The grid computing coordinates resource sharing between different administrative domains in large scale,
dynamic, and heterogeneous environment. Efficient and secure certificateless public key cryptography (CLPKC)
based authentication protocol for multi-domain grid environment is widely acknowledged as a
challenging issue. Trust relationships management across domains is the main objective of authentication
protocols in real grid computing environments. In this paper, we discuss the grid pairing-free certificateless
two-party authenticated key agreement (GPC-AKA) protocol. Then, we provide a cross domain trust
model for GPC-AKA protocol in grid computing environment. Moreover, we analysis the GPC-AKA
protocol in multiple trust domains simulated environment using GridSim toolkit.
pay as you decrypt decryption outsourcing for functional encryption using blo...Venkat Projects
The document discusses a proposed system called functional encryption with payable outsourced decryption (FEPOD) that uses blockchain technology. FEPOD allows outsourcing decryption tasks to an untrusted third party while enabling payment through cryptocurrency processed on the blockchain. It defines the security model for FEPOD and presents a generic construction along with analyzing its security. The system was implemented on a blockchain platform to evaluate feasibility. FEPOD allows verification of outsourced decryption results and zero-knowledge contingent payments between users and third parties performing the decryption tasks.
766 a secure-data-sharing-in-cloud-storage-with-independent-key-generation-ce...revathirram
This document summarizes a research paper that proposes a mediated certificateless public key encryption (mCL-PKE) scheme for secure data sharing in cloud storage. The key points are:
1) The mCL-PKE scheme solves problems of key escrow and certificate revocation without using computationally expensive bilinear pairing operations.
2) It uses a security mediator to instantly revoke compromised users and enforce access policies. The mediator also supports partial decryption to preserve data confidentiality.
3) The scheme extends mCL-PKE with an access control list to allow the data owner to encrypt data only once for multiple authorized users, improving efficiency over previous pairing-based schemes.
ENABLING CLOUD STORAGE AUDITING WITH VERIFIABLE OUTSOURCING OF KEY UPDATESNexgen Technology
TO GET THIS PROJECT COMPLETE SOURCE ON SUPPORT WITH EXECUTION PLEASE CALL BELOW CONTACT DETAILS
MOBILE: 9791938249, 0413-2211159, WEB: WWW.NEXGENPROJECT.COM,WWW.FINALYEAR-IEEEPROJECTS.COM, EMAIL:Praveen@nexgenproject.com
NEXGEN TECHNOLOGY provides total software solutions to its customers. Apsys works closely with the customers to identify their business processes for computerization and help them implement state-of-the-art solutions. By identifying and enhancing their processes through information technology solutions. NEXGEN TECHNOLOGY help it customers optimally use their resources.
International Journal of Computational Engineering Research(IJCER) ijceronline
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
Circuit Ciphertext-policy Attribute-based Hybrid Encryption with Verifiable D...1crore projects
IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
DECENTRALIZED ACCESS CONTROL OF DATA STORED IN CLOUD USING KEY POLICY ATTRIBU...Migrant Systems
This document proposes a decentralized access control method for data stored in the cloud using key policy attribute-based encryption (KP-ABE). It aims to allow fine-grained access control while maintaining data confidentiality and scaling efficiently. The method defines and implements access policies based on data attributes. It also allows the data owner to delegate access control tasks to cloud servers without revealing data contents. This is achieved using a combination of decentralized KP-ABE and a time-based file deletion scheme. The proposed approach is analyzed and shown to be highly secure and efficient.
IRJET- An Efficient Data Sharing Scheme in Mobile Cloud Computing using Attri...IRJET Journal
This document proposes an efficient data sharing scheme for mobile cloud computing using attribute-based encryption. It discusses challenges with securely storing data in the cloud, including ensuring data confidentiality and integrity. Existing techniques like fully homomorphic encryption and attribute-based encryption are reviewed, but have limitations for resource-constrained mobile devices. The proposed scheme aims to provide security while reducing computational overhead, through using proxy servers to handle intensive operations and a lazy re-encryption approach for user revocation. It also discusses using provable data possession techniques to verify the integrity of outsourced data.
CLOUD BASED ACCESS CONTROL MODEL FOR SELECTIVE ENCRYPTION OF DOCUMENTS WITH T...IJNSA Journal
This document proposes a cloud-based access control model for selectively encrypting documents with traitor detection. It aims to address the high computational overhead of key management and secret sharing in existing attribute-based encryption approaches for cloud data security. The proposed model uses efficient algorithms and protocols like aggregate equality oblivious commitment-based envelope protocol and fast access control vector broadcast group key management to reduce overhead. It also introduces a traitor tracing technique to identify any traitors in the two-layer encryption environment for cloud computing.
pay as you decrypt decryption outsourcing for functional encryption using blo...Venkat Projects
The document discusses a proposed system called functional encryption with payable outsourced decryption (FEPOD) that uses blockchain technology. FEPOD allows outsourcing decryption tasks to an untrusted third party while enabling payment through cryptocurrency processed on the blockchain. It defines the security model for FEPOD and presents a generic construction along with analyzing its security. The system was implemented on a blockchain platform to evaluate feasibility. FEPOD allows verification of outsourced decryption results and zero-knowledge contingent payments between users and third parties performing the decryption tasks.
766 a secure-data-sharing-in-cloud-storage-with-independent-key-generation-ce...revathirram
This document summarizes a research paper that proposes a mediated certificateless public key encryption (mCL-PKE) scheme for secure data sharing in cloud storage. The key points are:
1) The mCL-PKE scheme solves problems of key escrow and certificate revocation without using computationally expensive bilinear pairing operations.
2) It uses a security mediator to instantly revoke compromised users and enforce access policies. The mediator also supports partial decryption to preserve data confidentiality.
3) The scheme extends mCL-PKE with an access control list to allow the data owner to encrypt data only once for multiple authorized users, improving efficiency over previous pairing-based schemes.
ENABLING CLOUD STORAGE AUDITING WITH VERIFIABLE OUTSOURCING OF KEY UPDATESNexgen Technology
TO GET THIS PROJECT COMPLETE SOURCE ON SUPPORT WITH EXECUTION PLEASE CALL BELOW CONTACT DETAILS
MOBILE: 9791938249, 0413-2211159, WEB: WWW.NEXGENPROJECT.COM,WWW.FINALYEAR-IEEEPROJECTS.COM, EMAIL:Praveen@nexgenproject.com
NEXGEN TECHNOLOGY provides total software solutions to its customers. Apsys works closely with the customers to identify their business processes for computerization and help them implement state-of-the-art solutions. By identifying and enhancing their processes through information technology solutions. NEXGEN TECHNOLOGY help it customers optimally use their resources.
International Journal of Computational Engineering Research(IJCER) ijceronline
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
Circuit Ciphertext-policy Attribute-based Hybrid Encryption with Verifiable D...1crore projects
IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
DECENTRALIZED ACCESS CONTROL OF DATA STORED IN CLOUD USING KEY POLICY ATTRIBU...Migrant Systems
This document proposes a decentralized access control method for data stored in the cloud using key policy attribute-based encryption (KP-ABE). It aims to allow fine-grained access control while maintaining data confidentiality and scaling efficiently. The method defines and implements access policies based on data attributes. It also allows the data owner to delegate access control tasks to cloud servers without revealing data contents. This is achieved using a combination of decentralized KP-ABE and a time-based file deletion scheme. The proposed approach is analyzed and shown to be highly secure and efficient.
IRJET- An Efficient Data Sharing Scheme in Mobile Cloud Computing using Attri...IRJET Journal
This document proposes an efficient data sharing scheme for mobile cloud computing using attribute-based encryption. It discusses challenges with securely storing data in the cloud, including ensuring data confidentiality and integrity. Existing techniques like fully homomorphic encryption and attribute-based encryption are reviewed, but have limitations for resource-constrained mobile devices. The proposed scheme aims to provide security while reducing computational overhead, through using proxy servers to handle intensive operations and a lazy re-encryption approach for user revocation. It also discusses using provable data possession techniques to verify the integrity of outsourced data.
CLOUD BASED ACCESS CONTROL MODEL FOR SELECTIVE ENCRYPTION OF DOCUMENTS WITH T...IJNSA Journal
This document proposes a cloud-based access control model for selectively encrypting documents with traitor detection. It aims to address the high computational overhead of key management and secret sharing in existing attribute-based encryption approaches for cloud data security. The proposed model uses efficient algorithms and protocols like aggregate equality oblivious commitment-based envelope protocol and fast access control vector broadcast group key management to reduce overhead. It also introduces a traitor tracing technique to identify any traitors in the two-layer encryption environment for cloud computing.
Key frame extraction is an essential technique in the computer vision field. The extracted key frames should brief the salient events with an excellent feasibility, great efficiency, and with a high-level of robustness. Thus, it is not an easy problem to solve because it is attributed to many visual features.
This paper intends to solve this problem by investigating the relationship between these features detection and the accuracy of key frames extraction techniques using TRIZ. An improved algorithm for key frame extraction was then proposed based on an accumulative optical flow with a self-adaptive threshold (AOF_ST) as recommended in TRIZ inventive principles. Several video shots including original and forgery videos with complex conditions are used to verify the experimental results. The comparison of our results with the-state-of-the-art algorithms results showed that the proposed extraction algorithm can accurately brief the videos and generated a meaningful compact count number of key frames. On top of that, our proposed algorithm achieves 124.4 and 31.4 for best and worst case in KTH dataset extracted key frames in terms of compression rate, while the-state-of-the-art algorithms achieved 8.90 in the best case.
Password-Authenticated Key Exchange Scheme Using Chaotic Maps towards a New A...dbpublications
The document proposes a new password-authenticated key agreement protocol using chaotic maps towards a multiple servers to server architecture in the standard model. The proposed protocol aims to solve issues with single-point security, efficiency, and failure in centralized registration centers by adopting a multiple servers to server architecture. The protocol provides perfect forward secrecy and resistance to dictionary attacks while allowing weak passwords. A security proof is given for the standard model and an efficiency analysis is presented.
The document discusses 7 IEEE 2015-2016 dotnet projects from S3 Infotech including:
1) Detection and rectification of distorted fingerprints using classification and regression algorithms.
2) Public integrity auditing for shared cloud data with group user revocation using vector commitment and signature schemes.
3) Key-aggregate searchable encryption for group data sharing in the cloud using a single key for encryption and queries.
4) A dynamic secure group sharing framework in the public cloud combining proxy signature, key agreement and re-encryption.
5) A distributed joint congestion control and routing optimization approach using a second-order interior-point method.
6) A fuzzy logic based energy efficient multicast routing protocol for ad
A Survey on Access Control Mechanisms using Attribute Based Encryption in cloudijsrd.com
Cloud computing is an emerging computing technology that enables users to distantly store their data into a cloud so as to enjoy scalable services when required. And user can outsource their resources to server (also called cloud) using Internet. Security is one of the major issues which reduces the growth of cloud computing and complications with data privacy and data protection continue to plague the market. Attribute-based encryption (ABE) can be used for log encryption. This survey is more specific to the different security issues on data access in cloud environment.
Key aggregate searchable encryption (kase) for group data sharing via cloud s...Pvrtechnologies Nellore
This document describes a proposed cryptosystem for secure and efficient data sharing in cloud storage. It allows a user to encrypt files with different public keys but send a receiver a single constant-size decryption key that gives decryption rights to any set of ciphertexts. This allows flexible sharing of encrypted data while keeping decryption keys compact. The proposed system aims to address disadvantages of existing approaches like unexpected privilege escalation exposing all data or inefficient key sizes. It provides security based on number-theoretic assumptions without relying on servers for access control.
Key aggregate searchable encryption (kase) for group data sharing via cloud s...LeMeniz Infotech
Key aggregate searchable encryption (kase) for group data sharing via cloud storage
Do Your Projects With Technology Experts
To Get this projects Call : 9566355386 / 99625 88976
Visit : www.lemenizinfotech.com / www.ieeemaster.com
Mail : projects@lemenizinfotech.com
Threat Modeling of Cloud based Implementation of Homomorphic Encryptionijcisjournal
Outsourcing of data storage and data processing to cloud-based service providers promises several advantages such as reduced maintenance overhead, elastic performance, high availability, and security. Cloud services offer a variety of functionalities for performing different operations on the data. However, during the processing of data in cloud, security and privacy may be compromised because of inadequate cryptographic implementation. Conventional encryption methods guarantee security during transport (data-in-transit) and storage (data-at-rest), but cannot prevent data leak during an operation on the data (data-in-use). Modern homomorphic encryption methods promise to solve this problem by applying different operations on encrypted data without knowing or deciphering the data. Cloud-based implementation of homomorphic cryptography has
seen significant development in the recent past. However, data security, even with implemented homomorphic cryptography, is still dependant on the users and the application owners. This exposes the risk of introducing new attack surfaces. In this paper, we introduce a novel and one of the early attempts to model such new attack surfaces on the implementation of homomorphic encryption and map them to STRIDE threat model [1] which is proliferously used in the industry.
KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING IN CLOUDNaseem nisar
1. EASiER proposes an encryption-based access control architecture for social networks that uses attribute-based encryption. It introduces a minimally trusted proxy to enable efficient revocation without reissuing keys.
2. Multi-authority attribute based encryption schemes allow multiple authorities to issue secret keys for attributes. This is useful in applications with attributes managed by different authorities.
3. Existing social network privacy architectures focus on encryption-based access control but do not address efficient revocation of users or attributes. EASiER addresses this issue.
Multi-Server Authentication Key Exchange Approach in BIGDATA EnvironmentIRJET Journal
This document proposes a new Multi-Server Authentication Key Exchange approach for secure communication in big data environments. It aims to address issues with the existing Kerberos approach used in Parallel Network File Systems (pNFS), which has scalability limits and does not provide forward secrecy or prevent key escrow. The proposed approach uses authenticated key exchange protocols between clients and storage devices to reduce the workload on the metadata server by up to 54% while providing forward secrecy and preventing key escrow with only minor client-side computation overhead. It is designed specifically for the needs of pNFS but could benefit other similar distributed file systems.
TO GET THIS PROJECT COMPLETE SOURCE CODE PLEASE CALL BEOLOW CONTACT DETAILS
MOBILE: 9791938249, 0413-2211159, WEB: WWW.NEXGENPROJECT.COM ,EMAIL:Praveen@nexgenproject.com
NEXGEN TECHNOLOGY provides total software solutions to its customers. Apsys works closely with the customers to identify their business processes for computerization and help them implement state-of-the-art solutions. By identifying and enhancing their processes through information technology solutions. NEXGEN TECHNOLOGY help it customers optimally use their resources.
This document summarizes research on personality-based distributed provable data ownership in multi-cloud storage. It discusses how current provable data possession protocols have limitations such as authentication overhead and lack of flexibility. The proposed approach eliminates authentication management by using identity-based cryptography. It aims to provide a secure, efficient and adaptable protocol for integrity checking of outsourced data across multiple cloud servers.
4.authentication and key agreement based on anonymous identity for peer to-pe...Venkat Projects
The document proposes a peer-to-peer cloud authentication and key agreement (PCAKA) scheme based on anonymous identity to enable secure data migration between cloud servers. The scheme uses elliptic curve cryptography without a trusted authority to establish session keys between cloud providers. It protects server and user privacy through anonymous identities while enabling identity traceability for malicious servers. The proposed approach aims to develop trust between clouds and facilitate efficient cross-cloud data migration for mobile users.
Securing Liaison-Less Publisher/Subscriber Systems using Identity Based Encr...IRJET Journal
This document proposes a novel approach to provide authentication and confidentiality in a broker-less content-based publish/subscribe system. It adapts pairing-based cryptography techniques to ensure authentication of publishers and subscribers as well as confidentiality of events. It also describes an algorithm for clustering subscribers according to their subscriptions to provide a level of protection for subscription confidentiality. The proposed approach provides fine-grained key management and encryption/decryption and routing costs that scale with the number of subscribed attributes. It evaluates the performance of the cryptographic primitives and the overhead of maintaining the publish/subscribe overlay and distributing encrypted events.
IRJET- A Novel and Secure Approach to Control and Access Data in Cloud St...IRJET Journal
This document proposes a novel approach to securely control and access data stored in the cloud using Ciphertext-Policy Attribute-Based Encryption (CP-ABE). The approach aims to address abuse of access credentials by tracing malicious insiders and revoking their access. It presents two new CP-ABE frameworks that allow traceability of malicious cloud clients, identification of misbehaving authorities, and auditing without requiring extensive storage. The frameworks provide fine-grained access control and can revoke credentials of traced attackers.
Latest IEEE Projects on All Domains in Computer/ Electronics Engineering
____________________________________________
We develop projects for final year students in computer engineering. These are some topics which are feasible to implement.
For more topics please visit: www.ns2academy.in
Or call us on 9970186685/ 020 24394323
Or mail us: info@ns2academy.in
Strong zero knowledge authentication based on the session keys (sask)IJNSA Journal
This document proposes a new authentication protocol called Strong Zero-Knowledge Authentication Based on Session Keys (SASK). The protocol aims to strengthen user authentication and provide a secure communication channel. It uses a two-step authentication process: 1) regenerating a virtual password and ensuring integrity and confidentiality of nonces exchanged via symmetric encryption with a virtual password, and 2) calculating a session key shared between the client and server to encrypt via the session key. This allows strengthening the authentication process, updating it, and providing better cyber defense against various attack types by verifying identity, creating a secure channel, and using unpredictable session keys.
IDENTITY-BASED PROXY-ORIENTED DATA UPLOADING AND REMOTE DATA INTEGRITY CHECKI...Nexgen Technology
TO GET THIS PROJECT COMPLETE SOURCE ON SUPPORT WITH EXECUTION PLEASE CALL BELOW CONTACT DETAILS
MOBILE: 9791938249, 0413-2211159, WEB: WWW.NEXGENPROJECT.COM,WWW.FINALYEAR-IEEEPROJECTS.COM, EMAIL:Praveen@nexgenproject.com
NEXGEN TECHNOLOGY provides total software solutions to its customers. Apsys works closely with the customers to identify their business processes for computerization and help them implement state-of-the-art solutions. By identifying and enhancing their processes through information technology solutions. NEXGEN TECHNOLOGY help it customers optimally use their resources.
This document lists 57 Java and .NET projects from the years 2012-2013. The projects cover topics such as cloud computing, data mining, machine learning, network security, and social networks. They include titles such as "Ensuring Distributed Accountability for Data Sharing in the Cloud" and "A Frame for personal mobile commerce pattern mining and prediction". The document also provides contact information for the organization M.S.R. Projects.
This document proposes a new scheme for publicly verifiable secret sharing (PVSS) to support cloud-based key management for public-key encryption. The scheme allows a secret key to be securely stored in the cloud in an encrypted form, while also allowing verification that the key can be recovered according to an access policy without compromising the security of the encryption. The scheme is more efficient than previous approaches, using pairings, and is the first PVSS scheme proven secure in the standard model without random oracles. It supports key recovery for public-key encryption run in an untrusted public cloud.
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTUREIJNSA Journal
In a typical cloud computing diverse facilitating components like hardware, software, firmware,
networking, and services integrate to offer different computational facilities, while Internet or a private
network (or VPN) provides the required backbone to deliver the services. The security risks to the cloud
system delimit the benefits of cloud computing like “on-demand, customized resource availability and
performance management”. It is understood that current IT and enterprise security solutions are not
adequate to address the cloud security issues. This paper explores the challenges and issues of security
concerns of cloud computing through different standard and novel solutions. We propose analysis and
architecture for incorporating different security schemes, techniques and protocols for cloud computing,
particularly in Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS) systems. The proposed
architecture is generic in nature, not dependent on the type of cloud deployment, application agnostic and
is not coupled with the underlying backbone. This would facilitate to manage the cloud system more
effectively and provide the administrator to include the specific solution to counter the threat. We have also
shown using experimental data how a cloud service provider can estimate the charging based on the
security service it provides and security-related cost-benefit analysis can be estimated.
Grid computing is concerned with the sharing and use of resources in dynamic distributed virtual
organizations. The dynamic nature of Grid environments introduces challenging security concerns that
demand new technical approaches. In this brief overview we review key Grid security issues and outline
the technologies that are being developed to address those issues. We focus on works done by Globus
Toolkits to provide security and also we will discuss about the cyber security in Grid.
Comparison of data security in grid and cloud computingeSAT Journals
Abstract In the current era, Grid computing and cloud computing are the main fields in the research work. This thesis define which are the main security issues to be considered in cloud computing and grid computing, and how some of these security issues are solved. Comparative study shows the grid security is tighter than the cloud. It also shows cloud computing is less secure and faced security problems. This research work is based on main security problems in cloud computing such as authentication, authorization, access control and security infrastructure (SLA). Cloud infrastructure is based on service level agreement; simply cloud providers provide different services to cloud’s users and organizations with an agreement known SLA. So the security and privacy of user’s data is the main problem, because unauthorized person can’t access the data of cloud user. Hacking and data leakage are the common threats in cloud computing. As the security due to hackers increase over internet and the cloud computing is totally on internet. At this time, cloud computing demand the tight password protection and strong authentication and authorization procedure. For an increased level of security, privacy and password protection, we provide a new strong authentication model named “Two factor authentications using graphical password with pass point scheme”. This authentication model includes the login procedure, access control that is based on service level agreement (SLA) in cloud computing. Index Terms: Cloud computing, Authentication, login, Recognition, Recall, Pass point, security, Cloud Provider, Service level Agreement, Two Factor Authentication
Key frame extraction is an essential technique in the computer vision field. The extracted key frames should brief the salient events with an excellent feasibility, great efficiency, and with a high-level of robustness. Thus, it is not an easy problem to solve because it is attributed to many visual features.
This paper intends to solve this problem by investigating the relationship between these features detection and the accuracy of key frames extraction techniques using TRIZ. An improved algorithm for key frame extraction was then proposed based on an accumulative optical flow with a self-adaptive threshold (AOF_ST) as recommended in TRIZ inventive principles. Several video shots including original and forgery videos with complex conditions are used to verify the experimental results. The comparison of our results with the-state-of-the-art algorithms results showed that the proposed extraction algorithm can accurately brief the videos and generated a meaningful compact count number of key frames. On top of that, our proposed algorithm achieves 124.4 and 31.4 for best and worst case in KTH dataset extracted key frames in terms of compression rate, while the-state-of-the-art algorithms achieved 8.90 in the best case.
Password-Authenticated Key Exchange Scheme Using Chaotic Maps towards a New A...dbpublications
The document proposes a new password-authenticated key agreement protocol using chaotic maps towards a multiple servers to server architecture in the standard model. The proposed protocol aims to solve issues with single-point security, efficiency, and failure in centralized registration centers by adopting a multiple servers to server architecture. The protocol provides perfect forward secrecy and resistance to dictionary attacks while allowing weak passwords. A security proof is given for the standard model and an efficiency analysis is presented.
The document discusses 7 IEEE 2015-2016 dotnet projects from S3 Infotech including:
1) Detection and rectification of distorted fingerprints using classification and regression algorithms.
2) Public integrity auditing for shared cloud data with group user revocation using vector commitment and signature schemes.
3) Key-aggregate searchable encryption for group data sharing in the cloud using a single key for encryption and queries.
4) A dynamic secure group sharing framework in the public cloud combining proxy signature, key agreement and re-encryption.
5) A distributed joint congestion control and routing optimization approach using a second-order interior-point method.
6) A fuzzy logic based energy efficient multicast routing protocol for ad
A Survey on Access Control Mechanisms using Attribute Based Encryption in cloudijsrd.com
Cloud computing is an emerging computing technology that enables users to distantly store their data into a cloud so as to enjoy scalable services when required. And user can outsource their resources to server (also called cloud) using Internet. Security is one of the major issues which reduces the growth of cloud computing and complications with data privacy and data protection continue to plague the market. Attribute-based encryption (ABE) can be used for log encryption. This survey is more specific to the different security issues on data access in cloud environment.
Key aggregate searchable encryption (kase) for group data sharing via cloud s...Pvrtechnologies Nellore
This document describes a proposed cryptosystem for secure and efficient data sharing in cloud storage. It allows a user to encrypt files with different public keys but send a receiver a single constant-size decryption key that gives decryption rights to any set of ciphertexts. This allows flexible sharing of encrypted data while keeping decryption keys compact. The proposed system aims to address disadvantages of existing approaches like unexpected privilege escalation exposing all data or inefficient key sizes. It provides security based on number-theoretic assumptions without relying on servers for access control.
Key aggregate searchable encryption (kase) for group data sharing via cloud s...LeMeniz Infotech
Key aggregate searchable encryption (kase) for group data sharing via cloud storage
Do Your Projects With Technology Experts
To Get this projects Call : 9566355386 / 99625 88976
Visit : www.lemenizinfotech.com / www.ieeemaster.com
Mail : projects@lemenizinfotech.com
Threat Modeling of Cloud based Implementation of Homomorphic Encryptionijcisjournal
Outsourcing of data storage and data processing to cloud-based service providers promises several advantages such as reduced maintenance overhead, elastic performance, high availability, and security. Cloud services offer a variety of functionalities for performing different operations on the data. However, during the processing of data in cloud, security and privacy may be compromised because of inadequate cryptographic implementation. Conventional encryption methods guarantee security during transport (data-in-transit) and storage (data-at-rest), but cannot prevent data leak during an operation on the data (data-in-use). Modern homomorphic encryption methods promise to solve this problem by applying different operations on encrypted data without knowing or deciphering the data. Cloud-based implementation of homomorphic cryptography has
seen significant development in the recent past. However, data security, even with implemented homomorphic cryptography, is still dependant on the users and the application owners. This exposes the risk of introducing new attack surfaces. In this paper, we introduce a novel and one of the early attempts to model such new attack surfaces on the implementation of homomorphic encryption and map them to STRIDE threat model [1] which is proliferously used in the industry.
KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING IN CLOUDNaseem nisar
1. EASiER proposes an encryption-based access control architecture for social networks that uses attribute-based encryption. It introduces a minimally trusted proxy to enable efficient revocation without reissuing keys.
2. Multi-authority attribute based encryption schemes allow multiple authorities to issue secret keys for attributes. This is useful in applications with attributes managed by different authorities.
3. Existing social network privacy architectures focus on encryption-based access control but do not address efficient revocation of users or attributes. EASiER addresses this issue.
Multi-Server Authentication Key Exchange Approach in BIGDATA EnvironmentIRJET Journal
This document proposes a new Multi-Server Authentication Key Exchange approach for secure communication in big data environments. It aims to address issues with the existing Kerberos approach used in Parallel Network File Systems (pNFS), which has scalability limits and does not provide forward secrecy or prevent key escrow. The proposed approach uses authenticated key exchange protocols between clients and storage devices to reduce the workload on the metadata server by up to 54% while providing forward secrecy and preventing key escrow with only minor client-side computation overhead. It is designed specifically for the needs of pNFS but could benefit other similar distributed file systems.
TO GET THIS PROJECT COMPLETE SOURCE CODE PLEASE CALL BEOLOW CONTACT DETAILS
MOBILE: 9791938249, 0413-2211159, WEB: WWW.NEXGENPROJECT.COM ,EMAIL:Praveen@nexgenproject.com
NEXGEN TECHNOLOGY provides total software solutions to its customers. Apsys works closely with the customers to identify their business processes for computerization and help them implement state-of-the-art solutions. By identifying and enhancing their processes through information technology solutions. NEXGEN TECHNOLOGY help it customers optimally use their resources.
This document summarizes research on personality-based distributed provable data ownership in multi-cloud storage. It discusses how current provable data possession protocols have limitations such as authentication overhead and lack of flexibility. The proposed approach eliminates authentication management by using identity-based cryptography. It aims to provide a secure, efficient and adaptable protocol for integrity checking of outsourced data across multiple cloud servers.
4.authentication and key agreement based on anonymous identity for peer to-pe...Venkat Projects
The document proposes a peer-to-peer cloud authentication and key agreement (PCAKA) scheme based on anonymous identity to enable secure data migration between cloud servers. The scheme uses elliptic curve cryptography without a trusted authority to establish session keys between cloud providers. It protects server and user privacy through anonymous identities while enabling identity traceability for malicious servers. The proposed approach aims to develop trust between clouds and facilitate efficient cross-cloud data migration for mobile users.
Securing Liaison-Less Publisher/Subscriber Systems using Identity Based Encr...IRJET Journal
This document proposes a novel approach to provide authentication and confidentiality in a broker-less content-based publish/subscribe system. It adapts pairing-based cryptography techniques to ensure authentication of publishers and subscribers as well as confidentiality of events. It also describes an algorithm for clustering subscribers according to their subscriptions to provide a level of protection for subscription confidentiality. The proposed approach provides fine-grained key management and encryption/decryption and routing costs that scale with the number of subscribed attributes. It evaluates the performance of the cryptographic primitives and the overhead of maintaining the publish/subscribe overlay and distributing encrypted events.
IRJET- A Novel and Secure Approach to Control and Access Data in Cloud St...IRJET Journal
This document proposes a novel approach to securely control and access data stored in the cloud using Ciphertext-Policy Attribute-Based Encryption (CP-ABE). The approach aims to address abuse of access credentials by tracing malicious insiders and revoking their access. It presents two new CP-ABE frameworks that allow traceability of malicious cloud clients, identification of misbehaving authorities, and auditing without requiring extensive storage. The frameworks provide fine-grained access control and can revoke credentials of traced attackers.
Latest IEEE Projects on All Domains in Computer/ Electronics Engineering
____________________________________________
We develop projects for final year students in computer engineering. These are some topics which are feasible to implement.
For more topics please visit: www.ns2academy.in
Or call us on 9970186685/ 020 24394323
Or mail us: info@ns2academy.in
Strong zero knowledge authentication based on the session keys (sask)IJNSA Journal
This document proposes a new authentication protocol called Strong Zero-Knowledge Authentication Based on Session Keys (SASK). The protocol aims to strengthen user authentication and provide a secure communication channel. It uses a two-step authentication process: 1) regenerating a virtual password and ensuring integrity and confidentiality of nonces exchanged via symmetric encryption with a virtual password, and 2) calculating a session key shared between the client and server to encrypt via the session key. This allows strengthening the authentication process, updating it, and providing better cyber defense against various attack types by verifying identity, creating a secure channel, and using unpredictable session keys.
IDENTITY-BASED PROXY-ORIENTED DATA UPLOADING AND REMOTE DATA INTEGRITY CHECKI...Nexgen Technology
TO GET THIS PROJECT COMPLETE SOURCE ON SUPPORT WITH EXECUTION PLEASE CALL BELOW CONTACT DETAILS
MOBILE: 9791938249, 0413-2211159, WEB: WWW.NEXGENPROJECT.COM,WWW.FINALYEAR-IEEEPROJECTS.COM, EMAIL:Praveen@nexgenproject.com
NEXGEN TECHNOLOGY provides total software solutions to its customers. Apsys works closely with the customers to identify their business processes for computerization and help them implement state-of-the-art solutions. By identifying and enhancing their processes through information technology solutions. NEXGEN TECHNOLOGY help it customers optimally use their resources.
This document lists 57 Java and .NET projects from the years 2012-2013. The projects cover topics such as cloud computing, data mining, machine learning, network security, and social networks. They include titles such as "Ensuring Distributed Accountability for Data Sharing in the Cloud" and "A Frame for personal mobile commerce pattern mining and prediction". The document also provides contact information for the organization M.S.R. Projects.
This document proposes a new scheme for publicly verifiable secret sharing (PVSS) to support cloud-based key management for public-key encryption. The scheme allows a secret key to be securely stored in the cloud in an encrypted form, while also allowing verification that the key can be recovered according to an access policy without compromising the security of the encryption. The scheme is more efficient than previous approaches, using pairings, and is the first PVSS scheme proven secure in the standard model without random oracles. It supports key recovery for public-key encryption run in an untrusted public cloud.
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTUREIJNSA Journal
In a typical cloud computing diverse facilitating components like hardware, software, firmware,
networking, and services integrate to offer different computational facilities, while Internet or a private
network (or VPN) provides the required backbone to deliver the services. The security risks to the cloud
system delimit the benefits of cloud computing like “on-demand, customized resource availability and
performance management”. It is understood that current IT and enterprise security solutions are not
adequate to address the cloud security issues. This paper explores the challenges and issues of security
concerns of cloud computing through different standard and novel solutions. We propose analysis and
architecture for incorporating different security schemes, techniques and protocols for cloud computing,
particularly in Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS) systems. The proposed
architecture is generic in nature, not dependent on the type of cloud deployment, application agnostic and
is not coupled with the underlying backbone. This would facilitate to manage the cloud system more
effectively and provide the administrator to include the specific solution to counter the threat. We have also
shown using experimental data how a cloud service provider can estimate the charging based on the
security service it provides and security-related cost-benefit analysis can be estimated.
Grid computing is concerned with the sharing and use of resources in dynamic distributed virtual
organizations. The dynamic nature of Grid environments introduces challenging security concerns that
demand new technical approaches. In this brief overview we review key Grid security issues and outline
the technologies that are being developed to address those issues. We focus on works done by Globus
Toolkits to provide security and also we will discuss about the cyber security in Grid.
Comparison of data security in grid and cloud computingeSAT Journals
Abstract In the current era, Grid computing and cloud computing are the main fields in the research work. This thesis define which are the main security issues to be considered in cloud computing and grid computing, and how some of these security issues are solved. Comparative study shows the grid security is tighter than the cloud. It also shows cloud computing is less secure and faced security problems. This research work is based on main security problems in cloud computing such as authentication, authorization, access control and security infrastructure (SLA). Cloud infrastructure is based on service level agreement; simply cloud providers provide different services to cloud’s users and organizations with an agreement known SLA. So the security and privacy of user’s data is the main problem, because unauthorized person can’t access the data of cloud user. Hacking and data leakage are the common threats in cloud computing. As the security due to hackers increase over internet and the cloud computing is totally on internet. At this time, cloud computing demand the tight password protection and strong authentication and authorization procedure. For an increased level of security, privacy and password protection, we provide a new strong authentication model named “Two factor authentications using graphical password with pass point scheme”. This authentication model includes the login procedure, access control that is based on service level agreement (SLA) in cloud computing. Index Terms: Cloud computing, Authentication, login, Recognition, Recall, Pass point, security, Cloud Provider, Service level Agreement, Two Factor Authentication
The document compares the security of grid computing and cloud computing. Grid computing is considered more mature and has tighter security than cloud computing. Some key differences are:
- Grid computing uses multiple IDs for authentication while cloud often uses a single ID and password.
- Grid security infrastructure (GSI) uses public key protocols for authentication, communication protection, and authorization. Cloud relies more on basic username and password.
- Grid computing enforces service level agreements (SLAs) and policies across sites using distributed enforcement points. Cloud SLA security is simpler.
- The document proposes a new two-factor authentication model for cloud computing that uses graphical passwords and pass point selection on images for added security.
Security Check in Cloud Computing through Third Party Auditorijsrd.com
In cloud computing, data owners crowd their data on cloud servers and users (data consumers) can access the data from cloud servers. Due to the data outsourcing, however, it requires an independent auditing service to check the data integrity in the cloud. Some existing remote integrity checking method scan only serve for static records data. Thus, cannot be used in the auditing service since the data in the cloud can be animatedly updated. Thus, an efficient and secure dynamic auditing protocol is required to convince data owners that the data are correctly stored in the cloud. In this paper, we first design an auditing framework for cloud storage systems for privacy-preserving auditing protocol. Then, we extend our auditing protocol to support the data dynamic operations, which is efficient to secure the random model.
Use of cloud federation without need of identity federation using dynamic acc...eSAT Publishing House
This document summarizes a research paper that proposes a dynamic access control system to enable authorization in cloud federations without requiring identity federations. The system uses risk-based access control to evaluate access requests between clouds that do not have an identity federation. When a user requests access to a resource in their home cloud, traditional attribute-based access control is used. But for resources in foreign clouds without an identity federation, a risk-based policy decision point assesses the risk level using defined metrics and can grant exceptional access if risk is below the threshold. This approach aims to increase scalability for cloud federations compared to identity federations which have interoperability issues.
SelCSP: A Framework to Facilitate Selection of Cloud Service Providers1crore projects
IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
Security Mechanisms for Precious Data Protection of Divergent Heterogeneous G...RSIS International
This paper portrays security advancements and
components utilized as part of Grid computing environment. The
Grid Security Infrastructure (GSI) executed in the Globus
Toolkit also, is portrayed in detail. The principle concentrate is
on strategies for distinguishing proof, verification and approval,
in view of X.509 endorsements and SSL/TLS conventions. At
long last an answer of group based get to control over the
network assets is displayed, which is make over on the usage of
the Globus Toolkit
TRUST ORIENTED SECURITY FRAMEWORK FOR AD HOC NETWORKcscpconf
An ad hoc network is a group of wireless mobile hosts that are connected momentarily through
wireless connections in the dearth of any centralized control or some supporting services. The
mobile ad hoc network is at risk by its environment because of the vulnerabilities at channel and
node level. The conventional security mechanisms deals with only protecting resources from unauthorized access, but are not capable to safeguard the network from who offer resources. Adding trust to the on hand security infrastructures would improvise the security of these environments. A trust oriented security framework for adhoc network using ontological engineering approach is proposed by modeling ad hoc network, the OLSR (Optimized Link State Routing) protocol and trust model as OWL (Ontology Web language) ontologies, which are integrated using Jena. In this model, a trustor can calculate its trust about trustee and use the calculated trust values to make decisions depending on the context of the application or interaction about granting or rejecting it. A number of experiments with a potential implementation of suggested framework are performed to validate the characteristics of a trust oriented model suggested by the literature by this framework
Cloud Trust Management Framework Based On Cloud Market spacesIJERA Editor
Nowadays, applications running in virtual or cloud-based environments are all susceptible to exploitation. However, traditional trust solutions have not been fully optimized for virtualized third party environments. In this situation, the selection of an appropriate cloud service provider is an issue. This paper introduces a completely novel idea on most appropriate cloud service selection through an intermediator. It is based on the new notion of a marketspace. Our paper is devoted to the investigation of a novel architecture suggested for a marketspace. Several theoretical notions related to trust have also been explained extensively in the paper for Cloud service provider selection.
International Journal of Engineering Research and Development (IJERD)IJERD Editor
journal publishing, how to publish research paper, Call For research paper, international journal, publishing a paper, IJERD, journal of science and technology, how to get a research paper published, publishing a paper, publishing of journal, publishing of research paper, reserach and review articles, IJERD Journal, How to publish your research paper, publish research paper, open access engineering journal, Engineering journal, Mathemetics journal, Physics journal, Chemistry journal, Computer Engineering, Computer Science journal, how to submit your paper, peer reviw journal, indexed journal, reserach and review articles, engineering journal, www.ijerd.com, research journals,
yahoo journals, bing journals, International Journal of Engineering Research and Development, google journals, hard copy of journal
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTUREIJNSA Journal
In a typical cloud computing diverse facilitating components like hardware, software, firmware, networking, and services integrate to offer different computational facilities, while Internet or a private network (or VPN) provides the required backbone to deliver the services. The security risks to the cloud system delimit the benefits of cloud computing like “on-demand, customized resource availability and performance management”. It is understood that current IT and enterprise security solutions are not adequate to address the cloud security issues. This paper explores the challenges and issues of security concerns of cloud computing through different standard and novel solutions. We propose analysis and architecture for incorporating different security schemes, techniques and protocols for cloud computing, particularly in Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS) systems. The proposed architecture is generic in nature, not dependent on the type of cloud deployment, application agnostic and is not coupled with the underlying backbone. This would facilitate to manage the cloud system more effectively and provide the administrator to include the specific solution to counter the threat. We have also shown using experimental data how a cloud service provider can estimate the charging based on the security service it provides and security-related cost-benefit analysis can be estimated.
IRJET-An Algorithmic Approach for Remote Data Uploading and Integrity Checkin...IRJET Journal
This document proposes an algorithm called ID-PUIC for remote data uploading and integrity checking in public clouds. It aims to address security issues when clients store sensitive data in public clouds, which they do not fully control. The proposed system uses a proxy to upload client data and perform remote integrity checks with the public cloud server. It introduces a protocol for the proxy to generate tags for file blocks and upload them along with the data for integrity verification. The ID-PUIC algorithm is more efficient for integrity checking than existing solutions as it ignores certificate management and uses bilinear pairings for security. The document outlines the system model, data flow, modules including key generation, tag generation and proofs to check integrity remotely between the client and public cloud server
This document discusses security concepts related to grid and cloud computing, including trust models, authentication and authorization methods, and the grid security infrastructure (GSI). It describes reputation-based and PKI-based trust models, different authorization models, and the layers and functions of GSI, including message protection, authentication, delegation, and authorization. It also discusses risks and security concerns related to cloud computing.
Welcome to International Journal of Engineering Research and Development (IJERD)IJERD Editor
This document summarizes a research thesis that proposes a trusted cloud computing platform (TCCP) to address critical security issues in cloud computing. The TCCP is designed to provide a closed box execution environment for virtual machines to guarantee confidentiality and integrity of computations outsourced to infrastructure as a service cloud providers. It allows customers to remotely verify whether a cloud provider's backend is running a trusted TCCP implementation before launching a virtual machine. The TCCP leverages advances in trusted computing technologies to securely manage virtual machines and cloud infrastructure through protocols for node registration and virtual machine launch and migration. The goal of the TCCP is to extend the capabilities of traditional trusted platforms to the complex, distributed environments of cloud computing infra
As the technology is increasing more number of clients would like to store their data in the public cloud. As the cloud offer client to store large amount of data and can use the data from anywhere using the internet. New security problems need to be solved to give intact to the client data available in the cloud. Client has to feel that their outsourced data is in the protected way in the cloud. From the security problems we propose “A NOVEL APPROACH FOR DATA UPLOADING AND REMOTE DATA INTEGRITY CHECKING BASED ON PUBLIC KEY CRYPTOGRAPHY” (ANDURIC-PKC). We will give the formal definition, system model and security model. Then a concrete ANDURIC-PKC protocol is built by using Generic group model and certificate management is not required. This protocol is efficient and flexible, this may be provably secured by using Computational Diffie-Hellman problem. Based on the original client authorization, the proposed protocol can realize the data integrity checking.
IRJET- Extended Cloud Security for Trust-Based Cloud Service ProvidersIRJET Journal
This paper proposes a framework called SCSP to help customers choose trustworthy and competent cloud service providers. The framework evaluates service providers based on traits, risk estimation, data backup, and recovery capabilities. Traits are determined from customer feedback and reputation scores. Risk is calculated based on the provider's transparency. The framework includes modules for risk estimation, trust estimation, reputation scoring, trait computation, ability estimation, and risk computation. It also proposes algorithms for encryption, backup and recovery. The goal is to help customers select cloud service providers that can ensure secure, high quality service. Experimental results demonstrate the effectiveness of the proposed approach.
This document outlines a final year project proposal on security in cloud computing. The aim is to propose a new trust model between cloud providers and users based on the user's past experience, knowledge of cloud concepts, and security measures at different levels. The document reviews existing literature on reputation-based trust models and encryption techniques. It then discusses research problems around data security, privacy, and trust. The proposed methodology involves surveys to understand user requirements, and experiments using data coloring and watermarking techniques with encryption to securely store fragmented data in the cloud. Potential outcomes include improved service level agreements and fine-grained access control, with limitations around specific data types and formats supported.
Cloud Computing is the most emerging trend in Information Technology now days. It is attracting the organizations due to its advantages of scalability, throughput, easy and cheap access and on demand up and down grading of SaaS, PaaS and IaaS. Besides all the salient features of cloud environment, there are the big challenges of privacy and security. In this paper, a review of different security issues like trust, confidentiality, authenticity, encryption, key management and resource sharing are presented along with the efforts made on how to overcome these issues.
Privacy Preserving in Authentication Protocol for Shared Authority Based Clou...IRJET Journal
This document proposes a privacy-preserving authentication protocol for shared authority-based cloud computing. It discusses security and privacy issues with data sharing among users in cloud storage. The proposed protocol uses a shared authority-based privacy preservation authentication protocol (SecCloud) to address privacy and security concerns for cloud storage. It also uses SecCloud+ to remove data de-duplication. The protocol aims to provide scalability, integrity checking, secure de-duplication, and prevent shoulder surfing attacks during the authentication process in cloud computing.
A secure cloud computing based framework for big data information management ...Nexgen Technology
TO GET THIS PROJECT COMPLETE SOURCE CODE PLEASE CALL BEOLOW CONTACT DETAILS
MOBILE: 9791938249, 0413-2211159, WEB: WWW.NEXGENPROJECT.COM ,EMAIL:Praveen@nexgenproject.com
NEXGEN TECHNOLOGY provides total software solutions to its customers. Apsys works closely with the customers to identify their business processes for computerization and help them implement state-of-the-art solutions. By identifying and enhancing their processes through information technology solutions. NEXGEN TECHNOLOGY help it customers optimally use their resources.
Similar to Cross domain identity trust management for grid computing (20)
"Choosing proper type of scaling", Olena SyrotaFwdays
Imagine an IoT processing system that is already quite mature and production-ready and for which client coverage is growing and scaling and performance aspects are life and death questions. The system has Redis, MongoDB, and stream processing based on ksqldb. In this talk, firstly, we will analyze scaling approaches and then select the proper ones for our system.
inQuba Webinar Mastering Customer Journey Management with Dr Graham HillLizaNolte
HERE IS YOUR WEBINAR CONTENT! 'Mastering Customer Journey Management with Dr. Graham Hill'. We hope you find the webinar recording both insightful and enjoyable.
In this webinar, we explored essential aspects of Customer Journey Management and personalization. Here’s a summary of the key insights and topics discussed:
Key Takeaways:
Understanding the Customer Journey: Dr. Hill emphasized the importance of mapping and understanding the complete customer journey to identify touchpoints and opportunities for improvement.
Personalization Strategies: We discussed how to leverage data and insights to create personalized experiences that resonate with customers.
Technology Integration: Insights were shared on how inQuba’s advanced technology can streamline customer interactions and drive operational efficiency.
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectorsDianaGray10
Join us to learn how UiPath Apps can directly and easily interact with prebuilt connectors via Integration Service--including Salesforce, ServiceNow, Open GenAI, and more.
The best part is you can achieve this without building a custom workflow! Say goodbye to the hassle of using separate automations to call APIs. By seamlessly integrating within App Studio, you can now easily streamline your workflow, while gaining direct access to our Connector Catalog of popular applications.
We’ll discuss and demo the benefits of UiPath Apps and connectors including:
Creating a compelling user experience for any software, without the limitations of APIs.
Accelerating the app creation process, saving time and effort
Enjoying high-performance CRUD (create, read, update, delete) operations, for
seamless data management.
Speakers:
Russell Alfeche, Technology Leader, RPA at qBotic and UiPath MVP
Charlie Greenberg, host
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor IvaniukFwdays
At this talk we will discuss DDoS protection tools and best practices, discuss network architectures and what AWS has to offer. Also, we will look into one of the largest DDoS attacks on Ukrainian infrastructure that happened in February 2022. We'll see, what techniques helped to keep the web resources available for Ukrainians and how AWS improved DDoS protection for all customers based on Ukraine experience
Must Know Postgres Extension for DBA and Developer during MigrationMydbops
Mydbops Opensource Database Meetup 16
Topic: Must-Know PostgreSQL Extensions for Developers and DBAs During Migration
Speaker: Deepak Mahto, Founder of DataCloudGaze Consulting
Date & Time: 8th June | 10 AM - 1 PM IST
Venue: Bangalore International Centre, Bangalore
Abstract: Discover how PostgreSQL extensions can be your secret weapon! This talk explores how key extensions enhance database capabilities and streamline the migration process for users moving from other relational databases like Oracle.
Key Takeaways:
* Learn about crucial extensions like oracle_fdw, pgtt, and pg_audit that ease migration complexities.
* Gain valuable strategies for implementing these extensions in PostgreSQL to achieve license freedom.
* Discover how these key extensions can empower both developers and DBAs during the migration process.
* Don't miss this chance to gain practical knowledge from an industry expert and stay updated on the latest open-source database trends.
Mydbops Managed Services specializes in taking the pain out of database management while optimizing performance. Since 2015, we have been providing top-notch support and assistance for the top three open-source databases: MySQL, MongoDB, and PostgreSQL.
Our team offers a wide range of services, including assistance, support, consulting, 24/7 operations, and expertise in all relevant technologies. We help organizations improve their database's performance, scalability, efficiency, and availability.
Contact us: info@mydbops.com
Visit: https://www.mydbops.com/
Follow us on LinkedIn: https://in.linkedin.com/company/mydbops
For more details and updates, please follow up the below links.
Meetup Page : https://www.meetup.com/mydbops-databa...
Twitter: https://twitter.com/mydbopsofficial
Blogs: https://www.mydbops.com/blog/
Facebook(Meta): https://www.facebook.com/mydbops/
Discover top-tier mobile app development services, offering innovative solutions for iOS and Android. Enhance your business with custom, user-friendly mobile applications.
Main news related to the CCS TSI 2023 (2023/1695)Jakub Marek
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfChart Kalyan
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
Dandelion Hashtable: beyond billion requests per second on a commodity serverAntonios Katsarakis
This slide deck presents DLHT, a concurrent in-memory hashtable. Despite efforts to optimize hashtables, that go as far as sacrificing core functionality, state-of-the-art designs still incur multiple memory accesses per request and block request processing in three cases. First, most hashtables block while waiting for data to be retrieved from memory. Second, open-addressing designs, which represent the current state-of-the-art, either cannot free index slots on deletes or must block all requests to do so. Third, index resizes block every request until all objects are copied to the new index. Defying folklore wisdom, DLHT forgoes open-addressing and adopts a fully-featured and memory-aware closed-addressing design based on bounded cache-line-chaining. This design offers lock-free index operations and deletes that free slots instantly, (2) completes most requests with a single memory access, (3) utilizes software prefetching to hide memory latencies, and (4) employs a novel non-blocking and parallel resizing. In a commodity server and a memory-resident workload, DLHT surpasses 1.6B requests per second and provides 3.5x (12x) the throughput of the state-of-the-art closed-addressing (open-addressing) resizable hashtable on Gets (Deletes).
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/temporal-event-neural-networks-a-more-efficient-alternative-to-the-transformer-a-presentation-from-brainchip/
Chris Jones, Director of Product Management at BrainChip , presents the “Temporal Event Neural Networks: A More Efficient Alternative to the Transformer” tutorial at the May 2024 Embedded Vision Summit.
The expansion of AI services necessitates enhanced computational capabilities on edge devices. Temporal Event Neural Networks (TENNs), developed by BrainChip, represent a novel and highly efficient state-space network. TENNs demonstrate exceptional proficiency in handling multi-dimensional streaming data, facilitating advancements in object detection, action recognition, speech enhancement and language model/sequence generation. Through the utilization of polynomial-based continuous convolutions, TENNs streamline models, expedite training processes and significantly diminish memory requirements, achieving notable reductions of up to 50x in parameters and 5,000x in energy consumption compared to prevailing methodologies like transformers.
Integration with BrainChip’s Akida neuromorphic hardware IP further enhances TENNs’ capabilities, enabling the realization of highly capable, portable and passively cooled edge devices. This presentation delves into the technical innovations underlying TENNs, presents real-world benchmarks, and elucidates how this cutting-edge approach is positioned to revolutionize edge AI across diverse applications.
In the realm of cybersecurity, offensive security practices act as a critical shield. By simulating real-world attacks in a controlled environment, these techniques expose vulnerabilities before malicious actors can exploit them. This proactive approach allows manufacturers to identify and fix weaknesses, significantly enhancing system security.
This presentation delves into the development of a system designed to mimic Galileo's Open Service signal using software-defined radio (SDR) technology. We'll begin with a foundational overview of both Global Navigation Satellite Systems (GNSS) and the intricacies of digital signal processing.
The presentation culminates in a live demonstration. We'll showcase the manipulation of Galileo's Open Service pilot signal, simulating an attack on various software and hardware systems. This practical demonstration serves to highlight the potential consequences of unaddressed vulnerabilities, emphasizing the importance of offensive security practices in safeguarding critical infrastructure.
"Scaling RAG Applications to serve millions of users", Kevin GoedeckeFwdays
How we managed to grow and scale a RAG application from zero to thousands of users in 7 months. Lessons from technical challenges around managing high load for LLMs, RAGs and Vector databases.
ScyllaDB is making a major architecture shift. We’re moving from vNode replication to tablets – fragments of tables that are distributed independently, enabling dynamic data distribution and extreme elasticity. In this keynote, ScyllaDB co-founder and CTO Avi Kivity explains the reason for this shift, provides a look at the implementation and roadmap, and shares how this shift benefits ScyllaDB users.
AppSec PNW: Android and iOS Application Security with MobSFAjin Abraham
Mobile Security Framework - MobSF is a free and open source automated mobile application security testing environment designed to help security engineers, researchers, developers, and penetration testers to identify security vulnerabilities, malicious behaviours and privacy concerns in mobile applications using static and dynamic analysis. It supports all the popular mobile application binaries and source code formats built for Android and iOS devices. In addition to automated security assessment, it also offers an interactive testing environment to build and execute scenario based test/fuzz cases against the application.
This talk covers:
Using MobSF for static analysis of mobile applications.
Interactive dynamic security assessment of Android and iOS applications.
Solving Mobile app CTF challenges.
Reverse engineering and runtime analysis of Mobile malware.
How to shift left and integrate MobSF/mobsfscan SAST and DAST in your build pipeline.
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...DanBrown980551
This LF Energy webinar took place June 20, 2024. It featured:
-Alex Thornton, LF Energy
-Hallie Cramer, Google
-Daniel Roesler, UtilityAPI
-Henry Richardson, WattTime
In response to the urgency and scale required to effectively address climate change, open source solutions offer significant potential for driving innovation and progress. Currently, there is a growing demand for standardization and interoperability in energy data and modeling. Open source standards and specifications within the energy sector can also alleviate challenges associated with data fragmentation, transparency, and accessibility. At the same time, it is crucial to consider privacy and security concerns throughout the development of open source platforms.
This webinar will delve into the motivations behind establishing LF Energy’s Carbon Data Specification Consortium. It will provide an overview of the draft specifications and the ongoing progress made by the respective working groups.
Three primary specifications will be discussed:
-Discovery and client registration, emphasizing transparent processes and secure and private access
-Customer data, centering around customer tariffs, bills, energy usage, and full consumption disclosure
-Power systems data, focusing on grid data, inclusive of transmission and distribution networks, generation, intergrid power flows, and market settlement data
"NATO Hackathon Winner: AI-Powered Drug Search", Taras KlobaFwdays
This is a session that details how PostgreSQL's features and Azure AI Services can be effectively used to significantly enhance the search functionality in any application.
In this session, we'll share insights on how we used PostgreSQL to facilitate precise searches across multiple fields in our mobile application. The techniques include using LIKE and ILIKE operators and integrating a trigram-based search to handle potential misspellings, thereby increasing the search accuracy.
We'll also discuss how the azure_ai extension on PostgreSQL databases in Azure and Azure AI Services were utilized to create vectors from user input, a feature beneficial when users wish to find specific items based on text prompts. While our application's case study involves a drug search, the techniques and principles shared in this session can be adapted to improve search functionality in a wide range of applications. Join us to learn how PostgreSQL and Azure AI can be harnessed to enhance your application's search capability.
From Natural Language to Structured Solr Queries using LLMsSease
This talk draws on experimentation to enable AI applications with Solr. One important use case is to use AI for better accessibility and discoverability of the data: while User eXperience techniques, lexical search improvements, and data harmonization can take organizations to a good level of accessibility, a structural (or “cognitive” gap) remains between the data user needs and the data producer constraints.
That is where AI – and most importantly, Natural Language Processing and Large Language Model techniques – could make a difference. This natural language, conversational engine could facilitate access and usage of the data leveraging the semantics of any data source.
The objective of the presentation is to propose a technical approach and a way forward to achieve this goal.
The key concept is to enable users to express their search queries in natural language, which the LLM then enriches, interprets, and translates into structured queries based on the Solr index’s metadata.
This approach leverages the LLM’s ability to understand the nuances of natural language and the structure of documents within Apache Solr.
The LLM acts as an intermediary agent, offering a transparent experience to users automatically and potentially uncovering relevant documents that conventional search methods might overlook. The presentation will include the results of this experimental work, lessons learned, best practices, and the scope of future work that should improve the approach and make it production-ready.
Cross domain identity trust management for grid computing
1. International Journal of Security, Privacy and Trust Management (IJSPTM) Vol 3, No 2, April 2014
DOI : 10.5121/ijsptm.2014.3202 11
CROSS-DOMAIN IDENTITY TRUST MANAGEMENT
FOR GRID COMPUTING
Amr Farouk, Mohamed M. Fouad and Ahmed A. Abdelhafez
Department of Computer Engineering, Military Technical College, Cairo, Egypt
ABSTRACT
The grid computing coordinates resource sharing between different administrative domains in large scale,
dynamic, and heterogeneous environment. Efficient and secure certificateless public key cryptography (CL-
PKC) based authentication protocol for multi-domain grid environment is widely acknowledged as a
challenging issue. Trust relationships management across domains is the main objective of authentication
protocols in real grid computing environments. In this paper, we discuss the grid pairing-free certificate-
less two-party authenticated key agreement (GPC-AKA) protocol. Then, we provide a cross domain trust
model for GPC-AKA protocol in grid computing environment. Moreover, we analysis the GPC-AKA
protocol in multiple trust domains simulated environment using GridSim toolkit.
KEYWORDS
Certificate-less authenticated key agreement, cross-domain identity trust, grid computing.
1. INTRODUCTION
For fully secure and efficient grid entities authentication, it is required to build a provable secure
authenticated key agreement (AKA) protocol. Moreover, it should meet with the requirements of
large scale distributed, heterogeneous and dynamic grid virtual organizations (VO), that usually
spans multiple trust domains [1]. Hence, trust in grid computing is the firm belief between grid
entities to enable grid systems to work normally in the context of the fundamental grid functions
[2]. Trust relationship in grid computing environments is classified based on trust domain
boundaries into three categories [3]: i) intra-domain trust refers to the trust relationship between
members and the power institutions of the domain. ii) interdomain recommendation trust is a kind
of trust relationship which is set up by the power institutions in the grid levels. iii) cross-domain
trust means the trust relationship among members of different domains. As well, based on trust
approaches, trust relationship is classified into the following categories [2]: i) identity trust (i.e.,
objective trust) is associated with verifying the authenticity of an entity and focuses on the
objective credentials. ii) behavioral trust (i.e., subjective trust) deals with a wider notion of an
entity’s “trustworthiness”, which depends on certain contexts. The relationship can take many
directions. First, in resource allocation process, the resource provider want to know the trust level
(i.e., acceptable code and not harmful) of the grid user requested job. Second, the resource
provider guarantees to the grid user, the process execution without interruption and the user's
privacy protection [2].
Grid computing as a VO for resources collaboration and coordination, has become so prevalent
that grid trust relationship become an intensive topic. In the trust research area, the numerous
literatures proposed the different trust models. These have provided the valuable thoughts for
2. International Journal of Security, Privacy and Trust Management (IJSPTM) Vol 3, No 2, April 2014
12
trust research in the grid environment. As different management domains take different security
policies to mange intra-domain security in the grid, it’s difficult to form an overall management
strategy among different domains [3]. In order to build trust relations between entities and
different trust domains, we give the ring framework of objective trust model. Ring topology has
no root KGC, so no single point of trust. This approach construct a global trust infrastructure
composed of group of trust authorities (i.e., KGCs) without the hierarchy level limitation, so it
has a scalability advantage. A objective trust modeling method suitable in grid environment is
proposed based on the characteristics of grid computing and the features of objective trust.
This paper addresses trust management issues in grid computing and analyses some relevant
cross-domain scenarios. Then it derives main requirements in terms of cross authentication. We
discuss the efficient GPC-AKA protocol based on GDH complexity problem. As well, we
propose a cross-domain grid trust model based on GPC-AKA protocol. In addition, we design and
implement a simulation of the proposed grid trust model based on a world wide grid testbed. The
testbed is composed of multiple organizations, each have its own KGC, and concerned to build a
trust relationships with the others. Furthermore, we analyses the performance of cross-domain
GPC-AKA protocol in complex simulated scenarios.
The rest of this paper is organized as follows. Trust in grid computing is described in Section II.
The grid pairing-free CLAKA protocol is presented in Section III. Section IV shows the proposed
Grid trust management model based on GPC-AKA protocol. Simulation experiment of cross-
domain GPC-AKA using GridSim is introduced in Section V. Finally, Section VII provides our
research conclusions.
2. TRUST IN GRID COMPUTING
Recently, trust has been recognized as an important factor for grid computing security. Several
interesting trust models have been proposed for integration into the Grid computing systems [4]–
[7]. However, we have found that theses trust models specialize in applying trust for enhancement
of resource allocation functions of a grid system; also the trust mechanisms are mainly based on
behavioral methods, which is not scalable nor efficient.
A grid computing environment is a virtual organization (VO) that is composed of several
autonomous domains in which different security policies are applied. The grid computing
environment features are [8]: The user population and resource pool (e.g., quantity, location) are
large and dynamic. A computation is composed of a dynamic group of processes (i.e., created and
destroyed dynamically during program execution) running on different resources and sites. The
pre-trust relationships establishment between different grid sites is impractical due to the dynamic
nature of the grid computing environment [8].
The trust management is a distinct and crucial component of grid services security. Aspects of
the trust management problem include formulating security policies and security credentials,
determining whether particular sets of credentials satisfy the relevant policies, and deferring trust
to third parties.
First, security policy, is a set of rules that define the grid users (i.e., security subjects), grid
resources (i.e., security objects) and relationships among them [8]. Resources may require
different local policies (e.g., authentication and authorization mechanisms), that apply at the
different sites, which we will have limited ability to change. Authentication is the first line of
defence in the grid security policy that provides mapping from local security policies into a global
framework [8].
3. International Journal of Security, Privacy and Trust Management (IJSPTM) Vol 3, No 2, April 2014
13
Second, security credential can be defined as a piece of information that is used to prove the
identity of a subject [8]. Federation of identities when grid entities have different identities and/
or credentials in different security domains. Identity federation is a set of organizations that
establish trust relationships with respect to the federated identity information. Identity federation
technology (e.g., Shibboleth) enables that no need for direct trust relationship between users and
accessed domains. However, the identity server store the individual credentials securely, the main
challenge is to protect the user's privacy.
Third, trust domain can be defined as a logical, administrative structure that holds a single,
consistent local security policy [8]. In this study, we will focus on the third point which is grid
trust relationships using grid authentication protocol.
We can solve grid trust management problems using grid authentication protocols based on
identity that distinguishes a distinct user, process or resource within the context of a specific
namespace. Identity Authentication: proving as association between an entity and an identifier.
Attribute Authentication: proving as association between an entity and an attribute.
We will use the proposed GPC-AKA protocol based on the general grid security architecture of
Foster et. al. [8]. Our approach to trust management is based on the following general principles:
unified mechanism, flexibility, locality of control and separation of mechanism from policy.
3. EFFICIENT AND SECURE GRID PAIRING-FREE CL-AKA
Wang et. al. [9] present the first grid certificate-less authentication based on certificate-less public
key cryptography (CL-PKC), that is a kind of cryptography between certificate based and
identity-based PKC. The bilinear pairing is then considered as an expensive cryptography
primitive. Therefore, a number of pairing-free CL-AKA protocols, have been proposed to
improve efficiency. These protocols, either have a security issues or are not efficient to be
practical implemented in real environments.
We focus on the more recent efficient pairing-free CL-AKA protocol, as formal prove the
protocol security to be suitable for practical grids. Recently, Amr et. al. [10] proposed an efficient
and provable secure grid pairing-free certificate-less two-party authenticated key agreement
(GPC-AKA) protocol. The GPC-AKA protocol uses a user proxy (UP) and resource proxy (RP)
to support the grid single sign on (SSO) and frequent mutual authentication requests [8].
GPC-AKA protocol requires 3 elliptic curve point multiplications, 5 elliptic curve point additions,
2 hashing functions, and 2 message exchanges. The proposed Pairing-free certificate-less two
party authenticated key agreement for grid (GPC-AKA) is introduced into two phases, as
illustrated in Fig. 1 and Fig. 2, respectively.
4. International Journal of Security, Privacy and Trust Management (IJSPTM) Vol 3, No 2, April 2014
14
Figure 1. Proposed GPC-AKA key generation setup scheme (Phase 1).
Figure 2. Proposed key agreement scheme GPC-AKA (Phase 2).
4. CROSS-DOMAIN GRID TRUST MANAGEMENT
Grid computing environments include different resources through cross-organizational
boundaries on a large scale basis. This heterogeneous environment consists of multiple
disconnected trust domains, applying its own policies and mechanisms for authentication.
Consequently, an important challenge for the GPC-AKA is to provide a cross-domain
authentication service. It should be pointed out that existing identity trust models suffer from a
5. International Journal of Security, Privacy and Trust Management (IJSPTM) Vol 3, No 2, April 2014
15
restricted and static vision of trust (i.e., strict hierarchies where trust flows from the root to the
leaves).
We propose a novel trust model reflecting the required dynamic nature of trust for grid entities,
through cross organizational boundaries, with little administrative overhead. Based on cross-
domain grid computing GPC-AKA authentication protocol, a Grid Trust Management (GTM)
model has been designed to establish trust relations between grid entities. Cross-domain GPC-
AKA trust model is shown in Fig. 3.
Figure 3. Grid Trust Model.
We adopt some common approaches for scalability and flexibility in our design. To our
knowledge, the following discussion represents the first such grid trust management model that
has been defined to this level of detail. Our proposed GTM design model answers the following
questions:
1) How to add new KGC? According to the grid virtual organization concept, we can add a new
KGC to the virtual organization KGCs group in ring topology avoiding the hierarchal problems,
by sharing the same system parameters. Since, in the real grid, most trust domains are
autonomous, using different system parameters. So in our GTM model, all the system parameters
of PKG are the same, except the system public key and master key.
2) How to do key revocation? key expiration in GTM is straightforward, used for key revocation.
Short-term key revocation using fine-grained identifier (e.g., extend the user’s identifier to
include another field that specifies a validation period). The validation period inversely
proportional to the KGC server load.
3) How to do key renew? In a grid environment, it is normal practice to renew the user’s long-
term keys on a monthly or yearly basis. This can be done through the KGC issuing a new private
key directly to the user through a secure channel. Short-term keys are used for various security
service such as mutual authentication, single sign-on and delegation.
4) How to build trust between KGCs? Trust relationships between KGCs can be established as
follows, system parameters of the KGCs are then assumed to be trusted by all users and
recognized by the grid system, as shown in Table I.
5) How to build cross-domain trust between entities? Cross-domain GPC-AKA protocol
consistency is proved as follow.
6. International Journal of Security, Privacy and Trust Management (IJSPTM) Vol 3, No 2, April 2014
16
Table 1. Cross-Domain GPC-AKA.
Parameters
D1 D2
U1 KGC1 KGC2 R2
Public Pu1 P01,Params P02,Params Pr2
Secret Xu1,tu1 S1,Du1 S2,Dr2 Xr2,tr2
Where Params = {Fp,E/Fp,G, g,H1,H2} are the same in both KGCs (i.e., KGC1,KGC2) and grid
entities (i.e., U1,R2).
Cross-domain GPC-AKA protocol consistency is proved:
KU1R2 = (tU1 + DU1 + xU1)(TR2 + PR2 + RR2 + H1(ID R2,R R2, P R2)P0)
= (tU1 + DU1 + xU1)((t R2.P) + (x R2.P) + (r R2.P) + (Q R2.sP))
= (tU1 + DU1 + xU1)(t R2 + x R2 + r R2 + Q R2.s)P
= (tU1 + DU1 + xU1)(t R2 + x R2 + D R2)P = K R2U1
where IDR2= IDKGC2||IDR2.
5. CROSS-DOMAIN GPC-AKA SIMULATION EXPERIMENT
In this section, we present the simulation experiment of cross-domain GPC-AKA protocol in grid
computing environment. Grid network topology is explained in Section V-A. Furthermore, a
GPC-AKA simulation using GridSim toolkit is provided in Section V-B.
The only feasible way to analyze repeatable experiments and studies that are not possible in real
dynamic grid environment is the using of grid simulator. We choose the Java-based simulation
platform GridSim Toolkit [11] with network extension package to simulate the message exchange
of the proposed multiple trust domains GPC-AKA protocol. As well, GridSim is based on
SimJava which is a discrete event simulation tool based on Java and simulates various entities by
multiple thread. This aligns well with randomness of grid computing entity action.
5.1. Grid Network Topology
In this section, we provide a scenario of the cross-domain authentication using GPC-AKA
protocol. We have created an experiment based on the World Wide Grid testbed [12], as shown in
Fig. 4.
7. International Journal of Security, Privacy and Trust Management (IJSPTM) Vol 3, No 2, April 2014
17
Figure 4. Cross-Domain Grid Network Topology.
A Grid resource contains one or more Machines. Similarly, a machine contains one or more
processing elements (PEs) or CPUs. For this experiment, we are simulating five VO domains and
each resource belongs to one of them, with three Machines that contains one or more PEs. The
VO mapping is done by taking into account a geographical dissemination among the resources.
Table II summarizes the characteristics of simulated resources, which were obtained from a real
World Wide Grid testbed.
Table 2. Grid Topology and Resources Characteristics.
Domain
Resource
Name
Resource Characteristics Host name & Location
No.
CPU
Time
Zone
D1 N1 UltraAX-i2, SunOS, Sparc grid1.fmridc.org, USA, Hanover 16 -4
D2 N2 Sun HPC 3500, GridEngine, Solaris,
Sparc
sunresearch.qub.ac.uk, UK, Belfast 6 +1
D3 N3 SGI Origin 3800, IRIX 6.5.17m, Irix,
MIPS
calvin.nuigalway.ie, Ireland,
Galway
40 +1
D4 N4 SGI Onyx 3000, IRIX64, Irix, MIPS onyx3.zib.de, Germany, Berlin 20 +2
D5 N5
IBM eServer, Linux, IA-32
belle.physics.usyd.edu.au, Australia,
Sydney
4 +11
8. International Journal of Security, Privacy and Trust Management (IJSPTM) Vol 3, No 2, April 2014
18
We created five scenarios, each time we increased the total grid users {5,10,15,20,25} to simulate
the concurrent requests and uniformly distributed them among the five trust domains, each
domain has {1,2,3,4,5} user(s). In our simulation setup, some parameters are set identical for all
network elements, such as the maximum transfer unit (MTU) of links is set to 1,500 bytes and the
latency is set to 10 milliseconds. We can conclude the simulation experiment parameters in Table
III.
Table 3. Simulation Parameters.
Parameter Value
number of grid users {5,10,15,20,25}
number of grid resource 5
number of gridlets 1
baud rate 1000 bits/sec
propagation delay 10 msec
max. transmission unit (MTU) 1500 byte
5.2. Simulation using GridSim Toolkit
Object-oriented GridSim toolkit allows modeling of heterogeneous types of resources, located in
any time zone. As well, multiple user can simultaneously submit tasks for execution in the same
resource, that may be timeshared or space-shared. In addition, statistics of operations can be
recorded and they can be analyzed using GridSim statistics analysis methods.
GridSim Toolkit V5.2 is run, on a 2 GHz Intel core 2 duo with 6 GB RAM. This simulation
scenario shows how to create user and resource entities connected via a network topology, using
link and router. In addition, background traffic functionality is explained in this scenario. Fig. 5
shows GPC-AKA simulation steps using GridSim.
Figure 5. Main GPC-AKA Simulation Steps using GridSim.
Independent tasks are heterogeneous in terms of processing time and input files size. In GridSim,
such tasks can be created and their requirements can be defined through gridlet objects [13]. We
simulate GPC-AKA message exchange using the gridlet concept in GridSim. One gridlet for
mutual GPC-AKA instance for each pair of grid entities.
9. International Journal of Security, Privacy and Trust Management (IJSPTM) Vol 3, No 2, April 2014
19
6. DISCUSSION AND ANALYSIS
In the first experiment, we simulate the cross-domain GPCAKA message exchange without
background traffic, as shown in Fig. 6. We simulate 5 trust domains and increase the number of
users per each domain {1,2,3,4,5} who send concurrent requests to check GPC-AKA scalability
and get the minimum, maximum, and the average of the response time. For 1 user per domain,
with 5 total grid users, the minimum response time 126.30 seconds, maximum response time
140.52 seconds, and average response time 136.72 seconds. For 2 users per domain, with 10 total
grid users, the minimum response time 169.30 seconds, maximum response time 214.14 seconds,
and average response time 191.96 seconds with 71% increased. For 3 users per domain, with 15
total grid users, the minimum response time 197.30 seconds, maximum response time 290.15
seconds, and average response time 246.20 seconds with 78% increased. For 4 users per domain,
with 20 total grid users, the minimum response time 233.30 seconds, maximum response time
366.13 seconds, and average response time 301.94 seconds with82% increased. For 5 users per
domain, with 25 total grid users. the minimum response time 269.30 seconds, maximum response
time 440.92 seconds, and average response time 357.54 seconds with 84% increased.
Figure 6. Concurrent Requests versus Time without Background Traffic.
In the real grid environment there is a background traffic. So, the second experiment, simulates
the GPC-AKA message exchange with background traffic, as shown in Fig. 7. For 1 user per
domain, with 5 total grid users, the minimum response time 139.64 seconds, maximum response
time 172.02 seconds, and average response time 151.14 seconds. For 2 users per domain, with 10
total grid users, the minimum response time 172.92 seconds, maximum response time 229.65
seconds, and average response time 202.42 seconds with 75% increased. For 3 users per domain,
with 15 total grid users, the minimum response time 211.63 seconds, maximum response time
352.02 seconds, and average response time 278.84 seconds with73% increased. For 4 users per
domain, with 20 total grid users, per minimum response time 233.30 seconds, maximum response
time 420.43 seconds, and average response time 321.41 seconds with 87% increased. For 5 users
per domain, with 25 total grid users, the minimum response time 269.30 seconds, maximum
response time 580.02 seconds, and average response time 417.20 seconds with 77% increased.
10. International Journal of Security, Privacy and Trust Management (IJSPTM) Vol 3, No 2, April 2014
20
Figure 7. Concurrent Requests versus Time without Background Traffic.
7. CONCLUSIONS
According to the trust relationships between different security domains, an authentication
protocol suitable for multiple security (i.e., trust) domains in grid computing is proposed in this
paper. We present an efficient and secure pairing-free two party certificate-less authenticated key
agreement protocol for grid computing (GPC-AKA) based on GHD complexity problem. Based
on GPC-AKA, a grid trust management (GTM) model is proposed. At last, the authentication
protocol is analyzed with simulated grid environment using GridSim. So, we can infer that GPC-
AKA is a cross-domain authentication protocol suitable for large scale and dynamic grid
computing environments.
REFERENCES
[1] A. Farouk, A. A. Abdelhafez, and M. M. Fouad, “Authentication mechanisms in grid computing
environment: Comparative study,” in IEEE International Conferencce on Engineering and
Technology, Oct. 2012, pp. 1–6.
[2] J. Luo, X. Ni, and J. Yong, “A trust degree based access control in grid environments,” Information
Sciences, vol. 179, no. 15, pp. 2618–2628, 2009.
[3] H. Hai-sheng and W. Ru-chuan, “A new subjective trust model in grid computing,” in Computer
Application and System Modeling (ICCASM), 2010 International Conference on, vol. 9. IEEE, 2010,
pp. V9–360.
[4] Z. Yongqiang, L. Qiang, and T. Haibo, “A hybrid system for authentication service,” in 5th
International Conference on Intelligent Networking and Collaborative Systems, 2013, pp. 821–826.
[5] L. Guoyuan, B. Yuyu, and L. Min, “Trust based access control policy in multi-domain of cloud
computing,” Journal of Computers, vol. 8, no. 5, pp. 1357–1365, may 2013.
[6] T. Liye and J. Wei, “A multi trust chain scheme in trusted crossdomain interaction,” in International
Conference on Industrial Control and Electronics Engineering, 2012, pp. 550–553.
[7] Z. Shaomin, Z. Yue, and W. Baoyi, “A novel grid trust model based on fuzzy theory,” in Third
International Conference on Network and System Security, 2009, pp. 203–207.
[8] I. Foster, C. Kesselman, G. Tsudik, and S. Tuecke, “A security architecture for computational grids,”
in Proceedings of the 5th ACM conference on Computer and communications security. ACM, 1998,
pp. 83–92.
[9] W. Shengbao, C. Zhenfu, and B. Haiyong, “Efficient certificateless authentication and key agreement
(CL-AK) for grid computing,” in International Journal of Network Security, vol. 7, no. 3, Nov. 2008,
pp. 342–347.
11. International Journal of Security, Privacy and Trust Management (IJSPTM) Vol 3, No 2, April 2014
21
[10] A. Farouk, M. M. Fouad, and A. A. Abdelhafez, “Analysis and improvement of pairing-free
certificate-less two-party authenticated key agreement protocol for grid computing,” International
Journal of Security, Privacy and Trust Management (IJSPTM), vol. 3, no. 1, 2014.
[11] S. Anthony, P. Gokul, B. Rajkumar, and T. Chen-Khong, “Constructing a grid simulation with
differentiated network service using gridsim,” in IEEE, 2004.
[12] A. Barmouta, “Authorisation and accounting services for the world wide grid,” Master of Science,
School of Computer Science and Software Engineering, University of Western Australia, jun 2004.
[13] B. Rajkumar and M. Manzur, “Gridsim: a toolkit for the modeling and simulation of distributed
resource management and scheduling for grid computing,” in Concurrency and Computation:
Practice and Experience, vol. 14. John Wiley & Sons, Ltd, Feb 2002, pp. 1175–1220.
Authors
Amr Farouk received the Bachelor engineering from the Military Technical College
(MTC), Cairo, Egypt, in 1997, and the Masters' engineering degrees from Engineering
faculty, Mansoura university, Mansoura, Egypt in 2009. He is currently a PhD arguing
from Computer engineering, MTC, Cairo, Egypt. His research interests include network
security, authentication protocols, certificate-less authenticated key agreement.
M. M. Fouad received the Bachelor engineering (honors, with great distinction) and
Masters' engineering degrees from the Military Technical College (MTC), Cairo, Egypt, in
1996 and 2001, respectively. As well, he received the Ph.D. degree in Electrical and
Computer engineering from Carleton University, Ottawa, Ontario, Canada, in 2010. He is
currently a faculty member with the Department of Computer Engineering, MTC. His
research interests are in online handwritten recognition, image registration, image
reconstruction, super-resolution, video compression and multiview video coding.
Ahmed A. AbdelHafez; received the B.S. and M.Sc. in Electrical Engineering from
Military Technical College (MTC) in 1990, 1997 respectively, and his Ph.D from School
of Information Technology and Engineering (SITE), University of Ottawa, Ottawa,
Canada in 2003. Dr. Abdel-Hafez is the head of the Cryptography Research Center
(CRC), Egypt where he is leading many applied researches in communication security
field. He is a visiting lecturer in Communication Dept. MTC, and other universities in
Egypt. Dr. Abdel-hafez published more than 40 papers in specialized conferences and
periodicals. His research interests include wireless networks and data security, mathematical cryptography
and provable security.