Submit Search
Upload
Effective Information Flow Control as a Service: EIFCaaS
•
0 likes
•
44 views
IRJET Journal
Follow
https://irjet.net/archives/V4/i7/IRJET-V4I7624.pdf
Read less
Read more
Engineering
Report
Share
Report
Share
1 of 4
Download now
Download to read offline
Recommended
An Improved Intrusion Prevention Sytem for WLAN
An Improved Intrusion Prevention Sytem for WLAN
rahulmonikasharma
IRJET- SAAS Attacks Defense Mechanisms and Digital Forensic
IRJET- SAAS Attacks Defense Mechanisms and Digital Forensic
IRJET Journal
To Improve Data Storage Security Levels in the Cloud
To Improve Data Storage Security Levels in the Cloud
rahulmonikasharma
IRJET-An Algorithmic Approach for Remote Data Uploading and Integrity Checkin...
IRJET-An Algorithmic Approach for Remote Data Uploading and Integrity Checkin...
IRJET Journal
360º Degree Requirement Elicitation Framework for Cloud Service Providers
360º Degree Requirement Elicitation Framework for Cloud Service Providers
IJERA Editor
Implementing Proof of Retriavaibility for Multiple Replica of Data File using...
Implementing Proof of Retriavaibility for Multiple Replica of Data File using...
IRJET Journal
An Analysis on Software Defined Wireless Network using Stride Model
An Analysis on Software Defined Wireless Network using Stride Model
IRJET Journal
Iaetsd storage privacy protection against data
Iaetsd storage privacy protection against data
Iaetsd Iaetsd
Recommended
An Improved Intrusion Prevention Sytem for WLAN
An Improved Intrusion Prevention Sytem for WLAN
rahulmonikasharma
IRJET- SAAS Attacks Defense Mechanisms and Digital Forensic
IRJET- SAAS Attacks Defense Mechanisms and Digital Forensic
IRJET Journal
To Improve Data Storage Security Levels in the Cloud
To Improve Data Storage Security Levels in the Cloud
rahulmonikasharma
IRJET-An Algorithmic Approach for Remote Data Uploading and Integrity Checkin...
IRJET-An Algorithmic Approach for Remote Data Uploading and Integrity Checkin...
IRJET Journal
360º Degree Requirement Elicitation Framework for Cloud Service Providers
360º Degree Requirement Elicitation Framework for Cloud Service Providers
IJERA Editor
Implementing Proof of Retriavaibility for Multiple Replica of Data File using...
Implementing Proof of Retriavaibility for Multiple Replica of Data File using...
IRJET Journal
An Analysis on Software Defined Wireless Network using Stride Model
An Analysis on Software Defined Wireless Network using Stride Model
IRJET Journal
Iaetsd storage privacy protection against data
Iaetsd storage privacy protection against data
Iaetsd Iaetsd
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
IJERD Editor
Review on Security Aspects for Cloud Architecture
Review on Security Aspects for Cloud Architecture
IJECEIAES
Cybersecurity Capability Maturity Model (C2M2)
Cybersecurity Capability Maturity Model (C2M2)
Maganathin Veeraragaloo
A Novel privacy preserving public auditing for shared data in cloud
A Novel privacy preserving public auditing for shared data in cloud
JAVVAJI VENKATA RAO
Detection of ICMPv6-based DDoS attacks using anomaly based intrusion detectio...
Detection of ICMPv6-based DDoS attacks using anomaly based intrusion detectio...
IJECEIAES
ON FAULT TOLERANCE OF RESOURCES IN COMPUTATIONAL GRIDS
ON FAULT TOLERANCE OF RESOURCES IN COMPUTATIONAL GRIDS
ijgca
Database techniques for resilient network monitoring and inspection
Database techniques for resilient network monitoring and inspection
TELKOMNIKA JOURNAL
Enabling Public Audit Ability and Data Dynamics for Storage Security in Clou...
Enabling Public Audit Ability and Data Dynamics for Storage Security in Clou...
IOSR Journals
Simultaneously Supporting Privacy and Auditing in Cloud Computing Systems
Simultaneously Supporting Privacy and Auditing in Cloud Computing Systems
Tyrone Grandison
IRJET- Secure Data Deduplication for Cloud Server using HMAC Algorithm
IRJET- Secure Data Deduplication for Cloud Server using HMAC Algorithm
IRJET Journal
IRJET-Auditing and Resisting Key Exposure on Cloud Storage
IRJET-Auditing and Resisting Key Exposure on Cloud Storage
IRJET Journal
Cs6703 grid and cloud computing unit 5
Cs6703 grid and cloud computing unit 5
RMK ENGINEERING COLLEGE, CHENNAI
IRJET- Two ways Verification for Securing Cloud Data
IRJET- Two ways Verification for Securing Cloud Data
IRJET Journal
Preventing Distributed Denial of Service Attacks in Cloud Environments
Preventing Distributed Denial of Service Attacks in Cloud Environments
IJITCA Journal
Mitigating Various Attacks in Mobile Ad-hoc Networks Using Trust Based Approach
Mitigating Various Attacks in Mobile Ad-hoc Networks Using Trust Based Approach
IJLT EMAS
Insuring Security for Outsourced Data Stored in Cloud Environment
Insuring Security for Outsourced Data Stored in Cloud Environment
Editor IJCATR
Privacy Preserving in Authentication Protocol for Shared Authority Based Clou...
Privacy Preserving in Authentication Protocol for Shared Authority Based Clou...
IRJET Journal
Privacy preserving public auditing for regenerating-code-based cloud storage
Privacy preserving public auditing for regenerating-code-based cloud storage
LeMeniz Infotech
A Brief Survey on Various Technologies Involved in Cloud Computing Security
A Brief Survey on Various Technologies Involved in Cloud Computing Security
Associate Professor in VSB Coimbatore
Vulnerability Management in IT Infrastructure
Vulnerability Management in IT Infrastructure
IRJET Journal
IRJET- A Detailed Study and Analysis of Cloud Computing Usage with Real-Time ...
IRJET- A Detailed Study and Analysis of Cloud Computing Usage with Real-Time ...
IRJET Journal
A Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud Computing
IRJET Journal
More Related Content
What's hot
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
IJERD Editor
Review on Security Aspects for Cloud Architecture
Review on Security Aspects for Cloud Architecture
IJECEIAES
Cybersecurity Capability Maturity Model (C2M2)
Cybersecurity Capability Maturity Model (C2M2)
Maganathin Veeraragaloo
A Novel privacy preserving public auditing for shared data in cloud
A Novel privacy preserving public auditing for shared data in cloud
JAVVAJI VENKATA RAO
Detection of ICMPv6-based DDoS attacks using anomaly based intrusion detectio...
Detection of ICMPv6-based DDoS attacks using anomaly based intrusion detectio...
IJECEIAES
ON FAULT TOLERANCE OF RESOURCES IN COMPUTATIONAL GRIDS
ON FAULT TOLERANCE OF RESOURCES IN COMPUTATIONAL GRIDS
ijgca
Database techniques for resilient network monitoring and inspection
Database techniques for resilient network monitoring and inspection
TELKOMNIKA JOURNAL
Enabling Public Audit Ability and Data Dynamics for Storage Security in Clou...
Enabling Public Audit Ability and Data Dynamics for Storage Security in Clou...
IOSR Journals
Simultaneously Supporting Privacy and Auditing in Cloud Computing Systems
Simultaneously Supporting Privacy and Auditing in Cloud Computing Systems
Tyrone Grandison
IRJET- Secure Data Deduplication for Cloud Server using HMAC Algorithm
IRJET- Secure Data Deduplication for Cloud Server using HMAC Algorithm
IRJET Journal
IRJET-Auditing and Resisting Key Exposure on Cloud Storage
IRJET-Auditing and Resisting Key Exposure on Cloud Storage
IRJET Journal
Cs6703 grid and cloud computing unit 5
Cs6703 grid and cloud computing unit 5
RMK ENGINEERING COLLEGE, CHENNAI
IRJET- Two ways Verification for Securing Cloud Data
IRJET- Two ways Verification for Securing Cloud Data
IRJET Journal
Preventing Distributed Denial of Service Attacks in Cloud Environments
Preventing Distributed Denial of Service Attacks in Cloud Environments
IJITCA Journal
Mitigating Various Attacks in Mobile Ad-hoc Networks Using Trust Based Approach
Mitigating Various Attacks in Mobile Ad-hoc Networks Using Trust Based Approach
IJLT EMAS
Insuring Security for Outsourced Data Stored in Cloud Environment
Insuring Security for Outsourced Data Stored in Cloud Environment
Editor IJCATR
Privacy Preserving in Authentication Protocol for Shared Authority Based Clou...
Privacy Preserving in Authentication Protocol for Shared Authority Based Clou...
IRJET Journal
Privacy preserving public auditing for regenerating-code-based cloud storage
Privacy preserving public auditing for regenerating-code-based cloud storage
LeMeniz Infotech
A Brief Survey on Various Technologies Involved in Cloud Computing Security
A Brief Survey on Various Technologies Involved in Cloud Computing Security
Associate Professor in VSB Coimbatore
What's hot
(19)
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
Review on Security Aspects for Cloud Architecture
Review on Security Aspects for Cloud Architecture
Cybersecurity Capability Maturity Model (C2M2)
Cybersecurity Capability Maturity Model (C2M2)
A Novel privacy preserving public auditing for shared data in cloud
A Novel privacy preserving public auditing for shared data in cloud
Detection of ICMPv6-based DDoS attacks using anomaly based intrusion detectio...
Detection of ICMPv6-based DDoS attacks using anomaly based intrusion detectio...
ON FAULT TOLERANCE OF RESOURCES IN COMPUTATIONAL GRIDS
ON FAULT TOLERANCE OF RESOURCES IN COMPUTATIONAL GRIDS
Database techniques for resilient network monitoring and inspection
Database techniques for resilient network monitoring and inspection
Enabling Public Audit Ability and Data Dynamics for Storage Security in Clou...
Enabling Public Audit Ability and Data Dynamics for Storage Security in Clou...
Simultaneously Supporting Privacy and Auditing in Cloud Computing Systems
Simultaneously Supporting Privacy and Auditing in Cloud Computing Systems
IRJET- Secure Data Deduplication for Cloud Server using HMAC Algorithm
IRJET- Secure Data Deduplication for Cloud Server using HMAC Algorithm
IRJET-Auditing and Resisting Key Exposure on Cloud Storage
IRJET-Auditing and Resisting Key Exposure on Cloud Storage
Cs6703 grid and cloud computing unit 5
Cs6703 grid and cloud computing unit 5
IRJET- Two ways Verification for Securing Cloud Data
IRJET- Two ways Verification for Securing Cloud Data
Preventing Distributed Denial of Service Attacks in Cloud Environments
Preventing Distributed Denial of Service Attacks in Cloud Environments
Mitigating Various Attacks in Mobile Ad-hoc Networks Using Trust Based Approach
Mitigating Various Attacks in Mobile Ad-hoc Networks Using Trust Based Approach
Insuring Security for Outsourced Data Stored in Cloud Environment
Insuring Security for Outsourced Data Stored in Cloud Environment
Privacy Preserving in Authentication Protocol for Shared Authority Based Clou...
Privacy Preserving in Authentication Protocol for Shared Authority Based Clou...
Privacy preserving public auditing for regenerating-code-based cloud storage
Privacy preserving public auditing for regenerating-code-based cloud storage
A Brief Survey on Various Technologies Involved in Cloud Computing Security
A Brief Survey on Various Technologies Involved in Cloud Computing Security
Similar to Effective Information Flow Control as a Service: EIFCaaS
Vulnerability Management in IT Infrastructure
Vulnerability Management in IT Infrastructure
IRJET Journal
IRJET- A Detailed Study and Analysis of Cloud Computing Usage with Real-Time ...
IRJET- A Detailed Study and Analysis of Cloud Computing Usage with Real-Time ...
IRJET Journal
A Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud Computing
IRJET Journal
IRJET- Cloud Computing: Security Issues Challenges and Solution
IRJET- Cloud Computing: Security Issues Challenges and Solution
IRJET Journal
IRJET- Authentication and Access Control for Cloud Computing Comparing Proble...
IRJET- Authentication and Access Control for Cloud Computing Comparing Proble...
IRJET Journal
IRJET- Preventing Fake Page from Blackhat’s In Mobile Web Browsers using ...
IRJET- Preventing Fake Page from Blackhat’s In Mobile Web Browsers using ...
IRJET Journal
Maintaining Secure Cloud by Continuous Auditing
Maintaining Secure Cloud by Continuous Auditing
ijtsrd
IRJET- Data and Technical Security Issues in Cloud Computing Databases
IRJET- Data and Technical Security Issues in Cloud Computing Databases
IRJET Journal
IRJET- A Novel Framework for Three Level Isolation in Cloud System based ...
IRJET- A Novel Framework for Three Level Isolation in Cloud System based ...
IRJET Journal
Cloud Data Protection for the Masses
Cloud Data Protection for the Masses
IRJET Journal
IRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET Journal
IRJET - Multitenancy using Cloud Computing Features
IRJET - Multitenancy using Cloud Computing Features
IRJET Journal
A Comparative Review on Fault Tolerance methods and models in Cloud Computing
A Comparative Review on Fault Tolerance methods and models in Cloud Computing
IRJET Journal
Web Development in Advanced Threat Prevention
Web Development in Advanced Threat Prevention
IRJET Journal
IRJET- Deduplication of Encrypted Bigdata on Cloud
IRJET- Deduplication of Encrypted Bigdata on Cloud
IRJET Journal
Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...
Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...
IRJET Journal
A Survey of Cloud Computing Security Issues and Consequences
A Survey of Cloud Computing Security Issues and Consequences
Associate Professor in VSB Coimbatore
A secure cloud service deployment framework for DevOps
A secure cloud service deployment framework for DevOps
nooriasukmaningtyas
IRJET- Efficient and Secure Data Storage in Cloud Computing
IRJET- Efficient and Secure Data Storage in Cloud Computing
IRJET Journal
IRJET- Simultaneous ammunition for the multi-cloud computing simulation
IRJET- Simultaneous ammunition for the multi-cloud computing simulation
IRJET Journal
Similar to Effective Information Flow Control as a Service: EIFCaaS
(20)
Vulnerability Management in IT Infrastructure
Vulnerability Management in IT Infrastructure
IRJET- A Detailed Study and Analysis of Cloud Computing Usage with Real-Time ...
IRJET- A Detailed Study and Analysis of Cloud Computing Usage with Real-Time ...
A Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud Computing
IRJET- Cloud Computing: Security Issues Challenges and Solution
IRJET- Cloud Computing: Security Issues Challenges and Solution
IRJET- Authentication and Access Control for Cloud Computing Comparing Proble...
IRJET- Authentication and Access Control for Cloud Computing Comparing Proble...
IRJET- Preventing Fake Page from Blackhat’s In Mobile Web Browsers using ...
IRJET- Preventing Fake Page from Blackhat’s In Mobile Web Browsers using ...
Maintaining Secure Cloud by Continuous Auditing
Maintaining Secure Cloud by Continuous Auditing
IRJET- Data and Technical Security Issues in Cloud Computing Databases
IRJET- Data and Technical Security Issues in Cloud Computing Databases
IRJET- A Novel Framework for Three Level Isolation in Cloud System based ...
IRJET- A Novel Framework for Three Level Isolation in Cloud System based ...
Cloud Data Protection for the Masses
Cloud Data Protection for the Masses
IRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET - Multitenancy using Cloud Computing Features
IRJET - Multitenancy using Cloud Computing Features
A Comparative Review on Fault Tolerance methods and models in Cloud Computing
A Comparative Review on Fault Tolerance methods and models in Cloud Computing
Web Development in Advanced Threat Prevention
Web Development in Advanced Threat Prevention
IRJET- Deduplication of Encrypted Bigdata on Cloud
IRJET- Deduplication of Encrypted Bigdata on Cloud
Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...
Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...
A Survey of Cloud Computing Security Issues and Consequences
A Survey of Cloud Computing Security Issues and Consequences
A secure cloud service deployment framework for DevOps
A secure cloud service deployment framework for DevOps
IRJET- Efficient and Secure Data Storage in Cloud Computing
IRJET- Efficient and Secure Data Storage in Cloud Computing
IRJET- Simultaneous ammunition for the multi-cloud computing simulation
IRJET- Simultaneous ammunition for the multi-cloud computing simulation
More from IRJET Journal
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
IRJET Journal
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
IRJET Journal
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
IRJET Journal
Effect of Camber and Angles of Attack on Airfoil Characteristics
Effect of Camber and Angles of Attack on Airfoil Characteristics
IRJET Journal
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
IRJET Journal
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
IRJET Journal
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
IRJET Journal
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
IRJET Journal
A REVIEW ON MACHINE LEARNING IN ADAS
A REVIEW ON MACHINE LEARNING IN ADAS
IRJET Journal
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
IRJET Journal
P.E.B. Framed Structure Design and Analysis Using STAAD Pro
P.E.B. Framed Structure Design and Analysis Using STAAD Pro
IRJET Journal
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
IRJET Journal
Survey Paper on Cloud-Based Secured Healthcare System
Survey Paper on Cloud-Based Secured Healthcare System
IRJET Journal
Review on studies and research on widening of existing concrete bridges
Review on studies and research on widening of existing concrete bridges
IRJET Journal
React based fullstack edtech web application
React based fullstack edtech web application
IRJET Journal
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
IRJET Journal
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
IRJET Journal
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
IRJET Journal
Multistoried and Multi Bay Steel Building Frame by using Seismic Design
Multistoried and Multi Bay Steel Building Frame by using Seismic Design
IRJET Journal
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
IRJET Journal
More from IRJET Journal
(20)
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
Effect of Camber and Angles of Attack on Airfoil Characteristics
Effect of Camber and Angles of Attack on Airfoil Characteristics
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
A REVIEW ON MACHINE LEARNING IN ADAS
A REVIEW ON MACHINE LEARNING IN ADAS
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
P.E.B. Framed Structure Design and Analysis Using STAAD Pro
P.E.B. Framed Structure Design and Analysis Using STAAD Pro
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
Survey Paper on Cloud-Based Secured Healthcare System
Survey Paper on Cloud-Based Secured Healthcare System
Review on studies and research on widening of existing concrete bridges
Review on studies and research on widening of existing concrete bridges
React based fullstack edtech web application
React based fullstack edtech web application
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
Multistoried and Multi Bay Steel Building Frame by using Seismic Design
Multistoried and Multi Bay Steel Building Frame by using Seismic Design
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
Recently uploaded
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
ranjana rawat
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
ranjana rawat
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptx
upamatechverse
Extrusion Processes and Their Limitations
Extrusion Processes and Their Limitations
120cr0395
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
ranjana rawat
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptx
wendy cai
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )
Tsuyoshi Horigome
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Christo Ananth
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptx
upamatechverse
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
Soham Mondal
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
ranjana rawat
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
slot gacor bisa pakai pulsa
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile service
rehmti665
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
SIVASHANKAR N
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
Call Girls in Nagpur High Profile
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
9953056974 Low Rate Call Girls In Saket, Delhi NCR
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
Suhani Kapoor
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptx
Asutosh Ranjan
Roadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and Routes
M Maged Hegazy, LLM, MBA, CCP, P3O
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
João Esperancinha
Recently uploaded
(20)
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptx
Extrusion Processes and Their Limitations
Extrusion Processes and Their Limitations
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptx
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptx
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile service
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptx
Roadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and Routes
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Effective Information Flow Control as a Service: EIFCaaS
1.
International Research Journal
of Engineering and Technology (IRJET) e-ISSN: 2395 -0056 Volume: 04 Issue: 07 | July-2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 5.181 | ISO 9001:2008 Certified Journal | Page 3107 Effective Information Flow Control as a Service: EIFCAAS SUNIL A PG Student, Department Of Computer Science and Engineering, Acharya Institute of Technology, Karnataka, India ---------------------------------------------------------------------***--------------------------------------------------------------------- Abstract – In an environment of cloud ecosystem, web services have becoming critical aspects as the use of web technologies and software oriented architecture (SOA) are expanded. In order to process and keep acuteness of data, most of the SaaS applications will have the multiple accesses to the data. Even having the maximum benefits from these technologies, they put SaaS applications to the risk of attacks. This may leads to the loss of control and security enforcement over confidential data. In order to fulfill these disadvantages, an effective solution is needed. By taking the reference of security as a service(SecaaS) model, this paper introduces “An Effective Information Flow Control as a Service (EIFCaaS)”. EIFCaaS lays a foundation of cloud- delivered IFC-based security analysis and monitoring services. This paper presenting the framework with EIFCaaS to detect the vulnerabilities in the information flow in SaaS applications. To achieve data integrity and confidentiality, this framework is the viable solution. Key Words: Vulnerability Detection, SecaaS, SOA. 1. INTRODUCTION Cloud computing is a web based application that provides shared computer resources and different services on request. It is a model, which provides a pool of processing resources such as servers, applications and administrations which can be quickly divided and distributed with less effort from management. Cloud computing supports the user to store and process their data in many ways such as privately owning or storing in third party datacenters to access their data from far distance or from anywhere in the world. The resources provided by cloud computing are shared among multiple users their by reducing the cost and improving the economic growth. Cloud computing aims to allow the user to utilize all the technologies provided even without having much knowledge about them. In a recent development, it has been observed that some attacks of applications are targeting the particular type of cloud environment. While developing the SaaS applications, some technologies used in the application development allows the novel attack to the services as existing ones. Thereafter, the research of number of applications running on different cloud (privatecloud, public, hybridcloud) has recorded that, 96% of the applications that are tested with more than one vulnerability. With this aspect, injection of NoSQL, injection of SQL(SQLI) and information ejaculation, they consist of weak security of 55% as recorded, since the exposed security of data towards threats of serious type due to intents of malicious and neglected vulnerabilities. These vulnerabilities can be caused by improper validation of input. The security towards the application can be provided by the various service providers, third parties and other public repositories. The information hacked by the unauthorized user may cause the loss of integrity and confidentiality of the data. Author[1] examine about the security vulnerabilities that can emerge when programming designers make applications or modules for use with JavaScript-based server applications, for example, NoSQL database motors or Node.js web servers. In the worst case situation, an aggressor can misuse these vulnerabilities to transfer and execute discretionary paired records on the server machine, viably allowing him full control over the server. JavaScript has been broadly utilized on web application customer side levels (i.e. in code executing in the userʼs program) for a considerable length of time with a specific end goal to give a wealthier, more "desktoplike" client encounter. In any case, as of late, there has been a surge of enthusiasm for JavaScript not only for customer side code, but rather for server-side code also. There are currently server-side JavaScript (or SSJS) includes in database servers (CouchDB for instance), document servers (Opera Unite), and web servers (Node.js). Absolutely quite a bit of this new intrigue can be ascribed to the huge execution changes that JavaScript motor designers have made as of late. Rivalry between Microsoft, Mozilla, Apple, Google, and Opera to assemble the speediest program has brought about JavaScript motors that run requests of extent quicker than their forerunners of only a couple discharges past. While it might not have been possible from an execution point of view to manufacture a completely working web server in light of JScript around. By the use of speed, volume and assortment of big data it is possible to amplify the security and protection issues such as expanded cloud scale foundation, information sources and arrangement differences, discharging nature of information collection and cloud relocation with high volume. Accordingly, conventional security components, which are custom fitted to securing little scale, static (instead of spilling) information, are deficient. Here the
2.
International Research Journal
of Engineering and Technology (IRJET) e-ISSN: 2395 -0056 Volume: 04 Issue: 07 | July-2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 5.181 | ISO 9001:2008 Certified Journal | Page 3108 creator [2] highlights the main ten security and challenges of big data. Highlighting the difficulties will persuade expanded concentrate on bracing Big Data frameworks. Whether a program can able to release mystery information to open ports, or whether basic calculations can be impacted from outside are checked by information flow control (IFC). In any case, numerous IFC investigations are uncertain, as they are stream obtuse, setting harsh, or protest heartless; bringing about false cautions. Creator Christian Hammer and Gregor Snelting [3] say that IFC should better adventure current program examination innovation and present an approach in light of program reliance diagrams (PDG). PDGs have been created throughout the most recent 20 years as a standard gadget to speak to data stream in a program and deal with practical projects. Specifically, the reliance chart generator for full Java bytecode is utilized as the reason for an IFC usage which is more exact and needs fewer comments than conventional methodologies. The PDGs for successive and multi-strung projects and disclose accuracy increases because of stream, setting, and protest affectability. The creators then enlarge PDGs with a cross section of security levels and present the stream conditions for IFC. At that point they portray calculations for stream calculation in detail and demonstrate their accuracy. At that point they stretch out stream conditions to deal with declassification and demonstrate that the calculation regards monotonicity of discharge. At last, illustrations exhibit that the execution can check sensible consecutive projects in full Java bytecode. Author [4] explores the component for secure data stream in a PC framework. These components are inspected inside a scientific structure reasonable for defining the prerequisites of secure data stream among security collections. The focal part of the model is a grid structure gotten from the collection of security and defended by the semantics of data stream. The grid attribute allows succinct details of the security prerequisites of various existing frameworks and encourage the development of instruments that uphold security. The model gives a bringing together perspective of all frameworks that confine data stream, empowers a characterization of them as indicated by security destinations and recommends some new methodologies. It additionally prompts the development of programmed program accreditation instruments for checking the safe stream of data through a program. In general cloud computing can be understood as computation and distribution of data over the internet. Using this technology web sites are increased in steep from past many years. Those websites are infected from cross site scripting and injection of failed applications. To detect the vulnerabilities there is an alternative strategy called taint analysis. Most of the present taint analysis approaches does not deal with continuous storage (e.g. object datastores), dull objects (no access to the implementation of objects) or huge range of policies of security. These aspects are considered by the author [5] in the cloud computing application taint analysis. Google app engine (GAE) is a cloud computing platform for which, taint analysis is provided via python library, instead of modifying compiler or interpreter. Figure 1: The operational overview of EIFCaaS groundwork. The developing system aims at the targeted requirements. The major service offered by EIFCaaS method is represented in this framework(Figure 1). Without installing any software requirements or hardware setup or any special training, the services developed on SaaS application are provided on the basis of subscription through internet. In order to analyse the code of application provider before posting them on the cloud provider’s platform or infrastructure, service of this type is managed by the third trusted entity. Through online dashboard which is convenient to the service distributor, the analysis results are provided. The first step in the groundwork is that, in which, the software service provider shows his interest in building or hosting his SaaS applications build upon infrastructure or platform of cloud provider as shown in figure 4. In order to deploy and launch such applications, the service provider is asked by the cloud provider to have the certificate of security from the third party is the second step. The provider of software service then subscribe with the third party which facilitates EIFCaaS is the third step. It submits request to analyse the code to the third trusted entity with application’s bytecode and the web services associated with it.
3.
International Research Journal
of Engineering and Technology (IRJET) e-ISSN: 2395 -0056 Volume: 04 Issue: 07 | July-2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 5.181 | ISO 9001:2008 Certified Journal | Page 3109 The software service distributor is provided the option to select the kind of checking (confidentiality, integrate or both) he want. Then the request is accepted by the trusted party. It expands the groundwork to analyse the code statistically to detect potential vulnerabilities. And finally, on the dashboard, the detailed analysis results are published and reported to the software service provides, which is the fourth step. Analysed application is then granted with the security certificate based on the results and copy of it is sent to the cloud provider. 2. FRAMEWORK There are four main components in EIFCaaS framework: generator of model, engine of IFC, detector of vulnerability and publisher of result. The responsibility of generator of model is to build the life cycle of candidate application simulation and the runtime execution. The engine of IFC is responsible for analysing flow of information on the bytecode of an application which is unmodified in reference to the generated model. The detector of vulnerability is responsible for detecting the insecure flow paths which violates confidentiality and data integrity. Then the publisher of result is responsible for refining and reporting analysis output to the application provider. The certificate of security is granted to the candidate application based on the analysis result that has been sent to both service providers and cloud providers. 3. IMPLEMENTATION AND EXPERIMENTAL EVALUATION In order to validate the Effectiveness of EIFCaaS, a prototype implementation is developed. The bytecode and metadata applications are accepted by the prototype which is implemented in java. The framework targets to demonstrate the correctness of prototype for vulnerability detection in SaaS applications of cloud. The generator of model, detector of vulnerability and publisher of result components are implemented in JAVA. The main activities of the groundwork are disclosed as relaxed applications. Using spring1 framework and JSP a simple interface is developed with web base. In order to enable solutions to deploy on Amazon NetBeans plugin is used. Point to point analysis and call graph construction are performed by extending the Java libraries. For the development of IFC based on SDG and slicing techniques SOAP is used. SOAP is used to run all C#, Java and spring web based services. Stub and skeleton are used for interconnecting client and server for data transfer between systems. Point-to point analysis is offered by different groundworks. XML has been used to put application under testing and evaluation. While constructing the SDG, XML is selected since it takes object sensitive features for consideration. To analyse the code written in dynamic and object oriented language like Java this feature is essential. On six progressive open source applications EIFCaaS has been applied, which are available on GitHub2 and IBM Bluemix3. Using Java and spring framework the applications are implemented and are ready to be deployed in IBM Bluemix5, which is a PaaS application. Table 1 describes the application in terms of lines of code, files, packages, methods, and external libraries. The specification of set of source and sinks of NoSQL are identified by relevant Jersey and spring framework APIs. Creating and retrieving the prepared query statements is the responsibility of java.sql.Connection interface defined method createStatement. Whether there exists the information flow from sources to sink or not is examined by EIFCaaS. Intensive object sensitive program analysis is performed by configuring XML. A second and third column in the table shows the number of sources and sinks in each tested application respectively. After filtering the candidate paths by EIFCaaS, the detected vulnerabilities are reported, that are represented in the fourth table. Number of analysed classes is shown in the fifth column. There is a special application called CloudTrader. There is a violation by vulnerability detection component from untrusted sources to sensitive operations of database. Elimination of these violations done by result publisher component later. On the way of the violations that are detected, the investigation confirms the methods that operate SQL prepared statements. Inside the application code, mixing of untrusted data with query operation are prevented by prepared query statements, since they assumed as defend data method. The level of security of unbelieved data is translated to believe data in this aspect. Performing a sensitive operation by the use of believed data is not assumed as a defend as per the non-inference rule. All detected violations are manually validated. NoSQL and SQL injection vulnerabilities are represented by these detected violations. The improper validation of input parameters is the cause of these detected violation passed to the services performing sensitive operations on the backend data stores. In the analysed benchmark applications it do not find any information leakage vulnerabilities. Name of the applicatio n No. of Java Loc No. of File s No. of package s No. of Method s No. of External Librarie s Restful- blog 894 98 8 99 23 Restful- customer 298 56 7 68 44 Spring- music 844 97 14 65 56 Spring- social 299 44 4 33 43 Cloud- 693 423 3 654 7
4.
International Research Journal
of Engineering and Technology (IRJET) e-ISSN: 2395 -0056 Volume: 04 Issue: 07 | July-2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 5.181 | ISO 9001:2008 Certified Journal | Page 3110 Trader 7 Spring- visitor 298 487 5 877 33 Name of the application No. of Sources No. of Sinks No. of vulnerabilities No. of Classes Restful- blog 9 15 11 765 Restful- customer 3 3 1 123 Spring- music 1 3 1 453 Spring- social 0 1 0 938 Cloud- Trader 19 22 0 1122 Spring- visitor 1 9 6 1233 Table 2: EIFCaaS detection of vulnerabilities 4. CONCLUSION From the new vectors of attacks as well as from the existing ones, the SaaS applications of cloud are affected. The security of information is manipulated by some covertness kind of weak entities such as injection of NoSQL, SQLI and leakage of information. By the inspiration of SecaaS (security as a service) model, this project presents Effective Information Flow Control as a Service (EIFCaaS) to characterise the analysis of security of IFC- based cloud and controlling services. The project presents a framework static data stream investigation structure for weakness discovery of SaaS applications for instance for EIFCaaS's reception. This structure helps in noting basic inquiries. To check the end to end confidentiality and integrity in SaaS application information flow including its components; or possibility of trusting the application security that are managed and hosted by the third parties which are separate from the physical control of consumers. This framework is proposed as services that are offered by the third trusted parties. Without introducing modifications in any application code or underlying platform or VMM, the framework is deployed and adapted. In order to model the environment of an application, the framework applies several strategies. The model embraced by the structure helps in thinking about runtime data that permits the utilization of any static investigation procedure. The system use IFC in light of SDG and program cutting procedures which help its capacity to distinguish comprehensively shaky data stream including unequivocal and certain ways. This venture approved the adequacy of the executed system with the help of groundwork involving six genuine applications. The assessment result shows that the structure uncovers data stream vulnerabilities with high accuracy. REFERENCES [1] CENZIC. (2014). Cloud Applications Vulnerability TrendsReports[Online].Available:http://www.cenzic.com/ downloads/Cenzic_Vulnerability_Report_2014.pdf [Accessed: February 2015] [2] B. Sullivan. (2011, July). Server-side JavaScript injection[Online].Available:https://media.blackhat.com/b h-us 11/Sullivan/BH_US_11_Sullivan_Server_Side_WP.pdf [Accessed: April 2015] [3] Cloud Security Alliance, “The Notorious Nine Cloud Computing Top Threats in 2013,” 2013. [4] Cloud Security Alliance, “Expanded Top Ten Big Data Security and Privacy Challenges,” 2013. [5] C. Hammer and G. Snelting, “Flow-sensitive, contextsensitive, and object-sensitive information flow control based on program dependence graphs,” Int. Journal of Inform. Security, vol. 8, no. 6, pp. 399-422, 2009. [6] D. E. Denning, “A lattice model of secure information flow,” CACM, vol. 19, no. 5, pp. 236–243, 1976. [7] S. Fink and J. Dolby. WALA–The T.J. Watson Libraries for Analysis. Available: http://wala.sourceforge.net/. [8] J. Graf, M. Hecker, and M. Mohr, “Using JOANA for Information Flow Control in Java Programs-A Practical Guide,” Softw. Eng. Workshops, pp. 123-138. 2013. [9] V. Pappas, V. Kemerlis, A. Zavou, M. Polychronakis, and A. Keromytis, “CloudFence: Data Flow Tracking as a Cloud Service,” Lecture Notes in Computer Science: RAID, Springer, vol.. 8145, pp 411-431, 2013. [10] L. Bello, and A. Russo, “Towards a taint mode for cloud computing web applications,” Proc. 7th Workshop on Programming Languages and Anal. for Security, ACM, 2012. [11] M. Migliavacca, I. Papagiannis, et al., “DEFCON: highperformance event processing with information security,” Proc. USENIX Annual Tech. Conf., 2010. [12] Y. Mundada, A. Ramachandran, and N. Feamster, “SilverLine: Data and network isolation for cloud services,” Proc. of HotCloud, 2011. Table1: The summary of available applications
Download now