scholarly journals Reducing Cloud Data Breaches and Improving Data Security using Honey Encryption Algorithm

2019 ◽  
Vol 8 (11S) ◽  
pp. 1260-1264
Keyword(s):  
Data Security ◽  
Encryption Algorithm ◽  
Secret Key ◽  
Sensitive Data ◽  
Data Breach ◽  
Cloud Data ◽  
Data Breaches ◽  
Proposed Model ◽  
Security Event ◽  
Cloud Applications

Data security is the most predominant measure that should be followed in any organization to prevent uncertified access to user’s data. A data breach is a security event in which sensitive data is viewed, transmitted, stolen or used by an unauthorized individual. A number of breaches include compromised password files which reveal the passwords of millions of users in an organization. The paper is intended to identify such password breaches through honey encryption technique. Using the concept of honey words, each user has a list of sweet words corresponding to their account, out of which only one is original password and remaining are fake passwords. During Honey Encryption, Distribution-transforming encoder (DTE) is applied on the password to acquire the seed space which is then encrypted by using secret key. The proposed model can be efficiently implemented in cloud applications to highly reduce cloud data breaches.

scholarly journals A Privacy Preserving Cloud-Based K-NN Search Scheme with Lightweight User Loads

Computers ◽  
2020 ◽  
Vol 9 (1) ◽  
pp. 1 ◽  
Author(s):  
Yeong-Cherng Hsu ◽  
Chih-Hsin Hsueh ◽  
Ja-Ling Wu
Keyword(s):  
Data Privacy ◽  
Nearest Neighbor ◽  
Search Algorithm ◽  
Data Access ◽  
Privacy Preserving ◽  
Secret Key ◽  
K Nearest Neighbor ◽  
Sensitive Data ◽  
Cloud Data ◽  
Cloud Server

With the growing popularity of cloud computing, it is convenient for data owners to outsource their data to a cloud server. By utilizing the massive storage and computational resources in cloud, data owners can also provide a platform for users to make query requests. However, due to the privacy concerns, sensitive data should be encrypted before outsourcing. In this work, a novel privacy preserving K-nearest neighbor (K-NN) search scheme over the encrypted outsourced cloud dataset is proposed. The problem is about letting the cloud server find K nearest points with respect to an encrypted query on the encrypted dataset, which was outsourced by data owners, and return the searched results to the querying user. Comparing with other existing methods, our approach leverages the resources of the cloud more by shifting most of the required computational loads, from data owners and query users, to the cloud server. In addition, there is no need for data owners to share their secret key with others. In a nutshell, in the proposed scheme, data points and user queries are encrypted attribute-wise and the entire search algorithm is performed in the encrypted domain; therefore, our approach not only preserves the data privacy and query privacy but also hides the data access pattern from the cloud server. Moreover, by using a tree structure, the proposed scheme could accomplish query requests in sub-liner time, according to our performance analysis. Finally, experimental results demonstrate the practicability and the efficiency of our method.

A Robust Lightweight Data Security Model for Cloud Data Access and Storage

2021 ◽  
Vol 16 (3) ◽  
pp. 39-53
Author(s):  
Pajany M. ◽  
Zayaraz G.
Keyword(s):  
Data Storage ◽  
Data Security ◽  
Data Access ◽  
Data Retrieval ◽  
Security Model ◽  
Cloud Data ◽  
Data Merging ◽  
Major Benefit ◽  
Proposed Model ◽  
And Storage

In this paper, an efficient lightweight cloud-based data security model (LCDS) is proposed for building a secured cloud database with the assistance of intelligent rules, data storage, information collection, and security techniques. The major intention of this study is to introduce a new encryption algorithm to secure intellectual data, proposing a new data aggregation algorithm for effective data storage and improved security, developing an intelligent data merging algorithm for accessing encrypted and original datasets. The major benefit of the proposed model is that it is fast in the encryption process at the time of data storage and reduced decryption time during data retrieval. In this work, the authors proposed an enhanced version of the hybrid crypto algorithm (HCA) for cloud data access and storage. The proposed system provides secured storage for storing data within the cloud.

An Efficient Privacy-Preserving Attribute-Based Encryption with Hidden Policy for Cloud Storage

2019 ◽  
Vol 28 (11) ◽  
pp. 1950186
Author(s):  
Chanying Huang ◽  
Songjie Wei ◽  
Anmin Fu
Keyword(s):  
Access Control ◽  
Data Security ◽  
Privacy Protection ◽  
Cloud Storage ◽  
Privacy Preserving ◽  
Equivalent Transformation ◽  
Secret Key ◽  
Cloud Data ◽  
Attribute Based Encryption ◽  
Key Length

Cloud storage is one of the most widely-used storage services, because it can provide users with unlimited, scalable, low-cost and convenient resource services. When data is outsourced to cloud for storage, data security and access control are the two essential issues that need to be addressed. Attribute-based encryption (ABE) scheme can provide sufficient data security and fine-grained access control for cloud data. As more and more attention is drawn to privacy protection, privacy preservation becomes another urgent issue for cloud storage. In ABE, since the access policies are generally stored in clear text, it will lead to the disclosure of users’ privacy. Some works sacrifice computational efficiency, key length or ciphertext size for privacy concerns. To solve these problems, this paper proposes an efficient privacy-preserving attribute-based encryption scheme with hidden policy for outsourced data. Using the idea of Boolean equivalent transformation, the proposed scheme achieves fast encryption and privacy protection for both data owner and legitimate visitors. In addition, the proposed scheme can satisfy constant secret key length and reasonable size of ciphertext requirements. We also conduct theoretical security analysis, and carry out experiments to prove that the proposed scheme has good performance in terms of computation, communication and storage overheads.

Data breaches in hospitality: is the industry different?

2020 ◽  
Vol 11 (3) ◽  
pp. 511-527
Author(s):  
Kholekile Gwebu ◽  
Clayton W. Barrows
Keyword(s):  
Data Security ◽  
Hospitality Industry ◽  
Secondary Data ◽  
Data Breach ◽  
Content Type ◽  
Data Breaches ◽  
Hospitality Firms ◽  
Areas Of Concern ◽  
External Actors ◽  
Security Incidents

Purpose The purpose of this study is to expand on the existing literature by specifically examining data security incidents within the hospitality industry, assessing origins and causes, comparing breaches within the industry with those of other industries and identifying areas of concern. Design/methodology/approach A sample of data breach incidents is drawn from the Verizon VERIS Community Database (VCDB). Statistical comparisons between hospitality and non-hospitality industry firms are conducted following the Verizon A4 threat framework. Findings The results reveal that breaches between hospitality and non-hospitality firms differ significantly in terms of actors, actions, assets and attributes. Specifically, proportions of breaches in the hospitality industry are larger in terms of external actors, hacking and malware, user devices compromised and integrity violations. Additionally, compared to other industries, point-of-sales (POS) system breaches occur at a higher rate in the hospitality industry. The study finds that company size, hacking and malware predict the likelihood of a POS breach. Research limitations/implications The study uses secondary data and does not include the entire universe of data breaches. Originality/value In the quest to reduce data breach incidents, it is imperative to identify and assess the nature of data breach incidents between industries. Doing so permits the development of targeted industry-specific solutions rather than generic ones. This study systematically identifies differences between hospitality and non-hospitality data security incidents and then suggests areas where hospitality companies should focus future attention to mitigate breach incidents.

scholarly journals Fully Homomorphic Cipher Based on Finite Algebraic Structures

2019 ◽  
pp. 97-103
Author(s):  
Y. Ts. Alaverdyan ◽  
E. G. Satimova
Keyword(s):  
Cloud Computing ◽  
Data Security ◽  
Homomorphic Encryption ◽  
Encryption Algorithm ◽  
Cloud Provider ◽  
Algebraic Structures ◽  
Encrypted Data ◽  
Cloud Data ◽  
Cryptographic Algorithm ◽  
Cloud Data Processing

A way to increase the robustness of a cryptographic algorithm toward unauthorized inversion can be obtained through application of non-commutative or non-associative algebraic structures. In this regard, data security became a great issue in adaptation of cloud computing over Internet. While in the traditional encryption methods, security to data in storage state and transmission state is provided, in cloud data processing state, decryption of data is assumed, data being available to cloud provider. In this paper, we propose a special homomorphism between self-distributed and non-associative algebraic structures, which can stand as a premise to construct a homomorphic encryption algorithm aimed at the cloud data security in processing state. Homomorphic encryption so developed will allow users to operate encrypted data directly bypassing the decryption.

scholarly journals Security as a Service by Verification using Information System (Info-Sys) in Cloud Network

2020 ◽  
Vol 9 (4) ◽  
pp. 2253-2258
Keyword(s):  
Information System ◽  
Data Security ◽  
Secret Key ◽  
Sensitive Data ◽  
Cloud Computing Security ◽  
Organizational Network ◽  
Aes Algorithm ◽  
Encryption And Decryption ◽  
Security As A Service ◽  
Cloud Network

Security in Cloud Network is essential and data security is required when data is transmitted from the sender device to receiver end and vice versa. Sometimes, the eavesdroppers might steal sensitive data which is dangerous for the users of the cloud network. The goal of the paper is to propose a newer dimension to Cloud Computing - ‘Security as a Service by verification using Information System in Cloud Network’ in which an authentication procedure is used from the user side to ensure the privacy of the network. AES algorithm is used to encrypt the Unique Identification Number (UID) provided by the user to hide from the eavesdroppers and decrypt the same at the receiver end. In this algorithm, the same key is used for encryption and decryption process. Therefore, the sender and the receiver must know and use the same secret key. We have introduced an Information System that keeps track of all users and helps during the verification. Decryption of the encrypted UID will also be done in this system. It also helps to manage session of all users who have logged into the system and tries to access the information with the UID. If the user shares one’s UID with other personnel and if it causes any problem of insecurity in organizational network, then it will also be caught by the Information System. This helps to protect the cloud network from the trespassers and increases security of the network.

scholarly journals Image Encryption Algorithm Based on a Novel Six-Dimensional Hyper- Chaotic System

2020 ◽  
Vol 31 (1) ◽  
pp. 54
Author(s):  
Sadiq A. Mehdi ◽  
Zaydon Latif Ali
Keyword(s):  
Image Encryption ◽  
Chaotic System ◽  
Data Security ◽  
Initial Conditions ◽  
Multimedia Data ◽  
Encryption Algorithm ◽  
Hyperchaotic System ◽  
Secret Key ◽  
Promising Alternative ◽  
Multimedia Data Security

Due to the rapid evaluation in the field of communications and multimedia and the increasing use of the Internet, multimedia data security has become very urgent. of the best alternative way to achieve multimedia data security is encryption, which prevents unauthorized entities from accessing confidential data. In recent years, the chaotic system of image encryption becomes an efficient way to encrypt images due to its high security. It has certain special properties like sensitivity to initial conditions, and control parameters, pseudorandom, ergodicity, and non-convergence, etc. chaotic dynamics systems became a promising alternative to traditional encryption algorithms. In this paper, This paper presents a new algorithm for the image encryption/decryption scheme depended on a  novel six-dimensional hyper-chaotic system to achieve a high level of security, the chaotic sequence generated from system employ for permutation and diffusion the original image to create an encrypted image.  The performance of  the algorithm has been analyzed through analyzes statistical such  as  Histogram  Analysis,  Correlation  Coefficient  Analysis,  Information  Entropy Analysis, Key Space Analysis, Key Sensitivity Analysis, Number of Pixels Change Rate (NPCR), Unified Average Changing Intensity (UACI), Peak Signal to Noise Ratio, The experimental results show that the algorithm has good encryption performance, large keyspace equals to  and the high sensitivity  for  small  changes  in  secret key  which makes  the  algorithm  immune  to Brute  force  attacks,  and  it  can  resist  the  statistical  attacks, therefore,  the presented  encryption  algorithm depends on a novel hyperchaotic system is more secure against the statistical and differential attacks.

scholarly journals Comparative Analysis of Some Efficient Data Security Methods among Cryptographic Techniques for Cloud Data Security

2020 ◽  
Vol 27 (1) ◽  
pp. 81-88
Author(s):  
M.A.T. Abubakar ◽  
A. Aloysius ◽  
Z. Umar ◽  
M. Dauda
Keyword(s):  
Comparative Analysis ◽  
Data Storage ◽  
Data Security ◽  
Data Privacy ◽  
Cloud Service ◽  
Original Data ◽  
Sensitive Data ◽  
Cloud Data ◽  
Data Control ◽  
Encryption Algorithms

The concept of cloud computing model is to grant users access to outsource data from the cloud server without them having to worry about aspects of the hardware and software management. The owner of the data encrypts it before outsourcing to a Cloud Service Provider (CSP) server for effective deployment of sensitive data. Data confidentiality is a demanding task of cloud data protection. Thus, to solve this problem, lots of techniques are needed to defend the shared data. We focus on cryptography to secure the data while transmitting in the network. We deployed Advanced Encryption Standard (AES) used as encryption method for cloud data security, to encrypt the sensitive data which is to be transmitted from sender to receiver in the network and to decrypt so that the receiver can view the original data. Arrays of encryption systems are being deployed in the world of Information Systems by various organizations. In this paper, comparative analysis of some various encryption algorithms in cryptography have been implemented by comparing their performance in terms of stimulated time during Encryption and decryption in the network. Keywords: AES, Data Control, Data Privacy, Data Storage, Encryption Algorithms, Verification.

Sign in / Sign up

Export Citation Format

Share Document