Дисертації з теми "Cloud data protection"
Оформте джерело за APA, MLA, Chicago, Harvard та іншими стилями
Ознайомтеся з топ-50 дисертацій для дослідження на тему "Cloud data protection".
Біля кожної праці в переліку літератури доступна кнопка «Додати до бібліографії». Скористайтеся нею – і ми автоматично оформимо бібліографічне посилання на обрану працю в потрібному вам стилі цитування: APA, MLA, «Гарвард», «Чикаго», «Ванкувер» тощо.
Також ви можете завантажити повний текст наукової публікації у форматі «.pdf» та прочитати онлайн анотацію до роботи, якщо відповідні параметри наявні в метаданих.
Переглядайте дисертації для різних дисциплін та оформлюйте правильно вашу бібліографію.
Oduyiga, Adeshola Oyesanya. "Security in Cloud Storage : A Suitable Security Algorithm for Data Protection." Thesis, Mittuniversitetet, Avdelningen för informationssystem och -teknologi, 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:miun:diva-34428.
Повний текст джерелаSyckor, Jens. "Dropbox & Co, alles schon ge-cloud?" Saechsische Landesbibliothek- Staats- und Universitaetsbibliothek Dresden, 2014. http://nbn-resolving.de/urn:nbn:de:bsz:14-qucosa-153998.
Повний текст джерелаSobati, Moghadam Somayeh. "Contributions to Data Privacy in Cloud Data Warehouses." Thesis, Lyon, 2017. http://www.theses.fr/2017LYSE2020.
Повний текст джерелаNowadays, data outsourcing scenarios are ever more common with the advent of cloud computing. Cloud computing appeals businesses and organizations because of a wide variety of benefits such as cost savings and service benefits. Moreover, cloud computing provides higher availability, scalability, and more effective disaster recovery rather than in-house operations. One of the most notable cloud outsourcing services is database outsourcing (Database-as-a-Service), where individuals and organizations outsource data storage and management to a Cloud Service Provider (CSP). Naturally, such services allow storing a data warehouse (DW) on a remote, untrusted CSP and running on-line analytical processing (OLAP).Although cloud data outsourcing induces many benefits, it also brings out security and in particular privacy concerns. A typical solution to preserve data privacy is encrypting data locally before sending them to an external server. Secure database management systems use various encryption schemes, but they either induce computational and storage overhead or reveal some information about data, which jeopardizes privacy.In this thesis, we propose a new secure secret splitting scheme (S4) inspired by Shamir’s secret sharing. S4 implements an additive homomorphic scheme, i.e., additions can be directly computed over encrypted data. S4 addresses the shortcomings of existing approaches by reducing storage and computational overhead while still enforcing a reasonable level of privacy. S4 is efficient both in terms of storage and computing, which is ideal for data outsourcing scenarios that consider the user has limited computation and storage resources. Experimental results confirm the efficiency of S4 in terms of computation and storage overhead with respect to existing solutions.Moreover, we also present new order-preserving schemes, order-preserving indexing (OPI) and wrap-around order-preserving indexing (waOPI), which are practical on cloud outsourced DWs. We focus on the problem of performing range and exact match queries over encrypted data. In contrast to existing solutions, our schemes prevent performing statistical and frequency analysis by an adversary. While providing data privacy, the proposed schemes bear good performance and lead to minimal change for existing software
Skolmen, Dayne Edward. "Protection of personal information in the South African cloud computing environment: a framework for cloud computing adoption." Thesis, Nelson Mandela Metropolitan University, 2016. http://hdl.handle.net/10948/12747.
Повний текст джерелаXu, Cheng. "Authenticated query processing in the cloud." HKBU Institutional Repository, 2019. https://repository.hkbu.edu.hk/etd_oa/620.
Повний текст джерелаCerf, Sophie. "control theory for computing systems : application to big-data cloud services & location privacy protection." Thesis, Université Grenoble Alpes (ComUE), 2019. http://www.theses.fr/2019GREAT024.
Повний текст джерелаThis thesis presents an application of Control Theory for Computing Systems. It aims at investigating techniques to build and control efficient, dependable and privacy-preserving computing systems. Ad-hoc service configuration require a high level of expertise which could benefit from automation in many ways. A control algorithm can handle bigger and more complex systems, even when they are extremely sensitive to variations in their environment. However, applying control to computing systems raises several challenges, e.g. no physics governs the applications. On one hand, the mathematical framework provided by control theory can be used to improve automation and robustness of computing systems. Moreover, the control theory provides by definition mathematical guarantees that its objectives will be fulfilled. On the other hand, the specific challenges of such use cases enable to expand the control theory itself. The approach taken in this work is to use two application computing systems: location privacy and cloud control. Those two use-cases are complementary in the nature of their technologies and softwares, their scale and in their end-users.The widespread of mobile devices has fostered the broadcasting and collection of users’ location data. It could be for the user to benefit from a personalized service (e.g. weather forecast or route planning) or for the service provider or any other third party to derive useful information from the mobility databases (e.g. road usage frequency or popularity of places). Indeed, many information can be retrieved from location data, including highly sensitive personal data. To overcome this privacy breach, Location Privacy Protection Mechanisms (LPPMs) have been developed. They are algorithm that modify the user’s mobility data, hopefully to hide some sensitive information. However, those tools are not easily configurable by non experts and are static processes that do not adapt to the user’s mobility. We develop two tools, one for already collected databases and one for online usage, that, by tuning the LPPMs, guarantee to the users objective-driven levels of privacy protection and of service utility preservation. First, we present an automated tool able to choose and configure LPPMs to protect already collected databases while ensuring a trade-off between privacy protection and database processing quality. Second, we present the first formulation of the location privacy challenge in control theory terms (plant and control, disturbance and performance signals), and a feedback controller to serve as a proof of concept. In both cases, design, implementation and validation has been done through experiments using data of real users collected on the field.The surge in data generation of the last decades, the so-called bigdata, has lead to the development of frameworks able to analyze them, such as the well known MapReduce. Advances in computing practices has also settled the cloud paradigms (where low-level resources can be rented to allow the development of higher level application without dealing with consideration such as investment in hardware or maintenance) as premium solution for all kind of users. Ensuring the performances of MapReduce jobs running on clouds is thus a major concern for the big IT companies and their clients. In this work, we develop advanced monitoring techniques of the jobs execution time and the platform availability by tuning the resource cluster size and realizing admission control, in spite of the unpredictable client workload. In order to deal with the non linearities of the MapReduce system, a robust adaptive feedback controller has been designed. To reduce the cluster utilization (leading to massive financial and energetic costs), we present a new event-based triggering mechanism formulation combined with an optimal predictive controller. Evaluation is done on a MapReduce benchmark suite running on a large-scale cluster, and using real jobs workloads
Van, der Schyff Karl Izak. "Cloud information security : a higher education perspective." Thesis, Rhodes University, 2014. http://hdl.handle.net/10962/d1011607.
Повний текст джерелаVillarino, Marzo Jorge. "La privacidad en el entorno del cloud computing." Doctoral thesis, Universitat Abat Oliba, 2017. http://hdl.handle.net/10803/456904.
Повний текст джерелаLa evolución tecnológica ha tenido un enorme impacto en los derechos fundamentales, dando lugar al nacimiento de la cuarta generación de derechos. Uno de estos derechos ha sido, sin duda, el derecho a la protección de datos. La privacidad constituye una de las grandes preocupaciones de la sociedad. Por esta razón, cualquier desarrollo tecnológico plantea nuevos retos a la regulación de la protección de datos La computación en nube es una nueva realidad tecnológica caracterizada por la ubicuidad, la elasticidad, el dinamismo, la virtualización, la escalabilidad y el pago bajo demanda. En este trabajo se analiza si la regulación actual del derecho fundamental a la protección de datos es válida para hacer frente a los retos que plantea la computación en nube o si es necesario un nuevo régimen jurídico
The technological evolution has had a great impact on fundamental rights, giving rise to the fourth generation of human rights. One of these has been, with no doubts, the right to data protection. Privacy is one of the main concerns of society. For this reason, any new technological development poses new challenges to data protection regulation. Cloud computing is a new technological reality characterized by ubiquity, elasticity, dynamism, virtualization, scalability and pay on demand. In this dissertation we will analyze if the current data protection regulation is valid to face the new challenges pose by cloud computing or if a new legal regime is mandatory.
Imine, Youcef. "Cloud computing security." Thesis, Compiègne, 2019. http://www.theses.fr/2019COMP2520.
Повний текст джерелаThese last years, we are witnessing a real digital revolution of Internet where many innovative applications such as Internet of Things, autonomous cars, etc., have emerged. Consequently, adopting externalization technologies such as cloud and fog computing to handle this technological expansion seems to be an inevitable outcome. However, using the cloud or fog computing as a data repository opens many challenges in prospect. This thesis addresses security issues in cloud and fog computing which is a major challenge that need to be appropriately overcomed. Indeed, adopting these technologies means that the users lose control over their own data, which exposes it to several security threats. Therefore, we first investigated the main security issues facing the adoption of cloud and fog computing technologies. As one of the main challenges pointed in our investigation, access control is indeed a cornerstone of data security. An efficient access control mechanism must provide enforced and flexible access policies that ensure data protection, even from the service provider. Hence, we proposed a novel secure and efficient attribute based access control scheme for cloud data-storage applications. Our solution ensures flexible and fine-grained access control and prevents security degradations. Moreover, it performs immediate users and attributes revocation without any key regeneration. Authentication service in fog computing architecture is another issue that we have addressed in this thesis. Some traditional authentication schemes endure latency issues while others do not satisfy fog computing requirements such as mutual authentication between end-devices and fog servers. Thus, we have proposed a new, secure and efficient authentication scheme that ensures mutual authentication at the edge of the network and remedies to fog servers' misbehaviors.Finally, we tackled accountability and privacy-preserving challenges in information-sharing applications for which several proposals in the literature have treated privacy issues, but few of them have considered accountability service. Therefore, we have proposed a novel accountable privacy preserving solution for public information sharing in data externalization platforms. Externalization servers in our scheme authenticate any user in the system without violating its privacy. In case of misbehavior, our solution allows to trace malicious users thanks to an authority
Trebulová, Debora. "Zálohování dat a datová úložiště." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2017. http://www.nusl.cz/ntk/nusl-318599.
Повний текст джерелаLadjel, Riad. "Secure distributed computations for the personal cloud." Electronic Thesis or Diss., université Paris-Saclay, 2020. http://www.theses.fr/2020UPASG043.
Повний текст джерелаThanks to smart disclosure initiatives and new regulations like GDPR, individuals are able to get the control back on their data and store them locally in a decentralized way. In parallel, personal data management system (PDMS) solutions, also called personal clouds, are flourishing. Their goal is to empower users to leverage their personal data for their own good. This decentralized way of managing personal data provides a de facto protection against massive attacks on central servers and opens new opportunities by allowing users to cross their data gathered from different sources. On the other side, this approach prevents the crossing of data from multiple users to perform distributed computations. The goal of this thesis is to design a generic and scalable secure decentralized computing framework which allows the crossing of personal data of multiple users while answering the following two questions raised by this approach. How to preserve individuals' trust on their PDMS when performing global computations crossing data from multiple individuals? And how to guarantee the integrity of the final result when it has been computed by a myriad of collaborative but independent PDMSs?
Chernikau, Ivan. "Ochrana soukromí v cloudu." Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2019. http://www.nusl.cz/ntk/nusl-399610.
Повний текст джерелаMoataz, Tarik. "Searching over encrypted data." Thesis, Télécom Bretagne, 2016. http://www.theses.fr/2016TELB0418/document.
Повний текст джерелаCloud services offer reduced costs, elasticity and a promised unlimited managed storage space that attract many end-users. File sharing, collaborative platforms, email platforms, back-up servers and file storage are some of the services that set the cloud as an essential tool for everyday use. Currently, most operating systems offer built-in outsourced cloud storage applications, by design, such as One Drive and iCloud, as natural substitutes succeeding to the local storage. However, many users, even those willing to use the aforementioned cloud services, remain reluctant towards fully adopting cloud outsourced storage and services. Concerns related to data confidentiality rise uncertainty for users maintaining sensitive information. There are many, recurrent, worldwide data breaches that led to the disclosure of users' sensitive information. To name a few: a breach of Yahoo late 2014 and publicly announced on September 2016, known as the largest data breach of Internet history, led to the disclosure of more than 500 million user accounts; a breach of health insurers, Anthem in February 2015 and Premera BlueCross BlueShield in March 2015, that led to the disclosure of credit card information, bank account information, social security numbers, data income and more information for more than millions of customers and users. A traditional countermeasure for such devastating attacks consists of encrypting users' data so that even if a security breach occurs, the attackers cannot get any information from the data. Unfortunately, this solution impedes most of cloud services, and in particular, searching on outsourced data. Researchers therefore got interrested in the fllowing question: how to search on outsourced encrypted data while preserving efficient communication, computation and storage overhead? This question had several solutions, mostly based on cryptographic primitives, offering numerous security and efficiency guarantees. While this problem has been explicitly identified for more than a decade, many research dimensions remain unsolved. The main goal of this thesis is to come up with practical constructions that are (1) suitable for real life deployments verifying necessary efficiency requirements, but also, (2) providing good security insurances. Throughout our reseach investigation, we identified symmetric searchable encryption (SSE) and oblivious RAM (ORAM) as the two potential and main cryptographic primitives' candidate for real life settings. We have recognized several challenges and issues inherent to these constructions and provided a number of contributions that improve upon the state of the art. First, we contributed to make SSE schemes more expressive by enabling Boolean, semantic, and substring queries. Practitioners, however, need to be very careful about the provided balance between the security leakage and the degree of desired expressiveness. Second, we improve ORAM's bandwidth by introducing a novel recursive data structure and a new eviction procedure for the tree-based class of ORAM contructions, but also, we introduce the concept of resizability in ORAM which is a required feature for cloud storage elasticity
Carpen-Amarie, Alexandra. "BlobSeer as a data-storage facility for clouds : self-Adaptation, integration, evaluation." Thesis, Cachan, Ecole normale supérieure, 2011. http://www.theses.fr/2011DENS0066/document.
Повний текст джерелаThe emergence of Cloud computing brings forward many challenges that may limit the adoption rate of the Cloud paradigm. As data volumes processed by Cloud applications increase exponentially, designing efficient and secure solutions for data management emerges as a crucial requirement. The goal of this thesis is to enhance a distributed data-management system with self-management capabilities, so that it can meet the requirements of the Cloud storage services in terms of scalability, data availability, reliability and security. Furthermore, we aim at building a Cloud data service both compatible with state-of-the-art Cloud interfaces and able to deliver high-throughput data storage. To meet these goals, we proposed generic self-awareness, self-protection and self-configuration components targeted at distributed data-management systems. We validated them on top of BlobSeer, a large-scale data-management system designed to optimize highly-concurrent data accesses. Next, we devised and implemented a BlobSeer-based file system optimized to efficiently serve as a storage backend for Cloud services. We then integrated it within a real-world Cloud environment, the Nimbus platform. The benefits and drawbacks of using Cloud storage for real-life applications have been emphasized in evaluations that involved data-intensive MapReduce applications and tightly-coupled, high-performance computing applications
Spáčil, Michael. "Zálohování dat a datová úložiště." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2021. http://www.nusl.cz/ntk/nusl-444686.
Повний текст джерелаVasilopoulos, Dimitrios. "Reconciling cloud storage functionalities with security : proofs of storage with data reliability and secure deduplication." Electronic Thesis or Diss., Sorbonne université, 2019. http://www.theses.fr/2019SORUS399.
Повний текст джерелаIn this thesis we study in depth the problem of verifiability in cloud storage systems. We study Proofs of Storage -a family of cryptographic protocols that enable a cloud storage provider to prove to a user that the integrity of her data has not been compromised- and we identify their limitations with respect to two key characteristics of cloud storage systems, namely, reliable data storage with automatic maintenance and data deduplication. To cope with the first characteristic, we introduce the notion of Proofs of Data Reliability, a comprehensive verification scheme that aims to resolve the conflict between reliable data storage verification and automatic maintenance. We further propose two Proofs of Data Reliability schemes, namely POROS and PORTOS, that succeed in verifying reliable data storage and, at the same time, enable the cloud storage provider to autonomously perform automatic maintenance operations. As regards to the second characteristic, we address the conflict between Proofs of Storage and deduplication. More precisely, inspired by previous attempts in solving the problem of deduplicating encrypted data, we propose message-locked PoR, a solution that combines Proofs of Storage with deduplication. In addition, we propose a novel message-locked key generation protocol which is more resilient against off-line dictionary attacks compared to existing solutions
Tourne, Elise. "Le phénomène de circulation des données à caractère personnel dans le cloud : étude de droit matériel dans le contexte de l'Union européenne." Thesis, Lyon, 2018. http://www.theses.fr/2018LYSE3012/document.
Повний текст джерелаThe legal framework applicable to the gathering and processing by cloud service providers of the personal data of their users raises questions for such users. De facto, there does not now exist an organized legal framework allowing for the regulation, at the European Union level and as a whole, of the flow of personal data in the cloud, whether directly or indirectly. It thus seems necessary to question the way law organized itself consequently and analyze the complementary and/or alternative treatments offered by law, which are less structurally organized and are mosaical, but are more pragmatic, realistic and politically sustainable. Historically, the flow of personal data has been dealt almost exclusively via the specific right to the protection of personal data, which derives from the European Union. Such right, often considered in opposition to the right to the free circulation of data, was initially an emanation of the right to privacy before being established as a fundamental right of the European Union. The treatment provided by the right to the protection of personal data, if it targets directly the data within the flow phenomena, only partly covers such phenomena. In addition, despite the entry into force of the Regulation 2016/679 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, its effectiveness is questionable, not offering any harmonized solution within the European Union and being highly dependent on the goodwill and the financial, organizational and human means of the Member States. The complementary and/or alternative treatments to the right to the protection of personal data that exist within the European Union, which may be allocated among technical, contractual and regulatory tools, only approach the data flow phenomena indirectly by providing a framework to its environment. Individually, they only target one very limited aspect of the data flow phenomena, with more or less effectiveness. Furthermore, technical and contractual tools have not the legitimacy attached to the regulatory tools. However, associated one with another, they allow a more global and efficient targeting of the data flow phenomena
Kontargyris, Xenofon [Verfasser]. "IT Laws in the Era of Cloud-Computing : A Comparative Analysis between EU and US Law on the Case Study of Data Protection and Privacy / Xenofon Kontargyris." Baden-Baden : Nomos Verlagsgesellschaft mbH & Co. KG, 2018. http://d-nb.info/1175743518/34.
Повний текст джерелаChenette, Nathan Lee. "Symmetric schemes for efficient range and error-tolerant search on encrypted data." Diss., Georgia Institute of Technology, 2012. http://hdl.handle.net/1853/48976.
Повний текст джерелаJohnsson, Lovisa. "Dataskyddsförordningens tillämplighet vid personuppgiftshantering i molntjänster : En studie av Dataskyddsförordningen, utifrån perspektivet användande av molntjänster." Thesis, Linköpings universitet, Affärsrätt, 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-137192.
Повний текст джерелаKroft, Karel. "Audit cloudových služeb pro malé a střední podniky." Master's thesis, Vysoká škola ekonomická v Praze, 2014. http://www.nusl.cz/ntk/nusl-203958.
Повний текст джерелаMaddineni, Venkata Sravan Kumar, and Shivashanker Ragi. "Security Techniques for protecting data in Cloud Computing." Thesis, Blekinge Tekniska Högskola, Sektionen för datavetenskap och kommunikation, 2012. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-3430.
Повний текст джерелаHe, Yijun, and 何毅俊. "Protecting security in cloud and distributed environments." Thesis, The University of Hong Kong (Pokfulam, Hong Kong), 2012. http://hub.hku.hk/bib/B49617631.
Повний текст джерелаpublished_or_final_version
Computer Science
Doctoral
Doctor of Philosophy
Mahboubi, Sakina. "Préservation de la confidentialité des données externalisées dans le traitement des requêtes top-k." Thesis, Montpellier, 2018. http://www.theses.fr/2018MONTS026/document.
Повний текст джерелаOutsourcing corporate or individual data at a cloud provider, e.g. using Database-as-a-Service, is practical and cost-effective. But it introduces a major problem: how to preserve the privacy of the outsourced data, while supporting powerful user queries. A simple solution is to encrypt the data before it is outsourced. Then, to answer a query, the user client can retrieve the encrypted data from the cloud, decrypt it, and evaluate the query over plaintext (non encrypted) data. This solution is not practical, as it does not take advantage of the computing power provided by the cloud for evaluating queries.In this thesis, we consider an important kind of queries, top-k queries,and address the problem of privacy-preserving top-k query processing over encrypted data in the cloud.A top-k query allows the user to specify a number k, and the system returns the k tuples which are most relevant to the query. The relevance degree of tuples to the query is determined by a scoring function.We first propose a complete system, called BuckTop, that is able to efficiently evaluate top-k queries over encrypted data, without having to decrypt it in the cloud. BuckTop includes a top-k query processing algorithm that works on the encrypted data, stored at one cloud node,and returns a set that is proved to contain the encrypted data corresponding to the top-k results. It also comes with an efficient filtering algorithm that is executed in the cloud on encypted data and removes most of the false positives included in the set returned.When the outsourced data is big, it is typically partitioned over multiple nodes in a distributed system. For this case, we propose two new systems, called SDB-TOPK and SD-TOPK, that can evaluate top-k queries over encrypted distributed data without having to decrypt at the nodes where they are stored. In addition, SDB-TOPK and SD-TOPK have a powerful filtering algorithm that filters the false positives as much as possible in the nodes, and returns a small set of encrypted data that will be decrypted in the user side. We analyze the security of our system, and propose efficient strategies to enforce it.We validated our solutions through implementation of BuckTop , SDB-TOPK and SD-TOPK, and compared them to baseline approaches over synthetic and real databases. The results show excellent response time compared to baseline approaches. They also show the efficiency of our filtering algorithm that eliminates almost all false positives. Furthermore, our systems yieldsignificant reduction in communication cost between the distributed system nodes when computing the query result
Lalanne, Vincent. "Gestion des risques appliquée aux systèmes d’information distribués." Thesis, Pau, 2013. http://www.theses.fr/2013PAUU3052/document.
Повний текст джерелаIn this thesis we discuss the application of risk management to distributed information systems. We handle problems of interoperability and securisation of the exchanges within DRM systems and we propose the implementation of this system for the company: it needs to permit the distribution of self-protected contents. We then present the (our) participation in the creation of an innovative company which emphasizes on the security of information, in particular the management of risks through the ISO/IEC 27005:2011 standard. We present risks related to the use of services, highlighting in particular the ones which are not technological: we approach inheritent risks in clouds (provider failure, etc ...) but also the more insidious aspects of espionage and intrusion in personal data (Case PRISM in June 2013). In the last section, we present a concept of a DRM company which uses metadata to deploy settings in usage control models. We propose a draft formalization of metadata necessary for the implementation of a security policy and guarantee respect of regulations and legislation
"Data Protection over Cloud." Master's thesis, 2016. http://hdl.handle.net/2286/R.I.38668.
Повний текст джерелаDissertation/Thesis
Masters Thesis Computer Science 2016
HSU, MING-WEI, and 許銘瑋. "Cloud Services and Personal Data Protection." Thesis, 2017. http://ndltd.ncl.edu.tw/handle/nd6344.
Повний текст джерела東吳大學
法律學系
105
With the progress of science and technology as well as the popularity of the Internet, in recent years, cloud services emerge. Cloud service means individuals store his personal resources in the remote data center managed and operated by others, and through the Internet the resources in the cloud can be accessed. While cloud computing allows its users to easily access to their information at anytime and anywhere, as long as there is internet connect, thus technology like this brings serious data security and privacy concerns. This article first introduces the concepts of cloud services, including features, architecture, service patterns, key technologies and challenges. Second, the discussion of the relevant personal data protection law related issues is revealed: from the personal data protection point of view, cloud service requires the study of legal relations among cloud computing providers, cloud service users, and data subjects. The information stored in the cloud can be divided into personal data and non-personal data. Personal data is applicable to personal data protection law; non-personal information part discussed in this article, is mainly to explore the criminal law protection for the digital data. In addition, since relevant parties may not know where personal data is located at any particular time, it is also worth considering whether this characteristic may cause adverse impact on data protection. Thus this paper aims to comprehensively review the related issues based on the newly enacted Personal Data Protection Act, and to provide suggestions for further discussion in the field.
Silva, Paulo Miguel Guimarães da. "Data Privacy Protection for the Cloud." Master's thesis, 2016. http://hdl.handle.net/10316/93238.
Повний текст джерелаPrivacy is for a long time a concern when data is being discussed. Nowadays, with an increasing amount of personal and confidential data being transmitted and stored online, data curators have to assure certain guarantees of data protection and privacy. This Master Dissertation presents a background of anonymization and concealing techniques. Their characteristics and capabilities are described, as well as tools to implement and evaluate anonymization and concealing. The evaluation of the applicability of the DNA-inspired concealing algorithm is the main objective of this work. Usually, various metrics are used to measure aspects like risk or utility of the anonymized data. This work presents a new approach of evaluating how well concealed is the data. By using the Cosine Similarity as a measure of similarity between the private and concealed data, this metric proves its worthiness not only in information retrieval or text mining applications but also in the analysis of concealed or anonymized files. Nowadays there is a continuously growing demand for Cloud services and storage. The evaluation in the Master Dissertation is directed to find how suitable is the application of the DNA-inspired concealing algorithm over the data being stored or transmitted in the Cloud. The evaluation is made by analyzing the concealing results as well as the performance of the algorithm itself. The application of the algorithm is made over various texts and audio files with different characteristics, like size or contents. However, both file types are unstructured data. Which is an advantage for being accepted as an input by the algorithm. Unlike many anonymization algorithms which demand structured data. With the final results and analysis, it will be possible to determine the applicability and performance of the referred algorithm for a possible integration with the Cloud.
Chen, Wei-Hsiu, and 陳緯修. "Study of Data Protection in Cloud Environment." Thesis, 2014. http://ndltd.ncl.edu.tw/handle/84273503855778390740.
Повний текст джерела國防大學理工學院
國防科學研究所
102
Since 2009, the amount of digital data being produced has doubled every year. Cloud computing and storage services are economical approach to deal with such volumes of data, but it has security and privacy issues. Those massive data gathered by social networks and information-sensing mobile devices we called big data. The analysis of big data has potential benefit that attracts the attention of many companies. Full data encryption is able to ensure privacy. However, this approach makes it difficult to analyze the data in an efficient manner. Data analysis in a cloud environment requires a balance between data security and data analysis capacity. This study proposes a high-efficiency privacy-preservation scheme for data distribution in hybrid clouds to improve data security and utilization. The proposed scheme has two major phases: data risk classification and selective data protection. Data risk classification roughly divides data into two categories: high and low risks. Data are then stored separately in a hybrid cloud according to its risk level. In the selective protection phase, data anonymity and symmetric encryption in data attribution are used to ensure data safety and encryption efficiency. Data anonymity removes private information from data fields, which enables the storage of partial vague information in public clouds. Symmetric encryption encrypts only the content of sensitive fields rather than entire fields of data. The proposed scheme presents an excellent balance between data security and utilization. Results of functional analysis and comparison revealed that the proposed scheme reduces the time required for encryption and decryption and decreases the number of privacy content while allowing data mining without compromising privacy. Comparing with all traditional encryption methods, the proposed scheme is more suitable for hybrid cloud environment.
"Practical data integrity protection in network-coded cloud storage." 2012. http://library.cuhk.edu.hk/record=b5549172.
Повний текст джерелаTo protect outsourced data in cloud storage against corruptions, enabling integrity protection, fault tolerance, and efficient recovery for cloud storage becomes critical. To enable fault tolerance from a client-side perspective, users can encode their data with an erasure code and stripe the encoded data across different cloud storage nodes. We base our work on regenerating codes, a recently proposed type of erasure code that borrows the concept of network coding and requires less repair traffic than traditional erasure codes during failure recovery. We study the problem of remotely checking the integrity of regenerating-coded data against corruptions under a real-life cloud storage setting. Specifically, we design a practical data integrity protection (DIP) scheme for a specific regenerating code, while preserving the intrinsic properties of fault tolerance and repair traffic saving. Our DIP scheme is designed under the Byzantine adversarial model, and enables a client to feasibly verify the integrity of random subsets of outsourced data against general or malicious corruptions. It works under the simple assumption of thin-cloud storage and allows different parameters to be fine-tuned for the performance-security trade-off. We implement and evaluate the overhead of our DIP scheme in a cloud storage testbed under different parameter choices. We demonstrate that remote integrity checking can be feasibly integrated into regenerating codes in practical deployment.
Detailed summary in vernacular field only.
Chen, Chuk Hin Henry.
Thesis (M.Phil.)--Chinese University of Hong Kong, 2012.
Includes bibliographical references (leaves 38-41).
Abstracts also in Chinese.
Chapter 1 --- Introduction --- p.1
Chapter 2 --- Preliminaries --- p.4
Chapter 2.1 --- FMSR Implementation --- p.4
Chapter 2.2 --- Threat Model --- p.6
Chapter 2.3 --- Cryptographic Primitives --- p.7
Chapter 3 --- Design --- p.8
Chapter 3.1 --- Design Goals --- p.8
Chapter 3.2 --- Notation --- p.9
Chapter 3.3 --- Overview of FMSR-DIP --- p.11
Chapter 3.4 --- Basic Operations --- p.11
Chapter 3.4.1 --- Upload operation --- p.11
Chapter 3.4.2 --- Check operation --- p.13
Chapter 3.4.3 --- Download operation --- p.15
Chapter 3.4.4 --- Repair operation --- p.16
Chapter 4 --- Implementation --- p.17
Chapter 4.1 --- Integration of DIP into NCCloud --- p.17
Chapter 4.2 --- Instantiating Cryptographic Primitives --- p.18
Chapter 4.3 --- Trade-off Parameters --- p.19
Chapter 5 --- Security Analysis --- p.22
Chapter 5.1 --- Uses of Security Primitives --- p.22
Chapter 5.2 --- Security Guarantees --- p.23
Chapter 5.2.1 --- Corrupting an AECC Stripe --- p.23
Chapter 5.2.2 --- Picking Corrupted Bytes for Checking --- p.25
Chapter 5.2.3 --- Putting It All Together --- p.26
Chapter 6 --- Evaluations --- p.27
Chapter 6.1 --- Running Time Analysis --- p.27
Chapter 6.2 --- Monetary Cost Analysis --- p.30
Chapter 6.3 --- Summary --- p.33
Chapter 7 --- Related Work --- p.34
Chapter 8 --- Conclusions --- p.37
Bibliography --- p.38
Chen, Chang Shian, and 陳昶憲. "A Design of Data Privacy Protection Mechanism for Cloud Computing." Thesis, 2012. http://ndltd.ncl.edu.tw/handle/64407933904437715500.
Повний текст джерела長庚大學
資訊管理學系
100
Today the cloud computing provides many Internet services which are easily to obtain. Cloud computing brings many advantages, and the development of cloud computing is very popular. Before organizations agree to adopt cloud computing technology, the cloud security is the major consideration factor, especially for the protection of data stored in the cloud environment. Therefore, this study proposes a data privacy protection mechanism for cloud computing environment. The proposed protection mechanism can protect the data stored in the cloud to avoid unauthorized disclosure by third party. It can also completely protect the data while processing. The proposed protection mechanism uses the concept called mobile agent to communicate between different service providers’ servers. It will not only protect the security and privacy of the plaintext data, but also ensure the confidentiality and integrity. Furthermore, for the data privacy protection, this study covers the data’s whole lifecycle from creating to destruction.
PAN, CHIH-CHENG, and 潘志成. "Research to Establish Personal Data Protection in the Cloud Computing Services." Thesis, 2014. http://ndltd.ncl.edu.tw/handle/30012948778680825573.
Повний текст джерела中國科技大學
資訊科技應用研究所碩士在職專班
102
Cloud computing services have mushroomed in recent years, in large numbers, like another wave of industrial revolution, people could completely change the lifestyle and habits. However, the providers of these cloud computing services, the security issues and the protection of personal data, but it is and has been criticized by people worried about the place, which also promote cloud computing services directly into the barriers. Therefore, how to enhance people's sense of trust in cloud computing services for data protection, are extremely important and must be solved. In this paper, we make a risk management for the cloud computing and discuss the risk management mechanisms for the cloud computing industry with the Freeman’s stakeholder theory.
Liu, Jen-Shuo, and 劉人碩. "Research of Personal Data Privacy Protection on Cloud Environment Management System." Thesis, 2014. http://ndltd.ncl.edu.tw/handle/96092689568846152213.
Повний текст джерела健行科技大學
資訊工程系碩士班
102
Cloud computing techniques are giving many convenient to users; it changed the way of data process. Many users not only saving their data in local or USB drive, but also upload to the cloud template. It is because of the cloud templates not only having enough memory space, but also they provide user high-performance computing ability. With the develop of the cloud service application like social software, transfer platform, online shopping, stock trading are all included in their services. When the users are enjoying the convenient of cloud computing, their security of personal data is under threat. Recently the develop of security of cloud data is not so perfect, because the developers are more emphasis on infrastructure and service. Our propose is based on privacy policy to discuss data life cycle management in the environment of cloud. We designed a system that conform to Privacy Protection Act, this system will discuss the life cycle (from it created till it deleted), we will also provide the every level of threat and the protection method, to enhanced the data security in cloud computing services.
Lin, Kuan-yow, and 林冠佑. "Legal Study on Information Security Harmonizationfor Data Protection and Cloud Computing." Thesis, 2011. http://ndltd.ncl.edu.tw/handle/88776505810956561611.
Повний текст джерела東吳大學
法律學系
99
The thriving on computers and the Internet has brought tremendous changes on our daily lives as well as business models. Various services of the Internet have successfully enabled people to do everything online- surf the news, check the weather forecast, follow the index of stock markets, collecting information, wire money, contact people with email and other interactive multimedia, twit and plurk, blog thoughts and photos, post videos on Youtube and Yahoo!, plan a trip with Google map, upload massive files to Google Docs and Dropbox, set up a website on Amazon’s leasing server and so on, not to mention other services offered by hundreds of thousands of websites. In fact, nowadays one can easily assume that every step of our lives—from birth to death is closely related to computers and the Internet. Along with the evolution of the technologies of computers and the Internet, the increase on bandwidth and the expansion of mobile communications, people can access the Internet to process different dealings on the go, thus provoking a rapid evolution and development of cloud computing. The speedy growth of cloud computing has not only brought enormous impact on the cost, sale and operation of related industries, but also advanced the already close connection between the Internet and our daily lives, which promotes the cloud computing services of the ISPs and enhance the more beneficial utilization of the resources of the Internet. With the evolution of cloud computing, more and more magnetic data, such as personal information, trade secrets, music, video, pictures and other copyrighted material, etc., would be stored and processed in the cloud service provider's computer servers. Therefore, it can be predicted that more and more network services would requires users to provide personal information, and even Internet service providers would collect person information through the service they offer the users. These collections are supposed to be regulated in respective jurisdictional area. However, when considering the nature of cross-border of the Internet, one would reasonably doubt whether the regulations would work out. Meanwhile, malwares such as website Trojan and spams through social technologies can bring vital harms to the security of the Internet. Apparently, cybercrimes would be one of the most serious crimes and the coming future. On one hand, the growth of cloud computer will boost the function and utility of the website to a whole new stage; on the other hand, it will also realize the actual harm to the security of Internet database. Hence, the response of ISPs to the characteristic of the storage and protection of the magnetic records on cloud computing would be very important. As to governmental agencies, although new regulations on cloud computing are rapidly issued or amended all over the world, how can the rules be best adapted and applied to the real world would be essential too. The thesis attempts to start with the technology of cloud computing, and then draw out the possible harms to data security under the structure of computer, the Internet and could computing. Then it will discuss the related regulations on data security of cloud computing in Taiwan and other countries, and ends with the suggestion of the application of the regulations from the perspective of the ISPs, users and governmental agencies.
Silva, Paulo Miguel Guimarães da. "CONTRIBUTIONS TO PERSONAL DATA PROTECTION AND PRIVACY PRESERVATION IN CLOUD ENVIRONMENTS." Master's thesis, 2020. http://hdl.handle.net/10316/95054.
Повний текст джерелаSilva, Paulo Miguel Guimarães da. "Contributions to Personal Data Protection and Privacy Preservation in Cloud Environments." Doctoral thesis, 2021. http://hdl.handle.net/10316/95291.
Повний текст джерелаPersonal data is currently being used in countless applications in a vast number of areas. Despite national and international legislation, the fact is that individuals still have little to no control over who uses their data and for what purposes. As regulations vary from region to region, data is often stored and processed in multiple locations by multiple data processors. Moreover, the security concerns of a system are sometimes addressed individually or in an ad-hoc manner, which may result in inadequate solutions. In the end, data protection and privacy assurances are still, in many cases, only a theoretical possibility. As such, it is necessary to propose mechanisms that maximise data protection and provide increased privacy assurances. A strategy to ensure appropriate levels of security and privacy is mandatory. In this work, it was possible to design, develop and evaluate mechanisms that fill the issues mentioned above. One of the pillars of this strategy is the inclusion of Authentication, Authorisation and Accounting (AAA) solutions that securely control access to individuals' data. The other pillar relies on the usage of intelligent, automated, and non-intrusive mechanisms that monitor and control personal data to increase privacy assurances. To fulfil such strategy, the development of a cloud-based AAA solution was the very first step to control individuals' access to data. The proposed solution is composed of a reverse proxy, a custom web application and a NoSQL database. The mechanisms proposed in this thesis recur to Natural Language Processing (NLP), Named Entity Recognition (NER) and Machine Learning (ML) algorithms in a hybrid approach. A series of NER models capable of identifying personal information are also trained with algorithms such as Multi-Layer Perceptron (MLP) and Random Forests (RF), using only publicly available datasets as a source of training and validation data. The mechanisms proposed in this work comply with existing regulations and are designed under appropriate cloud-based deployment and life cycle management strategies. Moreover, this thesis proposes a fuzzy privacy risk model that allows the assessment of privacy risk levels associated with data transactions. The advantages and drawbacks of the proposed mechanisms were evaluated in pilot use cases in the scope of two international projects: H2020 EUBra-BIGSEA and H2020 PoSeID-on. The evaluation conducted on both technical and user-centred scenarios indicates that the proposed mechanisms have high data classifying accuracy, support large volumes of data with distinct characteristics and to increase individuals' privacy awareness and control.
Os dados pessoais são atualmente utilizados em inúmeras aplicações num grande número de áreas. Apesar da legislação nacional e internacional, o facto é que indivíduos ainda têm pouco ou nenhum controlo sobre quem usa os seus dados pessoais, e para que fins. Como os regulamentos variam de região para região, os dados geralmente são armazenados e processados em vários locais, e por vários processadores de dados. Além disso, as questões de segurança dos sistemas por vezes são tratadas individualmente ou de maneira ad-hoc, o que pode resultar em soluções inadequadas. No final, a proteção de dados e as garantias de privacidade ainda são, em muitos casos, apenas uma possibilidade teórica. Como tal, é necessário propor mecanismos que maximizem a proteção de dados e forneçam maiores garantias de privacidade. Uma estratégia para garantir níveis adequados de segurança e privacidade é obrigatória. Neste trabalho, foi possível projetar, desenvolver e avaliar mecanismos que atendem às questões mencionadas acima. Um dos pilares desta estratégia é a inclusão de soluções de Autenticação, Autorização e Auditabilidade (AAA) que controlam o acesso aos dados pessoais com segurança. O outro pilar depende do uso de mecanismos inteligentes, automatizados e não intrusivos que monitoram e controlam os dados pessoais de modo a aumentar as garantias de privacidade. Para seguir essa estratégia, o primeiro passo foi o desenvolvimento de uma solução AAA baseada na nuvem, que controla o acesso a dados pessoais. A solução proposta é composta por um procurador reverso, uma aplicação web personalizada e uma base de dados NoSQL. Os mecanismos propostos nesta tese recorrem a Processamento de Linguagem Natural (PNL), Reconhecimento de Entidades Mencionadas (REM) e Aprendizagem Automática (AA) de uma forma híbrida. Uma série de modelos REM capazes de identificar informações pessoais também são treinados com algoritmos tais como Perceptron Multicamada (PM) e Florestas de Decisão Aleatórias (FDA), usando apenas conjuntos de dados publicamente disponíveis, como fonte de dados de treino e validação. Os mecanismos propostos neste trabalho estão em conformidade com os regulamentos existentes e são projetados de acordo com uma implementação baseada em nuvem e estratégias de gestão de ciclo de vida apropriadas. Além disso, esta tese propõe um modelo fuzzy de risco de privacidade que permite avaliar os níveis de risco de privacidade associados às transações de dados. As vantagens e desvantagens dos mecanismos propostos foram avaliadas em casos de uso piloto no âmbito de dois projetos internacionais: H2020 EUBra-BIGSEA e H2020 PoSeID-on. A avaliação realizada em cenários técnicos e centrados no usuário indica que os mecanismos propostos têm alta precisão de classificação de dados, suportam grandes volumes de dados com características distintas e aumentam a perceção e o controle da privacidade dos indivíduos.
Dang, Thanh Dat. "Protection and efficient management of big health data in cloud environment." Thesis, 2017. http://hdl.handle.net/10453/123215.
Повний текст джерелаHealthcare data has become a great concern in the academic world and in industry. The deployment of electronic health records (EHRs) and healthcare-related services on cloud platforms will reduce the cost and complexity of handling and integrating medical records while improving efficiency and accuracy. To make effective use of advanced features such as high availability, reliability, and scalability of Cloud services, EHRs have to be stored in the clouds. By exposing EHRs in an outsourced environment, however, a number of serious issues related to data security and privacy, distribution and processing such as the loss of the controllability, different data formats and sizes, the leakage of sensitive information in processing, sensitive-delay requirements has been naturally raised. Many attempts have been made to address the above concerns, but most of the attempts tackled only some aspects of the problem. Encryption mechanisms can resolve the data security and privacy requirements but introduce intensive computing overheads as well as complexity in key distribution. Data is not guaranteed being protected when it is moved from one cloud to another because clouds may not use equivalent protection schemes. Sensitive data is being processed at only private clouds without sufficient resources. Consequently, Cloud computing has not been widely adopted by healthcare providers and users. Protecting and managing health data efficiently in many aspects is still an open question for current research. In this dissertation, we investigate data security and efficient management of big health data in cloud environments. Regarding data security, we establish an active data protection framework to protect data; we investigate a new approach for data mobility; we propose trusted evaluation for cloud resources in processing sensitive data. For efficient management, we investigate novel schemes and models in both Cloud computing and Fog computing for data distribution and data processing to handle the rapid growth of data, higher security on demand, and delay requirements. The novelty of this work lies in the novel data mobility management model for data protection, the efficient distribution scheme for a large-scale of EHRs, and the trust-based scheme in security and processing. The contributions of this thesis can be summarized according to data security and efficient data management. On data security, we propose a data mobility management model to protect data when it is stored and moved in clouds. We suggest a trust-based scheduling scheme for big data processing with MapReduce to fulfil both privacy and performance issues in a cloud environment. • The data mobility management introduces a new location data structure into an active data framework, a Location Registration Database (LRD), protocols for establishing a clone supervisor and a Mobility Service (MS) to handle security and privacy requirements effectively. The model proposes a novel security approach for data mobility and leads to the introduction of a new Data Mobility as a Service (DMaaS) in the Cloud. • The Trust-based scheduling scheme investigates a novel composite trust metric and a real-time trust evaluation for cloud resources to provide the highest trust execution on sensitive data. The proposed scheme introduces a new approach for big data processing to meet with high security requirements. On the efficient data management, we propose a novel Hash-Based File Clustering (HBFC) scheme and data replication management model to distribute, store and retrieve EHRs efficiently. We propose a data protection model and a task scheduling scheme which is Region-based for Fog and Cloud to address security and local performance issues. • The HBFC scheme innovatively utilizes hash functions to cluster files in defined clusters such that data can be stored and retrieved quickly while maintaining the workload balance efficiently. The scheme introduces a new clustering mechanism in managing a large-scale of EHRs to deliver healthcare services effectively in the cloud environment. • The trust-based scheduling model uses the proposed trust metric for task scheduling with MapReduce. It not only provides maximum trust execution but also increases resource utilization significantly. The model suggests a new trust-oriented scheduling mechanism between tasks and resources with MapReduce. • We introduce a novel concept “Region” in Fog computing to handle the data security and local performance issues effectively. The proposed model provides a novel Fog-based Region approach to handle security and local performance requirements. We implement and evaluate our proposed models and schemes intensively based on both real infrastructures and simulators. The outcomes demonstrate the feasibility and the efficiency of our research in this thesis. By proposing innovative concepts, metrics, algorithms, models, and services, the significant contributions of this thesis enable both healthcare providers and users to adopt cloud services widely, and allow significant improvements in providing better healthcare services.
Lin, Yu-Ting, and 林雨葶. "Applying Proxy Re-Encryption to Ciphertext Search in Cloud Data Protection Mechanism." Thesis, 2016. http://ndltd.ncl.edu.tw/handle/39u6r7.
Повний текст джерела長庚大學
資訊管理學系
104
With the rapid growth of Internet applications and cost continued to decline, there are many large organizations, such as Amazon, IBM and Microsoft, adopted cloud computing technology. These organizations will transfer their internal resources to external Cloud Service Provider (CSP). It does not only greatly reduce the cost of organization expenses, but also have more competitive advantages offered by cloud service environment than traditional server. However, the cloud environment is an open shared location; the traditional protection mechanism may not be suitable for cloud environment. When enterprises decide to outsource the sensitive data from interior server to cloud storage environment, security of data which are stored in the cloud is the most important issue to consider. In order to assure the security of data outsourced to cloud storage, and maintain the cost and competitive advantages simultaneously, this paper proposes a data protection mechanism which is suitable for cloud computing environment. The proposed mechanism is expected to achieve confidentiality and provide ciphertext searchable capability and user revocation. Furthermore, the proposed mechanism adopts Attribute-Based Encryption (ABE) along with Proxy Re-encryption (PRE) scheme to achieve Fine-Grained Access Control.
Studihradová, Barbora. "Obecné nařízení o ochraně osobních údajů: výzvy pro cloud." Master's thesis, 2018. http://www.nusl.cz/ntk/nusl-388685.
Повний текст джерелаLiu, Kuan-Ting, and 劉冠廷. "Legal Issues of Information Security and Personal Data Protection of Cloud Computing Service." Thesis, 2015. http://ndltd.ncl.edu.tw/handle/79178790139062182389.
Повний текст джерела國立高雄第一科技大學
科技法律研究所
103
In the new world of Cloud computing, Information security is important. That Data theft and Internet crime are biggest threats to Country and Company. Advances in technology will lead to more and more important information security. How the government to protect the rights and interests of enterprise information security equitable people. That problem faced by the Government. Protection of personal data is another focus issue. Up to the constitutional guarantee of the right to privacy of information. Down to the general law to protect people''s personal information, there are also outside of the transmission and to identify issues. And EU have “The right to be forgotten” if enter into Taiwan have problem? These topics are discussed in this article.
Wu, Tsung Han, and 吳宗翰. "A Data Protection Mechanism with Fine-Grained Access Control in Cloud Storage Environments." Thesis, 2014. http://ndltd.ncl.edu.tw/handle/39589420663475627315.
Повний текст джерела長庚大學
資訊管理學系
102
With the advance of information technology, the price of bandwidth is decreasing rapidly. There are more and more organizations moving their computing and storage resources to cloud computing environment to reduce the cost of hardware, software or labors. Although cloud computing brings the advantage of cost, the organizations may still worry about the issues of cloud computing security, especially the confidentiality of sensitive date which were stored in the cloud storage environments. Therefore, this study proposes a data protection mechanism to protect the data stored in the cloud environment. With the proposed mechanism, we can achieve not only the data confidentiality and security of keywords search scheme in encrypted data, but also fine-grained access control with Attribute-Based Encryption (ABE). Furthermore, the computing cost of the proposed mechanism is reasonable.
Lu, Pei-chun, and 盧佩君. "The Study of Secure and Efficient Data and Privacy Protection Mechanisms in Cloud Computing." Thesis, 2013. http://ndltd.ncl.edu.tw/handle/27065841577029443387.
Повний текст джерела國立高雄第一科技大學
資訊管理研究所
101
In cloud computing environments, service providers provide more and more cloud services. Users can use these convenient cloud services in daily life. The major data of the user is maintained by the service providers except that some personal privacy data is stored at the client device. An attacker may try to invade the systems, and it will cause the damage of users and service providers. Also, users may lose their mobile devices and then it may cause the data disclosure problem. As a result, the data and privacy protection of users becomes an important issue in these environments. Besides, since many mobile devices are used in these environments, secure authentication and data protection methods must be efficient in these low resource environments. In this thesis, we propose a scheme that users can verify the valid cloud service servers and the cloud service servers can ensure the legal users. Our proposed method uses the secure encryption/decryption keys and achieves the user authentication using the elliptic curve cryptosystems and the message authentication codes. Since the key delegation center of the third party has the robust security protection, our proposed scheme stores the encryption/decryption keys in the key delegation center of the third party. This approach not only can reduce the storage space of the user devices, but also can recover the encryption/decryption keys in the key delegation center when a user loses her/his devices for solving the device losing problem.
Chi, Pei-I., and 紀珮宜. "A comparative study on EU and US data protection laws governing transatlantic data flow services by cloud computing industry." Thesis, 2018. http://ndltd.ncl.edu.tw/handle/hj2x8t.
Повний текст джерела國立政治大學
國際經營與貿易學系
106
In recent years, Cloud Computing has developed rapidly, and has brought big changes in the management model of enterprises. The fast-growing European market becomes the battlefield that all the American large cloud-computing providers aggressively try to get in. For the cloud computing, transferring data without limit is the essential condition in providing services; however, inevitably, the transferring process involves the issue of personal data and privacy protection. The EU and America hold different opinions over this issue, and the differences are the main barriers that prevent cloud-computing providers from entering the European market. In addition, the EU passed a more stringent rule, the Data Protection Regulation, in 2018, and covered the cloud-computing providers by imposing the obligation of protecting data on the enterprises. As for the transatlantic-data flow, according to the EU law, only the country who has the same level of personal data protection is allowed to transfer the data across the border. In this case, the majority of cloud-computing providers adopt the EU-US Privacy Shield Framework, a cross-border data transfers agreement specifically designed for the transatlantic-data flow by the EU and America, as their key foundation. In view of this, this thesis analyzed the content of EU-US Privacy Shield Framework, and concluded that this agreement requires more obligations for the enterprises, which are handling data, than the previous Safe Harbor Framework agreement, while it also gives the data subject more rights to ensure privacy. Nevertheless, this thesis believes that this agreement is still insufficient to meet the EU’s standard of data privacy protection. Therefore, it is suggested that both parties, the EU and America, should renegotiate the approaches that prevent personal privacy from being compromised by mass surveillance and data collection and provide affected individual with effective legal resorts to remedy damage, with the aim of avoiding the legal risk of EU-US Privacy Shield Framework being determined invalid in the future.
Wang, Ching-Hui, and 王瀞慧. "A Discussion on Privacy and Personal Data Protection of Financial Institutions in the Cloud Computing Environment." Thesis, 2013. http://ndltd.ncl.edu.tw/handle/77394136614625342972.
Повний текст джерела大同大學
資訊經營學系(所)
101
Though the world economy suffered frequently from financial crises, mobile technology finds its applications in every walk of life. Together with cloud computing, it brings innovative ideas to many industries including financial industry. While the industry benefits from this new technological environment, information security becomes a new challenge. In this study, we apply to the method of focus group to explore the opinion of users concerning the use of new technologies of e-banking, e-ATM, and mobile banking. The questionnaire was administered in three steps based on a case of bank, and the following conclusions are drawn: (1)The users worry about the leakage of private data while using the new technologies; (2)The users feel comfortable if the bank provides security mechanisms for transactions while using the new technologies; (3)The users appreciate the notification upon successful/failed transaction by email or short message service (SMS) from the bank while using the new technologies; (4)The users favor the notification of login operation by email or SMS from the bank while using the new technologies; and (5)The users agree that the implementation of international security certification would increase the trust of financial institutions. The results obtained in this study are of reference value for decision-makers. The case company is encouraged to implement these security mechanisms in its transaction management to gain competitive advantages.
Agreira, André Eduardo Santos de Caria. "Cloud computing and EU law." Master's thesis, 2021. http://hdl.handle.net/10362/132599.
Повний текст джерелаAs of today, one of the main obstacles to the transversal adoption of Cloud Computing by companies across the EU is still the lack of knowledge and the apparent risks associated to this technology; however, the European Commission has once again stressed its importance for the future of the EU. As such, this thesis provides a summary of the socioeconomic relevance of cloud computing, as well as an overview of the fragmented the legal framework applicable to Cloud Service Providers in the EU. This thesis finally examines the adequacy and evolution of the terms of service provided by several cloud service providers, including their enforceability towards EU consumers, as well as the next steps to achieve a more competitive and transparent cloud market.
Actualmente, um dos principais obstáculos à adoção transversal do cloud computing por empresas na UE prende-se com a falta de conhecimento relativamente aos serviços de cloud computing e aos riscos aparentes associados a essa tecnologia; apesar disso, a Comissão Europeia voltou a salientar a importância do cloud computing para o futuro da UE. Como tal, esta tese fornece um resumo da relevância socio-económica do cloud computing, bem como uma visão geral das múltiplas normas jurídicas aplicável aos provedores de serviços de cloud computing na UE. Finalmente, a tese examina a adequação e evolução dos termos de serviço fornecidos por vários provedores de serviços de cloud computing, incluindo sua aplicabilidade em relação aos consumidores da UE, bem como os próximos passos para alcançar um mercado em nuvem mais competitivo e transparente.
Ohnišťová, Markéta. "Právní aspekty Cloud computingu. SaaS jako forma cloudových služeb." Master's thesis, 2016. http://www.nusl.cz/ntk/nusl-344084.
Повний текст джерелаWU, HSING-CHEN, and 吳幸珍. "Data Leakage Protection Management for Cloud Campus Networks Using DLP Model - A Case Study on SchoolAffairs Information Systems of Some Junior High School in Hsinchu City." Thesis, 2017. http://ndltd.ncl.edu.tw/handle/9f3y44.
Повний текст джерела大葉大學
資訊管理學系碩士班
105
Our government has been promoting the information technology and networking in education system on campus in Taiwan to help students receive more multiple and instant education and information. However, it was accompanied by the security problems about confidential data leakage of the staff and students, which is involved with hacking, virus infection, and man-made negligence related to the system operations. The situation is getting worse on cloud campus, particularly in primary and secondary schools. Although some schools try hard to improve the situation, the risks of personal information leakage still exist. This means we must make progress for the field of Data Leakage Protection. The study is for understanding the profiles of data leakage protection in the cloud campus networks, and explores its processes and strategies of the management through the theories and practices of Data Leakage Protection by using the case study. It also offers some suggestions for reference to schools, educational administrative organizations, and future related research.
SUNG, HSU-TSE, and 宋旭澤. "Constructing Personal Data Protection Management for Cloud School Affairs Information Systems of a Junior High School - A Case Study on Some Junior High School in Hsinchu City." Thesis, 2016. http://ndltd.ncl.edu.tw/handle/g776e6.
Повний текст джерела大葉大學
資訊管理學系碩士班
104
Cloud computing is widely used due to its highly efficient computing, highly flexible resource allocation, low information cost, etc. Schools are rushing to embrace it. However, SafeNet survey shows that over 0.375 billion of cloud data were stolen in the first half of 2014. The firm has estimated that by 2018, the theft rate will rise to 29%. This suggests that cloud computing risks are remarkably high. This study is based on the British standard of BS 10012:2009, and further adopts the method of in-depth case study, with P (Plan), D (Do), C (Check) and A (Action) as dimensions for relevant issues. Through this, we could get an understanding of the personal information management status of the cloud student affairs system (CSAS) at a certain junior high school in Hsinchu. Moreover, regarding the personal information protection and management strategy, the following three suggestions are proposed: (1) the personal information protection policy and implementation results of the CSAS; (2) analysis of the response to implementation problems of personal information protection of the CSAS; and (3) highlights of the implementation of personal information protection of the CSAS by schools. Keywords: Privacy, Personal Information Protection, BS 10012, ischool Student Affairs System
Patala, Najiyabanu Noormohmed. "Cybersecurity framework for cloud computing adoption in rural based tertiary institutions." Diss., 2018. http://hdl.handle.net/11602/1362.
Повний текст джерелаDepartment of Business Information Systems
Although technology is being progressively used in supporting student learning and enhancing business processes within tertiary institutions, certain aspects are hindering the decisions of cloud usage. Among many challenges of utilizing cloud computing, cybersecurity has become a primary concern for the adoption. The main aim of the study was to investigate the effect of cloud cyber-security usage at rural based tertiary institutions in order to compare the usage with an urban-based institution and propose a cybersecurity framework for adoption of cloud computing cybersecurity. The research questions focused on determining the drivers for cloud cybersecurity usage; the current adoption issues; how cybersecurity challenges, benefits, and quality affects cloud usage; the adoption perceptions and awareness of key stakeholders and identifying a cloud cybersecurity adoption framework. A quantitative approach was applied with data collected from a simple random sample of students, lecturers, admin and IT staff within the tertiary institutions through structured questionnaires. The results suggested compliance with legal law as a critical driver for cloud cybersecurity adoption. The study also found a lack of physical control of data and harmful activities executed on the internet as challenges hampering the adoption. Prevention of identity fraud and cheaper security costs were identified as benefits of adoption. Respondents found cloud cybersecurity to be accurate and effective, although most of the students and employees have not used it. However, respondents were aware of the value of cybersecurity adoption and perceive for it to be useful and convenient, hence have shown the intention of adopting it. There were no significant elements identified to differentiate the perceptions of usage at rural and urban-based tertiary institutions. The results of the study are to be used for clarifying the cybersecurity aspects of cloud computing and forecasting the suitability cloud cybersecurity within the tertiary institutions. Recommendations were made on how tertiary institutions and management can promote cloud cybersecurity adoption and how students, lecturers, and staff can effectively use cloud cybersecurity.
NRF
Khan, Sohail Razi. "MSL Framework: (Minimum Service Level Framework) for cloud providers and users." Doctoral thesis, 2018. http://hdl.handle.net/10284/7120.
Повний текст джерелаA computação em nuvem proporciona a computação paralela e emergiu como uma tecnologia eficiente para enfrentar os desafios do crescimento rápido de dados que vivemos na era da Internet. A computação em nuvem é uma tecnologia emergente que oferece serviços baseados em assinatura e oferece diferentes modelos como IaaS, PaaS e SaaS, entre outros modelos para atender as necessidades de diferentes grupos de utilizadores. A tecnologia tem enormes benefícios, mas subsistem sérias preocupações e desafios relacionados com a falta de normas uniformes ou inexistência de um referencial mínimo para o nível de serviços oferecidos, na indústria, para proporcionar uma oferta eficaz, uniforme e confiável para os utilizadores da nuvem. Como a computação em nuvem está a ganhar popularidade, tanto organizações como utilizadores estão enfrentando problemas para adotar o serviço devido à falta de enquadramento de nível de serviço mínimo que possa agir como um ponto de referência na seleção de provedor da nuvem e fornecer a qualidade dos serviços de acordo com as expectativas do utilizador. A situação torna-se mais crítica, devido à natureza distribuída do prestador de serviço, que pode ser oriundo de qualquer parte do mundo. Devido à falta de enquadramento de nível de serviço mínimo que irá agir como um benchmark para fornecer um serviço uniforme em toda a indústria, existem sérias preocupações levantadas recentemente em termos de violações de segurança e privacidade de dados, autenticação e autorização, falta de questões de auditoria de terceiros e problemas de gestão de identidade, integridade, confidencialidade e disponibilidade de dados, falta de uniformidade de normas, a não resposta a incidentes e o monitoramento de padrões, a interoperabilidade e a falta de padrões de portabilidade, questões relacionadas com a gestão de identidade, falta de padrões de serviços de proteção das infraestruturas e fraca governança e conformidade de padrões constituem outras importantes causas de preocupação para os utilizadores. Devido à confusão e ausência de SLAs acordados de modo universal para um modelo de serviço, diferente qualidade de serviços está a ser fornecida através da nuvem, pela indústria da computação em nuvem. Atualmente, não há desempenho uniforme nem um modelo acordado por todas as partes interessadas; que pode fornecer critérios de desempenho para medir, avaliar e comparar o nível de serviços oferecidos por diversos fornecedores de computação em nuvem na indústria. Com a implementação do Regulamento Geral de Protecção de Dados (RGPD) e a procura da nuvem com base no impacto ambiental (Green SLAs), são acrescentadas precupações adicionais e existem sérias implicações para os forncedores de computação em nuvem e para os seus consumidores, também devido à falta de uniformidade na multiplicidade de SLAs e padrões de serviço oferecidos. A presente pesquisa examina as fraquezas em acordos de nível de serviço oferecidos por fornecedores de computação em nuvem e estuda o impacto da ausência de um quadro de nível de serviço mínimo acordado sobre a adoção e o uso no contexto da computação em nuvem. A pesquisa está orientada para a adoção destes serviços para o caso do ensino superior e as instituições de ensino superior e propõe um modelo conceptualt com base em um modelo de serviço mínimo uniforme que funciona como referência para a indústria, para garantir a qualidade do serviço para os utilizadores da nuvem numa instituição de ensino superior de forma a eliminar as barreiras para a adoção da tecnologia de computação em nuvem. O nível de serviço mínimo proposto (MSL), fornece um conjunto mínimo de normas uniformes e na áreas das principais preocupações levantadas por responsáveis de instituições de ensino superior e que são essenciais, de modo a fornecer um referencial mínimo de qualidade, que se possa tornar um padrão uniforme em toda a indústria. O modelo proposto é uma tentativa de reduzir a barreira de adoção da tecnologia de computação em nuvem e definir normas mínimas seguidas por todos os fornecedores de computação em nuvem, independentemente do seu local de hospedagem para que os seus desempenhos possam ser medidos, avaliados e comparados em toda a indústria, para melhorar a qualidade de serviço (QoS) recebida pelos utilizadores e remova as barreiras de adoção e as preocupações dos utilizadores, bem como fomentar o aumento da concorrência em toda a indústria da computação em nuvem.