Tenant-Oriented Monitoring for Customized Security Services in the Cloud

The dramatic proliferation of cloud computing makes it an attractive target for malicious attacks. Increasing solutions resort to virtual machine introspection (VMI) to deal with security issues in the cloud environment. However, the existing works are not feasible to support tenants to customize individual security services based on their security requirements flexibly. Additionally, adoption of VMI-based security solutions makes tenants at the risk of exposing sensitive information to attackers. To alleviate the security and privacy anxieties of tenants, we present SECLOUD, a framework for monitoring VMs in the cloud for security analysis in this paper. By extending VMI techniques, SECLOUD provides remote tenants or their authorized security service providers with flexible interfaces for monitoring runtime information of guest virtual machines (VMs) in a non-intrusive manner. The proposed framework enhances effectiveness of monitoring by taking advantages of architectural symmetry of cloud environment. Moreover, we harden our framework with a privacy-preserving capacity for tenants. The flexibility and effectiveness of SECLOUD is demonstrated through a prototype implementation based on Xen hypervisor, which results in acceptable performance overhead.

Download Full-text

Privacy and Security Issues in Online Social Networks

Future Internet ◽

10.3390/fi10120114 ◽

2018 ◽

Vol 10 (12) ◽

pp. 114 ◽

Cited By ~ 14

Author(s):

Shaukat Ali ◽

Naveed Islam ◽

Azhar Rauf ◽

Ikram Din ◽

Mohsen Guizani ◽

...

Keyword(s):

Social Networks ◽

Online Social Networks ◽

Virtual Communities ◽

Service Providers ◽

Security And Privacy ◽

Security Issue ◽

Sensitive Data ◽

Privacy And Security ◽

Security Issues ◽

Social Sphere

The advent of online social networks (OSN) has transformed a common passive reader into a content contributor. It has allowed users to share information and exchange opinions, and also express themselves in online virtual communities to interact with other users of similar interests. However, OSN have turned the social sphere of users into the commercial sphere. This should create a privacy and security issue for OSN users. OSN service providers collect the private and sensitive data of their customers that can be misused by data collectors, third parties, or by unauthorized users. In this paper, common security and privacy issues are explained along with recommendations to OSN users to protect themselves from these issues whenever they use social media.

Download Full-text

eTPM: A Trusted Cloud Platform Enclave TPM Scheme Based on Intel SGX Technology

Sensors ◽

10.3390/s18113807 ◽

2018 ◽

Vol 18 (11) ◽

pp. 3807 ◽

Cited By ~ 3

Author(s):

Haonan Sun ◽

Rongyu He ◽

Yong Zhang ◽

Ruiyun Wang ◽

Wai Hung Ip ◽

...

Keyword(s):

Virtual Machines ◽

Trusted Computing ◽

Information Leakage ◽

Research Topic ◽

Cloud Environment ◽

Cloud Platform ◽

Computing Technology ◽

Security Issues ◽

Runtime Environment ◽

Cloud Users

Today cloud computing is widely used in various industries. While benefiting from the services provided by the cloud, users are also faced with some security issues, such as information leakage and data tampering. Utilizing trusted computing technology to enhance the security mechanism, defined as trusted cloud, has become a hot research topic in cloud security. Currently, virtual TPM (vTPM) is commonly used in a trusted cloud to protect the integrity of the cloud environment. However, the existing vTPM scheme lacks protections of vTPM itself at a runtime environment. This paper proposed a novel scheme, which designed a new trusted cloud platform security component, ‘enclave TPM (eTPM)’ to protect cloud and employed Intel SGX to enhance the security of eTPM. The eTPM is a software component that emulates TPM functions which build trust and security in cloud and runs in ‘enclave’, an isolation memory zone introduced by SGX. eTPM can ensure its security at runtime, and protect the integrity of Virtual Machines (VM) according to user-specific policies. Finally, a prototype for the eTPM scheme was implemented, and experiment manifested its effectiveness, security, and availability.

Download Full-text

Improvement of Privacy and Security in Hybrid Cloud with Attribute Group Based Access Control

International Journal of Scientific Research in Computer Science Engineering and Information Technology ◽

10.32628/cseit19518 ◽

2019 ◽

pp. 57-61

Author(s):

Kayalvili S ◽

Sowmitha V

Keyword(s):

Cloud Computing ◽

Access Control ◽

Data Storage ◽

Service Providers ◽

Cloud Service ◽

Security Requirements ◽

Security And Privacy ◽

Data Outsourcing ◽

Privacy And Security ◽

Control Approach

Cloud computing enables users to accumulate their sensitive data into cloud service providers to achieve scalable services on-demand. Outstanding security requirements arising from this means of data storage and management include data security and privacy. Attribute-based Encryption (ABE) is an efficient encryption system with fine-grained access control for encrypting out-sourced data in cloud computing. Since data outsourcing systems require flexible access control approach Problems arises when sharing confidential corporate data in cloud computing. User-Identity needs to be managed globally and access policies can be defined by several authorities. Data is dual encrypted for more security and to maintain De-Centralization in Multi-Authority environment.

Download Full-text

Privacy and Security in e-Health Applications

User-Driven Healthcare ◽

10.4018/978-1-4666-2770-3.ch058 ◽

2012 ◽

pp. 1141-1166

Author(s):

Milan Petkovic ◽

Luan Ibraimi

Keyword(s):

Digital Technologies ◽

Health Data ◽

Security Requirements ◽

Security And Privacy ◽

Sensitive Information ◽

Privacy And Security ◽

Security Technologies ◽

Technological Means ◽

The Individual ◽

Health Applications

The introduction of e-Health and extramural applications in the personal healthcare domain has raised serious concerns about security and privacy of health data. Novel digital technologies require other security approaches in addition to the traditional “purely physical” approach. Furthermore, privacy is becoming an increasing concern in domains that deal with sensitive information such as healthcare, which cannot absorb the costs of security abuses in the system. Once sensitive information about an individual’s health is uncovered and social damage is done, there is no way to revoke the information or to restitute the individual. Therefore, in addition to legal means, it is very important to provide and enforce privacy and security in healthcare by technological means. In this chapter, the authors analyze privacy and security requirements in healthcare, explain their importance and review both classical and novel security technologies that could fulfill these requirements.

Download Full-text

Efficient Cyber Security Framework for Smart Cities

Secure Cyber-Physical Systems for Smart Cities - Advances in Computer and Electrical Engineering ◽

10.4018/978-1-5225-7189-6.ch006 ◽

2019 ◽

pp. 130-157 ◽

Cited By ~ 2

Author(s):

Amtul Waheed ◽

Jana Shafi

Keyword(s):

Cyber Security ◽

Smart City ◽

Smart Cities ◽

Cost Effective ◽

Cyber Attacks ◽

Security And Privacy ◽

Sensitive Information ◽

Security Framework ◽

Smart Transportation ◽

Security Issues

Smart cities are established on some smart components such as smart governances, smart economy, science and technology, smart politics, smart transportation, and smart life. Each and every smart object is interconnected through the internet, challenging the security and privacy of citizen's sensitive information. A secure framework for smart cities is the only solution for better and smart living. This can be achieved through IoT infrastructure and cloud computing. The combination of IoT and Cloud also increases the storage capacity and computational power and make services pervasive, cost-effective, and accessed from anywhere and any device. This chapter will discuss security issues and challenges of smart city along with cyber security framework and architecture of smart cities for smart infrastructures and smart applications. It also presents a general study about security mechanism for smart city applications and security protection methodology using IOT service to stand against cyber-attacks.

Download Full-text

Study and Survey on Blockchain Privacy and Security Issues

Research Anthology on Privatizing and Securing Data ◽

10.4018/978-1-7998-8954-0.ch007 ◽

2021 ◽

pp. 169-191

Author(s):

Sourav Banerjee ◽

Debashis Das ◽

Manju Biswas ◽

Utpal Biswas

Keyword(s):

Data Storage ◽

Security And Privacy ◽

Sensitive Information ◽

Privacy And Security ◽

Unauthorized Access ◽

Security Issues ◽

Blockchain Technology ◽

Targeted Attacks ◽

Wide Range ◽

Financial Transactions

Blockchain-based technology is becoming increasingly popular and is now used to solve a wide range of tasks. And it's not all about cryptocurrencies. Even though it's based on secure technology, a blockchain needs protection as well. The risks of exploits, targeted attacks, or unauthorized access can be mitigated by the instant incident response and system recovery. Blockchain technology relies on a ledger to keep track of all financial transactions. Ordinarily, this kind of master ledger would be a glaring point of vulnerability. Another tenet of security is the chain itself. Configuration flaws, as well as insecure data storage and transfers, may cause leaks of sensitive information. This is even more dangerous when there are centralized components within the platform. In this chapter, the authors will demonstrate where the disadvantages of security and privacy in blockchain are currently and discuss how blockchain technology can improve these disadvantages and outlines the requirements for future solution.

Download Full-text

Efficient Hierarchical Authentication Protocol for Multiserver Architecture

Security and Communication Networks ◽

10.1155/2020/2523834 ◽

2020 ◽

Vol 2020 ◽

pp. 1-14

Author(s):

Jiangheng Kou ◽

Mingxing He ◽

Ling Xiong ◽

Zeqiong Lv

Keyword(s):

Service Providers ◽

Security Analysis ◽

Authentication Protocol ◽

Security Requirements ◽

Secure Communications ◽

Security Model ◽

Practical Applications ◽

Levels Of Service ◽

Different Levels ◽

Provably Secure

The multiserver architecture authentication (MSAA) protocol plays a significant role in achieving secure communications between devices. In recent years, researchers proposed many new MSAA protocols to gain more functionality and security. However, in the existing studies, registered users can access to all registered service providers in the system without any limitation. To ensure that the system can restrict users that are at different levels and can access to different levels of service providers, we propose a new lightweight hierarchical authentication protocol for multiserver architecture using a Merkle tree to verify user’s authentication right. The proposed protocol has hierarchical authentication functionality, high security, and reasonable computation and communication costs. Moreover, the security analysis demonstrates that the proposed protocol satisfies the security requirements in practical applications, and the proposed protocol is provably secure in the general security model.

Download Full-text

Mobile Government Applications Based on Security and Privacy: A Literature Review

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i4.1.19492 ◽

2018 ◽

Vol 7 (4.1) ◽

pp. 51

Author(s):

Ala'a Saeb Al-Sherideh ◽

Roesnita Ismail ◽

Fauziah Abdul Wahid ◽

Norasikin Fabil ◽

Waidah Ismail

Keyword(s):

Literature Review ◽

Mobile Applications ◽

Public Services ◽

Security Requirements ◽

Security And Privacy ◽

Privacy And Security ◽

The Public ◽

Privacy Requirements ◽

Security Issues ◽

The Government

Mobile applications available in anytime and from anywhere. The utilizing of mobile governmental applications is significant to reduce the efforts and time that are required to accomplish the public services by citizens. The main challenges that face the acceptance and adoption of mobile governmental applications are the privacy and security issues. The users, who do not trust the security of mobile governmental applications, may reject the use of these applications which discourages the government to adopt the mobile services. This study focuses in investigating the security and privacy requirements of mobile government applications. Many related works are reviewed and discussed to understand the important security requirements of mobile government applications. The main results indicate that effective privacy and security of mobile government applications should be assured so as to enhance the level of adopting and using these applications. The security requirements involve many considerations such as the hardware characteristics, software characteristics, and communication characteristics. This article mainly gives better understanding of security requirements of mobile government applications.

Download Full-text

On Data Security and Encryption Algorithms in Cloud Environment

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.701-702.1106 ◽

2014 ◽

Vol 701-702 ◽

pp. 1106-1111 ◽

Cited By ~ 1

Author(s):

Xin Zheng Zhang ◽

Ya Juan Zhang

Keyword(s):

Cloud Computing ◽

Data Storage ◽

Data Security ◽

Service Providers ◽

Cloud Service ◽

Working Environment ◽

Cloud Environment ◽

Cloud Data ◽

Security Issues ◽

Encryption Algorithms

As information and processes are migrating to the cloud, Cloud Computing is drastically changing IT professionals’ working environment. Cloud Computing solves many problems of conventional computing. However, the new technology has also created new challenges such as data security, data ownership and trans-code data storage. We discussed about Cloud computing security issues, mechanism, challenges that Cloud service providers and consumers face during Cloud engineering. Based on concerning of security issues and challenges, we proposed several encryption algorithms to make cloud data secure and invulnerable. We made comparisons among DES, AES, RSA and ECC algorithms to find combinatorial optimization solutions, which fit Cloud environment well for making cloud data secure and not to be hacked by attackers.

Download Full-text

Protecting the Security and Privacy of the Virtual Machine through Privilege Separation

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.347-350.2488 ◽

2013 ◽

Vol 347-350 ◽

pp. 2488-2494 ◽

Cited By ~ 3

Author(s):

Cong Yu ◽

Li Xin Li ◽

Kui Wang ◽

Wen Tao Yu

Keyword(s):

Virtual Machine ◽

Mutual Authentication ◽

Security Analysis ◽

Performance Testing ◽

Security And Privacy ◽

Prototype System ◽

Security Model ◽

Server Side ◽

Security Issues ◽

Management Domain

Virtual machine security issues have been the focus of attention. The permissions of traditional administrative domain Dom0 are too large, so that the user's privacy is threatened. Once the attacker compromises Dom0, it can threaten the entire virtualization platform. This paper introduces a privilege separation virtual machine security model (PSVM). Dom0s privileges are split into two parts: the operations about the user's privacy form a DomU management domain, responsible for managing the user's privacy; remaining forms Thin Dom0. Users and virtualization platform for server-side need mutual authentication. It can prevent unauthorized users and counterfeiting Virtualization platform invading system. The user's privacy is under its own management to prevent the Virtualization platform snooping. However, it affects only one user, even if the management domain is compromised. Combined with the model, the prototype system is implemented and security analysis and performance testing is done.

Download Full-text