Hybrid Secure Model for Securing Data in The Cloud Computing System by Combining RSA, AES and CP-ABE: نموذج هجين آمن لحماية البيانات في الحوسبة السحابية بدمج RSA وAES وCP-ABE

The cloud healthcare system represents an important application for cloud computing, as it uses the cloud for the operations of storing patient medical data and sharing it between health care service providers and patients, making the security and privacy of e-health system data the main concern of researchers. This paper presents an integrated secure model for the healthcare system in cloud computing that achieves the security and confidentiality of data transferred through cloud computing, by combining the two algorithms AES and RSA with the access control algorithm CP-ABE in order to use the advantages of each of them, where the encryption process is done by a proposed algorithm which is based on the RSA algorithm, the XOR parameter, and the AES algorithm; the secrecy of the AES algorithm has been increased by generating a dynamic key, and the confidentiality of this key has been secured with two encryption levels, the first level using the CP-ABE algorithm and the second level using the RSA algorithm. The proposed model is characterized by meeting the requirements of access control, authentication, and verification for both the transmitter and the receiver, and the results of the application of this model proved its ability to meet the security requirements of the health care system in cloud computing with the lowest possible implementation time, as the execution times were at the transmitter's end (43.2, 43.83, 45.11, 48. 23, 50.77, 52.16, 57.95, 63.2, and 63.35)ms for variable file sizes (37, 50, 100, 150, 200, 256, 512, 1000, and 1024)KB, respectively. The results also showed its superiority in terms of security requirements in cloud computing and the necessary implementation times on studied reference models.

Download Full-text

Improvement of Privacy and Security in Hybrid Cloud with Attribute Group Based Access Control

International Journal of Scientific Research in Computer Science Engineering and Information Technology ◽

10.32628/cseit19518 ◽

2019 ◽

pp. 57-61

Author(s):

Kayalvili S ◽

Sowmitha V

Keyword(s):

Cloud Computing ◽

Access Control ◽

Data Storage ◽

Service Providers ◽

Cloud Service ◽

Security Requirements ◽

Security And Privacy ◽

Data Outsourcing ◽

Privacy And Security ◽

Control Approach

Cloud computing enables users to accumulate their sensitive data into cloud service providers to achieve scalable services on-demand. Outstanding security requirements arising from this means of data storage and management include data security and privacy. Attribute-based Encryption (ABE) is an efficient encryption system with fine-grained access control for encrypting out-sourced data in cloud computing. Since data outsourcing systems require flexible access control approach Problems arises when sharing confidential corporate data in cloud computing. User-Identity needs to be managed globally and access policies can be defined by several authorities. Data is dual encrypted for more security and to maintain De-Centralization in Multi-Authority environment.

Download Full-text

One Implementation Method of Trust Evaluation Tool Used on Cloud Computing Service

Recent Advances in Electrical & Electronic Engineering (Formerly Recent Patents on Electrical & Electronic Engineering) ◽

10.2174/2352096511666180528075030 ◽

2019 ◽

Vol 12 (3) ◽

pp. 223-231

Author(s):

Shengju Yang

Keyword(s):

Cloud Computing ◽

Access Control ◽

Service Providers ◽

Assessment Method ◽

Trust Evaluation ◽

Evaluation Tool ◽

Computing Services ◽

Business Goals ◽

Cloud Computing Service ◽

Cloud Computing Services

In order to solve the trust problems between users and cloud computing service providers in cloud computing services, the existing trust evaluation technology and access control technology in the cloud computing service are analyzed. And the evaluation index of cloud computing is also analyzed. Users can calculate the relevant indicators of cloud computing service according to their own business goals, and choose the appropriate cloud computing services according to their own trust need. In addition, the reliability assessment method of users based on the service process is proposed. Cloud computing access control system can be used for user credibility evaluation, and it can handle user access requests according to user's creditability. In the study, a cloud computing service trust evaluation tool is designed, and the modeling and architecture designs of trust evaluation are also given. The effectiveness of the method is verified by experiments on cloud computing service evaluation methods.

Download Full-text

eHealth Cloud Security Challenges: A Survey

Journal of Healthcare Engineering ◽

10.1155/2019/7516035 ◽

2019 ◽

Vol 2019 ◽

pp. 1-15 ◽

Cited By ~ 11

Author(s):

Yazan Al-Issa ◽

Mohammad Ashraf Ottom ◽

Ahmed Tamrawi

Keyword(s):

Cloud Computing ◽

Resource Sharing ◽

Energy Savings ◽

Service Providers ◽

Healthcare Providers ◽

Cloud Service ◽

Cloud Security ◽

Security And Privacy ◽

Healthcare Industry ◽

Sensitive Data

Cloud computing is a promising technology that is expected to transform the healthcare industry. Cloud computing has many benefits like flexibility, cost and energy savings, resource sharing, and fast deployment. In this paper, we study the use of cloud computing in the healthcare industry and different cloud security and privacy challenges. The centralization of data on the cloud raises many security and privacy concerns for individuals and healthcare providers. This centralization of data (1) provides attackers with one-stop honey-pot to steal data and intercept data in-motion and (2) moves data ownership to the cloud service providers; therefore, the individuals and healthcare providers lose control over sensitive data. As a result, security, privacy, efficiency, and scalability concerns are hindering the wide adoption of the cloud technology. In this work, we found that the state-of-the art solutions address only a subset of those concerns. Thus, there is an immediate need for a holistic solution that balances all the contradicting requirements.

Download Full-text

A Pattern-Based and Tool-Supported Risk Analysis Method Compliant to ISO 27001 for Cloud Systems

International Journal of Secure Software Engineering ◽

10.4018/ijsse.2015010102 ◽

2015 ◽

Vol 6 (1) ◽

pp. 24-46

Author(s):

Azadeh Alebrahim ◽

Denis Hatebur ◽

Stephan Fassbender ◽

Ludger Goeke ◽

Isabelle Côté

Keyword(s):

Cloud Computing ◽

Information Security ◽

Risk Analysis ◽

Computing System ◽

Security Requirements ◽

Analysis Method ◽

Computing Systems ◽

Cloud Systems ◽

Cloud Computing System ◽

Iso 27001

To benefit from cloud computing and the advantages it offers, obstacles regarding the usage and acceptance of clouds have to be cleared. For cloud providers, one way to obtain customers' confidence is to establish security mechanisms when using clouds. The ISO 27001 standard provides general concepts for establishing information security in an organization. Risk analysis is an essential part in the ISO 27001 standard for achieving information security. This standard, however, contains ambiguous descriptions. In addition, it does not stipulate any method to identify assets, threats, and vulnerabilities. In this paper, the authors present a method for cloud computing systems to perform risk analysis according to the ISO 27001. The authors' structured method is tailored to SMEs. It relies upon patterns to describe context and structure of a cloud computing system, elicit security requirements, identify threats, and select controls, which ease the effort for these activities. The authors' method guides companies through the process of risk analysis in a structured manner. Furthermore, the authors provide a model-based tool for supporting the ISO 27001 standard certification. The authors' tool consists of various plug-ins for conducting different steps of their method.

Download Full-text

Ontology based Access Control Model for Healthcare System in Cloud Computing

Indian Journal of Science and Technology ◽

10.17485/ijst/2015/v8is9/53617 ◽

2015 ◽

Vol 8 (S9) ◽

pp. 218 ◽

Cited By ~ 2

Author(s):

K. Mohan ◽

M. Aramudhan

Keyword(s):

Cloud Computing ◽

Access Control ◽

Healthcare System ◽

Control Model ◽

Access Control Model

Download Full-text

Security Challenges in Healthcare Cloud Computing: A Systematic Review

Global Journal of Health Science ◽

10.5539/gjhs.v9n3p157 ◽

2016 ◽

Vol 9 (3) ◽

pp. 157 ◽

Cited By ~ 14

Author(s):

Esmaeil Mehraeen ◽

Marjan Ghazisaeedi ◽

Jebraeil Farzi ◽

Saghar Mirshekari

Keyword(s):

Systematic Review ◽

Cloud Computing ◽

Access Control ◽

Identity Management ◽

Research Question ◽

Security And Privacy ◽

Healthcare Data ◽

Security Challenges ◽

Authentication And Authorization ◽

Hypervisor Security

BACKGROUND: Healthcare data are very sensitive records that should not be made available to unauthorized people in order for protecting patient's information security. However, in progressed technologies as cloud computing which are vulnerable to cyber gaps that pose an adverse impact on the security and privacy of patients’ electronic health records and in these situations, security challenges of the wireless networks need to be carefully understood and considered. Recently, security concerns in cloud computing environment are a matter of challenge with rising importance.OBJECTIVE: In this study a systematic review to investigate the security challenges in cloud computing was carried out. We focused mainly on healthcare cloud computing security with an organized review of 210 full text articles published between 2000 and 2015.METHOD: A systematic literature review was conducted including PubMed, Science direct, Embase, ProQuest, Web of science, Cochrane, Emerald, and Scopus databases.FINDINGS: Using the strategies described, 666 references retrieved (for research question one 365, research question two 201, and research question three 100 references).IMPROVEMENTS: Review of articles showed that for ensuring healthcare data security, it is important to provide authentication, authorization and access control within cloud's virtualized network. Issues such as identity management and access control, Internet-based access, authentication and authorization and cybercriminals are major concerns in healthcare cloud computing. To manage these issues many involved events such as Hybrid Execution Model, VCC-SSF, sHype Hypervisor Security Architecture, Identity Management, and Resource Isolation approaches have to be defined for using cloud computing threat management processes.

Download Full-text

Sharing Healthcare Records in the Cloud Using Attribute-Based Encryption and De-Duplication

International Journal for Research in Applied Science and Engineering Technology ◽

10.22214/ijraset.2021.37109 ◽

2021 ◽

Vol 9 (VII) ◽

pp. 3345-3350

Author(s):

Rushikesh Umak

Keyword(s):

Cloud Computing ◽

Healthcare System ◽

Cost Effective ◽

Security And Privacy ◽

Medical Opinion ◽

Health Related ◽

The Face ◽

Information And Communication ◽

High Level ◽

Effective Use

Cloud based healthcare computing have changed the face of healthcare in many ways. The main advantages of cloud computing in healthcare are scalability of the required service and the provision to upscale or downsize the data storge, collaborating Artiﬁcial Intelligence (AI) and machine learning. The current paper examined various research studies to explore the utilization of intelligent techniques in health systems and mainly focused into the security and privacy issues in the current technologies. E-Healthcare is an emerging field of medical informatics, referring to the delivery of health services and information using the Internet and related technologies. Rendering efficient storage and security for all data is very important for cloud computing. Securing and privacy preserving of data is of high priority when it comes to cloud storage. E-Healthcare is the most important source in the healthcare society. E-healthcare system is now being popularized globally. Implementing the E-healthcare system will have more advantages such as online services for teleconsultation (second medical opinion), e-prescription, e-referral, telemonitoring, telecare etc. E-healthcare system provides high level of security and cost-effective use of patients records, information and communication in support of healthcare and health related issues.

Download Full-text

Big Data Handling Approach for Unauthorized Access of Cloud Computing

10.20944/preprints202112.0068.v1 ◽

2021 ◽

Author(s):

Abdul Razaque ◽

Shaldanbayeva Nazerke ◽

Bandar Alotaibi ◽

Munif Alotaibi ◽

Akhmetov Murat ◽

...

Keyword(s):

Cloud Computing ◽

Big Data ◽

Access Control ◽

Intrusion Detection ◽

Data Access ◽

Computing System ◽

Data Handling ◽

Unauthorized Access ◽

Data Access Control ◽

Cloud Computing System

Nowadays, cloud computing is one of the important and rapidly growing paradigms that extend its capabilities and applications in various areas of life. The cloud computing system challenges many security issues, such as scalability, integrity, confidentiality, and unauthorized access, etc. An illegitimate intruder may gain access to the sensitive cloud computing system and use the data for inappropriate purposes that may lead to losses in business or system damage. This paper proposes a hybrid unauthorized data handling (HUDH) scheme for Big data in cloud computing. The HUDU aims to restrict illegitimate users from accessing the cloud and data security provision. The proposed HUDH consists of three steps: data encryption, data access, and intrusion detection. HUDH involves three algorithms; Advanced Encryption Standards (AES) for encryption, Attribute-Based Access Control (ABAC) for data access control, and Hybrid Intrusion Detection (HID) for unauthorized access detection. The proposed scheme is implemented using Python and Java language. Testing results demonstrate that the HUDH can delegate computation overhead to powerful cloud servers. User confidentiality, access privilege, and user secret key accountability can be attained with more than 97% high accuracy.

Download Full-text

Enhancing cloud computing security by paillier homomorphic encryption

International Journal of Electrical and Computer Engineering (IJECE) ◽

10.11591/ijece.v11i2.pp1771-1779 ◽

2021 ◽

Vol 11 (2) ◽

pp. 1771

Author(s):

Muna Mohammed Saeed Altaee ◽

Mafaz Alanezi

Keyword(s):

Cloud Computing ◽

Homomorphic Encryption ◽

Security And Privacy ◽

Proxy Server ◽

Process Data ◽

Encrypted Data ◽

Rsa Algorithm ◽

Encryption Algorithms ◽

Will Force ◽

Mathematical Operations

In recent years, the trend has increased for the use of cloud computing, which provides broad capabilities with the sharing of resources, and thus it is possible to store and process data in the cloud remotely, but this (cloud) is untrusted because some parties can connect to the network such as the internet and read or change data because it is not protected, therefore, protecting data security and privacy is one of the challenges that must be addressed when using cloud computing. Encryption is interested in the field of security, confidentiality and integrity of information that sent by a secure connection between individuals or institutions regardless of the method used to prepare this connection. But using the traditional encryption methods to encrypt the data before sending it will force the data provider to send his private key to the server to decrypt the data to perform computations on it. In this paper we present a proposal to secure banking data transmission through the cloud by using partially homomorphic encryption algorithms such as (paillier, RSA algorithm) that allow performing mathematical operations on encrypted data without needing to decryption. A proxy server will also use for performing re-encryption process to enhance security.

Download Full-text

A fully security included Cloud Computing Architecture

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i2.7.10984 ◽

2018 ◽

Vol 7 (2.7) ◽

pp. 807

Author(s):

M Trinath Basu ◽

Dr JKR Sastry

Keyword(s):

Cloud Computing ◽

Service Providers ◽

Computing System ◽

Security System ◽

Third Party ◽

Related Data ◽

Cloud Computing System ◽

Security Infrastructure ◽

Tight Security ◽

Computing Infrastructure

Many developers have designed their own architecture for installing the cloud computing infrastructure. The existing cloud computing architectures differs in many ways. Security has been the serious issue as client related data and processing is undertaken using the infrastructure provided by third party service providers varies greatly. It is necessary to know the extent of inclusion of security into the cloud computing system and then find the best architecture that includes best and tight security system. In this paper, a comparison of existing architectures from the perspective of inclusion of security infrastructure within cloud computing system is presented along with a comprehensive architecture that is included with every aspect of security taking into account the most of the vulnerabilities.

Download Full-text