Towards Cloud to Device Push Messaging on Android:Technologies,Possibilities and Challenges

In this paper we look at different push messaging alternatives available for Android. Push messaging provides an important aspect of server to device communication, and we specifically focus on the integration of cloud computing with mobile devices through the use of push-based technologies. By conducting a benchmarking test, we investigate the performance of four relevant push technologies for the Android platform, namely C2DM, XMPP, Xtify and Urban Airship. The comparison focuses on three aspects of the libraries: 1) The stability;2) Response times;and 3) Energy consumption. The test is conducted on both WLAN and 3G, and includes several mobile device types. Additionally, we also integrate with the Google App Engine to provide the cloud integration server that is responsible for sending push messages to the mobile devices.

ETP-AKEP: enhanced three-party authenticated key exchange protocols for data integrity in cloud environments

With key exchange protocols, a secure session key is generated between two remote users, andservers and exchanged between them. It is generally used to prevent unauthorised users fromgaining access to sensitive data. This article presents an enhanced three-party authenticated keyexchange protocols (ETP-AKE) protocol that does not depend on symmetric key encryption andinstead uses asymmetric key encryption. A key component of the proposed ETP-AKE protocol isusing elliptic curve encryption in conjunction with a one-way hash function. Its integrity certificationwas confirmed via the usage of the AVISPA tool package. Our proposed protocol is intendedto protect against various security threats, including the man-in-the-middle assault, the parallelattack, and the key-compromise attack, among others.

Public Auditing for Encrypted Data with Client-Side Deduplication in Cloud Storage

Storage auditing and client-side deduplication techniques have been proposed to assure data integrity and improve storage efficiency, respectively. Recently, a few schemes start to consider these two different aspects together. However, these schemes either only support plaintext data file or have been proved insecure. In this paper, we propose a public auditing scheme for cloud storage systems, in which deduplication of encrypted data and data integrity checking can be achieved within the same framework. The cloud server can correctly check the ownership for new owners and the auditor can correctly check the integrity of deduplicated data. Our scheme supports deduplication of encrypted data by using the method of proxy re-encryption and also achieves deduplication of data tags by aggregating the tags from different owners. The analysis and experiment results show that our scheme is provably secure and efficient.

Trusted domain hierarchical model based on noninterference theory

To ensure the integrity and security of cloud tenants＇ workload, and to prevent unexpected interference among tenants, cloud platform must make sure that system behaviors are trusted. By analyzing threats that exist in the cloud platform, a novel trusted domain hierarchical model（TDHM） based on noninterference theory was proposed in this paper to solve these problems. First of all, the abstraction modeling of tenants＇ computing environment and trusted domain（TD） were introduced for designing TDHM with formal methods. Secondly, corresponding constraints for trusted running were given to satisfy security requirements of tenants＇ TD, and security properties of TDHM ware analyzed. After that, trusted behavior of TD was defined based on these properties, and the decision theorem of that was proved. It illustrated that the design and implementation of TD in cloud followed the model with characteristics of trusted behavior. Finally, the implementation of prototype system was introduced based on our previous work, and evaluation results showed that the performance loss was in the acceptable range.