To see the other types of publications on this topic, follow the link: Web Applications; Storage; Security.
Journal articles on the topic 'Web Applications; Storage; Security'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'Web Applications; Storage; Security.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Lyba, M. V., and L. Uhryn. "MODERN TOOLS FOR SECURITY TESTING FROM OWASP." Bulletin of Lviv State University of Life Safety 22 (December 28, 2020): 18–22. http://dx.doi.org/10.32447/20784643.22.2020.03.
Full textAbstract:
With the development of information technology, humanity is increasingly delving into the world of gadgets, cloud technology, virtual reality, and artificial intelligence. Through web applications, we receive and distribute information, including confidential. During the pandemic, most people switched to online work and study. As a result, most of the data stored on personal computers, company servers, and cloud storage needs protection from cyberattacks. The problem of cybersecurity at the moment is incredibly relevant due to the hacking of cryptocurrencies, websites of ministries, bitcoin wallets or social network accounts. It is necessary to conduct high-quality testing of developed applications to detect cyber threats, to ensure reliable protection of different information. The article states that when testing applications, it checks for vulnerabilities that could arise as a result of incorrect system setup or due to shortcomings in software products. The use of innovation is necessary to improve quality. Modern realities have become a challenge for the development of cybersecurity products. Improvement of technology requires modern companies to update their IT systems and conduct regular security audits. The research is devoted to the analysis of modern OWASP testing tools that contribute to data security, with a view to their further use. The Open Web Application Security Project is an open security project. The research revealed a list of the most dangerous vectors of attacks on Web-applications, in particular, OWASP ZAP performs analyzes the sent and received data system security scanning at the primary level, MSTG performs security testing of mobile applications iOS and Android mobile devices. The practical result of the work is to test a specially developed web-application and identify vulnerabilities of different levels of criticality.
2
Xie, Guo Bo, and Bing Ying Yao. "The Fingerprint Identification Technology is Applied to the Application Research of Web Cloud Storage Safety Certification." Applied Mechanics and Materials 536-537 (April 2014): 161–67. http://dx.doi.org/10.4028/www.scientific.net/amm.536-537.161.
Full textAbstract:
In view of the authentication model based on token and password of traditional web cloud storage easily is forgotten or theft that raise questions about identity theft. This paper proposes a identity authentication scheme of web cloud storage based on fingerprint identification. Using the identity authentication model of fingerprint identification to verify web cloud storage users that satisfy people to the web of cloud storage security, reliability and convenience of the proposed requirements, effectively solve the problem of the resource of unauthorized access. The paper put forward three layers of c/s architecture that effectively improve the flexibility, scalability and efficiency of authentication system. And mixed encryption algorithm is put forward as two-way authentication identity authentication protocol improve system security and realize high transmission of huge amounts of data. Finally through the test and analysis of practical application proves that the security authentication based on fingerprint identification applying in the web cloud storage certification system is feasible.
3
Huang, Lin Na. "Research and Application of Web Database Security Technology." Applied Mechanics and Materials 380-384 (August 2013): 2306–11. http://dx.doi.org/10.4028/www.scientific.net/amm.380-384.2306.
Full textAbstract:
With the wide application of Web technology, Web database system is playing an increasingly important role in network application. The storage amount of Web database information is growing, at the same time, the security of Web database has been facing extremely daunting challenges. How to strengthen the security of Web database system has become an important issue of network researches. This paper has introduced implementation techniques of database security, described the sub-key encryption algorithm of database in details, and applied it to the management system of information student.
4
Tofan, Dragoş Ovidiu. "Business Intelligence Security." Review of Economic and Business Studies 9, no. 1 (June 1, 2016): 157–69. http://dx.doi.org/10.1515/rebs-2016-0030.
Full textAbstract:
AbstractExcess information characteristic to the current environment leads to the need for a change of the organizations’ perspective and strategy not only through the raw data processing, but also in terms of existing applications generating new information. The overwhelming evolution of digital technologies and web changes led to the adoption of new and adapted internal policies and the emergence of regulations at level of governments or different social organisms. Information security risks arising from the current dynamics demand fast solutions linked to hardware, software and also to education of human resources. Business Intelligence (BI) solutions have their specific evolution in order to bring their contribution to ensure the protection of data through specific components (Big Data, cloud, analytics). The current trend of development of BI applications on mobile devices brings with it a number of shortcomings related to information security and require additional protective measure regarding flows, specific processing and data storage.
5
Srinivasu, N., O. Sree Priyanka, M. Prudhvi, and G. Meghana. "Multilevel classification of security threats in cloud computing." International Journal of Engineering & Technology 7, no. 1.5 (December 31, 2017): 253. http://dx.doi.org/10.14419/ijet.v7i1.5.9157.
Full textAbstract:
Cloud Security was provided for the services such as storage, network, applications and software through internet. The Security was given at each layer (Saas, Paas, and Iaas), in each layer, there are some security threats which became the major problem in cloud computing. In Saas, the security issues are mainly present in Web Application services and this issue can be overcome by web application scanners and service level agreement(SLA). In Paas, the major problem is Data Transmission. During transmission of data, some data may be lost or modified. The PaaS environment accomplishes proficiency to some extent through duplication of information. The duplication of information makes high accessibility of information for engineers and clients. However, data is never fully deleted instead the pointers to the data are deleted. In order to overcome this problem the techniques that used are encryption[12], data backup. In Iaas the security threat that occurs in is virtualization and the techniques that are used to overcome the threats are Dynamic Security Provisioning(DSC), operational security procedure, for which Cloud Software is available in the market, for e.g. Eucalyptus, Nimbus 6.
6
Patel, Iishi, Sambhav Jain, J. K. Vishwajeet, Vibhuti Aggarwal, and Pragati Mehra. "Securing Electronic Healthcare Records in Web Applications." International Journal of Engineering and Advanced Technology 10, no. 5 (June 30, 2021): 236–42. http://dx.doi.org/10.35940/ijeat.e2781.0610521.
Full textAbstract:
In such an unfortunate situation of a medical emergency, a lot of people tend to lose their lives which can be a result of misplaced/delayed paperwork. Thus it is essential to have the patient’s medical record history before going into major surgery and it is often unavailable at the required time due to the chain of communication between different hospitals. As a possible solution to this problem we propose a central chain of all medical records of a patients in an electronic format. The electronic health records (EHRs) are patient-centered, real-time records that make information available to authorized users and help doctors diagnose cases more quickly, reduce medical errors, and deliver safer care. EHRs improve the communication gap and make the process of getting medical attention quicker. Our methodology includes an easy to use 2 module approach (doctor portal and patient portal) with multiple sub modules all linked to a common database. We create a secure and centralized database for EHRs with an easy approach and manageable methodology. Security is important in our use case and we thus include- Secure authentication (and verification of doctor’s ID while creating a new account) , two factor authentication and OTP verification while accessing patient reports. We are using block chain for safely storing multiple patient records for maintaining a safe storage of multiple records. The doctors will be able to access the patients with few clicks and verification and understand the patient background. This will majorly help in maintaining records, accessing prescription and getting an overview of the patient's medical history while saving a lot of manual paper work.
7
Vivek Tammineedi, Venkata Satya, and V. N. Rajavarman. "A Novel Analysis of Advanced Visual Cryptography Techniques for Providing Security Against Web Attacks Using Support Vector Machine Technique." Journal of Computational and Theoretical Nanoscience 17, no. 5 (May 1, 2020): 2097–114. http://dx.doi.org/10.1166/jctn.2020.8855.
Full textAbstract:
In today’s internet applications such as some real time application services like core banking and other public service oriented application have been major issue in authentication of user specification. To perform online dictionary attacks, passwords have been used for security and authentication mechanism. Present days, hacking of databases on web oriented applications is unavoidable to access them easily. Data maintenance is a complex task in internet applications. To solve these type of problems in internet applications, in this paper, we proposed a novel Integrated and Dynamic CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart) (I&D CAPTCHA), which is extension version of existing CAPTCHA that valuated third party human attacks in internet applications based Visual Cryptography approach to discuss about authentication problem in real time applications. There is more number of methods presented for security in advanced pictures for insurance from inventive uninvolved or dynamic assaults in system correspondence environment. Like insightful Visual Cryptographic (VC) is a cutting edge strategy, which is utilized to mystery picture safely impart furthermore keep up to privacy. To proceed with difficulties of security in advanced picture information sharing, so in this paper we break down various VC security instruments for computerized picture information offering to regard tomystery information secrecy. Our examination give effective security answers for relative mystery advanced picture information imparting to correspondence progressively environment. Security aspects are main concepts in present days because of increasing statistical data storage. In Artificial Intelligence (AI) oriented applications, it is very difficult in terms of protection to increasing new aspects in real time world. So we also plan a Novel and Advanced Security system to enable solution for basic AI problems in this paper. This framework mainly works based on Captcha as visual security passwords (CaRP); it is two way communication plan which means that, it is the combination of Captcha and visual security plan. Our approach mainly worked with image security with respect to selection of passwords based on random way. In this paper, we also propose AMODS, an adaptive system that periodically updates the detection model to detect the latest unknown attacks. We also propose an adaptive learning strategy, called SVM HYBRID, leveraged by our system to minimize manual work. Our system out performs existing web attack detectionmethods, with an F-value of 94.79% and FP rate of 0.09%. The total number of malicious queries obtained by SVM HYBRID is 2.78 times that by the popular Support Vector Machine Adaptive Learning (SVMAL) method. The malicious queries obtained can be used to update the Web Application Firewall (WAF) signature library.
8
Shinde, Rucha, Shruti Patil, Ketan Kotecha, and Kirti Ruikar. "Blockchain for Securing AI Applications and Open Innovations." Journal of Open Innovation: Technology, Market, and Complexity 7, no. 3 (August 14, 2021): 189. http://dx.doi.org/10.3390/joitmc7030189.
Full textAbstract:
Nowadays, open innovations such as intelligent automation and digitalization are being adopted by every industry with the help of powerful technology such as Artificial Intelligence (AI). This evolution drives systematic running processes, involves less overhead of managerial activities and increased production rate. However, it also gave birth to different kinds of attacks and security issues at the data storage level and process level. The real-life implementation of such AI-enabled intelligent systems is currently plagued by the lack of security and trust levels in system predictions. Blockchain is a prevailing technology that can help to alleviate the security risks of AI applications. These two technologies are complementing each other as Blockchain can mitigate vulnerabilities in AI, and AI can improve the performance of Blockchain. Many studies are currently being conducted on the applicability of Blockchains for securing intelligent applications in various crucial domains such as healthcare, finance, energy, government, and defense. However, this domain lacks a systematic study that can offer an overarching view of research activities currently going on in applying Blockchains for securing AI-based systems and improving their robustness. This paper presents a bibliometric and literature analysis of how Blockchain provides a security blanket to AI-based systems. Two well-known research databases (Scopus and Web of Science) have been examined for this analytical study and review. The research uncovered that idea proposals in conferences and some articles published in journals make a major contribution. However, there is still a lot of research work to be done to implement real and stable Blockchain-based AI systems.
9
Kellezi, Deina, Christian Boegelund, and Weizhi Meng. "Securing Open Banking with Model-View-Controller Architecture and OWASP." Wireless Communications and Mobile Computing 2021 (September 21, 2021): 1–13. http://dx.doi.org/10.1155/2021/8028073.
Full textAbstract:
In 2015, the European Union passed the PSD2 regulation, with the aim of transferring ownership of bank accounts to the private person. As a result, Open Banking has become an emerging concept, which provides third-party financial service providers open access to bank APIs, including consumer banking, transaction, and other financial data. However, such openness may also incur many security issues, especially when the data can be exposed by an API to a third party. Focused on this challenge, the primary goal of this work is to develop one innovative web solution to the market. We advocate that the solution should be able to trigger transactions based on goals and actions, allowing users to save up money while encouraging positive habits. In particular, we propose a solution with an architectural model that ensures clear separation of concern and easy integration with Nordea’s (the largest bank in the Nordics) Open Banking APIs (sandbox version), and a technological stack with the microframework Flask, the cloud application platform Heroku, and persistent data storage layer using Postgres. We analyze and map the web application’s security threats and determine whether or not the technological frame can provide suitable security level, based on the OWASP Top 10 threats and threat modelling methodology. The results indicate that many of these security measures are either handled automatically by the components offered by the technical stack or are easily preventable through included packages of the Flask Framework. Our findings can support future developers and industries working with web applications for Open Banking towards improving security by choosing the right frameworks and considering the most important vulnerabilities.
10
Ahirwar, Dr Anamika, Nikita Prajapat, and Simran Raj. "AN ANALYTICAL STUDY ON CLOUD COMPUTING." BSSS journal of computer 12, no. 1 (June 30, 2021): 30–35. http://dx.doi.org/10.51767/jc1204.
Full textAbstract:
This paper is about the An Analytical Study on Cloud Computing. Cloud computing is the development of parallel computing, grid computing, distributed computing, and virtualization technologies which define the shape of a new area. In contrast to a variety of benefits related with cloud computing, there are certain challenges as well. These challenges include security, privacy and reliability of data, high costs of data transfers, and regularity in the availability of services, and bugs in large-scale distributed systems. Cloud computing is a method of computing in a place that provides users with the ability of information technology as a service and allows them to have access to these services on the Internet without having limited information. Cloud computing can help businesses transform their closing server infrastructures into dynamic environments, expanding and reducing server capacity depending on their demand. Cloud is a image to describe web as a space where computing has been pre-installed and close as a service; data, operating systems, applications, storage and processing power close on the web ready to be shared. In cloud computing data owners expand their complex data management systems from community sites to the public cloud for great pliability and cost-effective. The searching of this study that highlight there are five main issues related with cloud computing execution which are Mobility and Cloud Government Application security issues, Cloud Security data, cloud security platform, Cloud Security Services and Application, cloud network security issues and infrastructure issues.
11
Arunarani, Ar, and D. Manjula Perkinian. "Intelligent Techniques for Providing Effective Security to Cloud Databases." International Journal of Intelligent Information Technologies 14, no. 1 (January 2018): 1–16. http://dx.doi.org/10.4018/ijiit.2018010101.
Full textAbstract:
Cloud databases have been used in a spate of web-based applications in recent years owing to their capacity to store big data efficiently. In such a scenario, access control techniques implemented in relational databases are so modified as to suit cloud databases. The querying features of cloud databases are designed with facilities to retrieve encrypted data. The performance with respect to retrieval and security needs further improvements to ensure a secured retrieval process. In order to provide an efficient secured retrieval mechanism, a rule- and agent-based intelligent secured retrieval model has been proposed in this paper that analyzes the user, query and contents to be retrieved so as to effect rapid retrieval with decryption from the cloud databases. The major advantage of this retrieval model is in terms of its improved query response time and enhanced security of the storage and retrieval system. From the experiments conducted in this work, proposed model increased storage and access time and, in addition, intensified the security of the data stored in cloud databases.
12
Chivukula, Sreerama Prabhu, Rajasekhar Krovvidi, and Aneesh Sreevallabh Chivukula. "Eucalyptus Cloud to Remotely Provision e-Governance Applications." Journal of Computer Networks and Communications 2011 (2011): 1–15. http://dx.doi.org/10.1155/2011/268987.
Full textAbstract:
Remote rural areas are constrained by lack of reliable power supply, essential for setting up advanced IT infrastructure as servers or storage; therefore, cloud computing comprising an Infrastructure-as-a-Service (IaaS) is well suited to provide such IT infrastructure in remote rural areas. Additional cloud layers of Platform-as-a-Service (PaaS) and Software-as-a-Service (SaaS) can be added above IaaS. Cluster-based IaaS cloud can be set up by using open-source middleware Eucalyptus in data centres of NIC. Data centres of the central and state governments can be integrated with State Wide Area Networks and NICNET together to form the e-governance grid of India. Web service repositories at centre, state, and district level can be built over the national e-governance grid of India. Using Globus Toolkit, we can achieve stateful web services with speed and security. Adding the cloud layer over the e-governance grid will make a grid-cloud environment possible through Globus Nimbus. Service delivery can be in terms of web services delivery through heterogeneous client devices. Data mining using Weka4WS and DataMiningGrid can produce meaningful knowledge discovery from data. In this paper, a plan of action is provided for the implementation of the above proposed architecture.
13
Okoro, R., and S. A. Idowu. "On the Cloud Web services: A Review." INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY 9, no. 2 (July 15, 2013): 1020–27. http://dx.doi.org/10.24297/ijct.v9i2.4166.
Full textAbstract:
Cloud Computing is a constantly evolving IT generic term used to refer to various IT solutions and services provided via the internet. Precisely, cloud computing can be said to be  the delivery of scalable IT resources over the Internet, as opposed to hosting and operating those resources locally; these resources can include applications and services, as well as the infrastructure on which they operate (EDUCAUSE 2009). So instead of spending money on applications and hardware, individuals and businesses have access to same resources without the commitment of ownership to vendors who provide on-demand services such as Customer Relationship Management (CRM), off-site storage, hosted email solutions, secure web portals, etc. Despite some seemingly security challenges that confront total adoption of Cloud computing by business organizations and educational institutions, the benefits of using services provided by Cloud technology still outweigh the perceived challenges. It is the aim of this paper to present an expository review of services that can run on the cloud thereby providing excellent opportunities for business groups and academics institutions. The paper also provides a contribution to the propagation of the adoption of cloud technology.
14
Mochammad Rizky Royani and Arief Wibowo. "Web Service Implementation in Logistics Company uses JSON Web Token and RC4 Cryptography Algorithm." Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi) 4, no. 3 (June 20, 2020): 591–600. http://dx.doi.org/10.29207/resti.v4i3.1952.
Full textAbstract:
The development of e-commerce in Indonesia in the last five years has significantly increased the growth for logistics service companies. The Indonesian Logistics and Forwarders Association (ALFI) has predicted the growth potential of the logistics business in Indonesia to reach more than 30% by 2020. One of the efforts of logistics business companies to improve services in the logistics services business competition is to implement web service technology on mobile platforms, to easy access to services for customers. This research aims to build a web service with a RESTful approach. The REST architecture has limitations in the form of no authentication mechanism, so users can access and modify data. To improve its services, JSON Web Token (JWT) technology is needed in the authentication process and security of access rights. In terms of data storage and transmission security, a cryptographic algorithm is also needed to encrypt and maintain confidentiality in the database. RC4 algorithm is a cryptographic algorithm that is famous for its speed in the encoding process. RC4 encryption results are processed with the Base64 Algorithm so that encrypted messages can be stored in a database. The combination of the RC4 method with the Base64 method has strengthened aspects of database security. This research resulted in a prototype application that was built with a combination of web service methods, JWT and cryptographic techniques. The test results show that the web service application at the logistics service company that was created can run well with relatively fast access time, which is an average of 176 ms. With this access time, the process of managing data and information becomes more efficient because before making this application the process of handling a transaction takes up to 20 minutes.
15
Gopinath, R., and B. G. Geetha. "An E-learning System Based on Secure Data Storage Services in Cloud Computing." International Journal of Information Technology and Web Engineering 8, no. 2 (April 2013): 1–17. http://dx.doi.org/10.4018/jitwe.2013040101.
Full textAbstract:
Abundant reasonable computers, web resources and education content are identified to transform educational usage on-demand in the field of cloud infrastructure. Therefore, there comes a necessity to redesign the educational system to meet the needs better. The appearance of cloud based services supports the creation of latest generation e-learning systems for storing multimedia data within the cloud; it draws attention for academia and research area, which may be able to use high quality of resources. Even though the merits of cloud service are more attractive, the physical possession of users data is under security risk with respect to data correctness. This poses many new security challenges which have not been well explored. This paper focuses mainly on distributed data storage security for e-learning system, which has always been an important aspect of quality service. To make sure the correctness of users data within the cloud, an adaptable and effective auditing mechanism hitches the challenges and distributes erasure-coded data for e-learning web application. This extensive analysis shows that the auditing result achieves quick data error correction and localization of servers for malicious data modification attacks.
16
THURAISINGHAM, BHAVANI. "WEB INFORMATION MANAGEMENT AND ITS APPLICATION TO ELECTRONIC COMMERCE." International Journal on Artificial Intelligence Tools 08, no. 02 (June 1999): 107–17. http://dx.doi.org/10.1142/s0218213099000087.
Full textAbstract:
This paper describes various aspects of web information management with particular emphasis on its application to electronic commerce. We first provide a brief overview of the web. Then we discuss concepts for web database management, as database management is a key part of information management. These include data models and architectures, query processing, transaction management, metadata management, storage issues, and integrity and security. Then we discuss various web information management technologies such as multimedia, visualization, data mining and warehousing, and knowledge management. Then we discuss emerging standards such as Java Database Connectivity, Extended Markup Language (XML), and middleware standards such as Object Request Brokers (ORB) and Remote Method Invocation (RMI). Finally we discuss how web data management technologies can be applied to the important area of electronic commerce.
17
Ravalia, Varun, and Neha Sehrawat. "Vivid analysis of Cloud Computing along with its security issues and challenges." Journal of University of Shanghai for Science and Technology 23, no. 07 (July 8, 2021): 458–63. http://dx.doi.org/10.51201/jusst/21/07113.
Full textAbstract:
In the modern era, technologies are being used by everyone.” Cloud” refers to a collaborative expression for boundless advancements and progression. Cloud computing is a disruptive technology for providing on-demand access to data and applications from anywhere at any time in the world. Cloud computing incorporates various available innovations and technologies like virtualization, bandwidth networks, Web 2.0, browser interfaces, and time-sharing. Cloud computing enables us to share the resources like storage, applications, services, and networks without physically obtaining them. The data is stored in the databases on the servers and users/clients need to request access by sending the request to these servers. This paper includes the various details of cloud technology, its characteristics, its models alongside the challenges and problems faced in cloud computing. Here the focus is on the theoretical explanation of the cloud, models of the cloud, and the problems in the security and confrontation faced during the exertion of the cloud technology.
18
Koutelakis, George V., George K. Anastassopoulos, and Dimitrios K. Lymberopoulos. "Application of Multiprotocol Medical Imaging Communications and an Extended DICOM WADO Service in a Teleradiology Architecture." International Journal of Telemedicine and Applications 2012 (2012): 1–11. http://dx.doi.org/10.1155/2012/271758.
Full textAbstract:
Multiprotocol medical imaging communication through the Internet is more flexible than the tight DICOM transfers. This paper introduces a modular multiprotocol teleradiology architecture that integrates DICOM and common Internet services (based on web, FTP, and E-mail) into a unique operational domain. The extended WADO service (a web extension of DICOM) and the other proposed services allow access to all levels of the DICOM information hierarchy as opposed to solely Object level. A lightweight client site is considered adequate, because the server site of the architecture provides clients with service interfaces through the web as well as invulnerable space for temporary storage, called as User Domains, so that users fulfill their applications' tasks. The proposed teleradiology architecture is pilot implemented using mainly Java-based technologies and is evaluated by engineers in collaboration with doctors. The new architecture ensures flexibility in access, user mobility, and enhanced data security.
19
Chidambaram, Nithya, Pethuru Raj, K. Thenmozhi, and Rengarajan Amirtharajan. "Enhancing the Security of Customer Data in Cloud Environments Using a Novel Digital Fingerprinting Technique." International Journal of Digital Multimedia Broadcasting 2016 (2016): 1–6. http://dx.doi.org/10.1155/2016/8789397.
Full textAbstract:
With the rapid rise of the Internet and electronics in people’s life, the data related to it has also undergone a mammoth increase in magnitude. The data which is stored in the cloud can be sensitive and at times needs a proper file storage system with a tough security algorithm. Whereas cloud is an open shareable elastic environment, it needs impenetrable and airtight security. This paper deals with furnishing a secure storage system for the above-mentioned purpose in the cloud. To become eligible to store data a user has to register with the cloud database. This prevents unauthorized access. The files stored in the cloud are encrypted with RSA algorithm and digital fingerprint for the same has been generated through MD5 message digest before storage. The RSA provides unreadability of data to anyone without the private key. MD5 makes it impossible for any changes on data to go unnoticed. After the application of RSA and MD5 before storage, the data becomes resistant to access or modifications by any third party and to intruders of cloud storage system. This application is tested in Amazon Elastic Compute Cloud Web Services.
20
Ballestrero, Sergio, Franco Brasolin, Arturo Sanchez Pineda, Diana Alessandra Scannicchio, and Matthew Shaun Twomey. "Designing a New Infrastructure for ATLAS Online Web Services." EPJ Web of Conferences 245 (2020): 07030. http://dx.doi.org/10.1051/epjconf/202024507030.
Full textAbstract:
Within the ATLAS detector, the Trigger and Data Acquisition system is responsible for the online processing of data streamed from the detector during collisions at the Large Hadron Collider (LHC) at CERN. The online farm is composed of ~4000 servers processing the data read out from ~100 million detector channels through multiple trigger levels. The capability to monitor the ongoing data taking and all the involved applications is essential to debug and intervene promptly to ensure efficient data taking. The base of the current web service architecture was designed a few years ago, at the beginning of the ATLAS operation (Run 1). It was intended to serve primarily static content from a Network-attached Storage, and privileging strict security, using separate web servers for internal (ATLAS Technical and Control Network - ATCN) and external (CERN General Purpose Network and public internet) access. During these years, it has become necessary to add to the static content an increasing number of dynamic web-based User Interfaces, as they provided new functionalities and replaced legacy desktop UIs. These are typically served by applications on VMs inside ATCN and made accessible externally via chained reverse HTTP proxies. As the trend towards Web UIs continues, the current design has shown its limits, and its increasing complexity became an issue for maintenance and growth. It is, therefore, necessary to review the overall web services architecture for ATLAS, taking into account the current and future needs of the upcoming LHC Run 3. In this paper, we present our investigation and roadmap to re-design the web services system to better operate and monitor the ATLAS detector, while maintaining the security of critical services, such as Detector Control System, and maintaining the separation of remote monitoring and on-site control according to ATLAS policies.
21
El-Sofany, Hosam, and Samir Abou El-Seoud. "A Novel Model for Securing Mobile-based Systems against DDoS Attacks in Cloud Computing Environment." International Journal of Interactive Mobile Technologies (iJIM) 13, no. 01 (January 29, 2019): 85. http://dx.doi.org/10.3991/ijim.v13i01.9900.
Full textAbstract:
the increasing growth of mobile devices technology and Mobile-based systems with the emerging of cloud computing technology, created a Mobile Cloud Computing field to be the recent future technology for different wireless services. The development of Mobile-based system under cloud computing environment solve some performance and environment related issues include: bandwidth, storage capacity, availability, scalability and heterogeneity. The Mobile-based cloud computing apps are different comparing to mobile computing apps, since in the first model the devices run cloud based web applications not as mobile computing native apps. Services of Mobile-based systems via cloud are accessing and sharing through internet connection thus they are open for attacker to attack on its security. Distributed Denial of Service (DDoS) attacks can cause a big problem in mobile cloud computing security. The main objective of DDoS attacks is to infect wireless devises resources (e.g., software applications, wireless network, etc.) and make them unavailable to the authorized user. In DDoS, the attacker tries to overload the Mobile-based service with traffic. The main objective of this research paper is to introduce novel model for securing Mobile-based systems against DDoS attacks. Efficiency and performance analysis evaluations of the proposed model are presented. The feedbacks of the experimental results were highly promising, for protecting mobile-based cloud computing systems against DDoS attacks.
22
Mohammed, Ali Abdulwahhab, and Dheyaa Jasim Kadhim. "Analysis of threats and security issues evaluation in mobile P2P networks." International Journal of Electrical and Computer Engineering (IJECE) 10, no. 6 (December 1, 2020): 6435. http://dx.doi.org/10.11591/ijece.v10i6.pp6435-6445.
Full textAbstract:
Technically, mobile P2P network system architecture can consider as a distributed architecture system (like a community), where the nodes or users can share all or some of their own software and hardware resources such as (applications store, processing time, storage, network bandwidth) with the other nodes (users) through Internet, and these resources can be accessible directly by the nodes in that system without the need of a central coordination node. The main structure of our proposed network architecture is that all the nodes are symmetric in their functions. In this work,
the security issues of mobile P2P network system architecture such as (web threats, attacks and encryption) will be discussed deeply and then we propose different approaches and we analysis and evaluation of these mobile P2P network security issues and submit some proposal solutions to resolve the related problems with threats and other different attacks since these threats and attacks will be serious issue as networks are growing up especially with mobility attribute in current P2P networks.
23
Chihana, Sipiwe, and Jackson Phiri. "Application of IoT in Zambia’s FRA Grain Traceability Process." International Journal of Recent Contributions from Engineering, Science & IT (iJES) 6, no. 4 (December 19, 2018): 87. http://dx.doi.org/10.3991/ijes.v6i4.9332.
Full textAbstract:
<p class="0papersubtitle">with advancement in technology, many sectors have seen growth and improvement in service delivery. Today, many areas such as health, transport and logistics, retailing among others have adopted the use of IoT. Agricultural sector has not been left out on the use of IoT. IoT is defined as a network of interconnected devices which can transfer data efficiently without human involvement. In agriculture, IoT can play a big role in increasing productivity and efficient storage management. Other applications include security, real-time object tracking and monitoring. In Zambia however, the agricultural sector through the Food Reserve Agency (FRA) while still underdeveloped, faces many challenges that range from spoilage, infestations, theft at site, spillage and storage among others. As the national food security agency, FRA has for many years been grappling with these challenges. In order to help curb theft problems, this study proposes the adoption of IoT and related technologies. The proposed IoT technologies will be a prototype model that will employ the use of GPS, RFID, PIR, Wireless radio communication module and the GSM technologies. The GPS will be used to monitor and track the location of the vehicle in transit using mobile and web applications. To curb theft of grain at stationary points, the system will use motion sensing through the use of PIR sensors, wireless radio communication module and the GSM/GPRS technologies. Lastly, RFID combined with GPRS and Arduino microcontroller will be responsible for grain bags tallying. </p><p class="0papersubtitle"> </p>
24
Qiu, Lirong, and Jie Li. "Covering the Monitoring Network: A Unified Framework to Protect E-Commerce Security." Complexity 2017 (2017): 1–11. http://dx.doi.org/10.1155/2017/6254842.
Full textAbstract:
Multimedia applications in smart electronic commerce (e-commerce), such as online trading and Internet marketing, always face security in storage and transmission of digital images and videos. This study addresses the problem of security in e-commerce and proposes a unified framework to analyze the security data. First, to allocate the definite security resources optimally, we build our e-commerce monitoring model as an undirected network, where a monitored node is a vertex of the graph and a connection between vertices is an undirected edge. Moreover, we aim to find a minimal cover for the monitoring network as the optimal solution of resource allocation, which is defined as the network monitoring minimization problem (NMM). This problem is proved to be NP-hard. Second, by analyzing the latent threats, we design a novel and trusted monitoring system that can integrate incident monitoring, data analysis, risk assessment, and security warnings. This system does not touch users’ privacy data. Third, we propose a sequential model-based risk assessment method, which can predict the risk according to the text semantics. Our experimental results on web scale data demonstrate that our system is flexible enough when monitoring, which also verify the effectiveness and efficiency of our system.
25
Saravanan, A., S. SathyaBama, Seifedine Kadry, and Lakshmana Kumar Ramasamy. "A new framework to alleviate DDoS vulnerabilities in cloud computing." International Journal of Electrical and Computer Engineering (IJECE) 9, no. 5 (October 1, 2019): 4163. http://dx.doi.org/10.11591/ijece.v9i5.pp4163-4175.
Full textAbstract:
In the communication age, the Internet has growing very fast and most industries rely on it. An essential part of Internet, Web applications like online booking, e-banking, online shopping, and e-learning plays a vital role in everyday life. Enhancements have been made in this domain, in which the web servers depend on cloud location for resources. Many organizations around the world change their operations and data storage from local to cloud platforms for many reasons especially the availability factor. Even though cloud computing is considered a renowned technology, it has many challenges, the most important one is security. One of the major issue in the cloud security is Distributed Denial of Service attack (DDoS), which results in serious loss if the attack is successful and left unnoticed. This paper focuses on preventing and detecting DDoS attacks in distributed and cloud environment. A new framework has been suggested to alleviate the DDoS attack and to provide availability of cloud resources to its users. The framework introduces three screening tests VISUALCOM, IMGCOM, and AD-IMGCOM to prevent the attack and two queues with certain constraints to detect the attack. The result of our framework shows an improvement and better outcomes and provides a recovered from attack detection with high availability rate. Also, the performance of the queuing model has been analysed.
26
Zaineldeen, Samar, and Abdelrahim Ate. "Improved cloud data transfer security using hybrid encryption algorithm." Indonesian Journal of Electrical Engineering and Computer Science 20, no. 1 (October 1, 2020): 521. http://dx.doi.org/10.11591/ijeecs.v20.i1.pp521-527.
Full textAbstract:
Cloud computing is a model of sophisticated computing which has a strong effect on data innovation. Cloud computing offers remote access to shared computerized assets in the stored cloud. Operationally cloud servers utilize Web services that give enormus advantage to the user in a variety of applications such as banking and finance, storage, social networking and e-mail. Cloud computing accomplishes many of the features interrelated to elasticity, ease of utility, efficiency and performance with low cost. There are a number of potential concerns related to security and privacy since the requirement to protect cloud computing expanded, the encryption algorithms play the key part in data and information security systems, on side these algorithms consume a considerable quantity of computing resource.This paper,presenting a new hybrid encryption algorithm emphasising on AES and Enhanced Homomorphic Cryptosystem (EHC) as a hybrid encryption to guarantee the secure exchange of data between the user and the cloud server, and compression study for two proficient homomorphic encryption techniques for encoding Data Encryption Standard (DES), Advance Encryption Stander (AES).With The proposed techniques an evaluation has been conducted for those encryption algorithms at diverse file sizes of data, to evaluate time taking for encryption and decryption, throughput, memory consumption and power consumption. The major finding was thats the proposed method has the extremity throughput; memory consumption and our proposed work took advantage of the least time taken in sec for encryption and decryption.
27
Akter, Sworna, Md Alamgir Hossain, and Md Mojibur Rahman Redoy Akanda. "A Noble Security Analysis of Various Distributed Systems." International Journal of Engineering, Science and Information Technology 1, no. 2 (April 3, 2021): 62–71. http://dx.doi.org/10.52088/ijesty.v1i2.101.
Full textAbstract:
Distributed systems increased the performance of a system by allowing applications to be processed in parallel. It helps us to share resources like printers, computers, storage facilities, data, files, web pages, networks, and thus it reduces the cost by shaing a single resource among several users instead of multiple resources. Since multiple machines communicate with each other through the network so they can be easily affected by the attacker and the full system should be corrupted. Users can access remote and local resources but they also may not aware of which machines their processes are running on. So, secure communiction of a distributed system is the most important issue. We need to analyze various vulnerabilities and can take proper protection of the system. In this paper, we discuss different architectural styles of distributed systems. Also, hold up different threads and protection mechanisms to get rid of these threads. The most focusing part of this paper is a summary of various distributed systems security. Here we hold up different distributed system security techniques like SSSE algorithm, BLCS architecture, ODIS algorithm, two eavesdropper model, dynamic cuckoo filter, etc. Finally, we summarize the full discussion like used methodology or architecture, advantages, disadvantages, accuracy, and future work in a table by which an author can easily gather knowledge about the summary of this paper. To better understanding, we show the result of various papers with a visual representation. I think it helps authors to know about security techniques and grow interested to work in this area.
28
Xu, Rongxu, Wenquan Jin, and Dohyeun Kim. "Microservice Security Agent Based On API Gateway in Edge Computing." Sensors 19, no. 22 (November 10, 2019): 4905. http://dx.doi.org/10.3390/s19224905.
Full textAbstract:
Internet of Things (IoT) devices are embedded with software, electronics, and sensors, and feature connectivity with constrained resources. They require the edge computing paradigm, with modular characteristics relying on microservices, to provide an extensible and lightweight computing framework at the edge of the network. Edge computing can relieve the burden of centralized cloud computing by performing certain operations, such as data storage and task computation, at the edge of the network. Despite the benefits of edge computing, it can lead to many challenges in terms of security and privacy issues. Thus, services that protect privacy and secure data are essential functions in edge computing. For example, the end user’s ownership and privacy information and control are separated, which can easily lead to data leakage, unauthorized data manipulation, and other data security concerns. Thus, the confidentiality and integrity of the data cannot be guaranteed and, so, more secure authentication and access mechanisms are required to ensure that the microservices are exposed only to authorized users. In this paper, we propose a microservice security agent to integrate the edge computing platform with the API gateway technology for presenting a secure authentication mechanism. The aim of this platform is to afford edge computing clients a practical application which provides user authentication and allows JSON Web Token (JWT)-based secure access to the services of edge computing. To integrate the edge computing platform with the API gateway, we implement a microservice security agent based on the open-source Kong in the EdgeX Foundry framework. Also to provide an easy-to-use approach with Kong, we implement REST APIs for generating new consumers, registering services, configuring access controls. Finally, the usability of the proposed approach is demonstrated by evaluating the round trip time (RTT). The results demonstrate the efficiency of the system and its suitability for real-world applications.
29
Fardinpour, Mojgan, Alireza Sadeghi Milani, and Monire Norouzi. "Towards techniques, challenges and efforts of software as a service layer based on business applications in cloud environments." Kybernetes 49, no. 12 (January 4, 2020): 2993–3018. http://dx.doi.org/10.1108/k-07-2019-0520.
Full textAbstract:
Purpose Cloud computing is qualified to present proper limitless storage and computation resources to users as services throughout the internet. Software as a service (SaaS) layer is the key paradigm perspective in the software layer of the cloud computing. SaaS is connected by business applications to access consumers on existing public, private and hybrid cloud models. This purpose of this paper is to present a discussion and analysis on the SaaS layer based on business applications in the cloud environment in form of a classical taxonomy to recognize the existing techniques, challenges and efforts. Design/methodology/approach Existing techniques, challenges and efforts are classified into four categories: platform-dependent, application-dependent, data-dependent and security-dependent mechanisms. The SaaS layer mechanisms are compared with each other according to the important factors such as the structural properties, quality of service metrics, applied algorithms and measurement tools. Findings The benefits and weaknesses of each research study are analyzed. In the comparison results, the authors observed that the application-based method, the non-heuristic algorithms, the business process method have the highest percentage of the usage in this literature. Originality/value The SaaS layer mechanisms based on business applications have some main features such as high accessibility, compatibility, reusability and collaboration to provide activated application and operation services for user with help of Web browsers. A comprehensive analysis was presented as originality on the SaaS layer mechanisms based on business applications for high level of the cloud environment that 46 peer-reviewed studies were considered.
30
Jalili, Vahid, Enis Afgan, James Taylor, and Jeremy Goecks. "Cloud bursting galaxy: federated identity and access management." Bioinformatics 36, no. 1 (June 14, 2019): 1–9. http://dx.doi.org/10.1093/bioinformatics/btz472.
Full textAbstract:
Abstract Motivation Large biomedical datasets, such as those from genomics and imaging, are increasingly being stored on commercial and institutional cloud computing platforms. This is because cloud-scale computing resources, from robust backup to high-speed data transfer to scalable compute and storage, are needed to make these large datasets usable. However, one challenge for large-scale biomedical data on the cloud is providing secure access, especially when datasets are distributed across platforms. While there are open Web protocols for secure authentication and authorization, these protocols are not in wide use in bioinformatics and are difficult to use for even technologically sophisticated users. Results We have developed a generic and extensible approach for securely accessing biomedical datasets distributed across cloud computing platforms. Our approach combines OpenID Connect and OAuth2, best-practice Web protocols for authentication and authorization, together with Galaxy (https://galaxyproject.org), a web-based computational workbench used by thousands of scientists across the world. With our enhanced version of Galaxy, users can access and analyze data distributed across multiple cloud computing providers without any special knowledge of access/authorization protocols. Our approach does not require users to share permanent credentials (e.g. username, password, API key), instead relying on automatically generated temporary tokens that refresh as needed. Our approach is generalizable to most identity providers and cloud computing platforms. To the best of our knowledge, Galaxy is the only computational workbench where users can access biomedical datasets across multiple cloud computing platforms using best-practice Web security approaches and thereby minimize risks of unauthorized data access and credential use. Availability and implementation Freely available for academic and commercial use under the open-source Academic Free License (https://opensource.org/licenses/AFL-3.0) from the following Github repositories: https://github.com/galaxyproject/galaxy and https://github.com/galaxyproject/cloudauthz.
31
Abdalrahman, Alameen. "A Cloud Database based on AES 256 GCM Encryption Through Devolving Web application of Accounting Information System." International Journal of Recent Technology and Engineering 9, no. 5 (January 30, 2021): 216–21. http://dx.doi.org/10.35940/ijrte.e5269.019521.
Full textAbstract:
The main objective of this research is to use AES 256 GCM encryption and decryption of a web application system database called Accounting Information System (AIS) for achieving more privacy and security in a cloud environment. A cloud environment provides many services such as software, platform, and infrastructure. AIS can use the cloud to store data to achieve accounting with more performance, efficiency, convenience, and cost reduction. On the other hand, cloud environment is not secure because data is kept away from the organization. This paper focuses on how we deal with secure sensitive data such as accounting data AIS web application at web level encryption by using AES 256 GCM encryption to store data as encrypted data at cloud in a secure manner? Accounting Information System (AIS) has very sensitive data and its need to be more secure and safe specially in cloud because it’s not saved at local servers but at another cloud service provider. The storage of encryption and decryption keys are stored in locations and devices different from those in which the database is stored in the cloud for ensuring more safety.
32
Helebrant, Jan, and Petr Kuča. "SUPPORT TO CITIZEN RADIATION MONITORING OF RADIOACTIVITY IN THE CZECH REPUBLIC—PROJECT RAMESIS." Radiation Protection Dosimetry 186, no. 2-3 (December 2019): 291–95. http://dx.doi.org/10.1093/rpd/ncz220.
Full textAbstract:
Abstract Project ‘RAMESIS’, solved by SURO+UTEF+NUVIA, is aimed at the improvement of population safety through supporting Citizen Monitoring in Czechia. Radiation monitoring system at the level of institutions, schools and citizens will be developed and implemented, covering equipment for both fixed-site and mobile monitoring using simple-designed and easy-to-operate detectors, enabling their usage by public and mass-production at acceptable price. The instrumentation includes central application for reception, storage, administration and publication of monitoring results analyzed and presented on web-portal, tools for user’s local online and offline data visualization on a map background, and web portal providing training and informational materials for understanding radiation problems. The system will be implemented in selected institutions and schools, initial sets of detectors are distributed free of charge among schools, institutions and the public. This article describes the technical part of the project, solved in the framework of Ministry of Interior-founded security research ID VI20152019028.
33
Wang, Shao Qing, Dong Yue Yu, Jin Yong Cheng, Peng Cheng Wang, and Wei Yu Zhang. "Using J2EE for Medical Image Transmission in a PACS System." Applied Mechanics and Materials 336-338 (July 2013): 2335–38. http://dx.doi.org/10.4028/www.scientific.net/amm.336-338.2335.
Full textAbstract:
This paper developed a distributional PACS system conform to the J2EE specification, implemented the DICOM images receiving, storage and archiving on the basis of the DICOM standard. Extract meta information and stored in the database. Visit from different clients of different platforms to look up patient and some management. Web Service provides services functions. The System is a true cross-platform, provides a good background support for remote diagnosis system and the borderless PACS system. Compared to the traditional PACS, the PACS based on J2EE specification is easier to install and manage and more security and flexible, overcome the traditional faults of pure Client/Server model or Browser/Server architecture. Simplifies enterprise application development, management and deploy as a distributional and portable PACS.
34
Schmitt, D., J. Kass, M. García-Barbero, P. Kantchev, and C. Bescos. "Interoperability and HealthGRID." Methods of Information in Medicine 44, no. 02 (2005): 190–92. http://dx.doi.org/10.1055/s-0038-1633944.
Full textAbstract:
Summary Objectives: GRID technology, with initiatives like the GGF, will have the potential to allow both competition and interoperability not only among applications and toolkits, but also among implementations of key services.The pyramid of eHealth interoperability should be achieved from standards in communication and data security, storage and processing, to the policy initiatives, including organizational protocols, financing procedures, and legal framework.The open challenges for GRID use in clinical fields illustrate the potential of the combination of grid technologies with medical routine into a wider inter-operable framework. Methods: The Telemedicine Alliance is a consortium (ESA, WHO and ITU), initiated in 2002, in building a vision for the provision of eHealth to European citizens by 2010. After a survey with more that 50 interviews of experts, interoperability was identified as the main showstopper to eHealth implementation. Results: There are already several groups and organizations contributing to standardization. TM-Alliance is supporting the “e-Health Standardization Coordination Group” (eHSCG). Conclusions: It is now, in the design and development phase of GRID technology in Health, the right moment to act with the aim of achieving an interoperable and open framework. The Health area should benefit from the initiatives started at the GGF in terms of global architecture and services definitions, as well as from the security and other web services applications developed under the Internet umbrella. There is a risk that existing important results of the standardization efforts in this area are not taken up simply because they are not always known.
35
Bijolin Edwin, E., and M. Roshni Thanka. "Data Replication Strategies with Load Balancing and Data Migration in Cloud Data Center." Journal of Computational and Theoretical Nanoscience 17, no. 5 (May 1, 2020): 2024–29. http://dx.doi.org/10.1166/jctn.2020.8843.
Full textAbstract:
The evolution of Information Systems implies new applications and the need to migrate the data from a previous application to a new one. At the same time, some organizations may need to replicate data from one technology to another one, in order to have backup systems and have a flexible load balanced strategies. The maximal uniform distribution of the load across closer and number of simpler nodes can help managing and providing the big data and large workloads which are more easy to handle. The ultimate goal is to balance the load through cloud and make internet less cloud defendant by having data available closer to the user end. One of the most challenging steps required to deploy an application infrastructure in the cloud involves the physics of moving data into and out of the cloud. Amazon Web Services (AWS) provides a number of services for moving data, and each solution offers various levels of speed, security, cost, and performance. This stems from the fact that almost all the typical distributed storage systems only provide data-amount-oriented balancing mechanisms without considering the different access load of data. To eliminate the system bottlenecks and optimize the resource utilization, there is a demand for such distributed storage systems to employ a workload balancing and adaptive resource management framework. We propose a framework of Enhanced replication scheduling algorithm which balances the replicated data to be balanced and to handle the overload data integration by data migration concept which gives more data efficiency and improved performance during migration of replicated data. For handling of data migration, we propose Ant Colony Algorithm which gives a safe data migration from one end to the other. This will improve the efficiency, Cost and takes less duration for the data to migrated and to be equally balanced.
36
Wang, X. Z., H. M. Zhang, J. H. Zhao, Q. H. Lin, Y. C. Zhou, and J. H. Li. "AN INTERACTIVE WEB-BASED ANALYSIS FRAMEWORK FOR REMOTE SENSING CLOUD COMPUTING." ISPRS Annals of Photogrammetry, Remote Sensing and Spatial Information Sciences II-4/W2 (July 10, 2015): 43–50. http://dx.doi.org/10.5194/isprsannals-ii-4-w2-43-2015.
Full textAbstract:
Spatiotemporal data, especially remote sensing data, are widely used in ecological, geographical, agriculture, and military research and applications. With the development of remote sensing technology, more and more remote sensing data are accumulated and stored in the cloud. An effective way for cloud users to access and analyse these massive spatiotemporal data in the web clients becomes an urgent issue. In this paper, we proposed a new scalable, interactive and web-based cloud computing solution for massive remote sensing data analysis. We build a spatiotemporal analysis platform to provide the end-user with a safe and convenient way to access massive remote sensing data stored in the cloud. The lightweight cloud storage system used to store public data and users’ private data is constructed based on open source distributed file system. In it, massive remote sensing data are stored as public data, while the intermediate and input data are stored as private data. The elastic, scalable, and flexible cloud computing environment is built using Docker, which is a technology of open-source lightweight cloud computing container in the Linux operating system. In the Docker container, open-source software such as IPython, NumPy, GDAL, and Grass GIS etc., are deployed. Users can write scripts in the IPython Notebook web page through the web browser to process data, and the scripts will be submitted to IPython kernel to be executed. By comparing the performance of remote sensing data analysis tasks executed in Docker container, KVM virtual machines and physical machines respectively, we can conclude that the cloud computing environment built by Docker makes the greatest use of the host system resources, and can handle more concurrent spatial-temporal computing tasks. Docker technology provides resource isolation mechanism in aspects of IO, CPU, and memory etc., which offers security guarantee when processing remote sensing data in the IPython Notebook. Users can write complex data processing code on the web directly, so they can design their own data processing algorithm.
37
Andria, Andria, and Ridho Pamungkas. "Penetration Testing Database Menggunakan Metode SQL Injection Via SQLMap di Termux." Indonesian Journal of Applied Informatics 5, no. 1 (April 18, 2021): 1. http://dx.doi.org/10.20961/ijai.v5i1.40845.
Full textAbstract:
<p class="infAbstract"><em>Abstrak : </em></p><p class="infAbstract">Penetration testing (Pentesting) merupakan sebuah metode evaluasi terhadap keamanan pada suatu sistem dan jaringan komputer dengan melakukan suatu pengujian, salah satu metode pengujian yang dapat digunakan adalah SQL Injection. SQL Injection merupakan suatu teknik hacking dengan fokus pengujian pada database sebagai media penyimpanan data pada sistem. Tool yang digunakan pada penelitian ini ialah SQLMap yang merupakan tool open source yang dapat menganalisa, mendeteksi dan melakukan exploit (sebuah kode yang dapat menyerang keamanan sistem komputer secara spesifik) pada bug SQL Injection. Pengujian dilakukan menggunakan perangkat Smartphone bersistem operasi Android dengan program aplikasi Termux sebagai emulator terminal berbasis linux. Tujuan dari penelitian ini untuk pengujian keamanan database web server dan membantu pengelola atau admin situs web untuk dapat memeriksa adanya celah kerentanan database yang dapat dieskploitasi oleh peretas.</p><p class="infAbstract">____________________________</p><p class="infAbstract">Abstract :</p><p><em>Penetration testing</em><em> (Pentest</em><em>ing</em><em>) is a method of evaluating the security of a computer system and network by conducting a test, one of the testing methods that can be used is SQL Injection . SQL Injection is a hacking technique that focuses on testing the database as a data storage medium on the system. The tool used in this study is SQLMap which is an open source tool that can analyze, detect and exploit (a code that can specifically attack computer system security) on the SQL Injection bug. Testing was carried out using a Smartphone device with the Android operating system with the Termux application program as a linux-based terminal emulator. The purpose of this research is to test the security of the web server database and help the website manager or admin to be able to check for any database vulnerabilities that can be exploited by hackers.</em></p><p class="infAbstract"><em><br /></em></p>
38
Khoa, Tran Anh, Le Mai Bao Nhu, Hoang Hai Son, Nguyen Minh Trong, Cao Hoang Phuc, Nguyen Thi Hoang Phuong, Nguyen Van Dung, Nguyen Hoang Nam, Dong Si Thien Chau, and Dang Ngoc Minh Duc. "Designing Efficient Smart Home Management with IoT Smart Lighting: A Case Study." Wireless Communications and Mobile Computing 2020 (November 20, 2020): 1–18. http://dx.doi.org/10.1155/2020/8896637.
Full textAbstract:
Smart homes are an element of developing smart cities. In recent years, countries around the world have spared no effort in promoting smart cities. Smart homes are an interesting technological advancement that can make people’s lives much more convenient. The development of smart homes involves multiple technological aspects, which include big data, mobile networks, cloud computing, Internet of Things, and even artificial intelligence. Digital information is the main component of signal control and flow in a smart home, while information security is another important aspect. In the event of equipment failure, the task of safeguarding the system’s information is of the utmost importance. Since smart homes are automatically controlled, the problem of mobile network security must be taken seriously. To address these issues, this paper focuses on information security, big data, mobile networks, cloud computing, and the Internet of Things. Security efficiency can be enhanced by using a Secure Hash Algorithm 256 (SHA-256), which is an authentication mechanism that, with the help of the user, can authenticate each interaction of a given device with a WebServer by using an encrypted username, password, and token. This framework could be used for an automated burglar alarm system, guest attendance monitoring, and light switches, all of which are easily integrated with any smart city base. In this way, IoT solutions can allow real-time monitoring and connection with central systems for automated burglar alarms. The monitoring framework is developed on the strength of the web application to obtain real-time display, storage, and warning functions for local or remote monitoring control. The monitoring system is stable and reliable when applying SHA-256.
39
Faisol, Ahmad, and Imam Izzat Muttaqin. "IMPLEMENTASI SENSOR MONITORING PADA JARINGAN WI-FI (HOTSPOT) BERBASIS SNORT." Jurnal Teknologi Informasi dan Terapan 5, no. 2 (April 3, 2019): 141–46. http://dx.doi.org/10.25047/jtit.v5i2.92.
Full textAbstract:
The wireless networking application besides giving the simplicity in communication or data exchange, also has a weakness in security system. Every user's tools that connected to the wireless network must be ready towards the appearance of the destruction or attack, because wireless network doesn't have a clear defense track. On this research, monitoring sensor application based on Snort is being suggested as one of the solutions that can be used to help the network arrangement in monitoring the condition of the network and analyze every dangerous package that is in the network. Snort will detect the intruder and analyze the package that cross the network directly and recording into the data storage media. Monitoring sensor is using rule-base system that will detect every package based on the directions that has defined to the direction data collection. The result of the research shown every new data package that entry the sensor, so the change of the event's amount of the monitoring sensor will change automatically based on the admin's arrangements. More data that cross the sensor, can influence the activity from the server that shown by the slow response from the web server.
40
Mavodza, Judith. "The impact of cloud computing on the future of academic library practices and services." New Library World 114, no. 3/4 (March 22, 2013): 132–41. http://dx.doi.org/10.1108/03074801311304041.
Full textAbstract:
PurposeThe purpose of this paper is to discuss issues involved in navigating the modern information environment where the relevance of cloud computing is unavoidable. This is a way of shifting from the hardware and software demands of storing and organizing data, to information access concerns. That is because with the exponential growth in information sources and all accompanying complexities, the limited capacity of libraries to host their own in its entirety necessitates opting for alternatives in the cloud.Design/methodology/approachA review of current literature about the topic was performedFindingsLiterature used reveals that currently, libraries are using the cloud for putting together user resources, i.e. using Software as a Service (SaaS), such as in library catalogues, WorldCat, Googledocs, and the aggregated subject gateways like SUMMON, and others; the web Platform as a Service (PaaS) as in the use of GoogleApp Engine; or Infrastructure as a Service (IaaS) as in the use of D‐Space, FEDORA, and others. The cloud is confirmed as a facilitator in storing and accessing information in addition to providing a unified web presence with reduced local storage capacity challenges.Originality/valueThe value of these findings is to remind librarians of the shift in focus towards which devices provide the easiest access to data and applications. This is one of the reasons they in many instances are currently having to address issues relating to the use of electronic media tools such as smartphones, iPad, e‐book readers, and other handheld devices. The largely borderless information resources also bring to the forefront considerations about digital rights management, fair use, information security, ownership and control of data, privacy, scholarly publishing, copyright guidance, and licensing that the librarian has to be knowledgeable about. It has become necessary for librarians who make use of commercial cloud services to be conversant with the implications on institutional data. To avert the ever present dangers and risks involving cyber‐security, it is usually practical for institutions to keep policies, procedures, fiscal, and personnel data in private clouds that have carefully crafted access permissions. Being aware of these implications enables thoughtful, adaptive planning strategies for the future of library practice and service.
41
Mohalik, Ramakanta. "Digital Literacy and Its Use by Teacher Trainess at Secondary Level in Odisha." Randwick International of Education and Linguistics Science Journal 1, no. 2 (September 30, 2020): 242–50. http://dx.doi.org/10.47175/rielsj.v1i2.90.
Full textAbstract:
Digital devices and applications have been used in schools and teacher education institutes across the globe for teaching learning. All the prospective teachers must be digitally savvy to utilize it in school for teaching, assessment, management and professional development. This study intended to find out the level of digital literacy and its uses among teacher trainees at secondary level. Descriptive research method was followed for undertaking this study. Survey was conducted on sample of 170 trainees selected randomly from teacher education institutes under Utkal University, Odisha, India. Self developed questionnaire based on different aspects of digital devices and applications such as skills of trainees in digital technology, use of digital technology and applications by trainees for learning and teaching etc. was used at tool. Collected data were subjected to frequency and percentage analysis and accordingly conclusions were drawn. The study found that (i) majority of trainees can change screen brightness and contrast, minimize, maximize and move window screen, use search command to locate a file and download and install applications, (ii) more than 50% of trainees do not know learning management system, virtual worlds, podcasts and web design applications, (iii) around 70% of trainees are aware about storage of video in camera, manage junk mail and update username and password and less than 50% of trainees knew about voice typing and cyber security, (iv) majority of trainees use group email and whatsapp for academic work and only 20% of trainees use digital devices for using PPT in class, create digital learning materials, provide feedback to students. It is suggested that teacher education institutes must be equipped with digital devices and applications useful for teaching learning and professional development. Further, teacher educator must encourage and motivate trainees by integrated ICT in regular course work and across the subjects so that trainees can develop skills of using it for teaching, learning and assessment in schools.
42
Yu, Rongrui, Chunqiong Wu, Bingwen Yan, Baoqin Yu, Xiukao Zhou, Yanliang Yu, and Na Chen. "Analysis of the Impact of Big Data on E-Commerce in Cloud Computing Environment." Complexity 2021 (May 26, 2021): 1–12. http://dx.doi.org/10.1155/2021/5613599.
Full textAbstract:
This article starts with the analysis of the existing electronic commerce system, summarizes its characteristics, and analyzes and solves its existing problems. Firstly, the characteristics of the relational database My Structured Query Language (MySQL) and the distributed database HBase are analyzed, their respective advantages and disadvantages are summarized, and the advantages and disadvantages of each are taken into account when storing data. My SQL is used to store structured business data in the system, while HBase is used to store unstructured data such as pictures. These two storage mechanisms together constitute a data storage subsystem. Secondly, considering the large amount of data in the e-commerce system and the complex calculation of the data mining algorithm, this paper uses MapReduce to realize the parallelization of the data mining algorithm and builds a Hadoop-based commodity recommendation subsystem on this basis. We use JavaEE technology to design a full-featured web mall system. Finally, based on the impact of cloud computing, mobile e-commerce is analyzed, including relevant theories, service mode, architecture, core technology, and the application in e-commerce, which can realize e-commerce precision marketing, find the optimal path of logistics, and take effective security measures to avoid transaction risks. This method can avoid the disadvantages of the traditional e-commerce, where large-scale data cannot be processed in a timely manner, realize the value of mining data behind, and realize the precision marketing of e-commerce enterprises.
43
Galvin, Hannah K., and Paul R. DeMuro. "Developments in Privacy and Data Ownership in Mobile Health Technologies, 2016-2019." Yearbook of Medical Informatics 29, no. 01 (August 2020): 032–43. http://dx.doi.org/10.1055/s-0040-1701987.
Full textAbstract:
Objectives: To survey international regulatory frameworks that serve to protect privacy of personal data as a human right as well as to review the literature regarding privacy protections and data ownership in mobile health (mHealth) technologies between January 1, 2016 and June 1, 2019 in order to identify common themes. Methods: We performed a review of relevant literature available in English published between January 1, 2016 and June 1, 2019 from databases including PubMed, Google Scholar, and Web of Science, as well as relevant legislative background material. Articles out of scope (as detailed below) were eliminated. We categorized the remaining pool of articles and discrete themes were identified, specifically: concerns around data transmission and storage, including data ownership and the ability to re-identify previously de-identified data; issues with user consent (including the availability of appropriate privacy policies) and access control; and the changing culture and variable global attitudes toward privacy of health data. Results: Recent literature demonstrates that the security of mHealth data storage and transmission remains of wide concern, and aggregated data that were previously considered “de-identified” have now been demonstrated to be re-identifiable. Consumer-informed consent may be lacking with regard to mHealth applications due to the absence of a privacy policy and/or to text that is too complex and lengthy for most users to comprehend. The literature surveyed emphasizes improved access control strategies. This survey also illustrates a wide variety of global user perceptions regarding health data privacy. Conclusion: The international regulatory framework that serves to protect privacy of personal data as a human right is diverse. Given the challenges legislators face to keep up with rapidly advancing technology, we introduce the concept of a “healthcare fiduciary” to serve the best interest of data subjects in the current environment.
44
S. Vaithyasubramanian, S. Vaithyasubramanian, and R. Sundararajan. "State space classification of Markov password – an alphanumeric password authentication scheme for secure communication in cloud computing." International Journal of Pervasive Computing and Communications 17, no. 1 (January 8, 2021): 121–34. http://dx.doi.org/10.1108/ijpcc-05-2020-0035.
Full textAbstract:
Purpose Purpose of this study is to classify the states of Markov Chain for the implementation of Markov Password for effective security. Password confirmation is more often required in all authentication process, as the usage of computing facilities and electronic devices have developed hugely to access networks. Over the years with the increase in numerous Web developments and internet applications, each platform needs ID and password validation for individual users. Design/methodology/approach In the technological development of cloud computing, in recent times, it is facing security issues. Data theft, data security, denial of service, patch management, encryption management, key management, storage security and authentication are some of the issues and challenges in cloud computing. Validation in user login authentications is generally processed and executed by password. To authenticate universally, alphanumeric passwords are used. One of the promising proposed methodologies in this type of password authentication is Markov password. Markov passwords – a rule-based password formation are created or generated by using Markov chain. Representation of Markov password formation can be done by state space diagram or transition probability matrix. State space classification of Markov chain is one of the basic and significant properties. The objective of this paper is to classify the states of Markov chain to support the practice of this type of password in the direction of effective authentication for secure communication in cloud computing. Conversion of some sample obvious password into Markov password and comparative analysis on their strength is also presented in this paper. Analysis on strength of obvious password of length eight has shown range of 7%–9% although the converted Markov password has shown more than 82%. As an effective methodology, this password authentication can be implemented in cloud portal and password login validation process. Findings The objective of this paper is to classify the states of Markov chain to support the practice of this type of password in the direction of effective authentication for secure communication in cloud computing. Conversion of some sample obvious password into Markov password and comparative analysis on their strength is also presented in this paper. Originality/value Validation in user login authentications is generally processed and executed by password. To authenticate universally, alphanumeric passwords are used. One of the promising proposed methodologies in this type of password authentication is Markov password.
45
Padmanaban, Sujitha, and Muppidathi Priya. "FX Job Recruitment." International Journal on Cybernetics & Informatics 10, no. 2 (May 31, 2021): 239–49. http://dx.doi.org/10.5121/ijci.2021.100227.
Full textAbstract:
In this project present a secure and privacy-preserving access control to users, which guarantee any member in a group to anonymously utilize the cloud resource. Moreover, the real identities of data owners can be revealed by the group manager when disputes occur. In this project provide rigorous security analysis, and perform extensive simulations to demonstrate the efficiency of our scheme in terms of storage and computation overhead. Cloud computing provides an economical and efficient solution for sharing group resource among cloud users. Unfortunately, sharing data in a multi-job portal manner while preserving data and identity privacy from an un trusted cloud is still a challenging issue, due to the frequent change of the membership . The major aims of this method a secure multi-owner data sharing scheme. It implies that any user in the group can securely share data with others by the un trusted cloud. This scheme is able to support dynamic groups. Efficiently, specifically, new granted users can directly decrypt data files uploaded before their participation without contacting with data owners. User revocation can be easily achieved through a novel revocation list without updating the secret Keys of the remaining users. The size and computation overhead of encryption are constant and Independent with the number of revoked users. Job portal is developed for creating an interactive job vacancy for candidates. This web application is to be conceived in its current form as a dynamic site-requiring constant updates both from the seekers as well as the companies. On the whole the objective of the project is to enable jobseekers to place their resumes and companies to publish their vacancies.
46
Munawar, Hafiz Suliman, Siddra Qayyum, Fahim Ullah, and Samad Sepasgozar. "Big Data and Its Applications in Smart Real Estate and the Disaster Management Life Cycle: A Systematic Analysis." Big Data and Cognitive Computing 4, no. 2 (March 26, 2020): 4. http://dx.doi.org/10.3390/bdcc4020004.
Full textAbstract:
Big data is the concept of enormous amounts of data being generated daily in different fields due to the increased use of technology and internet sources. Despite the various advancements and the hopes of better understanding, big data management and analysis remain a challenge, calling for more rigorous and detailed research, as well as the identifications of methods and ways in which big data could be tackled and put to good use. The existing research lacks in discussing and evaluating the pertinent tools and technologies to analyze big data in an efficient manner which calls for a comprehensive and holistic analysis of the published articles to summarize the concept of big data and see field-specific applications. To address this gap and keep a recent focus, research articles published in last decade, belonging to top-tier and high-impact journals, were retrieved using the search engines of Google Scholar, Scopus, and Web of Science that were narrowed down to a set of 139 relevant research articles. Different analyses were conducted on the retrieved papers including bibliometric analysis, keywords analysis, big data search trends, and authors’ names, countries, and affiliated institutes contributing the most to the field of big data. The comparative analyses show that, conceptually, big data lies at the intersection of the storage, statistics, technology, and research fields and emerged as an amalgam of these four fields with interlinked aspects such as data hosting and computing, data management, data refining, data patterns, and machine learning. The results further show that major characteristics of big data can be summarized using the seven Vs, which include variety, volume, variability, value, visualization, veracity, and velocity. Furthermore, the existing methods for big data analysis, their shortcomings, and the possible directions were also explored that could be taken for harnessing technology to ensure data analysis tools could be upgraded to be fast and efficient. The major challenges in handling big data include efficient storage, retrieval, analysis, and visualization of the large heterogeneous data, which can be tackled through authentication such as Kerberos and encrypted files, logging of attacks, secure communication through Secure Sockets Layer (SSL) and Transport Layer Security (TLS), data imputation, building learning models, dividing computations into sub-tasks, checkpoint applications for recursive tasks, and using Solid State Drives (SDD) and Phase Change Material (PCM) for storage. In terms of frameworks for big data management, two frameworks exist including Hadoop and Apache Spark, which must be used simultaneously to capture the holistic essence of the data and make the analyses meaningful, swift, and speedy. Further field-specific applications of big data in two promising and integrated fields, i.e., smart real estate and disaster management, were investigated, and a framework for field-specific applications, as well as a merger of the two areas through big data, was highlighted. The proposed frameworks show that big data can tackle the ever-present issues of customer regrets related to poor quality of information or lack of information in smart real estate to increase the customer satisfaction using an intermediate organization that can process and keep a check on the data being provided to the customers by the sellers and real estate managers. Similarly, for disaster and its risk management, data from social media, drones, multimedia, and search engines can be used to tackle natural disasters such as floods, bushfires, and earthquakes, as well as plan emergency responses. In addition, a merger framework for smart real estate and disaster risk management show that big data generated from the smart real estate in the form of occupant data, facilities management, and building integration and maintenance can be shared with the disaster risk management and emergency response teams to help prevent, prepare, respond to, or recover from the disasters.
47
Gu, Dongxiao, Xuejie Yang, Shuyuan Deng, Changyong Liang, Xiaoyu Wang, Jiao Wu, and Jingjing Guo. "Tracking Knowledge Evolution in Cloud Health Care Research: Knowledge Map and Common Word Analysis." Journal of Medical Internet Research 22, no. 2 (February 25, 2020): e15142. http://dx.doi.org/10.2196/15142.
Full textAbstract:
Background With the continuous development of the internet and the explosive growth in data, big data technology has emerged. With its ongoing development and application, cloud computing technology provides better data storage and analysis. The development of cloud health care provides a more convenient and effective solution for health. Studying the evolution of knowledge and research hotspots in the field of cloud health care is increasingly important for medical informatics. Scholars in the medical informatics community need to understand the extent of the evolution of and possible trends in cloud health care research to inform their future research. Objective Drawing on the cloud health care literature, this study aimed to describe the development and evolution of research themes in cloud health care through a knowledge map and common word analysis. Methods A total of 2878 articles about cloud health care was retrieved from the Web of Science database. We used cybermetrics to analyze and visualize the keywords in these articles. We created a knowledge map to show the evolution of cloud health care research. We used co-word analysis to identify the hotspots and their evolution in cloud health care research. Results The evolution and development of cloud health care services are described. In 2007-2009 (Phase I), most scholars used cloud computing in the medical field mainly to reduce costs, and grid computing and cloud computing were the primary technologies. In 2010-2012 (Phase II), the security of cloud systems became of interest to scholars. In 2013-2015 (Phase III), medical informatization enabled big data for health services. In 2016-2017 (Phase IV), machine learning and mobile technologies were introduced to the medical field. Conclusions Cloud health care research has been rapidly developing worldwide, and technologies used in cloud health research are simultaneously diverging and becoming smarter. Cloud–based mobile health, cloud–based smart health, and the security of cloud health data and systems are three possible trends in the future development of the cloud health care field.
48
Wu, Raymond, and Masayuki Hisada. "SOA Web Security and Applications." Journal of Object Technology 9, no. 2 (2010): 163. http://dx.doi.org/10.5381/jot.2010.9.2.a4.
Full text
49
Obermayer, Benedikt, Manuel Holtgrewe, Mikko Nieminen, Clemens Messerschmidt, and Dieter Beule. "SCelVis: exploratory single cell data analysis on the desktop and in the cloud." PeerJ 8 (February 19, 2020): e8607. http://dx.doi.org/10.7717/peerj.8607.
Full textAbstract:
Background Single cell omics technologies present unique opportunities for biomedical and life sciences from lab to clinic, but the high dimensional nature of such data poses challenges for computational analysis and interpretation. Furthermore, FAIR data management as well as data privacy and security become crucial when working with clinical data, especially in cross-institutional and translational settings. Existing solutions are either bound to the desktop of one researcher or come with dependencies on vendor-specific technology for cloud storage or user authentication. Results To facilitate analysis and interpretation of single-cell data by users without bioinformatics expertise, we present SCelVis, a flexible, interactive and user-friendly app for web-based visualization of pre-processed single-cell data. Users can survey multiple interactive visualizations of their single cell expression data and cell annotation, define cell groups by filtering or manual selection and perform differential gene expression, and download raw or processed data for further offline analysis. SCelVis can be run both on the desktop and cloud systems, accepts input from local and various remote sources using standard and open protocols, and allows for hosting data in the cloud and locally. We test and validate our visualization using publicly available scRNA-seq data. Methods SCelVis is implemented in Python using Dash by Plotly. It is available as a standalone application as a Python package, via Conda/Bioconda and as a Docker image. All components are available as open source under the permissive MIT license and are based on open standards and interfaces, enabling further development and integration with third party pipelines and analysis components. The GitHub repository is https://github.com/bihealth/scelvis.
50
Alrawais, Layla Mohammed, Mamdouh Alenezi, and Mohammad Akour. "Security Testing Framework for Web Applications." International Journal of Software Innovation 6, no. 3 (July 2018): 93–117. http://dx.doi.org/10.4018/ijsi.2018070107.
Full textAbstract:
The growth of web-based applications has increased tremendously from last two decades. While these applications bring huge benefits to society, yet they suffer from various security threats. Although there exist various techniques to ensure the security of web applications, still a large number of applications suffer from a wide variety of attacks and result in financial loses. In this article, a security-testing framework for web applications is proposed with an argument that security of an application should be tested at every stage of software development life cycle (SDLC). Security testing is initiated from the requirement engineering phase using a keyword-analysis phase. The output of the first phase serves as input to the next phase. Different case study applications indicate that the framework assists in early detection of security threats and applying appropriate security measures. The results obtained from the implementation of the proposed framework demonstrated a high detection ratio with a less false-positive rate.