See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/331846566

Framework modeling for User privacy in cloud computing

Conference Paper · January 2019

DOI: 10.1109/CCWC.2019.8666453

CITATION READS
1 103

3 authors:

Aljwhrh Almtrf Yasamin Alagrash

Oakland University Oakland University
2 PUBLICATIONS 1 CITATION 4 PUBLICATIONS 1 CITATION

SEE PROFILE SEE PROFILE

Mohamed Zohdy
Oakland University
223 PUBLICATIONS 959 CITATIONS

SEE PROFILE

Some of the authors of this publication are also working on these related projects:

Computational neuroscience signal processing techniques View project

PhD study View project

All content following this page was uploaded by Yasamin Alagrash on 16 May 2019.

The user has requested enhancement of the downloaded file.

 Framework modeling for User privacy in cloud
computing
Aljwhrh Almtrf Yasamin Alagrash Mohamed Zohdy
School of Engineering and School of Engineering and School of Engineering and
Computer Science Computer Science Computer Science
Oakland University Oakland University Oakland University
Rochester, Michigan 48309 Rochester, Michigan 48309 Rochester, Michigan 48309
aalmtrf@oakland.edu yhalagrash@oakland.edu zohdyma@oakland.edu

Abstract- Many organizations around the world recognize the

vitality of cloud computing. However, some concerns make Privacy is an important right for everyone in the world. In IT
organizations reluctant to adopting cloud computing. These privacy means secure and protect user information. However,
include data security, privacy, and trust issues. It is very
the rapid growth of IT and computers bring about the
important that these issues are addressed to meet client
concerns and to encourage the wider adoption of cloud challenge of data protection. Most websites have their own
computing. This paper develops a user privacy framework legislation, policies, and standards to manage the user’s
based upon on emerging security model that includes access information, and reach the users’ trust. Cloud Computing
control, encryption and protection monitor schemas in the cloud should prioritize privacy because it hosts confidential and
environment. sensitive information such as financial, health, and
governmental data.
Key words- cloud computing, Data privacy, security in cloud
computing, privacy issues over cloud, Privacy framework. II.RELATED WORK
I.INTRODUCTION
The privacy in Cloud computing is an important topic, which
Cloud Computing is a modern architecture in which resources are makes the researchers do different researches.
shared on the Internet in external physical locations rather than on This section of the paper provides a brief summary for some
local servers. While it impacts positively on IT by delivering cloud perfect papers related with the security and privacy in cloud
software and services [2], one main limitation of cloud computing is computing.
privacy. When organizations move their important data to the cloud,
they need high security and privacy measures to protect their
information. To ensure privacy in Cloud environments, providers Basic approach for user privacy [23] based on analysis
need to clearly state user requirements, ensure accountability on data system to prevent the propagation of malicious applications.
usage, specify limitations of data collection and data usage, control This is done by the extraction of malicious codes signatures
the data visibility and ensure data integrity and transparency [1]. from the samples being detected. A user-aware solution of
privacy control [24]. This approach considers the address
Privacy issues become more challenging in Cloud Computing user information that getting leaked in the mobile
because providers are authorized to access all or some of the data marketplace without notifications. Static information flows
and because the huge number of users increases the possibility of are computed to be classifying into unsafe or safe based on
data breaches and thus privacy issues. Some data protection temper analysis that tracks private data obscured prior to
techniques previously used include data-centric, user-centric, and escaping through output channels.
hybrid techniques [4], such as data segmentation, encryption
processing, encrypted data, obfuscation, sticky policy, trusted Another work [25] established by static code analysis allows
platform module, and trusted third party mediator [3]. This paper the automatic establishment of partitioning based on lower
offers a new framework to solve the privacy issues in cloud input efforts at the developer’s end. By creating and
computing. deploying private and public versions of applications that
were subject to partitioning approach in which the
components would run in the public cloud as they remain in
978-1-7281-0554-3/19/$31.00©2019 IEEE

0819
the private data centres. An alternative work on cryptanalysis services operate on a multi-tenancy basis. [5].
[26] described MrCrypt as a system that is capable of
offering data confidentiality when data in the cloud is B. Lack of Transparency
managed by a third party. A target program is analysed by
MrCrypt after which a set of operations are identified on all Cloud computing suffers from a lack of transparency in
input columns for selecting suitable scheme of homomorphic different ways reducing the credibility of information stored.
encryption followed by the transformation of the program Cloud providers are unlikely to share information concerning
along the encrypted data. the methodologies, processes, controls, and operations
affecting the cloud environment [6]. The willingness to share
Our framework develops multiple protection techniques for and disclose secured information such as trade secrets is a big
user privacy over cloud. Along the designing of this issue facing this technology. There are laid security principles
framework an emerging model in cloud applications will be which single out the types of information that should be
studied. This model is the content-based Publish-Subscribe disclosed as well as those that remain restricted [6].
security model where cloud services will be published. Accessibility of data that is has been archived is a major
Crucial and vital demands imposed by this work is to be security problem that takes longer than expected. A majority
fulfilled such as: of times the cloud user is not aware that accessing archived
data is a complex process signifying a lack of transparency.
 High scalability: where number of potential The cloud provider is forced to engage in negotiations with
subscribers and publishers can be increased rapidly the user in order to find common ground concerning the
for certain marketing events to promote products. security of data being stored. The levels of engagement are
 Encryption security measure: this is an encryption usually elongated by mistrust between the two parties [6].
security measure will be presented in this framework
where trust and confidence can be built upon C. Multi-tenancy
efficient grouping scheme for subscribers and
publishers. Multi-tenancy architecture is an arrangement where a single
 Secured monitoring: due to the social effectiveness instance of a cloud service or application is used for serving
monitoring and access control scheme is needed to multiple consumers. Each of these consumers is known as a
authenticate the user privacy tenant [6]. The tenants may have permissions to modify the
GUI and parts of business rules for the applications, but
cannot customize or modify the core parts and code of the
application. Multi-tenancy is implemented by using
III.PRIVACY CHALLENGES IN CLOUD virtualization and remote access technologies [6]. Usually,
ENVIRONMENTS the SaaS or Software-as-a-Service model is used for
delivering multi-tenancy architecture based cloud services.
Cloud computing is a modern technique of computing in
which resources are shared on the Internet rather than on D. Virtualization
local servers. In other words, it is storing and retrieving data
using special programs on the Internet instead of local Refers to allowing large mainframes to be shared amongst
computer hard drives. The term cloud computing refers to different applications within an environment. Cloud
Internet-based computing in which different servers, storage, computing has employed virtualization at all levels to
and applications are used to deliver data and reports enhance security, reduce costs as well as increase availability
anywhere anytime without having their own system. and reliability [7]. Attacks on hypervisors are a reality since
they contain vulnerabilities making them prone to
This section presents a summary of the main cloud exploitation by hackers. It is possible for Virtual machine
computing issues regarding security and privacy. (VM) hijacking to happen which translates to tricking the
hypervisor to overwrite its memory resulting to total
A. Loss of control exploitation. VM hopping is an attack that allows for
compromising of the VMs projections and separations giving
Loss of control is one of the main problems facing cloud way for accessing the hypervisors, other VMs, and the main
computing. Cloud users fear losing control of their data once computer. VM Escape is another problem where an attacker
they upload data to the cloud. Universally, cloud systems are interacts with the hypervisor directly, after running some
available to the public. Also, the cloud provider owns the codes that assist in breaking into the operating system [7].
software, hardware and the networks [5] that host the user VM mobility takes place when an attacker moves a VM
data. Every cloud user relies on the conventional operations between hosts physically.
and technical standards without considering the content of the
information stored. This makes cloud users worry about their
data getting lost or even being breached considering cloud

0820
E. Management and ensuring the integrity of data [11]. TPA is capable of
monitoring data and information stored in a cloud where
The management of cloud platform and a multi-tenant users have to give a signature before changing or adding any
architecture depends on various factors. The basic factors are new information [9]. TPA utilizes encryption systems that are
the type of cloud deployment model and the SLA. If the supported by hardware that is effective in ensuring the
deployment model is the public cloud, then the service integrity of data [11]. TPA software and hardware are prone
vendor will be responsible for the management of the major to internal attacks where internal hackers can change stored
parts of the application [5]. information and thus damage the integrity of cloud data.

The consumers may have limited capability to make V. SECURITY, PRIVACY AND TRUST SOLUTIONS IN
modifications. On the other hand, if the cloud deployment CLOUD ENVIRONMENTS
model is private cloud, then the enterprise can hire internal
staff for the management of the application One of the main solutions for security, privacy and trust
concerns is the proper management of cloud environments. In
IV. SOLUTIONS OF PRIVACY IN CLOUD this section, we survey the management of security, privacy
ENVIRONMENTS and trust issues in cloud environments. We also compare and
contrast these three issues in term of the following criteria:
A. Encryption Solution Encryption, Access Control, Third Party Audit, and Cloud
Administration. We summarized the results of our literature
Organizations using cloud computing and cloud data systems survey in Table 1.
need to protect their data more than the organizations’
infrastructure [8]. Cloud data encryption reduces the Examples of encryption algorithms that address the issue of
vulnerability of cloud data by using encryption algorithms security in cloud environments include Rivest-Shamir-
which match the degree of sensitivity of cloud-stored data. Adleman (RSA) [12] and Advanced Encryption Standard
Cloud data encryption prevents unauthorized users from (AES) [14]. The RSA algorithm is an asymmetric
accessing certain information from the cloud. Third-party cryptography algorithm that uses public and private keys that
users can access classified information from reliable sources are mathematically linked. AES is a symmetric encryption
[10]. Third party users are privileged to enjoy interfaces that algorithm that is fast to encrypt and decrypt messages. A
provide real-time delivery of secured data the encryption of cloud environment would use the RSA to exchange keys
cloud data prevents unauthorized users from accessing some securely and use AES to encrypt and decrypt the actual
cloud information. Third - party users can access classified message. Both methods are used in the cloud even though
information from reliable sources that have simplified they serve different purposes.
information management further. Third - party users are
privileged to have available interfaces. Encryption is also used to address the privacy issue in the
cloud. For example, the Data Encryption Standard (DES)
B. Access Control Solution [15], and PCM [16] address the privacy issue in cloud
environments. The DES assumes that both the sender and
Access control systems are a security solution to user receiver know the private keys. Thus, makes it less secure
authentication in cloud computing [10]. For the service than AES.
provider, access control systems help in providing data that
has been verified to be of a given clearance level [9]. Access TABLE I: Security and Privacy Challenges vs. Solutions [9]
control has enabled the prevention of data theft. Only
authorized persons have the ability to transfer and provide Security Privacy Trust
data. This helps companies and organizations to ensure that
qualified and authorized people have access to classified data Encryption RSA,ASE DES, D2ES DH
[9]. Access control systems are susceptible to frequent
[18] PCM possible c-
hacking. They are easily broken into which service providers means algorithm
can be risky [17]. Loss of classified information can lead to
catastrophic effects that can lead to significant losses. Also,
in cloud computing access control solutions, users cannot
Access Control PBAC,DAC, PaABAC,ABAC T-RBAC,HABE
integrate systems with existing applications [3]. This requires MAC,CP-
users to seek professional help to outperform the various [19] ABE
benefits of cloud computing.
Third Parity HLA,MHT HMAC OTP
Audit[20]
C. Third Party Audit

Third party audit (TPA) has the capability of maintaining

0821
 We provide a framework model for illustrating privacy in a
cloud environment as showing in Fig. 1

Encryption is also used in literature to address the problem

of Trust in Cloud Environments. Diffie Hellman (DH) [17]
represents security methods to secure malicious attacks on
the cloud. This is completely avoided by DH key exchange
algorithm. Beside this, DH protocol is useful when the
number of users on the cloud is very large and key
management is very difficult.

Access Control gives users limited authorization to

connection network, data, and system files. Also, it manages
who or what can use resources in the cloud- computing
environment. Access control could be used to solve the
security issues in cloud computing by more than two schemes
such as Role-based access control (RBAC) [18], and
Discretionary Access Control (DAC) [19]. These methods
give the ability to the individual user to access cloud
computing and perform a specific task like create, view or
modify a file. Mandatory Access Control (MAC) [20] is used
Figure1 user privacy framework
in multi-level security systems where the administrator of the
system decides the access permissions. In Ciphertext-Policy
Cloud client: There are numerous sorts of clients. These
Attribute-Based Encryption (CP-ABE) [21] a user’s private
clients incorporate people, Companies (Organizations), Non-
key is associated with a set of attributes and a certain cipher
Governmental Organizations (NGO), Governments, and
text specifies an access control policy for defined metrics
Security Third Party Evaluators. The Cloud Clients interact
within the managed system.
with the cloud environment through the Protection
Administration Interface (PMI).
Third party audit uses multiple methods to address all the
management problem in cloud computing. In the security
Privacy Management Interface (PMI): Usually done by
area, we can use a Holomorphic linear authenticator (HLA)
means of scrambled secured communication that translates
[21]. By using HLA the TPA will not know any information
the submitted task for the quality of service. The PMI is
about data stored in cloud during the auditing process.
additionally utilized to transmit the status of the benefit
demands to the cloud buyers and the third-party protection
Hashed Message Authentication Codes (HMAC) [18] is a
inspectors. The PMI takes the task and passes it to the
third party audit method to solve privacy issues in cloud
Protection Finder (PD) to identify any protection
computing using a private key. Users have to make a unique
infringement and guarantee that protection limitations and
HMAC in their request.
rules are met concurring to the Benefit Level Understandings
between the cloud buyer and the cloud supplier.
Table I summarizes the different privacy problems and their
available solutions in the cloud. As we notice from the table,
Protection Privacy Finder: The Protection Finder (PF)
the Encryption solution can be applied to solve the problem
screens the submitted client demands to check for any
of Loss of Control, Multi-tenancy, Visualization, and
protection concerns and to form beyond any doubt that all
Management privacy problems. Similarly, we notice that the
approaches and client necessities are not abused. We utilize
Access control solution could be used to address the issue of
our security show to speak to the sort of protection rules. The
Loss of Control, Multi-tenancy, Virtualization, and PD communicates with the Cloud environment to check for
Management problems. Also, the Third Party Audit solution
security concerns.
could be used to address the problem of Loss of Control,
Lack of Transparency, Multi-tenancy, Virtualization, and
Protection Screen Monitor: The Protection Screen (PS)
Management problems. The Isolation solution could be used
guarantees that all privacy-related rules are continuously met.
to handle the Multi-tenancy and Virtualization cloud privacy
It does that by checking all the communications between the
issues.
Virtual Machines (VMs) and the genuine Administration
Cloud Assets (MCRs). Sense repository
VI. USER PRIVACY FRAMEWORK

0822
 Access control policy: log file Access control is another Modern information technology has been overly embraced
approach to solve the privacy issue. With this method, by the healthcare sector leading to the revamping of the way
privacy is addressed by defining authorization access rules services are delivered. In the developing world, particularly
and by representing private data in cloud computing in Africa, they have not been left out in utilizing cloud
environments. technology in relation to their healthcare system. They have
Third party auditing is another significant method to handle realized that technology enhances the reliability and
attacks based on static and dynamic analysis tools. availability of improved health care services to patients at a
In the management method, an organization should identify friendly cost. The cloud-based medical information system
privacy policy and procedures to recognize the migration will introduce a drastic reduction in healthcare service,
process risk. In this approach management methods deal with resource utilization, as well as maintainability and adoption
secure testing, tree analysis including static analysis of new technologies.
approaches to preserve privacy policy over global computing.
The healthcare industry in a majority of the developing
Encryption Method: Encryption is a method that is used to countries has not succeeded to fully tap the modern
handle privacy by analysing the homographic encryption information technology with regards to improving delivery of
code to handle the security holes that can be used by an healthcare services. Accesses to the longitudinal records of
attacker to destroy the system and compromise user’s the patients often prove to be a tenacious and cumbersome
privacy. Cloud computing providers deliver applications via task. Apparently, a lack of proper access to documents has
the internet, which is accessed from web browsers, desktop, been a costly affair to the institution mainly due to wastage
and mobile apps, while the business software and data are and duplication. In this regard, they have decided to embrace
stored on servers at a remote location. In some cases, legacy technology in the sector and adopt services of cloud
applications (line of business applications that until now have infrastructure. They have proposed that healthcare providers
been prevalent in thin client Windows computing) are be sharing data across a newly proposed engineering network
delivered via a screen-sharing technology, while the solution system for data sharing. Fundamentally, this will
computing resources are consolidated at a remote data center guarantee the privacy of the patient information in an
location; in other cases, entire business applications have electronic health record [15]. Unluckily, the system due to
been coded using web-based technologies weaker security system has been leaking sensitive
information about the patients, thereby violating their right to
Virtual Knowledge-Based offer cloud resource: confidentiality.
It passes cloud benefit demands and gets the reaction to these
demands through the PMI layer by means of a secured, Algorithm encryption is a cloud security measure that if
scrambled, hashed, and carefully marked communication. implemented correctly guarantees privacy to the information
The information demands are put away in an Information stored in the cloud infrastructure. With the advent of cloud
Base (KB) in a scrambled area within the Cloud computing, it is critical that the health sector realizes some
Environment. Asset revelation may be depicted tight measures to secure data. The health institution ought not
fundamentally as the errand in which the supplier ought to to rely on encryption only as secrecy remains to be ultimate.
discover suitable assets in arrange to comply with In this case, homophobic encryption would be the best
approaching buyer’s demands considering that one of the key advisable way to ensure data confidentiality. It is possible to
highlights of cloud computing is the capability of procuring conduct a direct computation operation targeting cipher-texts
and discharging assets on request asset observing ought to be by way of analyzing the functioning of plaintexts [19].
continuous.
For a sample dataset, we consider patient records. We use
VII. CASE STUDIES The Ontology Web Language (OWL) to store these records
in the cloud. The following OWL code represents a patient’s
Over recent years, different sectors have continued to adopt records [21].
modern ways brought about by information technology.
Cloud computing is one of the magical ways that has
continued to gain much traction especially in the delivery of
services over the Internet and storage of data. Both the
individuals and organizations are benefiting from the cloud
through a cost-effective utility that is leading to business
empowerment. Nonetheless, with all the benefits arising from
cloud computing, it has experienced its fair share of
challenges particularly with respect to privacy, trust, and
confidentiality.

A. Case Study 1: Providing Security for Health Care Providers

0823
 be to establish audit activities and plans including reviews
addressing the problems related to the existent policies [19].
In the end, the CSPs should obtain a third party assurance
report, which will act as a pointer to the assessors and
auditors in the future.

We consider audit records from CSP file records and give a

machine readable OWL code which can be encrypted to
avoid cyberattack on government data which is very sensitive
for as far as stability of a nation is concerned [21].

Patient Records Example

This OWL code is machine readable and since patient records

are private and confidential, it can be encrypted using an Audit Records Example
encryption key and securely stored in the cloud.
C. Case Study 3: Detection of Fraud in Banking Systems
B. Case Study 2: Establishing Trust via Third Party Auditing
Cybercrimes have been rife despite the continued
Trust issues within the cloud infrastructure have proved to be embracement of cloud technology by institutions such as
a recurring challenge. Cloud service users (CSUs) look for banks. Fraud cases have increased considering that buying
the cloud service providers (CSPs) that are trustworthy with cloud services is cheap, it can be done under an anonymous
information stored. It is known that security information is tag, and geographical location is not a hindrance. The recent
often highly guarded to avoid cases of jeopardizing the Operation High Roller by MacAfee is a classic illustration of
stability of a state or even an organization. A Securicor the seriousness of the fraud problem. An international
security is a company that deals with providing security criminal gang was involved in the crime. It targeted
services to homes, institutions, and even government commercial accounts of wealthy people banking with
buildings. The company conducts impromptu meetings European banks. It is estimated that money lost through the
whenever they need to discuss the security status of fraud amounted to approximately two billion dollars.
organizations under their banner. Due to the humongous Markedly, the cloud infrastructure was at the center stage of
number of files, the firm has decided to contract a CSP for the scam. It was supplemented by the gang’s knowledge of
purposes of storing their information and enhancing service the transaction systems within the bank together with servers,
delivery. which facilitated the theft automation. Remarkably, the fraud
was initiated by a disguised email that likened that of the
It is critical for CSPs to implement robust compliance and recipient’s bank. Upon clicking the message link, it would
verification processes in an effort to ensure they conform to automatically install malware that would make it possible for
the audit and support functions. In this case, the CSP ought to the fraudsters to transfer funds. Due to the huge loss, there
ensure it conducts a coordinated combination have defined as was a need to conduct an upgrade of the third party auditor.
well as consistent internal policy compliance. The company
contracted to audit the info should be independent for
purposes of transparency. Upon contracting, the selected
auditor should start by first performing initial data gathering
to comprehend the positioning of the cloud [20]. Besides, the
auditor will have identified the information processed in the
cloud over and above the cloud service model in use. Once
the auditor has identified all the above, the next step would

0824
 Fig. 2: Case 3 (Detection of Fraud in Banking Systems)
Account Details Example
Improving on the third party auditing would be the best
solution to curb the occurrence of such a fraud in the future. VIII. CONCLUSION AND FUTURE WORK
CSUs commercial banks themselves ought to contract CSPs
after determining their audit requirements as well their Cloud environments lack the proper support for the privacy
capacity to perform third-party audits regularly [13]. of cloud consumers’ data. This study was conducted in an
Selection of CSP should be pegged on their transparency attempt to address the privacy concerns in cloud
ratings in terms of policies and security engrained in the environments. We surveyed existing challenges and obstacles
cloud infrastructure. On the other hand, the CSPs top that concern the privacy, security, and trust in the cloud. We
commercial banks ought to provide a comprehensive data also surveyed different solutions that are available in the
processing agreement in an effort to address the security and literature and compared them. Each solution has its strengths
privacy problem affecting their client’s data [20]. Moreover, and weaknesses. We proposed a framework for preserved
they should provide built-in controls and capabilities to aid user privacy over the cloud.
the CSUs to meet both internal compliance requirements and
industry regulations. In addition, a commercial bank should Future work
engage large global technology firms with third-party
certification and be including ISO 27001. Essentially,
The new research direction goes with hybrid solution that
improving on CSPs third-party auditing conformation
includes more than one approach related to detected a third
standards will go a long way in eliminating the substandard
party attack and protection system to preserved user privacy
ones.
that would provide a more reliable and secure environment.
Bank details are at a high risk of cyberattack due to the
REFERENCES
money component. Many fraud cases have been reported
simply because hackers were able to access the details of a [1] J. R. Larus, “The cloud will change everything,” SIGPLAN Not., vol. 46,
bank customer online. To avoid such cases especially with no. 3, pp. 1–2, Mar. 2011. [Online]. Available:
cloud computing, data encryption is key for bank records http://doi.acm.org/10.1145/1961296.1950367
stored in the cloud. The following is a sample dataset for [2] Z. Xiao and Y. Xiao, “Security and privacy in cloud computing,” IEEE
Communications Surveys Tutorials, vol. 15, no. 2, pp. 843–859, Second
bank details of a client in Barclays bank in the UK [22]. It is 2013.
presented in the form of an OWL code which is machine [3] J. Ullrich, T. Zseby, J. Fabini, and E. Weippl, “Network-based secret
readable and easily encrypted using an encryption key to communication in clouds: A survey,” IEEE Communications Surveys
avoid unauthorized access. Tutorials, vol. PP, no. 99, pp. 1–1, 2017.
[4] N. K. Shah, “Big data and cloud computing: Pitfalls and advantages in
data management,” in 2015 2nd International Conference on Computing for
Sustainable Global Development (INDIACom), March 2015, pp. 643–648.
[5] S. Hosseinzadeh, S. Hyrynsalmi, M. Conti, and V. Leppnen, “Security
and privacy in cloud computing via obfuscation and diversification: A
survey,” in 2015 IEEE 7th International Conference on Cloud Computing
Technology and Science (CloudCom), Nov 2015, pp. 529–535.
[6] A. Kumbhar, F. Koohifar,. Gven, and B. Mueller, “A survey on legacy
and emerging technologies for public safety communications,” IEEE

0825
Communications Surveys Tutorials, vol. 19, no. 1, pp. 97–124, Firstquarter optimal resource allocation for dynamic application offloading in mobile
2017. cloud computing,” in 2017 International Conference on Electrical,
[7] Y. Liu, Y. L. Sun, J. Ryoo, S. Rizvi, and A. V. Vasilakos, “A survey of Computer and Communication Engineering (ECCE), Feb 2017, pp. 803–
security and privacy challenges in cloud computing: solutions and future 808.
directions,” Journal of Computing Science and Engineering, vol. 9, no. 3, pp. [17] W. Shoukun, W. Kaigui, and W. Changze, “Attribute-based solution
119–133, 2015. with time restriction delegate for flexible and scalable access control in cloud
[8] M. Alouane and H. E. Bakkali, “Security, privacy and trust in cloud storage,” in 2016 IEEE/ACM 9th International Conference on Utility and
computing: A comparative study,” in 2015 International Conference on Cloud Computing (UCC), Dec 2016, pp. 392–397.
Cloud Technologies and Applications (CloudTech), June 2015, pp. 1–8. [18] M. Ed-Daibouni, A. Lebbat, S. Tallal, and H. Medromi, “A formal
[9] Q. Xie and L. Wang, “Efficient privacy-preserving processing scheme specification approach of privacy-aware attribute based access control (pa-
for location-based queries in mobile cloud,” in 2016 IEEE First abac) model for cloud computing,” in 2016 Third International Conference
International Conference on Data Science in Cyberspace (DSC), June 2016, on Systems of Collaboration (SysCo), Nov 2016, pp. 1–5.
pp. 424–429. [19] M. Su, A. Fu, Y. Yu, and G. Shi, “Resource-centric dynamic access
[10] V. Kulshrestha, S. Verma, and C. R. K. Challa, “A comprehensive control in cloud,” in 2016 IEEE Trustcom/BigDataSE/ISPA, Aug 2016, pp.
evaluation of cryptographic algorithms in cloud computing,” in 2016 1057–1962.
International Conference on Inventive Computation Technologies (ICICT), [20] Bechhofer, S., Van Harmelen, F., Hendler, J., Horrocks, I.,
vol. 1, Aug 2016, pp. 1–5. McGuinness, D.L., Patel-Schneider, P.F. and Stein, L.A., 2004. OWL web
[11] N. Jayapandian, A. M. J. M. Z. Rahman, S. Radhikadevi, and M. ontology language reference. W3C recommendation, 10(02).
Koushikaa, “Enhanced cloud security framework to confirm data security on [21] McGuinness, D.L. and Van Harmelen, F., 2004. OWL web ontology
asymmetric and symmetric key encryption,” in 2016 World Conference on language overview. W3C recommendation, 10(10), p.2004.
Futuristic Trends in Research and Innovation for Social Welfare (Startup [22] Antoniou, G. and Van Harmelen, F., 2004. Web ontology language:
Conclave), Feb 2016, pp. 1–4. Owl. In Handbook on ontologies (pp. 67-92). Springer, Berlin, Heidelberg
[12] Q.Zhang,L.T.Yang,Z.Chen,andP.Li,“Pphopcm: Privacy-preserving [23] Kim, S., Cho, J. I., Myeong, H. W., & Lee, D. H. (2012). A study on
high-order possibilistic c-means algorithm for big data clustering with cloud static analysis model of mobile application for privacy protection.
computing,” IEEE Transactions on Big Data, vol. PP, no. 99, pp. 1–1, 2017. In Computer Science and Convergence (pp. 529-540). Springer, Dordrecht
[13] J. V. Chandra, N. Challa, and S. K. Pasupuleti, “Advanced persistent [24] Xiao, X., Tillmann, N., Fahndrich, M., De Halleux, J., Moskal, M., &
threat defense system using self-destructive mechanism for cloud security,” Xie, T. (2015). User-aware privacy control via extended static-information-
in 2016 IEEE International Conference on Engineering and Technology flow analysis. Automated Software Engineering, 22(3), 333-366.
(ICETECH), March 2016, pp. 7–11. [25] Smit, M., Shtern, M., Simmons, B., & Litoiu, M. (2012, November).
[14] P. Pawar and R. Sheikh, “Implementation of secure authentication Partitioning applications for hybrid and federated clouds. In Proceedings of
scheme and access control in cloud computing,” in 2016 International the 2012 Conference of the Center for Advanced Studies on Collaborative
Conference on ICT in Business Industry Government (ICTBIG), Nov 2016, Research (pp. 27-41). IBM Corp.
pp. 1–6. [26] Tetali, S. D., Lesani, M., Majumdar, R., & Millstein, T. (2013).
[15] J. Wu, J. Wu, H. Cui, C. Luo, X. Sun, and F. Wu, “Dacmobi: Data- MrCrypt: Static analysis for secure cloud computations. ACM Sigplan
assisted communications of mobile images with cloud computing support,” Notices, 48(10), 271-286.
IEEE Transactions on Multimedia, vol. 18, no. 5, pp. 893–904, May 2016.
[16] M. Akter, F. T. Zohra, and A. K. Das, “Q-mac: Qos and mobility aware

0826
View publication stats