A Trusted Cloud Computing With Cryptographic Technique

Document from the year 2013 in the subject Computer Science - Internet, New Technologies, grade: A, , language: English, abstract: This book focuses on the security issues in Cloud Computing System; Cloud Computing is an upcoming paradigm that offers tremendous advantages in economical aspects such as reduced time to market, flexible computing capabilities and limitless computing power. To use the full potential of the cloud computing, data is transferred, processed and stored by external cloud providers. However, data owners are very skeptical to place their data outside their own control sphere. This book discusses the security controls to protect data in cloud computing environment using Cryptographic technique. Cloud computing provide the way to share distributed resources and services that belong to different organizations. Since cloud computing share distributed resources via the network in the open environment, thus it makes security problems important for us to develop the cloud computing application. In this book, we pay attention to the security requirements in cloud computing environment. We proposed a method to build a trusted computing environment using cryptographic technique, for cloud computing system by integrating the trusted computing platform into cloud computing system. Security has become a major concern in cloud computing environment. Where the resources are shared by many. Users join and leave the cloud dynamically which leads to a serious challenge for the security of shared resources. Hence there’s a need to establish trust in the cloud so that the users are ensured of their data security. We propose a model system in which cloud computing system is combined with trusted computing platform with trusted platform module. In this model, some important security services, including authentication, confidentiality, data Storage, data security and access control, are provided in cloud computing system.

As is common practice in research, many new cryptographic techniques have been developed to tackle either a theoretical question or foreseeing a soon to become reality application. Cloud computing is one of these new areas, where cryptography is expected to unveil its power by bringing striking new features to the cloud. Cloud computing is an evolving paradigm, whose basic attempt is to shift computing and storage capabilities to external service providers. This resource offers an overview of the possibilities of cryptography for protecting data and identity information, much beyond well-known cryptographic primitives such as encryption or digital signatures. This book represents a compilation of various recent cryptographic primitives, providing readers with the features and limitations of each.

This book documents the scientific results of the projects related to the Trusted Cloud Program, covering fundamental aspects of trust, security, and quality of service for cloud-based services and applications. These results aim to allow trustworthy IT applications in the cloud by providing a reliable and secure technical and legal framework. In this domain, business models, legislative circumstances, technical possibilities, and realizable security are closely interwoven and thus are addressed jointly. The book is organized in four parts on “Security and Privacy”, “Software Engineering and Software Quality”, “Platforms, Middleware and Integration”, and “Social Aspects, Business Models and Standards”. It thus provides a holistic view on technological, societal, and legal aspects, which are indispensable not only to ensure the security of cloud services and the data they process, but also to gain the trust of society, business, industry, and science in these services. The ultimate goal of the book, as well as of the Trusted Cloud Program in general, is to distribute these results to a broader audience in both academia and industry, and thus to help with the proliferation of "Industry 4.0" services.

The book compiles technologies for enhancing and provisioning security, privacy and trust in cloud systems based on Quality of Service requirements. It is a timely contribution to a field that is gaining considerable research interest, momentum, and provides a comprehensive coverage of technologies related to cloud security, privacy and trust. In particular, the book includes - Cloud security fundamentals and related technologies to-date, with a comprehensive coverage of evolution, current landscape, and future roadmap. - A smooth organization with introductory, advanced and specialist content, i.e. from basics of security, privacy and trust in cloud systems, to advanced cartographic techniques, case studies covering both social and technological aspects, and advanced platforms. - Case studies written by professionals and/or industrial researchers. - Inclusion of a section on Cloud security and eGovernance tutorial that can be used for knowledge transfer and teaching purpose. - Identification of open research issues to help practitioners and researchers. The book is a timely topic for readers, including practicing engineers and academics, in the domains related to the engineering, science, and art of building networks and networked applications. Specifically, upon reading this book, audiences will perceive the following benefits: 1. Learn the state-of-the-art in research and development on cloud security, privacy and trust. 2. Obtain a future roadmap by learning open research issues. 3. Gather the background knowledge to tackle key problems, whose solutions will enhance the evolution of next-generation secure cloud systems.

Cloud storage is an important service of cloud computing, which offers service for data owners to host their data in the cloud. This new paradigm of data hosting and data access services introduces two major security concerns. The first is the protection of data integrity. Data owners may not fully trust the cloud server and worry that data stored in the cloud could be corrupted or even removed. The second is data access control. Data owners may worry that some dishonest servers provide data access to users that are not permitted for profit gain and thus they can no longer rely on the servers for access control. To protect the data integrity in the cloud, an efficient and secure dynamic auditing protocol is introduced, which can support dynamic auditing and batch auditing. To ensure the data security in the cloud, two efficient and secure data access control schemes are introduced in this brief: ABAC for Single-authority Systems and DAC-MACS for Multi-authority Systems. While Ciphertext-Policy Attribute-based Encryption (CP-ABE) is a promising technique for access control of encrypted data, the existing schemes cannot be directly applied to data access control for cloud storage systems because of the attribute revocation problem. To solve the attribute revocation problem, new Revocable CP-ABE methods are proposed in both ABAC and DAC-MACS.

This book presents selected papers from the International Conference on Computing, Communication, Electrical and Biomedical Systems (ICCCEBS 2021), held in March 2021 at KPR College of Engineering and Technology, Coimbatore, Tamil Nadu, India. The conference explores the interface between industry and real-time environments with newly developed techniques in computing and communications engineering. The papers describe results of conceptual, constructive, empirical, experimental, and theoretical work in areas of computing, communication, electrical, and biomedical systems. Contributors include academic scientists, researchers, industry representatives, postdoctoral fellows, and research scholars from around the world.

This book presents a selection of revised and extended versions of the best papers from the First International Conference on Social Networking and Computational Intelligence (SCI-2018), held in Bhopal, India, from October 5 to 6, 2018. It discusses recent advances in scientific developments and applications in these areas.

This book presents a range of cloud computing security challenges and promising solution paths. The first two chapters focus on practical considerations of cloud computing. In Chapter 1, Chandramouli, Iorga, and Chokani describe the evolution of cloud computing and the current state of practice, followed by the challenges of cryptographic key management in the cloud. In Chapter 2, Chen and Sion present a dollar cost model of cloud computing and explore the economic viability of cloud computing with and without security mechanisms involving cryptographic mechanisms. The next two chapters address security issues of the cloud infrastructure. In Chapter 3, Szefer and Lee describe a hardware-enhanced security architecture that protects the confidentiality and integrity of a virtual machine’s memory from an untrusted or malicious hypervisor. In Chapter 4, Tsugawa et al. discuss the security issues introduced when Software-Defined Networking (SDN) is deployed within and across clouds. Chapters 5-9 focus on the protection of data stored in the cloud. In Chapter 5, Wang et al. present two storage isolation schemes that enable cloud users with high security requirements to verify that their disk storage is isolated from some or all other users, without any cooperation from cloud service providers. In Chapter 6, De Capitani di Vimercati, Foresti, and Samarati describe emerging approaches for protecting data stored externally and for enforcing fine-grained and selective accesses on them, and illustrate how the combination of these approaches can introduce new privacy risks. In Chapter 7, Le, Kant, and Jajodia explore data access challenges in collaborative enterprise computing environments where multiple parties formulate their own authorization rules, and discuss the problems of rule consistency, enforcement, and dynamic updates. In Chapter 8, Smith et al. address key challenges to the practical realization of a system that supports query execution over remote encrypted data without exposing decryption keys or plaintext at the server. In Chapter 9, Sun et al. provide an overview of secure search techniques over encrypted data, and then elaborate on a scheme that can achieve privacy-preserving multi-keyword text search. The next three chapters focus on the secure deployment of computations to the cloud. In Chapter 10, Oktay el al. present a risk-based approach for workload partitioning in hybrid clouds that selectively outsources data and computation based on their level of sensitivity. The chapter also describes a vulnerability assessment framework for cloud computing environments. In Chapter 11, Albanese et al. present a solution for deploying a mission in the cloud while minimizing the mission’s exposure to known vulnerabilities, and a cost-effective approach to harden the computational resources selected to support the mission. In Chapter 12, Kontaxis et al. describe a system that generates computational decoys to introduce uncertainty and deceive adversaries as to which data and computation is legitimate. The last section of the book addresses issues related to security monitoring and system resilience. In Chapter 13, Zhou presents a secure, provenance-based capability that captures dependencies between system states, tracks state changes over time, and that answers attribution questions about the existence, or change, of a system’s state at a given time. In Chapter 14, Wu et al. present a monitoring capability for multicore architectures that runs monitoring threads concurrently with user or kernel code to constantly check for security violations. Finally, in Chapter 15, Hasan Cam describes how to manage the risk and resilience of cyber-physical systems by employing controllability and observability techniques for linear and non-linear systems.