Key technologies and implementation methods of endogenous safety and security cloud data center based on mimic architecture by Fan ZHANG, Guangwei XIE, Wei GUO, Hongchao HU, Ruyun ZHANG, Wenyan LIU

“…Cloud data center is the representative of the new generation of information infrastructure, and its security has become the focus of attention in recent years, which is of great significance.Based on the analysis of the current cloud security situation, the security architecture, key technologies, and implementation methods of the cloud data center through the emerging concept of endogenous security were explored, hoping to use the mimic structure to solve the endogenous safety and security problems such as vulnerabilities and backdoors that were difficult to deal with by the existing means.Moreover, the endogenous security architecture of cloud data centers and related key technologies were proposed, with the mode and trend of mimic transformation.In the future, endogenous safety and security cloud data centers will provide practical solutions for the construction of a new generation of information infrastructure, which may accelerate the technology application and promotion of the cloud service model.…”
Get full text

Multidimensional QoS cloud computing resource scheduling method based on stakeholder perspective by Mingfeng SU, Guojun WANG, Renfa LI

“…A multidimensional cloud computing architecture is designed and a multidimensional cloud resource scheduling model is constructed based on the stakeholder perspective of cloud users and cloud service providers to meet the high QoS requirements of cloud users (such as task execution time and task completion time) with low computing costs (such as energy consumption,economic costs and system availability).For the second-level cloud resource scheduling,an MQoS cloud resource scheduling algorithm based on multiple Greedy algorithm is proposed.The experimental results show that under the four cloud computing application scenarios with no aftereffects,the MQoS cloud resource scheduling algorithm has an overall increase of 206.42%~228.99% and 34.26%~56.93 in terms of multidimensional QoS degree compared with FIFO and M2EC algorithms.It has an average overall reduction of 0.48~0.49 and 0.20~0.27 in terms of cloud data center load balance difference.…”
Get full text

5G/B5G oriented intelligent cloud network architecture by Xu ZHOU, Zhuo LI, Yifang QIN

“…The emergence of 5G/B5G technology has greatly improved the key capabilities of mobile networks including bandwidth,latency and connectivity.Faced with the prosperous development of mobile access side capabilities,the existing centralized architecture for internet cloud service was prone to bottlenecks and could not fully exploit the advantage of 5G/B5G.The technology named Network 5.0 was proposed to address the demand for data networks from future typical network applications through a complete set of innovative protocol systems and control management architecture.A new type of intelligent cloud network based on the protocol system of Network 5.0 was proposed,which could bridge the gap between the internet service model and 5G/B5G access capability through the deep integration of cloud network,and promote further the continuous evolution of the network.…”
Get full text

Retrieving and Identifying Remnants of Artefacts on Local Devices Using Sync.com Cloud by Abdulghani Ali Ahmed, Khalid Farhan, Mohd Izuan Hafez Ninggal, Ghadir Alselwi

“…These challenges arise from the diverse array of cloud service providers as each has its distinct rules, guidelines, and requirements. …”
Get full text

Threshold re-encryption based secure deduplication method for cloud data with resistance against side channel attack by Xin TANG, Linna ZHOU, Weijie SHAN, Dan LIU

“…For security and efficiency problems in threshold based deduplication for cloud data,a novel method based on threshold re-encryption was proposed to deal with side channel attacks.A lightweight threshold re-encryption mechanism was presented to transfer the secondary encryption to the cloud for execution and allow clients to generate ciphertext based on key segmentation instead of ciphertext segmentation,both of which largely reduce computational overhead of clients.Also,the proposed mechanism enables clients to decrypt from both one-time encrypted and re-encrypted ciphertext,thus avoiding the overhead of redundant encryption of the same file.Mutual integrity verification between cloud service provider and clients was also supported by the proposed method,which directly ensured the correctness of the correspondence between ciphertext and plaintext on client side.Experiments show that the proposed method not only largely reduces the computational overhead on client side,but also achieves superior storage performance on cloud side simultaneously.…”
Get full text

Geometric Data Perturbation-Based Personal Health Record Transactions in Cloud Computing by S. Balasubramaniam, V. Kavitha

“…However, cloud computing raises concerns on how cloud service providers, user organizations, and governments should handle such information and interactions. …”
Get full text

基于层次分析—模糊评价的云计算安全评估与对策 by Ai-min YANG, Fang GAO, Min-hua BIAN, Shu-lei YANG

“…With the rapid development of information technology,cloud computing has become a hot topic.More and more companies and individuals will be their computing needs and storage needs to be delivered to the cloud,so the security problem of cloud computing can not be ignored.First,the security requirements of the four key technologies,such as multi tenant,node communication,remote storage and virtualization in the cloud computing environment were analyzed,the necessity of the construction of cloud computing security was expounded.Then,according to the security requirements of cloud computing,fuzzy comprehensive evaluation model based on ana-lytic hierarchy process was established,and taking a cloud service platform as an example to evaluate its security,get the security level of the service platform is ＆quot;good＆quot;.Finally,according to the security requirements of cloud computing environment and the results of model evaluation,some suggestions in in virtualization security,applica-tion security and data security was put forward,in order to strengthen the cloud computing security,some direction was provided.…”
Get full text

A Privacy-Preserving Outsourcing Data Storage Scheme with Fragile Digital Watermarking-Based Data Auditing by Xinyue Cao, Zhangjie Fu, Xingming Sun

“…However, outsourcing data to the cloud service providers (CSPs) may leak some sensitive privacy information, as the data is out of user’s control. …”
Get full text

Service mesh technology evaluation and integration scheme based on telecom operator perspective by Liyun YAN, Xinzhang YANG, Zhenwei HE, Yuanzhi LIN, Shaoxin HOU

“…Microservice architecture has evolved along with the changes in enterprise software architecture,from the embedded and integrated micro-service architecture to the non-intrusive and decoupled service mesh.The various of micro-service architectures have sprung up.Choose which microservice architecture to integrate has become an important part of the layout of microservices for the telecom operators.The evaluation and integration of service mesh (non-intrusive architecture) technologies based on the operator’s business characteristics was focused on.In the evaluation,choose the open source,mainstream service mesh technologies and cloud service provider’s microservice solutions were compared and analyzed from multiple dimensions,and the development trend of microservice technology and architecture was obtained.The integration category focused on the integration of Istio technology and Kubernetes which were mainstream technologies in their respective fields,and a heterogeneous microservice framework and development ideas that supported complex scenarios was innovatively proposed.Finally,combined with the differentiated needs of operators’ 5G SBA services,the key research and optimization directions of the operator’s service mesh technology were probed.…”
Get full text

A Correctness Checking Approach for Collaborative Business Processes in the Cloud by Qi Mo, Yuqi Wang, Jixiang Xiang, Tong Li

“…Since business processes corresponding to BPaaS services are usually provided by different cloud service providers, and their interactions are unforeseen in advance, in actual execution, some behavioral anomalies (e.g., deadlocks) may occur. …”
Get full text

Cybersecurity and Liability in a Big Data World by Maria Lillà Montagnani, Mirta Antonella Cavallo

“…We conclude by showing that, despite this articulate framework, big data and cloud service providers still leverage on their strong market power to use “contractual shields” and escape liability. …”
Get full text

V2X offloading and resource allocation under SDN and MEC architecture by Haibo ZHANG, Zixin WANG, Xiaofan HE

“…To address the serious problem of delay and energy consumption increase and service quality degradation caused by complex network status and huge amounts of computing data in the scenario of vehicle-to-everything (V2X),a vehicular network architecture combining mobile edge computing (MEC) and software defined network (SDN) was constructed.MEC sinks cloud serviced to the edge of the wireless network to compensate for the delay fluctuation caused by remote cloud computing.The SDN controller could sense network information from a global perspective,flexibly schedule resources,and control offload traffic.To further reduce the system overhead,a joint task offloading and resource allocation scheme was proposed.By modeling the MEC-based V2X offloading and resource allocation,the optimal offloading decision,communication and computing resource allocation scheme were derived.Considering the NP-hard attribute of the problem,Agglomerative Clustering was used to select the initial offloading node,and Q-learning was used for resource allocation.The offloading decision was modeled as an exact potential game,and the existence of Nash equilibrium was proved by the potential function structure.The simulation results show that,as compared to other mechanisms,the proposed mechanism can effectively reduce the system overhead.…”
Get full text

Cloud data secure deduplication scheme via role-based symmetric encryption by Jinbo XIONG, Yuanyuan ZHANG, Youliang TIAN, Zuobin YING, Qi LI, Rong MA

“…The rapid development of cloud computing and big data technology brings prople to enter the era of big data,more and more enterprises and individuals outsource their data to the cloud service providers.The explosive growth of data and data replicas as well as the increasing management overhead bring a big challenge to the cloud storage space.Meanwhile,some serious issues such as the privacy disclosure,authorized access,secure deduplication,rekeying and permission revocation should also be taken into account.In order to address these problems,a role-based symmetric encryption algorithm was proposed,which established a mapping relation between roles and role keys.Moreover,a secure deduplication scheme was proposed via role-based symmetric encryption to achieve both the privacy protection and the authorized deduplication under the hierarchical architecture in the cloud computing environment.Furthermore,in the proposed scheme,the group key agreement protocol was utilized to achieve rekeying and permission revocation.Finally,the security analysis shows that the proposed role-based symmetric encryption algorithm is provably secure under the standard model,and the deduplication scheme can meet the security requirements.The performance analysis and experimental results indicate that the proposed scheme is effective and efficient.…”
Get full text

Attribute-based encryption scheme supporting attribute revocation in cloud storage environment by Lei SUN, Zhiyuan ZHAO, Jianhua WANG, Zhiqiang ZHU

“…Attribute-based encryption (ABE) scheme is widely used in the cloud storage due to its fine-grained access control.Each attribute in ABE may be shared by multiple users at the same time.Therefore,how to achieve attribute-level user revocation is currently facing an important challenge.Through research,it has been found that some attribute-level user revocation schemes currently can’t resist the collusion attack between the revoked user and the existing user.To solve this problem,an attribute-based encryption scheme that supported the immediate attribute revocation was proposed.The scheme could achieve attribute-level user revocation and could effectively resist collusion attacks between the revoked users and the existing users.At the same time,this scheme outsourced complex decryption calculations to cloud service providers with powerful computing ability,which reduced the computational burden of the data user.The scheme was proved secure based on computational Diffie-Hellman assumption in the standard model.Finally,the functionality and efficiency of the proposed scheme were analyzed and verified.The experimental results show that the proposed scheme can safely implement attribute-level user revocation and has the ability to quickly decrypt,which greatly improves the system efficiency.…”
Get full text

Crypto Deep Ring Topology Firewall in Sensitive Data Transmission and Retrieval in Cloud by Vikas K. Soman, V. Natarajan

“…Moreover, during the cloud data retrieval, the data interoperability issue arises due to the improper cloud service level agreement, which is solved using an application programing interface firewall fetch intrusion prevention system used in the secure transmission technique in which the data are entered into the transport and session layer of the firewall and then into the intrusion detection and prevention system thus sieving of data is carried out to solve the amenability violation of the cloud network and eliminate data interoperability issue. …”
Get full text

Scheme on user identity attribute preserving based on ring signcryption for cloud computing by Shuan-bao LI, Jian-ming FU, Huan-guo ZHANG, Jing CHEN, Jing WANG, Bi-jun REN

“…Identity attribute leak as the most severe security threat of cloud computing,in order to solve this problem,a protection scheme of identity attributes based on ring signcryption was proposed.Focused on digital identity management in cloud service,which discusses user key parting management with decentralization.Users can choose some seeds for generation and storage of key,then integrated user key cannot be acquired by registrar,based on this payload on certifica-tion management is reduced.In addition,access-centric blindness ring signcryption verification for identity attribute is designed,which constitutes ring of users and CSP,combined with own attribute users can accomplish ring-oriented sub-linear blindness signcryption and non-interactive public ciphertext verifiability for messages so that integrity and confidentiality of identity attribute can be protected avoiding identity attribute leakage in collusion of multi-CSP.At last,strong blindness and unforgeability of ciphertext and attribute is proved in proposed model,three private key components can be generated by users and identity forgeability of ring member can be prevented successfully on the condition of DBDH difficult assumption and adaptive chosen-ciphertex tattacking.Effectiveness of proposed mechanism is verified via performance evaluation of blindness ring signcryption algorithm based on comprehensive payload in identity attribute protection,and optimization is confirmed compared with similar algorithms.…”
Get full text

Collaborative Sleep Electroencephalogram Data Analysis Based on Improved Empirical Mode Decomposition and Clustering Algorithm by Xiangwei Zheng, Xiaochun Yin, Xuexiao Shao, Yalin Li, Xiaomei Yu

Get full text

Data Verification of Logical Pk-Anonymization with Big Data Application and Key Generation in Cloud Computing by Sindhe Phani Kumar, R. Anandan

“…More secure than K-Anonymization, Pk-Anonymization is the area’s first randomization method. A cloud service provider (CSP) is an independent company that provides a cloud-based network and computing resources. …”
Get full text

Personal data privacy protection method based onvertical partitioning by RUAN Huafeng, LI Rui, LUO Kailun

“…However, current vertical partitioning strategies assumed that there was no collusion among the CSPs (Cloud Service Providers) involved in data storage. This study explored how to protect user data privacy when collusion might exist between CSP. …”
Get full text

Automatic Algorithm for Fractal Plant Art Image Similarity Feature Generation by Zhizhe Liu, Luo Sun

“…For data owners, outsourcing the management and maintenance of image data to cloud service providers can effectively reduce costs, but there is a privacy leakage problem. …”
Get full text