Biblio

Rapid development of cloud storage services, users are allowed to upload heavy storage and computational cost to cloud to reduce the local resource and energy consumption. While people enjoy the desirable benefits from the cloud storage service, critical security concerns in data outsourcing have been raised seriously. In the cloud storage service, data owner loses the physical control of the data and these data are fully controlled by the cloud server. As such, the integrity of outsourced data is being put at risk in reality. Remote data integrity checking (RDIC) is an effective solution to checking the integrity of uploaded data. However, most RDIC schemes are rely on traditional public key infrastructure (PKI), which leads communication and storage overhead due to the certificate management. Identity-based RDIC scheme is not need the storage management, but it has a drawback of key escrow. To solve these problems, we propose a practical certificateless RDIC scheme. Moreover, many public auditing schemes authorize the third party auditor (TPA) to check the integrity of remote data and the TPA is not fully trusted. Thus, we take the data privacy into account. The proposed scheme not only can overcome the above deficiencies but also able to preserve the data privacy against the TPA. Our theoretical analyses prove that our mechanism is correct and secure, and our mechanism is able to audit the integrity of cloud data efficiently.

Since the birth of the Internet, the quality of network service has been a widespread concerned problem. With the continuous development of communication and information technology, people gradually realized that the contradiction between the limited resources and the business requirements of network cannot be fundamentally solved. In this paper, we design and develop a distributed security quality of service testing framework called AweQoS(AwesomeQoS), to adapt to the current complex network environment. This paper puts forward the necessity that some security tests should be closely combined with quality of service testing, and further discusses the basic methods of distributed denial of service attack and defense. We introduce the design idea and working process of AweQoS in detail, and introduce a bandwidth test method based on user datagram protocol. Experimental results show that this new test method has better test performance and potential under the AweQoS framework.

Web applications, as a conventional platform for sensitive data and important transactions, are of great significance to human society. But with its open source framework, the existing security vulnerabilities can easily be exploited by malicious users, especially when web developers fail to follow the secure practices. Here we present a distributed scanning system, FalconEye, with great precision and high performance, it will help prevent potential threats to Web applications. Besides, our system is also capable of covering basically all the web vulnerabilities registered in the Common Vulnerabilities and Exposures (CVE). The FalconEye system is consists of three modules, an input source module, a scanner module and a support platform module. The input module is used to improve the coverage of target server, and other modules make the system capable of generic vulnerabilities scanning. We then experimentally demonstrate this system in some of the most common vulnerabilities test environment. The results proved that the FalconEye system can be a strong contender among the various detection systems in existence today.

Cloud computing is an emerging technology that can provide organizations, enterprises and governments with cheaper, more convenient and larger scale computing resources. However, cloud computing will bring potential risks and threats, especially on security and privacy. We make a survey on potential threats and risks and existing solutions on cloud security and privacy. We also put forward some problems to be addressed to provide a secure cloud computing environment.