نوع المشرف

مشرف رئيسي

تاريخ الاشراف على الرسالة من

2018

الى

2019

اسم الطالب

Shajan Shammed

ملخص الرسالة

Due to the abundance of data that needs large storage space in various fields, cloud computing has become a haven for many companies, institutions, and many other companies. Despite all the benefits, cloud computing faces many challenges in many areas including security and privacy issues. The main problems concern how to maintain data stored in the cloud, and how to gain customer confidence. All these security issues and privacy issues encourage us to propose a developed approach that contributes to increasing security and privacy in a cloud environment. In this work, the developed approach is proposed to solve three security and privacy issues. Malware and Network Intrusion Detection (NID), privacy and access control to prevent unauthorized users from accessing client’s data without their permission, and data integrity to prevent data updating and modification without data owner awareness. To solve NID problem, a set of normal-access rules is generated based on the CIC-IDS2017 dataset, at which a data mining approach (decision tree J48) is used to improve the classification accuracy and reduce feature-set before generating a set of rules that are used to detect normal-access records. The system accuracy reaches 99.8%, which outperforms (or is comparable) to previous related research. To preserve privacy and access control, a set of policies stick to the data file by the owner utilizing the sticky policy approach. Data is encrypted using Advanced Encryption Standard (AES) ciphering algorithm as the second level of data protection to preserve privacy. Finally, a simple blockchain approach is used to preserve data integrity, at which the data owner identifies a set of trustees (chain list) along with a more confident level of accessing policies. A data modification done by a trusty member (chain member) will be reported to all trusty groups including the owner. This will preserve auditing data changing (by who, when, in addition to the last data updates). The developed approach is a privacy and data integrity service (PDIS) layer to be part of the cloud computing main service model. The proposed service layer is placed on top of the other service layers. PDIS is a private infrastructure deployment model, which is managed and maintained in an organization. Finally, a web-based application is implemented to function as a case study to check the flow control of the proposed PDIS.