PaaS Platform Securityenhancement Using Fuzzy and Trust Based Signature

Abstract The study of PaaS platform security enhancement has occupied scholars from a number of disciplines, in previous works has so many security issues like Security problems can be a big barrier to cloud computing. System servers require trustworthy security measures to different data domains according to the system servers own operating mechanism. Problem is constructed by filtering out those cloud providers not conforming to high-level security requirements. By including low-level security requirements to be used for filtering the cloud provider space and formulating the optimisation function. To overcome all the above drawbacks our proposed work mainly focused on the security of Platform-as-a-Service (PaaS) as well as the most critical security issues that were documented regarding PaaS infrastructure. This work has two main aspects: First, suitable access control on user personal data, VMs and platform services and Second planning and adapting application deployments based on security requirements. In Fuzzy based access control to information sources is mainly realised by exploiting the CDO security feature. In Security feature code was modified to map the class and packet filter for any specific permission to our own class. If the Identity Provider (IdP) has included public security information on the two main parts in the small token on which Trust based Signature elements are placed, i.e., the whole token or the assertions included, this public key is used to validate the respective signature. The experimental results will show that our proposed method outperforms the traditional methods. Our proposed methodology was implemented in the platform of JAVA.

Download Full-text

A security study in Portuguese Public Hospitals - GDPR perspective (Preprint)

10.2196/preprints.17896 ◽

2020 ◽

Author(s):

Cátia Santos-Pereira

Keyword(s):

Information Systems ◽

Identity Management ◽

Personal Data ◽

Public Hospitals ◽

Hospital Environment ◽

Security Measures ◽

Eu Member States ◽

Security Issues ◽

Management Processes ◽

Authentication Security

BACKGROUND GDPR was scheduled to be formally adopted in 2016 with EU member states being given two years to implement it (May 2018). Given the sensitive nature of the personal data that healthcare organization process on a 24/7 basis, it is critical that the protection of that data in a hospital environment is given the high priority that data protection legislation (GDPR) requires. OBJECTIVE This study addresses the state of Public Portuguese hospitals regarding GDPR compliance in the moment of GDPR preparation period (2016-2018) before the enforcement in 25 May 2018, and what activities have started since then. The study focuses in three GDPR articles namely 5, 25 and 32, concerning authentication security, identity management processes and audit trail themes. METHODS The study was conducted between 2017 and 2019 in five Portuguese Public Hospitals (each different in complexity). In each hospital, six categories of information systems critical to health institutions were included in the study, trying to cover the main health information systems available and common to hospitals (ADT, EPR, PMS, RIS, LIS and DSS). It was conducted interviews in two phases (before and after GDPR enforcement) with the objective to identify the maturity of information systems of each hospital regarding authentication security, identity management processes and traceability and efforts in progress to avoid security issues. RESULTS A total of 5 hospitals were included in this study and the results of this study highlight the hospitals privacy maturity, in general, the hospitals studied where very far from complying with the security measures selected (before May 2018). Session account lock and password history policy were the poorest issues, and, on the other hand, store encrypted passwords was the best issue. With the enforcement of GDPR these hospitals started a set of initiatives to fill this gap, this is made specifically for means of making the whole process as transparent and trustworthy as possible and trying to avoid the huge fines. CONCLUSIONS We are still very far from having GDPR compliant systems and Institutions efforts are being done. The first step to align an organization with GDPR should be an initial audit of all system. This work collaborates with the initial security audit of the hospitals that belong to this study.

Download Full-text

Role of Security Mechanisms in the Building Blocks of the Cloud Infrastructure

Applications of Security, Mobile, Analytic, and Cloud (SMAC) Technologies for Effective Information Processing and Management - Advances in Computer and Electrical Engineering ◽

10.4018/978-1-5225-4044-1.ch001 ◽

2018 ◽

pp. 1-23

Author(s):

Kowsigan Mohan ◽

P. Balasubramanie Palanisamy ◽

G.R. Kanagachidambaresan ◽

Siddharth Rajesh ◽

Sneha Narendran

Keyword(s):

Building Blocks ◽

Vital Role ◽

Cloud Provider ◽

Scheduling Problems ◽

Cloud Environment ◽

Security Measures ◽

Cloud Infrastructure ◽

Security Issues

This chapter describes how security plays a vital role in cloud computing, as the name itself specifies the data can be stored from any place and can be owned by anyone. Even though the cloud offers many benefits such as flexibility, scalability and agility, security issues are still backlog the cloud infrastructure. Much research is being done on cloud security equal to the scheduling problems in the cloud environment. The customers under the cloud providers are very concerned about their data, which has been stored in the cloud environment. In this regard, it is essential for a cloud provider to implement some powerful tools for security, to provide a secure cloud infrastructure to the customers. Generally speaking, there are some foundational needs to be attained and some actions to be combined to ensure data security in both cloud, as well as, non-cloud infrastructure. This book chapter concentrates only on the security issues, security measures, security mechanisms, and security tools of the cloud environment.

Download Full-text

Cryptography in Big Data Security

Advances in Human and Social Aspects of Technology - HCI Challenges and Privacy Preservation in Big Data Security ◽

10.4018/978-1-5225-2863-0.ch004 ◽

2018 ◽

pp. 71-94

Author(s):

Navin Jambhekar ◽

Chitra Anil Dhawale

Keyword(s):

Cloud Computing ◽

Big Data ◽

Information Security ◽

Data Security ◽

Computing System ◽

Mobile Client ◽

Security Issues ◽

Cloud Computing System ◽

Cloud Server ◽

Encrypted Search

Information security is a prime goal for every individual and organization. The travelling from client to cloud server can be prone to security issues. The big data storages are available through cloud computing system to facilitate mobile client. The information security can be provided to mobile client and cloud technology with the help of integrated parallel and distributed encryption and decryption mechanism. The traditional technologies include the plaintext stored across cloud and can be prone to security issues. The solution provided by applying the encrypted data upload and encrypted search. The clouds can work in collaboration; therefore, the encryption can also be done in collaboration. Some part of encryption handle by client and other part handled by cloud system. This chapter presents the security scenario of different security algorithms and the concept of mobile and cloud computing. This chapter precisely defines the security features of existing cloud and big data system and provides the new framework that helps to improve the data security over cloud computing and big data security system.

Download Full-text

A Pattern-Based and Tool-Supported Risk Analysis Method Compliant to ISO 27001 for Cloud Systems

International Journal of Secure Software Engineering ◽

10.4018/ijsse.2015010102 ◽

2015 ◽

Vol 6 (1) ◽

pp. 24-46

Author(s):

Azadeh Alebrahim ◽

Denis Hatebur ◽

Stephan Fassbender ◽

Ludger Goeke ◽

Isabelle Côté

Keyword(s):

Cloud Computing ◽

Information Security ◽

Risk Analysis ◽

Computing System ◽

Security Requirements ◽

Analysis Method ◽

Computing Systems ◽

Cloud Systems ◽

Cloud Computing System ◽

Iso 27001

To benefit from cloud computing and the advantages it offers, obstacles regarding the usage and acceptance of clouds have to be cleared. For cloud providers, one way to obtain customers' confidence is to establish security mechanisms when using clouds. The ISO 27001 standard provides general concepts for establishing information security in an organization. Risk analysis is an essential part in the ISO 27001 standard for achieving information security. This standard, however, contains ambiguous descriptions. In addition, it does not stipulate any method to identify assets, threats, and vulnerabilities. In this paper, the authors present a method for cloud computing systems to perform risk analysis according to the ISO 27001. The authors' structured method is tailored to SMEs. It relies upon patterns to describe context and structure of a cloud computing system, elicit security requirements, identify threats, and select controls, which ease the effort for these activities. The authors' method guides companies through the process of risk analysis in a structured manner. Furthermore, the authors provide a model-based tool for supporting the ISO 27001 standard certification. The authors' tool consists of various plug-ins for conducting different steps of their method.

Download Full-text

Hybrid Secure Model for Securing Data in The Cloud Computing System by Combining RSA, AES and CP-ABE: نموذج هجين آمن لحماية البيانات في الحوسبة السحابية بدمج RSA وAES وCP-ABE

Journal of engineering sciences and information technology - مجلة العلوم الهندسية و تكنولوجيا المعلومات ◽

10.26389/ajsrp.z110521 ◽

2021 ◽

Vol 5 (4) ◽

pp. 80-59

Author(s):

Zakria Mahrousa, Mahmoud Rahhal, Nairouz Alzin Zakria Mahrousa, Mahmoud Rahhal, Nairouz Alzin

Keyword(s):

Health Care ◽

Cloud Computing ◽

Access Control ◽

Healthcare System ◽

Service Providers ◽

Security Requirements ◽

Security And Privacy ◽

Rsa Algorithm ◽

Aes Algorithm ◽

Cloud Computing System

The cloud healthcare system represents an important application for cloud computing, as it uses the cloud for the operations of storing patient medical data and sharing it between health care service providers and patients, making the security and privacy of e-health system data the main concern of researchers. This paper presents an integrated secure model for the healthcare system in cloud computing that achieves the security and confidentiality of data transferred through cloud computing, by combining the two algorithms AES and RSA with the access control algorithm CP-ABE in order to use the advantages of each of them, where the encryption process is done by a proposed algorithm which is based on the RSA algorithm, the XOR parameter, and the AES algorithm; the secrecy of the AES algorithm has been increased by generating a dynamic key, and the confidentiality of this key has been secured with two encryption levels, the first level using the CP-ABE algorithm and the second level using the RSA algorithm. The proposed model is characterized by meeting the requirements of access control, authentication, and verification for both the transmitter and the receiver, and the results of the application of this model proved its ability to meet the security requirements of the health care system in cloud computing with the lowest possible implementation time, as the execution times were at the transmitter's end (43.2, 43.83, 45.11, 48. 23, 50.77, 52.16, 57.95, 63.2, and 63.35)ms for variable file sizes (37, 50, 100, 150, 200, 256, 512, 1000, and 1024)KB, respectively. The results also showed its superiority in terms of security requirements in cloud computing and the necessary implementation times on studied reference models.

Download Full-text

Big Data Handling Approach for Unauthorized Access of Cloud Computing

10.20944/preprints202112.0068.v1 ◽

2021 ◽

Author(s):

Abdul Razaque ◽

Shaldanbayeva Nazerke ◽

Bandar Alotaibi ◽

Munif Alotaibi ◽

Akhmetov Murat ◽

...

Keyword(s):

Cloud Computing ◽

Big Data ◽

Access Control ◽

Intrusion Detection ◽

Data Access ◽

Computing System ◽

Data Handling ◽

Unauthorized Access ◽

Data Access Control ◽

Cloud Computing System

Nowadays, cloud computing is one of the important and rapidly growing paradigms that extend its capabilities and applications in various areas of life. The cloud computing system challenges many security issues, such as scalability, integrity, confidentiality, and unauthorized access, etc. An illegitimate intruder may gain access to the sensitive cloud computing system and use the data for inappropriate purposes that may lead to losses in business or system damage. This paper proposes a hybrid unauthorized data handling (HUDH) scheme for Big data in cloud computing. The HUDU aims to restrict illegitimate users from accessing the cloud and data security provision. The proposed HUDH consists of three steps: data encryption, data access, and intrusion detection. HUDH involves three algorithms; Advanced Encryption Standards (AES) for encryption, Attribute-Based Access Control (ABAC) for data access control, and Hybrid Intrusion Detection (HID) for unauthorized access detection. The proposed scheme is implemented using Python and Java language. Testing results demonstrate that the HUDH can delegate computation overhead to powerful cloud servers. User confidentiality, access privilege, and user secret key accountability can be attained with more than 97% high accuracy.

Download Full-text

Current State Survey and Future Opportunities for Trust and Security in Green Cloud Computing

Cyber Security and Threats ◽

10.4018/978-1-5225-5634-3.ch081 ◽

2018 ◽

pp. 1669-1693

Author(s):

Amine Haouari ◽

Zbakh Mostapha ◽

Samadi Yassir

Keyword(s):

Cloud Computing ◽

Computing System ◽

Security And Privacy ◽

Security Issues ◽

Current State ◽

New Concepts ◽

Cloud Computing System ◽

Architectural Principles ◽

Computing Environments ◽

Delivery Models

In this paper, the authors present a state of art survey of cloud computing, highlighting its architectural principles, implementation as well as research directions in this increasingly important domain. They cover the different security issues that has emanated due to the nature of the service delivery models of a cloud computing system. Furthermore, in this survey the researchers highlight the concept of trust in digital environment as well as the use of containers like Docker, the block chain principle, artificial intelligence, last findings in the field of cryptography and other new concepts used in the domain of security and privacy related to cloud computing environments. They provide in the end an overview of the metrics which are mandatory in order to have a green flavor of cloud computing and the strategies that are currently used.

Download Full-text

Potentials of Fog Computing in Higher Education

International Journal of Emerging Technologies in Learning (iJET) ◽

10.3991/ijet.v14i18.10765 ◽

2019 ◽

Vol 14 (18) ◽

pp. 194 ◽

Cited By ~ 2

Author(s):

Arumugam So Raman

Keyword(s):

Cloud Computing ◽

Fog Computing ◽

Computing System ◽

Modern Technology ◽

Internet Usage ◽

Computing Technology ◽

Security Issues ◽

The People ◽

Cloud Computing System ◽

The Difference

This paper is documenting the potential of Fog Computing in Education. First, this study explores the difference between cloud computing and Fog Computing. Then the features of computing explained briefly. A tremendous increase in Internet usage among the people does not allow the sustainability to continue depending on Cloud Computing as a centralized web server, due to the truth that Cloud Computing system allows access to internet data as well as therefore making it feasible for users to availability, share along with store information in remote servers. With Fog Computing, multiple users, gadgets such as automobiles, wearable gizmos, sensing units, wise gadgets, an organization can accept one another utilizing their very own Fog facilities. In the educational sector, Fog computing technology boosts educational operations and provides a platform with agility, versus slowing them down or quitting them. Fog computing is a modern technology that is set for high development in the future, as well as will substantially improve day-to-day procedures for many sectors, including education. Finally, security issues and challenges of implementation Fog computing discussed.

Download Full-text

Dynamic Secure Interconnection for Security Enhancement in Cloud Computing

International Journal of Computers Communications & Control ◽

10.15837/ijccc.2016.3.504 ◽

2016 ◽

Vol 11 (3) ◽

pp. 348 ◽

Cited By ~ 1

Author(s):

Liwen He ◽

Feiyi Huang ◽

Jie Zhang ◽

Bin Liu ◽

Chunling Chen ◽

...

Keyword(s):

Cloud Computing ◽

Computing System ◽

Service Provisioning ◽

Efficiency Improvement ◽

Resource Pooling ◽

Security Issues ◽

Security Enhancement ◽

On Demand ◽

Cloud Computing System ◽

Demand Service

Cloud computing brings efficiency improvement on resource utilization nd other benefits such as on-demand service provisioning, location independence and biquitous access, elastic resource pooling, pay as usage pricing mode, etc. However, t also introduces new security issues because the data management and ownership re separated, and the management is operated on a virtualized platform. In this paper, novel dynamic secure interconnection (DSI) mechanism is proposed to isolate he cloud computing system into a couple of dynamic virtual trust zones with different ecurity policies implemented for different customers so as to enhance security. xperimental results are presented to demonstrate the feasibility and effectiveness of he DSI mechanism.

Download Full-text