Security Issues in Outsourced XML Databases

IT Outsourcing ◽

10.4018/978-1-60566-770-6.ch131 ◽

2010 ◽

pp. 2052-2081

Author(s):

Tran Khanh Dang

Keyword(s):

Data Privacy ◽

Service Providers ◽

Security Requirements ◽

Research Issues ◽

Xml Databases ◽

Storage And Retrieval ◽

Security Issues ◽

Security Research ◽

Initial Stage ◽

Database Service

In an outsourced XML database service model, organizations rely upon the premises of external service providers for the storage and retrieval management of their XML data. Since, typically, service providers are not fully trusted; this model introduces numerous interesting research challenges. Among them, the most crucial security research questions relate to data confidentiality, user and data privacy, queryassurance, secure auditing, and secure and efficient storage model. Although there exists a large number of related research works on these topics, the authors are still at the initial stage and the research results are still far from practical maturity. In this chapter, they extensively discuss all potential security issues mentioned above and the existing solutions, and present open research issues relevant to security requirements in outsourced XML databases.

Download Full-text

Researches on Data Privacy in Cloud Computing Based on Game Theory

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.571-572.22 ◽

2014 ◽

Vol 571-572 ◽

pp. 22-25

Author(s):

Yong Hong Yu ◽

Li Wu

Keyword(s):

Game Theory ◽

Cloud Computing ◽

Nash Equilibrium ◽

Data Privacy ◽

Mixed Strategy ◽

Service Providers ◽

Influence Factors ◽

Complete Information ◽

Trusted Data ◽

Database Service

Existing proposals for data privacy in cloud computing have typically been founded on encryption and are not well-balanced on dealing with the contradiction between data privacy and efficient queries. This paper discusses the data privacy in cloud computing based on the perspective of game theory. It built a complete information static game theory frame between a trusted data center and many un-trusted database service providers to avoid the coalition among un-trusted database service providers, and gave Nash equilibrium of mixed strategy. Some influence factors of Nash equilibrium are also analyzed.

Download Full-text

Tenant-Oriented Monitoring for Customized Security Services in the Cloud

Symmetry ◽

10.3390/sym11020252 ◽

2019 ◽

Vol 11 (2) ◽

pp. 252 ◽

Cited By ~ 3

Author(s):

Huaizhe Zhou ◽

Haihe Ba ◽

Yongjun Wang ◽

Zhiying Wang ◽

Jun Ma ◽

...

Keyword(s):

Virtual Machines ◽

Service Providers ◽

Security Analysis ◽

Security Requirements ◽

Security And Privacy ◽

Sensitive Information ◽

Cloud Environment ◽

Security Issues ◽

Security Services ◽

Runtime Information

The dramatic proliferation of cloud computing makes it an attractive target for malicious attacks. Increasing solutions resort to virtual machine introspection (VMI) to deal with security issues in the cloud environment. However, the existing works are not feasible to support tenants to customize individual security services based on their security requirements flexibly. Additionally, adoption of VMI-based security solutions makes tenants at the risk of exposing sensitive information to attackers. To alleviate the security and privacy anxieties of tenants, we present SECLOUD, a framework for monitoring VMs in the cloud for security analysis in this paper. By extending VMI techniques, SECLOUD provides remote tenants or their authorized security service providers with flexible interfaces for monitoring runtime information of guest virtual machines (VMs) in a non-intrusive manner. The proposed framework enhances effectiveness of monitoring by taking advantages of architectural symmetry of cloud environment. Moreover, we harden our framework with a privacy-preserving capacity for tenants. The flexibility and effectiveness of SECLOUD is demonstrated through a prototype implementation based on Xen hypervisor, which results in acceptable performance overhead.

Download Full-text

Data Privacy and Integrity Issues Scheme in Cloud Computing: A Survey

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i3.28.20978 ◽

2018 ◽

Vol 7 (3.28) ◽

pp. 102

Author(s):

Siti Dhalila Mohd Satar ◽

Masnida Hussin ◽

Zurina Mohd Hanapi ◽

Mohamad Afendee Mohamed

Keyword(s):

Cloud Computing ◽

Data Privacy ◽

Service Providers ◽

Research Organization ◽

Third Party ◽

Cloud Computing Security ◽

Security Issues ◽

The Third ◽

Widespread Adoption ◽

Digital Assets

In the cloud computing, security is one of the biggest obstacles that hamper the widespread adoption of cloud. Several business and research organization are reluctant in completely trusting the cloud computing to shift digital assets to the third-party service providers. Hence, the objective of this is to present the security issues related to data privacy and integrity in cloud computing. 20 selected papers have been reviewed to be analysing the technique used in providing data privacy and integrity. The issues or problems related to the technique are presented.

Download Full-text

Data-driven sector coupling in 5G-based smart networks

Competition and Regulation in Network Industries ◽

10.1177/1783591721992762 ◽

2021 ◽

Vol 22 (1) ◽

pp. 53-68

Author(s):

Guenter Knieps

Keyword(s):

Data Privacy ◽

Service Providers ◽

Policy Implications ◽

Network Industries ◽

5G Networks ◽

Privacy And Security ◽

Open Set ◽

Application Service ◽

Downstream Application

5G attains the role of a GPT for an open set of downstream IoT applications in various network industries and within the app economy more generally. Traditionally, sector coupling has been a rather narrow concept focusing on the horizontal synergies of urban system integration in terms of transport, energy, and waste systems, or else the creation of new intermodal markets. The transition toward 5G has fundamentally changed the framing of sector coupling in network industries by underscoring the relevance of differentiating between horizontal and vertical sector coupling. Due to the fixed mobile convergence and the large open set of complementary use cases, 5G has taken on the characteristics of a generalized purpose technology (GPT) in its role as the enabler of a large variety of smart network applications. Due to this vertical relationship, characterized by pervasiveness and innovational complementarities between upstream 5G networks and downstream application sectors, vertical sector coupling between the provider of an upstream GPT and different downstream application industries has acquired particular relevance. In contrast to horizontal sector coupling among different application sectors, the driver of vertical sector coupling is that each of the heterogeneous application sectors requires a critical input from the upstream 5G network provider and combines this with its own downstream technology. Of particular relevance for vertical sector coupling are the innovational complementarities between upstream GPT and downstream application sectors. The focus on vertical sector coupling also has important policy implications. Although the evolution of 5G networks strongly depends on the entrepreneurial, market-driven activities of broadband network operators and application service providers, the future of 5G as a GPT is heavily contingent on the role of frequency management authorities and European regulatory policy with regard to data privacy and security regulations.

Download Full-text

A Comparative analysis of security issues & vulnerabilities of leading Cloud Service Providers and in-house University Cloud platform for hosting E-Educational applications

10.1109/mysurucon52639.2021.9641545 ◽

2021 ◽

Author(s):

Abhishek Sharma ◽

Umesh Kumar Singh ◽

Kamal Upreti ◽

Nishant Kumar ◽

Suyash Kumar Singh

Keyword(s):

Comparative Analysis ◽

Service Providers ◽

Cloud Service ◽

Cloud Platform ◽

Security Issues ◽

Cloud Service Providers ◽

Educational Applications

Download Full-text

The Challenges of Institutional Distance: Data Privacy Issues in Cloud Computing

Science Technology and Society ◽

10.1177/0971721818806088 ◽

2018 ◽

Vol 24 (1) ◽

pp. 161-181 ◽

Cited By ~ 3

Author(s):

Yashar Abed ◽

Meena Chavan

Keyword(s):

Cloud Computing ◽

Multinational Corporations ◽

Data Privacy ◽

Service Providers ◽

Host Countries ◽

Case Study Methodology ◽

Regulatory Constraints ◽

Cloud Computing Service ◽

Privacy Issues

Data protection and data privacy are significant challenges in cloud computing for multinational corporations. There are no standard laws to protect data across borders. The institutional and regulatory constraints and governance differ across countries. This article explores the challenges of institutional constraints faced by cloud computing service providers in regard to data privacy issues across borders. Through a qualitative case study methodology, this research compares the institutional structure of a few host countries, with regard to data privacy in cloud computing and delineates a relative case study. This article will also review the cloud computing legal frameworks and the history of cloud computing to make the concept more comprehensible to a layman.

Download Full-text

A Secure Ciphertext Retrieval Scheme against Insider KGAs for Mobile Devices in Cloud Storage

Security and Communication Networks ◽

10.1155/2018/7254305 ◽

2018 ◽

Vol 2018 ◽

pp. 1-7 ◽

Cited By ~ 11

Author(s):

Run Xie ◽

Chanlian He ◽

Dongqing Xie ◽

Chongzhi Gao ◽

Xiaojun Zhang

Keyword(s):

Cloud Computing ◽

Mobile Devices ◽

Data Privacy ◽

Security Analysis ◽

Data Retrieval ◽

Sensitive Data ◽

Encrypted Data ◽

Security Issues ◽

Efficiency Comparison ◽

Cloud Servers

With the advent of cloud computing, data privacy has become one of critical security issues and attracted much attention as more and more mobile devices are relying on the services in cloud. To protect data privacy, users usually encrypt their sensitive data before uploading to cloud servers, which renders the data utilization to be difficult. The ciphertext retrieval is able to realize utilization over encrypted data and searchable public key encryption is an effective way in the construction of encrypted data retrieval. However, the previous related works have not paid much attention to the design of ciphertext retrieval schemes that are secure against inside keyword-guessing attacks (KGAs). In this paper, we first construct a new architecture to resist inside KGAs. Moreover we present an efficient ciphertext retrieval instance with a designated tester (dCRKS) based on the architecture. This instance is secure under the inside KGAs. Finally, security analysis and efficiency comparison show that the proposal is effective for the retrieval of encrypted data in cloud computing.

Download Full-text

Privacy and Security Issues in Online Social Networks

Future Internet ◽

10.3390/fi10120114 ◽

2018 ◽

Vol 10 (12) ◽

pp. 114 ◽

Cited By ~ 14

Author(s):

Shaukat Ali ◽

Naveed Islam ◽

Azhar Rauf ◽

Ikram Din ◽

Mohsen Guizani ◽

...

Keyword(s):

Social Networks ◽

Online Social Networks ◽

Virtual Communities ◽

Service Providers ◽

Security And Privacy ◽

Security Issue ◽

Sensitive Data ◽

Privacy And Security ◽

Security Issues ◽

Social Sphere

The advent of online social networks (OSN) has transformed a common passive reader into a content contributor. It has allowed users to share information and exchange opinions, and also express themselves in online virtual communities to interact with other users of similar interests. However, OSN have turned the social sphere of users into the commercial sphere. This should create a privacy and security issue for OSN users. OSN service providers collect the private and sensitive data of their customers that can be misused by data collectors, third parties, or by unauthorized users. In this paper, common security and privacy issues are explained along with recommendations to OSN users to protect themselves from these issues whenever they use social media.

Download Full-text

Complying with Privacy Legislation: From Legal Text to Implementation of Privacy-Aware Location-Based Services

ISPRS International Journal of Geo-Information ◽

10.3390/ijgi7110442 ◽

2018 ◽

Vol 7 (11) ◽

pp. 442 ◽

Cited By ~ 1

Author(s):

Mehrnaz Ataei ◽

Auriol Degbelo ◽

Christian Kray ◽

Vitor Santos

Keyword(s):

Data Privacy ◽

Location Privacy ◽

Service Providers ◽

Location Based Services ◽

Legal Text ◽

General Data Protection Regulation ◽

Location Data ◽

Privacy Laws ◽

Technical Issues ◽

General Data

An individual’s location data is very sensitive geoinformation. While its disclosure is necessary, e.g., to provide location-based services (LBS), it also facilitates deep insights into the lives of LBS users as well as various attacks on these users. Location privacy threats can be mitigated through privacy regulations such as the General Data Protection Regulation (GDPR), which was introduced recently and harmonises data privacy laws across Europe. While the GDPR is meant to protect users’ privacy, the main problem is that it does not provide explicit guidelines for designers and developers about how to build systems that comply with it. In order to bridge this gap, we systematically analysed the legal text, carried out expert interviews, and ran a nine-week-long take-home study with four developers. We particularly focused on user-facing issues, as these have received little attention compared to technical issues. Our main contributions are a list of aspects from the legal text of the GDPR that can be tackled at the user interface level and a set of guidelines on how to realise this. Our results can help service providers, designers and developers of applications dealing with location information from human users to comply with the GDPR.

Download Full-text