• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제15권8호
• /
• pp.2849-2864
• /
• 2021

The emerging of cloud data sharing can create great values, especially in multi-cloud environments. However, "data island" between different cloud service providers (CSPs) has drawn trust problem in data sharing, causing contradictions with the increasing sharing need of cloud data users. And how to ensure the data value for both data owner and data user before sharing, is another challenge limiting massive data sharing in the multi-cloud environments. To solve the problems above, we propose a Uniform Encoding and Parsing Framework (UEPF) with blockchain to support trustworthy and valuable data sharing. We design namespace-based unique identifier pair to support data description corresponding with data in multi-cloud, and build a blockchain-based data encoding protocol to manage the metadata with identifier pair in the blockchain ledger. To share data in multi-cloud, we build a data parsing protocol with smart contract to query and get the sharing cloud data efficiently. We also build identifier updating protocol to satisfy the dynamicity of data, and data check protocol to ensure the validity of data. Theoretical analysis and experiment results show that UEPF is pretty efficient.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제14권3호
• /
• pp.1014-1025
• /
• 2020

Cloud computing services changed the way the data are managed across the healthcare system that can improve patient care. Currently, most healthcare organizations are using cloud-based applications and related services to deliver better healthcare facilities. But architecting a cloud-based healthcare system needs deep knowledge about the working nature of these services and the requirements of the healthcare environment. The success is based on the usage of appropriate cloud services in the architecture to manage the data flow across the healthcare system.Cloud service providers offer a wide variety of services to ingest, store and process healthcare data securely. The top three public cloud providers- Amazon, Google, and Microsoft offers advanced cloud services for the solution that the healthcare industry is looking for. This article proposes a framework that can effectively utilize cloud services to handle the data flow among the various stages of the healthcare infrastructure. The useful cloud services for ingesting, storing and analyzing the healthcare data for the proposed framework, from the top three cloud providers are listed in this work. Finally, a cloud-based healthcare architecture using Amazon Cloud Services is constructed for reference.

• International Journal of Computer Science & Network Security
• /
• 제23권2호
• /
• pp.89-95
• /
• 2023

Cloud computing today provides huge computational resources, storage capacity, and many kinds of data services. Data sharing in the cloud is the practice of exchanging files between various users via cloud technology. The main difficulty with file sharing in the public cloud is maintaining privacy and integrity through data encryption. To address this issue, this paper proposes an Enhanced RSA encryption schema (ERSA) for data sharing in the public cloud that protects privacy and strengthens data integrity. The data owners store their files in the cloud after encrypting the data using the ERSA which combines the RSA algorithm, XOR operation, and SHA-512. This approach can preserve the confidentiality and integrity of a file in any cloud system while data owners are authorized with their unique identities for data access. Furthermore, analysis and experimental results are presented to verify the efficiency and security of the proposed schema.

• Journal of Information Processing Systems
• /
• 제17권2호
• /
• pp.284-296
• /
• 2021

The cloud has already become the core infrastructure of information systems, and government institutions are rapidly migrating information systems to the cloud. Government institutions in several countries use private clouds in their closed networks. However, because of the advantages of public clouds over private clouds, the demand for public clouds is increasing, and government institutions are expected to gradually switch to public clouds. When all data from government institutions are managed in the public cloud, the biggest concern for government institutions is the leakage of confidential data. The public-private-partnership (PPP) cloud provides a solution to this problem. PPP cloud is a form participation in a public cloud infrastructure and the building of a closed network data center. The PPP cloud prevents confidential data leakage and leverages the benefits of the public cloud to build a cloud quickly and easily maintain the cloud. In this paper, based on the case of the PPP cloud applied to the Korean government, the concept, architecture, operation model, and contract method of the PPP cloud are presented.

• 한국정보처리학회:학술대회논문집
• /
• 한국정보처리학회 2011년도 춘계학술발표대회
• /
• pp.871-874
• /
• 2011

The fast emerging of network technology and the high demand of computing resources have prompted many organizations to outsource their storage and computing needs. Cloud based storage services such as Microsoft's Azure and Amazon's S3 allow customers to store and retrieve any amount of data, at anytime from anywhere via internet. The scalable and dynamic of the cloud storage services help their customer to reduce IT administration and maintenance costs. No doubt, cloud based storage services brought a lot of benefits to its customer by significantly reducing cost through optimization increased operating and economic efficiencies. However without appropriate security and privacy solution in place, it could become major issues to the organization. As data get produced, transferred and stored at off premise and multi tenant cloud based storage, it becomes vulnerable to unauthorized disclosure and unauthorized modification. An attacker able to change or modify data while data inflight or when data is stored on disk, so it is very important to secure data during its entire life-cycle. The traditional cryptography primitives for the purpose of data security protection cannot be directly adopted due to user's lose control of data under off premises cloud server. Secondly cloud based storage is not just a third party data warehouse, the data stored in cloud are frequently update by the users and lastly cloud computing is running in a simultaneous, cooperated and distributed manner. In our proposed mechanism we protect the integrity, authentication and confidentiality of cloud based data with the encrypt- then-upload concept. We modified and applied proxy re-encryption protocol in our proposed scheme. The whole process does not reveal the clear data to any third party including the cloud provider at any stage, this helps to make sure only the authorized user who own corresponding token able to access the data as well as preventing data from being shared without any permission from data owner. Besides, preventing the cloud storage providers from unauthorized access and making illegal authorization to access the data, our scheme also protect the data integrity by using hash function.

• 한국멀티미디어학회논문지
• /
• 제18권8호
• /
• pp.915-924
• /
• 2015

With growing popularity of cloud computing services, users can more easily manage massive amount of data by outsourcing them to the cloud, or more efficiently analyse large amount of data by leveraging IT infrastructure provided by the cloud. This, however, brings the security concerns of sensitive data. To provide data security, it is essential to encrypt sensitive data before uploading it to cloud computing services. Although data encryption helps provide data security, it negatively affects the performance of massive data analytics because it forbids the use of index and mathematical operation on encrypted data. Thus, in this paper, we propose a novel algorithm which enables to efficiently process a large amount of encrypted data. In particular, we propose a novel top-k processing algorithm on the massive amount of encrypted data in the cloud computing environments, and verify the performance of the proposed approach with real data experiments.

• International Journal of Computer Science & Network Security
• /
• 제22권2호
• /
• pp.290-296
• /
• 2022

Big Data is a data analysis technology empowered by late advances in innovations and engineering. In any case, big data involves a colossal responsibility of equipment and handling assets, making reception expenses of big data innovation restrictive to little and medium estimated organizations. Cloud computing offers the guarantee of big data execution to little and medium measured organizations. Big Data preparing is performed through a programming worldview known as MapReduce. Normally, execution of the MapReduce worldview requires organized joined stockpiling and equal preparing. The computing needs of MapReduce writing computer programs are frequently past what little and medium measured business can submit. Cloud computing is on-request network admittance to computing assets, given by an external element. Normal arrangement models for cloud computing incorporate platform as a service (PaaS), software as a service (SaaS), framework as a service (IaaS), and equipment as a service (HaaS).

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권7호
• /
• pp.3319-3338
• /
• 2016

Cloud storage is becoming more and more popular because of its elasticity and pay-as-you-go storage service manner. In some cloud storage scenarios, the data that are stored in the cloud may be shared by a group of users. To verify the integrity of cloud data in this kind of applications, many auditing schemes for shared cloud data have been proposed. However, all of these schemes do not consider the access authorization problem for users, which makes the revoked users still able to access the shared cloud data belonging to the group. In order to deal with this problem, we propose a novel public auditing scheme for shared cloud data in this paper. Different from previous work, in our scheme, the user in a group cannot any longer access the shared cloud data belonging to this group once this user is revoked. In addition, we propose a new random masking technique to make our scheme preserve both data privacy and identity privacy. Furthermore, our scheme supports to enroll a new user in a group and revoke an old user from a group. We analyze the security of the proposed scheme and justify its performance by concrete implementations.

• 한국정보통신학회논문지
• /
• 제17권5호
• /
• pp.1129-1137
• /
• 2013

클라우드 서비스 공급자가 제공하는 클라우드 스토리지 시스템은 대량의 데이터 저장 및 클라우드 컴퓨팅 처리의 핵심구성요소이다. 구글, 유투브, 페이스북 등과 같은 대형 벤더에서도 클라우드 스토리지를 사용하여 태블릿, 스마트폰 등 이기종 장치에서 사진, 동영상, 문서등을 공유하며, 쉽고 빠르게 네트워크를 통해 데이터의 대량 전송과 접근이 가능하다. 이로 인해 전세계적으로 데이터 성장 발전과 함께 클라우드 스토리지가 비지니스모델로 새롭게 부각받고 있다. 클라우드 스토리지는 네트워크 스토리지의 새로운 서비스 개념이며 데이터 구성, 스토리지 가상화, 데이터 복제와 중복제거, 보안 등을 포함한 클라우드 컴퓨팅 핵심기술이다. 본 논문에서는 클라우드 스토리지에 대해 분석한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권10호
• /
• pp.5153-5170
• /
• 2016

The benefit of the scalability and flexibility inherent in cloud computing motivates clients to upload data and computation to public cloud servers. Because data is placed on public clouds, which are very likely to reside outside of the trusted domain of clients, this strategy introduces concerns regarding the security of sensitive client data. Thus, to provide sufficient security for the data stored in the cloud, it is essential to encrypt sensitive data before the data are uploaded onto cloud servers. Although data encryption is considered the most effective solution for protecting sensitive data from unauthorized users, it imposes a significant amount of overhead during the query processing phase, due to the limitations of directly executing operations against encrypted data. Recently, substantial research work that addresses the execution of SQL queries against encrypted data has been conducted. However, there has been little research on top-k join query processing over encrypted data within the cloud computing environments. In this paper, we develop an efficient algorithm that processes a top-k join query against encrypted cloud data. The proposed top-k join processing algorithm is, at an early phase, able to prune unpromising data sets which are guaranteed not to produce top-k highest scores. The experiment results show that the proposed approach provides significant performance gains over the naive solution.