Encryption Audits, 2014

	Encryption Audits 2014

Encryption audits not only test the validity and effectiveness of protection schemes, they also potentially provide data for developing and improving metrics about data security. The works cited here were presented in 2014.

Lopez, J.M.; Ruebsamen, T.; Westhoff, D., “Privacy-Friendly Coud Audits with Somewhat Homomorphic and Searchable Encryption,” Innovations for Community Services (I4CS), 2014 14th International Conference on, vol., no., pp. 95, 103, 4-6 June 2014. doi:10.1109/I4CS.2014.6860559
Abstract: In this paper, we provide privacy enhancements for a software agent-based audit system for clouds. We also propose a general privacy enhancing cloud audit concept which, we do present based on a recently proposed framework. This framework introduces the use of audit agents for collecting digital evidence from different sources in cloud environments. Obviously, the elicitation and storage of such evidence leads to new privacy concerns of cloud customers, since it may reveal sensitive information about the utilization of cloud services. We remedy this by applying Somewhat Homomorphic Encryption (SHE) and Public-Key Searchable Encryption (PEKS) to the collection of digital evidence. By considering prominent audit event use cases we show that the amount of cleartext information provided to an evidence storing entity and subsequently to a third-party auditor can be shaped in a good balance taking into account both, i) the customers' privacy and ii) the fact that stored information may need to have probative value. We believe that the administrative domain responsible for an evidence storing database falls under the adversary model “honest-but-curious“ and thus should perform query responses from the auditor with respect to a given cloud audit use case by purely performing operations on encrypted digital evidence data.
Keywords: cloud computing; public key cryptography; software agents; PEKS; SHE; cloud services; privacy-friendly cloud audits; public-key searchable encryption; searchable encryption; software agent-based audit system; somewhat homomorphic encryption; third-party auditor; Encryption; IP networks; Monitoring; Privacy; Public key; Audit; Cloud Computing; Computing on Encrypted Data; Evidence; Searchable Encryption; Somewhat Homomorphic Encryption (ID#: 15-6005)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6860559&isnumber=6860533

Kun-Lin Tsai; Jiu-Soon Tan; Fang-Yie Leu; Yi-Li Huang, “A Group File Encryption Method Using Dynamic System Environment Key,” Network-Based Information Systems (NBiS), 2014 17th International Conference on, vol., no., pp. 476, 483, 10-12 Sept. 2014. doi:10.1109/NBiS.2014.22
Abstract: File encryption is an effective way for an enterprise to prevent its data from being lost. However, the data may still be deliberately or inadvertently leaked out by the insiders or customers. When the sensitive data are leaked, it often results in huge monetary damages and credit loss. In this paper, we propose a novel group file encryption/decryption method, named the Group File Encryption Method using Dynamic System Environment Key (GEMS for short), which provides users with auto crypt, authentication, authorization, and auditing security schemes by utilizing a group key and a system environment key. In the GEMS, the important parameters are hidden and stored in different devices to avoid them from being cracked easily. Besides, it can resist known-key and eavesdropping attacks to achieve a very high security level, which is practically useful in securing an enterprise's and a government's private data.
Keywords: authorisation; business data processing; cryptography; file organisation; message authentication; GEMS; auditing security scheme; authentication; authorization; autocrypt; decryption method; dynamic system environment key; eavesdropping attack; group file encryption; security level; Authentication; Cloud computing; Computers; Encryption; Servers; DRM; group file encryption; security; system environment key (ID#: 15-6006)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7023997&isnumber=7023898

Sumalatha, M.R.; Hemalathaa, S.; Monika, R.; Ahila, C., “Towards Secure Audit Services for Outsourced Data in Cloud,” Recent Trends in Information Technology (ICRTIT), 2014 International Conference on, vol., no., pp. 1, 6, 10-12 April 2014. doi:10.1109/ICRTIT.2014.6996214
Abstract: The rapid growth in the field of Cloud Computing introduces a myriad of security hazards to the information and data. Data outsourcing relieves the responsibility of local data storage and maintenance, but introduces security implications. A third party service provider, stores and maintains data, application or infrastructure of cloud user. Auditing methods and infrastructures in cloud play an important character in cloud security strategies. As data and applications deployed in the cloud are more delicate, the requirement for auditing systems to provide rapid analysis and quick responses becomes inevitable. In this work we provide a privacy-preserving data integrity protection mechanism by allowing public auditing for cloud storage with the assistance of the data owner's identity. This guarantees the auditing can be done by the third party without fetching the entire data from the cloud. A data protection scheme is also outlined, by providing a method to allow for data to be encrypted in the cloud without loss of accessibility or functionality for the authorized users.
Keywords: auditing; authorisation; cloud computing; cryptography; data protection; outsourcing; storage management; auditing methods; auditing systems requirement; authorized users; cloud security strategies; cloud storage; data encryption; data maintenance; data outsourcing; data owner identity; local data storage; privacy-preserving data integrity protection; public auditing; secure audit services; security hazards; security implications; third party service provider; Authentication; Cloud computing; Encryption; Information technology; Public key; Audit service; Cloud storage; Identity; Integrity; Privacy (ID#: 15-6007)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6996214&isnumber=6996087

Bei Pei; Changsong Chen; Changsheng Wan, “A XOR Based Public Auditing Scheme for Proof-of-Storage,” Broadband and Wireless Computing, Communication and Applications (BWCCA), 2014 Ninth International Conference on, vol., no., pp. 558, 565, 8-10 Nov. 2014. doi:10.1109/BWCCA.2014.140
Abstract: Public auditing has vital significance in cloud computing. However, current public auditing schemes are bilinear map based, and they are costly. This paper brings out an XOR based public auditing scheme, which is much more efficient than current bilinear map based schemes.
Keywords: auditing; cloud computing; security of data; XOR-based public auditing scheme; bilinear map; proof-of-storage; Authentication; Cloud computing; Encryption; Materials; Protocols; Servers; XOR; Publicly Auditable; Proof-of-storage (ID#: 15-6008)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7016135&isnumber=7015998

Rewadkar, D.N.; Ghatage, S.Y., “Cloud Storage System Enabling Secure Privacy Preserving Third Party Audit,” Control, Instrumentation, Communication and Computational Technologies (ICCICCT), 2014 International Conference on, vol., no., pp. 695, 699, 10-11 July 2014. doi:10.1109/ICCICCT.2014.6993049
Abstract: Cloud computing is a revolutionary new approach to how computing services are produced and consumed. It is an abstraction of the concept of pooling resources and presenting them as virtual resources. Using cloud computing resources, data, computations, and services can be shared over scalable network of nodes; these nodes may represent the datacenters, end user computers and web services. On the same note cloud storage refers to storing the data on a remote storage located at other organization's infrastructure. The data storage is maintained and managed by the organization; the user will pay for the storage space which is used. Outsourcing data ultimately relinquishes the control of data from user and the fate of data is in control of the cloud server. As the data is stored on cloud server, the storage correctness of data is put on risk. The cloud server is managed by cloud service provider which is a different administrative entity, so ensuring the data integrity is of prime importance. This article studies the problems of ensuring data storage correctness and proposes an efficient and secure method to address these issues. A third party auditor is introduced securely, who will on behalf of users request will periodically verify the data integrity of the data stored on cloud server. There will not be any online burden on user and security of data will be maintained as the data will not be shared directly with the third party auditor. A homomorphic encryption scheme is used to encrypt the data which will be shared with the TPA. The results can be further extended to enable the third party auditor to do multiple auditing.
Keywords: cloud computing; cryptography; data integrity; data privacy; storage management;  cloud server; cloud storage system; data storage correctness; homomorphic encryption scheme; pooling resources; secure privacy preserving TPA; secure privacy preserving third party auditor; security of data; virtual resources; Cloud computing; Encryption; Privacy; Secure storage; Servers; Cloud Storage; Data integrity; ElGamal; Homomorphic encryption; Third Party Auditing (ID#: 15-6009)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6993049&isnumber=6992918

Cindhamani, J.; Punya, N.; Ealaruvi, R.; Dhinesh Babu, L.D., “An Enhanced Data Security and Trust Management Enabled Framework for Cloud Computing Systems,” Computing, Communication and Networking Technologies (ICCCNT), 2014 International Conference on, vol., no., pp. 1, 5, 11-13 July 2014. doi:10.1109/ICCCNT.2014.6963097
Abstract: Cloud computing is an emerging and advanced technology in IT enterprise which provides services on demand. Cloud computing includes many advantages such as flexibility, improved performance and low cost. Besides its advantages, cloud has many security issues and challenges. In this paper, we propose an enhanced frame work for data security in cloud which follows the security polices such as integrity, confidentiality and availability. The data is stored in cloud by using 128 bit encryption and RSA algorithm, then we use the trust management i.e., Trusted Party Auditor (TPA) which audits the data instead of client. Thus, we show how efficiently the data can be secured related to performance analysis.
Keywords: cloud computing; data integrity; public key cryptography; trusted computing; 128 bit encryption; RSA algorithm; TPA; cloud computing systems; data availability; data confidentiality; enhanced data security; security polices; trust management enabled framework; trusted party auditor; Algorithm design and analysis; Authentication; Cloud computing; Encryption;128 bit encryption; RSA algorithm; TPA (ID#: 15-6010)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6963097&isnumber=6962988

Garkoti, G.; Peddoju, S.K.; Balasubramanian, R., “Detection of Insider Attacks in Cloud Based e-Healthcare Environment,” Information Technology (ICIT), 2014 International Conference on, vol., no., pp. 195, 200, 22-24 Dec. 2014. doi:10.1109/ICIT.2014.43
Abstract: In recent years, Cloud computing has been receiving great attention from various business and research organizations as it promises to provide large storage facilities and highly managed remote services. Due to its characteristics like on-demand self service, rapid elasticity, ubiquitous network access and resource pooling, it shows high potential for providing e-Healthcare solutions. It can offer various financial and functional benefits to e-Healthcare which includes providing storage flexibility for the rapidly growing healthcare data, reduced cost, better accessibility, improved quality of care and enhancement in medical research. However at the same time, it faces many technical challenges like privacy, reliability, security etc. In the Cloud based ehealthcare environment where the patient's data is transferred between entities, maintaining the security of data becomes a priority. Cryptographic techniques can only provide a secure channel of communication but it fails to provide security at end points. Security attacks may be accomplished by the malicious insider at the end points. A malicious insider may modify the patient's data resulting in a false examination. The paper provides a detective approach for such attacks in the healthcare organizations. Our work is focused with the detection of insider attacks for preventing false examination of patient's health records and assuring the accountability of data usage. Watermarking can be used for detection of modification by an insider attack but does not provide accountability of data usage. Hence our approach combines the functionalities of cryptographic techniques and watermarking together with an accountability framework for providing transparency of patient's data usage.
Keywords: cloud computing; cryptography; electronic health records; health care; watermarking; cloud based e-healthcare environment; cryptographic techniques; data usage accountability; malicious insider attack detection; medical research; on-demand self service; patient health records; remote services; research organizations; resource pooling; secure communication channel; ubiquitous network access; Cloud computing; Medical diagnostic imaging; Medical services; Organizations; Watermarking; Cloud; audit; encryption; medical images; security (ID#: 15-6011)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7033321&isnumber=7033273

Sarralde, Javier Lopez; Yarza, Jose Miguel, “Cyber Security Applied to P&C IEDs,” T&D Conference and Exposition, 2014 IEEE PES, vol., no., pp. 1, 5, 14-17 April 2014. doi:10.1109/TDC.2014.6863537
Abstract: This paper highlights basic cyber security features that Protection and Control Intelligent Electronic Devices (P&C IEDs) should implement considering the current cyber security standardization efforts. Although it can be said that all functional aspects regarding the securization of IEDs are covered by these standards, there are still some gaps or lack of definition. Currently, it's difficult to install IEDs from different manufacturers within the same cyber security system. This paper emphasizes those aspects requiring additional definition and implementation of interoperability.
Keywords: Audit Trail; Authentication; Authorization; Centralized; Cyber Security; Encryption; IEC 62351; IEEE 1686; NERC CIP; P&C IED
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6863537&isnumber=6863147

Miyoung Jang; Min Yoon; Deulnyeok Youn; Jae Woo Chang, “Clustering-Based Query Result Authentication for Encrypted Databases in Cloud,” High Performance Computing and Communications, 2014 IEEE 6th Intl Symp on Cyberspace Safety and Security, 2014 IEEE 11th Intl Conf on Embedded Software and Syst (HPCC, CSS, ICESS), 2014 IEEE Intl Conf on, vol., no., pp. 1076, 1082, 20-22 Aug. 2014. doi:10.1109/HPCC.2014.181
Abstract: Due to advancement in cloud computing technology, the research on the outsourced database has been spotlighted. Consequently, it is becoming more important to guarantee the correctness and completeness of query result in this environment. The existing data encryption schemes do not consider data distribution when encrypting original data. And existing query result integrity methods have limitation of verification object transmission overheads. To resolve these problems, we propose a clustering-based data transformation technique and a privacy-aware query authentication index. Our clustering-based data transformation scheme is designed to select anchors based on data distribution. For the integrity of query results, our query result authentication index stores an encrypted signature for each anchor and compares the anchor signature with the verification data from the data owner. Through performance evaluation, we show that our method outperforms the existing method up to 15 times in terms of query processing time and verification.
Keywords: cloud computing; cryptography; digital signatures; pattern clustering; query processing; anchor signature; cloud computing technology; clustering-based data transformation technique; clustering-based query result authentication; data distribution; data encryption schemes; encrypted databases; encrypted signature; query processing time; query result authentication index; verification data; verification object transmission overheads; Authentication; Data structures; Encryption; Indexes; Query processing; Database outsourcing; database transformation technique; hash-based signature index; query result integrity auditing method (ID#: 15-6012)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7056877&isnumber=7056577

Durga Priya, G.; Prathibha, S., “Assuring Correctness for Securing Outsourced Data Repository in Cloud Environment,” Advanced Communication Control and Computing Technologies (ICACCCT), 2014 International Conference on, vol., no., pp. 1745, 1748, 8-10 May 2014. doi:10.1109/ICACCCT.2014.7019407
Abstract: The data storage in the cloud environment offers users with infrastructure affability, quicker deployment of applications and data, cost effective, acclimation of cloud resources to real needs, enhanced productivity, etc. Inspite of these beneficial factors, there are several disadvantages to the widespread adoption of cloud computing remain. Among them, surity towards the exactness of the outsourced data and matter of concealment takes the major part. In order to avoid a security hazard for the outsourced data, we propose the dynamic audit services that enable integrity verification of data. An Interactive Proof System (IPS) is introduced to protect the privacy of the data. The DataOwner stores the large number of data in the cloud after encrypting the data for auditing purpose. An Authorized Application (AA), manipulates the outsourced data and the AA helps the cloud users to access the services. Our system provides secure auditing while the data owner, outsourcing the data in the cloud. And after performing auditing operations, security solutions are enhanced for the purpose of detecting malicious users with the help of Certificate Authority, using the hash values and a TimeStamp.
Keywords: authorisation; cloud computing; data integrity; data privacy; DataOwner; IPS; TimeStamp; authorized application; certificate authority; cloud computing environment; data encryption; data integrity verification; data storage; dynamic audit services; hash values; interactive proof system; outsourced data repository security; Cryptography; Data privacy; Audit service; Certificate Authority; Data security; Dynamic operations; Hash Verification; Time stamp (ID#: 15-6013)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7019407&isnumber=7019129

Miao Yingkai; Chen Jia, “A Kind of Identity Authentication under Cloud Computing Environment,” Intelligent Computation Technology and Automation (ICICTA), 2014 7th International Conference on, vol., no., pp. 12, 15, 25-26 Oct. 2014. doi:10.1109/ICICTA.2014.10
Abstract: An identity authentication scheme is proposed combining with biometric encryption, public key cryptography of homomorphism and predicate encryption technology under the cloud computing environment. Identity authentication scheme is proposed based on the voice and homomorphism technology. The scheme is divided into four stages, register and training template stage, voice login and authentication stage, authorization stage, and audit stage. The results prove the scheme has certain advantages in four aspects.
Keywords: authorisation; cloud computing; public key cryptography; audit stage; authorization stage; biometric encryption; cloud computing environment; encryption technology; homomorphism technology; identity authentication scheme; public key cryptography; register and training template stage; voice login and authentication stage; voice technology; Authentication; Cloud computing; Encryption; Servers; Spectrogram; Training; homomorphism; identity authentication (ID#: 15-6014)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7003473&isnumber=7003462

Yen-Hung Kuo; Tzu-Wei Yeh; Guang-Yan Zheng; Jyun-Kai Wu; Chao-Chin Yang; Jia-Ming Lin, “Open Stack Secure Enterprise File Sync and Share Turnkey Solution,” Cloud Computing Technology and Science (CloudCom), 2014 IEEE 6th International Conference on, vol., no., pp. 1015, 1020, 15-18 Dec. 2014. doi:10.1109/CloudCom.2014.17
Abstract: The Enterprise File Sync and Share (EFSS) is one of the most important services to provide enterprises' employees with cloud file sync, share, and collaboration services. To take enterprises' concerns into account, such as security, privacy, compliance, and regulation, the existing EFSS solutions are either using private (on-premise) or hybrid cloud service model to provide their services. They usually emphasize that files stored in the solutions are encrypted on transfer and at rest and events occurred in the service are logged as the audit trail. However, support of data encryption and audit trail are not capable of protecting enterprise sensitive data from not well addressed security issues of the EFSS service. The security issues, including employee privacy protection, management of share links and synchronized cloud files, and the secure enterprise directory integration, are pointed out in this article. To address these issues, this work proposes and develops a scalable Secure EFSS service which can be deployed on the on-premise Open Stack cloud infrastructure to securely provide employees with EFSS service. Designs of an integrated security approach are introduced in this article, including data and metadata isolations, Distinct Share Link utility, encryption key management for personal and shared files, sandbox-based cloud file synchronization, and out-of-band authentication method.
Keywords: cloud computing; security of data; data encryption; employee privacy protection; encryption key management; integrated security approach; open stack secure enterprise file sync and share turnkey Solution; out-of-band authentication method; sandbox-based cloud file synchronization; scalable secure EFSS service; secure enterprise directory integration; security issues; share link utility; share links; synchronized cloud files; Authentication; Databases; Encryption; File systems; Synchronization; Open Stack; enterprise file sync and share; security (ID#: 15-6015)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7037799&isnumber=7036227

Jin Li; Xiaofeng Chen; Xhafa, F.; Barolli, L., “Secure Deduplication Storage Systems with Keyword Search,” Advanced Information Networking and Applications (AINA), 2014 IEEE 28th International Conference on, vol., no., pp. 971, 977, 13-16 May 2014. doi:10.1109/AINA.2014.118
Abstract: Data deduplication is an attractive technology to reduce storage space and upload bandwidth for increasing vast amount of duplicated and redundant data. In a cloud storage system with data deduplication, duplicate copies of data will be eliminated and only one copy will be kept in the storage. To protect the confidentiality of sensitive data while supporting deduplication, the convergent encryption technique has been proposed to encrypt the data before outsourcing. However, the issue of keyword search over encrypted data in deduplication storage system has to be addressed for efficient data utilization. This paper firstly proposes two constructions which support secure keyword search in this scenario. In these constructions, the integrity of the data can be realized by just checking the convergent key, without other traditional integrity auditing mechanisms. Security analysis demonstrates that our keyword search schemes are secure in terms of the definitions specified in the proposed security model.
Keywords: cloud computing; cryptography; data compression; data integrity; secure storage; cloud storage system; convergent key; data deduplication; data utilization; encryption technique; integrity auditing mechanisms; secure deduplication storage systems; secure keyword search; security analysis; storage space; Cloud computing; Encryption; Indexes; Keyword search; Servers; Deduplication; distributed storage system; reliability; secret sharing (ID#: 15-6016)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6838769&isnumber=6838626

Rathanam, G.J.; Sumalatha, M.R., “Dynamic Secure Storage System in Cloud Services,” Recent Trends in Information Technology (ICRTIT), 2014 International Conference on, vol., no., pp. 1, 5, 10-12 April 2014. doi:10.1109/ICRTIT.2014.6996175
Abstract: Nowadays storage systems are now exposed to wide numbers of threat while handling the information in cloud service. Therefore we design a secured storage system for ensuring security and dynamic operation in the environment. The data is stored in the server using dynamic data operation with partitioning method. Improved Adaptive Huffman Technique and Improved RSA Double Encryption Technique also used which enables the user to access process in a secure manner and efficient way. The system does a verification to prevent the loss of data and ensures security with storage integrity method. An efficient distributed storage auditing mechanism is implemented to overcome the limitations in handling the data loss. Security in this service enforces error localization and easy detection of misbehaving server. In nature the data are dynamic in cloud service; hence this process aims to store the data with reduced computational cost, space and time consumption.
Keywords: cloud computing; public key cryptography; storage management; RSA double encryption technique; adaptive Huffman technique; cloud services; distributed storage auditing mechanism; dynamic data operation; dynamic secure storage system; partitioning method; storage integrity method; Cloud computing; Encryption; Secure storage; Servers; Spread spectrum communication; Vegetation; Data Security; Data Storage; Huffman Technique; Partitioning; RSA Technique; Ternary Tree (ID#: 15-6017)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6996175&isnumber=6996087

Balamurugan, B.; Venkata Krishna, P.; Rajya, L.G.V.; Saravana Kumar, N., “Layered Storage Architecture for Health System Using Cloud,” Advanced Communication Control and Computing Technologies (ICACCCT), 2014 International Conference on, vol., no., pp. 1795, 1800, 8-10 May 2014. doi:10.1109/ICACCCT.2014.7019419
Abstract: Cloud computing is a paradigm shift from traditional computing offers services that can use ubiquitous internet to transmit data and other functionalities. The health care plays a vital role involved in mundane activities of human life. In proposed work, the efficient framework for health care system using Cloud is achieved through the segmentation algorithm and deployed. Albeit, the layered design of data storage is well-organized for huge critical data and developed with high level security and access control. The framework overcomes the impact created by attacks withstand along with security and privacy flaws of the Cloud. The integration and data sharing of hospital information is made possible using hybrid Cloud. Our framework utilizes the algebraic way of data possession for Cloud auditing those results is cost effective method for overall health care systems with high level of security standards.
Keywords: auditing; authorisation; cloud computing; data privacy; medical information systems; standards; ubiquitous computing; access control; cloud auditing; data possession; health care system; high level security; hospital information data sharing; human life; hybrid cloud; layered data storage design; layered storage architecture; mundane activities; paradigm shift; privacy flaws; security flaws; security standards; segmentation algorithm; traditional computing; ubiquitous internet; Encryption; Hospitals; Servers; Standards; Cloud; Cryptology; Data storage system; Information security; Storage area networks; privacy (ID#: 15-6018)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7019419&isnumber=7019129

Albakoush, Y.A.; Ismail, R.; Abu Bakar, A., “A Hybrid Architecture for Database Intrusion Preventer,” Information Technology and Multimedia (ICIMU), 2014 International Conference on, vol., no., pp. 21, 26, 18-20 Nov. 2014. doi:10.1109/ICIMU.2014.7066597
Abstract: Database management systems come with several security mechanisms such as access control, encryption and auditing. These mechanisms are very important to protect databases against various threats. However, such mechanisms may not be sufficient in dealing with database intrusion. Therefore, the prevention of any intrusion attempts as well as detecting them pose an important research issue. Despite the proposal of many techniques previously, the design and implementation of database reliable intrusion detection or prevention systems remains a substantial demand and a vital research topic. In this paper, a Hybrid Architecture for Database Intrusion Preventer (HyDBIP) has been proposed. The proposed system comprises of Signature-based, Anomaly-based and Anomaly Query Classifier (AQC) models work together to complement each other.
Keywords: SQL; authorisation; database management systems; digital signatures; pattern classification; AQC models; HyDBIP; access control; anomaly query classifier; anomaly-based classifier; auditing; database intrusion preventer; database management systems; database protection; encryption; hybrid architecture; intrusion detection; intrusion prevention systems; security mechanisms; signature-based classifier; Database systems; Information technology; Intrusion detection; Sensitivity; Servers; Anomly-based; Database Security; Intrusion Detection; Intrusion Prevention; SQL Injection; Signature-based (ID#: 15-6019)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7066597&isnumber=7066586

Yong Wang; Vangury, K.; Nikolai, J., “MobileGuardian: A Security Policy Enforcement Framework for Mobile Devices,” Collaboration Technologies and Systems (CTS), 2014 International Conference on,  vol., no., pp. 197, 202, 19-23 May 2014. doi:10.1109/CTS.2014.6867564
Abstract: Mobile devices such as smartphones and tablets are widely used for personal and business uses. Compared to personal mobile subscribers, enterprises have more concerns about mobile device security. The challenges an enterprise may face include unlimited access to corporate resources, lack of encryption on corporate data, unwillingness to backup data, etc. Many of these issues have been resolved by auditing and enforcing security policies in enterprise networks. However, it is difficult to audit and enforce security policies on mobile devices. A substantial discrepancy exists between enterprise security policy administration and security policy enforcement. In this paper, we propose a framework, MobileGuardian, for security policy enforcement on mobile devices. Security policy enforcement is further divided into four issues, i.e., sensitive data isolation, security policy formulation, security policy testing, and security policy execution. The proposed framework is secure, flexible, and scalable. It can be adopted on any mobile platforms to implement access control, data confidentiality, security, and integrity.
Keywords: mobile computing; security of data; MobileGuardian framework; access control; data confidentiality; data integrity; data security; enterprise networks; enterprise security policy administration; mobile device security; mobile devices; personal mobile subscribers; security policy enforcement framework; security policy execution; security policy formulation; security policy testing; sensitive data isolation; smart phones; tablet computers; Access control; Business; Mobile communication; Smart phones; Testing; enforcement; formulation; isolation; mobile device; security policy; testing (ID#: 15-6020)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6867564&isnumber=6867522
 

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.