Visible to the public Biblio

Found 398 results

Filters: Keyword is Encryption  [Clear All Filters]
2019-11-11
Kunihiro, Noboru, Lu, Wen-jie, Nishide, Takashi, Sakuma, Jun.  2018.  Outsourced Private Function Evaluation with Privacy Policy Enforcement. 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :412–423.
We propose a novel framework for outsourced private function evaluation with privacy policy enforcement (OPFE-PPE). Suppose an evaluator evaluates a function with private data contributed by a data contributor, and a client obtains the result of the evaluation. OPFE-PPE enables a data contributor to enforce two different kinds of privacy policies to the process of function evaluation: evaluator policy and client policy. An evaluator policy restricts entities that can conduct function evaluation with the data. A client policy restricts entities that can obtain the result of function evaluation. We demonstrate our construction with three applications: personalized medication, genetic epidemiology, and prediction by machine learning. Experimental results show that the overhead caused by enforcing the two privacy policies is less than 10% compared to function evaluation by homomorphic encryption without any privacy policy enforcement.
2019-11-04
Alomari, Mohammad Ahmed, Hafiz Yusoff, M., Samsudin, Khairulmizam, Ahmad, R. Badlishah.  2019.  Light Database Encryption Design Utilizing Multicore Processors for Mobile Devices. 2019 IEEE 15th International Colloquium on Signal Processing Its Applications (CSPA). :254–259.
The confidentiality of data stored in embedded and handheld devices has become an urgent necessity more than ever before. Encryption of sensitive data is a well-known technique to preserve their confidentiality, however it comes with certain costs that can heavily impact the device processing resources. Utilizing multicore processors, which are equipped with current embedded devices, has brought a new era to enhance data confidentiality while maintaining suitable device performance. Encrypting the complete storage area, also known as Full Disk Encryption (FDE) can still be challenging, especially with newly emerging massive storage systems. Alternatively, since the most user sensitive data are residing inside persisting databases, it will be more efficient to focus on securing SQLite databases, through encryption, where SQLite is the most common RDBMS in handheld and embedded systems. This paper addresses the problem of ensuring data protection in embedded and mobile devices while maintaining suitable device performance by mitigating the impact of encryption. We presented here a proposed design for a parallel database encryption system, called SQLite-XTS. The proposed system encrypts data stored in databases transparently on-the-fly without the need for any user intervention. To maintain a proper device performance, the system takes advantage of the commodity multicore processors available with most embedded and mobile devices.
2019-10-23
Ali, Abdullah Ahmed, Zamri Murah, Mohd.  2018.  Security Assessment of Libyan Government Websites. 2018 Cyber Resilience Conference (CRC). :1-4.

Many governments organizations in Libya have started transferring traditional government services to e-government. These e-services will benefit a wide range of public. However, deployment of e-government bring many new security issues. Attackers would take advantages of vulnerabilities in these e-services and would conduct cyber attacks that would result in data loss, services interruptions, privacy loss, financial loss, and other significant loss. The number of vulnerabilities in e-services have increase due to the complexity of the e-services system, a lack of secure programming practices, miss-configuration of systems and web applications vulnerabilities, or not staying up-to-date with security patches. Unfortunately, there is a lack of study being done to assess the current security level of Libyan government websites. Therefore, this study aims to assess the current security of 16 Libyan government websites using penetration testing framework. In this assessment, no exploits were committed or tried on the websites. In penetration testing framework (pen test), there are four main phases: Reconnaissance, Scanning, Enumeration, Vulnerability Assessment and, SSL encryption evaluation. The aim of a security assessment is to discover vulnerabilities that could be exploited by attackers. We also conducted a Content Analysis phase for all websites. In this phase, we searched for security and privacy policies implementation information on the government websites. The aim is to determine whether the websites are aware of current accepted standard for security and privacy. From our security assessment results of 16 Libyan government websites, we compared the websites based on the number of vulnerabilities found and the level of security policies. We only found 9 websites with high and medium vulnerabilities. Many of these vulnerabilities are due to outdated software and systems, miss-configuration of systems and not applying the latest security patches. These vulnerabilities could be used by cyber hackers to attack the systems and caused damages to the systems. Also, we found 5 websites didn't implement any SSL encryption for data transactions. Lastly, only 2 websites have published security and privacy policies on their websites. This seems to indicate that these websites were not concerned with current standard in security and privacy. Finally, we classify the 16 websites into 4 safety categories: highly unsafe, unsafe, somewhat unsafe and safe. We found only 1 website with a highly unsafe ranking. Based on our finding, we concluded that the security level of the Libyan government websites are adequate, but can be further improved. However, immediate actions need to be taken to mitigate possible cyber attacks by fixing the vulnerabilities and implementing SSL encryption. Also, the websites need to publish their security and privacy policy so the users could trust their websites.

2019-10-15
Vyakaranal, S., Kengond, S..  2018.  Performance Analysis of Symmetric Key Cryptographic Algorithms. 2018 International Conference on Communication and Signal Processing (ICCSP). :0411–0415.
Data's security being important aspect of the today's internet is gaining more importance day by day. With the increase in online data exchange, transactions and payments; secure payment and secure data transfers have become an area of concern. Cryptography makes the data transmission over the internet secure by various methods, algorithms. Cryptography helps in avoiding the unauthorized people accessing the data by authentication, confidentiality, integrity and non-repudiation. In order to securely transmit the data many cryptographic algorithms are present, but the algorithm to be used should be robust, efficient, cost effective, high performance and easily deployable. Choosing an algorithm which suits the customer's requirement is an utmost important task. The proposed work discusses different symmetric key cryptographic algorithms like DES, 3DES, AES and Blowfish by considering encryption time, decryption time, entropy, memory usage, throughput, avalanche effect and energy consumption by practical implementation using java. Practical implementation of algorithms has been highlighted in proposed work considering tradeoff performance in terms of cost of various parameters rather than mere theoretical concepts. Battery consumption and avalanche effect of algorithms has been discussed. It reveals that AES performs very well in overall performance analysis among considered algorithms.
2019-10-08
Arslan, B., Ulker, M., Akleylek, S., Sagiroglu, S..  2018.  A Study on the Use of Quantum Computers, Risk Assessment and Security Problems. 2018 6th International Symposium on Digital Forensic and Security (ISDFS). :1–6.

In the computer based solutions of the problems in today's world; if the problem has a high complexity value, different requirements can be addressed such as necessity of simultaneous operation of many computers, the long processing times for the operation of algorithms, and computers with hardware features that can provide high performance. For this reason, it is inevitable to use a computer based on quantum physics in the near future in order to make today's cryptosystems unsafe, search the servers and other information storage centers on internet very quickly, solve optimization problems in the NP-hard category with a very wide solution space and analyze information on large-scale data processing and to process high-resolution image for artificial intelligence applications. In this study, an examination of quantum approaches and quantum computers, which will be widely used in the near future, was carried out and the areas in which such innovation can be used was evaluated. Malicious or non-malicious use of quantum computers with this capacity, the advantages and disadvantages of the high performance which it provides were examined under the head of security, the effect of this recent technology on the existing security systems was investigated.

2019-10-07
Aidan, J. S., Zeenia, Garg, U..  2018.  Advanced Petya Ransomware and Mitigation Strategies. 2018 First International Conference on Secure Cyber Computing and Communication (ICSCCC). :23–28.

In this cyber era, the cyber threats have reached a new level of menace and maturity. One of the major threat in this cyber world nowadays is ransomware attack which had affected millions of computers. Ransomware locks the valuable data with often unbreakable encryption codes making it inaccessible for both organization and consumers, thus demanding heavy ransom to decrypt the data. In this paper, advanced and improved version of the Petya ransomware has been introduced which has a reduced anti-virus detection of 33% which actually was 71% with the original version. System behavior is also monitored during the attack and analysis of this behavior is performed and described. Along with the behavioral analysis two mitigation strategies have also been proposed to defend the systems from the ransomware attack. This multi-layered approach for the security of the system will minimize the rate of infection as cybercriminals continue to refine their tactics, making it difficult for the organization's complacent development.

Kara, I., Aydos, M..  2018.  Static and Dynamic Analysis of Third Generation Cerber Ransomware. 2018 International Congress on Big Data, Deep Learning and Fighting Cyber Terrorism (IBIGDELFT). :12–17.

Cyber criminals have been extensively using malicious Ransomware software for years. Ransomware is a subset of malware in which the data on a victim's computer is locked, typically by encryption, and payment is demanded before the ransomed data is decrypted and access returned to the victim. The motives for such attacks are not only limited to economical scumming. Illegal attacks on official databases may also target people with political or social power. Although billions of dollars have been spent for preventing or at least reducing the tremendous amount of losses, these malicious Ransomware attacks have been expanding and growing. Therefore, it is critical to perform technical analysis of such malicious codes and, if possible, determine the source of such attacks. It might be almost impossible to recover the affected files due to the strong encryption imposed on such files, however the determination of the source of Ransomware attacks have been becoming significantly important for criminal justice. Unfortunately, there are only a few technical analysis of real life attacks in the literature. In this work, a real life Ransomware attack on an official institute is investigated and fully analyzed. The analysis have been performed by both static and dynamic methods. The results show that the source of the Ransomware attack has been shown to be traceable from the server's whois information.

2019-09-26
Liu, Y., Zhang, J., Gao, Q..  2018.  A Blockchain-Based Secure Cloud Files Sharing Scheme with Fine-Grained Access Control. 2018 International Conference on Networking and Network Applications (NaNA). :277-283.
As cloud services greatly facilitate file sharing online, there's been a growing awareness of the security challenges brought by outsourcing data to a third party. Traditionally, the centralized management of cloud service provider brings about safety issues because the third party is only semi-trusted by clients. Besides, it causes trouble for sharing online data conveniently. In this paper, the blockchain technology is utilized for decentralized safety administration and provide more user-friendly service. Apart from that, Ciphertext-Policy Attribute Based Encryption is introduced as an effective tool to realize fine-grained data access control of the stored files. Meanwhile, the security analysis proves the confidentiality and integrity of the data stored in the cloud server. Finally, we evaluate the performance of computation overhead of our system.
Mishra, B., Jena, D..  2018.  CCA Secure Proxy Re-Encryption Scheme for Secure Sharing of Files through Cloud Storage. 2018 Fifth International Conference on Emerging Applications of Information Technology (EAIT). :1-6.
Cloud Storage Service(CSS) provides unbounded, robust file storage capability and facilitates for pay-per-use and collaborative work to end users. But due to security issues like lack of confidentiality, malicious insiders, it has not gained wide spread acceptance to store sensitive information. Researchers have proposed proxy re-encryption schemes for secure data sharing through cloud. Due to advancement of computing technologies and advent of quantum computing algorithms, security of existing schemes can be compromised within seconds. Hence there is a need for designing security schemes which can be quantum computing resistant. In this paper, a secure file sharing scheme through cloud storage using proxy re-encryption technique has been proposed. The proposed scheme is proven to be chosen ciphertext secure(CCA) under hardness of ring-LWE, Search problem using random oracle model. The proposed scheme outperforms the existing CCA secure schemes in-terms of re-encryption time and decryption time for encrypted files which results in an efficient file sharing scheme through cloud storage.
Xu, J., Ying, C., Tan, S., Sun, Z., Wang, P., Sun, Z..  2018.  An Attribute-Based Searchable Encryption Scheme Supporting Trapdoor Updating. 2018 IEEE 16th Intl Conf on Dependable, Autonomic and Secure Computing, 16th Intl Conf on Pervasive Intelligence and Computing, 4th Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress(DASC/PiCom/DataCom/CyberSciTech). :7-14.
In the cloud computing environment, a growing number of users share their own data files through cloud storage. However, there will be some security and privacy problems due to the reason that the cloud is not completely trusted, so it needs to be resolved by access control. Attribute-based encryption (ABE) and searchable encryption (SE) can solve fine-grained access control. At present, researchers combine the two to propose an attribute-based searchable encryption scheme and achieved remarkable results. Nevertheless, most of existing attribute-based searchable encryption schemes cannot resist online/offline keyword guessing attack. To solve the problem, we present an attribute-based (CP-ABE) searchable encryption scheme that supports trapdoor updating (CSES-TU). In this scheme, the data owner can formulate an access strategy for the encrypted data. Only the attributes of the data user are matched with the strategy can the effective trapdoor be generated and the ciphertext be searched, and that this scheme will update trapdoors at the same time. Even if the keywords are the same, new trapdoors will be generated every time when the keyword is searched, thus minimizing the damage caused by online/offline keyword guessing attack. Finally, the performance of the scheme is analyzed, and the proof of correctness and security are given at the same time.
Li, S., Wang, F., Shi, T., Kuang, J..  2019.  Probably Secure Multi-User Multi-Keyword Searchable Encryption Scheme in Cloud Storage. 2019 IEEE 3rd Information Technology, Networking, Electronic and Automation Control Conference (ITNEC). :1368-1372.
Searchable encryption server protects privacal data of data owner from leaks. This paper analyzes the security of a multi-user searchable encryption scheme and points out that this scheme does not satisfy the invisibility of trapdoors. In order to improve the security of the original scheme, this paper proposes a probably secure multi-user multi-keyword searchable encryption scheme. New secheme not only ensures the confidentiality of the cipher text keyword, but also does not increase the encryption workload of the data owner when the new data user joins. In the random oracle model, based on the hard problem of decisional Diffie-Hellman, it is proved that the scheme has trapdoor indistinguishability. In the end, obtained by the simulation program to achieve a new computationally efficient communication at low cost.
Kim, H., Hahn, C., Hur, J..  2019.  Analysis of Forward Private Searchable Encryption and Its Application to Multi-Client Settings. 2019 Eleventh International Conference on Ubiquitous and Future Networks (ICUFN). :529-531.
Searchable encryption (SE) supports privacy-preserving searches over encrypted data. Recent studies on SE have focused on improving efficiency of the schemes. However, it was shown that most of the previous SE schemes could reveal the client's queries even if they are encrypted, thereby leading to privacy violation. In order to solve the problem, several forward private SE schemes have been proposed in a single client environment. However, the previous forward private SE schemes have never been analyzed in multi-client settings. In this paper, we briefly review the previous forward private SE schemes. Then, we conduct a comparative analysis of them in terms of performance and forward privacy. Our analysis demonstrates the previous forward secure SE schemes highly depend on the file-counter. Lastly, we show that they are not scalable in multi-client settings due to the performance and security issue from the file-counter.
Chung, S., Shieh, M., Chiueh, T..  2018.  A Security Proxy to Cloud Storage Backends Based on an Efficient Wildcard Searchable Encryption. 2018 IEEE 8th International Symposium on Cloud and Service Computing (SC2). :127-130.
Cloud storage backends such as Amazon S3 are a potential storage solution to enterprises. However, to couple enterprises with these backends, at least two problems must be solved: first, how to make these semi-trusted backends as secure as on-premises storage; and second, how to selectively retrieve files as easy as on-premises storage. A security proxy can address both the problems by building a local index from keywords in files before encrypting and uploading files to these backends. But, if the local index is built in plaintext, file content is still vulnerable to local malicious staff. Searchable Encryption (SE) can get rid of this vulnerability by making index into ciphertext; however, its known constructions often require modifications to index database, and, to support wildcard queries, they are not efficient at all. In this paper, we present a security proxy that, based on our wildcard SE construction, can securely and efficiently couple enterprises with these backends. In particular, since our SE construction can work directly with existing database systems, it incurs only a little overhead, and when needed, permits the security proxy to run with constantly small storage footprint by readily out-sourcing all built indices to existing cloud databases.
2019-09-23
Eugster, P., Marson, G. A., Poettering, B..  2018.  A Cryptographic Look at Multi-party Channels. 2018 IEEE 31st Computer Security Foundations Symposium (CSF). :31–45.
Cryptographic channels aim to enable authenticated and confidential communication over the Internet. The general understanding seems to be that providing security in the sense of authenticated encryption for every (unidirectional) point-to-point link suffices to achieve this goal. As recently shown (in FSE17/ToSC17), however, the security properties of the unidirectional links do not extend, in general, to the bidirectional channel as a whole. Intuitively, the reason for this is that the increased interaction in bidirectional communication can be exploited by an adversary. The same applies, a fortiori, in a multi-party setting where several users operate concurrently and the communication develops in more directions. In the cryptographic literature, however, the targeted goals for group communication in terms of channel security are still unexplored. Applying the methodology of provable security, we fill this gap by defining exact (game-based) authenticity and confidentiality goals for broadcast communication, and showing how to achieve them. Importantly, our security notions also account for the causal dependencies between exchanged messages, thus naturally extending the bidirectional case where causal relationships are automatically captured by preserving the sending order. On the constructive side we propose a modular and yet efficient protocol that, assuming only point-to-point links between users, leverages (non-cryptographic) broadcast and standard cryptographic primitives to a full-fledged broadcast channel that provably meets the security notions we put forth.
Aydin, Y., Ozkaynak, F..  2019.  A Provable Secure Image Encryption Schema Based on Fractional Order Chaotic Systems. 2019 23rd International Conference Electronics. :1–5.
In the literature, many chaotic systems have been used in the design of image encryption algorithms. In this study, an application of fractional order chaotic systems is investigated. The aim of the study is to improve the disadvantageous aspects of existing methods based on discrete and continuous time chaotic systems by utilizing the features of fractional order chaotic systems. The most important advantage of the study compared to the literature is that the proposed encryption algorithm is designed with a provable security approach. Analyses results have been shown that the proposed method can be used successfully in many information security applications.
2019-09-11
Wang, L., Wang, D., Gao, J., Huo, C., Bai, H., Yuan, J..  2019.  Research on Multi-Source Data Security Protection of Smart Grid Based on Quantum Key Combination. 2019 IEEE 4th International Conference on Cloud Computing and Big Data Analysis (ICCCBDA). :449–453.

Power communication network is an important infrastructure of power system. For a large number of widely distributed business terminals and communication terminals. The data protection is related to the safe and stable operation of the whole power grid. How to solve the problem that lots of nodes need a large number of keys and avoid the situation that these nodes cannot exchange information safely because of the lack of keys. In order to solve the problem, this paper proposed a segmentation and combination technology based on quantum key to extend the limited key. The basic idea was to obtain a division scheme according to different conditions, and divide a key into several different sub-keys, and then combine these key segments to generate new keys and distribute them to different terminals in the system. Sufficient keys were beneficial to key updating, and could effectively enhance the ability of communication system to resist damage and intrusion. Through the analysis and calculation, the validity of this method in the use of limited quantum keys to achieve the business data secure transmission of a large number of terminal was further verified.

Xi, W., Suo, S., Cai, T., Jian, G., Yao, H., Fan, L..  2019.  A Design and Implementation Method of IPSec Security Chip for Power Distribution Network System Based on National Cryptographic Algorithms. 2019 IEEE 3rd Information Technology, Networking, Electronic and Automation Control Conference (ITNEC). :2307–2310.

The target of security protection of the power distribution automation system (the distribution system for short) is to ensure the security of communication between the distribution terminal (terminal for short) and the distribution master station (master system for short). The encryption and authentication gateway (VPN gateway for short) for distribution system enhances the network layer communication security between the terminal and the VPN gateway. The distribution application layer encryption authentication device (master cipher machine for short) ensures the confidentiality and integrity of data transmission in application layer, and realizes the identity authentication between the master station and the terminal. All these measures are used to prevent malicious damage and attack to the master system by forging terminal identity, replay attack and other illegal operations, in order to prevent the resulting distribution network system accidents. Based on the security protection scheme of the power distribution automation system, this paper carries out the development of multi-chip encapsulation, develops IPSec Protocols software within the security chip, and realizes dual encryption and authentication function in IP layer and application layer supporting the national cryptographic algorithm.

Duncan, A., Jiang, L., Swany, M..  2018.  Repurposing SoC Analog Circuitry for Additional COTS Hardware Security. 2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST). :201–204.

This paper introduces a new methodology to generate additional hardware security in commercial off-the-shelf (COTS) system-on-a-chip (SoC) integrated circuits (ICs) that have already been fabricated and packaged. On-chip analog hardware blocks such as analog to digital converters (ADCs), digital to analog converters (DACs) and comparators residing within an SoC are repurposed and connected to one another to generate unique physically unclonable function (PUF) responses. The PUF responses are digitized and processed on-chip to create keys for use in encryption and device authentication activities. Key generation and processing algorithms are presented that minimize the effects of voltage and temperature fluctuations to maximize the repeatability of a key within a device. Experimental results utilizing multiple on-chip analog blocks inside a common COTS microcontroller show reliable key generation with minimal overhead.

2019-08-26
Chakraborty, Saurav, Thomas, Drew, DeHart, Joanathan, Saralaya, Kishan, Tadepalli, Prabhakar, Narendra, Siva G..  2018.  Solving Internet's Weak Link for Blockchain and IoT Applications. Proceedings of the 1st ACM/EIGSCC Symposium on Smart Cities and Communities. :6:1–6:5.
Blockchain normalizes applications that run on the internet through the standardization of decentralized data structure, computational requirements and trust in transactions. This new standard has now spawned hundreds of legitimate internet applications in addition to the cryptocurrency revolution. This next frontier that standardizes internet applications will dramatically increase productivity to levels never seen before, especially when applied to Internet of Things (IoT) applications. The blockchain framework relies on cryptographic private keys to sign digital data as its foundational principle. Without the security of private keys to sign data blocks, there can be no trust in blockchain. Central storage of these keys for managing IoT machines and users, while convenient to implement, will be highly detrimental to the assumed safety and security of this next frontier. In this paper, we will introduce decentralized and device agnostic cryptographic signing solutions suitable for securing users and machines in blockchain and IoT applications.
2019-08-05
Chavan, N. S., Sharma, D..  2018.  Secure Proof of Retrievability System in Cloud for Data Integrity. 2018 Fourth International Conference on Computing Communication Control and Automation (ICCUBEA). :1-5.

Due to expansion of Internet and huge dataset, many organizations started to use cloud. Cloud Computing moves the application software and databases to the centralized large data centers, where the management of the data and services may not be fully trustworthy. Due to this cloud faces many threats. In this work, we study the problem of ensuring the integrity of data storage in Cloud Computing. To reduce the computational cost at user side during the integrity verification of their data, the notion of public verifiability has been proposed. Our approach is to create a new entity names Cloud Service Controller (CSC) which will help us to reduce the trust on the Third Party Auditor (TPA). We have strengthened the security model by using AES Encryption with SHA-S12 & tag generation. In this paper we get a brief introduction about the file upload phase, integrity of the file & Proof of Retrievability of the file.

Hiremath, S., Kunte, S. R..  2018.  Ensuring Cloud Data Security Using Public Auditing with Privacy Preserving. 2018 3rd International Conference on Communication and Electronics Systems (ICCES). :1100-1104.

The Cloud computing in simple terms is storing and accessing data through internet. The data stored in the cloud is managed by cloud service providers. Storing data in cloud saves users time and memory. But once user stores data in cloud, he loses the control over his data. Hence there must be some security issues to be handled to keep users data safely in the cloud. In this work, we projected a secure auditing system using Third Party Auditor (TPA). We used Advanced Encryption Standard (AES) algorithm for encrypting user's data and Secure Hash Algorithm (SHA-2) to compute message digest. The system is executed in Amazon EC2 cloud by creating windows server instance. The results obtained demonstrates that our proposed work is safe and takes a firm time to audit the files.

Lei, S., Zewu, W., Kun, Z., Ruichen, S., Shuai, L..  2018.  Research and design of cryptography cloud framework. 2018 IEEE 3rd International Conference on Cloud Computing and Big Data Analysis (ICCCBDA). :147–154.

Since the application mode of cryptography technology currently has different types in the cloud environment, a novel cryptography cloud framework was proposed, due to the non-expandability of cryptography resources. Through researching on the application models of the current encryption technology, the cryptography service demand under the cloud environment and the virtual structure of the cloud cryptography machine, this paper designed the framework of the cryptography cloud framework that provides cryptography services with the cloud computing mode. the design idea of the framework is expounded from two aspects include the function of modules and service flow of cryptography cloud, which resulted in the improvement of the flexibility of the application of cryptography technology in the cloud environment. Through the analysis of system function and management mode, it illustrated the availability and security of cryptography cloud framework. It was proved that cryptography cloud has the characteristics of high-availability in the implementation and experiment, and it can satisfy cryptography service demand in the cloud environment.

2019-07-01
Modi, F. M., Desai, M. R., Soni, D. R..  2018.  A Third Party Audit Mechanism for Cloud Based Storage Using File Versioning and Change Tracking Mechanism. 2018 International Conference on Inventive Research in Computing Applications (ICIRCA). :521-523.

Cloud storage is an exclusive resource in cloud computing, which helps to store and share the data on cloud storage server. Clients upload the data and its hash information n server together on cloud storage. The file owner always concern about data security like privacy and unauthorized access to third party. The owner also wants to ensure the integrity data during communication process. To ensure integrity, we propose a framework based on third party auditor which checks the integrity and correctness of data during audit process. Our aim is to design custom hash for the file which is not only justifies the integrity but also version information about file.

2019-06-28
Plasencia-Balabarca, F., Mitacc-Meza, E., Raffo-Jara, M., Silva-Cárdenas, C..  2018.  Robust Functional Verification Framework Based in UVM Applied to an AES Encryption Module. 2018 New Generation of CAS (NGCAS). :194-197.

This Since the past century, the digital design industry has performed an outstanding role in the development of electronics. Hence, a great variety of designs are developed daily, these designs must be submitted to high standards of verification in order to ensure the 100% of reliability and the achievement of all design requirements. The Universal Verification Methodology (UVM) is the current standard at the industry for the verification process due to its reusability, scalability, time-efficiency and feasibility of handling high-level designs. This research proposes a functional verification framework using UVM for an AES encryption module based on a very detailed and robust verification plan. This document describes the complete verification process as done in the industry for a popular module used in information-security applications in the field of cryptography, defining the basis for future projects. The overall results show the achievement of the high verification standards required in industry applications and highlight the advantages of UVM against System Verilog-based functional verification and direct verification methodologies previously developed for the AES module.

2019-06-10
Umar, M., Sabo, A., Tata, A. A..  2018.  Modified Cooperative Bait Detection Scheme for Detecting and Preventing Cooperative Blackhole and Eavesdropping Attacks in MANET. 2018 International Conference on Networking and Network Applications (NaNA). :121–126.

Mobile ad-hoc network (MANET) is a system of wireless mobile nodes that are dynamically self-organized in arbitrary and temporary topologies, that have received increasing interest due to their potential applicability to numerous applications. The deployment of such networks however poses several security challenging issues, due to their lack of fixed communication infrastructure, centralized administration, nodes mobility and dynamic topological changes, which make it susceptible to passive and active attacks such as single and cooperative black hole, sinkhole and eavesdropping attacks. The mentioned attacks mainly disrupt data routing processes by giving false routing information or stealing secrete information by malicious nodes in MANET. Thus, finding safe routing path by avoiding malicious nodes is a genuine challenge. This paper aims at combining the existing cooperative bait detection scheme which uses the baiting procedure to bait malicious nodes into sending fake route reply and then using a reverse tracing operation to detect the malicious nodes, with an RSA encryption technique to encode data packet before transmitting it to the destination to prevent eavesdropper and other malicious nodes from unauthorized read and write on the data packet. The proposed work out performs the existing Cooperative Bait Detection Scheme (CBDS) in terms of packet delivery ratio, network throughput, end to end delay, and the routing overhead.