A privacy preserving homomorphic computing toolkit for predictive computation

Predictive computation now is a more and more popular paradigm for artificial intelligence. In this article, we discuss how to design a privacy preserving computing toolkit for secure predictive computation in smart cities. Predictive computation technology is very important in the management of cloud data in smart cities, which can realize intelligent computing and efficient management of cloud data in the city. Concretely, we propose a homomorphic outsourcing computing toolkit to protect the privacy of multiple users for predictive computation. It can meet the needs of large-scale users to securely outsource their data to cloud servers for storage, management and processing of their own data. This toolkit, using the Paillier encryption system and Lagrangian interpolation law, can implement most commonly basic calculations such as addition, subtraction, multiplication and division etc. It can also implement secure comparison of user data in the encrypted domain. In addition, we discuss how to implement the derivative of polynomial functions using our homomorphic computing encryption tool. We also introduce its application in neural networks. Finally, we demonstrate the security and efficiency of all our protocols through rigorous mathematical analysis and performance analysis. The results show that our toolkit is efficient and secure.     

Enhanced Certificateless Auditing Protocols for Cloud Data Management and Transformative Computation

Due the advent of new wireless communication, Internet of Things (IoT) and cloud computing, outsourcing the data processing and management to the cloud servers has become a typical transformative computing paradigm. In this context, a cloud auditing protocol is an effective way to check the data integrity for cloud data management. We present a cryptanalysis of two recently proposed certificateless public verifiable auditing protocols, the Zhang et al.’s protocol and the Kang et al.’s protocol. We argue that the tags in the Zhang et al.’s protocol and the semi-tags in the Kang et al.’s protocol can be forged, leading to insecure protocols. We propose improved versions of both protocols and analyze their security and efficiency. Our new protocols can be used as a very effective way for checking the integrity of outsourced cloud storage in the context of transformative computation.     

Towards performance evaluation of cloud service providers for cloud data security

Today’s data is sensitive that requires privacy and security both from the cloud service providers (CSP) as well as from users in its all the form of data states: data at rest, while transferring data, enquiring data, and processing the data. Cloud computing has been applied in the health sector, national security services, banking and other business and companies that store confidential data into the cloud as we have seen in recent years. Therefore, information and data security is a crucial issue that needs to be addressed thoroughly in the cloud computing business. This research deals with the performance analysis of recent cloud data security models. This paper proposes cloud data security models based on Business Process Modeling Notations (BPMN) and simulation results can reveal performances issues related to data security as part of any organizations initiative on Business process management (BPM).     

Data and infrastructure security auditing in cloud computing environments

For many companies the remaining barriers to adopting cloud computing services are related to security. One of these significant security issues is the lack of auditability for various aspects of security in the cloud computing environment. In this paper we look at the issue of cloud computing security auditing from three perspectives: user auditing requirements, technical approaches for (data) security auditing and current cloud service provider capabilities for meeting audit requirements. We also divide specific auditing issues into two categories: infrastructure security auditing and data security auditing. We find ultimately that despite a number of techniques available to address user auditing concerns in the data auditing area, cloud providers have thus far only focused on infrastructure security auditing concerns.     

基于属性加密的云存储访问控制研究

云存储技术迅猛发展的同时也引起诸多安全问题,在云存储环境中,数据被外包给云服务器而处于用户控制之外,如何实施新颖可信的访问控制技术就变得非常关键。作为一类新兴的公钥加密技术,基于属性的加密算法以其灵活性被广泛应用在云存储访问控制方案的设计中。文章提出了一种基于属性加密的云存储访问控制方案,方案可以实现安全的云存储,系统采用基于角色的访问控制技术实现身份验证、对属性的加密/解密以及对非敏感数据的访问。最后通过仿真实验证明该方案是一种可以保证数据完整性和机密性的云存储访问控制。     

A fad or future of IT?: A comprehensive literature review on the cloud computing research

Cloud computing is now a global trend and during the past decade, has drawn attention from both academic and business communities. Although the evolution of cloud computing has not reached the maturity level, there is still adequate research about the topic. The main purpose of this paper is to examine the development and evolution of cloud computing over time. A content analysis was conducted for 236 scholarly journal articles, which were published between 2009 and 2014 in order to (i) identify the possible trends and changes in cloud computing over the six years, (ii) compare publishing productivity of journals about the cloud computing subject, and (iii) guide future research about cloud computing. The results show that the majority of the cloud computing research is about “cloud computing adoption” (19%), and it was followed by the “legal and ethical issues” of cloud computing (15%). It is also found that “cloud computing for mobile applications” (6%), “benefits & challenges of cloud computing” (5%) and “energy consumption dimension of cloud computing” (4%) are the least attention-grabbing themes in the literature. However, “cloud computing for mobile applications” and “energy consumption dimension of cloud computing” themes have become popular in the last two years, so they are expected to be trendy topics of the near future. Finally, another finding of this study is that the majority of the articles were published by engineering, information systems or technical journals such as “IT Professional Magazine”, “International Journal of Information Management” and “Mobile Networks and Applications”. It seems as if this topic is generally ignored by the managerial and organizational journals even though the impact of cloud computing on organizations and institutions is immense and is in need of investigation.     

云计算安全风险因素挖掘及应对策略

云计算作为一种全新的服务模式,其特点决定了它面临着比传统网络和信息安全更多的安全风险问题,且该问题已成为制约云计算发展的重要因素.介绍了云计算体系结构及特征,分析了云计算安全风险研究现状,重点剖析了云计算技术和管理的安全风险因素,并给出应对策略,可供云服务商、云用户和云监管机构参考或借鉴,对云计算的进一步发展具有一定的指导意义.     

Cloud computing as an innovation: Percepetion,attitude, and adoption

Cloud computing is a current trend that reveals the next-generation application architecture and it is estimated that by 2013 the cloud market will have reached $8.1bn. While cloud services such as webmail, Flickr and YouTube have been widely used by individuals for some time, it not until relatively recently that organisations have began to use cloud services as a tool for meeting their IT needs. This study aims to investigate how cloud computing is understood by IT professionals and the concerns that IT professionals have in regard to the adoption of cloud services. The study was carried out in Taiwan and used a survey by interview approach to understand IT professionals’ understandings and concerns about cloud computing. The findings of the study suggest that while the benefits of cloud computing such as its computational power and ability to help companies save costs are often mentioned in the literature, the primary concerns that IT managers and software engineers have are compatibility of the cloud with companies’ policy, IS development environment, and business needs; and relative advantages of adopting cloud solutions. The findings also suggest that most IT companies in Taiwan will not adopt cloud computing until the uncertainties associated with cloud computing, e.g. security and standardisation are reduced and successful business models have emerged.     

基于云计算信息处理系统体系结构设计

研究面向云计算的智能管理系统的体系架构与集约化数据管理的理论和方法。建立面向云计算的智能管理系统原型,数据空间的模式规范化理论和需求归约化方法,实现云计算个性化管理;采用分离式管理架构,实现按需双向动态一致性维护,多源、非结构数据的抽取、融合与分析;建立面向数据安全与隐私保护的安全体系结构,保证系统中各类数据的安全和可信。     

利用文件加密文件

当今社会,对网络中传输的数据进行加密已变得越来越重要,特别是一些机密文件在网络上传输必须采取加密措施。加密可有效地防止有用或私有化信息在网络上被拦截和窃取。本文通过VS.NET2005下创建一个Visual C# windows应用程序,来实现利用文件加密文件。利用该程序可以实现文本文件、Office文件、RAR压缩文件、多媒体文件等各种类型文件的加密和解密,其密钥同样为各种类型的文件,相比字符加密方式,该方法更加安全高效。     

Cloud computing enabled business model innovation

Cloud computing's primary layer of security is its widespread adoption by businesses due to its ability to provide easy, on-demand network access to a large pool of configurable processing resources. Pressure from developed-world governments to keep up with the latest IT trends makes it challenging for colleges around the world to adopt cloud computing in engineering education. Although cloud computing as a concept has become more popular in recent times and quite a few studies have been conducted, the adoption and application level is still very low, particularly in developing countries. This study provides a realistic framework for gauging the sustainability of a company model. While digitalization is widely acknowledged to be crucial, the study's results reveal that the perceived available options for business model innovation depend not only on the value proposition itself but also on the position in the value network. The primary goal of this research is to create a cloud computing service provider business model that is built on circular economy principles and can guarantee the sustainable usage of cloud computing resources.     

融入区块链即服务的科技服务数据共享机制

针对目前科技服务数据管理中普遍存在的数据标准多样化、壁垒多,数据交互及时性与安全性难以得到保障等问题,综合考虑安全性、易用性和可扩展性等,在科技服务数据管理中融入区块链即服务(BaaS)架构和思想方法构建数据共享系统结构,基于系统结构和数据分类结构构建数据共享实现机制。基于此机制,根据数据交互流程设计出科技服务数据分类结构,实现对数据整合及其所有权确定;利用智能合约和加密密钥实现对数据的有效检索和共享,并保证数据共享过程中的安全性和隐私性。研究以期为科技服务业的创新发展及其数据管理标准化提供参考。     

An empirical study on business analytics affordances enhancing the management of cloud computing data security

The mechanism of business analytics affordances enhancing the management of cloud computing data security is a key antecedent in improving cloud computing security. Based on information value chain theory and IT affordances theory, a research model is built to investigate the underlying mechanism of business analytics affordances enhancing the management of cloud computing data security. The model includes business analytics affordances, decision-making affordances of cloud computing data security, decision-making rationality of cloud computing data security, and the management of cloud computing data security. Simultaneously, the model considers the role of data-driven culture and IT business process integration. It is empirically tested using data collected from 316 enterprises by Partial Least Squares-based structural equation model. Without data-driven culture and IT business process integration, the results suggest that there is a process from business analytics affordances to decision-making affordances of cloud computing data security, decision-making rationality of cloud computing data security, and to the management of cloud computing data security. Moreover, Data-driven culture and IT business process integration have a positive mediation effect on the relationship between business analytics affordances and decision-making affordances of cloud computing data security. The conclusions in this study provide useful references for the enterprise to strengthen the management of cloud computing data security using business analytics.     

云计算技术在图书馆中的应用研究

云计算是一种新型的基于互联网的商业计算模型,它是分布式处理、并行处理和网格计算的发展,具有安全可靠、海量信息存储、快速方便等特点。云计算以其独特的优势被各个国际著名厂商重视,并在各领域都起到一定的影响,同样它也将对图书馆的发展产生深远影响。现今,图书馆应该思考的是如何运用云计算来调整服务模式,以便更加有效地适应读者与图书馆之间的互动,并解决好云计算运用过程中出现的数据安全、标准和版权等方面问题。     

云计算环境下移动平台数据终端应用模式研究

云计算是一种新兴的计算技术,可以利用互联网向用户提供各种应用服务。用户无需知晓、了解和控制这些服务的知识技术架构,而能对云端资源应用自如。在了解云计算环境下移动平台数据终端需求的基础上,分析了其网络体系架构,并利用云计算服务模式,给出了其应用模式和实现机制。     

云计算环境下信息安全法律存在的问题及应对策略分析

云计算代表一个新的商业模式,以服务的形式提供数据资源,在互联网上按用户的使用量收费。在本文中,我们假设云计算可以被描述为一个复杂的系统,在分析云计算环境下的信息安全面临挑战的原因分析的基础上,从法律角度阐述了实现云计算面临的安全风险以及相应的解决措施。     

基于DEMATEL的学术信息资源云存储安全影响因素研究

[目的/意义]文章明确了目前影响学术信息资源云存储安全的关键影响因素。基于关键影响因素构建学术信息资源云存储安全保障策略,从而指导学术信息资源云存储安全保障实施。[方法/过程]结合学术信息资源云存储安全威胁分析和文献调研,对学术信息资源云存储安全的影响因素进行提取,再利用DEMATEL方法提炼出关键影响因素。[结果/结论]发现影响学术信息资源云存储安全的4大关键因素:访问控制、人员身份管理风险、数据完整性、数据丢失与泄露,并基于关键因素构建学术信息资源云存储安全保障方案。     

The role of trust and risk perceptions in cloud archiving — Results from an empirical study

This study presents and empirically validates a model that strives to explain end-user adoption of cloud storage as a means of personal archiving. Drawing from prior research on IT adoption, trust, risk and cloud computing, we develop a technology acceptance model that incorporates users' perceptions of risk and trust as well as major antecedents of trust. The research model is empirically tested with survey data collected from 229 cloud storage users. Our results show that trust can be conceived of as a factor that mitigates uncertainty and reduces the perception of risk, which is a significant inhibitor of the intention to use cloud storage for archiving. We find evidence that trust can be increased through both the provider's reputation and user satisfaction. Based on the results, we highlight important practical implications that can be used to inform marketing efforts of cloud storage providers and further suggest some opportunities for future research.     

基于FileDisk开发虚拟硬盘软件

计算机已普遍应用到各行各业的各个角落,而计算机文件的存储方式多种多样,但传统的加密方式无法很好满足计算机用户组织及个人资料保密的需要。文章以开发虚拟硬盘软件WinDiskXP为例提供一种可加密的存储方法帮助用户解决个人信息保密的困扰。