E-Commerce Security Research in Big Data Environment

Rapid development of e-commerce and mobile communication opens a new era of big data. In this article, the authors put big data and e-commerce security together. They construct electronic commerce security system from these aspects: the creation of database, the security of information storage, the mining of information based on big data environment thoroughly. The second-generation product distributed platform- Apache Hadoop which is more popular and instant has been brought in. what's more, this article expounds the structure and working process. On the base of this platform, this article analyses the certainty and security of e-commerce transactions data developed on the condition of big data. It puts forward a construction view that people should guide and monitor the behavior of e-commerce, and improve the security system of electronic commerce on the base of data.

Privacy Preserving and Efficient Outsourcing Algorithm to Public Cloud

The growth of the cloud computing services and its proliferation in business and academia has triggered enormous opportunities for computation in third-party data management settings. This computing model allows the client to outsource their large computations to cloud data centers, where the cloud server conducts the computation on their behalf. But data privacy and computational integrity are the biggest concern for the client. In this article, the authors attempt to present an algorithm for secure outsourcing of a covariance matrix, which is the basic building block for many automatic classification systems. The algorithm first performs some efficient transformation to protect the privacy and verify the computed result produced by the cloud server. Further, an analytical and experimental analysis shows that the algorithm is simultaneously meeting the design goals of privacy, verifiability and efficiency. Also, found that the proposed algorithm is about 7.8276 times more efficient than the direct implementation.

Privacy Preserving in Digital Health

Recently, digital health solutions are taking advantage of recent advances in information and communication technologies. In this context, patients' health data are shared with other stakeholders. Moreover, it's now easier to collect massive health data due to the rising use of connected sensors in the health sector. However, the sensitivity of this shared healthcare data related to patients may increase the risks of privacy violation. Therefore, healthcare-related data need robust security measurements to prevent its disclosure and preserve patients' privacy. However, in order to make well-informed decisions, it is often necessary to allow more permissive security policies for healthcare organizations even without the consent of patients or against their preferences. The authors of this chapter concentrate on highlighting these challenging issues related to patient privacy and presenting some of the most significant privacy preserving approaches in the context of digital health.

Medical Data Security Tools and Techniques in E-Health Applications

The primary objective of this chapter is to analyze the existing tools and techniques for medical data security. Typically, medical data includes either medical signals such as electrocardiogram, electroencephalogram, electromyography, or medical imaging like digital imaging and communications in medicine, joint photographic experts group format. The medical data are sensitive, subject to privacy preservation, and data access rights. Security in e-health field is an integrated concept which includes robust combination of confidentiality, integrity, and availability of medical data. Confidentiality ensures the data is inaccessible to unauthorized access. Integrity restricts the alteration in data by the unauthorized user. Whereas availability provides the readiness of the data when needed by the authorized user. Additionally, confidentiality, integrity and availability, accountability parameter records the back action list which answers the why, when, what, and whom data is accessed. The selected tools and techniques used in medical data security in e-health applications is discussed.

Privacy in Online Social Networks

This chapter is concerned with the identification of the privacy threats to provide a feedback to the users so that they can make an informed decision based on their desired level of privacy. To achieve this goal, Solove's taxonomy of privacy violations is refined to incorporate the modern challenges to the privacy posed by the evolution of social networks. This work emphasizes on the fact that the privacy protection should be a joint effort of social network owners and users, and provides a classification of mitigation strategies according to the party responsible for taking these countermeasures. In addition, it highlights the key research issues to guide the research in the field of privacy preservation. This chapter can serve as a first step to comprehend the privacy requirements of online users and educate the users about their choices and actions in social media.

Human Factors in Cybersecurity

Over recent years, the extensive development of information technology has dramatically advanced the way that people use the internet. The fast growth of the internet of things and mobile crowdsensing applications raise challenging security and privacy issues for the society. More often than before, malicious attackers exploit human vulnerability as the weakest link to launch cyberattacks and conduct fraudulent online activities. How to profile users' daily behavior becomes an essential component for identifying users' vulnerable/malicious level and predicting the potential cyber threats. In this chapter, the authors discuss human factors and their related issues in cyber security and privacy. Three categories of human behaviors—desktop behavior, mobile behavior, and online behavior—and their corresponding security and privacy issues are demonstrated in detail to estimate the vulnerabilities of internet users. Some future directions related to human-factor based security and privacy issues are proposed at the end of this chapter.

Analysis of the US Privacy Model

The creation of the General Data Protection Regulation (GDPR) constituted an enormous advance in data privacy, empowering the online consumers, who were doomed to the complete loss of control of their personal information. Although it may first seem that it only affects companies within the European Union, the regulation clearly states that every company who has businesses in the EU must be compliant with the GDPR. Other non-EU countries, like the United States, have seen the benefits of the GDPR and are already developing their own privacy laws. In this article, the most important updates introduced by the GDPR concerning US corporations will be discussed, as well as how American companies can become compliant with the regulation. Besides, a comparison between the GDPR and the state of art of privacy in the US will be presented, highlighting similarities and disparities at the national level and in states of particular interest.

Cyber Security Aspects of Virtualization in Cloud Computing Environments

Cybercrime continues to emerge, with new threats surfacing every year. Every business, regardless of its size, is a potential target of cyber-attack. Cybersecurity in today's connected world is a key component of any establishment. Amidst known security threats in a virtualization environment, side-channel attacks (SCA) target most impressionable data and computations. SCA is flattering major security interests that need to be inspected from a new point of view. As a part of cybersecurity aspects, secured implementation of virtualization infrastructure is very much essential to ensure the overall security of the cloud computing environment. We require the most effective tools for threat detection, response, and reporting to safeguard business and customers from cyber-attacks. The objective of this chapter is to explore virtualization aspects of cybersecurity threats and solutions in the cloud computing environment. The authors also discuss the design of their novel ‘Flush+Flush' cache attack detection approach in a virtualized environment.

Anonymous Authentication for Privacy Preserving of Multimedia Data in the Cloud

Cloud computing technology provides cost-saving and flexibility of services for users. With the explosion of multimedia data, more and more data owners would outsource their personal multimedia data on the cloud. In the meantime, some computationally expensive tasks are also undertaken by cloud servers. However, the outsourced multimedia data and its applications may reveal the data owner's private information because the data owners lose control of their data. Recently, this thought has aroused new research interest on privacy-preserving reversible data hiding over outsourced multimedia data. Anonymous Authentication Scheme will be proposed in this chapter as the most relatable, applicable, and appropriate techniques to be adopted by the cloud computing professionals for the eradication of risks that have been associated with the risks and challenges of privacy.

Study and Survey on Blockchain Privacy and Security Issues

Blockchain-based technology is becoming increasingly popular and is now used to solve a wide range of tasks. And it's not all about cryptocurrencies. Even though it's based on secure technology, a blockchain needs protection as well. The risks of exploits, targeted attacks, or unauthorized access can be mitigated by the instant incident response and system recovery. Blockchain technology relies on a ledger to keep track of all financial transactions. Ordinarily, this kind of master ledger would be a glaring point of vulnerability. Another tenet of security is the chain itself. Configuration flaws, as well as insecure data storage and transfers, may cause leaks of sensitive information. This is even more dangerous when there are centralized components within the platform. In this chapter, the authors will demonstrate where the disadvantages of security and privacy in blockchain are currently and discuss how blockchain technology can improve these disadvantages and outlines the requirements for future solution.