scholarly journals Cloud Security and Privacy in the Light of the 2012 EU Data Protection Regulation

2013 ◽  
pp. 114-123 ◽  
Author(s):  
Andreas Kronabeter ◽  
Stefan Fenz
Keyword(s):  
Data Protection ◽  
Cloud Security ◽  
Security And Privacy

Applying Spring Security Framework with KeyCloak-based OAuth2 to Protect Microservice Architecture APIs for a Health eCoach System: A Proof-of-Concept Study (Preprint)

2021 ◽  
Author(s):  
Ayan Chatterjee ◽  
Andreas Prinz
Keyword(s):  
Open Access ◽  
Medical Devices ◽  
Data Protection ◽  
Experimental Testing ◽  
Virtual Private Network ◽  
Security And Privacy ◽  
Secure Socket Layer ◽  
Proof Of Concept ◽  
Private Network ◽  
Microservice Architecture

UNSTRUCTURED The Internet of Medical Things (IoMT) combines medical devices and applications connected to healthcare information technology systems using network technologies. With the flourishing adaptation rate of Internet-enabled medical devices in healthcare applications, we need to guarantee the security and privacy of electronic health records (EHRs) and communications among these IoMT devices, exposed web services, and the underlying infrastructure. This research is a proof-of-concept (PoC) study for implementing an integrated security solution with Spring Security and KeyCloak open-access platform (SSK) to safeguard microservice architecture application programming interfaces (APIs). Subsequently, we extended the security solution with a virtual private network (VPN), Bcrypt hash, API key, network firewall, and secure socket layer (SSL) to build up a digital infrastructure following the Norwegian data protection policies and General Data Protection Regulation (GDPR). In this study, we have not proposed any new security solution; however, we have focused on accomplishing a hybrid security solution based on the established frameworks (e.g., Spring Security) and open-access software product (e.g., Keycloak) to protect microservice APIs for a health eCoach system as a PoC study. This study describes the methodological, technical, and practical considerations to protect REST interfaces only and ensuring the privacy of data in the system. We validate our SSK security implementation by theoretical evaluation and experimental testing. In addition, we compare the test results with related studies qualitatively to determine the effectiveness of the hybrid security solution (SSK).

scholarly journals A New Secure Model for Data Protection over Cloud Computing

2021 ◽  
Vol 2021 ◽  
pp. 1-11
Author(s):  
Amr M. Sauber ◽  
Passent M. El-Kafrawy ◽  
Amr F. Shawish ◽  
Mohamed A. Amin ◽  
Ismail M. Hagag
Keyword(s):  
Cloud Computing ◽  
Data Storage ◽  
Data Protection ◽  
Cloud Services ◽  
Security And Privacy ◽  
Storage Model ◽  
Cloud Data ◽  
Security Issues ◽  
Data Owner ◽  
Proposed Model

The main goal of any data storage model on the cloud is accessing data in an easy way without risking its security. A security consideration is a major aspect in any cloud data storage model to provide safety and efficiency. In this paper, we propose a secure data protection model over the cloud. The proposed model presents a solution to some security issues of cloud such as data protection from any violations and protection from a fake authorized identity user, which adversely affects the security of the cloud. This paper includes multiple issues and challenges with cloud computing that impairs security and privacy of data. It presents the threats and attacks that affect data residing in the cloud. Our proposed model provides the benefits and effectiveness of security in cloud computing such as enhancement of the encryption of data in the cloud. It provides security and scalability of data sharing for users on the cloud computing. Our model achieves the security functions over cloud computing such as identification and authentication, authorization, and encryption. Also, this model protects the system from any fake data owner who enters malicious information that may destroy the main goal of cloud services. We develop the one-time password (OTP) as a logging technique and uploading technique to protect users and data owners from any fake unauthorized access to the cloud. We implement our model using a simulation of the model called Next Generation Secure Cloud Server (NG-Cloud). These results increase the security protection techniques for end user and data owner from fake user and fake data owner in the cloud.

scholarly journals Factorial invariance of an information security culture assessment instrument for multinational organisations with operations across data protection jurisdictions

2015 ◽  
Vol 4 (4) ◽  
pp. 47-58 ◽  
Author(s):  
Nico Martins ◽  
Adéle da Veiga
Keyword(s):  
Information Security ◽  
Data Protection ◽  
Personal Information ◽  
Theoretical Perspective ◽  
Factorial Invariance ◽  
Assessment Instrument ◽  
Security And Privacy ◽  
Security Culture ◽  
The Uk ◽  
Information Security Culture

An information security culture is influenced by various factors, one being regulatory requirements. The United Kingdom (UK) has been regulated through the UK Data Protection Act since 1995, whereas South Africa (SA) only promulgated the Protection of Personal Information Act (PoPI) in 2013. Both laws stipulate requirements from an information security perspective with regard to the processing of personal information, however in the UK this has been regulated for a longer period. Consequently, it is to be expected that the information security culture for organisations in the UK will be significantly different from that of SA. This raises the question as to whether the same information security culture assessment (ISCA) instrument could be used in an organisation with offices in both jurisdictions, and whether it might be necessary to customise it according the particular country’s enforcement of information security and privacy-related conditions. This is reviewed, firstly from a theoretical perspective, and secondly a factorial invariance analysis was conducted in a multinational organisation with offices in both the UK and SA, using data from an ISCA questionnaire, to determine possible factorial invariances in terms of the ISCA.

Review on Cloud Computing and Cloud Security Issues

2021 ◽  
Author(s):  
Ramla Humayun
Keyword(s):  
Cloud Computing ◽  
Cloud Security ◽  
Security And Privacy ◽  
Security Issues ◽  
Privacy Issues

Review on Cloud-Computing and the security and privacy issues related with it.

Security and Privacy Challenges in Big Data

2020 ◽  
pp. 97-124
Author(s):  
Dharmpal Singh ◽  
Ira Nath ◽  
Pawan Kumar Singh
Keyword(s):  
Big Data ◽  
Data Protection ◽  
High Performance ◽  
Digital Transformation ◽  
Security And Privacy ◽  
Privacy And Security ◽  
Data Safety ◽  
Amount Of Information ◽  
Enormous Amount ◽  
Software Skills

Big data refers to enormous amount of information which may be in planned and unplanned form. The huge capacity of data creates impracticable situation to handle with conventional database and traditional software skills. Thousands of servers are needed for its processing purpose. Big data gathers and examines huge capacity of data from various resources to determine exceptional novel awareness and recognizing the technical and commercial circumstances. However, big data discloses the endeavor to several data safety threats. Various challenges are there to maintain the privacy and security in big data. Protection of confidential and susceptible data from attackers is a vital issue. Therefore, the goal of this chapter is to discuss how to maintain security in big data to keep your organization robust, operational, flexible, and high performance, preserving its digital transformation and obtaining the complete benefit of big data, which is safe and secure.

scholarly journals eHealth Cloud Security Challenges: A Survey

2019 ◽  
Vol 2019 ◽  
pp. 1-15 ◽  
Author(s):  
Yazan Al-Issa ◽  
Mohammad Ashraf Ottom ◽  
Ahmed Tamrawi
Keyword(s):  
Cloud Computing ◽  
Resource Sharing ◽  
Energy Savings ◽  
Service Providers ◽  
Healthcare Providers ◽  
Cloud Service ◽  
Cloud Security ◽  
Security And Privacy ◽  
Healthcare Industry ◽  
Sensitive Data

Cloud computing is a promising technology that is expected to transform the healthcare industry. Cloud computing has many benefits like flexibility, cost and energy savings, resource sharing, and fast deployment. In this paper, we study the use of cloud computing in the healthcare industry and different cloud security and privacy challenges. The centralization of data on the cloud raises many security and privacy concerns for individuals and healthcare providers. This centralization of data (1) provides attackers with one-stop honey-pot to steal data and intercept data in-motion and (2) moves data ownership to the cloud service providers; therefore, the individuals and healthcare providers lose control over sensitive data. As a result, security, privacy, efficiency, and scalability concerns are hindering the wide adoption of the cloud technology. In this work, we found that the state-of-the art solutions address only a subset of those concerns. Thus, there is an immediate need for a holistic solution that balances all the contradicting requirements.

Sign in / Sign up

Export Citation Format

Share Document