A Secure Method for Data Storage and Transmission in Sustainable Cloud Computing

Cloud computing is a technology that provides secure storage space for the customer’s massive data and gives them the facility to retrieve and transmit their data efficiently through a secure network in which encryption and decryption algorithms are being deployed. In cloud computation, data processing, storage, and transmission can be done through laptops and mobile devices. Data Storing in cloud facilities is expanding each day and data is the most significant asset of clients. The important concern with the transmission of information to the cloud is security because there is no perceivability of the client’s data. They have to be dependent on cloud service providers for assurance of the platform’s security. Data security and privacy issues reduce the progression of cloud computing and add complexity. Nowadays; most of the data that is stored on cloud servers is in the form of images and photographs, which is a very confidential form of data that requires secured transmission. In this research work, a public key cryptosystem is being implemented to store, retrieve and transmit information in cloud computation through a modified Rivest-Shamir-Adleman (RSA) algorithm for the encryption and decryption of data. The implementation of a modified RSA algorithm results guaranteed the security of data in the cloud environment. To enhance the user data security level, a neural network is used for user authentication and recognition. Moreover; the proposed technique develops the performance of detection as a loss function of the bounding box. The Faster Region-Based Convolutional Neural Network (Faster R-CNN) gets trained on images to identify authorized users with an accuracy of 99.9% on training.     

Towards Privacy-Preserving Cloud Storage: A Blockchain Approach

With the rapid development of cloud computing technology, cloud services have now become a new business model for information services. The cloud server provides the IT resources required by customers in a self-service manner through the network, realizing business expansion and rapid innovation. However, due to the insufficient protection of data privacy, the problem of data privacy leakage in cloud storage is threatening cloud computing. To address the problem, we propose BC-PECK, a data protection scheme based on blockchain and public key searchable encryption. Firstly, all the data is protected by the encryption algorithm. The privacy data is encrypted and stored in a cloud server, while the ciphertext index is established by a public key searchable encryption scheme and stored on the blockchain. Secondly, based on the characteristics of trusted execution of smart contract technology, a control mechanism for data accessing and sharing is given. Data transaction is automatically recorded on the blockchain, which is fairer under the premise of ensuring the privacy and security of the data sharing process. Finally, we analyzed the security and fairness of the current scheme. Through the comparison with similar schemes, we have shown the advantages of the proposed scheme.     

Verifiable Diversity Ranking Search Over Encrypted Outsourced Data

Data outsourcing has become an important application of cloud computing. Driven by the growing security demands of data outsourcing applications, sensitive data have to be encrypted before outsourcing. Therefore, how to properly encrypt data in a way that the encrypted and remotely stored data can still be queried has become a challenging issue. Searchable encryption scheme is proposed to allow users to search over encrypted data. However, most searchable encryption schemes do not consider search result diversification, resulting in information redundancy. In this paper, a verifiable diversity ranking search scheme over encrypted outsourced data is proposed while preserving privacy in cloud computing, which also supports search results verification. The goal is that the ranked documents concerning diversification instead of reading relevant documents that only deliver redundant information. Extensive experiments on real-world dataset validate our analysis and show that our proposed solution is effective for the diversification of documents and verification.     

On the Privacy-Preserving Outsourcing Scheme of Reversible Data Hiding over Encrypted Image Data in Cloud Computing

Advanced cloud computing technology provides cost saving and flexibility of services for users. With the explosion of multimedia data, more and more data owners would outsource their personal multimedia data on the cloud. In the meantime, some computationally expensive tasks are also undertaken by cloud servers. However, the outsourced multimedia data and its applications may reveal the data owner’s private information because the data owners lose the control of their data. Recently, this thought has aroused new research interest on privacy-preserving reversible data hiding over outsourced multimedia data. In this paper, two reversible data hiding schemes are proposed for encrypted image data in cloud computing: reversible data hiding by homomorphic encryption and reversible data hiding in encrypted domain. The former is that additional bits are extracted after decryption and the latter is that extracted before decryption. Meanwhile, a combined scheme is also designed. This paper proposes the privacy-preserving outsourcing scheme of reversible data hiding over encrypted image data in cloud computing, which not only ensures multimedia data security without relying on the trustworthiness of cloud servers, but also guarantees that reversible data hiding can be operated over encrypted images at the different stages. Theoretical analysis confirms the correctness of the proposed encryption model and justifies the security of the proposed scheme. The computation cost of the proposed scheme is acceptable and adjusts to different security levels.     

Two Layer Symmetric Cryptography Algorithm for Protecting Data fromAttacks

Many organizations have insisted on protecting the cloud server from the outside, although the risks of attacking the cloud server are mostly from the inside. There are many algorithms designed to protect the cloud server from attacks that have been able to protect the cloud server attacks. Still, the attackers have designed even better mechanisms to break these security algorithms. Cloud cryptography is the best data protection algorithm that exchanges data between authentic users. In this article, one symmetric cryptography algorithm will be designed to secure cloud server data, used to send and receive cloud server data securely. A double encryption algorithm will be implemented to send data in a secure format. First, the XOR function will be applied to plain text, and then salt technique will be used. Finally, a reversing mechanism will be implemented on that data to provide more data security. To decrypt data, the cipher text will be reversed, salt will be removed, and XOR will be implemented. At the end of the paper, the proposed algorithm will be compared with other algorithms, and it will conclude how much better the existing algorithm is than other algorithms.     

Chosen-Ciphertext Attack Secure Public-Key Encryption with Keyword Search

As the use of cloud storage for various services increases, the amount of private personal information along with data stored in the cloud storage is also increasing. To remotely use the data stored on the cloud storage, the data to be stored needs to be encrypted for this reason. Since “searchable encryption” is enable to search on the encrypted data without any decryption, it is one of convenient solutions for secure data management. A public key encryption with keyword search (for short, PEKS) is one of searchable encryptions. Abdalla et al. firstly defined IND-CCA security for PEKS to enhance it’s security and proposed consistent IND-CCA secure PEKS based on the “robust” ANO-CCA secure identity-based encryption(IBE). In this paper, we propose two generic constructions of consistent IND-CCA secure PEKS combining (1) a hierarchical identity based encryption (for short, HIBE) and a signature scheme or (2) a HIBE, an encapsulation, and a message authentication code (for short, MAC) scheme. Our generic constructions identify that HIBE requires the security of a signature or a MAC as well as the weaker “ANO-CPA security (resp., IND-CPA security)” of HIBE than “ANO-CCA security (resp., IND-CCA security)” of IBE required in for achieving IND-CCA secure (resp., consistent) PEKS. Finally, we prove that our generic constructions satisfy IND-CCA security and consistency under the security models.     

Cloud Data Encryption and Authentication Based on Enhanced Merkle Hash Tree Method

Many organizations apply cloud computing to store and effectively process data for various applications. The user uploads the data in the cloud has less security due to the unreliable verification process of data integrity. In this research, an enhanced Merkle hash tree method of effective authentication model is proposed in the multi-owner cloud to increase the security of the cloud data. Merkle Hash tree applies the leaf nodes with a hash tag and the non-leaf node contains the table of hash information of child to encrypt the large data. Merkle Hash tree provides the efficient mapping of data and easily identifies the changes made in the data due to proper structure. The developed model supports privacy-preserving public auditing to provide a secure cloud storage system. The data owners upload the data in the cloud and edit the data using the private key. An enhanced Merkle hash tree method stores the data in the cloud server and splits it into batches. The data files requested by the data owner are audit by a third-party auditor and the multi-owner authentication method is applied during the modification process to authenticate the user. The result shows that the proposed method reduces the encryption and decryption time for cloud data storage by 2–167 ms when compared to the existing Advanced Encryption Standard and Blowfish.     

Cloud Data Center Selection Using a Modified Differential Evolution

The interest in selecting an appropriate cloud data center is exponentially increasing due to the popularity and continuous growth of the cloud computing sector. Cloud data center selection challenges are compounded by ever-increasing users’ requests and the number of data centers required to execute these requests. Cloud service broker policy defines cloud data center’s selection, which is a case of an NP-hard problem that needs a precise solution for an efficient and superior solution. Differential evolution algorithm is a metaheuristic algorithm characterized by its speed and robustness, and it is well suited for selecting an appropriate cloud data center. This paper presents a modified differential evolution algorithm-based cloud service broker policy for the most appropriate data center selection in the cloud computing environment. The differential evolution algorithm is modified using the proposed new mutation technique ensuring enhanced performance and providing an appropriate selection of data centers. The proposed policy’s superiority in selecting the most suitable data center is evaluated using the CloudAnalyst simulator. The results are compared with the state-of-arts cloud service broker policies.     

A New Multi Chaos-Based Compression Sensing Image Encryption

The advancements in technology have substantially grown the size of image data. Traditional image encryption algorithms have limited capabilities to deal with the emerging challenges in big data, including compression and noise toleration. An image encryption method that is based on chaotic maps and orthogonal matrix is proposed in this study. The proposed scheme is built on the intriguing characteristics of an orthogonal matrix. Gram Schmidt disperses the values of pixels in a plaintext image by generating a random orthogonal matrix using logistic chaotic map. Following the diffusion process, a block-wise random permutation of the data is performed using multi-chaos. The proposed scheme provides sufficient security and resilience to JPEG compression and channel noise through a series of experiments and security evaluations. It enables Partial Encryption (PE) for faster processing as well as complete encryption for increased security. The higher values of the number of pixels change rates and unified average change intensity confirm the security of the encryption scheme. In contrast to other schemes, the proposed approach can perform full and partial encryption depending on security requirements.     

Lattice-Based Searchable Encryption Scheme against Inside Keywords Guessing Attack

To save the local storage, users store the data on the cloud server who offers convenient internet services. To guarantee the data privacy, users encrypt the data before uploading them into the cloud server. Since encryption can reduce the data availability, public-key encryption with keyword search (PEKS) is developed to achieve the retrieval of the encrypted data without decrypting them. However, most PEKS schemes cannot resist quantum computing attack, because the corresponding hardness assumptions are some number theory problems that can be solved efficiently under quantum computers. Besides, the traditional PEKS schemes have an inherent security issue that they cannot resist inside keywords guessing attack (KGA). In this attack, a malicious server can guess the keywords encapsulated in the search token by computing the ciphertext of keywords exhaustively and performing the test between the token and the ciphertext of keywords. In the paper, we propose a lattice-based PEKS scheme that can resist quantum computing attacks. To resist inside KGA, this scheme adopts a lattice-based signature technique into the encryption of keywords to prevent the malicious server from forging a valid ciphertext. Finally, some simulation experiments are conducted to demonstrate the performance of the proposed scheme and some comparison results are further shown with respect to other searchable schemes.     

Intelligent Cloud Based Load Balancing System Empowered with Fuzzy Logic

Cloud computing is seeking attention as a new computing paradigm to handle operations more efficiently and cost-effectively. Cloud computing uses dynamic resource provisioning and de-provisioning in a virtualized environment. The load on the cloud data centers is growing day by day due to the rapid growth in cloud computing demand. Elasticity in cloud computing is one of the fundamental properties, and elastic load balancing automatically distributes incoming load to multiple virtual machines. This work is aimed to introduce efficient resource provisioning and de-provisioning for better load balancing. In this article, a model is proposed in which the fuzzy logic approach is used for load balancing to avoid underload and overload of resources. A Simulator in Matlab is used to test the effectiveness and correctness of the proposed model. The simulation results have shown that our proposed intelligent cloud-based load balancing system empowered with fuzzy logic is better than previously published approaches.     

Enhancing Blockchain Security Using Ripple Consensus Algorithm

In the development of technology in various fields like big data analysis, data mining, big data, cloud computing, and blockchain technology, security become more constrained. Blockchain is used in providing security by encrypting the sharing of information. Blockchain is applied in the peer-to-peer (P2P) network and it has a decentralized ledger. Providing security against unauthorized breaches in the distributed network is required. To detect unauthorized breaches, there are numerous techniques were developed and those techniques are inefficient and have poor data integrity. Hence, a novel technique needs to be implemented to tackle the new breaches in the distributed network. This paper, proposed a hybrid technique of two fish with a ripple consensus algorithm (TF-RC). To improve the detection time and security, this paper uses efficient transmission of data in the distributed network. The experimental analysis of TF-RC by using the metric measures of performance in terms of latency, throughput, energy efficiency and it produced better performance.     

Iot based laundry services: an application of big data analytics,intelligent logistics management,and machine learning techniques

The authors propose an innovative Internet of Things (IoT) based E-commerce business model Cloud Laundry for mass scale laundry services. The model utilises big data analytics, intelligent logistics management, and machine learning techniques. Using GPS and real-time update of big data, it calculates the best transportation path and update and re-route the logistic terminals quickly and simultaneously. Cloud laundry intelligently and dynamically provides the best laundry solutions based on the current state spaces of the laundry terminals through the user's specifications and thus offers local hotel customers with convenient, efficient, and transparent laundry services. Taking advantage of the rapid development of the big data industry, user interest modelling, and information security and privacy considerations, cloud laundry uses smartphone terminal control and big data models to maintain customers’ security needs. Different from the traditional laundry industry, cloud laundry companies have higher capital turnover, more liquidity, and stronger profitability. Therefore, this new generation of smart laundry business model could be of interest to not only academic researchers, but E-commerce entrepreneurs as well.     

Building a Trust Model for Secure Data Sharing (TM-SDS) in Edge Computing Using HMAC Techniques

With the rapid growth of Internet of Things (IoT) based models, and the lack amount of data makes cloud computing resources insufficient. Hence, edge computing-based techniques are becoming more popular in present research domains that makes data storage, and processing effective at the network edges. There are several advanced features like parallel processing and data perception are available in edge computing. Still, there are some challenges in providing privacy and data security over networks. To solve the security issues in Edge Computing, Hash-based Message Authentication Code (HMAC) algorithm is used to provide solutions for preserving data from various attacks that happens with the distributed network nature. This paper proposed a Trust Model for Secure Data Sharing (TM-SDS) with HMAC algorithm. Here, data security is ensured with local and global trust levels with the centralized processing of cloud and by conserving resources effectively. Further, the proposed model achieved 84.25% of packet delivery ratio which is better compared to existing models in the resulting phase. The data packets are securely transmitted between entities in the proposed model and results showed that proposed TM-SDS model outperforms the existing models in an efficient manner.     

Blockchain-Based Light-Weighted Provable Data Possession for Low Performance Devices

Provable Data Possession (PDP) schemes have long been proposed to solve problem of how to check the integrity of data stored in cloud service without downloading. However, with the emerging of network consisting of low performance devices such as Internet of Things, we find that there are still two obstacles for applying PDP schemes. The first one is the heavy computation overhead in generating tags for data blocks, which is essential for setting up any PDP scheme. The other one is how to resist collusion attacks from third party auditors with any possible entities participating the auditing. In this paper, we propose a novel blockchain-based light-weighted PDP scheme for low performance devices, with an instance deployed on a cloud server. We design a secure outsourced tag generating method for low performance devices, which enables a kind of “hash-sign-switch” two-phase tag computing. With this method, users with low performance devices can employ third party auditors to compute modular exponential operations that accounts for the largest portion of computation overhead in tag generation, without leaking their data content. Chaincodes in blockchain network ensure the correctness of such outsourcing and prevent collusion attacks. The security analysis and performance evaluation prove that our scheme is both secure and efficient.     

Replication Strategy with Comprehensive Data Center Selection Method inCloud Environments

As the amount of data continues to grow rapidly, the variety of data produced by applications is becoming more affluent than ever. Cloud computing is the best technology evolving today to provide multi-services for the mass and variety of data. The cloud computing features are capable of processing, managing, and storing all sorts of data. Although data is stored in many high-end nodes, either in the same data centers or across many data centers in cloud, performance issues are still inevitable. The cloud replication strategy is one of best solutions to address risk of performance degradation in the cloud environment. The real challenge here is developing the right data replication strategy with minimal data movement that guarantees efficient network usage, low fault tolerance, and minimal replication frequency. The key problem discussed in this research is inefficient network usage discovered during selecting a suitable data center to store replica copies induced by inadequate data center selection criteria. Hence, to mitigate the issue, we proposed Replication Strategy with a comprehensive Data Center Selection Method (RS-DCSM), which can determine the appropriate data center to place replicas by considering three key factors: Popularity, space availability, and centrality. The proposed RS-DCSM was simulated using CloudSim and the results proved that data movement between data centers is significantly reduced by 14% reduction in overall replication frequency and 20% decrement in network usage, which outperformed the current replication strategy, known as Dynamic Popularity aware Replication Strategy (DPRS) algorithm.     

基于云计算和大数据教学实训平台的设计研究

云计算、大数据是当前信息产业和教育领域的热点。云计算的核心技术是基于虚拟化的技术,而大数据的核心基础是基于集群的计算技术。论文围绕云计算与大数据的核心特点,设计实现一套适合教学实训的云计算大数据硬件实验平台。平台采用瘦终端＋集群的硬件解决方案,构建虚拟化平台,以满足普通的教学实验,并构建虚拟化实验环境;在此基础上构建多种集群计算环境,以满足大数据和高性能计算教学实训的要求。本平台融合虚拟化和集群计算的特点,提供统一的解决方案,具有一体化、高密度、多平台、高性价比等特点。     

A Secure Rotation Invariant LBP Feature Computation in Cloud Environment

In the era of big data, outsourcing massive data to a remote cloud server is a promising approach. Outsourcing storage and computation services can reduce storage costs and computational burdens. However, public cloud storage brings about new privacy and security concerns since the cloud servers can be shared by multiple users. Privacy-preserving feature extraction techniques are an effective solution to this issue. Because the Rotation Invariant Local Binary Pattern (RILBP) has been widely used in various image processing fields, we propose a new privacy-preserving outsourcing computation of RILBP over encrypted images in this paper (called PPRILBP). To protect image content, original images are encrypted using block scrambling, pixel circular shift, and pixel diffusion when uploaded to the cloud server. It is proved that RILBP features remain unchanged before and after encryption. Moreover, the server can directly extract RILBP features from encrypted images. Analyses and experiments confirm that the proposed scheme is secure and effective, and outperforms previous secure LBP feature computing methods.     

Intelligent Tunicate Swarm-Optimization-Algorithm-Based Lightweight Security Mechanism in Internet of Health Things

Fog computing in the Internet of Health Things (IoHT) is promising owing to the increasing need for energy- and latency-optimized health sector provisioning. Additionally, clinical data (particularly, medical image data) are a delicate, highly protected resource that should be utilized in an effective and responsible manner to fulfil consumer needs. Herein, we propose an energy-effi- cient fog-based IoHT with a tunicate swarm-optimization-(TSO)-based lightweight Simon cipher to enhance the energy efficiency at the fog layer and the security of data stored at the cloud server. The proposed Simon cipher uses the TSO algorithm to select the optimal keys that will minimize the deterioration of quality between the original and reconstructed (decrypted) images. In this study, the decrypted image quality is preserved by the peak signal-to-noise ratio (PSNR) such that consumers can generate precise medical reports from IoHT devices at the application level. Moreover, a lightweight encryption step is implemented in the fog to improve energy efficiency and reduce additional computations at the cloud server. Experimental results indicate that the TSO-Simon model achieved a high PSNR of 61.37 dB and a pixel change rate of 95.31.     

Hill Matrix and Radix-64 Bit Algorithm to Preserve Data Confidentiality

There are many cloud data security techniques and algorithms available that can be used to detect attacks on cloud data, but these techniques and algorithms cannot be used to protect data from an attacker. Cloud cryptography is the best way to transmit data in a secure and reliable format. Various researchers have developed various mechanisms to transfer data securely, which can convert data from readable to unreadable, but these algorithms are not sufficient to provide complete data security. Each algorithm has some data security issues. If some effective data protection techniques are used, the attacker will not be able to decipher the encrypted data, and even if the attacker tries to tamper with the data, the attacker will not have access to the original data. In this paper, various data security techniques are developed, which can be used to protect the data from attackers completely. First, a customized American Standard Code for Information Interchange (ASCII) table is developed. The value of each Index is defined in a customized ASCII table. When an attacker tries to decrypt the data, the attacker always tries to apply the predefined ASCII table on the Ciphertext, which in a way, can be helpful for the attacker to decrypt the data. After that, a radix 64-bit encryption mechanism is used, with the help of which the number of cipher data is doubled from the original data. When the number of cipher values is double the original data, the attacker tries to decrypt each value. Instead of getting the original data, the attacker gets such data that has no relation to the original data. After that, a Hill Matrix algorithm is created, with the help of which a key is generated that is used in the exact plain text for which it is created, and this Key cannot be used in any other plain text. The boundaries of each Hill text work up to that text. The techniques used in this paper are compared with those used in various papers and discussed that how far the current algorithm is better than all other algorithms. Then, the Kasiski test is used to verify the validity of the proposed algorithm and found that, if the proposed algorithm is used for data encryption, so an attacker cannot break the proposed algorithm security using any technique or algorithm.