Protecting outsourced data in cloud computing through access management

Wang, Hua; Yi, Xun; Bertino, Elisa; Sun, Lin

doi:10.1002/cpe.3286

Cited by 55 publications

(16 citation statements)

References 22 publications

(21 reference statements)

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…A misuse of the cloud-DCN resources can be considered as a threat that requires security-based behavior mechanisms to resist. Indeed, in such a context, security does not always relate to the traditional encryption/decryption algorithms; it extends to cloud data protection [17,18] and resource integrity. These resources are network and computing resources.…”

Section: Related Workmentioning

confidence: 99%

ARAAC: A Rational Allocation Approach in Cloud Data Center Networks

2017

View full text Add to dashboard Cite

Abstract:The expansion of telecommunication technologies touches almost all aspects life that we are living nowadays. Indeed, such technologies have emerged as a fourth essential utility alongside the traditional utilities of electricity, water, and gas. In this context, Cloud Data Center Networks (cloud-DCNs) have been proposed as a promising way to cope with such a high-tech era and with any expected trends in future computing networks. Resources of cloud-DCNs are leased to the interested users in the form of services, such services come in different models that vary between software, platform, and infrastructure. The leasing process of any service model starts with the users (i.e., service tenants). A tenant asks for the service resources, and the cloud-provider allocates the resources with a charge that follows a predefined cost policy. Cloud resources are limited, and those cloud providers have profit objectives to be satisfied. Thus, to comply with the aforementioned promise, the limited resources need to be carefully allocated. Existing allocation proposals in the literature dealt with this problem in varying ways. However, none proposes a win-win allocation model that satisfies both the providers and tenants. This work proposes A Rational Allocation Approach in Cloud Data Center Networks (ARAAC) that efficiently allocates the available cloud resources, in a way that allows for a win-win environment to satisfy both parties: the providers and tenants. To do so, ARAAC deploys the Second Best-Price (SBP) mechanism along with a behavioral-based reputation model. The reputation is built according to the tenants' utilization history throughout their previous service allocations. The reputation records along with the adoption of the SBP mechanism allows for a locally free-equilibrium approach that allocates the available cloud-DCN resources in an efficient and fair manner. In ARAAC, through an auction scenario, tenants with positive reputation records are awarded by having the required resources allocated at prices that are lower than what they have offered. Compared to other benchmark models, simulation results show that ARAAC can efficiently adapt the behavior of those rational service-tenants to provide for better use of the cloud resources, with an increase in the providers' profits.

show abstract

Section: Related Workmentioning

confidence: 99%

ARAAC: A Rational Allocation Approach in Cloud Data Center Networks

2017

View full text Add to dashboard Cite

show abstract

“…2006; Waters 2011; Masaud-Wahaishi and Gaouda 2011; Nishide and Yoneyama 2009; Cheung and Newport 2007; Wang et al. 2014). Goyal et al (2006) provided a Key-Policy ABE scheme, which allowed the policies (attached to keys) to be expressed by any monotonic formula over encrypted attributes (ciphertext).…”

Section: Related Workmentioning

confidence: 99%

Realizing IoT service’s policy privacy over publish/subscribe-based middleware

et al. 2016

View full text Add to dashboard Cite

The publish/subscribe paradigm makes IoT service collaborations more scalable and flexible, due to the space, time and control decoupling of event producers and consumers. Thus, the paradigm can be used to establish large-scale IoT service communication infrastructures such as Supervisory Control and Data Acquisition systems. However, preserving IoT service’s policy privacy is difficult in this paradigm, because a classical publisher has little control of its own event after being published; and a subscriber has to accept all the events from the subscribed event type with no choice. Few existing publish/subscribe middleware have built-in mechanisms to address the above issues. In this paper, we present a novel access control framework, which is capable of preserving IoT service’s policy privacy. In particular, we adopt the publish/subscribe paradigm as the IoT service communication infrastructure to facilitate the protection of IoT services policy privacy. The key idea in our policy-privacy solution is using a two-layer cooperating method to match bi-directional privacy control requirements: (a) data layer for protecting IoT events; and (b) application layer for preserving the privacy of service policy. Furthermore, the anonymous-set-based principle is adopted to realize the functionalities of the framework, including policy embedding and policy encoding as well as policy matching. Our security analysis shows that the policy privacy framework is Chosen-Plaintext Attack secure. We extend the open source Apache ActiveMQ broker by building into a policy-based authorization mechanism to enforce the privacy policy. The performance evaluation results indicate that our approach is scalable with reasonable overheads.

show abstract

“…For example copy and paste or cloning can lead to redundant and inaccurate information in EHRs. Using this feature can cause authorship integrity issues since documentation cannot be tracked to the original source [9,[33][34][35]].…”

Section: Motivationmentioning

confidence: 99%

Ensuring data integrity in electronic health records: A quality health care implication

Vimalachandran

Wang

Zhang

et al. 2016

2016 International Conference on Orange Technologies (ICOT)

View full text Add to dashboard Cite

An Electronic Health Record (EHR) system must enable efficient availability of meaningful, accurate and complete data to assist improved clinical administration through the development, implementation and optimisation of clinical pathways. Therefore data integrity is the driving force in EHR systems and is an essential aspect of service delivery at all levels. However, preserving data integrity in EHR systems has become a major problem because of its consequences in promoting high standards of patient care. In this paper, we review and address the impact of data integrity of the use of EHR system and its associated issues. We determine and analyse three phases of data integrity of an EHR system. Finally, we also present an appropriate method to preserve the integrity in EHR systems. To analyse and evaluate the data integrity, one of the major clinical systems in Australia is considered. This will demonstrate the impact on quality and safety of patient care.

show abstract

Protecting outsourced data in cloud computing through access management

Cited by 55 publications

References 22 publications

ARAAC: A Rational Allocation Approach in Cloud Data Center Networks

ARAAC: A Rational Allocation Approach in Cloud Data Center Networks

Realizing IoT service’s policy privacy over publish/subscribe-based middleware

Ensuring data integrity in electronic health records: A quality health care implication

Contact Info

Product

Resources

About