Imran Makhdoom,Mehran Abolhasan,Justin Lipman

DOI: https://doi.org/10.1016/j.cose.2022.102784

2022-09-01

Abstract:Data encryption aims to protect the confidentiality of data at storage, during transmission, or while in processing. However, it is not always the optimum choice as attackers know the existence of the ciphertext. Hence, they can exploit various weaknesses in the implementation of encryption algorithms and can thus decrypt or guess the related cryptographic primitives. Moreover, in the case of proprietary applications such as online social networks, users are at the mercy of the vendor’s security measures. Therefore, users are vulnerable to various security and privacy threats. Contrary to this, covert communication techniques hide the existence of communication and thus achieve security through obscurity and hidden communication channels. Over the period, there has been a significant advancement in this field. However, existing literature fails to encompass all the aspects of covert communications in a single document. This survey thus endeavors to highlight the latest trends in covert communication techniques, related challenges, and future directions.

computer science, information systems

Wen-Guey Tzeng,A. Yao

2014-01-01

Abstract:S.Thivaharan Assistant Professor, Dept of Information Technology Kalaignar Karunanidhi Institute of Technology Coimbatore, India s.thivaharan@gmail.com. Abstract— Cryptography is the art and science of achieving security by encoding the message or data to make them unreadable. It is related to the aspects of network security such as privacy, reliability and accessibility of the data. A cryptosystem or cryptographic system is only the authenticated way in which user can access the encrypted data and decrypt it. The authenticated messages are shared between the authorized users. Security in cloud computing is a major concern. There are some cryptosystem techniques introduced in this security. First, Attribute Based Encryption is a public key encryption technique which is used to enable the access control over the encrypted data using qualified attributes. Second, Identity Based Encryption allows for a sender can encrypt a message to an identity without access to a public key certificate. Third, a new public key cryptosystem encrypt a message not only a public key but also under an identifier of the ciphertext classes.

Yoshita Sharma,Himanshu Gupta,Sunil Kumar Khatri

DOI: https://doi.org/10.1109/aicai.2019.8701398

2019-02-01

Abstract:As we all are aware that internet acts as a depository to store cyberspace data and provide as a service to its user. cloud computing is a technology by internet, where a large amount of data being pooled by different users is stored. The data being stored comes from various organizations, individuals, and communities etc. Thus, security and privacy of data is of utmost importance to all of its users regardless of the nature of the data being stored. In this research paper the use of multiple encryption technique outlines the importance of data security and privacy protection. Also, what nature of attacks and issues might arise that may corrupt the data; therefore, it is essential to apply effective encryption methods to increase data security.

Sandeep K. Sood

DOI: https://doi.org/10.1016/j.jnca.2012.07.007

IF: 7.574

2012-11-01

Journal of Network and Computer Applications

Abstract:Cloud computing is a forthcoming revolution in information technology (IT) industry because of its performance, accessibility, low cost and many other luxuries. It is an approach to maximize the capacity or step up capabilities vigorously without investing in new infrastructure, nurturing new personnel or licensing new software. It provides gigantic storage for data and faster computing to customers over the internet. It essentially shifts the database and application software to the large data centers, i.e., cloud, where management of data and services may not be completely trustworthy. That is why companies are reluctant to deploy their business in the cloud even cloud computing offers a wide range of luxuries. Security of data in cloud is one of the major issues which acts as an obstacle in the implementation of cloud computing. In this paper, a frame work comprising of different techniques and specialized procedures is proposed that can efficiently protect the data from the beginning to the end, i.e., from the owner to the cloud and then to the user. We commence with the classification of data on the basis of three cryptographic parameters presented by the user, i.e., Confidentiality (C), Availability (A) and Integrity (I).The strategy followed to protect the data utilizes various measures such as the SSL (Secure Socket Layer) 128-bit encryption and can also be raised to 256-bit encryption if needed, MAC (Message Authentication Code) is used for integrity check of data, searchable encryption and division of data into three sections in cloud for storage. The division of data into three sections renders supplementary protection and simple access to the data. The user who wishes to access the data is required to provide the owner login identity and password, before admittance is given to the encrypted data in Section 1, Section 2, and Section 3.

computer science, interdisciplinary applications, software engineering, hardware & architecture

Amit Kumar,Santosh Malhotra

DOI: https://doi.org/10.48550/arXiv.1511.00568

2015-11-02

Cryptography and Security

Abstract:In a brave new age of global connectivity and e-commerce, interconnections via networks have heightened, creating for both individuals and organizations, a state of complete dependence upon vulnerable systems for storage and transfer of information. Never before, have so many people had power in their own hands. The power to deface websites, access personal mail accounts, and worse more the potential to bring down entire governments, and financial corporations through openly documented software codes. This paper discusses the possible exploits on typical network components, it will cite real life scenarios, and propose practical measures that can be taken as safeguard. Then, it describes some of the key efforts done by the research community to prevent such attacks, mainly by using Firewall and Intrusion Detection Systems.

Sunaina Bagga

DOI: https://doi.org/10.55524/ijircst.2021.9.6.69

2021-11-01

Abstract:Numerous firm’s architectures management of data guarantees substantially alter method, gain access to maintain private commercial business. Occur additional facts protection problems. Existing statistics safety methods have limits in preventing records legal assaults, in particular these performed by utilizing companion diploma business executives to the cloud dealer to monitor data get right of entry to within the cloud and find out unusual records get right of entry to. Sorts require method of building a machine robust protection privateer’s statistic through files person team customer’s technique much documents. Not simply the encryption keys but also the search keys need to be utilized and consumers have to keep their keys resistant and disseminated. The cutting-edge current gadget the place the facts proprietor can solely share one key with the user, whether or not it is any kind of document, massive or small variety of documents, and the function of the person is to cross a lure in the cloud of overall performance checking out and safety evaluation of shared documents, which is an impenetrable and superb proposed gives schemes. And consumers are also extremely concerned about data sharing storage, inexplicable information leak in the cloud, and harmful attackers. In the article, an experiment is done to format a method for encryption for impenetrable statistics allocation.

N. Jayapandian,Rahman,S. Radhikadevi,M. Koushikaa,A. M. J. Md. Zubair Rahman

DOI: https://doi.org/10.1109/startup.2016.7583904

2016-02-01

Abstract:Cloud is a modern business sharing data or information with great effectiveness of infrastructures it plays a major role in world wide. As in the information technology sector defines cloud security is the evolving sub domain of computer security and information security. Here the organization uses the cloud as a many service model (Saas, Pass and Iass)and deployment model (private, public, hybrid and community). In this type of model the responsibilities more for secure the information of the customer, So the organization ensures the different way to monitor and secure the data and information from hacking. They offer suspicious activity for their customer data by enhancing the data with encryption and decryption. Encryption makes the access method of proving the original data to be duplicated form and then the client can also be constructed with the proper decryption of the data to prevent the information from eavesdroppers from accessing Symmetric keys encryption or secret key encryption. The Key should be distributed before transmission between entities, then key play vital role for security. DES is In Asymmetric key encryption or public key encryption on that private and public keys are used in the encryption level on cloud. The Public key is used for encrypting the file and private key is used to decrypt the file. Because user tends to use two keys public this is known to public and private who is known to the user a type of algorithm such as RSA. Here we analysis the document is encrypted and then which efficient in that way of approach.

Shaik Rasool,G. Sridhar,K. Hemanth Kumar,P. Ravi Kumar

DOI: https://doi.org/10.48550/arXiv.1110.1701

2011-10-08

Cryptography and Security

Abstract:This paper puts forward a safe mechanism of data transmission to tackle the security problem of information which is transmitted in Internet. The encryption standards such as DES (Data Encryption Standard), AES (Advanced Encryption Standard) and EES (Escrowed Encryption Standard) are widely used to solve the problem of communication over an insecure channel. With advanced technologies in computer hardware and software, these standards seem not to be as secure and fast as one would like. In this paper we propose a encryption technique which provides security to both the message and the secret key achieving confidentiality and authentication. The Symmetric algorithm used has two advantages over traditional schemes. First, the encryption and decryption procedures are much simpler, and consequently, much faster. Second, the security level is higher due to the inherent poly-alphabetic nature of the substitution mapping method used here, together with the translation and transposition operations performed in the algorithm. Asymmetric algorithm RSA is worldwide known for its high security. In this paper a detailed report of the process is presented and analysis is done comparing our proposed technique with familiar techniques

Shubhanjali Sharma,Garima Gupta,P. R. Laxmi,P.R.Laxmi

DOI: https://doi.org/10.48550/arXiv.1403.5627

2014-03-22

Distributed, Parallel, and Cluster Computing

Abstract:Today, cloud computing is an emerging way of computing in computer science. Cloud computing is a set of resources and services that are offered by the network or internet. Cloud computing extends various computing techniques like grid computing, distributed computing. Today cloud computing is used in both industrial field and academic field. Cloud facilitates its users by providing virtual resources via internet. As the field of cloud computing is spreading the new techniques are developing. This increase in cloud computing environment also increases security challenges for cloud developers. Users of cloud save their data in the cloud hence the lack of security in cloud can lose the users trust. In this paper we will discuss some of the cloud security issues in various aspects like multi-tenancy, elasticity, availability etc. The paper also discuss existing security techniques and approaches for a secure cloud. This paper will enable researchers and professionals to know about different security threats and models and tools proposed.

Elisa Bertino

DOI: https://doi.org/10.1561/1900000014

2010-01-01

Foundations and Trends in Databases

Abstract:<div>As organizations depend on, possibly distributed, information systems for operational, decisional and strategic activities, they are vulnerable to security breaches leading to data theft and unauthorized disclosures even as they gain productivity and efficiency advantages. Though several techniques, such as encryption and digital signatures, are available to protect data when transmitted across sites, a truly comprehensive approach for data protection must include mechanisms for enforcing access control policies based on data contents, subject qualifications and characteristics, and other relevant contextual information, such as time. It is well understood today that the semantics of data must be taken into account in order to specify effective access control policies. To address such requirements, over the years the database security research community has developed a number of access control techniques and mechanisms that are specific to database systems. In this monograph, we present a comprehensive state of the art about models, systems and approaches proposed for specifying and enforcing access control policies in database management systems. In addition to surveying the foundational work in the area of access control for database systems, we present extensive case studies covering advanced features of current database management systems, such as the support for fine-grained and context-based access control, the support for mandatory access control, and approaches for protecting the data from insider threats. The monograph also covers novel approaches, based on cryptographic techniques, to enforce access control and surveys access control models for objectdatabases and XML data. For the reader not familiar with basic notions concerning access control and cryptography, we include a tutorial presentation on these notions. Finally, the monograph concludes with a discussion on current challenges for database access control and security, and preliminary approaches addressing some of these challenges.<h3>Suggested Citation</h3>Elisa Bertino, Gabriel Ghinita and Ashish Kamra (2011), "Access Control for Databases: Concepts and Systems", Foundations and Trends® in Databases: Vol. 3: No. 1–2, pp 1-148. http://dx.doi.org/10.1561/1900000014</div>

Sachin Gupta

DOI: https://doi.org/10.32628/cseit241051048

2024-10-15

Abstract:This technical article explores advanced encryption techniques for enhancing database security in cloud environments, addressing the growing need for robust data protection as organizations increasingly migrate to cloud-based solutions. The article covers encryption standards such as AES-256, RSA, and Elliptic Curve Cryptography, as well as key management approaches using Hardware Security Modules (HSMs) and Key Management Services (KMS). It also delves into cutting-edge concepts like homomorphic encryption and quantum-resistant algorithms. The discussion encompasses performance optimization strategies and regulatory compliance considerations, providing a comprehensive overview of the current state and future trends in cloud database security.

Yu-Ding WANG,Jia-Hai YANG,Cong XU,Xiao LING,Yang YANG

DOI: https://doi.org/10.13328/j.cnki.jos.004820

2015-01-01

Abstract:With the intensive and large scale development of cloud computing, security becomes one of the most important problems. As an important part of security domain, access control technique is used to limit users' capability and scope to access data and ensure the information resources not to be used and accessed illegally. This paper focuses on the state-of-the-art research of access control technology in cloud computing environment. First, it briefly introduces access control theory, and discusses the access control framework in cloud computing environment. Then, it thoroughly surveys the access control problems in cloud computing environment from three aspects including cloud access control model, cloud access control based on ABE (attribute-based encryption) cryptosystem, and multi-tenant and virtualization access control in cloud. In addition, it probes the best current practices of access control technologies within the major cloud service providers and open source cloud platforms. Finally, it summarizes the problems in the current research and prospects the development of future research.

Geethu Thomas,Prem Jose V,P.Afsar

DOI: https://doi.org/10.48550/arXiv.1310.8392

2013-10-31

Abstract:Cloud Computing has been envisioned as the next generation architecture of IT Enterprise. The Cloud computing concept offers dynamically scalable resources provisioned as a service over the Internet. Economic benefits are the main driver for the Cloud, since it promises the reduction of capital expenditure and operational expenditure. In order for this to become reality, however, there are still some challenges to be solved. Most important among these are security and trust issues,since the users data has to be released to the Cloud and thus leaves the protection sphere of the data <a class="link-external link-http" href="http://owner.In" rel="external noopener nofollow">this http URL</a> contrast to traditional solutions, where the IT services are under proper physical,logical and personnel controls, Cloud Computing moves the application software and databases to the large data centers, where the management of the data and services may not be fully trustworthy. This unique attribute, however, poses many new security challenges which have not been well understood. Security is to save data from danger and vulnerability. There are so many dangers and vulnerabilities to be handled. Various security issues and some of their solution are explained and are concentrating mainly on public cloud security issues and their solutions. Data should always be encrypted when stored(using separate symmetric encryption keys)and transmitted. If this is implemented appropriately, even if another tenant can access the data, all that will appear is gibberish. So a method is proposed such that we are encrypting the whole data along with the cryptographic key.

Distributed, Parallel, and Cluster Computing,Cryptography and Security

D Ramesh,B Rama,Ramesh D,Rama B

DOI: https://doi.org/10.11591/ijece.v8i6.pp5443-5448

2018-12-01

International Journal of Electrical and Computer Engineering (IJECE)

Abstract:The main role of key assortment crypto techniques will helpful to provide the security to the sensitive data and play the key role for business developments. Some of the problems are rising when the scheme will sustain the possession control to present the latest set of technical and business concerns. Some of the complex challenges are waiting for the optimistic solutions. The challenges are: In the planned storage confidentiality implicated outline, the stipulation of encryption framework for the data which is conserve the self tunning to execute major key constratints by concerining their files which is imposed plaintext belonging, the owners of the privacy-data preserve the seclusion power over their own information to formulate assured wide-ranging service operations and the owners of data are facing the complexity to organize their possess data which is accessible-mode in cloud servers, concerned inner services: topology architecture type of implicated data with their operations, associated secrecy-privacy-secrecy dynamic replicas for make use of the databased security within their range of format and secretarial services with their encrypted data execution control. To overcome theses in convinces this paper is proposing the technical ideals through the algorithmic methodology along the graphical flow based architecture. This paper is proposing the key assortment crypto techniques implicated algorithm for clients and end-users to reduce the above mention complex difficulties; it describes the primary encryption implicated techniques and various levels of cryptographic algorithms with their implications along with extensions of cloud implicated data security and digital forensics implicated appliances which is implicated with enhanced various hash functions.

English Else

Manasvi Malhar Sudershan,Sai Varshan Pydakula,Aarthi Priya R

DOI: https://doi.org/10.32628/cseit2390130

2023-03-05

Abstract:In the present scenario, no technology that's connected to the internet is unhackable. All digital services like internet communication, military and medical imaging systems, multimedia systems require reliable security in storage and transmission of digital images. The importance of protecting digital images cannot be overstated. Therefore, there is a need for image encryption techniques in order to hide images from such attacks. In this encryption process, we use AES and RSA Algorithm in order to hide images. This encryption techniques helps us to avoid intrusive attacks. Since, the image is encrypted using the AES technique, only the receiver can view it, as the key is known only to the sender and receiver. Overall, image encryption improves data integrity and can raise consumer trust.

Jananya Sivakumar,Sannasi Ganapathy

DOI: https://doi.org/10.1007/s11277-023-10813-6

IF: 2.017

2024-01-31

Wireless Personal Communications

Abstract:One of the most flamboyant technological novelties of today's world is cloud computing, which has been fuelled by the increase in the number of smart devices across the internet. With the continuous advancement in the technical field, cloud computing has played a significant role in enabling the user to share, store and retrieve data from anywhere at any time. The involvement of many users in cloud computing, questions the security of the data present on the cloud. Existing features in cloud security are vulnerable to potential risks including lack of confidentiality, integrity, and authentication. In this paper, we propose a new data security mechanism using newly proposed hybrid encryption system (HES) and quantum key distribution (QKD) for secured data communication in cloud networks. The newly proposed HES uses the standard cryptographic algorithms namely AES and RSA for performing effective encryption and decryption processes. The newly proposed QKD is ensured the secured data communications by generating and distributing the reliable keys to the authorized users. Moreover, the novelty is introduced in the suggested model ensures reliable distribution of keys among the users and in turn preserves the data through secure hybrid encryption. At the end, the scrutiny of the proposed system proves that it is preferable that the existing models in terms of secure communication, reliability and performance.

telecommunications

Tulasi Udupa A,Sushma Jayaram,Shreya Ganesh Hegde

2024-03-18

Abstract:The rapid development of computer network system brings both a great convenience and new security threats for users. Network security problem generally includes network system security and data security. Specifically, it refers to the reliability of network system, confidentiality, integrity and availability of data information in the system. This paper introduces the significance of network security systems and highlights related technologies, mainly authentication, data encryption, firewall and antivirus technology. Network security problems can be faced by any network user, therefore we must greatly prioritize network security, try to prevent hostile attacks and ensure the overall security of the network system.

Cryptography and Security

Kefa Rabah

DOI: https://doi.org/10.3923/itj.2005.307.325

2005-09-15

Information Technology Journal

Abstract:Over the last decade the world has seen an astounding growth of information technology that has resulted in significant advances in cryptography to protect the integrity and confidentiality of data. The most affected is the financial sector and the e-commerce over the Internet, which requires secure data transfer, or handling during any transaction of business. Secrecy is the heart of cryptography. Encryption is a practical means to achieve information secrecy. In this aspect DES (Data Encryption Standard)- A symmetric key cryptography and its variant triple DES, has over the last three decades played major role in securing data in this sector of the economy and within other governmental and private sector security agencies. In this study the theory and implementation of DES and its suitability in securing data in future will be described. Comparison with other symmetric key crypto-algorithm will also be considered.

Anirban Bhowmik,Sunil Karforma

DOI: https://doi.org/10.1007/s10660-021-09477-w

2021-04-10

Electronic Commerce Research

Abstract:Electronic commerce is the buying and selling of goods and services, or the funds transfer between independent organizations and/or persons over an electronic wireless network, primarily the Internet. It focuses on the use of ICT to enable the external activities and relationship among the business and individuals, groups and other business. These business transactions occur in many formats such as business-to-business, business-to-consumer, consumer-to-consumer or consumer-to-business. It is the one type of trading in products or services using wireless networks like Internet or online social media networks etc. Here the computers, telephones, fax machines, barcode readers, credit cards, debit cards, ATM etc. are used for conducting business in e-commerce system. E-commerce includes the activities such as order entry, transaction processing, online payment, authentication, order fulfillment, inventory control, shipment, and customer support. At present most of the people are participating in e-commerce. In E-commerce system privacy and security of user's information is the most crucial issue at present. Electronic record related to organization or person is sensitive in nature so, it is very significant to impose an advanced security protocol, technical solutions in the system. E-commerce security is the protection of e-commerce assets from unauthorized access, use, alteration, or destruction. In this paper we have focused on security issue like technical safeguards for e-commerce. Our technique proposes an LFSR, pell's method and Linear congruence based security model for data security in e-commerce. Here two types of keys i.e., intermediate key, session key are used for encryption-decryption and authentication purpose. This new approach of key generation provides extra robustness in our technique. The different types of experiments on this technique and their results conforms that our technique is very secure and efficient for e-business, e-commerce.

management,business

Dr. Bhumika Charnanand,Chetan Rathod

DOI: https://doi.org/10.22214/ijraset.2023.55512

2023-08-31

International Journal for Research in Applied Science and Engineering Technology

Abstract:Abstract: With the rapid advancement of technology across various fields, the significance of security has grown exponentially. As information is transmitted over networks or stored in devices, the question of data security has become a critical aspect of technology. To address this concern, data encryption is employed, wherein the data is encoded in a secure manner. However, the pressing question remains: can data truly be safeguarded against all cyber-attacks? In order to encrypt data, different algorithms are utilized, each with its own unique characteristics and level of security. The purpose of this paper is to delve into the impact of various types of attacks on these encryption algorithms. By examining the vulnerabilities and weaknesses of different encryption methods, we aim to gain a comprehensive understanding of the effectiveness of these algorithms when subjected to cyber-attacks.