Distributed data hiding in a single cloud storage environment

Distributed steganography is an approach to concealing the secret in several files, leaving fewer traces than the classical approach. Recent work proposed by Moyou and Ndoumdan have improved this approach by preserving the integrity of these files in a multi-cloud storage environment. However, the approach requires a large size of the stego-key and the management of several cloud storage environments. Our contribution consists is to improve this approach by using a single cloud storage environment and reducing the size of the stego-key. In this work, a single cloud storage environment is used to solve the problems of managing several credentials, monetary costs and data controls associated with multi-cloud storage environments. The comparisons showed interesting results with simpler operations to be performed by the participants during the process.

An Empirical Study of the Impact of Data Splitting Decisions on the Performance of AIOps Solutions

AIOps (Artificial Intelligence for IT Operations) leverages machine learning models to help practitioners handle the massive data produced during the operations of large-scale systems. However, due to the nature of the operation data, AIOps modeling faces several data splitting-related challenges, such as imbalanced data, data leakage, and concept drift. In this work, we study the data leakage and concept drift challenges in the context of AIOps and evaluate the impact of different modeling decisions on such challenges. Specifically, we perform a case study on two commonly studied AIOps applications: (1) predicting job failures based on trace data from a large-scale cluster environment and (2) predicting disk failures based on disk monitoring data from a large-scale cloud storage environment. First, we observe that the data leakage issue exists in AIOps solutions. Using a time-based splitting of training and validation datasets can significantly reduce such data leakage, making it more appropriate than using a random splitting in the AIOps context. Second, we show that AIOps solutions suffer from concept drift. Periodically updating AIOps models can help mitigate the impact of such concept drift, while the performance benefit and the modeling cost of increasing the update frequency depend largely on the application data and the used models. Our findings encourage future studies and practices on developing AIOps solutions to pay attention to their data-splitting decisions to handle the data leakage and concept drift challenges.

Group Delegated ID-Based Proxy Reencryption for the Enterprise IoT-Cloud Storage Environment

In general, ID-based proxy reencryption (IBPRE) includes data transfer in a 1 : 1 manner between a sender and receiver. Therefore, only the data owner has the authority to decrypt or reencrypt the data that is encrypted with his/her public key. However, in an environment with data self-sovereignty, such as an enterprise IoT-cloud environment, the data are directly managed by cloud once data is uploaded from user-controlled IoT devices. In such a situation, there is no way of sharing data if the data owner has no access over the data due to being outside the workplace and other issues. In this study, to solve this problem, data can be shared even when the data cannot be accessed by delegating the authority of the data owner to generate the reencryption key to other users. In addition, by solving the security threats that may appear in this process, data sharing can be performed securely and efficiently in the corporate environment.

Digital Evidence and Cloud Forensics: Contemporary Legal Challenges and the Power of Disposal

Fighting crime in cyberspace requires law enforcement authorities to immerse in a digital ocean of vast amount of information and also to acquire and objectify the evidence of criminal activity. Handling digital evidence is a complex and multifaceted process as they can provide critical evidentiary information in an unquestionable and irrefutable way. When digital evidence resides in a cloud storage environment the criminal investigation is faced with unprecedented contemporary legal challenges. In this paper, the authors identify three main legal challenges that arise from the current cloud-based technological landscape, i.e., territoriality (the loss of location), possession (the cloud content ownership) and confiscation procedure (user authentication/data preservation issues). On the onset of the identified challenges, the existing American, European and International legal frameworks are thoroughly evaluated. Finally, the authors discuss and endorse the Power of Disposal, a newly formed legal notion and a multidisciplinary solution with a global effect as a result of collaboration between technical, organizational and legal perspectives as an effective first step to mitigate the identified legal challenges.

Performance Evaluation of Cloud Database Security Algorithms

Cloud computing is a group of servers providing the on demand computing services to the users on rental basis. One of the services providing by the cloud is Data Storage as a Service. In Data Storage as a Service user will outsource their sensitive data to cloud storage environment, where the users data will be stored and whenever user needs data, they will access from the cloud storage from anywhere and anytime using any device connected to the internet. One of the critical issues in this is data security. When user outsources their sensitive data to cloud vendor, the cloud vendor may leak the user’s sensitive data to third persons because vendor is not a trusted party. To overcome these problems there are many authors suggested different security algorithms. In this research we studied and evaluating the performances of those security algorithms and proposing a better solution, which provides best security to data stored in cloud databases.

Distributed data hiding in multi-cloud storage environment

Classical or traditional steganography aims at hiding a secret in cover media such as text, image, audio, video or even in network protocols. Recent research has improved this approach called distributed steganography by fragmenting the secret message and embedding each secret piece into a distinct cover media. The major interest of this approach is to make the secret message detection extremely difficult. However, these file modifications leave fingerprints which can reveal a secret channel to an attacker. Our contribution is a new steganography paradigm transparent to any attacker and resistant to the detection and the secret extraction. Two properties contribute to achieve these goals: the files do not undergo any modification while the distribution of the secret in the multi-cloud storage environment allows us to hide the existence of the covert channel between the communicating parties. Information’s are usually hidden inside the cover media. In this work, the covert media is a pointer to information. Therefore the file carries the information without being modified and the only way to access it is to have the key. Experiments show interesting comparison results with remarkable security contributions. The work can be seen as a new open direction for further research in the field.

Attribute-Based User Revocable Data Integrity Audit for Internet-of-Things Devices in Cloud Storage

Mobile crowdsensing (MCS) is a sensing paradigm exploiting the capabilities of mobile devices (Internet-of-Things devices, smartphones, etc.) to gather large volume of data. MCS has been widely used in cloud storage environment. However, MCS often faces the challenge of data integrity and user revocation issues. To solve these challenges, this paper uses attribute-based revocable signature mechanisms to construct a data integrity auditing scheme for IoT devices in the cloud storage environment. Users use attribute private keys to generate attribute signatures, and limit the user’s permission to use shared data through access policy control. Only when the user attribute is included in the global attribute set, and the attribute threshold is not less than the specified number, the user can use the attribute key for the data to generate a valid signature that can be authenticated under the control of the signature strategy. At the same time, the group manager (GM) can send secret information to a third-party auditor (TPA) to track the creator of the signature, to withdraw the user’s access to data when the business changes, and realize the safe revocation of user group membership. Formal security analysis and experimental results show that the proposed data-auditing solution is suitable for IoT devices in the cloud storage environment with respect to security and performance.