Further More Investigations on Evolution of Approaches and Methodologies for Securing Computational Grids | Open Access Journals

ISSN ONLINE(2319-8753)PRINT(2347-6710)

Further More Investigations on Evolution of Approaches and Methodologies for Securing Computational Grids

R.S.Venkatesh1, P.K.Reejeesh1, Prof.S.Balamurugan1, S.Charanyaa2
  1. Department of IT, Kalaignar Karunanidhi Institute of Technology, Coimbatore, TamilNadu, India
  2. Senior Software Engineer Mainframe Technologies Former, Larsen & Tubro (L&T) Infotech, Chennai, TamilNadu, India
Related article at Pubmed, Scholar Google

Visit for more related articles at International Journal of Innovative Research in Science, Engineering and Technology

Abstract

This paper reviews methods developed for anonymizing data from 2004 to 2006 . Publishing microdata such as census or patient data for extensive research and other purposes is an important problem area being focused by government agencies and other social associations. The traditional approach identified through literature survey reveals that the approach of eliminating uniquely identifying fields such as social security number from microdata, still results in disclosure of sensitive data, k-anonymization optimization algorithm ,seems to be promising and powerful in certain cases ,still carrying the restrictions that optimized k-anonymity are NP-hard, thereby leading to severe computational challenges. k-anonimity faces the problem of homogeneity attack and background knowledge attack . The notion of ldiversity proposed in the literature to address this issue also poses a number of constraints , as it proved to be inefficient to prevent attribute disclosure (skewness attack and similarity attack), l-diversity is difficult to achieve and may not provide sufficient privacy protection against sensitive attribute across equivalence class can substantially improve the privacy as against information disclosure limitation techniques such as sampling cell suppression rounding and data swapping and pertubertation. This paper aims to discuss efficient anonymization approach that requires partitioning of microdata equivalence classes and by minimizing closeness by kernel smoothing and determining ether move distances by controlling the distribution pattern of sensitive attribute in a microdata and also maintaining diversity.

Keywords

Data Anonymization, Microdata, k-anonymity, Identity Disclosure, Attribute Disclosure, Diversity

INTRODUCTION

Need for publishing sensitive data to public has grown extravagantly during recent years. Though publishing demands its need there is a restriction that published social network data should not disclose private information of individuals. Hence protecting privacy of individuals and ensuring utility of social networ data as well becomes a challenging and interesting research topic. Considering a graphical model [35] where the vertex indicates a sensitive label algorithms could be developed to publish the non-tabular data without compromising privacy of individuals. Though the data is represented in graphical model after KDLD sequence generation [35] the data is susceptible to several attacks such as homogeneity attack, background knowledge attack, similarity attacks and many more. In this paper we have made an investigation on the attacks and possible solutions proposed in literature and efficiency of the same.

VM PLANTS: PROVIDING AND MANAGING VIRTUAL MACHINE EXECUTION ENVIRONMENTS FOR GRID COMPUTING – 2004

VM - Virtual Machine plants provide a reliable and flexible environment for problem solving in a grid computing systems. Service oriented architecture is employed to represent VM plant middle for providing VM customization and efficient cloning.
The main objective of this architecture is to provide flexibility, fast VM instantiation, scalability, resilience to failures and interoperability. Flexibility is obtained by applying the cloning process onto various VM technologies. Interoperability is achieved by using efficient cloning mechanisms.
Every users and resource providers select a unique service for distributed computing in VM plant architecture. A “classic” Virtual Machine has the ability to run on different OS. It provides isolation and security mechanisms; supports customization and encapsulation; provide support for legacy applications.
The VM plant architecture works on the basis of services provided within web and grid frame works. The client communicates with the service through VMshop. The service then makes use of standard mechanisms to create a new virtual machine. The client cannot directly access the VM plants. The new instantiated VM’s are used for accessing VM plants. The VMshop can provide secure access to resources; configuring network; gives resources access information; supports query handling.
VM plant uses “Production Process Planner” (PPP) for the process of creating new Virtual Machine. The PPP after receiving a request, selects an exact VM from the VM warehouse. VM information system gives information about currently used machines. VM monitor is used to update the VM information system.
Once the exact Virtual Machine is selected, it has to satisfy the following tests.
i. Subset test
ii. Prefix test
iii. Partial test
After this the Virtual Machine is cloned using VM Production Line. Then the VM should parse on several configuration processes. After cloning and configuration processes are completed, the virtual workspace is combined with n IP address. The cloning and configuration techniques are used for describing the feasibility of the VM. VM Plants architecture is efficient for instantiation of VM clones and flexible for producing new services.

SECURITY AND TRUST ISSUES IN SEMANTIC GRIDS – 2005

A large scale distributed computing system such as “Grid computing” should have the ability to allow sharing of resources over a “Virtual Organization” (VO). Recently, the Grid Security Infrastructure (GSI) possesses a trust relationship between Grid Computers. But still there are no suitable methods for authentication and authorization. Even they do not have the ability to select a “trustworthy” user.
“Access Control” is enhanced using Property based authorization mechanisms, automatic certification, bidirectional & iterative security negotiations and policy based authorization. The “Trust Management” includes two basic approaches.
i. Policy - based trust management.
ii. Reputation – based trust management.
The Policy - based trust management reveals certain rules, standards and policies to identify whether a user is “trustworthy” or “untrustworthy”. The Policy - based trust management is responsible for taking access control decisions. The system which posses Policy - based trust makes use of semantics for making decisions.
The Reputation – based trust management concentrates on public - key certificates, P2P system, mobile ad – hoc network and semantic web.
A user to access a resource must satisfy some of the following security mechanisms.
i. Proxy certificates signed by a Certification Authority.
ii. Identity based authorization.
iii. Simple authentication/authorization.
iv. Manual credential fetching.
A term called “Community” is introduced in which all the users can communicate with each other efficiently. The introduction of these communities will decrease the cost of interaction. Communities can be formed either implicitly or explicitly. There are four phases in which a trust is achieved in virtual organization.
i. Service provider identification – determines VO objectives.
ii. Formation and service provider invitation – compute community trust and provision resources.
iii. Operation and service provider interaction – trust based service invocation.
iv. Dissolution – terminates the resources.
In Grid Computing, the security and trust issues in a Virtual Organization is computed using policy – based and reputation – based trust management approaches. The basic idea of this paper is to point out the restrictions of resources and access control protection mechanisms seen in Grid Computing.

MOVING TO CLOUD COMPUTING STEP – BY – STEP – 2006

Cloud computing is the extension of SOA which provides resources such as Storage – as – service, Data – as – a – service and platform – as – a – service. The logic is to identify which cloud service can be adopted for the exiting SOA.
A cloud is organized with the help of following services.
i. Testing – as – a – service
ii. Management – as – a – service
iii. Application – as – a – service
iv. Process – as – a – service
v. Information – as – a – service
vi. Database – as – a – service
vii. Storage – as – a – service
viii. Infrastructure – as – a – service
ix. Platform – as – a – service
x. Integration – as – a – service
xi. Security – as – a – service
Security and performance are observed as barriers in cloud. However, cloud does not support all the computing resources. The cloud computing is suitable for cases where
i. Applications, processes and data are independent.
ii. New applications are used.
iii. Web – based platform is used.
iv. Core internal enterprise architecture should be good.
Cloud computing is not suitable when
i. Processes, applications and data are coupled.
ii. High security is needed.
iii. Application is legacy.
iv. The points of integration are not well defined.
The cloud architecture describes about the
i. Business drivers.
ii. Information under management.
iii. Existing services under management.
iv. Core business processes.
There are several steps involved in the process of creating cloud. They are
i. Access the business.
ii. Access the culture.
iii. Access the value.
iv. Understand your services, processes, data and cloud resources.
v. Identify candidate data, services and processes.
vi. Create a governance strategy and security strategy.
vii. Bind candidate services to data and processes.
viii. Relocate services, processes and information.
ix. Implement security, governance and operations.

CONCLUSION AND FUTURE WORK

Various methods developed for anonymizing data from 2004 to 2006 is discussed. Publishing microdata such as census or patient data for extensive research and other purposes is an important problem area being focused by government agencies and other social associations. The traditional approach identified through literature survey reveals that the approach of eliminating uniquely identifying fields such as social security number from microdata, still results in disclosure of sensitive data, k-anonymization optimization algorithm ,seems to be promising and powerful in certain cases ,still carrying the restrictions that optimized k-anonymity are NP-hard, thereby leading to severe computational challenges. k-anonimity faces the problem of homogeneity attack and background knowledge attack . The notion of ldiversity proposed in the literature to address this issue also poses a number of constraints , as it proved to be inefficient to prevent attribute disclosure (skewness attack and similarity attack), l-diversity is difficult to achieve and may not provide sufficient privacy protection against sensitive attribute across equivalence class can substantially improve the privacy as against information disclosure limitation techniques such as sampling cell suppression rounding and data swapping and pertubertation. Evolution of Data Anonymization Techniques and Data Disclosure Prevention Techniques are discussed in detail. The application of Data Anonymization Techniques for several spectrum of data such as trajectory data are depicted. This survey would promote a lot of research directions in the area of database anonymization.
image
image
image

References

  1. Pieter Van Gorp and Marco Comuzzi “Lifelong Personal Health Data and Application Software via Virtual Machines in the Cloud” IEEEJournal of Biomedical and Healthcare Informatics, Vol. 18, No. 1, Jan 2014
     
  2. Sape J. Mullender, Andrew S.Tanenbaum, "Protection and Resource Control in Distributed Operating Systems", 1984.
     
  3. Paul J.Levine, "Computer security system for a time shared computer accessed over telephone linesUS 4531023 A, 1985
     
  4. John G.Campbell,Carl F.Schoeneberger,"Remote hub television and security systems",US 4574305 A, 1986.
     
  5. A Pfitzmann, "Networks without user observability", Computers & Security 6/2 (1987) 158-166, 1987
     
  6. TF Lunt, " Automated audit trail analysis and intrusion detection: A survey" In Proceedings of 11th National Conference on Security, 1988
     
  7. Lichtenstein Eric Stefan 1984 a, Computer control medical care system US4464172.
     
  8. ARalphR.Frerichs, Dr. PH.Robert A. Miller 1985, Introduction of a Microcomputer for Health Research in a Developing Country.
     
  9. Steven P.Brown 1986, Combinational Medical Data, Identification and health Insurance card.
     
  10. Peter P. Gombrich, Richard J. Beard, Richard A. Griffee, Thomas R. Wilson, Ronald E. Zook, Max S. Hendrickson 1989,A Patient caresystem,US4835372 A.
     
  11. Paavo T. Kousa, " VOICE NETWORK SECURITY SYSTEM" US 4797672 A, 1989
     
  12. D Graft, " Methodology for network security design", IEEE Transactions on Computers, 1990
     
  13. Heberlein, "Network Security MONITOR, 1991
     
  14. John R. Corbin, " Apparatus and method for licensing software on a network of computersUS 5138712 A", 1992
     
  15. S Gordon, "Computer Network Abuse", 1993.
     
  16. Neil Bodick, Andre L. Marquis1990, Interactive system and method for creating and editing a knowledge base for use as a computerized aid tothe cognitive process of diagnosis,US4945476 A.
     
  17. Angela M. Garcia, Dr.,Boca Raton 1991 a, System and Method for scheduling and Reporting Patient related services including prioritizingservices,US5974389 A.
     
  18. Clark Melanie Ann, John Finley, Huska; Michael Edward, Kabel; Geoffrey Harold, Graham, Marc Merrill 1991 b,System and Method forscheduling and Reporting Patient Related services.
     
  19. Robert W. Kukla1992,Patient care communication system, US5101476 A
     
  20. Mark C. Sorensen 1993, Computer aided medical diagnostic method and apparatus, US5255187 A.
     
  21. Edward J. Whalen, San Ramon, Olive Ave Piedmont 1994,Computerized file maintenance System for managing medical records includingnarrative patent documents reports.
     
  22. Desmond D. Cummings 1994b,All care health management system, US5301105 A.
     
  23. Woodrow B. Kesler Rex K Kesslerin 1994 c,Medical data draft for tracking and evaluating medical treatment.
     
  24. Joseph P. Tallman, Elizabeth M. Snowden, Barry W. Wolcott 1995, Medical network management system and process, US5471382 A.
     
  25. Peter S. Stutman, J. Mark Miller 1996,Medical alert distribution system with selective filtering of medical information
     
  26. Edwin C. Iliff1997,computerized medical diagnostic system including re-enter function and sensitivity factors, US5594638 A.
     
  27. Timothy Joseph Graettinger, Paul Alton DuBose 1998, Computer-based neural network system and method for medical diagnosis andinterpretation. US5839438 A.
     
  28. Melanie Ann Clark, John Finley Gold, Michael Edward Huska, Geoffrey Harold Kabel, Marc Merrill Graham1999,Medical record managementsystem and process with improved workflow features, US5974389 A.
     
  29. Richard S. Surwit, Lyle M. Allen, III, Sandra E. Cummings 2000 a, Systems, methods and computer program products for monitoring,diagnosing and treating medical conditions of remotely located patients, US6024699 A.
     
  30. Jeffrey J. Clawson 2000 b, Method and system for giving remote emergency medical counsel to choking patients, US6010451 A.
     
  31. Marc Edward Chicorel 2001, Computer keyboard-generated medical progress notes via a coded diagnosis-based language, US6192345 B1.
     
  32. Charlyn Jordan2002, Health analysis and forecast of abnormal conditions.
     
  33. Jeffrey J. Clawson2003, Method and system for an improved entry process of an emergency medical dispatch system
     
  34. PekkaRuotsalainen 2004, A cross-platform model for secure Electronic Health Record communication.
     
  35. Roger J. Quy2005, Method and apparatus for health and disease management combining patient data monitoring with wireless internetconnectivity, US6936007 B2.
     
  36. Avner Amir, Avner Man2006 a, System and method for administration of on-line healthcare, WO2006006176 A2.
     
  37. Paul C.Tang, Joan S. Ash, David W. Bates, J. Marc overhage and Daniel Z.Sands 2006 b, Personal Health Records: Definitions, Benefits, andStrategies for Overcoming Barriers to Adoption.
     
  38. Christopher Alban, KhiangSeow2007, Clinical documentation system for use by multiple caregivers.
     
  39. Brian A. Rosenfeld, Michael Breslow2008, System and method for accounting and billing patients in a hospital environment.
     
  40. Jacquelyn Suzanne Hunt, Joseph Siemienczuk 2009, Process and system for enhancing medical patient care.
     
  41. Richard J. Schuman2010, Health care computer system, US7831447 B2.
     
  42. Kanagaraj, G.Sumathi, A.C.2011,Proposal of an open-source Cloud computing system for exchanging medical images of a HospitalInformation System
     
  43. AvulaTejaswi, NelaManoj Kumar, GudapatiRadhika, SreenivasVelagapudi 2012 a, Efficient Use of Cloud Computing in Medical Science.
     
  44. J. Vidhyalakshmi, J. Prassanna 2012 b, Providing a trustable healthcare cloud using an enhanced accountability framework.
     
  45. Carmelo Pino and Roberto Di Salvo 2013, A Survey of Cloud Computing Architecture and Applications in Health.
     
  46. K.S. Aswathy, G. Venifa Mini 2014 a, Secure Alternate Viable Technique of Securely Sharing the Personal Health Records in Cloud.
     
  47. Abhishek Kumar Gupta, Kulvinder Singh Mann 2014 sharing of Medical Information on Cloud Platform.
     
  48. D. C. Kaelber, A. K. Jha, D. Johnston, B. Middleton, and D. W. Bates, "Viewpoint paper: research agenda for personal health records(PHRs),”J. Amer. Med. Inform. Assoc., vol. 15, no. 6, pp. 729–736, 2008.
     
  49. J. Ahima, “Defining the personal health record,” vol. 76, no. 6, pp. 24–25, Jun. 2005.
     
  50. W. Currie and M. Guah. "Conflicting institutional logics: a national programme for it in the organizational field of healthcare:, Journal ofInformation Technology, 22:235–247,2007.
     
  51. M. Gysels, A. Richardson, and J. I. Higginson "Does the patient-held record improve continuity and related outcomes in cancer care: asystematic review", Health Expectations,10(1):75–91, Mar. 2007.
     
  52. International Organization for Standardization. ISO TR20514:2005 Health Informatics - Electronic Health Record Definition, Scope andContext Standard. International Organization for Standardization (ISO). Geneva, Switzerland,2005.
     
  53. B.Powmeya , Nikita Mary Ablett ,V.Mohanapriya,S.Balamurugan,”An Object Oriented approach to Model the secure Health care Databasesystems,”In proceedings of International conference on computer , communication & signal processing(IC3SP)in association with IETEstudents forum and the society of digital information and wireless communication,SDIWC,2011,pp.2-3
     
  54. BalamuruganShanmugam, VisalakshiPalaniswami, “Modified Partitioning Algorithm for Privacy Preservation in Microdata Publishing withFull Functional Dependencies”, Australian Journal of Basic and Applied Sciences, 7(8): pp.316-323, July 2013
     
  55. BalamuruganShanmugam, VisalakshiPalaniswami, R.Santhya, R.S.Venkatesh “Strategies for Privacy Preserving Publishing of FunctionallyDependent Sensitive Data: A State-of-the-Art-Survey”, Australian Journal of Basic and Applied Sciences, 8(15) September 2014.
     
  56. S.Balamurugan, P.Visalakshi, V.M.Prabhakaran, S.Chranyaa, S.Sankaranarayanan, "Strategies for Solving the NP-Hard Workflow SchedulingProblems in Cloud Computing Environments", Australian Journal of Basic and Applied Sciences, 8(15) October 2014.
     
  57. Charanyaa, S., et. al., , A Survey on Attack Prevention and Handling Strategies in Graph Based Data Anonymization. International Journal ofAdvanced Research in Computer and Communication Engineering, 2(10): 5722-5728, 2013.
     
  58. Charanyaa, S., et. al., Certain Investigations on Approaches forProtecting Graph Privacy in Data Anonymization. International Journal ofAdvanced Research in Computer and Communication Engineering, 1(8): 5722-5728, 2013.
     
  59. Charanyaa, S., et. al., Proposing a Novel Synergized K-Degree L-Diversity T-Closeness Model for Graph Based Data Anonymization.International Journal of Innovative Research in Computer and Communication Engineering, 2(3): 3554-3561, 2014.
     
  60. Charanyaa, S., et. al., , Strategies for Knowledge Based Attack Detection in Graphical Data Anonymization. International Journal of AdvancedResearch in Computer and Communication Engineering, 3(2): 5722-5728, 2014.
     
  61. Charanyaa, S., et. al., Term Frequency Based Sequence Generation Algorithm for Graph Based Data Anonymization International Journal ofInnovative Research in Computer and Communication Engineering, 2(2): 3033-3040, 2014.
     
  62. V.M.Prabhakaran, Prof.S.Balamurugan, S.Charanyaa," Certain Investigations on Strategies for Protecting Medical Data in Cloud", InternationalJournal of Innovative Research in Computer and Communication Engineering Vol 2, Issue 10, October 2014
     
  63. V.M.Prabhakaran, Prof.S.Balamurugan, S.Charanyaa," Investigations on Remote Virtual Machine to Secure Lifetime PHR in Cloud ",International Journal of Innovative Research in Computer and Communication Engineering Vol 2, Issue 10, October 2014
     
  64. V.M.Prabhakaran, Prof.S.Balamurugan, S.Charanyaa," Privacy Preserving Personal Health Care Data in Cloud" , International AdvancedResearch Journal in Science, Engineering and Technology Vol 1, Issue 2, October 2014
     
  65. P.Andrew, J.Anish Kumar, R.Santhya, Prof.S.Balamurugan, S.Charanyaa, "Investigations on Evolution of Strategies to Preserve Privacy ofMoving Data Objects" International Journal of Innovative Research in Computer and Communication Engineering, 2(2): 3033-3040, 2014.
     
  66. P.Andrew, J.Anish Kumar, R.Santhya, Prof.S.Balamurugan, S.Charanyaa, " Certain Investigations on Securing Moving Data Objects"International Journal of Innovative Research in Computer and Communication Engineering, 2(2): 3033-3040, 2014.
     
  67. P.Andrew, J.Anish Kumar, R.Santhya, Prof.S.Balamurugan, S.Charanyaa, " Survey on Approaches Developed for Preserving Privacy of DataObjects" International Advanced Research Journal in Science, Engineering and Technology Vol 1, Issue 2, October 2014
     
  68. S.Jeevitha, R.Santhya, Prof.S.Balamurugan, S.Charanyaa, " Privacy Preserving Personal Health Care Data in Cloud" International AdvancedResearch Journal in Science, Engineering and Technology Vol 1, Issue 2, October 2014.
     
  69. K.Deepika, P.Andrew, R.Santhya, S.Balamurugan, S.Charanyaa, "Investigations on Methods Evolved for Protecting Sensitive Data",International Advanced Research Journal in Science, Engineering and Technology Vol 1, Issue 4, Decermber 2014.
     
  70. K.Deepika, P.Andrew, R.Santhya, S.Balamurugan, S.Charanyaa, "A Survey on Approaches Developed for Data Anonymization", International Advanced Research Journal in Science, Engineering and Technology Vol 1, Issue 4, Decermber 2014.
     
  71. S.Balamurugan, S.Charanyaa, "Principles of Social Network Data Security" LAP Verlag, Germany, ISBN: 978-3-659-61207-7, 2014
     
  72. S.Balamurugan, S.Charanyaa, "Principles of Scheduling in Cloud Computing" Scholars' Press, Germany,, ISBN: 978-3-639-66950-3, 2014
     
  73. S.Balamurugan, S.Charanyaa, "Principles of Database Security" Scholars' Press, Germany, ISBN: 978-3-639-76030-9, 2014