The Experts below are selected from a list of 50421 Experts worldwide ranked by ideXlab platform
Javam C. Machado - One of the best experts on this subject based on the ideXlab platform.
-
ICEIS (Revised Selected Papers) - A New Mechanism to Preserving Data Confidentiality in Cloud Database Scenarios
Enterprise Information Systems, 2017Co-Authors: Eliseu C. Branco, Roney Reis, Jose Maria Monteiro, Javam C. MachadoAbstract:A cloud Database is a Database that typically runs on a cloud computing platform. There are two common deployment models: users can run Databases on virtual machines hosted and managed by a infrastructure as a service provider, or they can purchase access to a Database service, maintained by a software as a service provider, without physically launching a virtual machine instance for the Database. In a Database service, application owners do not have to install and maintain the Database themselves. Instead, the Database as a service provider takes responsibility for installing and maintaining the Database, and application owners pay according to their usage. Thus, Database services decrease the need for local Data storage and the infrastructure costs. Nevertheless, hosting confidential Data at a Database service requires the transfer of control of the Data to a semi-trusted external provider. Therefore, Data Confidentiality is an important concern from cloud service providers. Recently, three main approaches have been introduced to ensure Data Confidentiality in cloud services: Data encryption; combination of encryption and fragmentation; and fragmentation. Besides, other strategies use a mix of these three main approaches. In this paper, we present i-OBJECT, a new mechanism to preserve Data Confidentiality in Database service scenarios. The proposed mechanism uses information decomposition to split Data into unrecognizable parts and store them in different cloud service providers. Additionally, i-OBJECT is a flexible mechanism since it can be used alone or together with other previously approaches in order to increase the Data Confidentiality level. Thus, a user may trade performance or Data utility for a potential increase in the degree of Data Confidentiality. Experimental results show the potential efficiency of i-OBJECT.
-
ICEIS (1) - A Flexible Mechanism for Data Confidentiality in Cloud Database Scenarios
Proceedings of the 18th International Conference on Enterprise Information Systems, 2016Co-Authors: Eliseu C. Branco, Roney Reis, Jose Maria Monteiro, Javam C. MachadoAbstract:Cloud computing is a recent trend of technology that aims to provide unlimited, on-demand, elastic computing and Data storage resources. In this context, cloud services decrease the need for local Data storage and the infrastructure costs. However, hosting confidential Data at a cloud storage service requires the transfer of control of the Data to a semi-trusted external provider. Therefore, Data Confidentiality is the top concern from the cloud issues list. Recently, three main approaches have been introduced to ensure Data Confidentiality in cloud services: Data encryption; combination of encryption and fragmentation; and fragmentation. In this paper, we present i-OBJECT, a new approach to preserve Data Confidentiality in cloud services. The proposed mechanism uses information decomposition to split Data into unrecognizable parts and store them in different cloud service providers. Besides, i-OBJECT is a flexible mechanism since it can be used alone or together with other previously approaches in order to increase the Data Confidentiality level. Thus, a user may trade performance or Data utility for a potential increase in the degree of Data Confidentiality. Experimental results show the potential efficiency of the proposed approach.
-
IDEAS - A New Approach to Preserving Data Confidentiality in the Cloud
Proceedings of the 20th International Database Engineering & Applications Symposium on - IDEAS '16, 2016Co-Authors: Eliseu C. Branco, Jose Maria Monteiro, Roney Reis De C. E Silva, Javam C. MachadoAbstract:Cloud computing is a recent trend of technology that aims to provide unlimited, on-demand, elastic computing and Data storage resources. In this context, cloud services decrease the need for local Data storage and the infrastructure costs. However, hosting confidential Data at a cloud storage service requires the transfer of control of the Data to a semi-trusted external provider. Therefore, Data Confidentiality is the top concern from the cloud issues list. Recently, three main approaches have been introduced to ensure Data Confidentiality in cloud services: Data encryption; combination of encryption and fragmentation; and fragmentation. Besides, other strategies use a mix of these three main approaches. In this paper, we present i-OBJECT, a new approach to preserve Data Confidentiality in cloud environments. The proposed mechanism uses information decomposition to split Data into unrecognizable parts and store them in different cloud service providers. Experimental results show the potential efficiency of i-OBJECT.
Bo Chen - One of the best experts on this subject based on the ideXlab platform.
-
ensuring Data Confidentiality via plausibly deniable encryption and secure deletion a survey
Cybersecurity, 2018Co-Authors: Qionglu Zhang, Shijie Jia, Bing Chang, Bo ChenAbstract:Ensuring Confidentiality of sensitive Data is of paramount importance, since Data leakage may not only endanger Data owners’ privacy, but also ruin reputation of businesses as well as violate various regulations like HIPPA and Sarbanes-Oxley Act. To provide Confidentiality guarantee, the Data should be protected when they are preserved in the personal computing devices (i.e., Confidentiality during their lifetime); and also, they should be rendered irrecoverable after they are removed from the devices (i.e., Confidentiality after their lifetime). Encryption and secure deletion are used to ensure Data Confidentiality during and after their lifetime, respectively. This work aims to perform a thorough literature review on the techniques being used to protect Confidentiality of the Data in personal computing devices, including both encryption and secure deletion. Especially for encryption, we mainly focus on the novel plausibly deniable encryption (PDE), which can ensure Data Confidentiality against both a coercive (i.e., the attacker can coerce the Data owner for the decryption key) and a non-coercive attacker.
-
Ensuring Data Confidentiality via plausibly deniable encryption and secure deletion – a survey
Digital Commons @ Michigan Tech, 2018Co-Authors: Zhang Qionglu, Jia Shijie, Chang Bing, Bo ChenAbstract:Ensuring Confidentiality of sensitive Data is of paramount importance, since Data leakage may not only endanger Dataowners’ privacy, but also ruin reputation of businesses as well as violate various regulations like HIPPA andSarbanes-Oxley Act. To provide Confidentiality guarantee, the Data should be protected when they are preserved inthe personal computing devices (i.e.,Confidentiality duringtheirlifetime); and also, they should be rendered irrecoverableafter they are removed from the devices (i.e.,Confidentiality after their lifetime). Encryption and secure deletion are usedto ensure Data Confidentiality during and after their lifetime, respectively.This work aims to perform a thorough literature review on the techniques being used to protect Confidentiality of theData in personal computing devices, including both encryption and secure deletion. Especially for encryption, wemainly focus on the novel plausibly deniable encryption (PDE), which can ensure Data Confidentiality against both acoercive (i.e., the attacker can coerce the Data owner for the decryption key) and a non-coercive attacker
G. Manoj Someswar - One of the best experts on this subject based on the ideXlab platform.
-
Utilization of TrueCrypt Software for Data Confidentiality through Encryption
International Journal of Research, 2018Co-Authors: Pushpanjali Patra, G. Manoj SomeswarAbstract:People are increasingly using Data encryption software to ensure Data Confidentiality. One application which facilitates Data encryption is the freely available and open-source software named TrueCrypt. Merely detecting encrypted Data can be challenging for the digital forensic investigator as its content appears random when viewed. TrueCrypt magnitudes this difficulty by implementing two features, a hidden volume and a hidden operating system. When these features are used not only does the software provide Data Confidentiality through encryption, it lets people deny that Data exists and this is often difficult for the forensic investigator to disprove. Where use of Data encryption is suspected, forensic investigators will typically try to gain access to the suspect’s computer whilst it is powered on. In its powered on state, recovery from memory of password and key material may be possible or it could allow direct access to the Data in a decrypted state. In this thesis, a security analysis of TrueCrypt, we examine a worst case scenario. In the scenario the forensic investigator only has access to the suspect computer’s hard disk after the machine had been switched off for a considerable length of time and thus a memory capture or access to the Data in a decrypted state was not possible. This research paper begins by evaluating existing statistical tests for their suitability in differentiating the encrypted TrueCrypt Data from other non-encrypted Data. A process model is defined which could be used by the forensic investigator to identify the encrypted Data solely by analysis of the suspect hard disk’s raw byte Data content. The process model is applied to the problem of detecting a hidden volume or hidden operating system. In application and verification of the process model this thesis establishes a revised volume layout of the actual TrueCrypt volume, but ultimately the hidden volume and hidden operating system remained undetectable. Using existing forensic investigation techniques, this thesis examines the leaking of information which could aid the forensic investigator in establishing use of TrueCrypt to further strengthen the case against the suspect. Finally, I conclude that detection of the hidden volume and hidden operating system solely from analysis of the suspect computer’s hard disk is still problematic for the forensic investigator.
-
A Novel Architecture for Integrating Cloud Database Services with Data Confidentiality and Concurrent Operations Execution on Encrypted Data
International Journal of Research, 2016Co-Authors: Goinaka Kishor, B. Madhav Rao, G. Manoj SomeswarAbstract:Placing critical Data in the hands of a cloud provider should come with the guarantee of security and availability for Data at rest, in motion, and in use. Several alternatives exist for storage services, while Data Confidentiality solutions for the Database as a service paradigm are still immature. We propose a novel architecture that integrates cloud Database services with Data Confidentiality and the possibility of executing concurrent operations on encrypted Data. This is the first solution supporting geographically distributed clients to connect directly to an encrypted cloud Database, and to execute concurrent and independent operations including those modifying the Database structure. The proposed architecture has the further advantage of eliminating intermediate proxies that limit the elasticity, availability, and scalability properties that are intrinsic in cloud-based solutions. The efficacy of the proposed architecture is evaluated through theoretical analyses and extensive experimental results based on a prototype implementation subject to the TPC-C standard benchmark for different numbers of clients and network latencies. KEYWORDS: Infrastructure-as-a-Service (IaaS); Platform-as-a-Service (PaaS); and Software-as-a-Service (SaaS); Fork-Join-Causal consistency (FJC)
Bin Sun - One of the best experts on this subject based on the ideXlab platform.
-
a scheme of Data Confidentiality and fault tolerance in cloud storage
International Conference on Cloud Computing, 2012Co-Authors: Bin SunAbstract:The off-premises storage paradigm that comes with cloud storage has incurred great concerns on the security of Data, especially the integrity and Confidentiality of Data. The untrusted cloud providers' complete control over Data may endanger Data Confidentiality, at the same time the invaders or accident of storage device may also damage the availability of Data. Our research is mainly concentrated on the Confidentiality of Data, the recovery of loss Data and the repair of error Data. We provide a security scheme for the Data stored in a remote cloud storage system, and the scheme is based on symmetric encryption technology and erasure codes. Boot password is adopted to avoid the problem of key preservation and management which is used in traditional symmetric encryption technology and tornado code is introduced as the basis for the redundant system to overcome the lost Data recovery issues. To the end, keyed-Hash which adds additional error correction function to the tornado code is brought forth to solve the problem of tampering of Data. The simulation results show that the scheme is efficient in recovering loss Data and provide good resistance to the Byzantine faults, meanwhile it has high computing efficiency, especially when processing a big file.
Jemal H. Abawajy - One of the best experts on this subject based on the ideXlab platform.
-
StenoCipher to Provide Data Confidentiality and Tampered Data Recovery for RFID Tag
Studies in Computational Intelligence, 2013Co-Authors: Biplob Ray, Morshed U. Chowdhury, Jemal H. AbawajyAbstract:Radio Frequency Identification (RFID) is an emerging wireless object identification technology with many potential applications such as supply chain management, personnel tracking and healthcare. However, security vulnerabilities of the RFID system have been a serious concern for its wide adoption in many applications. Although much work has been done to provide privacy and anonymity, little focus has been given to ensure RFID Data Confidentiality, integrity and to address the tampered Data recovery problem. To this end, we propose a lightweight stenographic-based approach to ensure RFID Data Confidentiality and integrity as well as the recovery of tampered RFID Data.
-
Hybrid Approach to Ensure Data Confidentiality and Tampered Data Recovery for RFID Tag
International Journal of Networked and Distributed Computing, 2013Co-Authors: Biplob Ray, Morshed U. Chowdhury, Jemal H. AbawajyAbstract:Radio Frequency Identification (RFID) is an emerging wireless object identification technology with many potential applications such as supply chain management, personnel tracking and healthcare. However, security vulnerabilities of the RFID system have been a serious concern for its wide adoption in many applications. Although there are lots of work to provide privacy and anonymity, little focus has been given to ensure Confidentiality and integrity of RFID tag Data. To this end, we propose a lightweight hybrid approach based on stenographic and watermarking to ensure Data Confidentiality, linkability resistance and integrity on the RFID tags Data. The proposed technique is capable of tampered Data recovering and restoring for RFID tag. It has been validated and tested on EPC class 1 gen2 tags.
