A privacy preserving homomorphic computing toolkit for predictive computation

Predictive computation now is a more and more popular paradigm for artificial intelligence. In this article, we discuss how to design a privacy preserving computing toolkit for secure predictive computation in smart cities. Predictive computation technology is very important in the management of cloud data in smart cities, which can realize intelligent computing and efficient management of cloud data in the city. Concretely, we propose a homomorphic outsourcing computing toolkit to protect the privacy of multiple users for predictive computation. It can meet the needs of large-scale users to securely outsource their data to cloud servers for storage, management and processing of their own data. This toolkit, using the Paillier encryption system and Lagrangian interpolation law, can implement most commonly basic calculations such as addition, subtraction, multiplication and division etc. It can also implement secure comparison of user data in the encrypted domain. In addition, we discuss how to implement the derivative of polynomial functions using our homomorphic computing encryption tool. We also introduce its application in neural networks. Finally, we demonstrate the security and efficiency of all our protocols through rigorous mathematical analysis and performance analysis. The results show that our toolkit is efficient and secure.     

Implementation and management of cloud security for industry 4.O - data using hybrid elliptical curve cryptography

Industry 4.0 places a premium on cloud security since more and more companies are moving their activities to the cloud to reap the benefits of the Fourth Industrial Revolution.The term “cloud computing” refers to a collection of Internet-based hardware and software tools. Providers of cloud services use data centers situated in various physical locations. Cloud computing makes life easier for users by making remote, simulated resources available over the internet. Google Apps and Microsoft SharePoint are two examples of popular cloud applications. In addition to its exciting potential, the “cloud computing” industry's lightning-fast expansion raises serious security concerns. When discussing security, cloud really suffers from Open Systems' and the internet's perennial problem. The only thing stopping the widespread use of cloud computing is the lack of trust in the system. There are a number of security concerns with cloud computing, including protecting user data and vetting cloud service providers' practices. Using encryption, confidential information can be sent over an unsecured channel without fear of data loss or manipulation. Data encryption using various protocols has been used in various settings. Different cryptosystems were developed and used at various times. Additionally, cloud computing enables multiple users to access and retrieve data simultaneously through their own personal Internet connections, which increases the risk of confidential data loss and exposure in a number of different places. Elliptic Curve Cryptography and other cryptographic algorithms have been used to develop numerous methods and protocols that guarantee the security and privacy of transmitted data. In this paper, we suggest a safe and efficient method for sharing information in the cloud without compromising its safety or integrity. The proposed system is able to guarantee authentication and data integrity because it uses a hybrid of the ECC and the Advanced Encryption Standard (AES) technique. The experimental results confirm the proposed approach outperforms the current gold standard.     

云计算环境下NOSQL数据库技术及应用研究

目前关系型数据库在云计算的平台下已经成为制约整个Web架构敏捷性和扩展性的瓶颈,而NoSQL可扩展的松耦合类型数据模式,以及在易用性、高度伸缩性、支持海量数据等方面所表现出来的优点,使其在云计算领域被广泛应用。分析了NoSQL数据库技术特点,并对目前应用的几种典型NOSQL数据库进行了分析比较。     

Efficient querying of multidimensional RDF data with aggregates: Comparing NoSQL,RDF and relational data stores

This paper proposes an approach to tackle the problem of querying large volume of statistical RDF data. Our approach relies on pre-aggregation strategies to better manage the analysis of this kind of data. Specifically, we define a conceptual model to represent original RDF data with aggregates in a multidimensional structure. A set of translations rules for converting a well-known multidimensional RDF modelling vocabulary into the proposed conceptual model is then proposed. We implement the conceptual model in six different data stores: two RDF triple stores (Jena TDB and Virtuoso), one graph-oriented NoSQL database (Neo4j), one column-oriented data store (Cassandra), and two relational databases (MySQL and PostGreSQL). We compare the querying performance, with and without aggregates, in these data stores. Experimental results, on real-world datasets containing 81.92 million triplets, show that pre-aggregation allows for reducing query runtime in all data stores. Neo4j NoSQL and relational databases with aggregates outperform triple stores speeding up to 99% query runtime.     

Towards performance evaluation of cloud service providers for cloud data security

Today’s data is sensitive that requires privacy and security both from the cloud service providers (CSP) as well as from users in its all the form of data states: data at rest, while transferring data, enquiring data, and processing the data. Cloud computing has been applied in the health sector, national security services, banking and other business and companies that store confidential data into the cloud as we have seen in recent years. Therefore, information and data security is a crucial issue that needs to be addressed thoroughly in the cloud computing business. This research deals with the performance analysis of recent cloud data security models. This paper proposes cloud data security models based on Business Process Modeling Notations (BPMN) and simulation results can reveal performances issues related to data security as part of any organizations initiative on Business process management (BPM).     

分布式网络环境下密码协议形式模型和安全性

随着互联网的应用和发展,各种类型的安全协议,包括具有多个角色、多种密码运算的复杂密码协议,已广泛应用于分布式系统中解决各种安全需求.在大规模分布式网络环境下,参与协议运行的主体是大数量的甚至是动态的,密码协议运行环境极为复杂,这使得密码协议的安全性描述和分析变得非常复杂.引入了一个新的代数系统刻画具有多种密码运算的消息代数,并提出了一个新的密码协议模型,描述了无边界网络中的攻击模式,通过建立形式语言规范了无边界网络环境下密码协议的运行环境和安全性质 该协议模型描述了一种“协同攻击”模式,并讨论了密码协议的安全性分析约简技术,给出一个新的安全自动分析过程的简要描述.     

云计算环境下数字图书馆网络虚拟化资源管理策略研究

针对云计算环境下数字图书馆网络虚拟化的资源分配、网络应用效率、安全性和经济性等问题,提出一种云计算环境下数字图书馆网络虚拟化管理策略。该策略大幅度增加了网络的数据交换效率,减少了骨干网络的数据流量,通过改善网络传输性能而提高了云计算系统效率。     

基于DEMATEL的学术信息资源云存储安全影响因素研究

[目的/意义]文章明确了目前影响学术信息资源云存储安全的关键影响因素。基于关键影响因素构建学术信息资源云存储安全保障策略,从而指导学术信息资源云存储安全保障实施。[方法/过程]结合学术信息资源云存储安全威胁分析和文献调研,对学术信息资源云存储安全的影响因素进行提取,再利用DEMATEL方法提炼出关键影响因素。[结果/结论]发现影响学术信息资源云存储安全的4大关键因素:访问控制、人员身份管理风险、数据完整性、数据丢失与泄露,并基于关键因素构建学术信息资源云存储安全保障方案。     

基于国密SM4和SM2的混合密碡算法研究与实现

现代密码技术在保证信息安全中起着至关重要的作用。SM4算法运算速度快,但存在密钥管理复杂并且安全性低的缺点;SM2算法安全性高、密钥管理简单,但存在对大块数据加解密速度慢和效率较低的缺点。提出一种基于SM4和SM2算法的混合加密算法,大量的主体明文数据采用加密速度极快的SM4算法,利用SM2算法加密SM4算法的密钥并和密文一起传输来避免SM4复杂的密钥管理,提高了数据安全性。经理论分析及在同方THD86芯片上的实验验证,该算法方便可行,加密、解密速度快且安全性高,在电子商务和电子政务中的应用具有良好的效果。     

Data and infrastructure security auditing in cloud computing environments

For many companies the remaining barriers to adopting cloud computing services are related to security. One of these significant security issues is the lack of auditability for various aspects of security in the cloud computing environment. In this paper we look at the issue of cloud computing security auditing from three perspectives: user auditing requirements, technical approaches for (data) security auditing and current cloud service provider capabilities for meeting audit requirements. We also divide specific auditing issues into two categories: infrastructure security auditing and data security auditing. We find ultimately that despite a number of techniques available to address user auditing concerns in the data auditing area, cloud providers have thus far only focused on infrastructure security auditing concerns.     

An empirical study on business analytics affordances enhancing the management of cloud computing data security

The mechanism of business analytics affordances enhancing the management of cloud computing data security is a key antecedent in improving cloud computing security. Based on information value chain theory and IT affordances theory, a research model is built to investigate the underlying mechanism of business analytics affordances enhancing the management of cloud computing data security. The model includes business analytics affordances, decision-making affordances of cloud computing data security, decision-making rationality of cloud computing data security, and the management of cloud computing data security. Simultaneously, the model considers the role of data-driven culture and IT business process integration. It is empirically tested using data collected from 316 enterprises by Partial Least Squares-based structural equation model. Without data-driven culture and IT business process integration, the results suggest that there is a process from business analytics affordances to decision-making affordances of cloud computing data security, decision-making rationality of cloud computing data security, and to the management of cloud computing data security. Moreover, Data-driven culture and IT business process integration have a positive mediation effect on the relationship between business analytics affordances and decision-making affordances of cloud computing data security. The conclusions in this study provide useful references for the enterprise to strengthen the management of cloud computing data security using business analytics.     

云计算环境下数字图书馆网络与数据中心智能化管理策略研究

本文结合云计算技术特点,提出了一种新的基于云计算的数字图书馆数据中心架构体系。针对数据中心系统架构,提出了基于分布式存储和虚拟化技术的云图书馆智能化管理策略。该策略在云图书馆网络与数据中心管理中具有可用、可扩展、易管理、安全的特点,为云图书馆基础设施和云数据管理带来了低成本、高效率、安全、有效、可靠等便利。     

A reversible and secure patient information hiding system for IoT driven e-health

Internet of things (IoT) coupled with mobile cloud computing has made a paradigm shift in the service sector. IoT-assisted mobile cloud based e-healthcare services are making giant strides and are likely to change the conventional ways of healthcare service delivery. Though numerous approaches for preventing unauthorized access to information exchanged between a mobile phone and cloud platform do exist, but there is no security mechanism to prevent unauthorized access by the cloud administrators. With an aim to ensure security of client data such as Electronic Patient Records (EPR), we propose a novel high-capacity and reversible data hiding approach for securely embedding EPR within the medical images using Optimal Pixel Repetition (OPR). OPR converts every pixel of the input image to a 2 × 2 block to facilitate reversibility by ensuring all the pixels in a 2 × 2 block to have different values. Since a 2 × 2 block is comprised of 4-pixel elements, which could be arranged in sixteen possible ways; we generate a lookup table corresponding to sixteen possible positions of pixels. EPR hiding in each block is achieved by permuting the pixels of a block according to the four-bit word of secret data, resulting in a histogram invariant stego image. The histogram invariance improves the robustness of the proposed scheme to statistical attacks. A stego image is said to hide embedded data securely, when it provides better imperceptivity for an appreciably high payload. Thus, while using information embedding approach for securing client data on a mobile-cloud platform, high imperceptivity is a desirable feature. Experimental results show that average PSNR obtained is 42 dB for payload 1.25 bpp by our scheme, showing its effectiveness for preventing unauthorized access to client’s sensitive data.     

A fad or future of IT?: A comprehensive literature review on the cloud computing research

Cloud computing is now a global trend and during the past decade, has drawn attention from both academic and business communities. Although the evolution of cloud computing has not reached the maturity level, there is still adequate research about the topic. The main purpose of this paper is to examine the development and evolution of cloud computing over time. A content analysis was conducted for 236 scholarly journal articles, which were published between 2009 and 2014 in order to (i) identify the possible trends and changes in cloud computing over the six years, (ii) compare publishing productivity of journals about the cloud computing subject, and (iii) guide future research about cloud computing. The results show that the majority of the cloud computing research is about “cloud computing adoption” (19%), and it was followed by the “legal and ethical issues” of cloud computing (15%). It is also found that “cloud computing for mobile applications” (6%), “benefits & challenges of cloud computing” (5%) and “energy consumption dimension of cloud computing” (4%) are the least attention-grabbing themes in the literature. However, “cloud computing for mobile applications” and “energy consumption dimension of cloud computing” themes have become popular in the last two years, so they are expected to be trendy topics of the near future. Finally, another finding of this study is that the majority of the articles were published by engineering, information systems or technical journals such as “IT Professional Magazine”, “International Journal of Information Management” and “Mobile Networks and Applications”. It seems as if this topic is generally ignored by the managerial and organizational journals even though the impact of cloud computing on organizations and institutions is immense and is in need of investigation.     

数字图书馆云存储系统安全架构与安全策略研究

本文首先介绍了云存储的技术架构和应用原理,然后分析了云存储系统及其应用过程中的数据安全性问题,最后提出了一种基于云计算环境下图书馆新的安全存储策略。新策略从数据传输到存储建立了相应的保护措施,有效保护了云存储数据安全。     

Lockbox: mobility,privacy and values in cloud storage

This paper examines one particular problem of values in cloud computing: how individuals can take advantage of the cloud to store data without compromising their privacy and autonomy. Through the creation of Lockbox, an encrypted cloud storage application, we explore how designers can use reflection in designing for human values to maintain both privacy and usability in the cloud.     

高校图书馆面临的数据安全问题及防护策略研究

[目的/意义]研究有效的数据安全防护策略,以应对高校图书馆面临的数据安全威胁,为高校图书馆提升服务质量和效率提供可靠的技术保障。[方法/手段]运用云存储、分级加密、大数据分析、WAF、RBAC等技术和生命周期理论,结合高校图书馆面临的数据安全问题,从存储安全、网络安全、隐私泄露三方面进行分析、研究。[结论/结果]从数据云安全存储、提高网络安全防护技术、基于数据生命周期的隐私保护三方面提出多维、有效的高校图书馆数据安全防护策略。     

云管理平台自动化测试框架研究

随着人们对云计算认识的不断深入,基于IaaS（基础设施即服务）的云管理产品也如雨后春笋般出现。通过对云管理平台的自动化测试技术进行研究,提出了一种适用于云管理平台的面向对象的业务流程测试框架,简称OBP。通过在开源云管理平台产品CloudStack上进行实验,探讨了其云管理平台的架构、功能模块、业务逻辑,并对实验结果进行了详细分析,最终论证了云管理平台自动化测试采用OBP框架的高可行性与高效性。     

公共云存储平台中学术信息资源一体化内容安全保障研究

【目的/意义】公共云存储平台中学术信息资源的内容安全保障既关系到用户科研活动的持续性和稳定性, 也符合云环境下学术信息资源的数据管理需求。【方法/过程】本文在分析了学术信息资源内容安全特点及其对云 存储平台内容安全保障的影响的基础上,结合学术信息资源内容安全特点,提出从内容安全审核、存储控制、传播 控制入手,构建面向学术信息资源的一体化内容安全保障模型。【结果/结论】设计了基于学术信息资源云存储流程 的一体化内容安全保障模型,同时论证了该模型的推进需要同步落实专门化的学术信息资源云存储服务组织、推 进云存储用户实名制、提高身份认证安全等级以及强化用户协同机制和约束机制。【创新/局限】关注到了资源行业 领域特点导致的内容安全保障需求差异,提出了基于内容安全审核结果的分级存储控制和实时传播控制机制,进 而构建了存储、使用到传播的一体化学术信息资源内容安全保障方案。     

区域公共云图书馆安全访控平台构建研究

文章简述了区域云图书馆系统的应用模式,概述了它在运行过程中存在的安全隐患。指出要实现区域云图书馆的安全运行,既要加强制度建设,更要注重安全技术的选择。作者提出了基于PKI和PMI技术的区域云图书馆用户认证和访控解决方案。该方案能安全高效地满足区域云图书馆在用户身份认证、访问控制、信息保密、数据保护和安全审计等方面的需求,是较理想的区域云图书馆安全解决思路。文章就提出的方案,详细阐述了它的设计实现思路。