• Title/Summary/Keyword: Auditing threats

Search Result 3, Processing Time 0.02 seconds

A Novel Methodology for Auditing the Threats in Cloud Computing - A Perspective based on Cloud Storage

  • Nasreen Sultana Quadri;Kusum Yadav;Yogesh Kumar Sharma
    • International Journal of Computer Science & Network Security
    • /
    • v.24 no.2
    • /
    • pp.124-128
    • /
    • 2024
  • Cloud computing is a technology for delivering information in which resources are retrieved from the internet through a web-based tools and applications, rather than a direct connection with the server. It is a new emerging computing based technology in which any individual or organization can remotely store or access the information. The structure of cloud computing allows to store and access various information as long as an electronic device has access to the web. Even though various merits are provided by the cloud from the cloud provides to cloud users, it suffers from various flaws in security. Due to these flaws, data integrity and confidentiality has become a challenging task for both the storage and retrieval process. This paper proposes a novel approach for data protection by an improved auditing based methodology in cloud computing especially in the process of cloud storage. The proposed methodology is proved to be more efficient in auditing the threats while storing data in the cloud computing architecture.

Privacy-Preserving Self-Certified Public Auditing for Secure Cloud Storage (안전한 클라우드 스토리지를 위한 프라이버시 보장 자체 인증 공공 감사)

  • Baek, Mokryeon;Kim, Dongmin;Jeong, Ik Rae
    • Journal of KIISE
    • /
    • v.43 no.4
    • /
    • pp.497-508
    • /
    • 2016
  • With a cloud storage service, data owners can easily access their outsourced data in cloud storage on different devices and at different locations, and can share their data with others. However, as the users no longer physically have possession of their outsourced data and the cloud still facing the existence of internal/external threats, the task of checking the data integrity is formidable. Over recent years, numerous schemes have been proposed to ensure data integrity in an untrusted cloud. However, the existing public auditing schemes use a third-party auditor(TPA) to execute high computation to check data integrity and may still face many security threats. In this paper, we first demonstrate that the scheme proposed by Zhang et al. is not secure against our two threat models, and then we propose a self-certified public auditing scheme to eliminate the security threats and guarantee a constant communication cost. Moreover, we prove the securities of our public auditing scheme under three security models.

Information security auditing Framework in Industrial control system (산업제어시스템 정보보안 감리 프레임워크 연구)

  • Lee, Chul-Soo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.18 no.1
    • /
    • pp.139-148
    • /
    • 2008
  • Information technology have led to change the automation of large industrial control system as well as business system and environments. Industrial control system(ICS) is vital components of most nation's critical infrastructures such as electricity, natural gas, water, waste treatment, transportation and communication that are based of national security, safety of citizen and development of national economy According to the change of business environment, organizational management pushed integration all of the system include MIS and ICS. This situation led to use standard information technologies for ICS, this transition has been to expose ICS to the same vulnerabilities and threats that plague business system. Recently government obliged owners of the public information system to audit for safety, efficiency and effectiveness, and also obliged the owners of national infrastructure to improve their system security as a result of vulnerability analysis. But there doesn't prepare a security architecture and information security auditing framework of ICS fur auditing. In this paper, I suggested the security architecture and information security auditing framework for ICS in order to prepare the base of industrial system security auditing.