Biblio

Cloud computing has become an integral part of medical big data. The cloud has the capability to store the large data volumes has attracted more attention. The integrity and privacy of patient data are some of the issues that cloud-based medical big data should be addressed. This research work introduces data integrity auditing scheme for cloud-based medical big data. This will help minimize the risk of unauthorized access to the data. Multiple copies of the data are stored to ensure that it can be recovered quickly in case of damage. This scheme can also be used to enable doctors to easily track the changes in patients' conditions through a data block. The simulation results proved the effectiveness of the proposed scheme.

Recently, Ning et al. proposed the “CryptCloud$^\textrm+\$$: Secure and Expressive Data Access Control for Cloud Storage” in IEEE Transaction on Services Computing. This work provided two versatile ciphertext-policy attribute-based encryption (CP-ABE) schemes to achieve flexible access control on encrypted data, namely ATER-CP-ABE and ATIR-CP-ABE, both of which have attractive advantages, such as white-box malicious user traceability, semi-honest authority accountability, public auditing and user revocation. However, we find a bug of access control in both schemes, i.e., a non-revoked user with attribute set \$S\$ can decrypt the ciphertext \$ct\$ encrypted under any access policy \$(A,\textbackslashrho )\$, regardless of whether \$S\$ satisfies \$(A,\textbackslashrho )\$ or not. This paper carefully analyzes the bug, and makes an improvement on Ning's pioneering work, so as to fix it.

Cloud technology is advancing rapidly because of it’s capability to replace the traditional computing techniques. Cloud offers various kinds of services for the user that are being used. In this research paper, storage as a service provided by cloud is examined as the data of the owner is being shared to the cloud so we have to ensure that data integrity is being maintained. In order to have a robust mechanism that offers a secure pathway for sharing data different encryption algorithms have been utilized. We investigate all the suitable algorithms with various combinations because any single algorithm is prone to some kind of attack. Testing of these algorithms is done by analyzing the parameters such as time required for execution, use of computational resources, key management, etc. Finally the best one that stands and fulfill all the criteria in a reasonable manner is selected for the purpose of storage.

The risk posed by high-profile data breaches has raised the stakes for adhering to data access policies for many organizations, but the complexity of both the policies themselves and the applications that must obey them raises significant challenges. To mitigate this risk, fine-grained audit of access to private data has become common practice, but this is a costly, time-consuming, and error-prone process.We propose an approach for automating much of the work required for fine-grained audit of private data access. Starting from the assumption that the auditor does not have an explicit, formal description of the correct policy, but is able to decide whether a given policy fragment is partially correct, our approach gradually infers a policy from audit log entries. When the auditor determines that a proposed policy fragment is appropriate, it is added to the system's mechanized policy, and future log entries to which the fragment applies can be dealt with automatically. We prove that for a general class of attribute-based data policies, this inference process satisfies a monotonicity property which implies that eventually, the mechanized policy will comprise the full set of access rules, and no further manual audit is necessary. Finally, we evaluate this approach using a case study involving synthetic electronic medical records and the HIPAA rule, and show that the inferred mechanized policy quickly converges to the full, stable rule, significantly reducing the amount of effort needed to ensure compliance in a practical setting.

The paper considers an expert system that provides an assessment of the state of information security in authorities and organizations of various forms of ownership. The proposed expert system allows to evaluate the state of compliance with the requirements of both organizational and technical measures to ensure the protection of information, as well as the level of compliance with the requirements of the information protection system in general. The expert assessment method is used as a basic method for assessing the state of information protection. The developed expert system provides a significant reduction in routine operations during the audit of information security. The results of the assessment are presented quite clearly and provide an opportunity for the leadership of the authorities and organizations to make informed decisions to further improve the information protection system.

Optimization plays an important role in many problems that expect the accurate output. Security of the data stored in remote servers purely based on secret key which is used for encryption and decryption purpose. Many secret key generation algorithms such as RSA, AES are available to generate the key. The key generated by such algorithms are need to be optimized to provide more security to your data from unauthorized users as well as from the third party auditors(TPA) who is going to verify our data for integrity purpose. In this paper a method to optimize the secret key by using cuckoo search algorithm (CSA) is proposed.

Provable Data Possession (PDP) is one of the data security techniques to make sure that the data stored in the cloud storage exists. In PDP, the integrity of the data stored in the cloud storage is probabilistically verified by the user or a third-party auditor. In the conventional PDP, the user creates the metadata used for audition. From the viewpoint of user convenience, it is desirable to be able to audit without operations other than uploading. In other words, the challenge is to provide a transparent PDP that verifies the integrity of files according to the general cloud storage system model so as not to add operations to users. We propose a scheme in which the cloud generates the metadata used during verification, and the user only uploads files. It is shown that the proposed scheme is resistant to the forgery of cloud proof and the acquisition of data by a third-party auditor.

More and more organizations are today using the cloud for their business as a quite convenient alternative to in-house solutions for storing, processing, and managing data. Cloud-based solutions are then permeating almost all aspects of business organizations, resulting appealing also for functions that, already in-house, may result sensitive or security critical, and whose enforcement in the cloud requires then particular care. In this paper, we provide an approach for securely relying on cloud-based services for the enforcement of Internal Controls and Audit (ICA) functions for corporate governance. Our approach is based on the use of selective encryption and of tags to provide a level of self-protection to data and for enabling only authorized parties to access data and perform operations on them, providing privacy and integrity guarantees, as well as accountability and non-repudiation.

Cloud computing is an evolving technology that provides data storage and highly fast computing services at a very low cost. All data stored in the cloud is handled by their cloud service providers or the caretaker of the cloud. The data owner is concerned about the authenticity and reliability of the data stored in the cloud as the data owners. Data can be misappropriated or altered by any unauthorized user or person. This paper desire to suggest a secure public auditing scheme applying third party auditors to authenticate the privacy, reliability, and integrity of data stored in the cloud. This proposed auditing scheme composes the use of the AES-256 algorithm for encryption, SHA-512 for integrity check and RSA-15360 for public-key encryption. And perform data dynamics operation which deals with mostly insertion, deletion, and, modification.

Cloud is the perfect way to hold our data every day. Yet the confidentiality of our data is a big concern in the handling of cloud data. Data integrity, authentication and confidentiality are basic security threats in the cloud. Cryptography techniques and Third Party Auditor (TPA) are very useful to impose the integrity and confidentiality of data. In this paper, a system is proposed Enhancing data protection that is housed in cloud computing. The suggested solution uses the RSA algorithm and the AES algorithm to encrypt user data. The hybridization of these two algorithms allows better data protection before it is stored in the cloud. Secure hash algorithm 512 is used to compute the Hash Message Authentication Code (HMAC). A stable audit program is also introduced for Third Party Auditor (TPA) use. The suggested algorithm is applied in python programming and tested in a simple sample format. It is checked that the proposed algorithm functions well to guarantee greater data protection.

The push for data sharing and data processing across organisational boundaries creates challenges at many levels of the software stack. Data sharing and processing rely on the participating parties agreeing on the permissible operations and expressing them into actionable contracts and policies. Converting these contracts and policies into a operational infrastructure is still a matter of research and therefore begs the question how should a digital data market place infrastructure look like? In this paper we investigate how communication fabric and applications can be tightly coupled into a multi-domain overlay network which enforces accountability. We prove our concepts with a prototype which shows how a simple workflow can run across organisational boundaries.

Cloud Storage Brokers (CSB) provide seamless and concurrent access to multiple Cloud Storage Services (CSS) while abstracting cloud complexities from end-users. However, this multi-cloud strategy faces several security challenges including enlarged attack surfaces, malicious insider threats, security complexities due to integration of disparate components and API interoperability issues. Novel security approaches are imperative to tackle these security issues. Therefore, this paper proposes CS-BAuditor, a novel cloud security system that continuously audits CSB resources, to detect malicious activities and unauthorized changes e.g. bucket policy misconfigurations, and remediates these anomalies. The cloud state is maintained via a continuous snapshotting mechanism thereby ensuring fault tolerance. We adopt the principles of chaos engineering by integrating BrokerMonkey, a component that continuously injects failure into our reference CSB system, CloudRAID. Hence, CSBAuditor is continuously tested for efficiency i.e. its ability to detect the changes injected by BrokerMonkey. CSBAuditor employs security metrics for risk analysis by computing severity scores for detected vulnerabilities using the Common Configuration Scoring System, thereby overcoming the limitation of insufficient security metrics in existing cloud auditing schemes. CSBAuditor has been tested using various strategies including chaos engineering failure injection strategies. Our experimental evaluation validates the efficiency of our approach against the aforementioned security issues with a detection and recovery rate of over 96 %.

Financial fraud is commonly represented by the use of illegal practices where they can intervene from senior managers until payroll employees, becoming a crime punishable by law. There are many techniques developed to analyze, detect and prevent this behavior, being the most important the fraud triangle theory associated with the classic financial audit model. In order to perform this research, a survey of the related works in the existing literature was carried out, with the purpose of establishing our own framework. In this context, this paper presents FraudFind, a conceptual framework that allows to identify and outline a group of people inside an banking organization who commit fraud, supported by the fraud triangle theory. FraudFind works in the approach of continuous audit that will be in charge of collecting information of agents installed in user's equipment. It is based on semantic techniques applied through the collection of phrases typed by the users under study for later being transferred to a repository for later analysis. This proposal encourages to contribute with the field of cybersecurity, in the reduction of cases of financial fraud.

The software development life cycle (SDLC) starts with business and functional specifications signed with a client. In addition to this, the specifications also capture policy / procedure / contractual / regulatory / legislation / standard compliances with respect to a given client industry. The SDLC must adhere to service level agreements (SLAs) while being compliant to development activities, processes, tools, frameworks, and reuse of open-source software components. In today's world, global software development happens across geographically distributed (autonomous) teams consuming extraordinary amounts of open source components drawn from a variety of disparate sources. Although this is helping organizations deal with technical and economic challenges, it is also increasing unintended risks, e.g., use of a non-complaint license software might lead to copyright issues and litigations, use of a library with vulnerabilities pose security risks etc. Mitigation of such risks and remedial measures is a challenge due to lack of visibility and transparency of activities across these distributed teams as they mostly operate in silos. We believe a unified model that non-invasively monitors and analyzes the activities of distributed teams will help a long way in building software that adhere to various compliances. In this paper, we propose a decentralized CAG - Compliance Adherence and Governance framework using blockchain technologies. Our framework (i) enables the capturing of required data points based on compliance specifications, (ii) analyzes the events for non-conformant behavior through smart contracts, (iii) provides real-time alerts, and (iv) records and maintains an immutable audit trail of various activities.

Introduction of IoT is a big step towards the convergence of physical and virtual world as everyday objects are connected to the internet nowadays. But due to its diversity and resource constraint nature, the security of these devices in the real world has become a major challenge. Although a number of security frameworks have been suggested to ensure the security of IoT devices, frameworks for auditing this security are rare. We propose an open-source framework to audit the security of IoT devices covering hardware, firmware and communication vulnerabilities. Using existing open-source tools, we formulate a modular approach towards the implementation of the proposed framework. Standout features in the suggested framework are its modular design, extensibility, scalability, tools integration and primarily autonomous nature. The principal focus of the framework is to automate the process of auditing. The paper further mentions some tools that can be incorporated in different modules of the framework. Finally, we validate the feasibility of our framework by auditing an IoT device using proposed toolchain.

In recent years, cloud computing has gained lots of importance and is being used in almost all applications in terms of various services. One of the most widely used service is storage as a service. Even though the stored data can be accessed from anytime and at any place, security of such data remains a prime concern of storage server as well as data owner. It may possible that the stored data can be altered or deleted. Therefore, it is essential to verify the correctness of data (auditing) and an agent termed as Third Party Auditor (TPA) can be utilised to do so. Existing auditing approaches have their own strengths and weakness. Hence, it is essential to propose auditing scheme which eliminates limitations of existing auditing mechanisms. Here we are proposing public auditing scheme which supports data dynamics as well as preserves privacy. Data owner, TPA, and cloud server are integral part of any auditing mechanism. Data in the form of various blocks are encoded, hashed, concatenated and then signature is calculated on it. This scheme also supports data dynamics in terms of addition, modification and deletion of data. TPA reads encoded data from cloud server and perform hashing, merging and signature calculation for checking correctness of data. In this paper, we have proposed efficient privacy preserving and dynamic public auditing by utilizing Merkle Hash Tree (MHT) for indexing of encoded data. It allows updating of data dynamically while preserving data integrity. It supports data dynamics operations like insert, modify and deletion. Several users can request for storage correctness simultaneously and it will be efficiently handled in the proposed scheme. It also minimizes the communication and computing cost. The proposed auditing scheme is experimented and results are evaluated considering various block size and file size parameters.

Public sector and private organizations began using cybersecurity control in order to defend their assets against cybercriminals attack. Cybersecurity audits assist organizations to deal with cyber threats, cybercriminals, and cyber-attacks thatare growing in an aggressive cyber landscape. However, cyber-attacks and threats become more increase and complex in complicated cyber landscapes challenge auditors to perform an effective cybersecurity audit. This current situation puts in evidens ce the critical need for a new approach in the cybersecurity audit execution. This study reviews an alternative method in the execution of cybersecurity security checks. The analysis is on the character and behavioral of cyber-attacks and threats using feature extraction and selection method to get crucial elements from the common group of cyber-attacks and threats. Cyber-attacks and threats profile are systematic approaches driven by a clear understanding of the form of cyber-attacks and threats character and behavior patterns in cybersecurity requirements. As a result, this study proposes cyber-attacks and threats profiling for cybersecurity audit as a set of control elements that are harmonized with audit components that drive audits based on cyber threats.

Database audit records are important for investigating suspicious actions against transactional databases. Their admissibility as digital evidence depends on satisfying Chain of Custody (CoC) properties during their generation, collection and preservation in order to prevent their modification, guarantee action accountability, and allow third-party verification. However, their production has relied on auditing capabilities provided by commercial database systems which may not be effective if malicious users (or insiders) misuse their privileges to disable audit controls, and compromise their admissibility. Hence, in this paper, we propose a forensically-aware distributed database architecture that implements CoC properties as functional requirements to produce admissible audit records. The novelty of our proposal is the use of hybrid logical clocks, which compared with a previous centralised vector-clock architecture, has evident advantages as it (i) allows for more accurate provenance and causality tracking of insider actions, (ii) is more scalable in terms of system size, and (iii) although latency is higher (as expected in distributed environments), 70 per cent of user transactions are executed within acceptable latency intervals.

To protect sensitive information of an organization, we need to have proper access controls since several data breach incidents were happened because of broken access controls. Normally, the IT auditing process would be used to identify security weaknesses and should be able to detect any potential access control violations in advance. However, most auditing processes are done manually and not performed consistently since lots of resources are required; thus, the auditing is performed for quality assurance purposes only. This paper proposes an automated process to audit the access controls on the Windows server operating system. We define the audit checklist and use the controls defined in ISO/IEC 27002:2013 as a guideline for identifying audit objectives. In addition, an automated audit tool is developed for checking security controls against defined security policies. The results of auditing are the list of automatically generated passed and failed policies. If the auditing is done consistently and automatically, the intrusion incidents could be detected earlier and essential damages could be prevented. Eventually, it would help increase the reliability of the system.

In 2013, subversion attack comes to publity again by Mikhail Bellare, who was inspired by PRISM. In this work, we implement this kind of attack on cloud auditing protocols. We show that through subversion attacks, the cloud server can recover the secret information stored by the data owner. Especially, First, we set a general frame of data auditing protocols. This model forms a basic security model of auditing protocols. Then we give a security model of attacker. Finally, we put forward some popular auditing protocols which can be subverted.

Security auditing is an effective means of safety supervision and risk self-identification. It is also a hot issue in the research of major enterprises and institutions. The existing standard norms cannot effectively guide the internal audit of the enterprise intranet, “how to review” and “review” What is not easy to grasp. This paper analyzes the status quo, problems and development trends of security audit, and proposes a behavior-based security audit mode, which can effectively discover the non-compliance behavior of intranet users, and can provide reference for peers through practice.

In recent years, real-world attacks against PKI take place frequently. For example, malicious domains' certificates issued by compromised CAs are widespread, and revoked certificates are still trusted by clients. In spite of a lot of research to improve the security of SSL/TLS connections, there are still some problems unsolved. On one hand, although log-based schemes provided certificate audit service to quickly detect CAs' misbehavior, the security and data consistency of log servers are ignored. On the other hand, revoked certificates checking is neglected due to the incomplete, insecure and inefficient certificate revocation mechanisms. Further, existing revoked certificates checking schemes are centralized which would bring safety bottlenecks. In this paper, we propose a blockchain-based public and efficient audit scheme for TLS connections, which is called Certchain. Specially, we propose a dependability-rank based consensus protocol in our blockchain system and a new data structure to support certificate forward traceability. Furthermore, we present a method that utilizes dual counting bloom filter (DCBF) with eliminating false positives to achieve economic space and efficient query for certificate revocation checking. The security analysis and experimental results demonstrate that CertChain is suitable in practice with moderate overhead.

The Cloud computing in simple terms is storing and accessing data through internet. The data stored in the cloud is managed by cloud service providers. Storing data in cloud saves users time and memory. But once user stores data in cloud, he loses the control over his data. Hence there must be some security issues to be handled to keep users data safely in the cloud. In this work, we projected a secure auditing system using Third Party Auditor (TPA). We used Advanced Encryption Standard (AES) algorithm for encrypting user's data and Secure Hash Algorithm (SHA-2) to compute message digest. The system is executed in Amazon EC2 cloud by creating windows server instance. The results obtained demonstrates that our proposed work is safe and takes a firm time to audit the files.

With the advancement in the wireless technology there are more and more devices connected over WiFi network. Security is one of the major concerns about WiFi other than performance, range, usability, etc. WiFi Auditor is a collection of WiFi testing tools and services packed together inside Raspberry Pi 3 module. The WiFi auditor allows the penetration tester to conduct WiFi attacks and reconnaissance on the selected client or on the complete network. WiFi auditor is portable and stealth hence allowing the attacker to simulate the attacks without anyone noticing them. WiFi auditor provides services such as deliberate jamming, blocking or interference with authorized wireless communications which can be done to the whole network or just a particular node.

Cloud storage is an exclusive resource in cloud computing, which helps to store and share the data on cloud storage server. Clients upload the data and its hash information n server together on cloud storage. The file owner always concern about data security like privacy and unauthorized access to third party. The owner also wants to ensure the integrity data during communication process. To ensure integrity, we propose a framework based on third party auditor which checks the integrity and correctness of data during audit process. Our aim is to design custom hash for the file which is not only justifies the integrity but also version information about file.