Further More Investigations on Evolution of
Approaches for Cloud Security

R.S.Venkatesh; P.K.Reejeesh; Prof.S.Balamurugan; S.Charanyaa

Further More Investigations on Evolution of Approaches for Cloud Security

R.S.Venkatesh¹, P.K.Reejeesh², Prof.S.Balamurugan³, S.Charanyaa⁴

Department of IT, Kalaignar Karunanidhi Institute of Technology, Coimbatore, TamilNadu, India^1,2,3
Senior Software Engineer Mainframe Technologies Former, Larsen & Tubro (L&T) Infotech, Chennai, TamilNadu, India⁴

Related article at Pubmed, Scholar Google

Visit for more related articles at International Journal of Innovative Research in Computer and Communication Engineering

Abstract

This paper reviews methods developed for anonymizing data from 2007 to 2012 . Publishing microdata such as census or patient data for extensive research and other purposes is an important problem area being focused by government agencies and other social associations. The traditional approach identified through literature survey reveals that the approach of eliminating uniquely identifying fields such as social security number from microdata, still results in disclosure of sensitive data, k-anonymization optimization algorithm ,seems to be promising and powerful in certain cases ,still carrying the restrictions that optimized k-anonymity are NP-hard, thereby leading to severe computational challenges. k-anonimity faces the problem of homogeneity attack and background knowledge attack . The notion of ldiversity proposed in the literature to address this issue also poses a number of constraints , as it proved to be inefficient to prevent attribute disclosure (skewness attack and similarity attack), l-diversity is difficult to achieve and may not provide sufficient privacy protection against sensitive attribute across equivalence class can substantially improve the privacy as against information disclosure limitation techniques such as sampling cell suppression rounding and data swapping and pertubertation. This paper aims to discuss efficient anonymization approach that requires partitioning of microdata equivalence classes and by minimizing closeness by kernel smoothing and determining ether move distances by controlling the distribution pattern of sensitive attribute in a microdata and also maintaining diversity.

Keywords

Data Anonymization, Microdata, k-anonymity, Identity Disclosure, Attribute Disclosure, Diversity

I. INTRODUCTION

Need for publishing sensitive data to public has grown extravagantly during recent years. Though publishing demands its need there is a restriction that published social network data should not disclose private information of individuals. Hence protecting privacy of individuals and ensuring utility of social networ data as well becomes a challenging and interesting research topic. Considering a graphical model [35] where the vertex indicates a sensitive label algorithms could be developed to publish the non-tabular data without compromising privacy of individuals. Though the data is represented in graphical model after KDLD sequence generation [35] the data is susceptible to several attacks such as homogeneity attack, background knowledge attack, similarity attacks and many more. In this paper we have made an investigation on the attacks and possible solutions proposed in literature and efficiency of the same.

II. SECURITY SERVER IN THE CLOUD

Security issues arise as a result of transforming of information between individual users. Security issues are produced by computer viruses, worms, Trojan horses, etc. The users can install anti – virus programs to overcome security threats. The anti – virus software programs comprises of activity monitoring programs, virus scanning programs and integrity checking programs.

A user machine should possess an anti – malware software to continuously update the anti – virus software. But it seems to be difficult. The idea revealed in this paper gives a secure browsing over the network for multiple users and the security servers filters & removes network traffic and untrusted codes of the user.

There are three steps associated with security server cluster.

i. A proxy request is sent from a third party destination for the third party content.

ii. Bring back the requested third party content from the third party destination.

iii. Checking the requested content for untrusted code.

It is important to note that the security server cluster and remote computer cluster communicates only over a publicly accessible networks. Determining the derived content comprises of

i. Presenting value – added content.

ii. Value – added content is added to the retrieved content.

A tunneling communications protocol can also be used for establishing communication between security server cluster and remote computer cluster. Other protocols like point – to – point, point – to – point tunneling protocol, layer 2 tunneling protocol can also be used.

Initially, the user should be connected to the internet service provider. The user then needs to satisfy the user server authentication process. The user sends a request to remote security server for content belonging to third party destination. The remote security server resends the content request to IP authentication service. The request content is received from the third party destination to the remote security server. Remote security server checks the requested content for untrusted code. Then the remote security server requests and associates the value added content from value added content server. Finally, the remote security server sends the user requested content to the user computer cluster.

III. CLOUD COMPUTING – ISSUES, RESEARCH AND IMPLEMENTATIONS

Cloud computing was build on the basis of “virtualized resources”. It includes cyber infrastructure. It suggests a service oriented architecture with improved flexibility and reduced cost. Cyber infrastructure makes possible range of applications with fixed budget and conditions. It also improves the efficiency, quality and reliability of sharing services.

Technology should be designed in such a way that it should provide a good end- user productivity and decreased technology- driven overhead. One such architecture is SOA(Service- Oriented architecture) of computing. Remote procedure calls and Grid computing are examples of network based SOA. Component-based method posses the following features:

1. Reusability

2. Sustainability

3. Extensibility

4. Scalability

5. Customizability

6. Compose-ability

7. Reliability

8. Availability

9. Security

A workflow is a graph representing the connection between the loosely and tightly coupled components. A workflow reveals an integrated representation of service-based activities. Virtualization is now built with wireless, highly distributing and pervasive computing because it provides more recent and complex IT resources.

A solution should satisfy an end-user requirements and categories of user. A user category includes service user, service author and CI developer. User categories also include domain specific groups, policy makers and stakeholders. A cyber infrastructure developer is used for maintaining and developing a cloud structure. These developers combine system hardware, interfaces ,networks, storage, administration, communications, management software, service authoring tools, scheduling algorithms, workflow generation and resource access algorithms. Service authors are responsible for producing separate base-line images and services. Every user will initially go for a base-line image as soon as he receives right to produce an image. An author can also produce image if it required resource sharing with another user. To produce images, cloud provides some supporting structures like image creation tools, image and service management tools, service brokers, service registration and discovery tools, security tools, provenance collection tools, resource mapping tools, license management tools, fault tolerance, etc.

End-users need exact time delivery of services, easy-to-use interfaces, collaborative support, information about services, etc, complexity of task, required schedules and resource conditions will decide the service distribution. Virtual Computing Laboratory (VCL) is an open source used for secured implementation of cloud. The implementation on cloud computer using VCL has lead to many researches. VCL is used for implementing complex control images of resources in complex environments. Some of the major drawbacks seen in cloud are:

1. Management of metadata

2. Collection of Provenance information

3. Permanent Storage

4. Logical representation of information to the user

5. Optimization of images

6. Image portability

7. Implication of image format

Some considerable solutions are there to solve the above problems. But still they are under research to produce a secure way of sharing resources.

A cloud is most commonly used in virtualization, distributed computing, utility computing and networking. Research is done to include additional features in VCL technology.

IV. 2010

The author through this paper discusses about an important term called security issue for cloud computing. The authors have also presented a model to have secure clouds and it is focused on two layers namely storage layer and data layer. The main difference is on a scheme which is used for securing third party document publication on cloud. The paper also focuses on secure federated query processing and Hadoop. The final work and the implementation of XACML for hadoop which is a major aspect of secured cloud computing. The security issues can be classified as middleware/storage/data/network/application. The main challenge discussed is to have secured transactions even if some part of the cloud fails.

V. 2011(I)

According to the authors, cloud computing is an architecture with distributed nature which serves and provides resources on demand. The authors through this paper focuses on the various models of cloud deployment and security issues that are in the cloud computing industry. The main security issues is that with he people is scaling of data. Cloud providers believe that encryption is the only way of security but it is not so. Trust plays an important role. So, trust will always remain an important factor and these are external security standards (ISO27001) which can audit to ensure compliance only when a company conforms to this standard. This is an added advantage.

VI. 2012(A)

Cloud computing has become an important concept and technology in many concerns. It provides us many utilities at low cost. Security in cloud computing is an important factor since users store very sensitive information. This issue is not popular among single cloud but when it comes to multi-clouds, security constraints have more impact. The author through this paper surveys and proposes a new research that is related to both single and multi clouds with possible solutions. The paper focuses on the ability of multi clouds to reduce security risk which affects the user. The rapid growth in the field of cloud computing is great but the security is still a major issue. The proposed work is to survey recent research on single/multi clouds and its security issues and also to ensure security of multi-clouds which has its own ability to reduce risk.

VII. 2012(I)

The author through this paper proposes a concise and a very detailed explanation on data security and privacy preservation issues that are related to cloud computing in all stages. Since cloud security concerns, data security and privacy protection are the important factors that are to be considered before adopting the technology. This paper also discusses about the current solution and future work regarding this issue. Although cloud computing has more advantages, the drawbacks are also there that needs to be solved. Security of data and privacy protection are the

VIII. CONCLUSION AND FUTURE WORK

Various methods developed for anonymizing data from 2007 to 2012 is discussed. Publishing microdata such as census or patient data for extensive research and other purposes is an important problem area being focused by government agencies and other social associations. The traditional approach identified through literature survey reveals that the approach of eliminating uniquely identifying fields such as social security number from microdata, still results in disclosure of sensitive data, k-anonymization optimization algorithm ,seems to be promising and powerful in certain cases ,still carrying the restrictions that optimized k-anonymity are NP-hard, thereby leading to severe computational challenges. k-anonimity faces the problem of homogeneity attack and background knowledge attack . The notion of ldiversity proposed in the literature to address this issue also poses a number of constraints , as it proved to be inefficient to prevent attribute disclosure (skewness attack and similarity attack), l-diversity is difficult to achieve and may not provide sufficient privacy protection against sensitive attribute across equivalence class can substantially improve the privacy as against information disclosure limitation techniques such as sampling cell suppression rounding and data swapping and pertubertation. Evolution of Data Anonymization Techniques and Data Disclosure Prevention Techniques are discussed in detail. The application of Data Anonymization Techniques for several spectrum of data such as trajectory data are depicted. This survey would promote a lot of research directions in the area of database anonymization.

References

Pieter Van Gorp and Marco Comuzzi “Lifelong Personal Health Data and Application Software via Virtual Machines in the Cloud” IEEEJournal of Biomedical and Healthcare Informatics, Vol. 18, No. 1, Jan 2014

Sape J. Mullender, Andrew S.Tanenbaum, "Protection and Resource Control in Distributed Operating Systems", 1984.

Paul J.Levine, "Computer security system for a time shared computer accessed over telephone linesUS 4531023 A, 1985

John G.Campbell,Carl F.Schoeneberger,"Remote hub television and security systems",US 4574305 A, 1986.

A Pfitzmann, "Networks without user observability", Computers & Security 6/2 (1987) 158-166, 1987

TF Lunt, " Automated audit trail analysis and intrusion detection: A survey" In Proceedings of 11th National Conference on Security, 1988

Lichtenstein Eric Stefan 1984 a, Computer control medical care system US4464172.

ARalphR.Frerichs, Dr. PH.Robert A. Miller 1985, Introduction of a Microcomputer for Health Research in a Developing Country.

Steven P.Brown 1986, Combinational Medical Data, Identification and health Insurance card.

Peter P. Gombrich, Richard J. Beard, Richard A. Griffee, Thomas R. Wilson, Ronald E. Zook, Max S. Hendrickson 1989,A Patient caresystem,US4835372 A.

Paavo T. Kousa, " VOICE NETWORK SECURITY SYSTEM" US 4797672 A, 1989

D Graft, " Methodology for network security design", IEEE Transactions on Computers, 1990

Heberlein, "Network Security MONITOR, 1991

John R. Corbin, " Apparatus and method for licensing software on a network of computersUS 5138712 A", 1992

S Gordon, "Computer Network Abuse", 1993.

Neil Bodick, Andre L. Marquis1990, Interactive system and method for creating and editing a knowledge base for use as a computerized aid tothe cognitive process of diagnosis,US4945476 A.

Angela M. Garcia, Dr.,Boca Raton 1991 a, System and Method for scheduling and Reporting Patient related services including prioritizingservices,US5974389 A.

Clark Melanie Ann, John Finley, Huska; Michael Edward, Kabel; Geoffrey Harold, Graham, Marc Merrill 1991 b,System and Method forscheduling and Reporting Patient Related services.

Robert W. Kukla1992,Patient care communication system, US5101476 A

Mark C. Sorensen 1993, Computer aided medical diagnostic method and apparatus, US5255187 A.

Edward J. Whalen, San Ramon, Olive Ave Piedmont 1994,Computerized file maintenance System for managing medical records includingnarrative patent documents reports.

Desmond D. Cummings 1994b,All care health management system, US5301105 A.

Woodrow B. Kesler Rex K Kesslerin 1994 c,Medical data draft for tracking and evaluating medical treatment.

Joseph P. Tallman, Elizabeth M. Snowden, Barry W. Wolcott 1995, Medical network management system and process, US5471382 A.

Peter S. Stutman, J. Mark Miller 1996,Medical alert distribution system with selective filtering of medical information

Edwin C. Iliff1997,computerized medical diagnostic system including re-enter function and sensitivity factors, US5594638 A.

Timothy Joseph Graettinger, Paul Alton DuBose 1998, Computer-based neural network system and method for medical diagnosis andinterpretation. US5839438 A

Melanie Ann Clark, John Finley Gold, Michael Edward Huska, Geoffrey Harold Kabel, Marc Merrill Graham1999,Medical recordmanagement system and process with improved workflow features, US5974389 A.

Richard S. Surwit, Lyle M. Allen, III, Sandra E. Cummings 2000 a, Systems, methods and computer program products for monitoring,diagnosing and treating medical conditions of remotely located patients, US6024699 A.

Jeffrey J. Clawson 2000 b, Method and system for giving remote emergency medical counsel to choking patients, US6010451 A.

Marc Edward Chicorel 2001, Computer keyboard-generated medical progress notes via a coded diagnosis-based language, US6192345 B1.

Charlyn Jordan2002, Health analysis and forecast of abnormal conditions.

Jeffrey J. Clawson2003, Method and system for an improved entry process of an emergency medical dispatch system

PekkaRuotsalainen 2004, A cross-platform model for secure Electronic Health Record communication.

Roger J. Quy2005, Method and apparatus for health and disease management combining patient data monitoring with wireless internetconnectivity, US6936007 B2.

Avner Amir, Avner Man2006 a, System and method for administration of on-line healthcare, WO2006006176 A2.

Paul C.Tang, Joan S. Ash, David W. Bates, J. Marc overhage and Daniel Z.Sands 2006 b, Personal Health Records: Definitions, Benefits, andStrategies for Overcoming Barriers to Adoption.

Christopher Alban, KhiangSeow2007, Clinical documentation system for use by multiple caregivers.

Brian A. Rosenfeld, Michael Breslow2008, System and method for accounting and billing patients in a hospital environment.

Jacquelyn Suzanne Hunt, Joseph Siemienczuk 2009, Process and system for enhancing medical patient care.

Richard J. Schuman2010, Health care computer system, US7831447 B2.

Kanagaraj, G.Sumathi, A.C.2011,Proposal of an open-source Cloud computing system for exchanging medical images of a HospitalInformation System

AvulaTejaswi, NelaManoj Kumar, GudapatiRadhika, SreenivasVelagapudi 2012 a, Efficient Use of Cloud Computing in Medical Science.

J. Vidhyalakshmi, J. Prassanna 2012 b, Providing a trustable healthcare cloud using an enhanced accountability framework.

Carmelo Pino and Roberto Di Salvo 2013, A Survey of Cloud Computing Architecture and Applications in Health.

K.S. Aswathy, G. Venifa Mini 2014 a, Secure Alternate Viable Technique of Securely Sharing the Personal Health Records in Cloud.

Abhishek Kumar Gupta, Kulvinder Singh Mann 2014 sharing of Medical Information on Cloud Platform.

D. C. Kaelber, A. K. Jha, D. Johnston, B. Middleton, and D. W. Bates, "Viewpoint paper: research agenda for personal health records(PHRs),”J. Amer. Med. Inform. Assoc., vol. 15, no. 6, pp. 729–736, 2008.

J. Ahima, “Defining the personal health record,” vol. 76, no. 6, pp. 24–25, Jun. 2005.

W. Currie and M. Guah. "Conflicting institutional logics: a national programme for it in the organizational field of healthcare:, Journal ofInformation Technology, 22:235–247,2007.

M. Gysels, A. Richardson, and J. I. Higginson "Does the patient-held record improve continuity and related outcomes in cancer care: asystematic review", Health Expectations,10(1):75–91, Mar. 2007.

International Organization for Standardization. ISO TR20514:2005 Health Informatics - Electronic Health Record Definition, Scope andContext Standard. International Organization for Standardization (ISO). Geneva, Switzerland,2005.

B.Powmeya , Nikita Mary Ablett ,V.Mohanapriya,S.Balamurugan,”An Object Oriented approach to Model the secure Health care Databasesystems,”In proceedings of International conference on computer , communication & signal processing(IC3SP)in association with IETEstudents forum and the society of digital information and wireless communication,SDIWC,2011,pp.2-3

BalamuruganShanmugam, VisalakshiPalaniswami, “Modified Partitioning Algorithm for Privacy Preservation in Microdata Publishing withFull Functional Dependencies”, Australian Journal of Basic and Applied Sciences, 7(8): pp.316-323, July 2013

BalamuruganShanmugam, VisalakshiPalaniswami, R.Santhya, R.S.Venkatesh “Strategies for Privacy Preserving Publishing of FunctionallyDependent Sensitive Data: A State-of-the-Art-Survey”, Australian Journal of Basic and Applied Sciences, 8(15) September 2014.

S.Balamurugan, P.Visalakshi, V.M.Prabhakaran, S.Chranyaa, S.Sankaranarayanan, "Strategies for Solving the NP-Hard Workflow SchedulingProblems in Cloud Computing Environments", Australian Journal of Basic and Applied Sciences, 8(15) October 2014.

Charanyaa, S., et. al., , A Survey on Attack Prevention and Handling Strategies in Graph Based Data Anonymization. International Journal ofAdvanced Research in Computer and Communication Engineering, 2(10): 5722-5728, 2013.

Charanyaa, S., et. al., Certain Investigations on Approaches forProtecting Graph Privacy in Data Anonymization. International Journal ofAdvanced Research in Computer and Communication Engineering, 1(8): 5722-5728, 2013.

Charanyaa, S., et. al., Proposing a Novel Synergized K-Degree L-Diversity T-Closeness Model for Graph Based Data Anonymization.International Journal of Innovative Research in Computer and Communication Engineering, 2(3): 3554-3561, 2014.

Charanyaa, S., et. al., , Strategies for Knowledge Based Attack Detection in Graphical Data Anonymization. International Journal ofAdvanced Research in Computer and Communication Engineering, 3(2): 5722-5728, 2014.

Charanyaa, S., et. al., Term Frequency Based Sequence Generation Algorithm for Graph Based Data Anonymization International Journal ofInnovative Research in Computer and Communication Engineering, 2(2): 3033-3040, 2014.

V.M.Prabhakaran, Prof.S.Balamurugan, S.Charanyaa," Certain Investigations on Strategies for Protecting Medical Data in Cloud",International Journal of Innovative Research in Computer and Communication Engineering Vol 2, Issue 10, October 2014

V.M.Prabhakaran, Prof.S.Balamurugan, S.Charanyaa," Investigations on Remote Virtual Machine to Secure Lifetime PHR in Cloud ",International Journal of Innovative Research in Computer and Communication Engineering Vol 2, Issue 10, October 2014

V.M.Prabhakaran, Prof.S.Balamurugan, S.Charanyaa," Privacy Preserving Personal Health Care Data in Cloud" , International AdvancedResearch Journal in Science, Engineering and Technology Vol 1, Issue 2, October 2014

P.Andrew, J.Anish Kumar, R.Santhya, Prof.S.Balamurugan, S.Charanyaa, "Investigations on Evolution of Strategies to Preserve Privacy ofMoving Data Objects" International Journal of Innovative Research in Computer and Communication Engineering, 2(2): 3033-3040, 2014.

P.Andrew, J.Anish Kumar, R.Santhya, Prof.S.Balamurugan, S.Charanyaa, " Certain Investigations on Securing Moving Data Objects"International Journal of Innovative Research in Computer and Communication Engineering, 2(2): 3033-3040, 2014.

P.Andrew, J.Anish Kumar, R.Santhya, Prof.S.Balamurugan, S.Charanyaa, " Survey on Approaches Developed for Preserving Privacy of DataObjects" International Advanced Research Journal in Science, Engineering and Technology Vol 1, Issue 2, October 2014

S.Jeevitha, R.Santhya, Prof.S.Balamurugan, S.Charanyaa, " Privacy Preserving Personal Health Care Data in Cloud" International AdvancedResearch Journal in Science, Engineering and Technology Vol 1, Issue 2, October 2014.

K.Deepika, P.Andrew, R.Santhya, S.Balamurugan, S.Charanyaa, "Investigations on Methods Evolved for Protecting Sensitive Data",International Advanced Research Journal in Science, Engineering and Technology Vol 1, Issue 4, Decermber 2014.

K.Deepika, P.Andrew, R.Santhya, S.Balamurugan, S.Charanyaa, "A Survey on Approaches Developed for Data Anonymization",International Advanced Research Journal in Science, Engineering and Technology Vol 1, Issue 4, Decermber 2014.

S.Balamurugan, S.Charanyaa, "Principles of Social Network Data Security" LAP Verlag, Germany, ISBN: 978-3-659-61207-7, 2014

S.Balamurugan, S.Charanyaa, "Principles of Scheduling in Cloud Computing" Scholars' Press, Germany,, ISBN: 978-3-639-66950-3, 2014

S.Balamurugan, S.Charanyaa, "Principles of Database Security" Scholars' Press, Germany, ISBN: 978-3-639-76030-9, 2014