A framework for data security and storage in Cloud Computing

Bhandari, Akshita; Gupta, Ashutosh; Das, Debasis

doi:10.1109/icctict.2016.7514542

Cited by 15 publications

(16 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In our review, we observed that quite a large number of countermeasures are either not evaluated at all ( [23], [40], [45] , [48] , [49] , [62] , [75] , [88] , [91] , [67] , [92] , [105] , [110], [111], [114], [137], [141], [154], , [160], [174], , [175]) or evaluated weakly ( [60], [70], [100], [109], [132], [138], [147], [158], [161], [165], [171]). We consider an evaluation as weak evaluation when the system is evaluated with a small dataset (e.g.…”

Section: Discussionmentioning

confidence: 99%

“…Bhandari et al [45] present a framework for secure storage and retrieval of data from the cloud using data classification, detecting errors in data during transmission via Hashed Message Authentication Code (HMAC), and index building. With this approach, data is first classified into three sections (i.e., public, private, and limited) based on confidentiality, integrity, and availability.…”

Section: Classification Of Countermeasuresmentioning

confidence: 99%

“…Malware attacks, Phishing attack, Physical theft, dumpster diving Bhandari eta al. [45] In use/at rest Presents a technique for secure storage and retrieval of data from cloud by classifying data and deploying authentication procedures.…”

Section: Malware Attacksmentioning

confidence: 99%

See 2 more Smart Citations

Data exfiltration: A review of external attack vectors and countermeasures

Ullah

Edwards

Ramdhany

et al. 2018

Journal of Network and Computer Applications

View full text Add to dashboard Cite

Context: One of the main targets of cyber-attacks is data exfiltration, which is the leakage of sensitive or private data to an unauthorized entity. Data exfiltration can be perpetrated by an outsider or an insider of an organization. Given the increasing number of data exfiltration incidents, a large number of data exfiltration countermeasures have been developed. These countermeasures aim to detect, prevent, or investigate exfiltration of sensitive or private data. With the growing interest in data exfiltration, it is important to review data exfiltration attack vectors and countermeasures to support future research in this field. Objective: This paper is aimed at identifying and critically analysing data exfiltration attack vectors and countermeasures for reporting the status of the art and determining gaps for future research. Method: We have followed a structured process for selecting 108 papers from seven publication databases. Thematic analysis method has been applied to analyse the extracted data from the reviewed papers. Results: We have developed a classification of (1) data exfiltration attack vectors used by external attackers and (2) the countermeasures in the face of external attacks. We have mapped the countermeasures to attack vectors. Furthermore, we have explored the applicability of various countermeasures for different states of data (i.e., in use, in transit, or at rest). Conclusion: This review has revealed that (a) most of the state of the art is focussed on preventive and detective countermeasures and significant research is required on developing investigative countermeasures that are equally important; (b) Several data exfiltration countermeasures are not able to respond in real-time, which specifies that research efforts need to be invested to enable them to respond in real-time (c) A number of data exfiltration countermeasures do not take privacy and ethical concerns into consideration, which may become an obstacle in their full adoption (d) Existing research is primarily focussed on protecting data in 'in use' state, therefore, future research needs to be directed towards securing data in 'in rest' and 'in transit' states (e) There is no standard or framework for evaluation of data exfiltration countermeasures. We assert the need for developing such an evaluation framework.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Classification Of Countermeasuresmentioning

confidence: 99%

See 1 more Smart Citation

Data exfiltration: A review of external attack vectors and countermeasures

Ullah

Edwards

Ramdhany

et al. 2018

Journal of Network and Computer Applications

View full text Add to dashboard Cite

show abstract

“…In [18]- [20], the author designed a real-time task scheduler framework to dynamically adjust the security policy of scheduled tasks according to the system security level to achieve the optimal balance of security and schedulability. A task mapping scheduling algorithm for security perception and energy awareness is designed in [21], and a security scheduling method based on user level or SLA to limit the user's resource application is presented in [22] [23].…”

Section: Related Researchmentioning

confidence: 99%

Multi-Level Security Task Scheduling Scheme Based on Task Priority

Li¹,

Shi²,

Li³

et al. 2019

Recent Developments on Information and Communication Technology (ICT) Engineering

View full text Add to dashboard Cite

Data security is a primary consideration when users choose cloud storage, and it is also an important factor that hinders the development of cloud storage. In order to meet the requirements of secure storage of user-differentiated data and guarantee a good user service experience, we propose a multi-level security task scheduling scheme that comprehensively considers the data security level, user service level, and task waiting time. The scheme adopts the idea of multi-level security. The security requirements of different security level data are ensured by the key strength of the cryptographic algorithm. The mapping between the data security level and the key length under the selected cryptographic algorithm achieves the task's priority order. Scheduling appropriate encryption modules to implement differentiated encryption is suitable for cloud storage environments where data sensitivity and importance are diversified.

show abstract

“…DES and AES and compared the result to solve the above mentioned security issues. Akshay Nayak, Sridhar.N.K, poornima.G.R, Dr. Shivashankar [4], "Security Issues in Cloud Computing and its Counter measure" May 19-20, 2017 describes various security issues and the counter measures to resolve those issues. It also discuss about the characteristics of cloud computing how it is used in today's world.…”

Section: Literature Reviewmentioning

confidence: 99%

A Survey on Various Security Issues and Challenges to Secure Cloud Computing

Rathi¹,

Khan²,

Jain³

2018

IJIRCST

View full text Add to dashboard Cite

Cloud computing has evolved as one of the most powerful approach in the IT industry. It provides so many advantages like minimum expense, great performance, availability of resources, due to which it is considered as revolution amongst organizations. In cloud computing various resources are shared through network in open environment so that the user can access the information from anywhere, but there exist the issues of security and privacy of user and its information. It also provides a broad study on the issues and challenges of security .Growth of cloud computing is mainly decreased due to these concerns and challenges. Even though there is secure Homomorphic encryption there lays certain security issues and attacks with it. This paper deals with the analysis of security issues on cloud computing and finding counter measures on those issues. The fundamental security issues such as confidentiality, integrity, availability, trust and audit and compliance is analyzed and the impact on each characteristics of cloud computing as well as the third party control has been examined.

show abstract

A framework for data security and storage in Cloud Computing

Cited by 15 publications

References 11 publications

Data exfiltration: A review of external attack vectors and countermeasures

Data exfiltration: A review of external attack vectors and countermeasures

Multi-Level Security Task Scheduling Scheme Based on Task Priority

A Survey on Various Security Issues and Challenges to Secure Cloud Computing

Contact Info

Product

Resources

About