Скачать книгу

(For Compression of Data)

Snapshot of the before compression of data raw data. Snapshot of the after compression of data compressed data.

      1.5.3 Availability Zone

      The high latency is faced by the user if the user tries to access the application far away from an availability zone. However, having multiple availability zones, the users get the choice of using the closest zone from their location, as the compute instances can be cloned in multiple availability zones. In this way, the latency is 1–2 ms maximum, highly decreased.

      1.5.4 Data in Transit (Encryption)

      Encrypt and decrypt data blocks of varying sizes from 0.5 to 20 MB). Experiments performed on ECB and CBC modes. In ECB mode, DES algorithm takes 4 s for a 20-MB data block. In CBC mode, the time taken by the DES algorithm on a 20-MB data block is slightly more than ECB. Due to its key-chaining nature, more processing time is required. The average difference between CBC and EBC is 0.059896 s.

      On both ECB and CBC modes, AES algorithm takes approximately 16 s for the same 20-MB block for encryption and decryption.

      1.5.5 Data in Rest (Encryption)

      AES encryption algorithm provides security and speed. It is the most efficient symmetric algorithm because AES-256 bit encryption can produce 2256 keys. To understand this thing, 232 is about 4.3 billion and it exponentially grows after that. We can assume this to be 250 keys per second (approximately one quadrillion keys/second a very plentiful assumption). One year is equal to 31,557,600 s (approximately). That means one billion supercomputers are required to check about 275 keys per year, while the age of the universe is 234 years only which is less than .01% of the entire key possible. Thus, it is practically not possible to figure out the AES-256 bit key. In addition, apart from that we are also using SHA-512 for extra protection of data. In real world, imagining a CPU like “Intel Xeon L5630” has four core, each core an process 610 MB/s of AES-256 bit data, i.e., around 2,440 MB/s which is enough for encryption and decryption data of 10 gigabit. The SHA-512 bit in “Intel Core 2” of 1.83 GHz process under Windows Vista in 32 bit node takes 99 MiB/s and 17.7 cycles per byte. Thus, the cloud does not get overwhelmed for encryption of huge data.

      Blowfish is a symmetric encryption algorithm. During encryption and decryption, data blocks or cipher blocks are divided into fixed lengths. We can think of Blowfish for our future research because it provided remarkable results on ECB and CBC modes having the lowest latency among AES and DES with just around 3 s in both the modes, whereas AES had a whooping latency of around 16 s. One noticeable thing is that Blowfish has a 448 long key yet it outperformed other encryption algorithms [15].

      We can think of reducing the Lambda Execution time by putting the dependency files in a separate library so deployment packages can be unpacked faster. Distribution of files according to deployment packages and function’s code class files in a separate file reduces Lambda Execution time than keeping everything in a single large file with too many class files having function’s code as Lambda has to execute the full large file then.

      In our proposed model, we have suggested a system where data entry, data modification, and data management all are done through a client side application through which the data can be encrypted and sent over to the server side application. From the data encryption at transit to the data encryption at rest, everything is managed by the application itself. Here, in the suggested system design, we have implemented our concept in the form of an enterprise application to be used for communication between multiple levels of users. We have implemented a role-based access control/identity-based access control concept, depending on which different authorizations are allotted, which can be customized by higher levels of roles. Comparing with the existing systems, our system design is robust, scalable, and durable. The load is balanced between multiple availability zones, read-replicas are deployed, and autoscaling groups are deployed keeping the sudden increase of users in mind. Our system design proposes a much more secure way of transmission of classified data across networks, thus keeping the integrity of the data durable.

      1. Khan, W.Z. et al., “Data and Privacy: Getting Consumers to Trust Products Enabled by the Internet of Things,” IEEE Consum. Electron. Mag., 8, 2, 35–38, 2019.

      2. Khan, W.Z. et al., “Enabling Consumer Trust Upon Acceptance of IoT Technologies through Security and Privacy Model,” in: Advanced Multimedia and Ubiquitous Engineering, pp. 111–17, Springer, Jazan University, Jizan, Saudi Arabia, 2016.

      3. Tripathi, A. and Mishra, A., “Cloud Computing Security Considerations”. IEEE International Conference on Signal Processing, Communications and Computing (ICSPCC), 2011.

      4. Rahaman, M.A., Schaad, A., Rits, M., Towards secure SOAP message exchange in a SOA, in: SWS ‘06: Proceedings of the 3rd ACM workshop on Secure Web Services, New York, NY, USA, ACM Press, pp. 77–84, 2006.

      5. Chomsiri, T., HTTPS Hacking Protection. 21st International Conference on Advanced Information Networking and Applications Workshops (AINAW’07), Niagara Falls, ON, Canada, May 21-23, 2007, vol. 1, pp. 590–594, 2007, doi:10.1109/ainaw.2007.200.

      6. Sighom, J.R.N., Zhang, P., You, L., “Security Enhancement for Data Migration in the Cloud”. Multidisciplinary Digital Publishing Institute (MDPI), 9, 23, 1–13, 2017.

      7.