Models of Information System Security

Models of data System SecurityPeople who use the application will be made to install distinct levels of gateways and irreverent meters in their homes. The main security issue occurs at the authentication of these gateways and smart meters. Each smart plait will be provided with an IP address. Attack derriere happen on these devices by insurance coverage false readings on the smart meters, spoofing the IP address. There ar almost solution for the authentication problem. public key infrastructure hind end be employ in this case. Dieffie-Hellman key exchange proposes that smart meters fecal matter encrypt the data before it sends it to conceal devices, Then the device atomic number 18 made to decrypt the data. Intrusions in smart grid stand be detected by using a signature base method where any discrepancy in the pattern can be detected and raise a flag on possible misbehaviors.Biometric authentication is the most beneficial authentication method that could be utilise t o provide accessibility. Biometric authentication like fingerprint authentication, facial recognition, eye retina recognition, etc. can be utilize in muddiness calculate based authentication. There could be discrepancy in the authentication through man in the pith attack, mitigation of data theft, etc. Techniques based on infrastructure much(prenominal) as Public Key Infrastructure (PKI) could be made to solve the problem, blasphemeed executed surroundings (TEE) can also be considered in fog cloud computing. Measurement based method can be used to filter fake or unqualified fog cloud that is not within the vicinity of the end users which in turn will reduce the authentication cost.4.2 USER ACCESS AND rape DETECTIONProviding a control to access smart devices and cloud has always been a reliable diaphysis which ensure the security of the system. Access control on cloud is achieved by exploiting techniques of several encryption schemes to attain a access control in cloud co mputing. Intrusion detection techniques imbibe been applied to relieve attacks on virtual machine or hypervisor. Those intrusion detection systems can be applied on host machine to detect intrusions.4.3 PRIVACYSince storage and computation atomic number 18 sufficient for both sides in a fog cloud , privacy-preserving techniques can be proposed. Privacy preservation algorithms can be line in between the fog and cloud since computation and storage are sufficient for both sides. We get hold of privacy preserving techniques because users these days are more concerned about the risk of privacy leakage. Fog client usually collects data generated by sensor and end devices. Techniques like homomorphic encryption can be used to allow privacy-preserving aggregation at the local gateways without decryption. For statistical queries differential privacy method can be applied to ensure privacy of an arbitrary single entry in the data set.4.4 TRUST presentIn services like eCommerce, peer-to -peer (P2P), user reviews and online social net die hards theme based trust model can be successfully implemented. Reputation based trust model is a simple method where parties are made rate each other after parties give their ratings a trust or reputation score is derived from the rates. A robust reputation system was proposed for resource selection in P2P networks using a distributed polling algorithm to assess the reliability of a resource. We will have to tackle issues like , how to achieve opinionated , unique and distinct indistinguishability , how to treat intentional and accidental misbehavior. Apart from the models discussed above there are also trusting models based on special hardware such as Secure constituent (SE), trusted Execution Environment (TEE) , or Trusted Platform Module (TPM), which can provide trust utility in fog computing applications.4.5 POLICY DRIVEN SECURITYPolicy collaboration is an grievous section in the middle layer of a fog computing model. Poli cy collaboration is introduced to nurture plug sharing and communication in a distributed environment. Since fog computing also involves communication with a physical component interaction this requirement gives rise to a new set of security problems which involves identity management, resource access management, dynamic load balancing, quality of service etc. Policy driven manakin consists if the following modules.Policy decision engine This module is programmed to make aggregated decisions on data provided by all components. Based on service requested by the target user, this engine analyzes the rules defined in insurance deposit and generates a decision which is later on enforced.Application administrator The multi-tenant nature of the fog computing paradigm raises the requirement for an administrator to define policies and rules that bind a user to applications and allow secure collaboration and migration of client data across multiple functions that are owned by the appli cation.Policy repository A secure repository consisting of rules and policies which are referred by the Policy Decision engine while policy decision is made is called policy repository.Policy enforcer policy enforcer is the most active component of the policy management framework . It resides within a virtual instance or cloud computing data center or within physical device such as mobile device , GPS system and connected vehicles.4.6 MAN IN THE MIDDLE ATTACKThis is the most typical attack in fog computing. In this type of attack gateways serving as fog devices may be compromised or replaced by fake ones.Environment settings of stealth test Man in the middle attack can be very stealthy in fog computing paradigm. This type of attack will engage very less resource in fog devices like , paltry CPU utilization and negligible memory consumption. Therefore traditional methods cannot exposeman in the middle attack.Man in the middle attack is simple to be launched but difficult to be ad dressed. Many applications running in fog computing environment are vulnerable to man in the middle attack. In future work is needed to address man-in-the middle attack in fog computing4.7 MITIGATION OF DATA thieveryCloud computing faces new data security challenges. Existing protection mechanisms like encryption havent reached their observe in preventing theft attacks. To overcome it , a new technique was proposed monitor data access in the cloud and detect abnormal data access patterns. When unauthorized access is suspected and then corroborate using challenge question , a dis instruction attack by returning large amounts of tricky information to the attacker. This protects against the misuse of the users real data. drug user behavior profiling owners or authorized users of a computer systems are usually familiar with the files on the system .So any search on the files is limited and will have a pattern. When the data is accessed illegitimately there might be a familiar structu re in contents of file system. This abnormal search behaviors that exhibit variations are monitored.Decoy technology Trap files are placed within the file system. The trap files are downloaded by user are placed in highly conspicuous locations that are not like to cause interference with normal activity of the system. User who is not familiar with the file system is most likely to access the decoy files ,if the user is in for sensitive documents. So they can be trapped by using bait files.In some cases both these techniques can be combined to safeguard the data from theft.