Third Party Auditor Research Papers (original) (raw)
E-medical systems play a quite essential role in the digital transformation of health care record, which allows a patient or the user to create, manage, and control its private Personal Health Record (PHR) through the internet [1][2].... more
E-medical systems play a quite essential role in the digital transformation of health care record, which allows a patient or the user to create, manage, and control its private Personal Health Record (PHR) through the internet [1][2]. Most of the E-Medical record services are outsourced to a third-party that is public cloud. However, such outsourcing of data may lead to a variety of privacy and security related issues because of the risk of information leakage. To avoid such problems, we are developing systems in which data will be encrypted using 3DES algorithm before uploading to the cloud. Subsequently, only the authorized client who has the key or permissions can decrypt the data. E-Medical records are basically sensitive and should be stored in database in encrypted form. Once medical records are encrypted and outsourced, the cloud server can no longer perform keyword search, because the server is not expected to obtain any information about the records. Hence, the goal of the project is to provide security to personal health records where data needs to be kept private.
Cloud Service Provider(CSP) and Cloud Service Consumer(CSC) work on the terms agreed in the Service Level Agreements(SLA). SLA is a written agreement which serves as the basis for the expected level of service the CSP must provide. As the... more
Cloud Service Provider(CSP) and Cloud Service Consumer(CSC) work on the terms agreed in the Service Level Agreements(SLA). SLA is a written agreement which serves as the basis for the expected level of service the CSP must provide. As the CSP are enterprises that are profit driven it is beneficial for the CSP to cheat on the SLA. Hence CSP do not provide the facility of auditing the SLA. As such the CSC must be equipped to ensure that the services promised by the CSP are provided by it so that in case of breach of service, the CSC has sufficient evidences to claim for penalty. Moreover virtual machines are prone to attacks by malicious cloud actors. To aid the investigation process sufficient evidences are needed. Hence, a framework based on the concept of Third Party Auditor (TPA) is proposed in this paper. This TPA will be placed between the Cloud Service Provider (CSP) and the Cloud Service Consumer (CSC) to closely monitor terms and conditions of SLA and ensure that CSP satisfies all the conditions mentioned in the SLA. If it is violated then the framework detects and stores it in a database maintained for this purpose. The TPA will also monitor attempts by malicious cloud actors and maintain log of all such attempts. Snapshots of clients' virtual machines will also be stored at a regular interval.
Abstract. One of differences between cloud storage and previous storage is that there is a financial contract between user and the cloud service provider (CSP). User pay for service in exchange for certain guarantees and the cloud is a... more
Abstract. One of differences between cloud storage and previous storage is that there is a financial contract between user and the cloud service provider (CSP). User pay for service in exchange for certain guarantees and the cloud is a liable entity. But some mechanisms need to ensure the liability of CSP. Some work use non-repudiation to realize it. Compared with these non-repudiation schemes, we use third party auditor not client to manage proofs and some metadata, which are security critical data in cloud security. It can provide a more security environment for these data. Against the big overhead in update process of current non-repudiation scheme, we propose three schemes to improve it.
While prior ecolabel research suggests that consumers’ trust of ecolabel sponsors is associated with their purchase of ecolabeled products, we know little about how third-party certification might relate to consumer purchases when trust... more
While prior ecolabel research suggests that consumers’ trust of ecolabel sponsors is associated with their purchase of ecolabeled products, we know little about how third-party certification might relate to consumer purchases when trust varies. Drawing on cognitive theory and a stratified random sample of more than 1200 consumers, we assess how third-party certification relates to consumers’ use of ecolabels across different program sponsors. We find that consumers’ trust of government and environmental NGOs to provide credible environmental information encourages consumers’ use of ecolabels sponsored by these entities, and consumers do not differentiate between certified versus uncertified ecolabels in the presence of trust. By contrast, consumers’ distrust of private business to provide credible environmental information discourages their use of business association sponsored ecolabels. However, these ecolabels may be able to overcome consumer distrust if their sponsors certify the ecolabels using third-party auditors. These findings are important to sponsors who wish develop ecolabels that are more credible to consumers, and thus encourage more widespread ecolabel use.
Cloud computing has been imagined as the cutting edge building design of big business IT. Lamentably, the integrity of cloud information is liable to issues because of the presence of programming disappointments and human lapses. The data... more
Cloud computing has been imagined as the cutting edge building design of big business IT. Lamentably, the integrity of cloud information is liable to issues because of the presence of programming disappointments and human lapses. The data should be kept confidential and should be kept private to the public verifier. We extend this architecture by introducing consistency as well as security. We introduce a hybrid encryption algorithm to effectively encrypt the data files of users in cloud server. The hybrid algorithm supports the data confidentiality, privacy preserving of data. Together with this, system supports data sharing by maintaining consistency.
Cloud computing provides customers with storage as a service, allowing data to be stored, managed, and cached remotely. Users can also access it online. A major concern for users is the integrity of the data stored in the cloud, as it is... more
Cloud computing provides customers with storage as a service, allowing data to be stored, managed, and cached remotely. Users can also access it online. A major concern for users is the integrity of the data stored in the cloud, as it is possible for external invaders or criminals to attack, repair, or destroy the data stored in the cloud. Data auditing is a trending concept that involves hiring a third-party auditor to perform a data integrity test (TPA). The main purpose of this project is to provide a safe and effective testing system that combines features such as data integrity, confidentiality, and privacy protection. The cloud server is only used to store encrypted data blocks in the proposed system. It is not subject to any additional computer verification. TPA and the data owner are in charge of all the functions of the scheme. A variety of materials are used to evaluate the proposed audit process. The proposed solution meets all the processes while minimizing the load on cloud servers. Data dynamics actions such as data review, deletion, and installation will be performed in the future.