Implementing DNA Encryption Technique in Web Services to Embed Confidentiality in Cloud

Gugnani, Gunjan; Ghrera, Satya Prakash; Gupta, Praveen; Malekian, Reza; Maharaj, B. T.

doi:10.1007/978-81-322-2526-3_42

Cited by 13 publications

(1 citation statement)

References 10 publications

(10 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Damiani et al [29] presented an access control model to protect information distributed on the Web that, by exploiting XML's own capabilities, enables the definition and enforcement of access restrictions directly on the structure and content of the documents. Gugnani et al [31] provided confidentiality to the user while using cloud-based Web services. Zhu et al [34] proposed a scheme of data integrity verification based on a short signature algorithm (ZSS signature), which supports privacy protection and public auditing by introducing a trusted third party (TPA) to ensure data integrity and availability in the cloud and IoT storage systems.…”

Section: Related Workmentioning

confidence: 99%

Application Integrity Protection on Kubernetes cluster based on Manifest Signature Verification

Kudo

Kitahara

Gajananan

et al. 2022

Journal of Information Processing

View full text Add to dashboard Cite

The integrity of the cloud is the most important requirement for mission-critical enterprise workloads. NIST SP 800-53 states that information systems must prevent the installation of any components that have not been verified digitally. On a Kubernetes cluster, the admission controller can control requests for application installations, and it would be a powerful protection tool if it could control requests for Kubernetes resources on the basis of signature verification. However, there are various technical challenges when it comes to verifying the signature for a Kubernetes resource at the admission controller because a signed resource is rewritten automatically by internal cluster work and many requests that include an internal mutation without a signature are generated. In this work, we propose an approach to protect the integrity of a Kubernetes resource with signature verification at the admission controller. Our approach addresses the issue that the differences between the signed resource in the admission request and the signature message occur automatically in Kubernetes and conducts signature verification properly by using DryRun. We also propose a profile framework to address the internal mutation request that cannot be attached to the signature. Our experimental results demonstrate that standard applications can be protected by our approach.

show abstract

Section: Related Workmentioning

confidence: 99%