Balasubramanian Prabhu Kavin,Sannasi Ganapathy,U. Kanimozhi,Arputharaj Kannan

DOI: https://doi.org/10.1007/s11277-020-07613-7

IF: 2.017

2020-06-20

Wireless Personal Communications

Abstract:In this paper, we propose an enhanced security framework for securing the cloud users data in the cloud environment. This new security framework consists of access control methodology, encryption/decryption technique and digital signature algorithms. Here, a new Elliptic Curve Cryptography based key generation algorithm is proposed for generating highly secured keys. Moreover, a new Identity based Elliptic curve Access Control mechanism (Id-EAC) is also proposed in this paper for restricting the cloud user’s data accessibility over the different kind of data. In addition, a new binary value based two phase encryption and decryption algorithm that referred the elliptic curve cryptographic based key values is introduced to secure the cloud user’s data in the cloud environment. Finally, a new modulo function based Lightweight Digital Signature Algorithm is also proposed to ensure the data integrity in this proposed security framework. This security framework is provided the high data security, accessibility and integrity for the user data. The experimental results show that the efficiency of the proposed algorithms in this security framework is proved as better than other existing algorithms in terms of security and performance.

telecommunications

Selvaraj Jagadeesh,Sabna Machinchery Ali,Soundara Pandian Gnana Selvan,Mohammad Aljanabi,Manimaran Gopianand,John peter Jasmine Hephzipah

DOI: https://doi.org/10.37934/araset.32.1.4656

2023-08-19

Journal of Advanced Research in Applied Sciences and Engineering Technology

Abstract:As cloud computing has been increasingly used by businesses to address their data storage and processing needs. The private data can be stored and retrieved by the end user through remote storage using an affordable Internet connection in the cloud computing environment. The user may access the information whenever they want, from wherever. However, the data transmitted through the cloud is not always secure and data integrity and authentication may be compromised as the end user is only able to access the data through a third party. Cloud computing also enables numerous people to access information simultaneously over separate Internet connections, which might increase the risk of information loss or leakage. Several cryptographic methods like DES, 3DES, Blowfish, RSA, Diffie-Hellman have been developed to guarantee the safety and privacy of stored data. Since the business clients hesitate to adopt the cloud due to its less security. This paper suggests a method for exchanging cloud data that is both secure and efficient. The proposed method is mainly focused on higher security for the cloud computing platform by applying hybrid Modified Elliptic Curve Cryptography (MECC) method with the Advanced Encryption Standard (AES). In comparison to other methods, the hybrid ECC-AES strategy takes less time to encrypt and decode data owing to its reduced key size.

Paramita Chatterjee,Rajesh Bose,Subhasish Banerjee,Sandip Roy

DOI: https://doi.org/10.1007/s11277-023-10323-5

Abstract:Around the world, the educational system is evolving. The new trend can be found in traditional classroom systems as well as digitalization systems. Cloud-based Learning Management Systems (LMS) will accelerate the educational industry forward in the next years because they can provide end-user with a versatile, convenient, secure, and cost-effective learning process. The cloud-based LMS approach is the most effective and proper learning model in the worldwide educational sector, particularly if the organization is in a state of depression owing to a global pandemic. It can be utilized over the internet with several users on the same platform. As a result, the initial requirement is important to enable to the LMS model. Despite its many advantages, LMS confronts challenges such as confidentiality, user acceptance, and traffic. In a pandemic like Covid 19, the entire planet depends on a safe LMS platform to establish student and instructor trust. Therefore, with this work, the attempt has been made to explain one LMS model that may provide its users with optimal security, a user-friendly environment, and quick access. This paper discusses the use of the cloud attack, and also cryptographic and steganographic security models and techniques to address these issues. There's also information on what kinds of security vulnerabilities or operations on cloud data are feasible, and also how to deal with them using various algorithms.

D. Praveena,P. Rangarajan

DOI: https://doi.org/10.1007/s11042-018-6339-0

IF: 2.577

2018-07-04

Multimedia Tools and Applications

Abstract:Cloud computing facilitates the enormous support of the public, business and emerging applications such as healthcare and nature disasters. Based on their services and characteristics, it can be classified as private cloud and public cloud. In this scenario, we need these two kinds of cloud services for an organization to provide the better service to the society. For that purpose, introduced a new cloud service called hybrid cloud service which is the combination of both private and public cloud. Security to the cloud environment is a challenging issue today especially for the hybrid cloud due to the combination of both. Many security mechanisms available in the literature but these are not achieved the sufficient level of security. For this purpose, we propose a new machine learning application for providing security to the hybrid cloud networks while storing the data and retrieving or accessing the data from the cloud. This proposed algorithm combines an existing Enhanced C4.5, newly proposed deduplication processing algorithm and the newly proposed dynamic access control mechanism. Moreover, we introduce a new deduplication processing algorithm for secure storage and retrieval without duplication or redundancy. In addition, a newly proposed dynamic access control mechanism called Dynamic Spatial Role Based Access Control Algorithm is also used in the proposed security framework. The proposed security framework has been implemented and also evaluated that the security level of the hybrid cloud while storing, retrieving and accessing the data from the cloud database.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

Mohammad Y. Alshahrani

DOI: https://doi.org/10.3390/app12010074

2021-12-22

Applied Sciences

Abstract:Blockchain technology allows for the decentralized creation of a propagated record of digital events, in which third parties do not control information and associated transactions. This methodology was initially developed for value transmission. Still, it now has a broad array of utilization in various industries, including health, banking, the internet of things, and several others. With its numerous added benefits, a blockchain-based learning management system is a commonly utilized methodology at academic institutes, and more specifically during and after the COVID-19 period. It also presents several potentials for decentralized, interoperable record management in the academic system in education. Integrity, authenticity, and peer-executed smart contracts (SC) are some of the qualities of a blockchain that could introduce a new degree of safety, trustworthiness, and openness to e-learning. This research proposes a unique encryption technique for implementing a blockchain system in an e-learning (EL) environment to promote transparency in assessment procedures. Our methodology may automate evaluations and provide credentials. We built it to be analytical and content-neutral in order to demonstrate the advantages of a blockchain back-end to end-users, including student and faculty members particularly during this COVID-19 era. This article explains the employment of blockchain and SC in e-learning. To improve the trust in the assessment, we propose a novel improved elliptic curve cryptography algorithm (IECCA) for data encryption and decryption. The performance of the suggested method is examined by comparing it with various existing algorithms of encryption. The evaluation of the behaviour of the presented method demonstrates that the technique shall enhance trust in online educational systems, assessment processes, educational history, and credentials.

Sathish Chander Krishnan

DOI: https://doi.org/10.1016/j.future.2024.04.054

IF: 7.307

2024-05-19

Future Generation Computer Systems

Abstract:– The Internet of Things is susceptible to seepage of private information during the data sharing. To circumvent this problem, access control and secure data sharing have been familiarized in cloud- IoT which is prevalent now days due to it storage and data access services. An intrusion detection implementation defends the veracity of the data sharing confining record are stored in a data base by recognizing when something changed unpredictably so that security and privacy are major anxieties. Therefore, it is crucial to develop the security apparatus that perceive and mitigate any feasible attack in cloud security services. In this paper, we proposed secure access control method with two-fold revocation for ensuring cloud computing security by hybrid blockchain (AI-Hybrid chain). Initially, all the users and services are registered their credentials to Secure Agent (SA) and provides image-based user authentication. Then, SA provides a long-term secret key which is generated by Improved Advanced Encryption Standard (IAES) algorithm, both user and service credentials are encrypted and stored in cloud chain. After that, gateway verifies the incoming requests are legitimate or illegitimate. For verifying the incoming packets, the proposed work utilizes Di-Fuzzy Inference System (Di-FIS) based on effective metrics. Further, legitimate request is optimally classified as sensitive and non-sensitive request for achieving secure service allocation using Tomtit Flock Optimization algorithm (TFO) based on optimal features. Once the service is allocated to users, we perform novel access control mechanism based on role and attribute of the users, the trust can be validated using Transfer Learning based Double Deep Q Network (TL-DDQN). Furthermore, virtual firewall is deployed in the cloud environment for analyzing the user storage request traffic as normal validated using Transfer Learning based Double Deep Q Network (TL-DDQN). Furthermore, virtual firewall is deployed in the cloud environment for analyzing the user storage request traffic as normal and malicious based on Contractive Residual Network (Con-ResNet). The implementation of proposed work is conducted by Network Simulator – 3.26 and the performance of the proposed AI-Hybrid chain model is itemized based on various performance metrics in terms of attack detection rate, overhead, success ratio, throughput, traffic rate, delay, response time and unauthorized access.

computer science, theory & methods

D. Kalaiyarasi,R. Priscilla Joy,M. Victor Jose,P. Sridhar

DOI: https://doi.org/10.1007/s11276-024-03843-w

IF: 2.701

2024-11-23

Wireless Networks

Abstract:Cloud computing (CC) is the rapid utilization of network resources, specifically processing power and data storage, without the need for extra or direct customer management. One of the crucial and difficult problems facing the scientific and business user communities is ensuring security and trust between users ( ) and Cloud Service Providers (CSP) from malicious users. As a result, it is important to trust and cloud resources before using them. In this research, a novel two-phase Access Control (AC) mechanism based on Deep learning (DL) has been proposed to confirm the reliability of the cloud and the trust of the in the cloud environment. In the first phase, the Mamdani fuzzy method with Trapezoid fuzzy logic (TFL) is applied to assess the trust value (TV) of based on Bogus Requests (BR), Unauthorized Requests (UR), Forbidden Requests (FR), Not Found Requests (NFR), and User Behavior (UB). In the second phase, the ghost net is used for attribute matching for deciding to access or deny the user request based on TV. The efficacy of the developed methodology is examined by employing several parameters, such as Time, Accuracy (Acc), recall, F-measure, and precision. The overall accuracy of the proposed model is 1.41%, 2.61%, and 5.14% better than the Multidimensional Dynamic Trust Evaluation Scheme (MDTES), Evolutionary Genetic Algorithm with Intelligent Rules (EGAIR), and Task-Role Based Access Control (T-RBAC) respectively. In comparison to existing methodologies, the proposed method showed improved efficiency in terms of Acc, and prediction time.

computer science, information systems,telecommunications,engineering, electrical & electronic

Atul Kumar Srivastava,Dhiraj Pandey,Alok Agarwal

DOI: https://doi.org/10.1007/s11277-024-11021-6

IF: 2.017

2024-04-27

Wireless Personal Communications

Abstract:Due to the exponential growth of cloud data and network services, computational resources and cloud data security have one of the most attractive research issues in the real-time cloud environment. Numerous types of cloud services are combined into various domain applications, including, e-health, defence, clinical databases, and so on, for data storage and resource computing. However, a traditional challenge to consider is that the Data Owner (DO) no longer has the ability to modify the access control policy or key policy, resulting in data sharing inflexibility, inefficiency, and key abusers. To address these concerns, we propose an enhanced d level cut-off point-Quantum Secret Sharing (EdLCp-QSS) scheme based on an efficient Monitoring Key Ciphertext-ABE (MKCABE) –access control with Blockchain and Key Controller (EQMBK) mechanism for security. The proposed EQMBK mechanism provides security for monitoring the data from getting accessed by un-authorized users as well as offers updating security when a new user joins the cloud environment. The proposed EQMBK system ensures that data is not accessible by unauthorised users and that security is updated when a new user joins the cloud environment. Finally, experimental simulation reveals that the suggested technique is very efficient in preserving the privacy of the user's data against unauthorised parties in terms of computation time encryption time, system initialization time, key generation time, and decryption time. Furthermore, when compared to state-of-the-art techniques, the proposed methods are more resilient and provide greater performance.

telecommunications

Priyanka Kumari Bhansali,Dilendra Hiran,Hemant Kothari,Kamal Gulati

DOI: https://doi.org/10.1108/ijpcc-02-2022-0041

2022-05-18

International Journal of Pervasive Computing and Communications

Abstract:Purpose The purpose of this paper Computing is a recent emerging cloud model that affords clients limitless facilities, lowers the rate of customer storing and computation and progresses the ease of use, leading to a surge in the number of enterprises and individuals storing data in the cloud. Cloud services are used by various organizations (education, medical and commercial) to store their data. In the health-care industry, for example, patient medical data is outsourced to a cloud server. Instead of relying onmedical service providers, clients can access theirmedical data over the cloud. Design/methodology/approach This section explains the proposed cloud-based health-care system for secure data storage and access control called hash-based ciphertext policy attribute-based encryption with signature (hCP-ABES). It provides access control with finer granularity, security, authentication and user confidentiality of medical data. It enhances ciphertext-policy attribute-based encryption (CP-ABE) with hashing, encryption and signature. The proposed architecture includes protection mechanisms to guarantee that health-care and medical information can be securely exchanged between health systems via the cloud. Figure 2 depicts the proposed work's architectural design. Findings For health-care-related applications, safe contact with common documents hosted on a cloud server is becoming increasingly important. However, there are numerous constraints to designing an effective and safe data access method, including cloud server performance, a high number of data users and various security requirements. This work adds hashing and signature to the classic CP-ABE technique. It protects the confidentiality of health-care data while also allowing for fine-grained access control. According to an analysis of security needs, this work fulfills the privacy and integrity of health information using federated learning. Originality/value The Internet of Things (IoT) technology and smart diagnostic implants have enhanced health-care systems by allowing for remote access and screening of patients' health issues at any time and from any location. Medical IoT devices monitor patients' health status and combine this information into medical records, which are then transferred to the cloud and viewed by health providers for decision-making. However, when it comes to information transfer, the security and secrecy of electronic health records become a major concern. This work offers effective data storage and access control for a smart healthcare system to protect confidentiality. CP-ABE ensures data confidentiality and also allows control on data access at a finer level. Furthermore, it allows owners to set up a dynamic patients health data sharing policy under the cloud layer. hCP-ABES proposed fine-grained data access, security, authentication and user privacy of medical data. This paper enhances CP-ABE with hashing, encryption and signature. The proposed method has been evaluated, and the results signify that the proposed hCP-ABES is feasible compared to other access control schemes using federated learning.

Garima Verma,Soumen Kanrar

DOI: https://doi.org/10.3233/mgs-220361

2022-05-23

Multiagent and Grid Systems

Abstract:Nowadays cloud computing has given a new paradigm of computing. Despite several benefits of cloud computing there is still a big challenge of ensuring confidentiality and integrity for sensitive information on the cloud. Therefore to address these challenges without loss of any sensitive information and privacy, we present a novel and robust model called ‘Enhanced Cloud Security using Hyper Elliptic Curve and Biometric’ (ECSHB). The model ECSHB ensures the preservation of data security, privacy, and authentication of data in a cloud environment. The proposed approach combines biometric and hyperelliptic curve cryptography (HECC) techniques to elevate the security of data accessing and resource preservations in the cloud. ECSHB provides a high level of security using less processing power, which will automatically reduce the overall cost. The efficacy of the ECSHB has been evaluated in the form of recognition rate, biometric similarity score, False Matching Ratio (FMR), and False NonMatching Ratio (FNMR). ECSHB has been validated using security threat model analysis in terms of confidentiality. The measure of collision attack, replay attack and non-repudiation is also considered in this work. The evidence of results is compared with some existing work, and the results obtained exhibit better performance in terms of data security and privacy in the cloud environment.

V. Ezhil Arasi,K. Indra Gandhi,K. Kulothungan

DOI: https://doi.org/10.1007/s11227-021-04293-3

IF: 3.3

2022-01-26

The Journal of Supercomputing

Abstract:Data security in cloud data sharing system is effectively ensured by data access control mechanism. Data access control becomes more challenging because of intruders and malicious cloud servers. Most of the traditional approaches do not consider the issues in controlling user accessing cloud data storage and sharing. Ciphertext policy attribute-based encryption is one of the most effective techniques that provide secure data access control for sensitive data outsourced in cloud storage. However, in traditional cloud data sharing system, there are several issues regarding transaction traceability, user authorization, data ownership management and access control preservation. Also, traditional access control schemes do not have an effective method to compensate cloud users whose data integrity is lost. To handle these issues, we propose a new data sharing system auditable attribute-based encryption scheme that integrates the advantages of blockchain technology with attribute-based access control. We designed a trustworthy scheme which uses blockchain to provide attribute-based secure data sharing with integrity auditing. It also provides compensation to data owners, if their data integrity is lost. The security analysis demonstrates the improvement in performance of the proposed access control scheme over existing data sharing schemes. It provides efficient and secure data sharing, reliable traceability and equitable mediation. Thus, the proposed approach preserves the integrity, privacy, security and consistency of the stored data, thereby guaranteeing authorized data access control to cloud users.

A. Saranya,R. Naresh,Santhi Karuppiah,M. Jenifer

DOI: https://doi.org/10.1007/s00500-023-09514-w

IF: 3.732

2024-01-06

Soft Computing

Abstract:Electronic health records (EHRs) storage in mobile cloud environments has changed in recent years, with mobile devices coupled with cloud computing to allow patient-provider medical data transfers. This sophisticated concept allows low-cost, flexible healthcare using EHRs. However, this article implements e-health data privacy and network security. An electronic payment methodology for electronic health systems is being developed in this article to allow patients to connect with a trusted physician quickly by measuring their trust by an algorithm called fuzzy attributes optimization (FAO) was used in the bright yellow sunflower optimization (BYSO) procedure. Finally, an authorization and authentication structure must be developed to ensure that all actions involving the access of payment data are under the control of the user and the physician. Identification, authentication, and authorization may all be accomplished with the help of the Trust Impute Trio Hellman algorithm. A prototype implementation of the suggested approach was used to evaluate its effectiveness in the system. It's interesting to note that, despite the patient's option to hide their identity and establish a temporary one to complete the service, the recommended method does not require the patient to submit their identity on the doctor's website. In terms of secrecy, integrity, nonrepudiation, availability of anonymity, and authentication and authorization, our system has been determined to be much more secure than conventional techniques.

computer science, artificial intelligence, interdisciplinary applications

Reetu Gupta,Priyesh Kanungo,Nirmal Dagdee,Golla Madhu,Kshira Sagar Sahoo,N Z Jhanjhi,Mehedi Masud,Nabil Sharaf Almalki,Mohammed A AlZain

DOI: https://doi.org/10.3390/s23052617

2023-02-27

Abstract:With continuous advancements in Internet technology and the increased use of cryptographic techniques, the cloud has become the obvious choice for data sharing. Generally, the data are outsourced to cloud storage servers in encrypted form. Access control methods can be used on encrypted outsourced data to facilitate and regulate access. Multi-authority attribute-based encryption is a propitious technique to control who can access encrypted data in inter-domain applications such as sharing data between organizations, sharing data in healthcare, etc. The data owner may require the flexibility to share the data with known and unknown users. The known or closed-domain users may be internal employees of the organization, and unknown or open-domain users may be outside agencies, third-party users, etc. In the case of closed-domain users, the data owner becomes the key issuing authority, and in the case of open-domain users, various established attribute authorities perform the task of key issuance. Privacy preservation is also a crucial requirement in cloud-based data-sharing systems. This work proposes the SP-MAACS scheme, a secure and privacy-preserving multi-authority access control system for cloud-based healthcare data sharing. Both open and closed domain users are considered, and policy privacy is ensured by only disclosing the names of policy attributes. The values of the attributes are kept hidden. Characteristic comparison with similar existing schemes shows that our scheme simultaneously provides features such as multi-authority setting, expressive and flexible access policy structure, privacy preservation, and scalability. The performance analysis carried out by us shows that the decryption cost is reasonable enough. Furthermore, the scheme is demonstrated to be adaptively secure under the standard model.

Jananya Sivakumar,Sannasi Ganapathy

DOI: https://doi.org/10.1007/s11277-023-10813-6

IF: 2.017

2024-01-31

Wireless Personal Communications

Abstract:One of the most flamboyant technological novelties of today's world is cloud computing, which has been fuelled by the increase in the number of smart devices across the internet. With the continuous advancement in the technical field, cloud computing has played a significant role in enabling the user to share, store and retrieve data from anywhere at any time. The involvement of many users in cloud computing, questions the security of the data present on the cloud. Existing features in cloud security are vulnerable to potential risks including lack of confidentiality, integrity, and authentication. In this paper, we propose a new data security mechanism using newly proposed hybrid encryption system (HES) and quantum key distribution (QKD) for secured data communication in cloud networks. The newly proposed HES uses the standard cryptographic algorithms namely AES and RSA for performing effective encryption and decryption processes. The newly proposed QKD is ensured the secured data communications by generating and distributing the reliable keys to the authorized users. Moreover, the novelty is introduced in the suggested model ensures reliable distribution of keys among the users and in turn preserves the data through secure hybrid encryption. At the end, the scrutiny of the proposed system proves that it is preferable that the existing models in terms of secure communication, reliability and performance.

telecommunications

Sunitha Pachala,Ch. Rupa,L. Sumalatha

DOI: https://doi.org/10.1007/s12065-020-00555-w

2021-02-10

Evolutionary Intelligence

Abstract:Storing and accessing the information in the multi-cloud hosting environment becomes popular these days. It offers benefits like the assurance of data protection, preventing information corruption, unethical issues from vendors. In this paper, a hybrid approach with the multi-cloud hosting environment is designed and implemented for improved security and privacy of cloud data. The hybrid method consists of three modules (a) Byzantine protocol to tolerant security breaches to server failures cloud, which is independent. (b) DepSky architecture enhances the reliability and secrecy of data preserved in the cloud using encoding and decoding techniques (c) Shamir secret sharing procedure to improve trustiness & privacy of data storage without affecting the performance. The privacy and security issues of the hybrid approach are implemented and compared with the protocols like SAML with proxy re-encryption and Kerberos for different user service requests. The performance of the hybrid approach in terms of memory utilization, encryption/decryption time, total authentication time is improved compared to that of protocol environments SAML, SAML with proxy re-encryption and Kerberos. The results were encouraging in the Hybrid Approach in terms of encryption time/decryption time, Memory utilization and average precision values.

Gadde Swetha,Karur Janaki

DOI: https://doi.org/10.1007/s11042-022-12466-2

IF: 2.577

2022-04-21

Multimedia Tools and Applications

Abstract:Cloud storage system (CSS) is a significant service of cloud computing that permits the data owner to store their data in the cloud. Though the system is efficient, the system needs to provide privacy and security to the users. This paper presents a solution for securing multimedia data in the cloud using different techniques. The major phases of the proposed system are the data classification and data authentication phases. Initially, the acquired data is classified based on its sensitivity using the proposed optimized convolutional neural network (CNN-EEO). Then, the key pair is generated and encrypted using the proposed infinite elliptic curve cryptography with Merkle hash digest algorithm (IECC-MHDA). Finally, the classified data is encrypted using the proposed Kernel Homomorphic chaos encryption algorithm (KHCEA), which is decrypted at the user end. The simulation of the proposed scheme proved its excellence against the other existing schemes in terms of major metrics.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

Arthur S. Voundi Koe,Qi Chen,Juan Tang,Shan Ai,Hongyang Yan,Shiwen Zhang,Duncan S. Wong

DOI: https://doi.org/10.1002/int.23009

IF: 8.993

2022-09-09

International Journal of Intelligent Systems

Abstract:With recent advances in cloud computing, mobile devices are increasingly being used to record patient physiological parameters, and transfer them to a cloud‐based hospital information system, for access control mediation over a variety of stakeholders. In such a cloud‐based architecture, the patient must specify an access policy for a group of authorized parties towards its outsourced data. Multiauthority ciphertext‐policy attribute‐based encryption (CP‐ABE) was provided as an innovative cloud‐based access control cryptographic primitive to tackle the key escrow issue in a centralized architecture, and boost flexibility through cross‐domain attributes management. Existing works, however, still have glaring drawbacks. First, they still rely on a trusted authority to generate and distribute user secret keys. Second, they do not simultaneously provide encryption, decryption, or revocation outsourcing, resulting in high processing and communication cost for both the data sender and the data receiver. Third, they do not support both user and attribute revocation, and the integrity of ciphertext downloaded from the cloud is not always verified at the user end. As a result, this paper exploits the dummy attribute technique and introduces a novel, efficient, and secure multiauthority ciphertext‐policy ABE method for mediating access control over medical data, in the mobile cloud. The ciphertext access policy enforcement, partial ciphertext decryption, and both the user and attribute indirect revocation updates are safely outsourced to the cloud server in this study. Theoretical analysis demonstrates that our scheme is efficient and verifiable, and we prove that our construction is secure under the decisional bilinear Diffie‐Hellman assumption.

computer science, artificial intelligence

Kirtirajsinh Zala,Hiren Kumar Thakkar,Rajendrasinh Jadeja,Neel H Dholakia,Ketan Kotecha,Deepak Kumar Jain,Madhu Shukla

DOI: https://doi.org/10.1155/2022/3804553

2022-08-18

Abstract:Traditional healthcare services have changed into modern ones in which doctors can diagnose patients from a distance. All stakeholders, including patients, ward boy, life insurance agents, physicians, and others, have easy access to patients' medical records due to cloud computing. The cloud's services are very cost-effective and scalable, and provide various mobile access options for a patient's electronic health records (EHRs). EHR privacy and security are critical concerns despite the many benefits of the cloud. Patient health information is extremely sensitive and important, and sending it over an unencrypted wireless media raises a number of security hazards. This study suggests an innovative and secure access system for cloud-based electronic healthcare services storing patient health records in a third-party cloud service provider. The research considers the remote healthcare requirements for maintaining patient information integrity, confidentiality, and security. There will be fewer attacks on e-healthcare records now that stakeholders will have a safe interface and data on the cloud will not be accessible to them. End-to-end encryption is ensured by using multiple keys generated by the key conclusion function (KCF), and access to cloud services is granted based on a person's identity and the relationship between the parties involved, which protects their personal information that is the methodology used in the proposed scheme. The proposed scheme is best suited for cloud-based e-healthcare services because of its simplicity and robustness. Using different Amazon EC2 hosting options, we examine how well our cloud-based web application service works when the number of requests linearly increases. The performance of our web application service that runs in the cloud is based on how many requests it can handle per second while keeping its response time constant. The proposed secure access scheme for cloud-based web applications was compared to the Ethereum blockchain platform, which uses internet of things (IoT) devices in terms of execution time, throughput, and latency.

K. Sasikumar,Sivakumar Nagarajan

DOI: https://doi.org/10.1109/access.2024.3385449

IF: 3.9

2024-04-16

IEEE Access

Abstract:Cloud computing is a fast-growing industry that offers various online services, including software, computing resources, and databases. Its payment model is usage-based, whereas consistency is based on resource-sharing. Cloud storage is popular among individuals and businesses because it reduces cost, increases productivity, boosts performance, and improves security. However, cloud computing comes with security risks as data are stored with third-party providers, and Internet access limits visibility and control. Effective data security and data protection are key issues compared with traditional on-premise computing. There are several methods for ensuring data security in the cloud, of which cryptography is the most important. Cryptography offers a range of security features including authentication, confidentiality, integrity, and availability. However, a thorough examination of the different cryptography methods in a single study is lacking. This study comprehensively examined different cryptography methods, including deoxyribose nucleic acid (DNA), elliptic curve, homomorphic, hybrid, lightweight, and novel methods. The analysis addresses their methodology, algorithms, results, applications, and limitations and provides valuable suggestions for data security in the cloud. This paper proposes the use of elliptic curve cryptography (ECC) to ensure safe communication and lightweight cryptography for Internet of Things (IoT) devices with limited resources. This emphasizes the benefit of combining asymmetric security with symmetric efficiency in hybrid cryptography.

computer science, information systems,telecommunications,engineering, electrical & electronic

Atul B. Kathole,Kapil Netaji Vhatkar,Ankur Goyal,Shivkant Kaushik,Amita Sanjiv Mirge,Prince Jain,Mohamed S. Soliman,Mohammad Tariqul Islam

DOI: https://doi.org/10.1109/access.2024.3447829

IF: 3.9

2024-08-31

IEEE Access

Abstract:The rapid growth of the Internet of Medical Things (IoMT) has introduced significant security and privacy challenges in managing and protecting medical data. This paper proposes a secure federated cloud storage system designed to address these challenges using a hybrid heuristic attribute-based encryption (ABE) scheme integrated with a permissioned Blockchain. The proposed system enhances data confidentiality and integrity by first collecting medical information and then encrypting it with ABE using an optimal key generated by the Hybrid Mexican Axolotl with Energy Valley Optimizer (HMO-EVO). The encrypted data is securely stored in a permissioned blockchain, ensuring robust access control and protection against data breaches. For effective healthcare monitoring, the system employs federated learning with a Multi-scale Bi-Long Short-Term Memory and Gated Recurrent Unit (MBiLSTM-GRU) to predict diseases accurately. This federated approach allows for decentralized training of deep learning models, preserving patient data privacy while leveraging collective learning. Experimental results show that the proposed system outperforms conventional methods in terms of security, efficiency, and predictive accuracy. This research offers a comprehensive framework for secure medical data management, combining the strengths of federated learning and blockchain technology to address the critical issues of data ownership, regulatory compliance, and privacy in IoMT networks.

computer science, information systems,telecommunications,engineering, electrical & electronic