The world has seen a quick transition from hard devices for local storage to massive virtual data centers, all possible because of cloud storage technology. Businesses have grown to be scalable, meeting consumer demands on every turn. Cloud computing has transforming the way we do business making IT more efficient and cost effective that leads to new types of cybercrimes. Securing the data in cloud is a challenging task. Cloud security is a mixture of art and science. Art is to create your own technique and technologies in such a way that the user should be authenticated. Science is because you have to come up with ways of securing your application. Data security refers to a broad set of policies, technologies and controls deployed to protect data application and the associated infrastructure of cloud computing. It ensures that the data has not been accessed by any unauthorized person. Cloud storage systems are considered to be a network of distributed data centers which typically uses cloud computing technologies like virtualization and offers some kind of interface for storing data. Virtualization is the process of grouping the physical storage from multiple network storage devices so that it looks like a single storage device.Storing the important data in the cloud has become an essential argument in the computer territory. The cloud enables the user to store the data efficiently and access the data securely. It avoids the basic expenditure on hardware, software and maintenance. Protecting the cloud data has become one of the burdensome tasks in today’s environment. Our proposed scheme "Certificateless Compressed Data Sharing in Cloud through Partial Decryption" (CCDSPD) makes use of Shared Secret Session (3S) key for encryption and double decryption process to secure the information in the cloud. CC does not use pairing concept to solve the key escrow problem. Our scheme provides an efficient secure way of sharing data to the cloud and reduces the time consumption nearly by 50 percent as compared to the existing mCL-PKE scheme in encryption and decryption process.Distributed Cloud Environment (DCE) has the ability to store the da-ta and share it with others. One of the main issues arises during this is, how safe the data in the cloud while storing and sharing. Therefore, the communication media should be safe from any intruders residing between the two entities. What if the key generator compromises with intruders and shares the keys used for both communication and data? Therefore, the proposed system makes use of the Station-to-Station (STS) protocol to make the channel safer. The concept of encrypting the secret key confuses the intruders. Duplicate File Detector (DFD) checks for any existence of the same file before uploading. The scheduler as-signs the work of generating keys to the key manager who has less task to complete or free of any task. By these techniques, the proposed system makes time-efficient, cost-efficient, and resource efficient compared to the existing system. The performance is analysed in terms of time, cost and resources. It is necessary to safeguard the communication channel between the entities before sharing the data. In this process of sharing, what if the key manager’s compromises with intruders and reveal the information of the user’s key that is used for encryption. The process of securing the key by using the user’s phrase is the key concept used in the proposed system "Secure Storing and Sharing of Data in Cloud Environment using User Phrase" (S3DCE). It does not rely on any key managers to generate the key instead the user himself generates the key. In order to provide double security, the encryption key is also encrypted by the public key derived from the user’s phrase. S3DCE guarantees privacy, confidentiality and integrity of the user data while storing and sharing. The proposed method S3DCE is more efficient in terms of time, cost and resource utilization compared to the existing algorithm DaSCE (Data Security for Cloud Environment with Semi Trusted Third Party) and DACESM (Data Security for Cloud Environment with Scheduled Key Managers).For a cloud to be secure, all of the participating entities must be secure. The security of the assets does not solely depend on an individual s security measures. The neighbouring entities may provide an opportunity to an attacker to bypass the user s defences. The data may compromise due to attacks by other users and nodes within the cloud. Therefore, high security measures are required to protect data within the cloud. Cloudsim allows to create a network that contains a set of Intelligent Sense Point (ISP) spread across an area. Each ISPs will have its own unique position and will be different from other ISPs. Cloud is a cost-efficient solution for the distribution of data but has the challenge of a data breach. The data can be compromised of attacks of ISPs. Therefore, in OSNQSC (Optimized Selection of Nodes for Enhanced in Cloud Environment), an optimized method is proposed to find the best ISPs to place the data fragments that considers the channel quality, distance and the remaining energy of the ISPs. The fragments are encrypted before storing. OSNQSC is more efficient in terms of total upload time, total download time, throughput, storage and memory consumption of the node with the existing Betweenness centrality, Eccentricity and Closeness centrality methods of DROPS (Division and Replication of Data in the Cloud for Optimal Performance and Security).

Cloud computing has been widely used because of its low price, high reliability, and generality of services. However, considering that cloud computing transactions between users and service providers are usually asynchronous, data privacy involving users and service providers may lead to a crisis of trust, which in turn hinders the expansion of cloud computing applications. In this paper, we propose DPP, a data privacypreserving cloud computing scheme based on homomorphic encryption, which achieves correctness, compatibility, and security. DPP implements data privacy-preserving by introducing homomorphic encryption. To verify the security of DPP, we instantiate DPP based on the Paillier homomorphic encryption scheme and evaluate the performance. The experiment results show that the time-consuming of the key steps in the DPP scheme is reasonable and acceptable.

Face verification is by far the most popular biometrics technology used for authentication since it is noninvasive and does not require the assistance of the user. In contrast, fingerprint and iris identification technologies require the help of a user during the identification process. Now the technology behind facial recognition has been around for years but recently as its grown more sophisticated is applications have expanded greatly. These days a third-party service provider is often hired to perform facial recognition. The sensitivity of face data raises important privacy concerns about outsourcing servers. In order to protect the privacy of users, this paper discusses privacy-preserving face recognition frameworks applied to different networks. In this survey, we focused primarily on the accuracy of face recognition, computation time, and algorithmic approaches to face recognition on edge and cloud-based networks.

Fraud detection is an integral part of financial security monitoring tool; however, the traditional fraud detection method cannot detect the existing malicious fraud, and the clouds will produce data revealing that the risk of fraud detection system can not protect the privacy of detected object, so the fraud detection data privacy security becomes a significant problem,Homomorphic encryption as a demonstrable cryptography cloud privacy computing outsourcing scheme can ensure that cloud computing can perform ciphertext polynomial calculation under the dense state data without direct contact with the accurate data of users, so as to ensure data privacy security. Aiming at the data privacy security problems in the process of fraud detection, this paper combined homomorphic encryption and Logistic regression fraud detection technology to study the Logistic regression fraud detection algorithm under homomorphic ciphertext and constructed a cloud privacy fraud detection method based on customer service and cloud computing services. CKKS encryption scheme is used to encrypt the fraud data set and realize the Logistic regression fraud detection algorithm under ciphertext. The experiment proves that the difference between the fraud detection accuracy on ciphertext and plaintext is less than 3\%. Under the condition of ensuring the privacy of sensitive data to be detected, the effect of the fraud detection model is not affected.

The problem of privacy protection of trajectory data has received increasing attention in recent years with the significant grow in the volume of users that contribute trajectory data with rich user information. This creates serious privacy concerns as exposing an individual’s privacy information may result in attacks threatening the user’s safety. In this demonstration we present T P 3 a novel practical framework for supporting trajectory privacy preservation in Mobile Cloud Environments (MCEs). In T P 3, non-expert users submit their trajectories and the system is responsible to determine their privacy exposure before sharing them to data analysts in return for various benefits, e.g. better recommendations. T P 3 makes a number of contributions: (a) It evaluates the privacy exposure of the users utilizing various privacy operations, (b) it is latencyefficient as it implements the privacy operations as serverless functions which can scale automatically to serve an increasing number of users with low latency, and (c) it is practical and cost-efficient as it exploits the serverless model to adapt to the demands of the users with low operational costs for the service provider. Finally, T P 3’s Web-UI provides insights to the service provider regarding the performance and the respective revenue from the service usage, while enabling the user to submit the trajectories with recommended preferences of privacy.

With the help of Voice-controlled Digital Assistants (VCDAs), end users can perform various tasks, such as creating shopping lists, setting reminders, or controlling smart home devices via voice commands. However, in multi-user environments, the different end users of VCDAs may not have access to the same controls to protect their privacy. The primary end users who set up VCDAs usually have full control over the data collected by VCDAs, including text transcripts and audio recordings of the other end users. In order for these secondary end users to gain access to privacy settings, they must also create an account with the appropriate manufacturer and accept an invitation from the primary end user to join the respective VCDA. As a result, they depend on the primary end user and the creation of a user account to be able to protect their privacy. Through a user account, however, personal information, such as name, address, or age can be linked to audio recordings, that poses additional privacy risks to secondary end users. For both primary and secondary end users, audio recordings are still maintained on cloud servers operated by manufacturers, resulting in a lack of transparency for all end users. In this paper, we thus propose an approach to improve the protection of both primary and secondary end users that reaches from the device set-up to its utilization. Our approach is based on the concept of a local registration and offline storage of voice commands.

A large number of establishments and organizations implement clouds to store their databases. More active attacks are used on clouds to get unauthorized access or to do harmful actions that may affect on user’s privacy. Therefore, many studies have proposed to increase the level of security in the clouds depended on several strategies. The behavior is one of the promising strategies that might prevent unauthorized or processes. In this paper, a set of features, are from several previous studies, and these features are based on the user activity and events in a special purpose cloud by which unauthorized process can be prevented and alert user about bad actions during his/her work in the cloud environment. The results of comparison show that the event-based features require less resources and time. Thus, they need to be enhanced by adding more informative features, or some available features form other strategies.

Cloud computing performs a significant part in sharing resources and data with other devices via data outsourcing. The data collaboration services, as a potential service given by the cloud service provider (CSP), is to assist the consistency and availability of the shared data amongst users. At the time of sharing resources, it is a complicated process for providing secure writing and access control operations. This study develops a Privacy Preserving Encryption with Optimal Key Generation Technique (PPE-OKGT) for CC environment. The presented PPE-OKGT technique secures the data prior to storing in the cloud sever via encryption process. For accomplishing this, the presented PPE-OKGT technique employs data encryption technology to secure the input data into a hidden format. Besides, in order to improve secrecy, the presented PPE-OKGT technique designs a chaotic search and rescue optimization (CSRO) algorithm for optimal generation of keys. The promising performance of the PPE-OKGT technique can be verified using a set of experimentations. A comprehensive comparison study reported the enhancements of the PPE-OKGT technique over other models.

Cloud computing platforms are the widely used state of the art platforms by various organizations. Data storage and data sharing services are the most widely used services in the cloud, while the maintenance of data integrity is a big challenge. A public cloud platform which is not reliable, users must generate digital signature of their data and then share generated signature for integrity auditing. Any attack on cloud can compromise the users valuable data which is most likely carried out by external entity. By generating signature we can write the rules of who can access update or delete the data. If data is updated by unauthorized user, then auditing can identify which data is compromised. Here we are using asymmetric keys that is when user upload his/her data over cloud then digital signature will get created with users private key, and when TPA (Third Party Auditor) wants to check the integrity of that users data then he can generate digital signature with users public key. Not only carried out low cost for data storage by compressing data but also established data access protocol to maintain data privacy.

The world has seen a quick transition from hard devices for local storage to massive virtual data centers, all possible because of cloud storage technology. Businesses have grown to be scalable, meeting consumer demands on every turn. Cloud computing has transforming the way we do business making IT more efficient and cost effective that leads to new types of cybercrimes. Securing the data in cloud is a challenging task. Cloud security is a mixture of art and science. Art is to create your own technique and technologies in such a way that the user should be authenticated. Science is because you have to come up with ways of securing your application. Data security refers to a broad set of policies, technologies and controls deployed to protect data application and the associated infrastructure of cloud computing. It ensures that the data has not been accessed by any unauthorized person. Cloud storage systems are considered to be a network of distributed data centers which typically uses cloud computing technologies like virtualization and offers some kind of interface for storing data. Virtualization is the process of grouping the physical storage from multiple network storage devices so that it looks like a single storage device.

The 5G technology ensures reliable and affordable broadband access worldwide, increases user mobility, and assures reliable and affordable connectivity of a wide range of electronic devices such as the Internet of Things (IoT).SDN (Software Defined Networking), NFV ( Network Function Virtualization), and cloud computing are three technologies that every technology provider or technology enabler tries to incorporate into their products to capitalize on the useability of the 5th generation.The emergence of 5G networks and services expands the range of security threats and leads to many challenges in terms of user privacy and security. The purpose of this research paper is to define the security challenges and threats associated with implementing this technology, particularly those affecting user privacy. This research paper will discuss some solutions related to the challenges that occur when implementing 5G, and also will provide some guidance for further development and implementation of a secure 5G system.

Privacy Policies - In the era of the Internet of things (IoT), smart logistics is quietly rising, but user privacy security has become an important factor hindering its development. Because privacy policy plays a positive role in protecting user privacy and improving corporate reputation, it has become an important part of smart logistics and the focus of express companies. In this paper, through the construction of the privacy policy evaluation index system of express companies, aiming at qualitative indicators that are difficult to evaluate, we introduce the cloud model evaluation method that can combine the qualitative and quantitative together, and comprehensively evaluate the privacy policy of five express companies in China from four indicators: general situation, user informed consent, information security control and personal rights protection. The results show that: Overall, the privacy policies of the five express companies have not reached the "good" level, and there is a certain gap between the privacy policies of different express companies. From the comparison of indicators, the five express companies generally score relatively good; However, the overall score of information security control index is relatively poor, and the other two indexes are quite different. Cloud model evaluation method has strong applicability for the evaluation of express company privacy policy, which provides a reference for improving the privacy policy formulation and improving the privacy protection level of China’s express delivery industry in the era of IoT.

Operating Systems Security - Design of the high-confidence embedded operating system based on artificial intelligence and smart chips is studied in this paper. The cooperative physical layer security system is regarded as a state machine. Relay nodes with untrusted behavior will affect the physical layer security of the system, and the system tries to prevent the untrusted behavior of relay nodes. While implementing public verification, it realizes the protection of data privacy. The third party can directly verify the data holding of the data stored in the cloud without verification by the user, and in the process of system expansion and growth, software can ensure vigorous vitality. For the verification, the smart chips are combined for the systematic implementations. The experimental results have shown the satisfactory results.

Multifactor Authentication - Cloud computing is a breakthrough advancement that provides ubiquitous services over the internet in an easy way to distribute information offering various advantages to both society and individuals. Recently, cloud technology has eased everyone’s life more favorable. However, privacy-preservation is an important issue to be tackled effectively in cloud environment while retrieving data services. Numerous techniques have been developed so far to verify user identity by exploiting authentication factor, whereas such techniques are inefficient and they are easily susceptible to unknown users and attacks. In order to address such problems, a multifactor authentication scheme is proposed using Hashing, Chebyshev polynomial, Key and OneTime Token (HCK-OTT) based multifactor authentication scheme for privacy-preserved data security in cloud. The entities involved in this proposed approach for effective authentication are user, cloud server, and data owner. The model is developed by considering various functionalities, such as encryption, Elliptic Curve Cryptography (ECC), XOR, and hashing function. The proposed HCK-OTT-based multifactor authentication scheme has achieved a minimum value of 22.654s for computational time, 70.5MB for memory usage, and 21.543s for communication cost with 64 bit key length.

Multifactor Authentication - With the growth of the number in smart devices based on IoT, keeping a secure data processing among them has become even more significant in cloud computing. However, a high security is needed to protect the huge amount of data privacy. In this regard, many authentication approaches are presented in IoT-Cloud-based Architecture. However, computation, latency, and security strength are major issues to provide authentication for users. We propose the Multifactor Scalable Lightweight Cryptography for IoTCloud to enhance security to protect the user or organization s information. The non-sensitive and sensitive data are generated from IoT devices and stored in our proposed hybrid public and private cloud after the encryptions. Hence, encryptions for public cloud and private cloud data are done by Digital Signature Algorithm and Policy based Attribute encryption algorithm with Moth fly optimization. This optimization is chosen as the key parameter efficiently. The three multifactors are then used to perform the three levels of authentication by Trust based Authentication Scheme. Following this, the proposed multifactor authentication is simulated and compared with existing approaches to analyze the performance in terms of computational and execution time and security strength. As a result, the proposed method is shown 97\% of security strength and minimum computation and execution time than other conventional approaches.

Internet-scale Computing Security - Cloud computing provides customers with enormous compute power and storage capacity, allowing them to deploy their computation and data-intensive applications without having to invest in infrastructure. Many firms use cloud computing as a means of relocating and maintaining resources outside of their enterprise, regardless of the cloud server s location. However, preserving the data in cloud leads to a number of issues related to data loss, accountability, security etc. Such fears become a great barrier to the adoption of the cloud services by users. Cloud computing offers a high scale storage facility for internet users with reference to the cost based on the usage of facilities provided. Privacy protection of a user s data is considered as a challenge as the internal operations offered by the service providers cannot be accessed by the users. Hence, it becomes necessary for monitoring the usage of the client s data in cloud. In this research, we suggest an effective cloud storage solution for accessing patient medical records across hospitals in different countries while maintaining data security and integrity. In the suggested system, multifactor authentication for user login to the cloud, homomorphic encryption for data storage with integrity verification, and integrity verification have all been implemented effectively. To illustrate the efficacy of the proposed strategy, an experimental investigation was conducted.

Internet of Vehicles Security - With the development of urbanization, the number of vehicles is gradually increasing, and vehicles are gradually developing in the direction of intelligence. How to ensure that the data of intelligent vehicles is not tampered in the process of transmission to the cloud is the key problem of current research. Therefore, we have established a data security transmission system based on blockchain. First, we collect and filter vehicle data locally, and then use blockchain technology to transmit key data. Through the smart contract, the key data is automatically and accurately transmitted to the surrounding node vehicles, and the vehicles transmit data to each other to form a transaction and spread to the whole network. The node data is verified through the node data consensus protocol of intelligent vehicle data security transmission system, and written into the block to form a blockchain. Finally, the vehicle user can query the transaction record through the vehicle address. The results show that we can safely and accurately transmit and query vehicle data in the blockchain database.

Research done in Facial Privacy so far has entrenched the scope of gleaning race, age, and gender from a human’s facial image that are classifiable and compliant biometric attributes. Noticeable distortions, morphing, and face-swapping are some of the techniques that have been researched to restore consumers’ privacy. By fooling face recognition models, these techniques cater superficially to the needs of user privacy, however, the presence of visible manipulations negatively affects the aesthetic of the image. The objective of this work is to highlight common adversarial techniques that can be used to introduce granular pixel distortions using white-box and black-box perturbation algorithms that ensure the privacy of users’ sensitive or personal data in face images, fooling AI facial recognition models while maintaining the aesthetics of and visual integrity of the image.

The cloud provides storage for users to share their files in the cloud. Nowadays some shared data auditing schemes are proposed for protecting data integrity. However, preserving the identity privacy of group users and secure user revocation usually result in high computational overhead. Then a shared data auditing scheme supporting identity privacy preserving is proposed that enables users to be effectively revoked. To preserve identity privacy during the audit process, we develop an efficient authenticator generation mechanism that enables public auditing. Our solution supports efficient user revocation, where the authenticator of the revoked user does not need to be regenerated and integrity checking can be performed appropriately. At the same time, the group manager maintains two tables to ensure user traceability. When the user updates data, two tables are modified and updated by the group manager promptly. It shows that our scheme is secure by security analysis. Moreover, concrete experiments prove the performance of the system.

Cloud computing provides customers with enormous compute power and storage capacity, allowing them to deploy their computation and data-intensive applications without having to invest in infrastructure. Many firms use cloud computing as a means of relocating and maintaining resources outside of their enterprise, regardless of the cloud server's location. However, preserving the data in cloud leads to a number of issues related to data loss, accountability, security etc. Such fears become a great barrier to the adoption of the cloud services by users. Cloud computing offers a high scale storage facility for internet users with reference to the cost based on the usage of facilities provided. Privacy protection of a user's data is considered as a challenge as the internal operations offered by the service providers cannot be accessed by the users. Hence, it becomes necessary for monitoring the usage of the client's data in cloud. In this research, we suggest an effective cloud storage solution for accessing patient medical records across hospitals in different countries while maintaining data security and integrity. In the suggested system, multifactor authentication for user login to the cloud, homomorphic encryption for data storage with integrity verification, and integrity verification have all been implemented effectively. To illustrate the efficacy of the proposed strategy, an experimental investigation was conducted.

Although the public cloud is known for its incredible capabilities, consumers cannot totally depend on cloud service providers to keep personal data because to the lack of client maneuverability. To protect privacy, data controllers outsourced encryption keys rather than providing information. Crypt - text to conduct out okay and founder access control and provide the encryption keys with others, innate quality Aes (CP-ABE) may be employed. This, however, falls short of effectively protecting against new dangers. The public cloud was unable to validate if a downloader could decode using a number of older methods. Therefore, these files should be accessible to everyone having access to a data storage. A malicious attacker may download hundreds of files in order to launch Economic Deny of Sustain (EDoS) attacks, greatly depleting the cloud resource. The user of cloud storage is responsible for paying the fee. Additionally, the public cloud serves as both the accountant and the payer of resource consumption costs, without offering data owners any information. Cloud infrastructure storage should assuage these concerns in practice. In this study, we provide a technique for resource accountability and defense against DoS attacks for encrypted cloud storage tanks. It uses black-box CP-ABE techniques and abides by the access policy of CP-arbitrary ABE. After presenting two methods for different parameters, speed and security evaluations are given.

With the advent of the era of Internet of Things (IoT), the increasing data volume leads to storage outsourcing as a new trend for enterprises and individuals. However, data breaches frequently occur, bringing significant challenges to the privacy protection of the outsourced data management system. There is an urgent need for efficient and secure data sharing schemes for the outsourced data management infrastructure, such as the cloud. Therefore, this paper designs a dual-server-based data sharing scheme with data privacy and high efficiency for the cloud, enabling the internal members to exchange their data efficiently and securely. Dual servers guarantee that none of the servers can get complete data independently by adopting secure two-party computation. In our proposed scheme, if the data is destroyed when sending it to the user, the data will not be restored. To prevent the malicious deletion, the data owner adds a random number to verify the identity during the uploading procedure. To ensure data security, the data is transmitted in ciphertext throughout the process by using searchable encryption. Finally, the black-box leakage analysis and theoretical performance evaluation demonstrate that our proposed data sharing scheme provides solid security and high efficiency in practice.

With the rapid innovation of cloud computing technologies, which has enhanced the application of the Internet of Things (IoT), smart health (s-health) is expected to enhance the quality of the healthcare system. However, s-health records (SHRs) outsourcing, storage, and sharing via a cloud server must be protected and users attribute privacy issues from the public domain. Ciphertext policy attribute-based encryption (CP-ABE) is the cryptographic primitive which is promising to provide fine-grained access control in the cloud environment. However, the direct application of traditional CP-ABE has brought a lot of security issues like attributes' privacy violations and vulnerability in the future by potential powerful attackers like side-channel and cold-bot attacks. To solve these problems, a lot of CP-ABE schemes have been proposed but none of them concurrently support partially policy-hidden and leakage resilience. Hence, we propose a new Smart Health Records Sharing Scheme that will be based on Partially Policy-Hidden CP-ABE with Leakage Resilience which is resilient to bound leakage from each of many secret keys per user, as well as many master keys, and ensure attribute privacy. Our scheme hides attribute values of users in both secret key and ciphertext which contain sensitive information in the cloud environment and are fully secure in the standard model under the static assumptions.

Documents are a common method of storing infor-mation and one of the most conventional forms of expression of ideas. Cloud servers store a user's documents with thousands of other users in place of physical storage devices. Indexes corresponding to the documents are also stored at the cloud server to enable the users to retrieve documents of their interest. The index includes keywords, document identities in which the keywords appear, along with Term Frequency-Inverse Document Frequency (TF-IDF) values which reflect the keywords' relevance scores of the dataset. Currently, there are no efficient methods to delete keywords from millions of documents over cloud servers while avoiding any compromise to the user's privacy. Most of the existing approaches use algorithms that divide a bigger problem into sub-problems and then combine them like divide and conquer problems. These approaches don't focus entirely on fine-grained deletion. This work is focused on achieving fine-grained deletion of keywords by keeping the size of the TF-IDF matrix constant after processing the deletion query, which comprises of keywords to be deleted. The experimental results of the proposed approach confirm that the precision of ranked search still remains very high after deletion without recalculation of the TF-IDF matrix.

At present, cloud service providers control the direct management rights of cloud data, and cloud data cannot be effectively and assured deleted, which may easily lead to security problems such as data residue and user privacy leakage. This paper analyzes the related research work of cloud data assured deletion in recent years from three aspects: encryption key deletion, multi-replica association deletion, and verifiable deletion. The advantages and disadvantages of various deletion schemes are analysed in detail, and finally the prospect of future research on assured deletion of cloud data is given.