Visible to the public Big Data Security Issues in the Cloud 2015Conflict Detection Enabled

SoS Newsletter- Advanced Book Block


SoS Logo

Big Data Security Issues in the Cloud



Big data security in the Cloud is a growing area of interest for cybersecurity researchers. The work presented here ranges from
cyber-threat detection in critical infrastructures to privacy protection. This work was presented in 2015.

S. K. Madria, “Tutorial I: Security and Privacy of Big Data in a Cloud Environment,” Innovations in Information Technology (IIT), 2015 11th International Conference on, Dubai, 2015, pp. XXXV-XXXVI. doi: 10.1109/INNOVATIONS.2015.7381498
Abstract: Summary form only given. Security and privacy of big data is of primary concern for many applications. For example, in case of smart meters, data of the consumers must be protected else private information can be leaked. Similarly, due to the cost-efficiency, reduced overhead management and dynamic resource needs, content owners are outsourcing their data to the cloud who can act as a service provider on their behalf. However, by outsourcing their data to the cloud, the owners may lose access control and privacy of data as cloud becomes a third party. By using these data storage services, the data owners can relieve the burden of local data storage and maintenance. However, since data owners and the cloud servers are not in the same trusted domain, the outsourced data may be at risk as the cloud server may no longer be fully trusted. Therefore, data integrity is of critical importance. Cloud should let the owners or a trusted third party to check for the integrity of their data storage without demanding a local copy of the data. Owners often replicate their data on the cloud servers across multiple data centers to provide a higher level of scalability, availability, and durability. However, the data owners need to be strongly convinced that the cloud is storing data copies agreed on in the service level contract, and data-updates have been correctly executed on all the remotely stored copies. In this tutorial, some of these problems will be explored. Some of the topics to be covered include: Security and Privacy Issues in Big Data Management, Secure Data Processing and Access Control of Big Data in Cloud, Data Integrity Verification of Big Data in Cloud, and Security and Privacy of Sensing Data for Big Data Applications.
Keywords: Big Data; authorisation; cloud computing; data privacy; Big Data privacy; Big Data security; access control; cloud environment; data availability; data durability; data integrity; data maintenance; data outsourcing; data scalability; data storage; sensing data; Big data; Cloud computing; Computer science; Data privacy; Memory; Security; Servers (ID#: 16-9808)


G. Smorodin and O. Kolesnichenko, “Big Data as the Big Game Changer,” Application of Information and Communication Technologies (AICT), 2015 9th International Conference on, Rostov on Don, 2015, pp. 40-43. doi: 10.1109/ICAICT.2015.7338512
Abstract: Big Data is the phenomenon of the Information era. Big Data is a new dimension to explore, collecting Big Data we fix the time. Big Data has some functions, including impact on society, form spatio-temporal structures, change the world and future, and integration society with IT technologies. Most important aspect is risk in Cloud computing. To leverage risks, secure Cloud services and get additional benefits an Integrated Approach should be applied. It is important to separate the various kinds of “Security” needs when considering Cloud computing issues. Also Security Analyst should be included into Data Science Team. Data-driven economy is based on three points: open data, legislation for Big Data, and education. For students is very important practical training that engages students into the culture of Big Data Analytics. This opportunity provides the EMC Academic Alliance Russia & CIS through the establishment of ad-hoc Big Data Analytics Teams among universities. The results of the first stage of launched in 2015 the Big Data Analytics Multicenter Study are presented.
Keywords: Big Data; cloud computing; data analysis; security of data; Big Data analytics; Big Data-driven ideology; Big Data-driven world; IT technologies; big game changer; data-driven economy; education; information era; legislation; open data; risks; secure cloud services; security; spatio-temporal structures; Big data; Blogs; Force; Terrorism; Cloud computing; Data Analytics Multicenter Study; Federation Business Data Lake; Security Integrated Approach (ID#: 16-9809)


D. S. Terzi, R. Terzi and S. Sagiroglu, “A Survey on Security and Privacy Issues in Big Data,” 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST), London, 2015, pp. 202-207. doi: 10.1109/ICITST.2015.7412089
Abstract: Due to the reasons such as the rapid growth and spread of network services, mobile devices, and online users on the Internet leading to a remarkable increase in the amount of data. Almost every industry is trying to cope with this huge data. Big data phenomenon has begun to gain importance. However, it is not only very difficult to store big data and analyze them with traditional applications, but also it has challenging privacy and security problems. For this reason, this paper discusses the big data, its ecosystem, concerns on big data and presents comparative view of big data privacy and security approaches in literature in terms of infrastructure, application, and data. By grouping these applications an overall perspective of security and privacy issues in big data is suggested.
Keywords: Big Data; data privacy; security of data; Internet; big data analysis; big data phenomenon; big data privacy; big data security; huge data; mobile devices; network services; online users; Big data; Cloud computing; Cryptography; Data privacy; Distributed databases; Monitoring; Hadoop security; anonymization; auditing; big data; cloud security; key management; monitoring (ID#: 16-9810)


Kavitha S, Yamini S and Raja Vadhana P, “An Evaluation on Big Data Generalization Using k-Anonymity Algorithm on Cloud,” Intelligent Systems and Control (ISCO), 2015 IEEE 9th International Conference on, Coimbatore, 2015, pp. 1-5. doi: 10.1109/ISCO.2015.7282237
Abstract: Nowadays data security plays a major issue in cloud computing and it remains a problem in data publishing. Lot of people share the data over cloud for business requirements which can be used for data analysis brings privacy as a big concern. In order to protect privacy in data publishing the anonymization technique is enforced on data. In this technique the data can be either generalized or suppressed using various algorithms. Top Down Specialization (TDS) in k-Anonymity is the majorly used generalization algorithm for data anonymization. In cloud the privacy is given through this algorithm for data publishing but another bigger problem is scalability of data. When data is tremendously increased on cloud which is shared for the data analysis there anonymization process becomes tedious. Big Data helps here in a way that large scale data can be partitioned using mapreduce framework on cloud. In our approach the data is anonymized using two phases Map phase and Reduce phase using Two Phase Top Down Specialization (Two Phase TDS) algorithm and the scalability and efficiency of Two Phase TDS is experimentally evaluated.
Keywords: Big Data; cloud computing; data analysis; data privacy; Big Data generalization; Mapreduce framework; business requirements; data anonymization; data publishing; data scalability; data security; k-anonymity algorithm; large scale data; map phase; privacy protection; reduce phase; two phase TDS algorithm; two phase top down specialization; Algorithm design and analysis; Games; ISO Standards; Indexing; Privacy; Sugar; Data anonymization; Data privacy; Data publishing; Generalization; k-Anonymity
(ID#: 16-9811)


S. Fugkeaw and H. Sato, “Privacy-Preserving Access Control Model for Big Data Cloud,” 2015 International Computer Science and Engineering Conference (ICSEC), Chiang Mai, 2015, pp. 1-6. doi: 10.1109/ICSEC.2015.7401416
Abstract: Due to the proliferation of advanced analytic applications built on a massive scale of data from several data sources, big data technology has emerged to shift the paradigm of data management. Big data management is usually taken into data outsourcing environment such as cloud computing. According to the outsourcing environment, security and privacy management becomes one of the critical issues for business decision. Typically, cryptographic-based access control is employed to support privacy-preserving authentication and authorization for data outsourcing scenario. In this paper, we propose a novel access control model combining Role-based Access Control (RBAC) model, symmetric encryption, and ciphertext attribute-based encryption (CP-ABE) to support fine-grained access control for big data outsourced in cloud storage systems. We also demonstrate the efficiency and performance of our proposed scheme through the implementation.
Keywords: Big Data; authorisation; cloud computing; cryptography; data privacy; message authentication; outsourcing; CP-ABE; RBAC model; advanced analytic applications; authorization; big data cloud; ciphertext attribute-based encryption; cloud storage systems; cryptographic-based access control; data management; data outsourcing environment; fine-grained access control; privacy-preserving authentication; role-based access control model; symmetric encryption; Access control; Big data; Cloud computing; Data models; Encryption; Access Control; Cloud Computing; RBAC (ID#: 16-9812)


M. Xiao, M. Wang, X. Liu and J. Sun, “Efficient Distributed Access Control for Big Data in Clouds,” 2015 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), Hong Kong, 2015, pp. 202-207. doi: 10.1109/INFCOMW.2015.7179385
Abstract: The term big data refers to the massive amounts of digital information, which can be efficiently stored and processed on a cloud computing platform. However, security and privacy issues are magnified by high volume, variety, and velocity of big data. Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is a promising cryptographic primitive for the security of cloud storage system and can bring together data leakage prevention and fine-grained access control. The existing researches on applying CP-ABE to cloud storage system mainly focus on the efficiency of decryption and user revocation, and some special improvements have been done to alleviate the workloads of data owners and users, such as proxy re-encryption and decryption outsourcing. However, the complexity of user revocation is still linearly correlated with the number of ciphertexts and users in the system. Therefore, in a big data environment with mass data and users, user revocation is still a challenge. In this paper, we propose a distributed, scalable and fine-grained access control scheme with efficient decryption and user revocation for the big data in clouds. We also present a new multi-authority CP-ABE scheme for supporting the efficient decryption outsourcing, user revocation and dynamically joining and exiting of attribute authorities. In our scheme, user revocation is only related to revoked user and can achieve both forward security and backward security. The system analysis shows that our scheme is efficient and provably secure in the generic group model.
Keywords: Big Data; authorisation; cloud computing; cryptography; backward security; ciphertext-policy attribute-based encryption; cloud storage system; data leakage prevention; decryption outsourcing; distributed access control; fine-grained access control; forward security; proxy re-encryption; Cryptography; Outsourcing; Servers; CP-ABE; access control; big data; decryption out-sourcing; user revocation (ID#: 16-9813)


H. Jean-Baptiste, M. Qiu, K. Gai and L. Tao, “Meta Meta-Analytics for Risk Forecast Using Big Data Meta-Regression in Financial Industry,” Cyber Security and Cloud Computing (CSCloud), 2015 IEEE 2nd International Conference on, New York, NY, 2015, pp. 272-277. doi: 10.1109/CSCloud.2015.69
Abstract: The growing trend of the e-banking has driven the implementations of big data in financial industry. Data analytic is considered one of the most critical aspects in current economic development, which is broadly accepted in various financial domains, such as risk forecast and risk management. However, gaining an accurate risk prediction is still a challenging issue for current financial service institutions and the hazards can be caused in various perspectives. This paper proposes an approach using meta meta-analytics for risks forecast in big data. The proposed model is Meta Meta-Analytics Risk Forecast Model (MMA-RFM) with a crucial algorithm Regression with Meta Meta-Analytics Algorithm (RMMA). The proposed schema has been examined by the experimental evaluation in which it performs an optimized performance.
Keywords: Big Data; banking; data analysis; financial data processing; meta data; regression analysis; risk management; MMA-RFM; R-MMA; big data metaregression; data analytics; e-banking; financial industry; financial service institutions; meta meta-analytics risk forecast model; regression with meta meta-analytics algorithm; risk management; Analytical models; Big data; Mathematical model; Prediction algorithms; Predictive models; Reliability; Risk management; Meta meta-analytics; big data; metaregression; risk forecast
(ID#: 16-9814)


X. Feng, B. Onafeso and E. Liu, “Investigating Big Data Healthcare Security Issues with Raspberry Pi,” Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing (CIT/IUCC/DASC/PICOM), 2015 IEEE International Conference on, Liverpool, 2015, pp. 2329-2334. doi: 10.1109/CIT/IUCC/DASC/PICOM.2015.344
Abstract: Big Data on Cloud application is growing rapidly. When cloud is attacked, one of the solutions is to get digital forensics evidence. This paper proposed data collection via raspberry pi (RP) devices, assume in a healthcare situation [18].The significance of this work is it could be expanded into a digital device array that takes big data security issues into account. There are many potential impacts in health area. The field of Digital Forensics Science has been tagged as are active science by some who believe research and study in the field often arise as a result of the need to respond to event which brought about the needs for investigation, this work was carried as a proactive research that will add knowledge to the field of Digital Forensic Science. The raspberry pi is a cost effective, pocket sized computer that has gained global recognition since its development in 2008, with the wide spread usage of the device for different computing purposes. It is safe to assume that the device will be a topic of forensic investigation in the nearest future. This work has used a systematic approach to study the structure and operation of the device and has established security issues that the widespread usage of the device can pose, such as health or smart city. As well as its evidential information that will be useful in the event that the device becomes a subject of digital forensics investigation in the foreseeable future.
Keywords: Big Data; cloud computing; digital forensics; health care; Raspberry Pi devices; big data healthcare security issues; cloud application; data collection; digital device array; digital forensics evidence; digital forensics science; healthcare situation; smart city; Big data; Computers; DNA; Digital forensics; Law enforcement; Security; Big Data Forensics; Healthcare; IoTS; Raspberry-pi Application (ID#: 16-9815)


G. C. Fox, J. Qiu, S. Kamburugamuve, S. Jha and A. Luckow, “HPC-ABDS High Performance Computing Enhanced Apache Big Data Stack,” Cluster, Cloud and Grid Computing (CCGrid), 2015 15th IEEE/ACM International Symposium on, Shenzhen, 2015, pp. 1057-1066. doi: 10.1109/CCGrid.2015.122
Abstract: We review the High Performance Computing Enhanced Apache Big Data Stack HPC-ABDS and summarize the capabilities in 21 identified architecture layers. These cover Message and Data Protocols, Distributed Coordination, Security & Privacy, Monitoring, Infrastructure Management, DevOps, Interoperability, File Systems, Cluster & Resource management, Data Transport, File management, NoSQL, SQL (NewSQL), Extraction Tools, Object-relational mapping, In-memory caching and databases, Inter-process Communication, Batch Programming model and Runtime, Stream Processing, High-level Programming, Application Hosting and PaaS, Libraries and Applications, Workflow and Orchestration. We summarize status of these layers focusing on issues of importance for data analytics. We highlight areas where HPC and ABDS have good opportunities for integration.
Keywords: Big Data; SQL; cache storage; data privacy; monitoring; open systems; parallel processing; security of data; Apache Big Data stack; DevOps; HPC-ABDS; NewSQL; NoSQL; batch programming model; data transport; distributed coordination; file management; file systems; high performance computing; in-memory caching; infrastructure management; interoperability; message and data protocols; object-relational mapping; privacy; resource management; security; stream processing; Big data; Cloud computing; Distributed databases; Google; Programming; Security; Apache Big Data Stack; HPC (ID#: 16-9816)


D. Zhang, B. H. Yan, Z. Feng, K. Y. Qi and Z. Y. Su, “Inverse Clustering-Based Job Placement Method for Efficient Big Data Analysis,” High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conference on Embedded Software and Systems (ICESS), 2015 IEEE 17th International Conference on, New York, NY, 2015, pp. 1796-1799. doi: 10.1109/HPCC-CSS-ICESS.2015.124
Abstract: To efficiently exploit the inherent values of big data, the large-scale data center with multiple compute nodes is deployed. In this scenario, the job placement method becomes the key issue to match the compute nodes with the data analysis jobs, to balance the workloads among the nodes and meet the resource requirements for various jobs. In this work, an inverse clustering-based job placement method is proposed. Jobs are represented as feature vectors of resource utilizations and priorities. Then contrary to the regular clustering procedure, the proposed inverse clustering method organizes jobs with the largest different feature vectors into the same groups. Jobs in the same groups are placed on to the same nodes. Consequently, jobs assigned on the same nodes utilize different types of resources and are labeled with different priorities. In our simulation experiments, a global load and priority balances are achieved with the proposed inverse clustering method.
Keywords: Big Data; computer centres; data analysis; pattern clustering; resource allocation; Big Data analysis; compute nodes; data center; feature vector; global load balance; inverse clustering-based job placement method; priority balance; resource utilization; workload balancing; Adaptation models; Big data; Cloud computing; Computers; Dynamic scheduling; Optimization; Resource management; big data; job placement; resource scheduling (ID#: 16-9817)


L. Voronova and N. Kazantsev, “The Ethics of Big Data: Analytical Survey,” 2015 IEEE 17th Conference on Business Informatics, Lisbon, 2015, pp. 57-63. doi: 10.1109/CBI.2015.27
Abstract: The number of recent publications on the matter of ethical challenges of the implementation of Big Data has signified the growing interest to all the aspects of this issue. The proposed study specifically aims at analyzing ethical issues connected with Big Data.
Keywords: Big Data; ethical aspects; ethical issues; Big data; Business; Cloud computing; Data protection; Ethics; Security; Cloud Computing; Ethical Issues; Ethics; Safety (ID#: 16-9818)


H. Liang and K. Gai, “Internet-Based Anti-Counterfeiting Pattern with Using Big Data in China,” High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conferen on Embedded Software and Systems (ICESS), 2015 IEEE 17th International Conference on, New York, NY, 2015, pp. 1387-1392. doi: 10.1109/HPCC-CSS-ICESS.2015.137
Abstract: Cloud-based trading platforms have become a broadly accepted business approach in China. Flexible and scalable online services have brought enormous benefits for e-commerce. However, many cloud-based e-commerce providers are encountering a serious challenge from counterfeits, which is already harmful for many Chinese e-commerce companies. This paper addresses anti-counterfeit issues and proposes a novel mechanism for proactively prevent counterfeits in the Chinese context. The proposed paradigm also considers the cost-benefit and profit-maximizations. The model was evaluated by the case study research with examining various use cases. Four use cases are represented in this paper and the outcomes of the use cases proved the efficiency of the proposed model.
Keywords: Big Data; business data processing; cloud computing; cost-benefit analysis; electronic commerce; profitability; Chinese e-commerce companies; Internet-Based anticounterfeiting pattern; business approach; cloud-based e-commerce providers; cloud-based trading platforms; cost-benefit analysis; flexible-scalable online services; proactive counterfeit prevention; profit-maximization; Authentication; Big data; Business; Cloud computing; Counterfeiting; Economics; Mathematical model; Anti-counterfeiting pattern; big data; cost-benefit principle; profit-maximization model (ID#: 16-9819)


F. Rashid, A. Miri and I. Woungang, “Proof of Storage for Video Deduplication in the Cloud,” 2015 IEEE International Congress on Big Data, New York, NY, 2015, pp. 499-505. doi: 10.1109/BigDataCongress.2015.79
Abstract: With the advent of cloud computing and its technologies, including data deduplication, more freedom are offered to the users in terms of cloud storage, processing power and efficiency, and data accessibility. The digital data has attained unexceptional growth due to the common use of internet and digital devices giving rise to Big Data problem world wise. These huge volumes of data need some practical platforms for the storage, processing and availability and cloud technology offers all the potentials to fulfil these requirements. Data deduplication is referred to as a strategy offered to cloud storage providers (CSPs) to eliminate the duplicate data and keep only a single unique copy of it for storage space saving purpose to condense Big Data issues. But these benefits also come with data security and privacy issues associated with the cloud technology since the data owner looses the physical control of its data once uploaded in the cloud storage and the CSP gains a complete ownership of the data. In this paper, assuming that the CSP is semi-honest (i.e. Honest but curious and cannot be completely trusted), a proof of retrievability (POR) and a proof of ownership (POW) are proposed for video deduplication in cloud storage environments. The POW protocol is meant to be used by the CSP to authenticate the true owner of the data video before releasing it whereas the POR protocol is meant to allow the user to check that his/her data video stored in the cloud is secured against any malicious user or the semi-honest CSP. These schemes are proposed as complement to our earlier proposed scheme for securing the video deduplication in the cloud storage through the H.264 compression algorithm. Some experimental results are provided, showing the effectiveness of our proposed POR and POW protocols.
Keywords: cloud computing; data compression; data privacy; information retrieval; security of data; video coding; Big Data; CSP; H.264 compression algorithm; Internet; POR; POW; cloud storage providers; data accessibility; data security; digital devices; proof of ownership; proof of retrievability; video deduplication; Big data; Cloud computing; Compression algorithms; Encoding; Encryption; Protocols; H.264 compression algorithm; Merkle hash tree; error correcting codes; proof of ownership; proof of retrieval; video compression (ID#: 16-9820)


R. Zhai, K. Zhang and M. Liu, “Static Group Privacy Protection Mechanism Based on Cloud Model,” Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing (CIT/IUCC/DASC/PICOM), 2015 IEEE International Conference on, Liverpool, 2015, pp. 970-974. doi: 10.1109/CIT/IUCC/DASC/PICOM.2015.146
Abstract: In recent years, a variety of privacy events emerges and bring huge losses. With the in-depth application of data mining, big data, cloud computing and other technology, privacy protection issue becomes more and more challenging. Therefore, we propose a privacy protection mechanism for sensitive group information. A reasonable counterfeit data set is constructed based on cloud model for sensitive features of group data to disguise real sensitive group features. The mechanism takes the data dependencies between multiple attributes into consideration, and reduces the amount of fake data added to improve the availability of data. The method we proposed is proved to be effective through analysis and experiments.
Keywords: cloud computing; data mining; data privacy; big data; cloud model;  group data; privacy events; real sensitive group features; sensitive group information; static group privacy protection mechanism; Big data; Cloud computing; Data models; Data privacy; Privacy; Security; Sociology; group privacy; sensitive features (ID#: 16-9821)


F. J. N. d. Santos and S. G. Villalonga, “Exploiting Local Clouds in the Internet of Everything Environment,” 2015 23rd Euromicro International Conference on Parallel, Distributed, and Network-Based Processing, Turku, 2015, pp. 296-300. doi: 10.1109/PDP.2015.117
Abstract: The Internet of Everything is opening new opportunities and challenges which will be faced during the following years. Huge amounts of data will be generated and consumed, so Internet of Things frameworks will need to provide new capabilities related to Big Data analysis, scalability and performance. We believe the formation of local clouds of devices, close to the location where data is created and consumed, is a good solution to overcome these issues which may impact in security as well. The combination of local and remote resources together with the appropriate allocation algorithms for their management will provide the means to enable the new required features, going beyond the current state of the art and still leaving enough evolution capacity for future scenarios.
Keywords: Internet of Things; cloud computing; data handling; Internet of Things frameworks; Internet of everything environment; big data analysis; local clouds; remote resources; security; Big data; Cloud computing; Clouds; Logic gates; Mobile communication; Resource management; Virtualization; Allocation Algorithms; Big Data; Internet of Everything; Local Clouds; Mobile Computing (ID#: 16-9822)


C. Huang and R. Lu, “EFPA: Efficient and Flexible Privacy-Preserving Mining of Association Rule in Cloud,” 2015 IEEE/CIC International Conference on Communications in China (ICCC), Shenzhen, China, 2015, pp. 1-6. doi: 10.1109/ICCChina.2015.7448753
Abstract: With the explosive growth of data and the advance of cloud computing, data mining technology has attracted considerable interest recently. However, the flourish of data mining technology still faces many challenges in big data era, and one of the main security issues is to prevent privacy disclosure when running data mining in cloud. In this paper, we propose an efficient and flexible protocol, called EFPA, for privacy-preserving association rule mining in cloud. With the protocol, plenty of participants can provide their data and mine the association rules in cloud together without privacy leakage. Detailed security analysis shows that the proposed EFPA protocol can achieve privacy-preserving mining of association rules in cloud. In addition, performance evaluations via extensive simulations also demonstrate the EFPA’s effectiveness in term of low computational costs.
Keywords: Cloud computing; Computational modeling; Cryptography; Data privacy; Protocols; Association Rule Mining; Big Data; Cloud; Privacy-preserving (ID#: 16-9823)


G. Xiong, T. Ji, X. Zhang, F. Zhu and W. Liu, “Cloud Operating System for Industrial Application,” Service Operations and Logistics, and Informatics (SOLI), 2015 IEEE International Conference on, Hammamet, 2015, pp. 43-48. doi: 10.1109/SOLI.2015.7367408
Abstract: With the rapid development of latest information technology, it is inevitable to apply IoT (Internet of Things), cloud computing and big data into the industrial fields of national key sectors including transportation, electricity, metallurgy, petroleum, chemical, manufacturing, military and so on. Wireless sensor network, industrial Internet, embedded system, software for industrial control and management, and smart terminal are gradually introduced into the industrial systems, which would make the past relatively closed industrial systems more open and intelligent, and contribute to the coming forth industrial revolution. In this paper, the authors mainly discuss issues about cloud Operating System (OS) for industrial application, including cloud computing and cloud operating system introduction, current status analysis of cloud OS and the transformation trend to industrial 4.0. Then, we independently design the main content of this cloud OS, and its application prospect and expected result are given. The study provides theoretical guidance and practical challenge for the development of cloud OS oriented to industrial area.
Keywords: Big Data; Internet of Things; cloud computing; embedded systems; industrial control; information technology; operating systems (computers);wireless sensor networks; Internet of Things; IoT; big data; cloud computing; cloud operating system; embedded system; industrial Internet; industrial application; industrial control software; industrial systems; information technology; national key sectors; wireless sensor network; Cloud computing; Hardware; Industries; Manufacturing; Operating systems; Security; Servers; Big data; Cloud Computing; Cloud Operating System; G-Cloud OS for Industrial Application; Industrial 4.0;Internet of Things (ID#: 16-9824)


K. Gai, M. Qiu, H. Zhao and W. Dai, “Anti-Counterfeit Scheme Using Monte Carlo Simulation for E-commerce in Cloud Systems,” Cyber Security and Cloud Computing (CSCloud), 2015 IEEE 2nd International Conference on, New York, NY, 2015,
pp. 74-79. doi: 10.1109/CSCloud.2015.75
Abstract: E-commerce using cloud-based trading platforms has become a popular approach with the growth of global development in recent years. However, the existence of counterfeits on the platform has threatened the benefits of all stakeholders. This paper proposes a novel scheme named Anti-Counterfeit Deterministic Prediction Model (ADPM), which is designed for detecting counterfeits by using Monte Carlo Model (MCM) to predict the potential malicious information in e-commerce. We consider the discriminations of the fake merchandises a crucial issue in preventing counterfeits on the online business platforms. The proposed mechanism provides a paradigm of machine-learning with using a novel algorithm that derives from MCM. The main algorithm used in our proposed mechanism is Monte Carlo Model-based Prediction Analysis Algorithm (M-PAA). Our experiment has evaluated that the proposed approach can provision the predictions of the insecure information in e-commerce.
Keywords: Monte Carlo methods; cloud computing; electronic commerce; financial data processing; learning (artificial intelligence); security of data; ADPM; Monte Carlo model-based prediction analysis algorithm; Monte Carlo simulation; anti-counterfeit deterministic prediction model; anti-counterfeit scheme; cloud system; cloud-based trading platform; e-commerce; machine learning; malicious information prediction; Adaptation models; Algorithm design and analysis; Cloud computing; Mathematical model; Prediction algorithms; Predictive models; Monte Carlo model; anti-counterfeit model; big data prediction; cloud systems; e-commerce (ID#: 16-9825)


I. Butun, B. Kantarci and M. Erol-Kantarci, “Anomaly Detection and Privacy Preservation in Cloud-Centric Internet of Things,” 2015 IEEE International Conference on Communication Workshop (ICCW), London, 2015, pp. 2610-2615. doi: 10.1109/ICCW.2015.7247572
Abstract: Internet of Things (IoT) concept provides a number of opportunities to improve our daily lives while also creating a potential risk of increasing the vulnerability of personal information to security and privacy breaches. Data collected from IoT is usually offloaded to the Cloud which may further leave data prone to a variety of attacks if security and privacy issues are not handled properly. Anomaly detection has been one of the widely adopted security measures in wired and wireless networks. However, it is not straight forward to apply most of the anomaly detection techniques to IoT and cloud. One of the main challenges is deriving outlier features from the vast volume of data pumped from IoT to the cloud. Other challenges include the large number of sources generating data, heterogenous connectivity and traffic patterns of IoT devices, cloud services being offered at geographically remote places and causing IoT data to be stored in different countries with different legislations. This paper, for the first time, presents the challenges and opportunities in anomaly detection for IoT and cloud. It first introduces the prominent features and application fields of IoT and Cloud, then discusses security and privacy risks to personal information and finally focuses on solutions from anomaly detection perspective.
Keywords: Internet of Things; Web services; cloud computing; data privacy; security of data; IoT concept; IoT devices; anomaly detection techniques; cloud services; cloud-centric Internet of Things; personal information; privacy breach; privacy preservation; privacy risks; security breach; security risks; wired networks; wireless networks; Big data; Cloud computing; Internet of things; Privacy; Security; Sensors; Wireless sensor networks (ID#: 16-9826)


M. Bahrami, “Cloud Computing for Emerging Mobile Cloud Apps,” Mobile Cloud Computing, Services, and Engineering (MobileCloud), 2015 3rd IEEE International Conference on, San Francisco, CA, 2015, pp. 4-5. doi: 10.1109/MobileCloud.2015.40
Abstract: The tutorial will begin with an explanation of the concepts behind cloud computing systems, cloud software architecture, the need for mobile cloud computing as an aspect of the app industry to deal with new mobile app design, network apps, app designing tools, and the motivation for migrating apps to cloud computing systems. The tutorial will review facts, goals and common architectures of mobile cloud computing systems, as well as introduce general mobile cloud services for app developers and marketers. This tutorial will highlight some of the major challenges and costs, and the role of mobile cloud computing architecture in the field of app design, as well as how the app-design industry has an opportunity to migrate to cloud computing systems with low investment. The tutorial will review privacy and security issues. It will describe major mobile cloud vendor services to illustrate how mobile cloud vendors can improve mobile app businesses. We will consider major cloud vendors, such as Microsoft Windows Azure, Amazon AWS and Google Cloud Platform. Finally, the tutorial will survey some of the cutting edge practices in the field, and present some opportunities for future development.
Keywords: cloud computing; data privacy; mobile computing; software architecture; Amazon AWS; Google Cloud Platform; Microsoft Windows Azure; application designing tools; application migration; application-design industry; cloud software architecture; mobile application business improvement; mobile cloud application design; mobile cloud computing; mobile cloud computing architecture; mobile cloud services; mobile cloud vendor services; network apps; privacy issues; security issues; Big data; Cloud computing; Computer architecture; Conferences; Industries; Mobile communication; Tutorials; Mobile App Design; Mobile Cloud Computing; Cloud Architecture; Mobile Security; Mobile Privacy (ID#: 16-9827)


Ravindra Babu Bellam, M. P. Coyle, P. Krishnan and E. G. Rajan, “Issues While Migrating Medical Imaging Services on Cloud Based Infrastructure,” Next Generation Computing Technologies (NGCT), 2015 1st International Conference on, Dehradun, 2015, pp. 109-114. doi: 10.1109/NGCT.2015.7375093
Abstract: In the major medical health-care organizations, Medical imaging play an important role to know about a patient health condition. Usually, in traditional IT health care environment, medical imaging involves a very complex and large amount of medical images (X-rays, CT/MRI scans) to be preserved, analyzed, and transferred. This Medical image data base (MIDB) management requires more technology investments and time. Cloud is the ultimate solution to minimize these costs and handles more efficiently with an acceptable level of security risk. In this paper, we are going to suggest two categories of issues related to medical image cloud, which provide right directions to an enterprise IT and cloud professionals (such as IBM, SIMENS, AMAZON, GOGRID) and medical actors (such as health professionals, hospitals, patients) to modernize computing resources and set some open conventions, those support cooperation and collaborative workflows on medical image cloud sharing. Additionally, these issues are very useful to design and develop a best fit cloud environment for the medical image cloud that allows medical actors to retrieve and review the medical images at all times from all the locations in the globe. This significantly minimizes technology costs and lead to fast and reliable patient health care management. Finally, these issues can also provide how healthcare industry can take maximum advantage of cloud computing to thrive.
Keywords: biomedical imaging; cloud computing; health care; medical computing; visual databases; MIDB management; cloud based infrastructure;  medical image cloud sharing; medical image database; medical imaging services; patient health care management; Big data; Cloud computing; Computational modeling; Medical diagnostic imaging; Medical services; Organizations; Medical image data base; Medical imaging; healthcare; medical actors; the medical image cloud (ID#: 16-9828)


S. H. Kim and I. Y. Lee, “Data Block Management Scheme Based on Secret Sharing for HDFS,” 2015 10th International Conference on Broadband and Wireless Computing, Communication and Applications (BWCCA), Krakow, 2015, pp. 51-56. doi: 10.1109/BWCCA.2015.70
Abstract: In the cloud computing environment, data are encrypted to be stored in many distributed servers. Global Internet service providers such as Google and Yahoo recognized the importance of an Internet service platform and have used low-priced commercial-node-based and large-scale cluster-based cloud computing platform technologies through R&D. As various data services have been available in the distributed computing environment, the distributed management of big data has become a major issue. In the various uses of big data, security vulnerability and privacy invasion may occur due to malicious attackers or inner users. In particular, various types of security vulnerability occur in the block access token, which is used for the permission control of the data block in Hadoop. To supplement the security vulnerability, a secret-sharing-based block access token management technique is suggested in this paper.
Keywords: Big Data; Internet; cloud computing; cryptography; network servers; parallel processing; Google; HDFS; Hadoop; Internet service platform; R&D; Yahoo; cloud computing environment; data block management scheme; data encryption; data services; distributed big data management; distributed computing environment; distributed servers; global Internet service providers; large-scale cluster-based cloud computing platform technologies; low-priced commercial-node-based cloud computing platform technologies; malicious attackers; permission control; privacy invasion; secret sharing; secret-sharing-based block access token management technique; security vulnerability; Authentication; Cloud computing; Cryptography; Distributed databases; Proposals; Servers; Block Access Token; Cloud computing (ID#: 16-9829)


Kanmani P and Anusha S, “A Novel Integrity Scheme for Secure Cloud Storage,” Intelligent Systems and Control (ISCO), 2015 IEEE 9th International Conference on, Coimbatore, 2015, pp. 1-3.
doi: 10.1109/ISCO.2015.7282357
Abstract: Cloud computing is a promising technology designed to provide computing services over the internet. It is a model which enables the user to access the computing resources with minimal management effort and no service provider interaction. Cloud computing provides rapid provisioning of resources to the user by pooling the resources together and the user can access the resources on demand. The main threat to cloud computing is data security and integrity since the public cloud is connected to internet and many users can access the resources at the same time. This paper aims at providing various security issues in cloud computing. It also aims at developing a data integrity proof for the data stored in the cloud server. Cloud storage move the user’s data to big data centers, which are remotely located, on which user does not have any control. It may not be fully trustworthy because client doesn’t have copy of all stored data. However, this unique feature of the cloud poses many new security challenges which need to be clearly understood and resolved.
Keywords: Big Data; cloud computing; data integrity; security of data; storage management; user interfaces; Internet; big data centers; data security; novel integrity scheme; secure cloud storage; user access; Encryption; Postal services; Protocols; Cloud computing; integrity; security (ID#: 16-9830)


F. Rashid, A. Miri and I. Woungang, “A Secure Video Deduplication Scheme in Cloud Storage Environments Using H.264 Compression,” Big Data Computing Service and Applications (BigDataService), 2015 IEEE First International Conference on, Redwood City, CA, 2015, pp. 138-146. doi: 10.1109/BigDataService.2015.15
Abstract: Due to the rapidly increasing amounts of digital data produced worldwide, multi-user cloud storage systems are becoming very popular and Internet users are approaching cloud storage providers (CSPs) to upload their data in the clouds. Among these data, digital videos are fairly huge in terms of storage cost and size, and techniques that can help reducing the cloud storage cost and size are always desired. This paper argues that data reduplication can ease the problem of BigData storage by identifying and removing the duplicate copies from the cloud storages. Although reduplication maximizes the storage space and minimizes the storage costs, it comes with serious issues of data privacy and security. Though the users desire to save some cost by allowing the CSP to deduplicate their data, they do not want the CSP to wane the privacy of their data. In this paper, a scheme is proposed that achieves a secure video reduplication in cloud storage environments. Its design consists of embedding a partial convergent encryption along with a unique signature generation scheme into a H.264 video compression scheme. The partial convergent encryption scheme is meant to ensure that the proposed scheme is secured against a semi-honest CSP, the unique signature generation scheme is meant to enable a classification of the encrypted compressed video data in such a way that the reduplication can be efficiently performed on them. Experimental results and security analysis are provided to validate the stated goals.
Keywords: Big Data; cloud computing; cryptography; data compression; digital signatures; video coding; Big Data storage; CSP; H.264 video compression; cloud storage provider; data reduplication; partial convergent encryption scheme; signature generation scheme; video deduplication scheme security; Cloud computing; Compression algorithms; Encryption; Streaming media; Transforms; BigData security; H.264 video compression; cloud storage provider; group of pictures (GOP);partial convergent encryption; signature generation; video deduplication (ID#: 16-9831)


C. Liu, B. Petroski, G. Cordone, G. Torres and S. Schuckers, “Iris Matching Algorithm on Many-Core Platforms,” Technologies for Homeland Security (HST), 2015 IEEE International Symposium on, Waltham, MA, 2015, pp. 1-6. doi: 10.1109/THS.2015.7225264
Abstract: Biometrics matching has been widely adopted as a secure way for identification and verification purpose. However, the computation demand associated with running this algorithm on a big data set poses great challenge on the underlying hardware platform. Even though modern processors are equipped with more cores and memory capacity, the software algorithm still requires careful design in order to utilize the hardware resource effectively. This research addresses this issue by investigating the biometric application on many-core platforms. Biometrics algorithm, specifically Daugman’s iris matching algorithm, is used to benchmark and compare the performance of several many-core platforms. The results show the ability of the iris matching application to efficiently scale and fully exploit the capabilities offered by many-core platforms and provide insights in how to migrate the biometrics computation onto high-performance many-core architectures.
Keywords: Big Data; image matching; iris recognition; multiprocessing systems; security of data; Daugman iris matching algorithm; big data set; biometrics matching; high-performance many-core architectures; Coprocessors; Graphics processing units; Hardware; Instruction sets; Iris; Iris recognition; Kernel; Daugman’s algorithm; GPU; Iris matching; Many-core; Single-Chip Cloud Computer; Xeon Phi (ID#: 16-9832)


Y. Lu, Q. Xie and L. Wang, “A Novel User Model Based on Searchable Encryption Scheme,” 2015 Third International Conference on Advanced Cloud and Big Data, Yangzhou, 2015, pp. 247-253. doi: 10.1109/CBD.2015.47
Abstract: With the development of cloud computing and cloud storage technology, the privacy disclosure of the query and the destruction of data integrity on the outsourced data are two increasingly serious security issues in the cloud services. In order to resolve these two problems, we propose a novel user model based on searchable encryption scheme. And the model introduces a trusted third authority (TA), which is independent from the honest but curious cloud server. It allows multi-keyword search and informs data integrity verify results on the cipher text and outsourced data to users simultaneously. Finally, we demonstrate that the new scheme we proposed can enable the user has capability of searchable encryption and integrity verify on the outsourced data, reducing the users’ computation overhead.
Keywords: cloud computing; cryptography; query processing; TA; cloud computing development; cloud server; cloud services; cloud storage technology; data integrity destruction; novel user model; outsourced data; searchable encryption scheme; security issues; trusted third authority; Cloud computing; Computational modeling; Data models; Encryption; Indexes; Servers; data integrity; searchable encryption; user management (ID#: 16-9833)


Sheng-Wei Huang, Ce-Kuen Shieh, Che-Ching Liao, Chui-Ming Chiu, Ming-Fong Tsai and Lien-Wu Chen, “A Cloud-Based Efficient On-Line Analytical Processing System with Inverted Data Model,” Heterogeneous Networking for Quality, Reliability, Security and Robustness (QSHINE), 2015 11th International Conference on, Taipei, 2015, pp. 341-345. doi: (not provided)
Abstract: On-line analytical processing (OLAP) provides analysis of multi-dimensional data stored in a database and achieves great success in many applications such as sales, marketing, financial data analysis. OLAP operation is a dominant part of data analysis especially when addressing a large amount of data. With the emergence of the MapReduce paradigm and cloud technology, OLAP operation can be processed on big data that resides in scalable, distributed storage. However, current MapReduce implementations of OLAP operation processing have a major performance drawback caused by improper processing procedure. This is crucial when dimension or dependent attributes are large, which is a common case for most data warehouses hold nowadays. To solve this issue, this paper proposes a methodology to accelerate the performance of OLAP operation processing on big data. We have conducted the experiments on the basic algebra of OLAP operation with different data sizes to demonstrate the effectiveness of our system.
Keywords: cloud computing; data mining; data warehouses; MapReduce paradigm; OLAP operation processing; cloud based efficient online analytical processing system; cloud technology; data analysis; inverted data model; multidimensional data; Algebra; Analytical models; Asia; Computational modeling; Databases; Software (ID#: 16-9834)


D. Puthal, B. P. S. Sahoo, S. Mishra and S. Swain, “Cloud Computing Features, Issues, and Challenges: A Big Picture,” Computational Intelligence and Networks (CINE), 2015 International Conference on, Bhubaneshwar, 2015, pp. 116-123. doi: 10.1109/CINE.2015.31
Abstract: Since the phenomenon of cloud computing was proposed, there is an unceasing interest for research across the globe. Cloud computing has been seen as unitary of the technology that poses the next-generation computing revolution and rapidly becomes the hottest topic in the field of IT. This fast move towards Cloud computing has fuelled concerns on a fundamental point for the success of information systems, communication, virtualization, data availability and integrity, public auditing, scientific application, and information security. Therefore, cloud computing research has attracted tremendous interest in recent years. In this paper, we aim to precise the current open challenges and issues of Cloud computing. We have discussed the paper in three-fold: first we discuss the cloud computing architecture and the numerous services it offered. Secondly we highlight several security issues in cloud computing based on its service layer. Then we identify several open challenges from the Cloud computing adoption perspective and its future implications. Finally, we highlight the available platforms in the current era for cloud research and development.
Keywords: cloud computing; research and development; software architecture; IT; cloud computing architecture; cloud research and development; data availability; data integrity; information security; information systems; public auditing; scientific application; service layer; virtualization; Bandwidth; Cloud computing; Computational modeling; Educational institutions; Security; Servers; Software as a service; Cloud security; Data integrity; Public auditing; Virtualization; Workflow scheduling (ID#: 16-9835)


V. K. Pant, J. Prakash and A. Asthana, “Three Step Data Security Model for Cloud Computing Based on RSA and Steganography,” Green Computing and Internet of Things (ICGCIoT), 2015 International Conference on, Noida, 2015, pp. 490-494. doi: 10.1109/ICGCIoT.2015.7380514
Abstract: Cloud computing is based on network and computer applications. In cloud data sharing is an important activity. Small, medium, and big organization are use cloud to store their data in minimum rental cost. In present cloud proof their importance in term of resource and network sharing, application sharing and data storage utility. Hence, most of customers want to use cloud facilities and services. So the security is most essential part of customer’s point of view as well as vendors. There are several issues that need to be attention with respect to service of data, security or privacy of data and management of data. The security of stored data and information is one of the most crucial problem in cloud computing. Using good protection techniques of access control we can resolved many security problems. Accept that managing privacy and security of information in web highly challenging. This paper describes how to secure data and information in cloud environment in time of data sharing or storing by using our proposed cryptography and steganography technique.
Keywords: cloud computing; public key cryptography; steganography; RSA; access control; application sharing; cloud computing; cloud data sharing; cloud facilities; computer applications; cryptography; data security model; data storage utility; network sharing; Computers; Cryptography; Decryption; Encryption; RSA; Steganography; data security (ID#: 16-9836)


L. Zhang, Z. Wang, Y. Mu and Y. Hu, “Fully Secure Hierarchical Inner Product Encryption for Privacy Preserving Keyword Searching in Cloud,” 2015 10th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC), Krakow, 2015, pp. 449-453. doi: 10.1109/3PGCIC.2015.63
Abstract: Cloud computing provides dynamically scalable resources provisioned as a service over networks. But untrustworthy Cloud Service Provider(CSP) offers a big obstacle for the adoption of the cloud service since CSP can access data in Cloud without data owner’s permission. Hierarchical Inner Product Encryption (HIPE) covers all applications of anonymous encryption, fully private communication and search on encrypted data, which provide trusted data access control policy to CSP. However, the existing works only achieve either selectively attribute-hiding or adaptively attribute-hiding under some strong assumptions in the public key setting. To overcome them, a novel HIPE in private key setting is issued. The new scheme achieves both fully secure and security reduction under the natural assumption-Decisional Linear (DLIN) assumption in the standard model.
Keywords: authorisation; cloud computing; data privacy; private key cryptography; public key cryptography; CSP; DLIN assumption; HIPE; adaptively attribute-hiding; anonymous encryption; fully private communication; fully secure hierarchical inner product encryption; hierarchical inner product encryption; natural assumption-decisional linear assumption; privacy preserving keyword searching; private key setting; public key setting; selectively attribute-hiding; standard model; trusted data access control policy; untrustworthy cloud service provider; Cloud computing; Computational modeling; Encryption; Standards; Cloud security; Searching encryption; the DLIN assumption (ID#: 16-9837)


R. Archana, C. Mythili and S. N. Kalyani, “Security Mechanism for Android Cloud Computing,” Communication Technologies (GCCT), 2015 Global Conference on, Thuckalay, 2015, pp. 133-138. doi: 10.1109/GCCT.2015.7342639
Abstract: Today android devices face many resource challenges like battery life, storage, bandwidth etc. cloud computing offers advantages to users by allowing them to use infrastructures, platforms and software by cloud providers elastically in an on-demand fashion at low cost. Android Cloud Computing (ACC) provides android users with data storage and processing services in cloud, obviating the need to have a powerful device configuration(e.g. CPU speed, Memory, Capacity etc) and all resource-intensive computing can be performed in cloud. Nowadays more and more commercial applications are shifting to android and these days security becomes a big issue. With increasing use of mobile android devices, the requirement of cloud computing in android arises. In this paper, a brief review for how ACC is emerging in real world and further important issues towards security are discussed. Here security mechanism based on onion routing is proposed, which will secure the data on Android Cloud Computing.
Keywords: cloud computing; security of data; smart phones; ACC; Android cloud computing; Android devices; data processing services; data storage services; device configuration; onion routing; resource-intensive computing; security mechanism; Androids; Cloud computing; Humanoid robots; Organizations; Security; Servers; Smart phones; Android; Android Cloud Computing; Android Users; Cloud; Computing; Onion Routing; Security  (ID#: 16-9838)


S. H. Khan and M. A. Akbar, “Multi-Factor Authentication on Cloud,” Digital Image Computing: Techniques and Applications (DICTA), 2015 International Conference on, Adelaide, SA, 2015, pp. 1-7. doi: 10.1109/DICTA.2015.7371288
Abstract: Due to the recent security infringement incidents of single factor authentication services, there is an inclination towards the use of multi-factor authentication (MFA) mechanisms. These MFA mechanisms should be available to use on modern hand-held computing devices like smart phones due to their big share in computational devices market. Moreover, the high social acceptability and ubiquitous nature has attracted the enterprises to offer their services on modern day hand-held devices. In this regard, the big challenge for these enterprises is to ensure security and privacy of users. To address this issue, we have implemented a verification system that combines human inherence factor (handwritten signature biometrics) with the standard knowledge factor (user specific passwords) to achieve a high level of security. The major computational load of the aforementioned task is shifted on a cloud based application server so that a platform-independent user verification service with ubiquitous access becomes possible. Custom applications are built for both the iOS and Android based devices which are linked with the cloud based two factor authentication (TFA) server. The system is tested on-the-run by a diverse group of users and 98.4% signature verification accuracy is achieved.
Keywords: cloud computing; data privacy; message authentication; ubiquitous computing; Android based device; cloud based application server; hand-held computing device; handwritten signature biometrics; human inherence factor; iOS; multifactor authentication; security infringement; signature verification; single factor authentication service; smart phone; two factor authentication server; user privacy; user security; Authentication; Biometrics (access control); Hidden Markov models; Performance evaluation; Servers; Smart phones (ID#: 16-9839)


Y. H. Tung, S. S. Tseng and Y. Y. Kuo, “A Testing-Based Approach to SLA Evaluation on Cloud Environment,” Network Operations and Management Symposium (APNOMS), 2015 17th Asia-Pacific, Busan, 2015, pp. 495-498. doi: 10.1109/APNOMS.2015.7275375
Abstract: A service level agreement (SLA) is a negotiated agreement between consumers and service providers in order to guarantee the quality of the negotiated service level. Therefore, many companies used contract to specify the desired service level agreement. SLA may specify the levels of availability, serviceability, performance, operation, security, or other attributes of the service. However, due to the big human efforts to monitor the performance, how to evaluate the SLA in service delivery becomes an important issue. To evaluate SLA automatically, in this paper, we proposed a testing-based SLA evaluation approach based upon the quality model ISO/IEC 25010 that contains eight characteristics: functional, performance, compatibility, usability, reliability, security, maintainability and portability. Nowadays, cloud computing is emerged as a new technology to improve the computational complexity of enterprise information systems. By adopting features of cloud computing, we have implemented a prototype system which integrates open-source software, Jenkins, as controller and other third party softwares as testers to automate SLA evaluation processes according to the testing-based SLA evaluation approach. The experiments have been conducted to evaluate the performance of our approach and prototype system. The results indicate that our prototype system can provide quality and stable service.
Keywords: IEC standards; ISO standards; business data processing; cloud computing; computational complexity; contracts; public domain software; IEC 25010 quality model; ISO 25010 quality model; Jenkins; cloud environment; consumers; enterprise information system computational complexity improvement; open-source software; performance monitoring; service level agreement; service providers; testing-based SLA quality evaluation approach; Cloud computing; IEC Standards; ISO Standards; Prototypes; Security; Testing; ISO/IEC 25010; quality indicators; testing-based (ID#: 16-9840)


Y. Jin, C. Tian, H. He and F. Wang, “A Secure and Lightweight Data Access Control Scheme for Mobile Cloud Computing,” Big Data and Cloud Computing (BDCloud), 2015 IEEE Fifth International Conference on, Dalian, 2015, pp. 172-179. doi: 10.1109/BDCloud.2015.57
Abstract: By moving data storage and processing from lightweight mobile devices to powerful and centralized computing platforms located in clouds, Mobile Cloud Computing (MCC) can greatly enhance the capability of mobile devices. However, when data owners outsource sensitive data to mobile cloud for sharing, the data is outside of their trusted domain and can potentially be granted to untrusted parties which include the service providers. Data security and flexible access control have become the most pressing demands for MCC. To address this issue, we design a secure and lightweight data access control scheme based on Ciphertext-Policy Attribute-based Encryption (CP-ABE) algorithm, which can protect the confidentiality of outsourced data and provide fine-grained data access control in MCC. The scheme can obviously improve the overall system performance by greatly reducing the computation overheads in encryption and decryption operations, provide flexible and expressive data access control policy, and meanwhile enable data owners to securely outsource most of the computation overheads at mobile devices to cloud servers. The security and performance evaluation show that our scheme is secure, highly efficient and well suited for lightweight mobile devices.
Keywords: authorisation; cloud computing; cryptography; mobile computing; storage management; trusted computing; CP-ABE algorithm; MCC; centralized computing platform; ciphertext-policy attribute-based encryption algorithm; computation overhead; data access control policy; data confidentiality; data processing; data security; data storage; decryption operation; encryption operation; fine-grained data access control; flexible access control; lightweight data access control scheme; lightweight mobile device; mobile cloud computing; outsourced data; overall system performance; performance evaluation; sensitive data; trusted domain; untrusted party; Access control; Algorithm design and analysis; Encryption; Mobile communication; Mobile handsets; Servers; access control; attribute-based encryption (ID#: 16-9841)


Z. Cui, H. Lv, C. Yin, G. Gao and C. Zhou, “Efficient Key Management for IOT Owner in the Cloud,” Big Data and Cloud Computing (BDCloud), 2015 IEEE Fifth International Conference on, Dalian, 2015,
pp. 56-61. doi: 10.1109/BDCloud.2015.40
Abstract: IOT (internet of things) owner may not want their sensitive data to be public in the cloud. However, the client operated by IOT owner may be too lightweight to provide the encryption/decryption service. To remove the issue, we propose a novel solution to minimize the access control cost for IOT owner. First, we present a security model for IOT with minimal cost of IOT owner client without encryption, in which we transfer the encryption/decryption from the client to the cloud. Second, we propose an access control model to minimize the key management cost for IOT owner. Third, we provide an authorization update method to minimize the cost dynamically. In our method, the sensitive data from IOT owner is only available to the authorized user. Each IOT owner needs only to manage a single password, by which the IOT owner can always manage his/her sensitive data and authorization no matter the authorization policy how to change. Experimental results show that our approach significantly outperforms most of existing methods with efficient key management for IOT owner.
Keywords: Internet of Things; authorisation; cloud computing; cryptography; IoT; access control cost; authorization update method; cloud computing; decryption service; encryption service; key management cost; password management; security model; Authorization; Cloud computing; Encryption; Servers; Authorization update; IOT owner key management; Internet of things; Sensitive data
(ID#: 16-9842)


H. Zhao and F. Lei, “A Novel Video Authentication Scheme with Secure CS-Watermark in Cloud,” Multimedia Big Data (BigMM), 2015 IEEE International Conference on, Beijing, 2015, pp. 294-299. doi: 10.1109/BigMM.2015.12
Abstract: Data secure processing is the important issue of video authentication in cloud environment. This research presents a novel scheme to protect integrity of video content for common video data operations by using a semi-fragile CS-watermark technology. In proposed scheme, the CS-watermark data are generated from the block compressed sensing (CS) measurements which rely on the knowledge of the measurement matrix used for sensing I frame’s DCT coefficients. Our analysis and results indicate that the CS-watermark data can accurately verify the integrity of the original video content, and have higher security than other watermarking methods.
Keywords: authorisation; cloud computing; compressed sensing; discrete cosine transforms; video watermarking; DCT coefficients; block compressed sensing measurements; cloud environment; data secure processing; measurement matrix; secure CS-watermark; video authentication scheme; video content integrity; video data operations; Authentication; Discrete cosine transforms; Intellectual property; Size measurement; Sparse matrices; Watermarking; compressed sensing; measurement matrix; video data authentication; watermark (ID#: 16-9843)


X. Liu, Y. Xia, Y. Xiang, M. M. Hassan and A. Alelaiwi, “A Secure and Efficient Data Sharing Framework with Delegated Capabilities in Hybrid Cloud,” Security and Privacy in Social Networks and Big Data (SocialSec), 2015 International Symposium on, Hangzhou, 2015, pp. 7-14. doi: 10.1109/SocialSec2015.13
Abstract: Hybrid cloud is a widely used cloud architecture in large companies that can outsource data to the public cloud, while still supporting various clients like mobile devices. However, such public cloud data outsourcing raises serious security concerns, such as how to preserve data confidentiality and how to regulate access policies to the data stored in public cloud. To address this issue, we design a hybrid cloud architecture that supports data sharing securely and efficiently, even with resource-limited devices, where private cloud serves as a gateway between the public cloud and the data user. Under such architecture, we propose an improved construction of attribute-based encryption that has the capability of delegating encryption/decryption computation, which achieves flexible access control in the cloud and privacy-preserving in data utilization even with mobile devices. Extensive experiments show the scheme can further decrease the computational cost and space overhead at the user side, which is quite efficient for the user with limited mobile devices. In the process of delegating most of the encryption/decryption computation to private cloud, the user can not disclose any information to the private cloud. We also consider the communication security that once frequent attribute revocation happens, our scheme is able to resist some attacks between private cloud and data user by employing anonymous key agreement.
Keywords: cloud computing; cryptography; data privacy; mobile computing; outsourcing; peer-to-peer computing; software architecture; anonymous key agreement; attribute-based encryption; data confidentiality; data security; data sharing framework; encryption/decryption computation; hybrid cloud architecture; mobile device; Cloud computing; Data privacy; Encryption; Mobile handsets; Outsourcing; anonymous key agreement protocol; hybrid cloud (ID#: 16-9844)


S.-J. Yang and I.-C. Cheng, “Design Issues of Trustworthy Cloud Platform Based on IP Monitoring and File Risk,” Big Data and Cloud Computing (BDCloud), 2015 IEEE Fifth International Conference on, Dalian, 2015, pp. 110-117. doi: 10.1109/BDCloud.2015.52
Abstract: With the rising popularity of Web applications and cloud computing technology, a secure cloud computing environment is one of the main concerns. Currently, enterprise cloud platforms often rely on their maintenance and operation, and medium and small companies cannot effectively save manpower information security costs, and thus has affected the willingness of enterprises to use cloud services. In view of this, the cloud service provider (CSP) must be ready to support a full range of security services, such as firewalls, intrusion detection systems, VPN, etc, in order to providing good quality of service. The purpose of this paper is to explore IP address monitor and employ file risk concept to design Trustworthy Cloud Platform (TWCP). Hence, the TWCP can provide the security risk assess models for monitoring security and trust for cloud multi-tenants. Also, this cloud platform can provide value-added audit reports under the virtual cloud environment. It will be essential to a customer’s loyalty and retention. In addition, each tenant in a virtual machine records all the abnormal file names and attributes, and illegal IP addresses daily, and also imports into CSP’s database from these file lists and IP events. Then, the proposed TWCP will perform assessing tasks for analyzing daily log reports and e-mail the security risk status to every tenant. Finally, this paper performs simulations under IaaS, the experimental results indicate the TWCP can obtain a higher IP monitoring ratio and lower the file risk value, and thus allow all tenants to get more trustable TWCP to enhance all tenant’s overall service quality and operational efficiency.
Keywords: cloud computing; security of data; system monitoring; trusted computing; virtual machines; CSP; IP address monitor; IP monitoring ratio; IaaS; TWCP; VPN; Web applications; cloud computing environment security; cloud computing technology; cloud multitenants; cloud service provider; daily log report analysis; design issues; e-mail; enterprise cloud platforms; file risk concept; firewalls; intrusion detection systems; manpower information security costs; operational efficiency; quality of service; security monitoring; security services; trust monitoring; trustworthy cloud platform; value-added audit reports; virtual cloud environment; virtual machine; Algorithm design and analysis; Cloud computing; Companies; IP networks; Monitoring; Risk management; Security; Cloud Services; File Risk Value; IP Monitoring; TWCP (ID#: 16-9845)


B. Yang, G. Song, Y. Zheng and Y. Wu, “QoSC: A QoS-Aware Storage Cloud Based on HDFS,” Security and Privacy in Social Networks and Big Data (SocialSec), 2015 International Symposium on, Hangzhou, 2015, pp. 32-38. doi: 10.1109/SocialSec2015.14
Abstract: Storage QoS is a key issue for a storage cloud infrastructure. This paper presents QoSC, a QoS-aware storage cloud for storing massive data over the dynamic network, based on the Hadoop distributed file system (HDFS). QoSC employs a data redundancy policy based on recovery volumes and a QoS-aware data placement strategy. We consider the QoS of a storage node as a combination of the transfer bandwidth, the availability of service, the workload (CPU utilization), and the free storage space. We have deployed QoSC on the campus network of Zhejiang University, and have conducted a group of experiments on file storage and retrieval. The experimental results show that QoSC improves the performance of file storage and retrieval and balances the workload among DataNodes, by being aware of QoS of DataNodes.
Keywords: cloud computing; data handling; distributed databases; parallel processing; quality of service; HDFS; Hadoop distributed file system; QoS-aware storage cloud; QoSC infrastructure; data redundancy policy; free storage space; quality of service; workload CPU utilization; Bandwidth; Cloud computing; Distributed databases; Extraterrestrial measurements; Quality of service; Redundancy; Distributed Storage; Hadoop; QoS; Reputation (ID#: 16-9846)


Y. Tao, H. Dai, B. Sun, S. Zhao, M. Qiu and Z. Yu, “A Head Record Cache Structure to Improve the Operations on Big Files in Cloud Storage Servers,” High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conference on Embedded Software and Systems (ICESS), 2015 IEEE 17th International Conference on, New York, NY, 2015, pp. 46-51. doi: 10.1109/HPCC-CSS-ICESS.2015.231
Abstract: Cache and prefetching is now widely used in storage systems for disks to speed up accessing data. Although cache and prefetching are well accepted technologies in storage field, they are unsuitable for cloud storage systems because most of requests in cloud is for large files, which leads to undesirable hit rate and speed performance. To solve this issue, an improved head record cache (HRC) structure model is proposed in this paper based on reshuffling disk cache structure and prefetching technologies, aiming at improving reading performance in a cloud environment. Compared to previous researches, this model has better read performance in a cloud environment, since HRC increases hit rate. The experimental results demonstrate that the system has 18% better reading performance than traditional cloud storage system.
Keywords: cache storage; cloud computing; HRC structure model; cloud environment; cloud storage server; disk cache structure; head record cache structure; head record cache structure model; Cloud computing; Electronic mail; File systems; Indexes; Magnetic heads; Prefetching; Servers (ID#: 16-9847)


Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.