Author Details

Scroll

Refine your search

Collections

Engineering Collection

Co-Authors

Journals

Journal of Network and Information Security

Year

Authors

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z All

Barsoum, Ayad

Remote Integrity Verification for Multiple Data Copies in Cloud Environments:A Comparative Analysis and Open Research Issues

Abstract Views :207 | PDF Views:0

Authors

Ayad Barsoum ¹

Affiliations
1 Computer Science Department, St.Mary’s University, San Antonio, Texas, US

Source

Journal of Network and Information Security, Vol 4, No 1 (2016), Pagination: 24-37

Abstract

Every hour many organizations generate terabytes of data, and that may exceed their storage ability. Storing and manipulating such big data is a costly process.That is why outsourcing data storage to remote cloud service providers (CSPs) is currently a preferred storage model to mitigate the burden of local data storage. To achieve a higher level of scalability, availability and durability, some clients ask the CSP to maintain multiple copies of their outsourced data on multiple data centers. In such a case, the clients will be charged more fees. The cloud customers want to make sure that the CSP is not cheating by storing fewer number of data copies. Moreover, all these copies should be consistent with the most recent modifications issued by the clients. The problem of provable data possession (PDP) for multiple data copies has been investigated by many researchers. In this paper, we review the concept of PDP and provide an extensive survey for different provable multi-copy data possession (PMDP) schemes. Moreover, the paper discusses the design principles for various PMDP constructions, highlights some limitations, and present a comparative analysis for numerous PMDP models. In this paper, we focus on two sets on PMDP schemes: protocols for static data, and schemes for dynamic data. The paper also addresses the concept of proof of retrievability, which is a complementary approach to PDP. Furthermore, we highlight some open research issues that need to be investigated and tackled to achieve the wide acceptance and usage of outsourcing data storage.

Keywords

Cloud Computing, Outsourcing Data Storage, Multiple Data Copies, Integrity Verification.

Full Text

Cloud Storage Assured Deletion: Considerations and Schemes

Abstract Views :176 | PDF Views:1

Authors

Richard Thames ¹, Ayad Barsoum ¹

Affiliations
1 Computer Science Department, St. Mary’s University, San Antonio, Texas, US

Source

Journal of Network and Information Security, Vol 6, No 2 (2018), Pagination: 01-04

Abstract

The assured deletion problem was realized with the introduction of cloud data storage. An exemplar of the broader set of cloud services, assured deletion is poorly understood by customers and complicates the work of forensic professionals. Over the last ten years, schemes that solve the assured deletion problem have been proposed. Proposed solutions have improved on each other to mitigate scaling overhead, trusted third parties, bottlenecks, single points of failure, and other inefficiencies. Cloud service providers have an opportunity to provide customers verifiable proof of deletion. In this work, we focus on the problem of how cloud data storage customers can be assured that when they attempt to delete data from the cloud, it is not retrievable. Just as CSP’s offer technologies that simplify storage operations, providing an assured deletion service could serve as a differentiator.

Keywords

Assured Deletion, Cloud Computing, Cloud Storage, Provable Data Deletion, Secure Deletion.

Full Text

References

Y. Luo, M. Xu, S. Fu, and D. Wang, “Enabling assured deletion in the cloud storage by overwriting,” in Proceedings of the 4^th ACM International Workshop on Security in Cloud Computing (SCC’16), Xi’an, China, pp. 17-23, May 2016.

Z. Mo, Q. Xiao, Y. Zhou and S. Chen, “On deletion of outsourced data in cloud computing,” 2014 IEEE 7^th International Conference on Cloud Computing, Anchorage, AK, pp. 344-351, 2014.

A. Pichan, M. Lazarescu, and S. T. Soh, “Cloud forensics: Technical challenges, solutions and comparative analysis,” Digital Investigation, vol. 13, pp. 38-57, 2015.

J. Reardon, D. Basin and S. Capkun, “SoK: Secure data deletion,” 2013 IEEE Symposium on Security and Privacy, Berkeley, CA, pp. 301-315, 2013.

K. M. Ramokapane, A. Rashid, and J. M. Such, “Assured deletion in the cloud: Requirements, challenges and future directions,” in Proceedings of the 2016 ACM on Cloud Computing Security Workshop (CCSW’16), Vienna, Austria, pp. 97-108, October 2016.

Y. Tang, P. P. C. Lee, J. C. S. Lui, and R. Perlman, “Secure overlay cloud storage with access control and assured deletion,” IEEE Transactions on Dependable and Secure Computing, vol. 9, no. 6, pp. 903-916, November-December 2012.

S. Tanimoto, M. Hiramoto, M. Iwashita, H. Sato, and A. Kanai, “Risk management on the security problem in cloud computing,” 2011 First ACIS/JNU International Conference on Computers, Networks, Systems and Industrial Engineering, Jeju Island, pp. 147-152, 2011.

Q. Wang, C. Wang, J. Li, K. Ren, and W. Lou, “Enabling public verifiability and data dynamics for storage security in cloud computing,” in M. Backes, and P. Ning (eds.), Computer Security - ESORICS 2009, ESORICS 2009, Lecture Notes in Computer Science, vol. 5789, Springer, Berlin, Heidelberg, 2009.

P. Mell, and T. Grance, “Draft NIST working definition of cloud computing,” 2009. Available: http://csrc.nist.gov/groups/SNS/cloud-computing/index.html

Modern Cryptographic Schemes: Applications and Comparative Study

Abstract Views :122 | PDF Views:0

Authors

Julius O. Olwenyi ¹, Aby Tino Thomas ¹, Ayad Barsoum ¹

Affiliations
1 St. Mary’s University, San Antonio, TX, US

Source

Journal of Network and Information Security, Vol 7, No 2 (2019), Pagination: 28-34

Abstract

Cryptography and encryption have been used for secure communication. In the modern world, cryptography is a very important tool for protecting information in computer systems. With the invention of the World Wide Web or Internet, computer systems are highly interconnected and accessible from any part of the world. As more systems get interconnected, more threat actors try to gain access to critical information stored on the network. It is the responsibility of data owners or organizations to keep this data securely and encryption is the main tool used to secure information. In this paper, we will focus on different techniques and the modern application of cryptography. We will study different cryptographic schemes: symmetric, asymmetric (sometimes referred to as public key), and hybrid systems. The paper will present a comparative study for these schemes and their applications in network protocols. Moreover, we will highlight the concept of Quantum Cryptography, which takes advantage of quantum physics at the physical layer.

Keywords

Cryptography, Data Security, Decryption, Encryption, Hybrid Encryption.

Full Text

References

T. Morkel, and J. H. P. Eloff, “Encryption techniques: A timeline approach,” Information and Computer Security Architecture (ICSA) Research Group, 2004.

P. Kuppuswamy, and S. Q. Y. Al-Khalidi, “Hybrid encryption/decryption technique using new public key and symmetric key algorithm,” MIS Review: An International Journal, vol. 19, no. 2, 2014.

H. Zbinden, H. Bechmann-Pasquinucci, N. Gisin, and G. Ribordy, “Quantum cryptography,” Applied Physics B: Lasers & Optics, vol. 67, no. 6, 1998.

W. Stallings, Cryptography and Network Security: Principles and Practice, 6th ed., p. 287, p. 292, p. 295, p. 339, 2014.

W. Stallings, and L. Brown, Computer Security: Principles and Practice, 4th ed., p. 635, 2018.

S. D. Nasution, G. L. Ginting, Md. Syahrizal, and R. Rahim, “Data security using vigenere cipher and goldbach codes algorithm,” International Journal of Engineering Research & Technology (IJERT), vol. 6, no. 1, pp. 360-363, 2017.

T. Chatterjee, T. Das, S. Dey, J. Nath, and A. Nath, “Symmetric key cryptography using two-way updated-generalized vernam cipher method: TTSJA algorithm,” International Journal of Computer Applications, vol. 42, no. 1, pp. 39-42, 2012.

L. Knudsen, and D. Wagner, “Integral cryptanalysis,” International Workshop on Fast Software Encryption, vol. 2365, pp. 112-127, 2002.

E. Fujisaki, and T. Okamoto, “Secure integration of asymmetric and symmetric encryption schemes,” Journal of Cryptology, vol. 26, no. 1, pp. 80-101, 2013.

S. Fluhrer, I. Mantin, and A. Shamir, “Weaknesses in the key scheduling algorithm of RC4,” International Workshop on Selected Areas in Cryptography, vol. 2259, pp. 1-24, 2001.

E. F. Schaefer, “A simplified data encryption standard algorithm,” Cryptologia, vol. 20, no. 1, pp. 77-84, 1996.

H. Simon, “Advanced encryption standard (AES),” Network Security, vol. 12, pp. 8-12, 2009.

S. Burnett, and S. Paine, RSA Security’s Official Guide to Cryptography, McGraw-Hill, Inc., 2001.

D. W. Davies, “Applying the RSA digital signature to electronic mail,” Computer, vol. 16, no. 2, pp. 55-62, 1983.

M. Steiner, G. Tsudik, and M. Waidner, “Diffie-Hellman key distribution extended to group communication,” CCS 1996: Proc. of 3rd ACM Conf. on Computer and Communications Security, pp. 31-37, 1996.

D. Hankerson, and A. Menezes, Elliptic Curve Cryptography, Springer US, 2011.

J. P. Aumasson, L. Henzen, W. Meier, and R. C. W. Phan, “Sha-3 proposal blake,” Submission to NIST 92, 2008.

B. M. Jakobsson, and A. Juels, “Executable digital cash for electronic commerce,” U.S. Patent 6,157, 920, Dec. 5, 2000.

G. Saju, and M. P. Deepika, “DNA cryptography: New field of cryptography,” Journal of Network and Information Security, vol. 6, no. 1, pp. 30-33, 2018.

M. P. K. Kishore, and S. Budhiraju, “Hybrid cryptosystem using cellular automata transformations on graphs,” Journal of Network and Information Security, vol. 4, no. 2, pp. 11-18, 2016.

Network Management Protocols: Analytical Study and Future Research Directions

Abstract Views :89 | PDF Views:0

Authors

Samman Tyata ¹, Ayad Barsoum ¹

Affiliations
1 St. Mary’s University, San Antonio, TX, US

Source

Journal of Network and Information Security, Vol 9, No 2 (2021), Pagination: 9-13

Abstract

A computer network consists of many complex, interacting pieces of hardware and software. Network management is the process of administering, managing, and operating a computer network using a network management system. Modern network management systems use software and hardware to constantly collect and analyze data and push out configuration changes for improving performance, reliability, and security. In this paper, we summarize widely used network management protocols and provide an analytical study based on their architecture and concept. The paper highlights the advantages and disadvantages of different network management protocols. Moreover, we provide some directions for the future research of network management protocols in network automation, network assurance, and network analytics considering Internet of Things (IoT). This paper particularly focuses on two of the management protocols: Simple Network Management Protocol (SNMP) and Common Management Information Protocol (CMIP). We describe the architecture of the protocols and their management components. We also study how SNMP can be implemented for monitoring IoT devices.

Keywords

Computer networks, Internet of Things (IoT), Network management, Network protocols

Full Text

References

M. Subramanian et al., Network Management: Principles and Practices. Prentice Hall, 2012, [Online]. Available: www.amazon.com/Network-Management-Principles-Mani-Subramanian/dp/0201357429.

A. Leinwand, and K. F. Conroy, Network Management: A Practical Perspective. Addison-Wesley, 2001.

T. Kramer, Network Management Protocols and Tools Study. Germany, GRIN Publishing, 2002.

W. Stallings, SNMP, SNMPv2, SNMPv3, and RMON 1 and 2. Addison-Wesley, 2009.

S. Feit, SNMP: A Guide to Network Management. McGraw-Hill, 1995.

Network Management Protocols and Features > Structuring and Modularizing the Network with Cisco Enterprise Architecture. Cisco Press. [Online]. Available: www.ciscopress.com/articles/article.asp?p=1 073230&seqNum=4

S. Scoggins, and A. Tang, Open Networking with OSI. Prentice-Hall: Toronto, 1992.

H. Zottmann, CMIP/CMIS - Object Oriented Network Management, Aug. 18, 2000. [Online]. Available: www.cellsoft.de/telecom/cmip.htm

M. Savić, “Bridging the SNMP gap: Simple network monitoring the internet of things,” Facta Universitatis Series: Electronics and Energetics, vol. 29, no. 3, pp. 475-487, 2016, doi: 10.2298/FUEE1603475S.

K. Amirthalingam, and R. Moorhead, “SNMP - An overview of its merits and demerits,” Proceedings of the Twenty-Seventh Southeastern Symposium on System Theory, 1995, pp. 180-183, doi: 10.1109/SSST.1995.390588.

A. Ben-Artzi, A. Chandna, and U. Warrier, “Network management of TCP/IP networks: Present and future,” IEEE Network, vol. 4, no. 4, pp. 35-43, 1990.

K. McCloghrie, and M. Rose, “Management information base for network management of TCP/IP-based internets,” RFC 1156, Hughes LAN Systems, Performance Systems International, 1990.

C. Hare, Simple Network Management Protocol (SNMP). 2011.

A. King, and R. Hunt, “Protocols and architecture for managing TCP/IP network infrastructures,” Computer Communications, vol. 23, no. 16, pp. 1558-1572, 2000.

X. Du, M. Shayman, and M. Rozenblit, “Implementation and performance analysis of SNMP on a TLS/TCP base,” in 2001 IEEE/IFIP International Symposium on Integrated Network Management Proceedings. Integrated Network Management VII. Integrated Management Strategies for the New Millennium (Cat. No. 01EX470), pp. 453-466, IEEE, May 2001.

Username
Password
Remember me