Sensitive Data Exposure: Data Forwarding and Storage on Cloud Environment

Sensitive data has become an essential part of life today. With the increase in sensitive data, the importance of maintaining its confidentiality and integrity has increased. One of the solutions became to store this data in the cloud. But the risk of revealing this data still exists. This is because the rate of attack, leakage and loss of this data has become a serious matter. The importance of sensitive data in our current era is considered our oil, as it is very important in several uses in statistical analyzes and other important matters that help the authorities to know the type of people and their interests, and when publishing this information it is important to know what information should be available and What information should not appear or be used on the sites. In this paper, discuss this issue, which is one of the most important security issues that is sensitive data exposure. We touched on this research and the techniques used to reduce these risks to the data stored in the cloud. Mention the types of sensitive data and the types of attacks that may affect these data, and mention the points of weakness, and then the methods of protecting this data.

Download Full-text

Fog-Based Delay-Sensitive Data Transmission Algorithm for Data Forwarding and Storage in Cloud Environment for Multimedia Applications

Big Data ◽

10.1089/big.2020.0090 ◽

2020 ◽

Cited By ~ 1

Author(s):

Azath Mubarakali ◽

Anand Deva Durai ◽

Mohmmed Alshehri ◽

Osama AlFarraj ◽

Jayabrabu Ramakrishnan ◽

...

Keyword(s):

Data Transmission ◽

Multimedia Applications ◽

Cloud Environment ◽

Data Forwarding ◽

Sensitive Data ◽

Delay Sensitive ◽

And Storage

Download Full-text

An Intelligent Feature Selection with Optimal Neural Network Based Network Intrusion Detection System for Cloud Environment

International Journal of Engineering and Advanced Technology - Regular Issue ◽

10.35940/ijeat.c6343.029320 ◽

2020 ◽

Vol 9 (3) ◽

pp. 3560-3569

Keyword(s):

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Cloud Environment ◽

Sensitive Data ◽

High Detection Rate ◽

Security Issues ◽

Network Intrusion ◽

Grasshopper Optimization Algorithm ◽

Grasshopper Optimization

At present times, Cloud Computing (CC) becomes more familiar in several domains such as education, media, industries, government, and so on. On the other hand, uploading sensitive data to public cloud storage services involves diverse security issues, specifically integrity, availability and confidentiality to organizations/companies. Besides, the open and distributed (decentralized) structure of the cloud is highly prone to cyber attackers and intruders. Therefore, it is needed to design an intrusion detection system (IDS) for cloud environment to achieve high detection rate with low false alarm rate. The proposed model involves a binary grasshopper optimization algorithm with mutation (BGOA-M) as a feature selector to choose the optimal features. For classification, improved particle swarm optimization (IPSO) based NN model, called IPSO-NN has been derived. The significance of the IPSO-NN model is assessed using a set of two benchmark IDS dataset. The experimental results stated that the IPSO-NN model has achieved maximum accuracy values of 99.36% and 97.80% on the applied NSL-KDD 2015 and CICIDS 2017 dataset. The obtained experimental outcome clearly pointed out the extraordinary detection performance of the IPSO-NN model over the compared methods.

Download Full-text

An Autonomous Cybersecurity Framework for Next-generation Digital Service Chains

Journal of Network and Systems Management ◽

10.1007/s10922-021-09607-7 ◽

2021 ◽

Vol 29 (4) ◽

Author(s):

Matteo Repetto ◽

Domenico Striccoli ◽

Giuseppe Piro ◽

Alessandro Carrega ◽

Gennaro Boggia ◽

...

Keyword(s):

Business Models ◽

Identity Management ◽

Methodological Approach ◽

Value Chains ◽

Sensitive Data ◽

Digital Service ◽

Security Issues ◽

Security Services ◽

New Business ◽

Access Control Management

AbstractToday, the digital economy is pushing new business models, based on the creation of value chains for data processing, through the interconnection of processes, products, services, software, and things across different domains and organizations. Despite the growing availability of communication infrastructures, computing paradigms, and software architectures that already effectively support the implementation of distributed multi-domain value chains, a comprehensive architecture is still missing that effectively fulfills all related security issues: mutual trustworthiness of entities in partially unknown topologies, identification and mitigation of advanced multi-vector threats, identity management and access control, management and propagation of sensitive data. In order to fill this gap, this work proposes a new methodological approach to design and implement heterogeneous security services for distributed systems that combine together digital resources and components from multiple domains. The framework is designed to support both existing and new security services, and focuses on three novel aspects: (i) full automation of the processes that manage the whole system, i.e., threat detection, collection of information and reaction to attacks and system anomalies; (ii) dynamic adaptation of operations and security tasks to newest attack patterns, and (iii) real-time adjustment of the level of detail of inspection and monitoring processes. The overall architecture as well as the functions and relationships of its logical components are described in detail, presenting also a concrete use case as an example of application of the proposed framework.

Download Full-text

A Secure Ciphertext Retrieval Scheme against Insider KGAs for Mobile Devices in Cloud Storage

Security and Communication Networks ◽

10.1155/2018/7254305 ◽

2018 ◽

Vol 2018 ◽

pp. 1-7 ◽

Cited By ~ 11

Author(s):

Run Xie ◽

Chanlian He ◽

Dongqing Xie ◽

Chongzhi Gao ◽

Xiaojun Zhang

Keyword(s):

Cloud Computing ◽

Mobile Devices ◽

Data Privacy ◽

Security Analysis ◽

Data Retrieval ◽

Sensitive Data ◽

Encrypted Data ◽

Security Issues ◽

Efficiency Comparison ◽

Cloud Servers

With the advent of cloud computing, data privacy has become one of critical security issues and attracted much attention as more and more mobile devices are relying on the services in cloud. To protect data privacy, users usually encrypt their sensitive data before uploading to cloud servers, which renders the data utilization to be difficult. The ciphertext retrieval is able to realize utilization over encrypted data and searchable public key encryption is an effective way in the construction of encrypted data retrieval. However, the previous related works have not paid much attention to the design of ciphertext retrieval schemes that are secure against inside keyword-guessing attacks (KGAs). In this paper, we first construct a new architecture to resist inside KGAs. Moreover we present an efficient ciphertext retrieval instance with a designated tester (dCRKS) based on the architecture. This instance is secure under the inside KGAs. Finally, security analysis and efficiency comparison show that the proposal is effective for the retrieval of encrypted data in cloud computing.

Download Full-text

Privacy and Security Issues in Online Social Networks

Future Internet ◽

10.3390/fi10120114 ◽

2018 ◽

Vol 10 (12) ◽

pp. 114 ◽

Cited By ~ 14

Author(s):

Shaukat Ali ◽

Naveed Islam ◽

Azhar Rauf ◽

Ikram Din ◽

Mohsen Guizani ◽

...

Keyword(s):

Social Networks ◽

Online Social Networks ◽

Virtual Communities ◽

Service Providers ◽

Security And Privacy ◽

Security Issue ◽

Sensitive Data ◽

Privacy And Security ◽

Security Issues ◽

Social Sphere

The advent of online social networks (OSN) has transformed a common passive reader into a content contributor. It has allowed users to share information and exchange opinions, and also express themselves in online virtual communities to interact with other users of similar interests. However, OSN have turned the social sphere of users into the commercial sphere. This should create a privacy and security issue for OSN users. OSN service providers collect the private and sensitive data of their customers that can be misused by data collectors, third parties, or by unauthorized users. In this paper, common security and privacy issues are explained along with recommendations to OSN users to protect themselves from these issues whenever they use social media.

Download Full-text

eTPM: A Trusted Cloud Platform Enclave TPM Scheme Based on Intel SGX Technology

Sensors ◽

10.3390/s18113807 ◽

2018 ◽

Vol 18 (11) ◽

pp. 3807 ◽

Cited By ~ 3

Author(s):

Haonan Sun ◽

Rongyu He ◽

Yong Zhang ◽

Ruiyun Wang ◽

Wai Hung Ip ◽

...

Keyword(s):

Virtual Machines ◽

Trusted Computing ◽

Information Leakage ◽

Research Topic ◽

Cloud Environment ◽

Cloud Platform ◽

Computing Technology ◽

Security Issues ◽

Runtime Environment ◽

Cloud Users

Today cloud computing is widely used in various industries. While benefiting from the services provided by the cloud, users are also faced with some security issues, such as information leakage and data tampering. Utilizing trusted computing technology to enhance the security mechanism, defined as trusted cloud, has become a hot research topic in cloud security. Currently, virtual TPM (vTPM) is commonly used in a trusted cloud to protect the integrity of the cloud environment. However, the existing vTPM scheme lacks protections of vTPM itself at a runtime environment. This paper proposed a novel scheme, which designed a new trusted cloud platform security component, ‘enclave TPM (eTPM)’ to protect cloud and employed Intel SGX to enhance the security of eTPM. The eTPM is a software component that emulates TPM functions which build trust and security in cloud and runs in ‘enclave’, an isolation memory zone introduced by SGX. eTPM can ensure its security at runtime, and protect the integrity of Virtual Machines (VM) according to user-specific policies. Finally, a prototype for the eTPM scheme was implemented, and experiment manifested its effectiveness, security, and availability.

Download Full-text

Cloud Computing

International Journal of E-Entrepreneurship and Innovation ◽

10.4018/jeei.2012040104 ◽

2012 ◽

Vol 3 (2) ◽

pp. 51-59 ◽

Cited By ~ 6

Author(s):

Nawsher Khan ◽

A. Noraziah ◽

Elrasheed I. Ismail ◽

Mustafa Mat Deris ◽

Tutut Herawan

Keyword(s):

Cloud Computing ◽

High Availability ◽

Cloud Environment ◽

Network Resource ◽

Business World ◽

Computing Services ◽

Cloud Computing Services ◽

Similarities And Differences ◽

Comprehensive Classification ◽

And Storage

Cloud computing is fundamentally altering the expectations for how and when computing, storage, and networking resources should be allocated, managed, consumed, and allow users to utilize services globally. Due to the powerful computing and storage, high availability and security, easy accessibility and adaptability, reliable scalability and interoperability, cost and time effective cloud computing is the top, needed for current fast growing business world. A client, organization or a trade that adopting emerging cloud environment can choose a well suitable infrastructure, platform, software, and a network resource, for any business, where each one has some exclusive features and advantages. The authors first develop a comprehensive classification for describing cloud computing architecture. This classification help in survey of several existing cloud computing services developed by various projects globally such as Amazon, Google, Microsoft, Sun and Force.com and by using this survey’s results the authors identified similarities and differences of the architecture approaches of cloud computing.

Download Full-text

Factors that Influence the Android Apps Permissions

International Journal of Software Engineering and Technologies (IJSET) ◽

10.11591/ijset.v1i2.4569 ◽

2016 ◽

Vol 1 (2) ◽

pp. 59

Author(s):

Normi Sham Awang Abu Bakar ◽

Iqram Mahmud

Keyword(s):

Not Given ◽

Sensitive Data ◽

Security Issues ◽

Android Apps ◽

Android Applications ◽

Android Market ◽

Malicious Apps ◽

The Right ◽

User Ratings ◽

Average User

The Android Market is the official (and primary) storefor Android applications. The Market provides users with average user ratings, user reviews, descriptions, screenshots,and permissions to help them select applications. Generally, prior to installation of the apps, users need to agree on the permissions requested by the apps, they are not given any other option. Essentially, users may not aware on some security issues that may arise from the permissions. Some apps request the right to manipulate sensitive data, such as GPS location, photos, calendar, contact, email and files. In this paper, we explain the sources of sensitive data, what the malicious apps can do to the data, and apply the empirical software engineering analysis to find the factors that could potentially influence the permissions in Android apps. In addition, we also highlight top ten most implemented permissions in Android apps and also analyse the permissions for the apps categories in Android.

Download Full-text

A Cloud Database based on AES 256 GCM Encryption Through Devolving Web application of Accounting Information System

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.e5269.019521 ◽

2021 ◽

Vol 9 (5) ◽

pp. 216-221

Author(s):

Alameen Abdalrahman

Keyword(s):

Information System ◽

Web Application ◽

Accounting Information ◽

Cloud Service ◽

Cloud Environment ◽

Sensitive Data ◽

Privacy And Security ◽

Accounting Information System ◽

Accounting Data ◽

Encryption And Decryption

The main objective of this research is to use AES 256 GCM encryption and decryption of a web application system database called Accounting Information System (AIS) for achieving more privacy and security in a cloud environment. A cloud environment provides many services such as software, platform, and infrastructure. AIS can use the cloud to store data to achieve accounting with more performance, efficiency, convenience, and cost reduction. On the other hand, cloud environment is not secure because data is kept away from the organization. This paper focuses on how we deal with secure sensitive data such as accounting data AIS web application at web level encryption by using AES 256 GCM encryption to store data as encrypted data at cloud in a secure manner? Accounting Information System (AIS) has very sensitive data and its need to be more secure and safe specially in cloud because it’s not saved at local servers but at another cloud service provider. The storage of encryption and decryption keys are stored in locations and devices different from those in which the database is stored in the cloud for ensuring more safety.

Download Full-text

Big Data Processing Security Issues in Cloud Environment

Advances in Computing Systems and Applications - Lecture Notes in Networks and Systems ◽

10.1007/978-3-319-98352-3_4 ◽

2018 ◽

pp. 27-36

Author(s):

Imene Bouleghlimat ◽

Salima Hacini

Keyword(s):

Big Data ◽

Data Processing ◽

Cloud Environment ◽

Big Data Processing ◽

Security Issues

Download Full-text