of Computer Engineering (IOSR-JCE)
e-ISSN: 2278-0661,p-ISSN: 2278-8727, Volume 17, Issue 4, Ver. II (July – Aug. 2015), PP 16-24
www.iosrjournals.org
DOI: 10.9790/0661-17421624 www.iosrjournals.org 16 | Page
Effective Modular Order Preserving Encryption on Cloud Using
MHGD
N.Jayashri.1
T.Chakravarthy.2
1
Research Scholar, AVVM Sri Pushpam College,Tamilnadu, India.
2
Asso. Professor AVVM Sri Pushpam College,Tamilnadu, India.
Abstract: Cloud computing strengthens its presence in the public sector, Organizations and individuals are
looking for cloud services to improve productivity, security and reduce costs. Apart from communication, file
storage is the main requirement for common people. Traditional data centers consist of large collections of
server farms implementing perimeter-security measures. Public cloud offersa multitenant service, in which the
concept of the network perimeter evaporates. For the former concern, data encryption before outsourcing is the
simplest way to protect data privacy. But encryption also makes deploying traditional data utilization services
— a difficult. This problem on how to search encrypted data has recently gained attention and led to the
development of searchable encryption techniques. In this work we are try to implement Modular Order
Preserving Encryption(MOPE), a primitive which allowing a efficient modular range queries on encrypted
documents. This is a kind of Searchable Encryption Scheme. MOPE improves the security of OPE in the sense,
as it does not leak any information about the location of plaintext, Boldyvera et.al. Main goal of this work is to
improve the security provided by the existing MOPE approaches with the help of Multivariate Hypergeometric
Distribution (MHGD).
Keywords: Deterministic Encryption, Hypergeometric Distribution, Modular OPE, Multivariate HGD, Order
Preserving Encryption, Range Queries, Searchable Encryption,.
I. Introduction
In the evolution of computing technology, information processing has moved from mainframes to
personal computers to server-centric computing to the Web. Today, many organizations are seriously
considering adopting cloud computing, the next major milestone in technology and business collaboration[1].
Cloud computing has been defined by NIST(National Informatic Science and Technonology) as a model for
enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g.,
networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal
management effort or cloud provider interaction. Cloud Computing remains a work in progress [2].
Fig.1.Cloud Structure
2. Effective Modular Order Preserving Encryption On Cloud Using MHGD
DOI: 10.9790/0661-17421624 www.iosrjournals.org 17 | Page
Although cloud computing‘s benefits are tremendous, security and privacy concerns are the primary
obstacles to wide adoption [3]. Because cloud service providers (CSPs) are separate administrative entities,
moving to the commercial public cloud deprives users of direct control over the systems that manage their data
and applications. Even if CSPs‘ infrastructure and management capabilities are much more powerful and
reliable than those of personal computing devices, the cloud platform still faces both internal and external
security and privacy threats, including media failures, software bugs, malware, administrator errors and
malicious insiders. Noteworthy outages and security breaches to cloud services appear from time to time[3].
Because users don‘t have access to the cloud‘s internal operational details, CSPs might also voluntarily
examine users‘ data for various reasons without detection[4].Although it increases resource utilization, this
unique multitenancy feature also presents new security and privacy vulnerabilities for user
interactions[5].Hence, we argue that the cloud is intrinsically insecure from a user‘s viewpoint. Without
providing a strong security and privacy guarantee, we can‘t expect users to turn control of their data and
computing applications over to the cloud based solely on economic savings and service flexibility[3].
According to users involved in the cloud can be classified in to three categories. A public cloud is one
in which the infrastructure and other computational resources that it comprises are made available to general
public over the Internet. It is owned by a cloud provider selling cloud services and by definition is external to an
organization greater control over the infrastructure and computational resources than does a public cloud [2].As
individuals and enterprises produce more and more data that must be stored and utilized , they‘re motivated to
outsource their local complex data management systems to the cloud owing to its greater flexibility andcost-
efficiency. However, once users no longer physically possess their data, its confidentiality and integrity can be
at risk[4].Traditionally, to control the dissemination of privacy-sensitive data, users establish a trusted server to
store data locally in clear, and then control that server to check whether requesting users present proper
certification before letting them access the data[8]. From a security standpoint, this access control architecture is
no longer applicable when we outsource data to the cloud.Data encryption before outsourcing is the simplest
way to protect data privacy and combat unsolicited access in the cloud and beyond. But encryption also makes
deploying traditional data utilization services — such as plaintext keyword search over textual data or query
over database — a difficult task. The trivial solution of downloading all the data and decrypting it locally is
clearly impractical, due to the huge bandwidth cost resulting from cloud-scale systems. Moreover, aside from
eliminating local storage management, storing data in the cloud serves no purpose unless people can easily
search and utilize that data.
Another important issue thatarises when outsourcing dataservice to the cloud is protecting data
integrity and long-term storagecorrectness. Although outsourcingdata to the cloud is economicallyattractive for
long-term, largescalestorage, it doesn‘t immediatelyguarantee data integrity andavailability. This problem, if
notproperly addressed, can impede thesuccessful deployment of a cloudarchitecture. Given that users nolonger
locally possess their data, theycan‘t utilize traditional cryptographicprimitives to protect its correctness[5].Such
primitives usually require alocal copy of the data for integrityverification, which isn‘t viable whenstorage is
outsourced. Furthermore,the large amount of cloud data andthe user‘s constrained computingcapabilities make
data correctnessauditing in a cloud environmentexpensive and even formidable [5].Other challengingsecurity
problems include assureddata deletion and remote assessmentof fault tolerance that is, the remotedetection of
hard-drive failurevulnerabilitiesin the cloud[7].Ultimately, the cloud is neither good nor bad: it‘s just a new
paradigm with its own advantages and disadvantages. Over time, some of these concerns will be solved or the
risks will be reduced to acceptable levels. For now, these concerns have kept cloud adoption at a modest
pace.[6]
The rest of the paper is organized as follows: Section 2 List, some of the Searchable Encryption
techniques. Existing works in Order Preserving Encryption is listed in Section 3. Section 4, list the designing
goals of this work .Section 5 explain about our proposed work. Performance analysis is dicussed in section 6.
Section 7 presents a security analysis of our approach. Finally Section 8 gives the conclusion of the whole work
done in this paper.
II. Searchable Encryption
The problem on how to search encrypted data has recently gained attention and led to the
development of searchable encryption techniques. At a high level, a searchable encryption scheme employs a
prebuilt encrypted search index that lets users with appropriate tokens securely search over the encrypted data
via keywords without first decrypting it. However, considering the potentially large number of on-demand data
users and the huge amount of outsourced data files in the cloud, this problem is still particularly challenging
because meeting performance, system usability, and scalability requirements is extremely difficult. In this
context, numerous interesting yet challenging problems remain, including similarity search over encrypted data,
secure ranked search over encrypted data, secure multikeyword semantic search, secure range query, and even
secure search over non-textual data such as graph or numerical data.
3. Effective Modular Order Preserving Encryption On Cloud Using MHGD
DOI: 10.9790/0661-17421624 www.iosrjournals.org 18 | Page
2.1. Probabilistic Encryption.
This is the encryption scheme use randomness in an encryption algorithm, so that when encrypting the
same message several times it will, in general, yield different ciphertexts. The term "probabilistic encryption"
is typically used in reference to public key encryption algorithms, however varioussymmetrickey encryption
algorithms achieve a similar property (e.g., block ciphers when used in a chaining mode such as CBC). To be
semantically secure, that is, to hide even partial information about the plaintext, an encryption algorithm
must be probabilistic.Probabilistic encryption is particularly important when using public key cryptography.
Suppose that the adversary observes a ciphertext, and suspects that the plaintext is either "YES" or "NO", or has
a hunch that the plaintext might be "ATTACK AT CALAIS".
2.2. Deterministic encryption.
Thisis a cryptosystem which always produces the same ciphertext for a given plaintext and key, even
over separate executions of the encryption algorithm. Examples of deterministic encryption algorithms include
RSA cryptosystem (without encryption padding), and many block ciphers when used in ECB mode or with a
constant initialization vector.When a deterministic encryption algorithm is used, the adversary can simply try
encrypting each of his guesses under the recipient's public key, and compare each result to the target ciphertext.
To combat this attack, public key encryption schemes must incorporate an element of randomness, ensuring that
each plaintext maps into one of a large number of possible ciphertexts.An intuitive approach to converting a
probabilistic encryption scheme into a deterministic one is to simply avoid padding in the plaintext before
encrypting with the probabilistic algorithm.
2.3. Homomorphic Encryption.
We want to query a search engine, but don't want to tell the search engine what we are looking for?
We might consider encrypting our query, but if we use an ordinary encryption scheme, the search engine will
not be able to manipulate our ciphertexts to construct a meaningful response. What we would like is a
cryptographic equivalent of a photograph developer's "dark room", where the search engine can process our
query intelligently without ever seeing it [23].A "fully homomorphic" encryption scheme creates exactly this
cryptographic dark room. Using it, anyone can manipulate ciphertexts that encrypt data under some public key
‗pk‘ to construct a ciphertext that encrypts *any desired function* of that data under ‗pk‘. Such a scheme is
useful in the settings above.
In 2009, Gentry proposed the first efficient fully homomorphic encryption scheme. It is efficient in the
sense that all algorithms run in time polynomial in the security parameter and the size of the function f that we
are computing, and the size output ciphertext grows only linearly with the size off's output. Although all
algorithms run in polynomial time, there is still work to be done to make it truly practical.Members of the group
are very active in investigating new forms of homomorphic encryption and also in implementations to test its
practical applicability.Homomorphic encryptions allow complex mathematical operations to be performed on
encrypted data without compromising the encryption. In mathematics, homomorphic describes the
transformation of one data set into another while preserving relationships between elements in both sets. The
term is derived from the Greek words for "same structure." Because the data in a homomorphic encryption
scheme retains the same structure, identical mathematical operations ─ whether they are performed on
encrypted or decrypted data ─ will yield equivalent results.Homomorphic encryption is expected to play an
important part in cloud computing, allowing companies to store encrypted data in a public cloud and take
advantage of the cloud provider‘s analytic services [24].
A breakthrough theoretical approach, fully homomorphicencryption (FHE)[12], and a number of
follow-up works, while generic, is currently inefficient, and seems unlikely to become truly practical in the
foreseeable future. Although a significant effort is underway in the theoretical community to improve the
performance of FHE, it is unlikely that fully-homomorphic encryption will approach the efficiency of current
public key encryption (PKE) schemes any time soon.[9]
III. Existing Work
Searchable encryption is still far from providing the same search usability, functionality, and flexibility
as in plaintext search. How to create the same search experiences over encrypted cloud data for users, while
providing the security and privacy guarantees? To enable semantic –rich encrypted search over largescale cloud
data. Order Preserving Encryption(OPE) can be viewed as a tool somewhat similar to fully-homomorphic
encryption, in that it can repeatedly operate on encrypted data. It is weaker than FHE since the manipulation
primitive is limited to equality checking and comparisons.[9]
4. Effective Modular Order Preserving Encryption On Cloud Using MHGD
DOI: 10.9790/0661-17421624 www.iosrjournals.org 19 | Page
3.1. Order Preserving Encryption.
Much of the value of cloud services lies in leveraging client data, which often conflicts with the client‘s
desire to keep that data private. Generic theoretical approaches, such as fully-homomorphic encryption, are
inefficient. Ad hoc approaches, such as OPE, provide solutions to a limited class of problems (e.g., evaluating
encrypted range queries). [9]. OPE was proposed in the database community by Agrawal[11].E is an order
preserving encryption function, and p1 and p2 are two plaintext values,and
c1 = E(p1).
c2 = E(p2).
if (p1 < p2) then (c1 < c2).
Fig. 2. Order Preserving Encryption.
c1 and c2 are two corresponding chipertext values.
Query results from OPE will be sound and complete. Comparison operations will be performed without
decrypting the operands. It also Tolerate updates [10].OPE Encryption is a two-step process. First step is,
Source (plaintext) to uniform conversion. And the second step is, Uniform to target (ciphertext) conversion. For
Decryption, above steps are performed in a reverse order.
Fig.3. Steps Involved in OPE.
There are a number of applications which could benefit from order-preserving encryption. For privacy
protection the word frequency values are encrypted with OPE, enabling a ranked search on the indexes. Wang et
al. [13] propose a scheme that supports secure and efficient ranked keyword searches over encrypted datastored
in the cloud by applying order-preserving encryption on certain relevance criteria such as the frequency of
keywords.
Ding and Klein [14] propose an application-level encryption solution to protect the privacy and
confidentiality of health data. In particular, their solution relies on order-preserving encryption to enable some
operation on dates expressed in milliseconds without first having to decrypt them. These and other applications
of OPE (e.g., [15, 16, and 17]) all target an outsourced computation or storage model, which are key
characteristics of cloud computing. Order-preserving encryption is often seen as a powerful cryptographic tool
that can be securely plugged into existing systems.[9].OPE algorithm following three steps: modeling the input
5. Effective Modular Order Preserving Encryption On Cloud Using MHGD
DOI: 10.9790/0661-17421624 www.iosrjournals.org 20 | Page
and target distributions, attening the plaintext database into a at database, and transforming the at database into
the cipher database.
3.2. Order Preserving Symmetric Encryption.
An order-preserving symmetric encryption scheme is a deterministic symmetric encryption scheme
whose encryption algorithm produces ciphertexts that preserve numerical ordering of the plaintexts. In fact,
OPE not only allows efficient range queries, but allows indexing and query processing to bedone exactly and as
efficiently as for unencrypted data, since a query just consists of the encryptionsof a and b and the server can
locate the desired ciphertexts in logarithmic-time via standard tree-baseddata structures[18].Allowing range
queries on encrypted data in the public-key setting was studied in [19, 20]. While their schemes provably
provide strong security, they are not efficient, requiring to scan the whole database on every query.
We turn to an approach along the lines of pseudorandom functions (PRFs) or permutations (PRPs),
requiring that no adversary can distinguish between oracle access to the encryption algorithm of the scheme or a
corresponding ―ideal‖ object. In our case the latter is a random order-preserving [18]. Blockciphers,usual
tool in the symmetric-key setting, do not seem helpful in preserving plaintext order. Construction proposed by A
Boldyreva et. al.[18] takes a different route, borrowing some tools from probability theory. They uncover a
relation between a random order-preserving function and the hypergeometric (HG) and negative hypergeometric
(NHG) probability distributions.First, assigning multiple plaintexts to ciphertexts independently accordingto the
NHG distribution cannot work, it require frequent adjustment in the parameters of the NHG sampling algorithm
appropriately for each new plaintext. But we want astateless scheme. Instead of making the long random tape
the secret key K for our scheme, we can makeit the key for a PRF and generate portions of the tape dynamically
as needed. Since the size of parameters to the NHG sampling algorithm as well as the number of random coins it
needs varies during the binary search, and also because such a construction seemsuseful in general. Finally, our
scheme needs an efficient sampling algorithm for theNHG distribution. We turn to a related probability
distribution, namely the hypergeometric (HG) distribution,for which a very efficient exact sampling algorithm
[18].
A Boldyvera et. al.[18] address the open problem of characterizing what encryption via a random
order-preserving function (ROPF) leaks about underlying data. In particular, they show that, for a database of
randomly distributed plaintexts and appropriate choice of parameters, ROPF encryption leaks neither the precise
value of any plaintext nor the precise distance between any two of them. On the other hand, they show that
ROPF encryption leaks approximate value of any plaintext as well as approximate distance between any two
plaintexts, each to an accuracy of about square root of the domain size. They also study schemes that are not
order-preserving, but which nevertheless allow efficient range queries and achieve security notions stronger than
Psuedorandom Order Preserving Encryption(POPF)[18]. In a setting where the entire database is known in
advance of key-generation, we show that recent constructions of monotone minimal perfect hash functions
allow to efficiently achieve the notion of IND-OCPA(Indisdiguisability-Chosen Plaintext
Attack) also considered by Boldyreva et al., which asks that only the order relations among the plaintexts is
leaked.
IV. Proposed Method
4.1. Using Modular Order Preserving Encryption
Modular order-preserving encryption (MOPE),due to Boldyreva et al. [8], is a promising extension
thatincreases the security of the basic OPE by introducing a secretmodular offset to each data value prior to
encryptingit. However, executing range queries via MOPE in a nativeway allows the adversary to learn this
offset, negating anypotential security gains of this approach. We try to implement modular order-preserving
encryption (MOPE), in which the scheme of Multivariate Hypergeometric Distribution (MHGD) prepended
with a OPE. MOPE with MHGD improves the efficiency of MOPE in a sense, as it Produce coins which are
more complicated to brute force.
A modular order-preserving encryption (MOPE) scheme is an extension to OPE that increases its
security. Instead of defining such a scheme in general, we define a transformation to obtain it from a given OPE
scheme.The transformation. Let OPE = (Kg´; Enc´; Dec´) be an OPE scheme. We define the associated modular
OPE scheme MOPE[OPE] = (Kg; Enc; Dec) where
Notations used
Kg = Key generator
Enc = Encryption Algorithm
Dec =Decryption Algorithm
M = Group size
6. Effective Modular Order Preserving Encryption On Cloud Using MHGD
DOI: 10.9790/0661-17421624 www.iosrjournals.org 21 | Page
D = Sub_group size
n =Sample size
Fig. 4.MOPE (Encrypted Value Distribution).
* Kg generates K ←$ Kg´ and j← $[M]; it outputs (K; j).
* Enc on inputs a key K and a plaintext m outputs Enc´ (K, m + j mod M).
* Dec on inputs a key K and a ciphertext c outputs Dec(K; c) ─ j mod M.
Above, the value j in the secret key of MOPE[OPE] is calledthe secret offset or displacement.
4.2. Using Multivariate Hypergeometric Distribution
Discrete distributions can only take a discrete number of values. This number may be infiniteor finite.
In HGD, Models the number of items of a particular type there will be in a sample of size n where that sample
is drawn from a population of size ‗M‘ of which ‗D‘ are also of that particular type. An extension of the
Hypergeometric distribution where more than two sub-populations of interest exist is called Multivariate
Hypergeometric distribution.Multivariate distributions describe several parameters whose values are
probabilistically linked in some way[23]. The MHGD is created by extending the mathematics of the HGD.
For the HGD with a sample of size n, the probability of observing s individuals from a sub-group of size M, and
therefore (n-s) from the remaining number (M-D):
Fig.5.Multivariate Hypergeometric distribution
And results in the probability distribution for s:
7. Effective Modular Order Preserving Encryption On Cloud Using MHGD
DOI: 10.9790/0661-17421624 www.iosrjournals.org 22 | Page
The numerator is the number of different sampling combinations (each of which has the same
probability because each individual has the same probability of being sampled) where one would have exactly s
from the sub-group D (and by implication (n-s) from the sub-group (M-D). The denominator is the total number
of different combinations of individuals one could have in selecting n individuals from a group of size M. Thus
the equation is just the proportion of different possible scenarios, each of which has the same probability, that
would give us s from D [23]. The Multivariate Hypergeometric probability equation is just an extension of this
idea. D1, D2, D3 and so on are the number of individuals of different types in a population, and x1, x2, x3, ... are
the number of successes. And results in the probability distribution for {s}:
where
5.2. Psudocode for Encryption Algorithm
Existing MOPE method, use a HGD method for coin generation. We alter that in a simple way to using
MHGD method for coin generation. Below mentioning psudocode describe the notations and logic which are
used to implement MHGD in MOPE. See encryption algorithm for the formal descriptions of Enc, where as
before l1 = l(D,R,y) is the number of coins needed by MHGD on inputs D,R, y, and lR is the number of coins
needed to select an element of R uniformly at random.
Encryption Algorithm for Using MHGD for MOPE
EncryptionKey (D,R,m)
1. Assign |D| to M and |R| to N.
2. Calculate min(D)-1 and assign it to d;
3. Calculate min(R)-1 and assign it to r;
4. Calculate [N/2], add with 2 and assign it toy;
5. Check whether |D| = 1 then
a. Invoke TapeGen function with parameters K,1l1
,(D,R,0||Y)) assign the result to cc.
b. Assign R to c.
c. Return c.
6. Return Encrypted values.
Algorithm for Tapegeneration
1. Calculate MHGD with parameters D,R,y,n;cc and assign the result to x.
2. Check If m is less than are equal to x then
a. Assign {d+1,.....x} to D.
b. Assign {r+1,......y} to R.
3. Else
a. Assign {x+1,.....,d+M} to D.
b. Assign {y+1,.....,r+N} to R.
The efficiency of our scheme follows from our previous analyses. Encryption and decryption require
the time for at most logN + 3 invocations of MHGD on inputs of size at most logN plus at most (5 logM + 14) .
(5 logN + λ‘
+ 1)=128 invocations of AES on average for λ‘
in the theorem.
5. Security Analysis
We show that a random modular OPF, unlike a random OPF, completely hides the locations of the data
points.We will also try to sort out leakage with respect to distance and window-distance one-wayness. On the
8. Effective Modular Order Preserving Encryption On Cloud Using MHGD
DOI: 10.9790/0661-17421624 www.iosrjournals.org 23 | Page
other hand, if the adversary is able to recover a single known plaintext-ciphertext pair, security falls back to that
of a random OPF in Previous Scheme but our Proposed method not exactly reveal the plaintext - chipertext pair.
We propose a changes to an existing MOPE scheme that also improves the security performance of
any OPE. The resulting scheme is no longer strictly order-preserving, but it still permits range queries.
However, now the queries must be modular range queries. Standard range queries are not supported, as only
―modular order‖ rather than order is leaked. The changes in MOPE is simple, generic, and basically free
computation-wise.
Notice that a MOPE is suitable for modular range query support as follows. To request the ciphertexts
of the messages in the range [m1;m2] (if m1 _ m2), or [m1;M][[1;m2] (if m1 > m2), the user computes c1
Encm(K;m1); c2 Encm(K;m2) and submits ciphertexts (c1; c2) as the query. The server returns the ciphertexts
in the interval [c1; c2] (if c1 _ c2) or [c1;N] [ [1; c2] (if c1 > c2).Note that an MOPF could alternatively be
defined with a MHGD following the OPF rather than a random plaintext shift preceding it. The advantage of the
above definition is that the map from (OPF, ciphertext offset) pairs to MOPFs is bijective whereas in the
alternative it is not one-to-one.
5.1. Performance Analysis
We propose a technique that improveson the efficiency of any MOPE scheme without sacrificing
security. ROPF analysisreveals information leakage in OPE not alluded to by [9], namely about the locations of
the data pointsrather than just the distances between them. We suggest a modification to an MOPE scheme
thatovercomes this. The modification to the scheme issimple and generic: the encryption algorithm just adds a
secretoffset to the message before encryption. The secret offset is the same for all messages. We use
amethodMHGD for modular OPE scheme, and generalize the security notion: the ideal objectis now a random
modular OPF (RMOPF), i.e. a random OPF applied to messages with a randomlypicked offset. It is easy to see
that any MOPE scheme, using MHGD yields a efficient architecture for the above transformation.
V. Conclusion
We revisited security of symmetric order-preserving schemes defined in [9]. We formally clarify
thestrengths and limitations of any OPE scheme proven to be a pseudorandom order-preserving function(POPF),
and in particular, the efficient OPE scheme proposed in [9]. Namely, for any POPF-secure OPEour analysis
together with the result of [9] provides upper bounds on the advantages of any adversariesattacking the one-
wayness and distance one-wayness, (2) lower bounds on the window one-wayness andwindow distance one-
wayness advantages. We hope our results help practitioners to estimate the risksand security guarantees of using
a secure OPE in their applications. Our analysis also gives directionsin selecting the size of the ciphertext space.
Finally we propose a simple and efficient transformationthat can be applied to any MOPE scheme. Our analysis
shows that the transformation yields a schemewith improved efficiency in that the scheme resists the one-
wayness and window one-wayness attacks.
References
[1]. Crowe Horwath LLP, Warren Chan, Eugene Leung,Heidi Pili. Enterprise Risk Management for Cloud
Computing.ResearchCommissionedby COSO.(June 2012).
[2]. Wayne Jansen Timothy Grance. NIST-Draft-SP-800-144_cloud-computing - Guidelines on Security and Privacy in Public Cloud
Computing.
[3]. ―Security Guidance for Critical Areas of Focus in Cloud Computing,‖ Cloud Security Alliance, Dec. 2009;
https://cloudsecurityalliance.org/csaguide.pdf.
[4]. Kui Ren, Cong Wang, and Qian Wang . Security Challenges for the Public Cloud. Illinois Institute ofTechnology.
[5]. C. Wang et al., Privacy-Preserving Public Auditing for Storage Security in Cloud Computing, Proc. 30th IEEE Int‘l Conf.
Computer Communications (INFOCOM 10), IEEE Press, 2010, pp. 525–533.
[6]. Paul Hofmann .Cloud Computing: The Limits of Public Clouds for Business Applications.SAP Labs
[7]. Dan Woods.CITO Research.
[8]. K. Bowers et al. How to Tell if Your Cloud Files Are Vulnerable to Drive Crashes.Proc. 18th ACM Conf. Computer and
Communications Security (CCS 11), ACM Press, 2011, pp. 501–514.
[9]. S. Yu et al.Achieving Secure, Scalable, and Fine-Grained Access Control in Cloud Computing, Proc. 30th IEEE Int‘l Conf.
Computer Communications (INFOCOM 10), IEEE Press, 2010, pp. 534–542.
[10]. Vladimir Kolesnikov and Abdullatif Shikfa.On The Limits of Privacy Provided by Order- Preserving Encryption. Bell Labs
Technical Journal.
[11]. Boldyreva, N. Chenette, and A. O‘Neill. Order-preserving encryption revisited: improved:security analysis and alternative
solutions. In Proceedings of the 31st International Conference on Advances in Cryptology, CRYPTO, 2011.
[12]. R. Agrawal, J. Kiernan, R. Srikant, and Y. Xu. Order preserving encryption for numeric data. In Proceedingsof the ACM
International Conference on Management of Data, SIGMOD, 2004.
[13]. C. Gentry.Fully Homomorphic EncryptionUsing Ideal Lattices. Proc. 41st ACM Symp. OnTheory of Comput. (STOC ‘09)
(Bethesda, MD,2009), pp. 169–178.
[14]. C. Wang, N. Cao, J. Li, K. Ren, and W. Lou. Secure Ranked Keyword Search overEncrypted Cloud Data. Proc. 30th IEEEInternat.
Conf. on Distrib. Comput. Syst.(ICDCS ‘10) (Genova, Ita., 2010), pp. 253–262.
[15]. Y. Ding and K. Klein.Model-DrivenApplication-Level Encryption for the Privacy ofE-Health Data,Proc. 5th Internat. Conf.
OnAvailability, Reliability, and Security (ARES ‘10)(Krakow, Pol., 2010), pp. 341–346.
9. Effective Modular Order Preserving Encryption On Cloud Using MHGD
DOI: 10.9790/0661-17421624 www.iosrjournals.org 24 | Page
[16]. H. Liu, H. Wang, and Y. Chen, Ensuring DataStorage Security Against Frequency-BasedAttacks in Wireless Networks. Proc. 6th
IEEEInternat. Conf. on Distrib. Comput. in SensorSyst. (DCOSS ‘10) (Santa Barbara, CA, 2010),LNCS vol. 6131, pp. 201–215.
[17]. R. A. Popa, C. M. S. Redfield, N. Zeldovich, andH. Balakrishnan. CryptDB: ProtectingConfidentiality with Encrypted
QueryProcessing. Proc. 23rd ACM Symp. OnOperating Syst. Principles (SOSP ‘11)(Cascais, Prt., 2011), pp. 85–100.
[18]. Q. Tang. Privacy Preserving Mapping SchemesSupporting Comparison. Proc. ACM CloudComput. Security Workshop (CCSW
‘10)(Chicago, IL, 2010), pp. 53–58.
[19]. Boldyreva, N. Chenette, Y. Lee, and A. O‘Neill. Order-preserving symmetric encryption. In Proceedings of the 28th International
Conference on Advances in Cryptology, EUROCRYPT, 2009.
[20]. D. Boneh and B. Waters. Conjunctive, subset, and range queries on encrypted data. In Proceedings of the
[21]. 4th Theory of Cryptography Conference, TCC, 2007
[22]. E. Shi, J. Bethencourt, T-H. H. Chan, D. Song, and A. Perrig. Multi-dimensional range queryover encrypted data. In Symposium on
Security and Privacy '07, pp. 350{364. IEEE, 2007.
[23]. V. Kachitvichyanukul and B. W. Schmeiser. Computer generation of hypergeometric randomvariates. Journal of Statistical
Computation and Simulation, 22(2):127-145, 1985.
[24]. A. J. Walker. An efficient method for generating discrete random variables with general distributions.
[25]. ACM Transactions on Mathematical Software, 3:253-256, 1977.
[26]. Discrete distributions. http://www.vosesoftware.com/index.php.
[27]. Homomorphic Encryption. http://www.wikipedia.com/Homomorphic Encryption.php.