IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Enhanced security framework to ensure data security in cloud using security b...eSAT Journals
Abstract Data security and Access control is a challenging research work in Cloud Computing. Cloud service users upload there private and confidential data over the cloud. As the data is transferred among the server and client, the data is to be protected from unauthorized entries into the server, by authenticating the user’s and provide high secure priority to the data. So the Experts always recommend using different passwords for different logins. Any normal person cannot possibly follow that advice and memorize all their usernames and passwords. That is where password managers come in. The purpose of this paper is to secure data from unauthorized person using Security blanket algorithm.
Enhancing security features in cloud computing for healthcare using cipher an...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Enhancing security features in cloud computing for healthcare using cipher an...eSAT Journals
Abstract Health Care is the most important unindustrialized field. Cloud is an emerging trend in software industry. In medical field, there are large dataset comprising highly sensitive data about patient’s medical records. Based on these records, diagnosis for the patient will be given. Moving data to the cloud makes to explore a large information for diagnosis as expert documentation will also be stored as part of health record. Physicians from anywhere at any time can get access over these reports for better treatment. The Medicare industry vacillates to store these data to the cloud as the patients might feel insecure about their health records. This work introduces the idea of combining Cipher Cloud, Inter Cloud and ABE schemes, proposes an innovative method to enhance security features in the cloud by double encryption using algorithms and tools. By this, only authorized entities are proficient of accessing these records. Rather than storing data in single cloud, Inter Cloud (Multi-cloud) also adds advantage for our proposed work. Keywords: Virtualization, Cipher cloud, Trust, Encryption, Inter cloud
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Enhanced security framework to ensure data security in cloud using security b...eSAT Journals
Abstract Data security and Access control is a challenging research work in Cloud Computing. Cloud service users upload there private and confidential data over the cloud. As the data is transferred among the server and client, the data is to be protected from unauthorized entries into the server, by authenticating the user’s and provide high secure priority to the data. So the Experts always recommend using different passwords for different logins. Any normal person cannot possibly follow that advice and memorize all their usernames and passwords. That is where password managers come in. The purpose of this paper is to secure data from unauthorized person using Security blanket algorithm.
Enhancing security features in cloud computing for healthcare using cipher an...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Enhancing security features in cloud computing for healthcare using cipher an...eSAT Journals
Abstract Health Care is the most important unindustrialized field. Cloud is an emerging trend in software industry. In medical field, there are large dataset comprising highly sensitive data about patient’s medical records. Based on these records, diagnosis for the patient will be given. Moving data to the cloud makes to explore a large information for diagnosis as expert documentation will also be stored as part of health record. Physicians from anywhere at any time can get access over these reports for better treatment. The Medicare industry vacillates to store these data to the cloud as the patients might feel insecure about their health records. This work introduces the idea of combining Cipher Cloud, Inter Cloud and ABE schemes, proposes an innovative method to enhance security features in the cloud by double encryption using algorithms and tools. By this, only authorized entities are proficient of accessing these records. Rather than storing data in single cloud, Inter Cloud (Multi-cloud) also adds advantage for our proposed work. Keywords: Virtualization, Cipher cloud, Trust, Encryption, Inter cloud
CLOUD BASED ACCESS CONTROL MODEL FOR SELECTIVE ENCRYPTION OF DOCUMENTS WITH T...IJNSA Journal
Cloud computing refers to a type of networked computing whereby an application can be run on connected
servers instead of local servers. Cloud can be used to store data, share resources and also to provide
services. Technically, there is very little difference between public and private cloud architecture. However,
the security and privacy of the data is a very big issue when sensitive data is being entrusted to third party
cloud service providers. Thus encryption with a fine grained access control is inevitable to enforce security
in clouds. Several techniques implementing attribute based encryption for fine grained access control have
been proposed. Under such approaches, the key management overhead is a little bit high in terms of
computational complexity. Also, secret sharing mechanisms have added complexity. Moreover, they lack
mechanisms to handle existence of traitors. Our proposed approach addresses these requirements and
reduces the overhead of the key management as well as secret sharing by using efficient algorithms and
protocols. Also, a traitor tracing technique is introduced into the cloud computing two layer encryption
environment.
Security and Protection of Enterprise Data in Cloud: Implementation of Deniab...IJERA Editor
Enterprise level cloud data storage is gaining importance in the area of consumer level file hostage services. Cloud storage providers are responsible for availability, accessibility and protection of the user data. A number of encrypting schemes have been proposed for encrypting the user data in cloud storage to protect unauthorized access. Most of the Attribute Based Encryption (ABE) schemes that were proposed assume that the data in cloud storage are secure and are never disclosed. However, in reality, some of the authorities may force the cloud storage providers to disclose the cloud user’s secrets or personal data. In this paper, a new deniable ABE encryption scheme for cloud storage is proposed to ensure user privacy with minimized unauthorized access. A new ranking algorithm assigns a rank to each user at the time of registration based on their personal information. The rank of the user enhances the privacy and provides access control to the data stored on cloud. Each file uploaded to cloud is assigned with a rank and the file downloads only if the rank of the user matches the rank associated with the file. If rank of the user does not match then a fake file will be downloaded. Since authorities who demand for user secret cannot decide if the information they get about the user are legitimate, the cloud storage providers make sure that the individual user privacy is still protected. The ranking algorithm is also used to provide improved cloud access response time to prioritized users
Achieving Secure, sclable and finegrained Cloud computing reportKiran Girase
cloud computing is also facing many challenges that, if not well resolved, may impede its fast growth. Data security, as it exists in many other applications, is among these challenges that would raise great concerns from users when they store sensitive information on cloud servers. These concerns originate from the fact that cloud servers are usually operated by commercial providers which are very likely to be outside of the trusted domain of the users. Data confidential against cloud servers is hence frequently desired when users outsource data for storage in the cloud.
Systematic Review Automation in Cyber SecurityYogeshIJTSRD
Many aspects of cyber security are carried by automation systems and service applications. The initial steps of cyber chain mainly focus on different automation tools with almost same task objective. Automation operations are carried only after detail study on particular task pre engagement phase , the tool is going to perform, measurement of dataset handling of tool produced output. The algorithm is going to make use of after comparing the existing tools efficiency, the throughput time, output format for reusable input and mainly the resource’s consumption. In this paper we are going to study the existing methodology in application and system pen testing, automation tool’s efficiency over growing technology and their behaviour study on unintended platform assignment. Nitin | Dr. Lakshmi J. V. N "Systematic Review: Automation in Cyber Security" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-4 , June 2021, URL: https://www.ijtsrd.compapers/ijtsrd41315.pdf Paper URL: https://www.ijtsrd.comcomputer-science/computer-security/41315/systematic-review-automation-in-cyber-security/nitin
A Survey on Different Techniques Used in Decentralized Cloud ComputingEditor IJCATR
This paper proposes various methods for anonymous authentication for data stored in cloud. Cloud verifies the authenticity
of the series without knowing the user’s identity before storing data. This paper also has the added feature of access control in which
only valid users are able to decrypt the stored information. These schemes also prevents replay attacks and supports creation,
modification, and reading data stored in the cloud. Moreover, our authentication and access control scheme is decentralized and robust,
unlike other access control schemes designed for clouds which are centralized. The communication, computation, and storage
overheads are comparable to centralized approaches .The aim of this paper is to cover many security issues arises in cloud computing
and different schemes to prevent security risks in cloud. Storage-as-a-service (Saas) offered by cloud service providers (CSPs) is a paid
facility that enables organizations to outsource their sensitive data to be stored on remote servers. In this paper, we propose a cloudbased
storage schemes that allows the data owner to benefit from the facilities offered by the CSP and enables indirect mutual trust
between them. This Paper provides different authentication techniques and algorithms for cloud security.
In an organization specifically as virtual as cloud there is need for access control systems to constrain
users direct or backhanded action that could lead to breach of security. In cloud, apart from owner access
to confidential data the third party auditing and accounting is done which could stir up further data leaks.
To control such data leaks and integrity, in past several security policies based on role, identity and user
attributes were proposed and found ineffective since they depend on static policies which do not monitor
data access and its origin. Provenance on the other hand tracks data usage and its origin which proves the
authenticity of data. To employ provenance in a real time system like cloud, the service provider needs to
store metadata on the subject of data alteration which is universally called as the Provenance Information.
This paper presents a provenance-policy based access control model which is designed and integrated with
the system that not only makes data auditable but also incorporates accountability for data alteration
events.
A study on security responsibilities and adoption in cloudeSAT Journals
Abstract Cloud computing is one of the popular enterprise models where computing resources are made available on-demand to the user as needed. Due to this increasing demand for more clouds there is an ever growing threat of security becoming a major issue. cloud computing is a construct that allows you to access applications that actually reside at a location other than your computer or other Internet-connected device, most often, this will be a distant data center. In a simple, topological sense, a cloud computing solution is made up of several elements: clients, the datacenter, and distributed servers. Each element has a purpose and plays a specific role in delivering a functional cloud based application, the increased degree of connectivity and the increasing amount of data has led many providers and in particular data centers to employ larger infrastructures with dynamic load and access balancing. So this paper shall look at ways in which security responsibilities and Cloud Adoption Keywords: Cloud Computing, Service models, Cloud Security, Secure Cloud Adoption,
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
CLOUD BASED ACCESS CONTROL MODEL FOR SELECTIVE ENCRYPTION OF DOCUMENTS WITH T...IJNSA Journal
Cloud computing refers to a type of networked computing whereby an application can be run on connected
servers instead of local servers. Cloud can be used to store data, share resources and also to provide
services. Technically, there is very little difference between public and private cloud architecture. However,
the security and privacy of the data is a very big issue when sensitive data is being entrusted to third party
cloud service providers. Thus encryption with a fine grained access control is inevitable to enforce security
in clouds. Several techniques implementing attribute based encryption for fine grained access control have
been proposed. Under such approaches, the key management overhead is a little bit high in terms of
computational complexity. Also, secret sharing mechanisms have added complexity. Moreover, they lack
mechanisms to handle existence of traitors. Our proposed approach addresses these requirements and
reduces the overhead of the key management as well as secret sharing by using efficient algorithms and
protocols. Also, a traitor tracing technique is introduced into the cloud computing two layer encryption
environment.
Security and Protection of Enterprise Data in Cloud: Implementation of Deniab...IJERA Editor
Enterprise level cloud data storage is gaining importance in the area of consumer level file hostage services. Cloud storage providers are responsible for availability, accessibility and protection of the user data. A number of encrypting schemes have been proposed for encrypting the user data in cloud storage to protect unauthorized access. Most of the Attribute Based Encryption (ABE) schemes that were proposed assume that the data in cloud storage are secure and are never disclosed. However, in reality, some of the authorities may force the cloud storage providers to disclose the cloud user’s secrets or personal data. In this paper, a new deniable ABE encryption scheme for cloud storage is proposed to ensure user privacy with minimized unauthorized access. A new ranking algorithm assigns a rank to each user at the time of registration based on their personal information. The rank of the user enhances the privacy and provides access control to the data stored on cloud. Each file uploaded to cloud is assigned with a rank and the file downloads only if the rank of the user matches the rank associated with the file. If rank of the user does not match then a fake file will be downloaded. Since authorities who demand for user secret cannot decide if the information they get about the user are legitimate, the cloud storage providers make sure that the individual user privacy is still protected. The ranking algorithm is also used to provide improved cloud access response time to prioritized users
Achieving Secure, sclable and finegrained Cloud computing reportKiran Girase
cloud computing is also facing many challenges that, if not well resolved, may impede its fast growth. Data security, as it exists in many other applications, is among these challenges that would raise great concerns from users when they store sensitive information on cloud servers. These concerns originate from the fact that cloud servers are usually operated by commercial providers which are very likely to be outside of the trusted domain of the users. Data confidential against cloud servers is hence frequently desired when users outsource data for storage in the cloud.
Systematic Review Automation in Cyber SecurityYogeshIJTSRD
Many aspects of cyber security are carried by automation systems and service applications. The initial steps of cyber chain mainly focus on different automation tools with almost same task objective. Automation operations are carried only after detail study on particular task pre engagement phase , the tool is going to perform, measurement of dataset handling of tool produced output. The algorithm is going to make use of after comparing the existing tools efficiency, the throughput time, output format for reusable input and mainly the resource’s consumption. In this paper we are going to study the existing methodology in application and system pen testing, automation tool’s efficiency over growing technology and their behaviour study on unintended platform assignment. Nitin | Dr. Lakshmi J. V. N "Systematic Review: Automation in Cyber Security" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-4 , June 2021, URL: https://www.ijtsrd.compapers/ijtsrd41315.pdf Paper URL: https://www.ijtsrd.comcomputer-science/computer-security/41315/systematic-review-automation-in-cyber-security/nitin
A Survey on Different Techniques Used in Decentralized Cloud ComputingEditor IJCATR
This paper proposes various methods for anonymous authentication for data stored in cloud. Cloud verifies the authenticity
of the series without knowing the user’s identity before storing data. This paper also has the added feature of access control in which
only valid users are able to decrypt the stored information. These schemes also prevents replay attacks and supports creation,
modification, and reading data stored in the cloud. Moreover, our authentication and access control scheme is decentralized and robust,
unlike other access control schemes designed for clouds which are centralized. The communication, computation, and storage
overheads are comparable to centralized approaches .The aim of this paper is to cover many security issues arises in cloud computing
and different schemes to prevent security risks in cloud. Storage-as-a-service (Saas) offered by cloud service providers (CSPs) is a paid
facility that enables organizations to outsource their sensitive data to be stored on remote servers. In this paper, we propose a cloudbased
storage schemes that allows the data owner to benefit from the facilities offered by the CSP and enables indirect mutual trust
between them. This Paper provides different authentication techniques and algorithms for cloud security.
In an organization specifically as virtual as cloud there is need for access control systems to constrain
users direct or backhanded action that could lead to breach of security. In cloud, apart from owner access
to confidential data the third party auditing and accounting is done which could stir up further data leaks.
To control such data leaks and integrity, in past several security policies based on role, identity and user
attributes were proposed and found ineffective since they depend on static policies which do not monitor
data access and its origin. Provenance on the other hand tracks data usage and its origin which proves the
authenticity of data. To employ provenance in a real time system like cloud, the service provider needs to
store metadata on the subject of data alteration which is universally called as the Provenance Information.
This paper presents a provenance-policy based access control model which is designed and integrated with
the system that not only makes data auditable but also incorporates accountability for data alteration
events.
A study on security responsibilities and adoption in cloudeSAT Journals
Abstract Cloud computing is one of the popular enterprise models where computing resources are made available on-demand to the user as needed. Due to this increasing demand for more clouds there is an ever growing threat of security becoming a major issue. cloud computing is a construct that allows you to access applications that actually reside at a location other than your computer or other Internet-connected device, most often, this will be a distant data center. In a simple, topological sense, a cloud computing solution is made up of several elements: clients, the datacenter, and distributed servers. Each element has a purpose and plays a specific role in delivering a functional cloud based application, the increased degree of connectivity and the increasing amount of data has led many providers and in particular data centers to employ larger infrastructures with dynamic load and access balancing. So this paper shall look at ways in which security responsibilities and Cloud Adoption Keywords: Cloud Computing, Service models, Cloud Security, Secure Cloud Adoption,
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Reserva da Biosfera río Eo, Os Oscos e Terras de Burónmonadela
O espazo articúlase arredor do rio Eo (desde o seu nacemento ata a desembocadura) e de parte das cuncas do Navia, Porcia e Miño e pequenos ríos costeiros cantábricos, compartido entre Galiza e Asrurias.
Destaca polo seu valor mediambiental e paisaxístico con áreas costeiras, de media e alta montaña e vales fluviais.
Social media is an important and widely used technology among youth and young adults. It gives young people the opportunity to stay connected, explore facts of themselves, and engage with the world. For these reasons it is important that child welfare agencies understand the value and importance of social media, as well as how to use it safely and effectively in their work. This session will provide an introduction to how youth and young adults use social media, how professionals can start to use social media safely in their work with youth and young adults, and how youth and young adults can use social media safely in their lives.
A cloud storage system for sharing data securely with privacy preservation an...eSAT Journals
Abstract Cloud computing provides much-known services for storing user data over cloud server and it provides attention towards a broad set of technologies, rules and controls deployed to provide security for applications and data. As the more and more firm uses the cloud, security in cloud environment is becoming very important issue. It is much needed that companies should work with partners doing best practices of cloud security and which facilitate transparency for their solutions. Number of security solutions today depends on the authentication for security but it did not provide solution for the privacy problems while sharing data in the cloud environment. Data access request from the user itself may expose users’ private data no matter his request approved or not. So this becomes very important in sharing data in the cloud environment. In this paper we proposed a system which provides attention towards the above mentioned problem. In proposed system we used the concept of data anonymity for sending data access request to data owner and also provide the data auditing facility to detect fraud in the integrity of users shared data. Keywords: Cloud computing, privacy preservation, data integrity, data sharing, authentication
CLOUD BASED ACCESS CONTROL MODEL FOR SELECTIVE ENCRYPTION OF DOCUMENTS WITH T...IJNSA Journal
Cloud computing refers to a type of networked computing whereby an application can be run on connected servers instead of local servers. Cloud can be used to store data, share resources and also to provide services. Technically, there is very little difference between public and private cloud architecture. However, the security and privacy of the data is a very big issue when sensitive data is being entrusted to third party cloud service providers. Thus encryption with a fine grained access control is inevitable to enforce security in clouds. Several techniques implementing attribute based encryption for fine grained access control have been proposed. Under such approaches, the key management overhead is a little bit high in terms of computational complexity. Also, secret sharing mechanisms have added complexity. Moreover, they lack mechanisms to handle existence of traitors. Our proposed approach addresses these requirements and reduces the overhead of the key management as well as secret sharing by using efficient algorithms and protocols. Also, a traitor tracing technique is introduced into the cloud computing two layer encryption environment.
A Novel Information Accountability Framework for Cloud ComputingIJMER
International Journal of Modern Engineering Research (IJMER) is Peer reviewed, online Journal. It serves as an international archival forum of scholarly research related to engineering and science education.
International Journal of Computational Engineering Research(IJCER) is an intentional online Journal in English monthly publishing journal. This Journal publish original research work that contributes significantly to further the scientific knowledge in engineering and Technology.
Advanced Multi-Encryption Technique in Cloud ComputingAM Publications
Cloud Computing is one of the latest technology and it is growing rapidly .Cloud Computing provides
service over the internet. In the existing approach the revoked users are not tracked properly and there is no extra
protection on the data that is uploaded to the cloud server. The users are not authenticated properly. The best
approach is that the users are authenticated twice. Once with the help of password users are authenticated and then
the secret code will be sent to the authenticated users mobile with the help of interfacing technology like GSM and
then the user’s should enter the secret code to authenticate they are the valid users. In this paper the data that is
uploaded to the cloud server is encrypted twice by the data-owner and that data is later re-encrypted by the cloud
server. Multi- layer encryption technique is performed in order to provide extra security for the data that is uploaded to
the cloud server. The data that is uploaded to the cloud server is highly secure and user’s authentication is validated
twice so that the valid user can access data flexibly and reliably.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Insuring Security for Outsourced Data Stored in Cloud EnvironmentEditor IJCATR
The cloud storage offers users with infrastructure flexibility, faster deployment of applications and data, cost
control, adaptation of cloud resources to real needs, improved productivity, etc. Inspite of these advantageous factors, there
are several deterrents to the widespread adoption of cloud computing remain. Among them, security towards the correctness
of the outsourced data and issues of privacy lead a major role. In order to avoid security risk for the outsourced data, we
propose the dynamic audit services that enables integrity verification of untrusted and outsourced storages. An interactive
proof system (IPS) with the zero knowledge property is introduced to provide public auditability without downloading raw
data and protect privacy of the data. In the proposed system data owner stores the large number of data in cloud after e
encrypting the data with private key and also send public key to third party auditor (TPA) for auditing purpose. TPA in
clouds and it’s maintained by CSP. An Authorized Application (AA), which holds a data owners secret key (sk) and
manipulate the outsourced data and update the associated IHT stored in TPA. Finally Cloud users access the services through
the AA. Our system also provides secure auditing while the data owner outsourcing the data in the cloud. And after
performing auditing operations, security solutions are enhanced for the purpose of detecting malicious users with the help of
Certificate Authority
Enhancing Availability of Data in Mixed Homomorphic Encryption in Cloudijtsrd
In Forthcoming times of information technology companies, cloud computing updated as the structural model. There are so many benefits of cloud computing in technical as well as in organization. But still there are many new objections will carried in cloud computing for example in data security in cloud storage. There are many approaches available for data security in cloud storage like encryption with obfuscation technique, watermark security, data partitioning technique. In above all the approaches, there is no possibility that cloud data centers are operate computation on encrypted data so every time if user wants to modify data, it is necessary to decrypt data. The most used technique for providing security in cloud storage is Homomorphic encryption. In the homomorphic encryption technique, there is no need to decrypt whole data whenever user wants to update data. In the existing system used the mixed homomorphic scheme which reduce noise level in homomorphic encryption technique. The existing system focus on data corruption and data modification but what if system failure and power failure occurs. The user data may be loss in any reasons and user may not have any copy of data. The Existing system not focus on data loss. So in proposed work focus on availability of data by erasure code. By applying the erasure code if in any case user data is loss, will be reconstructed which provide more security than existing system. Bhargavi Patel ""Enhancing Availability of Data in Mixed Homomorphic Encryption in Cloud"" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-4 , June 2019, URL: https://www.ijtsrd.com/papers/ijtsrd25104.pdf
Paper URL: https://www.ijtsrd.com/engineering/computer-engineering/25104/enhancing-availability-of-data-in-mixed-homomorphic-encryption-in-cloud/bhargavi-patel
International Journal of Computational Engineering Research(IJCER)ijceronline
International Journal of Computational Engineering Research(IJCER) is an intentional online Journal in English monthly publishing journal. This Journal publish original research work that contributes significantly to further the scientific knowledge in engineering and Technology.
Enhanced Data Partitioning Technique for Improving Cloud Data Storage SecurityEditor IJMTER
Cloud computing is a model for enabling for on demand network access to shared
configurable computing resources (e.g. networks, servers, storage, applications, and services).It is
based on virtualization and distributed computing technologies. Cloud Data storage systems enable
user to store data efficiently on server without any trouble of data resources. User can easily store
and retrieve their data remotely. The two biggest concerns about cloud data storage are reliability and
security. Clients aren’t like to entrust their data to another third party or companies without a
guarantee that they will be able to access therein formations whenever they want. In the existing
system, the data are stored in the cloud using dynamic data operation with computation which makes
the user need to make a copy for further updating and verification of the data loss. Different
distributed storing auditing techniques are used for overcoming the problem of data loss. Recent
work of this paper has show that data partitioning technique used for data storage by providing
Digital signature to every partitioning data and user .this technique allow user to upload or retrieve
the data with matching the digital signatures provided to them. This method ensures high cloud
storage integrity, enhanced error localization and easy identification of misbehaving server and
unauthorized access to the cloud server. Hence this work aims to store the data securely in reduced
space with less time and computational cost.
Secure Data Sharing In an Untrusted CloudIJERA Editor
Cloud computing is a huge area which basically provides many services on the basis of pay as you go. One of the fundamental services provided by cloud is data storage. Cloud provides cost efficiency and an efficient solution for sharing resource among cloud users. A secure and efficient data sharing scheme for groups in cloud is not an easy task. On one hand customers are not ready to share their identity but on other hand want to enjoy the cost efficiency provided by the cloud. It needs to provide identity privacy, multiple owner and dynamic data sharing without getting effected by the number of cloud users revoked. In this paper, any member of a group can completely enjoy the data storing and sharing services by the cloud. A secure data sharing scheme for dynamic cloud users is proposed in this paper. For which it uses group signature and dynamic broadcast encryption techniques such that any user in a group can share the information in a secured manner. Additionally the permission option is proposed for the security reasons. This means the file access permissions are generated by the admin and given to the user using Role Based Access Control (RBA) algorithm. The file access permissions are read, write and delete. In this, owner can provide files with options and accepts the users using that option. The revocation of cloud user is a function generated by the Admin for security purpose. The encryption computational cost and storage overhead is not dependent on the number of users revoked. We analyze the security by proofs and produce the cloud efficiency report using cloudsim.
Electrically small antennas: The art of miniaturizationEditor IJARCET
We are living in the technological era, were we preferred to have the portable devices rather than unmovable devices. We are isolating our self rom the wires and we are becoming the habitual of wireless world what makes the device portable? I guess physical dimensions (mechanical) of that particular device, but along with this the electrical dimension is of the device is also of great importance. Reducing the physical dimension of the antenna would result in the small antenna but not electrically small antenna. We have different definition for the electrically small antenna but the one which is most appropriate is, where k is the wave number and is equal to and a is the radius of the imaginary sphere circumscribing the maximum dimension of the antenna. As the present day electronic devices progress to diminish in size, technocrats have become increasingly concentrated on electrically small antenna (ESA) designs to reduce the size of the antenna in the overall electronics system. Researchers in many fields, including RF and Microwave, biomedical technology and national intelligence, can benefit from electrically small antennas as long as the performance of the designed ESA meets the system requirement.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
2. ISSN: 2278 – 1323
International Journal of Advanced Research in Computer Engineering & Technology (IJARCET)
Volume 2, Issue 4, April 2013
1411
www.ijarcet.org
logs of each record will be created, then log will be merged
and error correction in log has been done and in auditing logs
are checked and in last phase improvement has been done
[12].
Cloud provides three service models, which are; platform as a
service, infrastructure as a service and software as a service.
Under the Database as a service, this is having four parts
which are as per mentioned below,
Encryption and Decryption - For security purpose of data
stored in cloud, encryption seems to be perfect security
solution.
Key Management - If encryption is necessary to store
data in the cloud, encryption keys can’t be store their, so
user requires key management.
Authentication - For accessing stored data in cloud by
authorized users.
Authorization – Rights given to user as well as cloud
provider.
To solve the security issues in cloud; other user
can’t read the respective users data without having access.
Data owner should not bother about his data, and should not
get fear about damage of his data by hacker; there is need of
security mechanism which will track usage of data in the
cloud. Accountability is necessary for monitoring data usage,
in this all actions of users like sending of file are
cryptographically linked to the server, that performs them
and server maintain secured record of all the actions of past
and server can use the past records to know the correctness of
action. It also provides reliable information about usage of
data and it observes all the records, so it helps in make trust,
relationship and reputation. So accountability is for
verification of authentication and authorization. It is
powerful tool to check the authorization policies
[9].Accountability describes authorization requirement for
data usage policies. Accountability mechanisms, which rely
on after the fact verification, are an attractive means to
enforce authorization policies [7].
There are 7 phases of accountability
1. Policy setting with data
2. Use of data by users
3. Logging
4. Merge logs
5. Error correctness in log
6. Auditing
7. Rectify and improvement.
These phases may change as per framework
First the data owner will set the policies with data and send it
to cloud service provider (CSP), data will be use by users and
logs of each record will be created, then log will be merged
and error correction in log has been done and in auditing logs
are checked and in last phase improvement has been done
[12].
In the Fig 1 Steps of accountability is given these are 7 steps
each step is important to perform next step, accountability is
nothing but validation of user actions means user having
rights for accessing this data or not. Suppose user will do
misuse of data or resources then network or data owner will
take action on it so users, businesses and government should
not bother about their data on cloud.
2. LITERATURE SURVEY
In this section review related works addressing security
in cloud. Security issue is very important in cloud there are
many techniques available so here is review of all these.
S. Pearson et al describes privacy manager mechanism
in which user's data is safe on cloud , in this technique the
user's data is in encrypted form in cloud and evaluating is
done on encrypted data, the privacy manager make readable
data from result of evaluation manager to get the correct
result. In obfuscation data is not present on Service provider's
machine so there is no risk with data, so data is safe on cloud,
But this solution is not suitable for all cloud application,
when input data is large this method can still require a large
amount of memory[2]. In [3], the authors present procedural
and technical solution both are producing solution to
accountability to solving security risk in cloud in this
mechanism these policies are decided by the parties that use,
store or share that data irrespective of the jurisdiction in
which information is processed. But it has limitation that data
processed on SP is in unencrypted at the point of processing
so there is a risk of data leakage. In [4], the author gives a
language which permits to serve data with policies by agent;
agent should prove their action and authorization to use
particular data. In this logic data owner attach Policies with
data, which contain a description of which actions are
allowed with which data, but there is the problem of
Continuous auditing of agent, but they provide solution that
incorrect behavior. Should monitor and agent should give
justification for their action, after that authority will check the
4. ISSN: 2278 – 1323
International Journal of Advanced Research in Computer Engineering & Technology (IJARCET)
Volume 2, Issue 4, April 2013
1413
www.ijarcet.org
To allow users to be timely and accurately informed
about their data usage, our distributed logging mechanism is
complemented by an innovative auditing mechanism. We
support two complementary auditing modes: 1) push mode;
2) pull mode.
Push mode. In this mode, the logs are periodically
pushed to the data owner (or auditor) by the harmonizer. The
push action will be triggered by either type of the following
two events: one is that the time elapses for a certain period
according to the temporal timer inserted as part of the JAR
file; the other is that the JAR file exceeds the size stipulated
by the content owner at the time of creation. After the logs are
sent to the data owner, the log files will be dumped, so as to
free the space for future access logs. Along with the log files,
the error correcting information for those logs is also
dumped. This push mode is the basic mode which can be
adopted by both the PureLog and the AccessLog, regardless
of whether there is a request from the data owner for the log
files. This mode serves two essential functions in the logging
architecture: 1) it ensures that the size of the log files does not
explode and 2) it enables timely detection and correction of
any loss or damage to the log files. Concerning the latter
function, we notice that the auditor, upon receiving the log
file, will verify its cryptographic guarantees, by checking the
records’ integrity and authenticity. By construction of the
records, the auditor, will be able to quickly detect forgery of
entries, using the checksum added to each and every record.
Pull mode. This mode allows auditors to retrieve the
logs anytime when they want to check the recent access to
their own data. The pull message consists simply of an FTP
pull command, which can be issues from the command line.
For naive users, a wizard comprising a batch file can be easily
built. The request will be sent to the harmonizer, and the user
will be informed of the data’s locations and obtain an
integrated copy of the authentic and sealed log file.
3.2. Algorithms
Pushing or pulling strategies have interesting
tradeoffs. The pushing strategy is beneficial when there are a
large number of accesses to the data within a short period of
time. In this case, if the data are not pushed out frequently
enough, the log file may become very large, which may
increase cost of operations like copying data . The pushing
mode may be preferred by data owners who are organizations
and need to keep track of the data usage consistently over
time. For such data owners, receiving the logs automatically
can lighten the load of the data analyzers. The maximum size
at which logs are pushed out is a parameter which can be
easily configured while creating the logger component. The
pull strategy is most needed when the data owner suspects
some misuse of his data; the pull mode allows him to monitor
the usage of his content immediately. A hybrid strategy can
actually be implemented to benefit of the consistent
information offered by pushing mode and the convenience of
the pull mode. Further, as supporting both pushing and
pulling modes helps protecting from some nontrivial attacks.
The log retrieval algorithm for the Push and Pull modes
is outlined in Fig. 3. The algorithm presents logging and
synchronization steps with the harmonizer in case of
PureLog. First, the algorithm checks whether the size of the
JAR has exceeded a stipulated size or the normal time
between two consecutive dumps has elapsed. The size and
time threshold for a dump are specified by the data owner at
the time of creation of the JAR. The algorithm also checks
whether the data owner has requested a dump of the log files.
If none of these events has occurred, it proceeds to encrypt
the record and write the error correction information to the
harmonizer.
The communication with the harmonizer begins with a
simple handshake. If no response is received, the log file
records an error. The data owner is then alerted through
e-mails, if the JAR is configured to send error notifications.
Once the handshake is completed, the communication with
the harmonizer proceeds, using a TCP/IP protocol. If any of
the aforementioned events (i.e., there is request of the log file,
or the size or time exceeds the threshold) has occurred, the
JAR simply dumps the log files and resets all the variables, to
make space for new records.
In case of AcessLog is modified by adding an
additional check . Precisely, the AccessLog checks whether
the CSP accessing the log satisfies all the conditions specified
in the policies pertaining to it. If the conditions are satisfied,
access is granted; otherwise, access is denied. Irrespective of
the access control outcome, the attempted access to the data
in the JAR file will be logged.
Our auditing mechanism has two main advantages.
First, it guarantees a high level of availability of the logs.
Second, the use of the harmonizer minimizes the amount of
Require:size:maximum size of the log file specified by
the data owner ,time:maximum time allowed to elapse
before the log file is dumped,tbeg:time stamp at which the
last dump occurred,log:current log file,pull:indicates
wheather a command from the data owner is received.
1:Let TS(NTP) be the network time protocal timestamp
2:pull=0
3:rec:=(UID,OID,AccessType,Result,Time,Loc)
4:CurrentTime:=TS(NTP)
5:lsize:=sizeof(log)//current size of the log
6:if((currenttime-tbeg)<time)&&(lsize<size)&&(pull==0)
then
7: log:=log+ENCRYPT(rec)//ENCRYPT is the encryption
function used to encrypt the record
8: PING to CJAR//send a PING to the harmonizer to
check if it is alive
9: if PING-CJAR then
10: PUSH RS(rec)// write the error correcting bits
11: else
12: EXIT(1) // error if no PING is received
13: end if
14: end if
15: if((cutime-tbeg)> time)||(lsize >= size)||(pull !=0) then
16: //Check if PING is received
17: if PING-CJAR then
18: PUSH log // write the log file to the harmonizer
19: RS(log) := NULL // reset the error correction records
20: tbeg := TS(NTP) // reset the tbeg variable
21: pull := 0
22: else
23: EXIT(1) //error if no PING is received
24: end if
25: end if
Fig. 3. Push and pull PureLog mode.