Hardware-Based Security for Ensuring Data Privacy in the Cloud

In this chapter, the authors present a set of hardware-based security mechanisms for ensuring the privacy, integrity, and legal compliance of customer data as it is stored and processed in the cloud. The presented security system leverages the tamper-proof capabilities of cryptographic coprocessors to establish a secure execution domain in the computing cloud that is physically and logically protected from unauthorized access. The main design goal is to maximize users’ control in managing the various aspects related to the privacy of sensitive data by implementing user-configurable software protection and data privacy categorization mechanisms. Moreover, the proposed system provides a privacy feedback protocol to inform users of the different privacy operations applied on their data and to make them aware of any data leaks or risks that may jeopardize the confidentiality of their sensitive information. Providing a secure privacy feedback protocol increases the users’ trust in the cloud computing services, relieves their privacy concerns, and supports a set of accountable auditing services required to achieve legal compliance and certification.

Download Full-text

Privacy Preserving and Efficient Outsourcing Algorithm to Public Cloud

Research Anthology on Privatizing and Securing Data ◽

10.4018/978-1-7998-8954-0.ch039 ◽

2021 ◽

pp. 857-878

Author(s):

Malay Kumar ◽

Manu Vardhan

Keyword(s):

Data Privacy ◽

Classification Systems ◽

Third Party ◽

Cloud Data ◽

Computing Services ◽

Cloud Server ◽

Cloud Computing Services ◽

Cloud Data Centers ◽

Outsourcing Algorithm ◽

Direct Implementation

The growth of the cloud computing services and its proliferation in business and academia has triggered enormous opportunities for computation in third-party data management settings. This computing model allows the client to outsource their large computations to cloud data centers, where the cloud server conducts the computation on their behalf. But data privacy and computational integrity are the biggest concern for the client. In this article, the authors attempt to present an algorithm for secure outsourcing of a covariance matrix, which is the basic building block for many automatic classification systems. The algorithm first performs some efficient transformation to protect the privacy and verify the computed result produced by the cloud server. Further, an analytical and experimental analysis shows that the algorithm is simultaneously meeting the design goals of privacy, verifiability and efficiency. Also, found that the proposed algorithm is about 7.8276 times more efficient than the direct implementation.

Download Full-text

Privacy Preserving and Efficient Outsourcing Algorithm to Public Cloud

International Journal of Information Security and Privacy ◽

10.4018/ijisp.2018040101 ◽

2018 ◽

Vol 12 (2) ◽

pp. 1-25 ◽

Cited By ~ 2

Author(s):

Malay Kumar ◽

Manu Vardhan

Keyword(s):

Data Privacy ◽

Classification Systems ◽

Third Party ◽

Cloud Data ◽

Computing Model ◽

Computing Services ◽

Cloud Server ◽

Cloud Computing Services ◽

Cloud Data Centers ◽

Outsourcing Algorithm

Download Full-text

Data Privacy Preservation and Security Approaches for Sensitive Data in Big Data

10.3233/apc210221 ◽

2021 ◽

Author(s):

Rohit Ravindra Nikam ◽

Rekha Shahapurkar

Keyword(s):

Data Mining ◽

Data Analytics ◽

Data Privacy ◽

Privacy Preservation ◽

Large Data ◽

Research Area ◽

Data Sets ◽

Sensitive Information ◽

Sensitive Data ◽

Data Mining Techniques

Data mining is a technique that explores the necessary data is extracted from large data sets. Privacy protection of data mining is about hiding the sensitive information or identity of breach security or without losing data usability. Sensitive data contains confidential information about individuals, businesses, and governments who must not agree upon before sharing or publishing his privacy data. Conserving data mining privacy has become a critical research area. Various evaluation metrics such as performance in terms of time efficiency, data utility, and degree of complexity or resistance to data mining techniques are used to estimate the privacy preservation of data mining techniques. Social media and smart phones produce tons of data every minute. To decision making, the voluminous data produced from the different sources can be processed and analyzed. But data analytics are vulnerable to breaches of privacy. One of the data analytics frameworks is recommendation systems commonly used by e-commerce sites such as Amazon, Flip Kart to recommend items to customers based on their purchasing habits that lead to characterized. This paper presents various techniques of privacy conservation, such as data anonymization, data randomization, generalization, data permutation, etc. such techniques which existing researchers use. We also analyze the gap between various processes and privacy preservation methods and illustrate how to overcome such issues with new innovative methods. Finally, our research describes the outcome summary of the entire literature.

Download Full-text

De-Identification of Health Data in Big Data using a Novel Bio-Inspired Apoptosis Algorithm

International Journal of Organizational and Collective Intelligence ◽

10.4018/ijoci.2015070101 ◽

2015 ◽

Vol 5 (3) ◽

pp. 1-15

Author(s):

Amine Rahmani ◽

Abdelmalek Amine ◽

Reda Mohamed Hamou

Keyword(s):

Big Data ◽

New Technologies ◽

Sensitive Information ◽

Sensitive Data ◽

Privacy Concerns ◽

Shared Data ◽

Data Mining Algorithms ◽

Identity Disclosure ◽

Using Data ◽

Mining Algorithms

In the last years, with the emergence of new technologies in the image of big data, the privacy concerns had grown widely. However, big data means the dematerialization of the data. The classical security solutions are no longer efficient in this case. Nowadays, sharing the data is much easier as well as saying hello. The amount of shared data over the web keeps growing from day to another which creates a wide gap between the purpose of sharing data and the fact that these last contain sensitive information. For that, the researches turned their attention to new issues and domains in order to minimize this gap. In other way, they intended to ensure a good utility of data by preserving its meaning while hiding sensitive information to prevent identity disclosure. Many techniques had been used for that. Some of it is mathematical and other ones using data mining algorithms. This paper deals with the problem of hiding sensitive data in shared structured medical data using a new bio-inspired algorithm from the natural phenomena of apoptosis cells in human body.

Download Full-text

Government Cloud Procurement

10.1017/9781108942485 ◽

2021 ◽

Author(s):

Kevin McGillivray

Keyword(s):

Cloud Computing ◽

Data Privacy ◽

Service Providers ◽

Cloud Service ◽

Information And Communications Technology ◽

Freedom Of Information ◽

Legal Requirements ◽

Privacy Law ◽

Computing Services ◽

Cloud Computing Services

In Government Cloud Procurement, Kevin McGillivray explores the question of whether governments can adopt cloud computing services and still meet their legal requirements and other obligations to citizens. The book focuses on the interplay between the technical properties of cloud computing services and the complex legal requirements applicable to cloud adoption and use. The legal issues evaluated include data privacy law (GDPR and the US regime), jurisdictional issues, contracts, and transnational private law approaches to addressing legal requirements. McGillivray also addresses the unique position of governments when they outsource core aspects of their information and communications technology to cloud service providers. His analysis is supported by extensive research examining actual cloud contracts obtained through Freedom of Information Act requests. With the demand for cloud computing on the rise, this study fills a gap in legal literature and offers guidance to organizations considering cloud computing.

Download Full-text

A Modified Cloud-Based Cryptographic Agent for Cloud Data Integrity

International Journal of Interactive Mobile Technologies (iJIM) ◽

10.3991/ijim.v11i2.6553 ◽

2017 ◽

Vol 11 (2) ◽

pp. 6 ◽

Cited By ~ 1

Author(s):

Basma Badawi Hathout ◽

Samy Ghoniemy ◽

Osman Ibrahim

Keyword(s):

Data Storage ◽

Data Privacy ◽

Homomorphic Encryption ◽

Security And Privacy ◽

Detection Accuracy ◽

Software Protection ◽

Legal Compliance ◽

Text Documents ◽

Cloud Data ◽

Multi Agent

In spite of all the advantages delivered by cloud computing, several challenges are hindering the migration of customer software and data into the cloud. On top of the list is the security and privacy concerns arising from the storage and processing of sensitive data on remote machines that are not owned, or even managed by the customers themselves. In this paper, initially a homomorphic encryption-based Cryptographic Agent is proposed. The proposed Cryptographic Agent is based on Paillier scheme, and is supported by user-configurable software protection and data privacy categorization agents, as well as set of accountable auditing services required to achieve legal compliance and certification. This scheme was tested using different text documents with different sizes. Testing results showed that as the size of the document increases, the size of the generated key increases dramatically causing a major problem in regards to the processing time and the file size especially for large documents. This leaded us to the second part of this research which is: a modified security architecture that adds two major autonomic security detective agents to the multi-agent architecture of cloud data storage. In this paper, we focus on the first agent namely (Automated Master Agent, AMA) that is added to the Multi Agent System Architecture (MASA) layer (cloud client-side) by which any changes happen in the document are mapped in a QR code encoded key print (KP). Experimental results after integrating these agents showed a 100% alternation detection accuracy and a superiority in extracting the KP of large and very large size documents which exceeds the currently available products and leverage the tamper-proof capabilities of cryptographic coprocessors to establish a secure execution domain in the computing cloud that is physically and logically protected from unauthorized access.

Download Full-text

A Sub Chunk-Confusion Based Privacy Protection Mechanism for Association Rules in Cloud Services

International Journal of Software Engineering and Knowledge Engineering ◽

10.1142/s0218194016400015 ◽

2016 ◽

Vol 26 (04) ◽

pp. 539-562 ◽

Cited By ~ 2

Author(s):

Yuliang Shi ◽

Zhongmin Zhou ◽

Lizhen Cui ◽

Shijun Liu

Keyword(s):

Association Rules ◽

Privacy Protection ◽

Data Privacy ◽

Cloud Services ◽

Protection Mechanism ◽

Security Issues ◽

Computing Services ◽

Real World Applications ◽

Protection Technology ◽

Cloud Computing Services

In cloud computing services, according to the customized privacy protection policy by the tenant and the sub chunk-confusion based on privacy protection technology, we can partition the tenant’s data into many chunks and confuse the relationships among chunks, which makes the attacker cannot infer tenant’s information by simply combining attributes. But it still has security issues. For example, with the amount of data growing, there may be a few hidden association rules among some attributes of the data chunks. Through these rules, it is possible to get some of the privacy information of the tenant. To address this issue, the paper proposes a privacy protection mechanism based on chunk-confusion privacy protection technology for association rules. The mechanism can detect unidimensional and multidimensional attributes association rules, hide them by adding fake data, re-chunking and re-grouping, and then ensure the privacy of tenant’s data. In addition, this mechanism also provides evaluation formulas. They filter detected association rules, remove the invalid and improve system performance. They also evaluate the effect of privacy protection. The experimental evaluation proves that the mechanism proposed in this paper can better protect the data privacy of tenant and has feasibility and practicality in real world applications.

Download Full-text

The issues connected with the anonymization of medical data. Part 1. The introduction to the anonymization of medical data. Ensuring the protection of sensitive information with the use of such methods as f(a) and f(a,b)

HIGHER SCHOOL’S PULSE ◽

10.5604/01.3001.0003.3155 ◽

2014 ◽

Vol 8 (1) ◽

pp. 13-21 ◽

Cited By ~ 1

Author(s):

ARKADIUSZ LIBER

Keyword(s):

Privacy Protection ◽

Data Privacy ◽

Differential Privacy ◽

Medical Data ◽

Medical Documentation ◽

Sensitive Information ◽

Sensitive Data ◽

New Methods ◽

Anonymized Data ◽

Data Privacy Protection

Introduction: Medical documentation must be protected against damage or loss, in compliance with its integrity and credibility and the opportunity to a permanent access by the authorized staff and, finally, protected against the access of unauthorized persons. Anonymization is one of the methods to safeguard the data against the disclosure.Aim of the study: The study aims at the analysis of methods of anonymization, the analysis of methods of the protection of anonymized data and the study of a new security type of privacy enabling to control sensitive data by the entity which the data concerns.Material and methods: The analytical and algebraic methods were used.Results: The study ought to deliver the materials supporting the choice and analysis of the ways of the anonymization of medical data, and develop a new privacy protection solution enabling the control of sensitive data by entities whom this data concerns.Conclusions: In the paper, the analysis of solutions of data anonymizing used for medical data privacy protection was con-ducted. The methods, such as k-Anonymity, (X,y)- Anonymity, (a,k)- Anonymity, (k,e)-Anonymity, (X,y)-Privacy, LKC-Privacy, l-Diversity, (X,y)-Linkability, t-Closeness, Confidence Bounding and Personalized Privacy were described, explained and analyzed. The analysis of solutions to control sensitive data by their owners was also conducted. Apart from the existing methods of the anonymization, the analysis of methods of the anonimized data protection was conducted, in particular the methods of: d-Presence, e-Differential Privacy, (d,g)-Privacy, (a,b)-Distributing Privacy and protections against (c,t)-Isolation were analyzed. The author introduced a new solution of the controlled protection of privacy. The solution is based on marking a protected field and multi-key encryption of the sensitive value. The suggested way of fields marking is in accordance to the XML standard. For the encryption (n,p) different key cipher was selected. To decipher the content the p keys of n is used. The proposed solution enables to apply brand new methods for the control of privacy of disclosing sensitive data.

Download Full-text

Security in Cloud Computing Using Hash Algorithm: A Neural Cloud Data Security Model

Modern Applied Science ◽

10.5539/mas.v12n6p143 ◽

2018 ◽

Vol 12 (6) ◽

pp. 143 ◽

Cited By ~ 1

Author(s):

Osama Harfoushi ◽

Ruba Obiedat

Keyword(s):

Cloud Computing ◽

Big Data ◽

Data Storage ◽

Data Privacy ◽

Security Model ◽

Application Development ◽

Cloud Data ◽

Computing Services ◽

Cloud Computing System ◽

Cloud Computing Services

Cloud computing is the delivery of computing resources over the Internet. Examples include, among others, servers, storage, big data, databases, networking, software, and analytics. Institutes that provide cloud computing services are called providers. Cloud computing services were primarily developed to help IT professionals through application development, big data storage and recovery, website hosting, on-demand software delivery, and analysis of significant data patterns that could compromise a system’s security. Given the widespread availability of cloud computing, many companies have begun to implement the system because it is cost-efficient, reliable, scalable, and can be accessed from anywhere at any time. The most demanding feature of a cloud computing system is its security platform, which uses cryptographic algorithm levels to enhance protection of unauthorized access, modification, and denial of services. For the most part, cloud security uses algorithms to ensure the preservation of big data stored on remote servers. This study proposes a methodology to reduce concerns about data privacy by using cloud computing cryptography algorithms to improve the security of various platforms and to ensure customer satisfaction.

Download Full-text

Obfuscating encrypted threshold signature algorithm and its applications in cloud computing

PLoS ONE ◽

10.1371/journal.pone.0250259 ◽

2021 ◽

Vol 16 (4) ◽

pp. e0250259

Author(s):

Yahong Li ◽

Jianzhou Wei ◽

Bin Wu ◽

Chunli Wang ◽

Caifen Wang ◽

...

Keyword(s):

Cloud Computing ◽

Data Privacy ◽

Service Providers ◽

Sensitive Information ◽

Threshold Signature ◽

Sensitive Data ◽

Average Case ◽

Diffie Hellman ◽

Program Obfuscation ◽

Pairing Based Cryptography

Current cloud computing causes serious restrictions to safeguarding users’ data privacy. Since users’ sensitive data is submitted in unencrypted forms to remote machines possessed and operated by untrusted service providers, users’ sensitive data may be leaked by service providers. Program obfuscation shows the unique advantages that it can provide for cloud computing. In this paper, we construct an encrypted threshold signature functionality, which can outsource the threshold signing rights of users to cloud server securely by applying obfuscation, while revealing no more sensitive information. The obfuscator is proven to satisfy the average case virtual black box property and existentially unforgeable under the decisional linear (DLIN) assumption and computational Diffie-Hellman (CDH) assumption in the standard model. Moreover, we implement our scheme using the Java pairing-based cryptography library on a laptop.

Download Full-text