Faculty Publications

Permanent URI for this communityhttps://idr.nitk.ac.in/handle/123456789/18736

Publications by NITK Faculty

Browse

Subject: search.filters.subject.Cloud security

Search Results

Now showing 1 - 2 of 2
  • No Thumbnail Available
    Item
    Risk based access control in cloud computing
    (Institute of Electrical and Electronics Engineers Inc., 2016) Lakshmi, H.; Namitha, S.; Seemanthin; I Gopalan, S.; Sanjay, H.A.; Chandrashekaran, K.; Bhaskar, A.
    Cloud computing is one of the most trending technologies of today. Most of the resources we use on an everyday basis are stored online as cloud storage. Our files, which have sensitive information, are accessible on valid authentication. When we consider the large scale organizations who host several servers to store their data, we also need to consider the possibility of insider attacks. Data security and integrity is of utmost importance in any organization. Insider attacks mainly focus on exploiting this data. Our model which implements risk based access control takes into consideration several parameters that assess the individual's risk. Access is provided to the user only if his/her risk value is lesser than the threshold risk. Therefore, any possibility of insider threat such as buffer overflow and session hijacking attack is tackled before it occurs. Our model allows a maximum risk of 70% which means that even at the worst case scenario, 30% of the data is still secure. There is a huge potential for future enhancement. © 2015 IEEE.
  • No Thumbnail Available
    Item
    Mitigation of cross-site scripting attacks in mobile cloud environments
    (Springer Verlag service@springer.de, 2019) Madhusudhan, R.; Shashidhara
    Cross-Site Scripting (XSS) is one of the dangerous and topmost web attacks as stated by recent surveys. XSS vulnerability arises, when an application deployed in a cloud, accept information from uncertain origin without an input validation, allowing the execution of dynamic content. XSS vulnerabilities may cause serious security violations in web and mobile cloud-based applications. In general, Cross-Site Scripting bugs are very easy to accomplish, but hard to discover and mitigate, because of the flexibility of encoding schemes like HTML encoding, which offers the adversary numerous chances to bypass the filters that should block dangerous content from being inserted into relied websites. In order to mitigate XSS vulnerability of a web application in the mobile cloud, a novel approach is presented, which successfully identifies the JavaScript-driven XSS attacks. In addition, we focus on, initiating a client-side Cross-Site Scripting attack discovery and mitigation technique known as Secure XSS layer based on the placement of sanitizers in the inserted malicious code. © Springer Nature Singapore Pte Ltd. 2019.