Ali A. Yassin

Cloud authentication based on encryption of digital image using edge detection

The security of cloud computing is the most important concerns that may delay its well-known adoption. Authentication is the central part of cloud security, targeting to gain valid users for accessing to stored data in cloud computing. There are several authentication schemes that based on username/password, but they are considered weak methods of cloud authentication. In the other side, images digitization becomes highly vulnerable to malicious attacks over cloud computing. Our proposed scheme focuses on two-factor authentication that used image partial encryption to overcome above aforementioned issues and drawbacks of authentication schemes. Additionally, we use a fast partial image encryption scheme using Cannys edge detection with symmetric encryption is done as a second factor. In this scheme, the edge pixels of image are encrypted using the stream cipher as it holds most of the images data and then we applied this way to authenticate valid users. The results of security analysis and experimental results view that our work supports a good balance between security and performance for image encryption in cloud computing environment.

Secure and efficient e-health scheme based on the Internet of Things

Internet of Things is a new generation of network service platform that allows everyday objects including small devices in sensor networks to be capable of connecting to the internet. Such an innovative technology can lead to positive changes in human life. An e-health service based on the Internet of Things has great potential. The popularity of intelligent mobile medical devices, wearable bio-medical sensor devices, cloud computing, and big data analysis have dramatically changed the usage pattern and business rule of e-health services based on the Internet of Things. The rapid development of e-health services based on the Internet of Things poses risks in security and privacy. In this study, we propose a new security scheme for an e-health service. This scheme allows both the local base station and hospital cloud server to authenticate each other, to secure the collection of health data. Our scheme uses the crypto hash function to check the integrity of authentication exchanges. In addition, it provides mutual authentication with anonymity and terminates with a session key agreement between each local base station and the hospital cloud server. To assess our scheme, we conduct performance and security analysis. Results show that our scheme is secure, lightweight, and resistant to different types of attacks.

An efficient and robust one-time message authentication code scheme using feature extraction of iris in cloud computing

Cloud computing suffers from a number of problems in terms of security issues. Authentication and integrity play an important role in the security field and numerous concerns have been raised to recognizeor protect any tampering with exchanges of text between two entities (sender and receiver) within the cloud environment. Many schemes in this area can be vulnerable to well known methods of attack such as replay attack, forgery attack, dictionary, insider, and modification attacks. A robust scheme is therefore required to detect or prevent any modification or manipulation of a message during transmission. In this paper, we propose a new message authentication code (MAC) based on feature extraction of the users iris in order to assure the integrity of the users message. Features are extracted from the users iris to generate a message code for each users login and to prohibit malicious attacks such as replay, forgery and insider attacks. Our proposed scheme enjoys several important security attributes such as a users one time bio-key, robust message anonymity, data integrity for a users message, phase key agreement, bio-key management,and one time message code for each users session. Finally, our security analysis and experimental results demonstrate and prove the invulnerability and efficiency of our proposed scheme.

New data integrity scheme employing wavelet-based digital watermarking in cloud environment

The cloud is an on-demand service provided to users through the Internet. Security has become one of the key problems in the cloud because of the increasing number of users. Many challenges in cloud security need to be resolved. This work focuses on data integrity as one of these security challenges because when users remotely save their data in a cloud, they lose their control on them. Many researchers have presented solutions and developed security frameworks. However, to date, no guarantee has been established with regard to the retention of stored data in a cloud. A novel and unique data integrity scheme employing wavelet-based digital watermarking is developed in this paper. A parallel pre-processing technique is presented to obtain metadata by selecting a set of discrete wavelet transform coefficients and then securely embedding them with users file data blocks. We employ wavelet-based digital watermarking to produce metadata for the development of a secure scheme of data storage and verification in a cloud. As a result, digital watermarking is a strong technique that effectively prevents stored data from being intercepted and properly detects data tampering. The proposed scheme can support data dynamics because the cloud user needs to manipulate his or her data. This scheme is sufficiently robust to introduce a good starting point for data integrity in the cloud environment.

Robust image document authentication code with autonomous biometrie key generation, selection, and updating in cloud environment

Recently, security issues are obstructing the development and using of cloud computing services. Authentication and integrity play an important role in the cloud security, and numerous concerns have been raised to recognize any tampering with exchanges of the image document between two entities (sender and receiver) within the cloud environment. However, none of the existing solutions reduce the probability of known attacks by combining cryptographic hash function with a strong factor that should be periodically changed. For this reason, in this paper we propose a robust one-time image document authentication scheme based on combining non-interactive onetime biometric key and a robust wavelet-based cryptographic hashing scheme. The result of the combination is one-time image document authentication code (OMAC). OMAC is hidden in an image document as a cover image through reversible data embedding steganography. The proposed scheme has several important security attributes, such as key agreement, biometric key management, robust OMAC, invulnerability, and efficiency. In biometric key management, key generation, key selection, and key update algorithms are performed autonomously by the sender and the receiver; thus, no interaction between them is needed.

Public auditing for secure data storage in cloud through a third party auditor using modern ciphertext

Outsourced data in cloud and computation results are not always trustworthy because data owners lack physical possession and control over the data as a result of virtualization, replication, and migration techniques. Protecting outsourced data from security threats has become a challenging and potentially formidable task in cloud computing; hence, many schemes have focused on ameliorating this problem and on enabling public auditability for cloud data storage security. These schemes drop into two categories: total computation cost and burden on client side. Researchers have used bilinear map technology with public key cryptography. Although this technology is highly efficient, computation time is long and overhead cost is high. The client needs to perform numerous computations to ensure the integrity of data storage. To reduce auditing cost, we propose an efficient and robust scheme to maintain data integrity in cases that involve public auditing. Our scheme adopts modern cipher cryptography with a cryptographic hash function. We consider allowing a third party auditor to preprocess data on behalf of cloud users before uploading them to cloud service providers and then verifying data integrity afterward. Our proposed scheme has important security characteristics, such as privacy, key management, low cost computation, key exchange, low overhead cost, no burden on client side, inability of cloud service providers to create correct verifier respond without data, and one-time key. Finally, efficiency analysis shows that our scheme is faster and more cost-efficient than the bilinear map-based scheme.