Robust Reputation Based Trust Management Framework for Federated-Cloud Environments
|
|
- Stephen Paul
- 6 years ago
- Views:
Transcription
1 Robust Reputation Based Trust Management Framework for Federated-Cloud Environments M.N. Derahman, A. Abdullah and M. F. Azmi Faculty of Computer Science and Information Technology University Putra Malaysia. Abstract Recently, cloud computing is emerging drastically due to its ability to provide computing and other services to customers seamlessly. However, in heterogeneous environment, when there are various consumers and multiple service providers interacting and sharing resources, concern on security issues is crucial. Hence, the trust elements can be a motivating factor that can help to materialize the consumers on demand resource request transparently. It is worth to note that establishing trust is not an easy task especially when the attackers manipulate reputation feedback that is supposed to be trustworthy. Thus, the feedback mechanism based on the trust level needs to be further studied to increase reliability of trust management, particularly when involves with a largescale environment where strangers are competing with each other in offering services that are said to meet their quality of service and high reliable. In this study, we argue that the final trust can be manipulated by intruders using reputation feedback mechanism with untrustworthy value that inherited to the final trust value that can be wrongly interpreted by the consumers. To overcome this scenario, we suggest the rate of change to be used together with final trust value as it makes the trust value more robust where the intruder s fake reputation feedback can be neglected. We prove this assumption using descriptive statistic where the standard deviation of proposed approach is low. As a result, the rate of change is significant in determining the trustworthy of the cloud service providers(csp). Keywords: Trust Management, Reputation, Cloud Computing. INTRODUCTION Cloud computing is an emerging computing paradigm enables resource sharing between participation entities. It is characterized by elasticity, flexibility and on-demand resource request for customers. The concept of utilities market namely pay-per-use seems to be nominated between the consumer and resource/service providers. Hence, most of the cloud providers have expanded their offerings to include compute-related capabilities such as storage, VM and also OS services. Collaborating anonymous entities will create challenges such as in security, privacy and trust management. Trust management can be defined as assurance and confidence level that people, data and objects will perform and/or behave in a projected manner. Trust is a conceptual relation between two entities of humans, machines and the communication between them [7]. In this perspective, particularly in the cloud environment, we sometimes need to put our secret information and data to the third party facilities and infrastructure or allow others to access our facilities. Both are subjected to data manipulation and hacking even though the data is encrypted or our resources are protected. Thus, the trust element must play an important role. In federated-cloud environments, it involves with many entities across multiple domain of consumers, demand support from various service providers with specific properties and goals. Establishing trust between strangers is an important mean for cloud computing for the demand and supply chain to be materialised. Besides that, it needs to protect privacy and maintains the quality of service. Current studies among others are focusing on trust as a service, Service Level Agreement (SLA), feedback based trust management. This will be an issue where the particular participants are concerned on preserving consumer privacy, protecting services from attackers, maintaining service availability and allowing automatic service discovery. In this study, we propose an enhancement on trust management framework in federated cloud environment where it is solely upon to the trust results value. In this case, we focus on the resolution where there is the case that the attackers forging multiple identities and refute the final value of trust by falsifying its feedback reputation. It is formally known as Sybil attack [2]. Thus, the final trust value based on the accumulative results cannot be considered as only a determination factor in order to decide either the cloud service provider is trusted or not. This study focuses on how to nullifying those false reputations into the CSP. Hence, the Sybil attack will not significantly affect the final trust value. RELATED WORK In e-commerce application, maintaining the trust level between participants and share to the other potential customers is crucial. This is to develop the trust relation- ship in allowing resource sharing with many perspective, among them is pay-as-you-go using various platforms. Many studies have proposed a centralised node acts a broker with a trust management capability [6][3][1]. In [1], suggest the broker is connected with other six cloud nodes establishing a federated cloud infrastructure. Due to its one point of failure and subject to security ramification. The cloud infrastructure here solely depends on its intermediate node. Meanwhile, in [3] the framework is using trust mediator as a 10601
2 trusted third party broker that evaluates the trust value with an associate trust rating engine. It studies the QoS attributes related with cost and benefit. It assumes that the experience factor as a feedback reputation is as an algorithmic growth curve. This, however does not consider the negative reputation while all ratings are available and valid. In [4], focuses on direct trust implementation established in handling dynamic and real-time nature of the cloud services. To reduce the fake reputation, consumers record their service request and delivery based on the prescribed multiple trust attribute values. The study claims that better real-time performance can be achieved by issuing IOWA operator to establish time series global trust degree. However, it is based on prediction on statistical usage history and past experience of multiple interaction with the CSP. Meanwhile, in [6] proposes a trust framework whereby customers have an ability to give feedback weighting to the CSPs based on the service experiences. It is based on the resource provider capabilities and consumer majority consensus whereby the trust management is capable to differentiate between expert and amateur consumers. It is resulted to the determination of which CSP is trusted and which are not. The trust feedback will be calculated based on the total score by consumers divided by all of the total consumer feedbacks. This will surely make the system vulnerable to cloud service attack such as the Sybil attacks or the whitewashing attacks. However, the researcher provides some counter measures for the false reputation problems. He suggested a counter mechanism where a credibility model is proposed. In this model, the consumers will be divided into two categories called the Expert Cloud Service Consumer (ECSC) and the Amateur Cloud Service Consumer (ACSC). In addition to that, he also proposed that the consumer which had used the cloud service for a longer time would be prioritized in terms of his vote count. This two will be added up to make sure which consumer has the higher vote prioritization in terms of determining the trust level of the cloud network. In a cloud federation, CSPs are competitively offering services. They prompt to offer the below expected QoS value by customers. Based on the reliability and reputation, [5] establishes a formal specification to handle the vast reliability issues. They use agent based to pass the reputation from a node to another based on averaging those recommendations. Recommendation reliability is by means of time-step from the previous value/steps. The false reputation errors made by previous agents will be considered rather than discarded. This means that the false reputations are always being accumulated and averaging at every step. Figure 1: Trust management framework PROPOSED FRAMEWORK We propose a slightly different framework adopted from [6] for federated cloud infrastructure. We introduce the trust node acting as a broker between customers and CSPs (see Figure 1). This broker node is actually running trust manager services as it is responsible in handling all trust related issues such as creating a session key and also managing the reputation of each CSP. This is also considered that if the associated broker is failed, the consumer service request can be forwarded to other available neighbouring brokers as its trust values are updated occasionally. In a nutshell, the broker acts as the highest trust authority of the federated cloud architecture which is quite similar to the Certificate Authority (CA) in the Web System Architecture. The CSP still has its authority by specifying its services as well as allowing only the trusted another CSP to use the services. The trust manager will assign a session key to each intermediate node which later will transfer the session key to the cloud nodes using Quantum Key Distribution (QKD) protocol for authentication purposed between cloud networks. Previously, Distributed Hash Table(DHT) is used for the authentication purpose but DHT can be duplicated so there are some vulnerabilities to the federated cloud infrastructure. This session key is also used for the CSPs to determine the other cloud providers who are in the same federated cloud. A reputation feedback will be used to determine the trust level of the cloud node. This is done by cloud consumers that will give a reputation based on their experience of cloud services. If the services requested are successful, it will give the CSP a trust value of +1, otherwise the reputation of the CSP will be deducted by 1. Thus, we can consider that, Rt represents the total reputation of the CSPs, Rc is the reputation given by the consumer and k is the total number of cloud consumer that submit a reputation. Thus, the total reputation gained by a CSP is given by 1 R t = k R c (1) In this case 1, it seems fair as the consumer only gives reputation to the CSP that serves their request. Nevertheless, in federated cloud environment, the CSP can pass the request to the other CSP to execute the job on its behalf. The 10602
3 reliability of trust value might be inaccurate if the other cloud nodes are the one who fail to do the job. If this is the case, the relaying cloud may deduct the reputation of the problematic cloud accordingly. Let say Cr represents the reputation among CSPs. By using the same principle, the owner of the cloud can give the reputation to other related clouds as well. Thus, the cloud reputation can be modelled by Algorithm 1. This algorithm will consider consumers false reputation, hence its purpose is to mitigate the Sybil attack. C R = l R k1 cp (2) where Rcp represents the reputation given by CSP and l represents the total amount of clouds that gives reputation to a cloud. So, the real reputation of a CSP can be denoted as R cr = (Rt x 100)(Cr l 100) 200 *100 (3) where Rcr is the real cloud reputation for the specific cloud. In this case, we denote cloud reputation in two perspectives where the consumer holds 50% of the total reputation marks while the CSP holds the other 50% of the total reputation marks against the other clouds. Due to the security issues in feedback mechanism such as Sybil attack, where it might have a consumer who forges his identity and purposely gives false reputation to the cloud node. Therefore, a contingency plan to counter this is a must. We can appoint a list of trusted consumers based on the list of consumers that voted for the CSPs. The trusted consumers can be selected based on the number of services they have used on any CSPs which is inside the federated cloud compared to the other consumers who use the federated cloud. Considering that we want to distinguish the trusted consumers who give trust feedback to a CSP, A. In this scenario, we do not determine the number of services used by consumer X, Scx. We determine the average number of services used by all the consumers that give reputation to A, Sau, where n is the number of consumers that vote for cloud A and Sv is the services used by other voters. This is can be computed by S au = ( n 1 1 S v) S cx n 1 (4) The other things that we have to consider are to determine if Scx is more than Sau, to determine if consumer, A gives reputation to cloud X is within the value of majority of consumers have given, Rm. For an example, in the case of consumera assigns a positive reputation, 1 to the cloudx 1, whereby most of the consumers give 1 reputation. Therefore, consumera can be only trusted, Tu if T u = 1 T u = (S cx > S au ), (R m == 1) (S cx > S au )&&( S cx 2 == R m) T u (5) The algorithm to establish a trust level by a cloud consumer to it is service provider based on experience factor can be seen in RESULTS AND DISCUSSION As mentioned earlier, the total trust result is actually influenced by the reputation feedback from consumers. It actually reflects either the CSP is reputable or not in handling the consumers request. In establishing that, we conduct an experiment with both positive and negative reputations where the trustworthy values are vague. We use the same strategies to collect the data set as in [6] with 10,076 feedbacks from 6,892 consumers in evaluating 113 cloud services. The result can be seen in Figure 2. It shows the final trust value over consumer s feedback as accumulated in a CSP. The trust value without consumer experience feedback is high as can been seen in the Figure 2. This value is degraded as it 10603
4 introduces the trust element to the experience feedback factor [6]. It shows that the consumers feedbacks will significantly affect the final trust value associated to the CSP. In our case, the proposed objective of the algorithm is to distinguish between the experienced and inexperienced consumers. This will mitigate the Sybil attack problem which happened in clouds, where attackers with multiple identities giving false feedback reputations (high or low value) to the CSPs, hence altering the total reputation for the CSPs significantly. Based on the previous research, the researcher mentioned that trust result produced when using the majority consensus factor (consumer experience factor) must be lower than without the experience factor [6]. We argue that, it does not necessary low but can be high, and the most important is that inexperienced consumers or attackers cannot change or influence the trust value significantly. To determine whether my hypothesis is true, we have to compare the rate of change of consumers experience using proposed algorithm and [6]. This test is performed on three clouds. We use IBM SPSS for the data analysis purposes to show that the proposed approach is robust to the Sybil attacks. Although the trust result will affect the final reputation for a cloud, this will not affect the way we determine the best CSP. Based on the Table 1, we can see that the standard deviation (SD) in [6] is higher than the proposed algorithm. This means that every reputation feedback will give a huge weightage to the final trust value. However, with the same input data, the proposed algorithm shows a lower SD value. This is important in order to handle the Sybil attacks problem whereby our objective is that the trust value cannot be changed so much by the attackers. In this case, when random values are added, even though with a very low or very high value, it won t significantly reduce or increase the cloud reputation as a whole. Thus, the final value will remain close to the original mean value. Table 1: Descriptive statistic of both algorithms Algorithm N Min Max Mean Std. Dev Proposed H.Noor[6] Valid N Figure 2: Consumer experience factor It is because, during Sybil attack, intruders can give any inexact trust value to the CSPs depending on their objectives either to increase or decrease its reputation. Thus, the value is not necessarily has to be lower, but sometimes higher as compared to the value that they are supposed to commit. In our case, we compare the value of the potential attackers reputation with some selected experienced consumers and majority value by the total consumers. Because of this, we can no longer take the final trust value as a determination factor. This is because, we want to make sure that when an intruder enters a fake reputation into the CSP, the fake result will not alter the total result of the CSP s trust as much. The reason behind the rate of change has to be considered due to the difficulty for the CSPs to distinguish either the reputation feedback is trustworthy or not. For an example, there is a case of consumer s reputation being manipulated by others and falsifying the actual values. Compared to [6], a cross reference has been made in the terms of service request time with other consumers. In this case, we double check whether the computation is failed or successful by comparing the average time to complete the requested services with other consumers. Let say the consumers give bad reputation due to failed services or take too long to complete, hence the bad reputation given by the consumers would be considered as true and vice-versa for consumers who give too high reputations compared to majority of the consumers. CONCLUSION We argue that the final value of trust result in reputation feedback mechanism that established in most of the study cannot be used as an absolute solution in reflecting trustworthiness of CSP. It prompts to security attack such as Sybil attack. Instead of the final trust value, we propose a rate of change value that considered robust and can give a significant and meaningful evaluation. However, it must come together with a cross reference to other consumers or CSPs. As a result, whenever there are attacks that try to give false feedback reputation to a CSP, the final trust value does not change drastically. REFERENCES [1] D Bernstein and D Vij. Intercloud exchanges and roots topology and trust blueprint. In Proc. of 11th International Conference on Internet Computing, pages , [2] John R. Douceur. The sybil attack. In Revised Papers from the First International Workshop on Peer- to- Peer Systems, IPTPS 01, pages , London, UK, UK, Springer-Verlag. [3] Y. Kim and K. G. Doh. Quantitative trust management to support qos-aware service selection in service-oriented environments. In Parallel and Distributed Systems (ICPADS), 2013 International Conference on, pages , Dec [4] X. Li and J. Du. Adaptive and attribute-based trust 10604
5 model for service level agreement guarantee in cloud computing. IET Information Security, 7(1):39 50, March [5] F.Messina,G.Pappalardo,D.Rosaci,C.Santoro, and G. M. L. Sarn. A trust model for competitive cloud federations. In Complex, Intelligent and Software Intensive Systems (CISIS), 2014 Eighth International Conference on, pages , July [6] Quan Z. Noor, Talal H.and Sheng. Trust as a Service: A Framework for Trust Management in Cloud Environments, pages Springer Berlin Heidelberg, Berlin, Heidelberg, [7] Rajani Sharma and Rajender Kumar Trivedi. Literature review: Cloud computing security issues, solution and technologies. International Journal of Engineering Research ISSN, pages ,
A Secure and Dynamic Multi-keyword Ranked Search Scheme over Encrypted Cloud Data
An Efficient Privacy-Preserving Ranked Keyword Search Method Cloud data owners prefer to outsource documents in an encrypted form for the purpose of privacy preserving. Therefore it is essential to develop
More informationProblems in Reputation based Methods in P2P Networks
WDS'08 Proceedings of Contributed Papers, Part I, 235 239, 2008. ISBN 978-80-7378-065-4 MATFYZPRESS Problems in Reputation based Methods in P2P Networks M. Novotný Charles University, Faculty of Mathematics
More informationSybil Attack Detection with Reduced Bandwidth overhead in Urban Vehicular Networks
Sybil Attack Detection with Reduced Bandwidth overhead in Urban Vehicular Networks D.Balamahalakshmi Department of Computer Science and Engineering, V.S.B Engineering College, Karur, Tamilnadu, India 1
More informationSurvey Paper on Efficient and Secure Dynamic Auditing Protocol for Data Storage in Cloud
Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 3, Issue. 1, January 2014,
More informationEffective Handling of Credibility and Reputation- Based Trust Management for Cloud Services
Effective Handling of Credibility and Reputation- Based Trust Management for Cloud Services Ms.Shital Subhash Sangle ME in Computer Science and Engineering, Everest College of Engineering & Technology,
More informationA Brief Comparison of Security Patterns for Peer to Peer Systems
A Brief Comparison of Security Patterns for Peer to Peer Systems Rahul J. Vaghela 1, Kalpesh Patel 2 1 PG Student, Department of Computer Engineering, L.D. College Of Engineering, Gujarat Technological
More informationarxiv: v1 [cs.cr] 30 May 2014
ROMEO: ReputatiOn Model Enhancing OpenID Simulator Ginés Dólera Tormo 1, Félix Gómez Mármol 1, and Gregorio Martínez Pérez 2 arxiv:1405.7831v1 [cs.cr] 30 May 2014 1 NEC Europe Ltd., Kurfürsten-Anlage 36,
More informationApplying Context to Web Authentication
Applying Context to Web Authentication John Linn, Burt Kaliski, and Moti Yung, RSA Laboratories; Magnus Nyström, RSA Security Inc. Prepared for W3C Workshop on Transparency and Usability of Web Authentication,
More informationBlockchain for Enterprise: A Security & Privacy Perspective through Hyperledger/fabric
Blockchain for Enterprise: A Security & Privacy Perspective through Hyperledger/fabric Elli Androulaki Staff member, IBM Research, Zurich Workshop on cryptocurrencies Athens, 06.03.2016 Blockchain systems
More informationIntercloud Security. William Strickland COP 6938 Fall 2012 University of Central Florida 10/08/2012
Intercloud Security William Strickland COP 6938 Fall 2012 University of Central Florida 10/08/2012 Overview Problem and motivation Intercloud concept Security issues in Intercloud Intercloud trust model
More informationCISC859: Topics in Advanced Networks & Distributed Computing: Network & Distributed System Security. A Brief Overview of Security & Privacy Issues
CISC859: Topics in Advanced Networks & Distributed Computing: Network & Distributed System Security A Brief Overview of Security & Privacy Issues 1 Topics to Be Covered Cloud computing RFID systems Bitcoin
More informationREPUTATION BASED TRUST MANAGEMENT FOR CLOUD SERVICES T. Sandeep 1, G. Priya* 2
ISSN: 0975-766X CODEN: IJPTFI Available Online through Research Article www.ijptonline.com REPUTATION BASED TRUST MANAGEMENT FOR CLOUD SERVICES T. Sandeep 1, G. Priya* 2 1 PG Student, School of Computer
More informationExclusion-Freeness in Multi-party Exchange Protocols
Exclusion-Freeness in Multi-party Exchange Protocols Nicolás González-Deleito and Olivier Markowitch Université Libre de Bruxelles Bd. du Triomphe CP212 1050 Bruxelles Belgium {ngonzale,omarkow}@ulb.ac.be
More informationEfficient integrity checking technique for securing client data in cloud computing
International Journal of Electrical & Computer Sciences IJECS-IJENS Vol: 11 No: 05 43 Efficient integrity checking technique for securing client data in cloud computing Dalia Attas and Omar Batrafi Computer
More informationEntropy-Based Recommendation Trust Model for Machine to Machine Communications
Entropy-Based Recommendation Trust Model for Machine to Machine Communications Saneeha Ahmed and Kemal Tepe 1 University of Windsor, Windsor, Ontario, Canada {ahmed13m,ktepe}@uwindsor.ca Abstract. In a
More informationTrust4All: a Trustworthy Middleware Platform for Component Software
Proceedings of the 7th WSEAS International Conference on Applied Informatics and Communications, Athens, Greece, August 24-26, 2007 124 Trust4All: a Trustworthy Middleware Platform for Component Software
More informationInternational Journal of Scientific & Engineering Research Volume 8, Issue 5, May ISSN
International Journal of Scientific & Engineering Research Volume 8, Issue 5, May-2017 106 Self-organizing behavior of Wireless Ad Hoc Networks T. Raghu Trivedi, S. Giri Nath Abstract Self-organization
More informationNIST Public Working Group on Federated Cloud (PWGFC) IEEE P2302 Intercloud Kickoff
NIST Public Working Group on Federated Cloud (PWGFC) IEEE P2302 Intercloud Kickoff 1 John Messina, Chair, NIST PWGFC Bob Bohn, Chair, IEEE P2302 Working Group Steve Diamond, Chair IEEE Cloud Computing
More informationADVANCES in NATURAL and APPLIED SCIENCES
ADVANCES in NATURAL and APPLIED SCIENCES ISSN: 1995-0772 Published BY AENSI Publication EISSN: 1998-1090 http://www.aensiweb.com/anas 2016 May 10(5): pages 223-227 Open Access Journal An Efficient Proxy
More informationBitBill: Scalable, Robust, Verifiable Peer-to-Peer Billing for Cloud Computing
BitBill: Scalable, Robust, Verifiable Peer-to-Peer Billing for Cloud Computing Li Chen, Kai Chen SING Lab Computer Science and Engineering Hong Kong University of Science and Technology Trust in the Cloud
More informationVolume 5, Issue 12, December 2017 International Journal of Advance Research in Computer Science and Management Studies
ISSN: 2321-7782 (Online) e-isjn: A4372-3114 Impact Factor: 7.327 Volume 5, Issue 12, December 2017 International Journal of Advance Research in Computer Science and Management Studies Research Article
More informationJAVA IEEE TRANSACTION ON CLOUD COMPUTING. 1. ITJCC01 Nebula: Distributed Edge Cloud for Data Intensive Computing
JAVA IEEE TRANSACTION ON CLOUD COMPUTING 1. ITJCC01 Nebula: Distributed Edge Cloud for Data Intensive Computing 2. ITJCC02 A semi-automatic and trustworthy scheme for continuous cloud service certification
More informationJAVA IEEE TRANSACTION ON CLOUD COMPUTING. 1. ITJCC01 Nebula: Distributed Edge Cloud for Data Intensive Computing
JAVA IEEE TRANSACTION ON CLOUD COMPUTING 1. ITJCC01 Nebula: Distributed Edge for Data Intensive Computing 2. ITJCC02 A semi-automatic and trustworthy scheme for continuous cloud service certification 3.
More informationIdentifiers, Privacy and Trust in the Internet of Services
Identifiers, Privacy and Trust in the Internet of Services Leonardo A. Martucci, Sebastian Ries, and Max Mühlhäuser Technische Universität Darmstadt, CASED Mornewegstr. 32, DE-64293, Darmstadt, Germany
More informationWireless Network Security : Spring Arjun Athreya March 3, 2011 Survey: Trust Evaluation
Wireless Network Security 18-639: Spring 2011 Arjun Athreya March 3, 2011 Survey: Trust Evaluation A scenario LOBOS Management Co A CMU grad student new to Pittsburgh is looking for housing options in
More informationCovert Identity Information in Direct Anonymous Attestation (DAA)
Covert Identity Information in Direct Anonymous Attestation (DAA) Carsten Rudolph Fraunhofer Institute for Secure Information Technology - SIT, Rheinstrasse 75, Darmstadt, Germany, Carsten.Rudolph@sit.fraunhofer.de
More informationSELF-ORGANIZING TRUST MODEL FOR PEER TO PEER SYSTEMS
SELF-ORGANIZING TRUST MODEL FOR PEER TO PEER SYSTEMS R. K. Prasad and Vipin Sharma 1 Department of Mechanical Engineering ABSTRACT: P A College of Engineering Nadupadavu, Mangalore, India In this implemented
More informationPhysical Security Reliability Standard Implementation
Physical Security Reliability Standard Implementation Attachment 4b Action Information Background On March 7, 2014, the Commission issued an order directing NERC to submit for approval, within 90 days,
More informationIntroduction to SSL. Copyright 2005 by Sericon Technology Inc.
Introduction to SSL The cornerstone of e-commerce is a Web site s ability to prevent eavesdropping on data transmitted to and from its site. Without this, consumers would justifiably be afraid to enter
More information- Table of Contents -
- Table of Contents - 1 INTRODUCTION... 1 1.1 OBJECTIVES OF THIS GUIDE... 1 1.2 ORGANIZATION OF THIS GUIDE... 2 1.3 COMMON CRITERIA STANDARDS DOCUMENTS... 3 1.4 TERMS AND DEFINITIONS... 5 2 BASIC KNOWLEDGE
More informationUDRP Pilot Project. 1. Simplified way of sending signed hardcopies of Complaints and/or Responses to the Provider (Par. 3(b), Par. 5(b) of the Rules)
UDRP Pilot Project The Czech Arbitration Court (CAC) proposes that it runs two pilot projects (Pilot) related to its implementation of UDRP. During the Pilot, the following proposed new UDRP-related services
More informationA Lightweight Blockchain Consensus Protocol
A Lightweight Blockchain Consensus Protocol Keir Finlow-Bates keir@chainfrog.com Abstract A lightweight yet deterministic and objective consensus protocol would allow blockchain systems to be maintained
More informationAd-hoc Trusted Information Exchange Scheme for Location Privacy in VANET
Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 4, Issue. 1, January 2015,
More informationAnalysis of Broadcast Authentication Mechanism in Selected Network Topologies
RADIOENGINEERING, VOL. 20, NO. 1, APRIL 2011 167 Analysis of Broadcast Authentication Mechanism in Selected Network Topologies Tomas VANEK, Matej ROHLIK Dept. of Telecommunication Engineering, Czech Technical
More informationInternational Journal of Advance Engineering and Research Development
Scientific Journal of Impact Factor (SJIF): 5.71 International Journal of Advance Engineering and Research Development Volume 5, Issue 03, March -2018 e-issn (O): 2348-4470 p-issn (P): 2348-6406 BATCH
More informationAn Architecture For Computational Grids Based On Proxy Servers
An Architecture For Computational Grids Based On Proxy Servers P. V. C. Costa, S. D. Zorzo, H. C. Guardia {paulocosta,zorzo,helio}@dc.ufscar.br UFSCar Federal University of São Carlos, Brazil Abstract
More informationIBM SmartCloud Engage Security
White Paper March 2012 IBM SmartCloud Engage Security 2 IBM SmartCloud Engage Security Contents 3 Introduction 3 Security-rich Infrastructure 4 Policy Enforcement Points Provide Application Security 7
More informationInternational Journal of Data Mining & Knowledge Management Process (IJDKP) Vol.7, No.3, May Dr.Zakea Il-Agure and Mr.Hicham Noureddine Itani
LINK MINING PROCESS Dr.Zakea Il-Agure and Mr.Hicham Noureddine Itani Higher Colleges of Technology, United Arab Emirates ABSTRACT Many data mining and knowledge discovery methodologies and process models
More informationMulti Packed Security Addressing Challenges in Cloud Computing
Global Journal of Computer Science and Technology Cloud and Distributed Volume 13 Issue 1 Version 1.0 Year 2013 Type: Double Blind Peer Reviewed International Research Journal Publisher: Global Journals
More informationInput to ORMS TC Definitions and reference model proposals, Use cases. Daniela Bourges Waldegg
Input to ORMS TC Definitions and reference model proposals, Use cases Daniela Bourges Waldegg dbw@zurich.ibm.com Reputation definitions Reputation definitions Reputation is a collective evaluation of an
More informationCollaborative Framework for Testing Web Application Vulnerabilities Using STOWS
Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology ISSN 2320 088X IMPACT FACTOR: 5.258 IJCSMC,
More informationLecture Embedded System Security Introduction to Trusted Computing
1 Lecture Embedded System Security Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt (CASED) Summer Term 2015 Roadmap: Trusted Computing Motivation Notion of trust
More informationSample excerpt. Virtual Private Networks. Contents
Contents Overview...................................................... 7-3.................................................... 7-5 Overview of...................................... 7-5 IPsec Headers...........................................
More informationCoordinated Disclosure of Vulnerabilities in McAfee Security Android
Coordinated Disclosure of Vulnerabilities in McAfee Security Android 4.8.0.370 1 Executive summary Researchers of MRG Effitas tested the McAfee Security Android application. During use, we came across
More informationTimestamps and authentication protocols
Timestamps and authentication protocols Chris J. Mitchell Technical Report RHUL MA 2005 3 25 February 2005 Royal Holloway University of London Department of Mathematics Royal Holloway, University of London
More information(In)security of ecient tree-based group key agreement using bilinear map
Loughborough University Institutional Repository (In)security of ecient tree-based group key agreement using bilinear map This item was submitted to Loughborough University's Institutional Repository by
More informationCloud services using supporting reputation based trust management
Cloud services using supporting reputation based trust management E. Prathipa #1, N. Geetha *1 Mailam Engineering College, Mailam #1,*1 Prathielumalai23@gmail.com #1 Abstract - In cloud computing growth,
More informationSEAR: SECURED ENERGY-AWARE ROUTING WITH TRUSTED PAYMENT MODEL FOR WIRELESS NETWORKS
SEAR: SECURED ENERGY-AWARE ROUTING WITH TRUSTED PAYMENT MODEL FOR WIRELESS NETWORKS S. P. Manikandan 1, R. Manimegalai 2 and S. Kalimuthu 3 1 Department of Computer Science and Engineering, Sri Venkateshwara
More informationISSN Vol.04,Issue.05, May-2016, Pages:
WWW.IJITECH.ORG ISSN 2321-8665 Vol.04,Issue.05, May-2016, Pages:0737-0741 Secure Cloud Storage using Decentralized Access Control with Anonymous Authentication C. S. KIRAN 1, C. SRINIVASA MURTHY 2 1 PG
More informationA Secure System for Evaluation and Management of Authentication, Trust and Reputation in Cloud-Integrated Sensor Networks
International Journal of Engineering and Technical Research (IJETR) A Secure System for Evaluation and Management of Authentication, Trust and Reputation in Cloud-Integrated Sensor Networks Ms. Arati Phadtare,
More informationDETECTING, DETERMINING AND LOCALIZING MULTIPLE ATTACKS IN WIRELESS SENSOR NETWORK - MALICIOUS NODE DETECTION AND FAULT NODE RECOVERY SYSTEM
DETECTING, DETERMINING AND LOCALIZING MULTIPLE ATTACKS IN WIRELESS SENSOR NETWORK - MALICIOUS NODE DETECTION AND FAULT NODE RECOVERY SYSTEM Rajalakshmi 1, Umamaheswari 2 and A.Vijayaraj 3 1 Department
More informationSecurity protocols and their verification. Mark Ryan University of Birmingham
Security protocols and their verification Mark Ryan University of Birmingham Contents 1. Authentication protocols (this lecture) 2. Electronic voting protocols 3. Fair exchange protocols 4. Digital cash
More informationArticle Summary of: Understanding Cloud Computing Vulnerabilities. Michael R. Eldridge
Article Summary of: Understanding Cloud Computing Vulnerabilities Michael R. Eldridge April 14, 2016 2 Introduction News stories abound about the almost daily occurrence of break-ins and the stealing of
More informationRemote E-Voting System
Remote E-Voting System Crypto2-Spring 2013 Benjamin Kaiser Jacob Shedd Jeremy White Phases Initialization Registration Voting Verifying Activities Trusted Authority (TA) distributes 4 keys to Registrar,
More informationChapter 4. Fundamental Concepts and Models
Chapter 4. Fundamental Concepts and Models 4.1 Roles and Boundaries 4.2 Cloud Characteristics 4.3 Cloud Delivery Models 4.4 Cloud Deployment Models The upcoming sections cover introductory topic areas
More informationA CONFIDENCE MODEL BASED ROUTING PRACTICE FOR SECURE ADHOC NETWORKS
A CONFIDENCE MODEL BASED ROUTING PRACTICE FOR SECURE ADHOC NETWORKS Ramya. S 1 and Prof. B. Sakthivel 2 ramyasiva.jothi@gmail.com and everrock17@gmail.com 1PG Student and 2 Professor & Head, Department
More informationBuilding an Assurance Foundation for 21 st Century Information Systems and Networks
Building an Assurance Foundation for 21 st Century Information Systems and Networks The Role of IT Security Standards, Metrics, and Assessment Programs Dr. Ron Ross National Information Assurance Partnership
More informationEstablishing Trust Across International Communities
Establishing Trust Across International Communities 6 Feb 2013 info@federatedbusiness.org www.federatedbusiness.org Proprietary - British Business Federation Authority 1 Strategic Drivers - Industry 1.
More informationCountering Hidden-Action Attacks on Networked Systems
Countering on Networked Systems University of Cambridge Workshop on the Economics of Information Security, 2005 Outline Motivation 1 Motivation 2 3 4 Motivation Asymmetric information inspires a class
More informationTrust Enhanced Cryptographic Role-based Access Control for Secure Cloud Data Storage
1 Trust Enhanced Cryptographic Role-based Access Control for Secure Cloud Data Storage Lan Zhou,Vijay Varadharajan,and Michael Hitchens Abstract Cloud data storage has provided significant benefits by
More informationA Look Back at Security Problems in the TCP/IP Protocol Suite Review
A Look Back at Security Problems in the TCP/IP Protocol Suite Review Network Security Instructor:Dr. Shishir Nagaraja Submitted By: Jyoti Leeka October 26, 2011 1 Introduction to the topic and the reason
More informationDetection of Sybil Attack in Wireless Sensor Network
Middle-East Journal of Scientific Research 23 (Sensing, Signal Processing and Security): 202-206, 2015 ISSN 1990-9233 IDOSI Publications, 2015 DOI: 10.5829/idosi.mejsr.2015.23.ssps.55 Detection of Sybil
More informationSecuring The Reputation Management in WINNOWING P2P Scheme. Nawaf Almudhahka Matthew Locklear
Securing The Reputation Management in WINNOWING P2P Scheme Nawaf Almudhahka Matthew Locklear Agenda Overview Motivation Assumptions & Threat Model Approach Security Analysis of TVC Model Description Results
More information2010 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media,
2010 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising
More information2 The BEinGRID Project
2 The BEinGRID Project Theo Dimitrakos 2.1 Introduction Most of the results presented in this book were created within the BEinGRID project. BEinGRID, Business Experiments in GRID, is the European Commission
More information(2½ hours) Total Marks: 75
(2½ hours) Total Marks: 75 N. B.: (1) All questions are compulsory. (2) Makesuitable assumptions wherever necessary and state the assumptions made. (3) Answers to the same question must be written together.
More informationA Time-To-Live Based Reservation Algorithm on Fully Decentralized Resource Discovery in Grid Computing
A Time-To-Live Based Reservation Algorithm on Fully Decentralized Resource Discovery in Grid Computing Sanya Tangpongprasit, Takahiro Katagiri, Hiroki Honda, Toshitsugu Yuba Graduate School of Information
More informationIncompatibility Dimensions and Integration of Atomic Commit Protocols
The International Arab Journal of Information Technology, Vol. 5, No. 4, October 2008 381 Incompatibility Dimensions and Integration of Atomic Commit Protocols Yousef Al-Houmaily Department of Computer
More informationStar: Sla-Aware Autonomic Management of Cloud Resources
Star: Sla-Aware Autonomic Management of Cloud Resources Sakshi Patil 1, Meghana N Rathod 2, S. A Madival 3, Vivekanand M Bonal 4 1, 2 Fourth Sem M. Tech Appa Institute of Engineering and Technology Karnataka,
More informationSoft Enforcement of Access Control Policies in Distributed Environments
Soft Enforcement of Access Control Policies in Distributed Environments Vipul Goyal Department of Computer Science & Engineering Institute of Technology Banaras Hindu University Varanasi, India vipulg@cpan.org
More informationCoordinated Disclosure of Vulnerabilities in AVG Antivirus Free Android
Coordinated Disclosure of Vulnerabilities in AVG Antivirus Free Android 5.9.4.1 1 Executive summary Researchers of MRG Effitas tested the AVG AntiVirus Free Android application. During use, we came across
More informationOverview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet. SSL ensures the secure transmission of data between a client and a server through
More informationVoid main Technologies
Sno Title Domain 1. A Cross Tenant Access Control (CTAC) Model for Cloud Computing: Formal Specification and Verification 2. A Lightweight Secure Data Sharing Scheme for Mobile Cloud Computing 3. A Modified
More informationSmart Cards in Hostile Environments
Carnegie Mellon University Computer Science technical report CMU-CS-95-188 Smart Cards in Hostile Environments Howard Gobioff Sean Smith J. D. Tygar September 14, 1995 CMU-CS-95-188 School of Computer
More informationThreat Model of a Scenario Based on Trusted Platform Module 2.0 Specification
Threat Model of a Scenario Based on Trusted Platform Module 2.0 Specification Jiun Yi Yap and Allan Tomlinson Information Security Group Royal Holloway, University of London Egham, Surrey TW20 0EX, United
More informationNETWORKING. 8. ITDNW08 Congestion Control for Web Real-Time Communication
NETWORKING 1. ITDNW01 Wormhole: The Hidden Virus Propagation Power of a Search Engine in Social 2. ITDNW02 Congestion Control for Background Data Transfers With Minimal Delay Impact 3. ITDNW03 Transient
More informationResearch and Design of Crypto Card Virtualization Framework Lei SUN, Ze-wu WANG and Rui-chen SUN
2016 International Conference on Wireless Communication and Network Engineering (WCNE 2016) ISBN: 978-1-60595-403-5 Research and Design of Crypto Card Virtualization Framework Lei SUN, Ze-wu WANG and Rui-chen
More informationDAMAGE DISCOVERY IN DISTRIBUTED DATABASE SYSTEMS
DAMAGE DISCOVERY IN DISTRIBUTED DATABASE SYSTEMS Yanjun Zuo and Brajendra Panda Abstract Damage assessment and recovery in a distributed database system in a post information attack detection scenario
More informationImposing fairness in electronic commerce
www.ijcsi.org 139 Imposing fairness in electronic commerce Using Trusted Third Party for electronic delivery Fahad A. ALQAHTANI Software Technology Research Laboratory De Montfort University,Leicester,United
More informationENCRYPTED DATA MANAGEMENT WITH DEDUPLICATION IN CLOUD COMPUTING
ENCRYPTED DATA MANAGEMENT WITH DEDUPLICATION IN CLOUD COMPUTING S KEERTHI 1*, MADHAVA REDDY A 2* 1. II.M.Tech, Dept of CSE, AM Reddy Memorial College of Engineering & Technology, Petlurivaripalem. 2. Assoc.
More informationA Two-Fold Authentication Mechanism for Network Security
Asian Journal of Engineering and Applied Technology ISSN 2249-068X Vol. 7 No. 2, 2018, pp. 86-90 The Research Publication, www.trp.org.in A Two-Fold for Network Security D. Selvamani 1 and V Selvi 2 1
More informationK-Nearest-Neighbours with a Novel Similarity Measure for Intrusion Detection
K-Nearest-Neighbours with a Novel Similarity Measure for Intrusion Detection Zhenghui Ma School of Computer Science The University of Birmingham Edgbaston, B15 2TT Birmingham, UK Ata Kaban School of Computer
More informationKnowledge representation Semantic networks and frames
Knowledge representation Semantic networks and frames CmSc310 Artificial Intelligence 1. Introduction: What is knowledge? The science that studies various issues about knowledge is called epistemology.
More informationBuild confidence in the cloud Best practice frameworks for cloud security
Build confidence in the cloud Best practice frameworks for cloud security Cloud services are rapidly growing and becoming more of a focus for business. It s predicted that more than $1 trillion in IT spending
More informationThreat Modeling. Bart De Win Secure Application Development Course, Credits to
Threat Modeling Bart De Win bart.dewin@ascure.com Secure Application Development Course, 2009 Credits to Frank Piessens (KUL) for the slides 2 1 Overview Introduction Key Concepts Threats, Vulnerabilities,
More informationSecure Sockets Layer (SSL) / Transport Layer Security (TLS)
Secure Sockets Layer (SSL) / Transport Layer Security (TLS) Brad Karp UCL Computer Science CS GZ03 / M030 20 th November 2017 What Problems Do SSL/TLS Solve? Two parties, client and server, not previously
More informationProtecting your Data in the Cloud. Cyber Security Awareness Month Seminar Series
Protecting your Data in the Cloud Cyber Security Awareness Month Seminar Series October 24, 2012 Agenda Introduction What is the Cloud Types of Clouds Anatomy of a cloud Why we love the cloud Consumer
More informationDifferential Cryptanalysis
Differential Cryptanalysis See: Biham and Shamir, Differential Cryptanalysis of the Data Encryption Standard, Springer Verlag, 1993. c Eli Biham - March, 28 th, 2012 1 Differential Cryptanalysis The Data
More informationCooperative Reputation Index Based Selfish Node Detection and Prevention System for Mobile Ad hoc Networks
Research Journal of Applied Sciences, Engineering and Technology 4(3): 201-205, 2012 ISSN: 2040-7467 Maxwell Scientific Organization, 2012 Submitted: September 23, 2011 Accepted: November 02, 2011 Published:
More informationIAM Project Overview & Milestones
IAM Project Overview & Milestones TABLE OF CONTENTS IAM PROJECT SUCCESS FACTORS 3 PROJECT SCOPE 3 IN SCOPE 3 OUT OF SCOPE 4 IAM NOW VS. FUTURE 5 IAM NOW 5 IAM IN THE FUTURE 7 IAM PROJECT END STATE 8 ACCESS
More informationVERIZON ACHIEVES BEST IN TEST AND WINS THE P3 MOBILE BENCHMARK USA
VERIZON ACHIEVES BEST IN TEST AND WINS THE P3 MOBILE BENCHMARK USA INTRODUCTION in test 10/2018 Mobile Benchmark USA The international benchmarking expert P3 has been testing the performance of cellular
More informationCertificate reputation. Dorottya Papp
Certificate reputation Dorottya Papp Motivation Verification on a digital certificate does not reveal important factors Is it a fake certificate? (Hash collision) Was it mistakenly issued? (Comodo scandal)
More informationPseudonym Based Security Architecture for Wireless Mesh Network
IOSR Journal of Computer Engineering (IOSR-JCE) e-issn: 2278-0661,p-ISSN: 2278-8727, Volume 16, Issue 4, Ver. VII (Jul Aug. 2014), PP 01-05 Pseudonym Based Security Architecture for Wireless Mesh Network
More informationA Secure Routing Protocol for Wireless Adhoc Network Creation
Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 3, Issue. 6, June 2014, pg.88
More informationMay 1: Integrity Models
May 1: Integrity Models Biba Clark-Wilson Comparison Trust models May 1, 2017 ECS 235B Spring Quarter 2017 Slide #1 Integrity Overview Requirements Very different than confidentiality policies Biba s models
More informationLOAD BALANCING AND DEDUPLICATION
LOAD BALANCING AND DEDUPLICATION Mr.Chinmay Chikode Mr.Mehadi Badri Mr.Mohit Sarai Ms.Kshitija Ubhe ABSTRACT Load Balancing is a method of distributing workload across multiple computing resources such
More informationDesign of Secure End-to-End Protocols for Mobile Systems
26 Design of Secure End-to-End Protocols for Mobile Systems V. Varadharajan and Y. Mu Department of Computing, University of Western Sydney, Nepean, PO Box 10, Kingswood, NSW 2747, Australia Telephone:
More informationSybil defenses via social networks
Sybil defenses via social networks Abhishek University of Oslo, Norway 19/04/2012 1 / 24 Sybil identities Single user pretends many fake/sybil identities i.e., creating multiple accounts observed in real-world
More informationBuilding on existing security
Building on existing security infrastructures Chris Mitchell Royal Holloway, University of London http://www.isg.rhul.ac.uk/~cjm 1 Acknowledgements This is joint work with Chunhua Chen and Shaohua Tang
More informationA Study on Issues Associated with Mobile Network
Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 3, Issue. 9, September 2014,
More information