PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud Services

Verginadis, Yiannis; Michalas, Antonis; Gouvas, Panagiotis; Schiefer, Gunther; Hübsch, Gerald; Paraskakis, Iraklis

doi:10.5220/0005489302060213

Cited by 22 publications

(13 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Dynamic searchable encryption schemes can be very useful in this context. Indeed we have seen a lot of progress in this area in the last couple of years [37,38,39,40]. Considering the latest developments in the fiels, we first performed an extensive survey of the literature of searchable encryption in order to determine the schemes that look 1125 more appropriate for integration with cloud solutions.…”

Section: Resultsmentioning

confidence: 99%

A survey on design and implementation of protected searchable data in the cloud

Dowsley

Michalas

Nagel

et al. 2017

Computer Science Review

Self Cite

View full text Add to dashboard Cite

While cloud computing has exploded in popularity in recent years thanks to the potential efficiency and cost savings of outsourcing the storage and management of data and applications, a number of vulnerabilities that led to multiple attacks have deterred many potential users.As a result, experts in the field argued that new mechanisms are needed in order to create trusted and secure cloud services. Such mechanisms would eradicate the suspicion of users towards cloud computing by providing the necessary security guarantees. Searchable Encryption is among the most promising solutions -one that has the potential to help offer truly secure and privacypreserving cloud services. We start this paper by surveying the most important searchable encryption schemes and their relevance to cloud computing. In light of this analysis we demonstrate the inefficiencies of the existing schemes and expand our analysis by discussing certain confidentiality and privacy issues. Further, we examine how to integrate such a scheme with a popular cloud platform. Finally, we have chosen -based on the findings of our analysis -an * Corresponding Author. Preprint submitted to Computer Science Review JournalAugust 14, 2017 existing scheme and implemented it to review its practical maturity for deployment in real systems. The survey of the field, together with the analysis and with the extensive experimental results provides a comprehensive review of the theoretical and practical aspects of searchable encryption.

show abstract

Section: Resultsmentioning

confidence: 99%

A survey on design and implementation of protected searchable data in the cloud

Dowsley

Michalas

Nagel

et al. 2017

Computer Science Review

Self Cite

View full text Add to dashboard Cite

show abstract

“…Nevertheless, the introduction of a new third-party has an implication on risk, as companies require that the cloud service be secure. In [19], the authors present a security model for securing cloud services. All data objects stored by the cloud server have annotations that can be used to express privacy and access control properties.…”

Section: Related Workmentioning

confidence: 99%

Security governance as a service on the cloud

Bryce

2019

J Cloud Comp

View full text Add to dashboard Cite

Small companies need help to detect and to respond to increasing security related threats. This paper presents a cloud service that automates processes that make checks for such threats, implement mitigating procedures, and generally instructs client companies on the steps to take. For instance, a process that automates the search for leaked credentials on the Dark Web will, in the event of a leak, trigger processes that instruct the client on how to change passwords and perhaps a micro-learning process on credential management. The security governance service runs on the cloud as it needs to be managed by a security expert and because it should run on an infrastructure separated from clients. It also runs as a cloud service for economy of scale: the processes it runs can service many clients simultaneously, since many threats are common to all. We also examine how the service may be used to prove to independent auditors (e.g., cyber-insurance agents) that a company is taking the necessary steps to implement its security obligations.

show abstract

“…A work by Verginadis et al, [25] summarized important security challenges while moving to a cloud and proposed PaaSworda novel holistic framework for lessening these challenges. Precisely, the proposed framework includes a context-aware security model, the required policy administration mechanism along with physical distribution, encryption and query middleware.…”

Section: Related Workmentioning

confidence: 99%

Providing Ontology-Based Access Control for Cloud Data by Exploiting Subsumption Property among Domains of Access Control

Michael¹,

Kothandaraman²,

Kaliyan³

2019

IJIES

View full text Add to dashboard Cite

Cloud computing has pulled in numerous business organizations and users because of its simplified administration effort, minimal maintenance cost and pervasive access to out-sourced resources, which can be hardware or software. Users share these resources in large-scale environments over the Internet. Stringent access control must be implemented in a cloud storage system for protecting sensitive information. Access control models in the current literature such as Discretionary Access control (DAC), Mandatory Access Control model (MAC), Role-Based Access Model (RBAC) or Attribute Access Control Model (ABAC) consider the entities of access control in isolation and thus leading to incorrect access control decisions. In this paper, Ontology-Based Access Control is proposed. This proposal uses an ontology to model the entities associated with access control and their interrelationships among them, which could be effortlessly adjusted to Cloud environments. Ontology promises to streamline knowledge sharing among the entities. Subsumption property is exploited over concepts, properties and individuals. The experimental results show that the number of rules to be stored in Policy Base is reduced and reasoning time is also considerably reduced because of applying subsumption property and hence access decision is made faster. Also, our work is compared with the existing works against the state of art models with the help of access control metrics provided by the National Institute of Standards and Technology (NIST). Our work answers the queries related to metric effectively than the existing works. Hence the performance of the system is increased and suitable for securing cloud data.

show abstract

PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud Services

Cited by 22 publications

References 12 publications

A survey on design and implementation of protected searchable data in the cloud

A survey on design and implementation of protected searchable data in the cloud

Security governance as a service on the cloud

Providing Ontology-Based Access Control for Cloud Data by Exploiting Subsumption Property among Domains of Access Control

Contact Info

Product

Resources

About