ISSN ONLINE(2320-9801) PRINT (2320-9798)

All submissions of the EM system will be redirected to Online Manuscript Submission System. Authors are requested to submit articles directly to Online Manuscript Submission System of respective journal.

Certain Investigations on Evolution of Approaches for Cloud Computing Security

R.S.Venkatesh1, P.K.Reejeesh1, Prof.S.Balamurugan1, S.Charanyaa2,/
  1. Department of IT, Kalaignar Karunanidhi Institute of Technology, Coimbatore, TamilNadu, India
  2. Senior Software Engineer Mainframe Technologies Former, Larsen & Tubro (L&T) Infotech, Chennai, TamilNadu, Indi
Related article at Pubmed, Scholar Google

Visit for more related articles at International Journal of Innovative Research in Computer and Communication Engineering

Abstract

This paper reviews methods developed for anonymizing data from 2013 to 2014 . Publishing microdata such as census or patient data for extensive research and other purposes is an important problem area being focused by government agencies and other social associations. The traditional approach identified through literature survey reveals that the approach of eliminating uniquely identifying fields such as social security number from microdata, still results in disclosure of sensitive data, k-anonymization optimization algorithm ,seems to be promising and powerful in certain cases ,still carrying the restrictions that optimized k-anonymity are NP-hard, thereby leading to severe computational challenges. k-anonimity faces the problem of homogeneity attack and background knowledge attack . The notion of ldiversity proposed in the literature to address this issue also poses a number of constraints , as it proved to be inefficient to prevent attribute disclosure (skewness attack and similarity attack), l-diversity is difficult to achieve and may not provide sufficient privacy protection against sensitive attribute across equivalence class can substantially improve the privacy as against information disclosure limitation techniques such as sampling cell suppression rounding and data swapping and pertubertation. This paper aims to discuss efficient anonymization approach that requires partitioning of microdata equivalence classes and by minimizing closeness by kernel smoothing and determining ether move distances by controlling the distribution pattern of sensitive attribute in a microdata and also maintaining diversity.

KEYWORDS

Data Anonymization, Microdata, k-anonymity, Identity Disclosure, Attribute Disclosure, Diversity

INTRODUCTION

Need for publishing sensitive data to public has grown extravagantly during recent years. Though publishingdemands its need there is a restriction that published social network data should not disclose private information ofindividuals. Hence protecting privacy of individuals and ensuring utility of social networ data as well becomes achallenging and interesting research topic. Considering a graphical model [35] where the vertex indicates a sensitivelabel algorithms could be developed to publish the non-tabular data without compromising privacy of individuals.Though the data is represented in graphical model after KDLD sequence generation [35] the data is susceptible toseveral attacks such as homogeneity attack, background knowledge attack, similarity attacks and many more. In thispaper we have made an investigation on the attacks and possible solutions proposed in literature and efficiency of the same.

INSUABILITY OF CYBER RISK

Whenever there is a reported incident of failure of system or data low, which results in high financial losscreated the awareness to the decision maker that cyber risks does not cover the insurance policies. Few among suchincidents are Sony or LGI data losses. According to G20 group, cyber threats are considered to be the dangerous attackto the global economy. Expected annual loss due to cyber risk are estimated between 300 billion US$ to 1 billion. The
authors through this paper discuss the insurance solutions to handle cyber risks.
Cyber risk can be defined as the set of various sources that affects info/technological assets of a concern. Theauthors focus more on operational risk here in this paper. The authors define cyber risk as “The consequences of op
reseav to information and technology that affects confidentiality, availability and integrity.
The authors discuss the cyber risks that are insurable under a set of common terms Bauch Belliner has given us a simple approach in distinguishing Insurable/non-insurable risks.
According to the approach, there are a insurability criteria which is used vibrantly to analyze the insurancemakers. These criteria are grouped into 3 groups namely maker, actuial, and societal conditions. The authors have listed the important problems in insuring cyber risks.
1. Development of frequency and severity of cornesNumber of incidents before 2000 is small which continuously increased over years. An interesting observation is that, loss decreased over last few years due to the increase in self protective steps.
2. Risk pooling: Cyber risks are high when compared to other risks.
3. Scarcity of data: The most important problem in cyber risk is data security.
4. Risk of change: The changes of cyber risks are always fast and vigorous.
5. Information asymetrics:Lack of data on the losses makes the firm to sort the different types of risks.The authors finally conclude that the cyber risk can be managed in two ways; one by putting price tags on therisk based on the behavior area, the other is by simply applying for insurances so that the companies become to know about the threats and protective measures.

2013(A)

Increase in the usage of mobile computing has been exploiting in the recent years due to the major problems namelyscarcity, disconnection of mobile networks. These drawbacks can be addressed effectively and efficiently by mobilecloud computing by executing the mobile applications through external resources in the mobile. The authors haveprovided a survey of mobile cloud computing and presented a taxonomy with different methodologies to tackle theissue. The authors have pointed out about the mobile computing which has been mixed with other technologies nut hasits own challenges. They have also expelled that the future work can make clouds to be established in the form of collection of devices in ubiquitous system.

2013(B)

Cloud computing is a major technology which enables versatility and dynamicity in the field of computer. It has itsown drawback, a second thought which is a important fact-security and privacy of cloud resources. Authors throughthis paper focuses on the threat which is present inside the concept of cloud computing. They have discussed about the concept of security in two main scenarios
1) defend against the insider working for cloud provider
2) defend the insider at the organization
Potential risks and problems have been proposed for each scenario and also efforts to reduce the risk. The authorsexplain that an insider attack is the one which is easy to perform and has a great impact although identifying, detectingis very difficult. The paper has provided a clear concept of it and the future work will be focused in the implementation and the analysis of the scenario along with the steps to provide security as a service within the cloud.

2013(C)

In this paper the author discusses about the secured sharing of Personal Health Records(PHR) in cloud computing.PHR has been an emerging technology in the field of medicine which is always maintained by a third party such as acloud provider. There have also been security constraints with this methodology. In this paper the authors haveproposed a framework to have a secured sharing of PHR in cloud computing. This model ensures and enables the patient to have a fine grained data access for PHR. It also addresses different constraints which reduces the difficulty in key management. The utilization of ABE (attribute based Encryption) in order to encrypt PHR is an important factor of this method. Also enhancement form MA-ABE schema helps in improved security.

2014(B)

Applications on traffic management, road safety are entirely based on vehicular networking which has become the mostsignificant research topic. The concept behind vehicular cloud computing is a mixture of cloud computing andvehicular networking. Through this paper the author proposes a survey on vehicular cloud computing which is a newtechnology which has a bigger impact on road safety and traffic management. An architecture of vehicular cloudcomputing has also been discussed. The authors explain that through this review, vehicular cloud computing has become a technology which is feasible for vehicular network for vehicle control and perception system.

2014(D)

The paper surveys the issues of security standards in cloud computing and authors have presented a clear literaturereview on security issues by addressing threats, attacks and so on with open research topics. Taxonomy for the securityissue means that it is a loophole or a software of a hardware mis- configuration. Vulnerability is system weakness. Inthis article, the author discusses about the stare of art of the security issues since the network security is highlyimportant but it is volatile and also the security becomes a doubt when all the new technology are mixing up. Analysison security issues of cloud to have secured clouds will enable a clear understanding of security standards and thus proven that security that security should be given the top priority.

2014-RELIABLE SECURITY IN CLOUD COMPUTING ENVIRONMENT

Cloud computing gives a convenient and an on demand access where we can rapidly use resources with greataccuracy and efficiency. Although there is more expectations for the cloud computing among the industrialists andcustomers, the security remains a big drawback in terms of single data, but due to the migration towards much, interclouds security constraints have not seen its depression. Through this paper, the authors have proposed a design to audit storage with light cx and computation cost. This scheme provides localization of data errors.
Cloud security refers to a technology and control used to preserve data and the infrastructure of cloudcomputing. The simple concept behind cloud computing is drawing resources on user request, performing a job andarrange them back when job is complete in cc environment, a concern about the security and protection remains static.This paper has focused on important issues that are concerned with cloud security is integrating the data that are transferred from or to the provider suffer damage.
The methodology is preventing a system from malicious attacks considering systems security risk in cloud computing.
1. Data security
2. Network Load
3. Access
4. Data Location
5.Data segregation
Algorithm that is used in this paper is secret sharing algorithm. The concept behind this algorithm is that sharing distribution of secret amongst a group of participants.

CONCLUSION AND FUTURE WORK

Various methods developed for anonymizing data from 2013 to 2014 is discussed. Publishing microdata such ascensus or patient data for extensive research and other purposes is an important problem area being focused bygovernment agencies and other social associations. The traditional approach identified through literature survey revealsthat the approach of eliminating uniquely identifying fields such as social security number from microdata, still results in disclosure of sensitive data, k-anonymization optimization algorithm ,seems to be promising and powerful in certain cases ,still carrying the restrictions that optimized k-anonymity are NP-hard, thereby leading to severe computational challenges. k-anonimity faces the problem of homogeneity attack and background knowledge attack . The notion of ldiversity proposed in the literature to address this issue also poses a number of constraints , as it proved to be inefficient to prevent attribute disclosure (skewness attack and similarity attack), l-diversity is difficult to achieve and may not provide sufficient privacy protection against sensitive attribute across equivalence class can substantially improve the privacy as against information disclosure limitation techniques such as sampling cell suppression rounding and data swapping and pertubertation. Evolution of Data Anonymization Techniques and Data Disclosure Prevention Techniques are discussed in detail. The application of Data Anonymization Techniques for several spectrum of data such as trajectory data are depicted. This survey would promote a lot of research directions in the area of database anonymization.

References















































































 
APPENDIX
 
image
image
image
BIOGRAPHY
R.S.Venkatesh and P.K.Reejeesh are currently pursuing their B.Tech. degree in Information Technology at KalaignarKarunanidhi Institute of Technology, Coimbatore, Tamil Nadu, India. Their areas of research interests include Network Security, Cloud Computing and Database Security.
Prof.S.Balamurugan obtained his B.Tech degree in Information Technology from P.S.G. College of Technology, Coimbatore, Tamil Nadu, India and M.Tech degree in Information Technology from Anna University, Tamil Nadu, India respectively. He is currently working towards his PhD degree in Information Technology at P.S.G. College of Technology, Tamil Nadu, India. At present he holds to his credit 65 papers International Journals and IEEE/ Elsevier International Conferences. He is currently working as Assistant Professor in the Department of Information Technology, Kalaignar Karunanidhi Institute of Technology, Coimbatore, Tamil Nadu, India affiliated to Anna University TamilNadu, India. He is State Rank holder in schooling. He was University First Rank holder M.Tech. Semester Examinations at Anna University, Tamilnadu, India. He served as a Joint Secretary of IT Association, Department of Information Technology, PSG College of Technology, Coimbatore, Tamilnadu, India. He is the recipient of gold medal and certificate of merit for best journal publication by his host institution consecutively for 3 years. Some of his professional activities include invited Session Chair Person for two Conferences. He has guided 16 B.Tech projects and 2 M.Tech. projects. He has won a best paper award in International Conference. His areas of research interest accumulate in the areas of Data Privacy, Database Security, Object Modeling Techniques, and Cloud Computing. He is a life member of ISTE,CSI. He has authored a chapter in an International Book "Information Processing" published by I.K. International Publishing House Pvt. Ltd, New Delhi, India, 978-81-906942-4-7. He is the author of 3 books titled "Principles of Social Network Data Security", ISBN: 978-3-659-61207-7, "Principles of Scheduling in Cloud Computing" ISBN: 978-3-639-66950-3, and "Principles of Database Security", ISBN: 978-3-639-76030- 9.
S.Charanyaa obtained her B.Tech degree in Information Technology and her M.Tech degree in Information Technology from Anna University Chennai, Tamil Nadu, India. She was gold medalist in her B.Tech. degree program. She has to her credit 27 publications in various International Journals and Conferences. Some of her outstanding achievements at school level include School First Rank holder in 10th and 12th grade. She was working as Software Engineer at Larsen & Turbo Infotech, Chennai for 3 years where she got promoted as Senior Software Engineer and worked for another 2 years. She worked at different verticals and worked at many places including Denmark, Amsderdam handling versatile clients. She is also the recipient of best team player award for the year 2012 by L&T. Her areas of research interest accumulate in the areas of Database Security, Privacy Preserving Database, Object Modeling Techniques, and Cloud Computing. She is the author of 3 books titled "Principles of Social Network Data Security", ISBN: 978-3-659-61207-7, "Principles of Scheduling in Cloud Computing" ISBN: 978-3-639-66950-3, and "Principles of Database Security", ISBN: 978-3-639-76030-9.