According to a Forbes' report published in 2015, cloud-based security spending is expected to increase by 42%. According to another research, the IT security expenditure had increased to 79.1% by 2015, showing an increase of more than 10% each year. International Data Corporation (IDC) in 2011 showed that 74.6% of enterprise customers ranked security as a major challenge. This paper summarizes a number of peer-reviewed articles on security threats in cloud computing and the preventive methods. The objective of our research is to understand the cloud components, security issues, and risks, along with emerging solutions that may potentially mitigate the vulnerabilities in the cloud. It is a commonly accepted fact that since 2008, cloud is a viable hosting platform; however, the perception with respect to security in the cloud is that it needs significant improvements to realise higher rates of adaption in the enterprise scale. As identified by another research, many of the issues confronting the cloud computing need to be resolved urgently. The industry has made significant advances in combatting threats to cloud computing, but there is more to be done to achieve a level of maturity that currently exists with traditional/on-premise hosting. (c) 2017 The Authors. Published by Elsevier B.V.

OpenID is widely being used for user centric identity management in many Web applications. OpenID provides Web users with the ability to manage their identities through third party identity providers while remaining independent of the subject that actually uses the identities to authenticate individuals. Starting from the early stages of its inception, OpenID has received a large amount of acceptance and use in the current Web community because of its flexibility and ease of use. However, in addition to its benefits and flexibilities, OpenID faces its own share of vulnerabilities and threats, which have made its future and large-scale use in cyberspace questionable. OpenID Phishing is one such attack that has received much attention and that requires a comprehensive solution. This paper aims at identifying and discussing a solution to OpenID Phishing by proposing a user authentication scheme that allows OpenID providers to identify a user using publicly known entities. The research will help in next-generation cyber security innovations by reducing the authentication dependency on user credentials, that is, login name/password. The authentication scheme is also validated through detailed descriptions of use cases and prototype implementation. Copyright (c) 2014 John Wiley & Sons, Ltd.

In recent years, Body Area Networks (BANs) have gained immense popularity in the domain of healthcare as well as monitoring of soldiers in the battlefield. Security of a BAN is inevitable as we secure the lives of soldiers and patients. In this paper, we propose a security framework using Keyed-Hashing Message Authentication Code (HMAC-MD5) to protect the personal information in a BAN. We assume a network in which nodes sense physiological variables such as electrocardiography (EKG), electroencephalography (EEG), pulse oximeter data, blood pressure and cardiac output. Heterogeneous wireless sensor network is considered which consists of a powerful High-end sensor (H-sensor) and several Low-end sensors (L-sensors). EKG is used for secure communication between nodes as it introduces plug and play capability in BANs. The process is made secure by applying HMAC-MD5 on EKG blocks. Key agreement is done by comparing HMAC of feature blocks between sensors resulting in a more secure network. The analysis is done by calculating the entropy of keys and checking the randomness of EKG data using NIST-randomness testing suite.

Wireless sensor networks (WSNs) are vulnerable to different types of security threats that can degrade the performance of the whole network; that might result in fatal problems like denial of service (DoS) attacks, routing attacks, Sybil attack etc. Key management protocols, authentication protocols and secure routing cannot provide security to WSNs for these types of attacks. Intrusion detection system (IDS) is a solution to this problem. It analyzes the network by collecting sufficient amount of data and detects abnormal behavior of sensor node(s). IDS based security mechanisms proposed for other network paradigms such as ad hoc networks, cannot directly be used in WSNs. Researchers have proposed various intrusion detection systems for wireless sensor networks during the last few years. We classify these approaches into three categories i.e. purely distributed, purely centralized and distributed-centralized. In this paper, we present a survey of these mechanisms. These schemes are further differentiated in the way they perform intrusion detection.

Location information of sensor nodes deployed in the mission field plays an important role on the performance of Wireless Sensor Networks (WSNs). It is highly desirable to develop localization systems by keeping in mind WSN constraints and its location estimation capability. Optimization algorithms have proven to be good candidates for quality of position estimation. Flip ambiguity is one of the major challenges in such techniques. In this paper two types of constraints are proposed to overcome this problem. Particle Swarm Optimization (PSO) in conjunction with the proposed constraints is used iteratively in distributed manners to localize blind nodes in the WSN. Simulation results show that the proposed technique overcomes the problem of flip ambiguity and is resource efficient as well. The proposed technique mitigates 95 percent (worst-case) to 100 percent (best-case) flips and saves 80 percent (worst-case) to 87 percent (best-case) energy as compared to the previous technique available in the literature.

Information and communication technologies have thrived over the last few years. Healthcare systems have also benefited from this progression. A wireless body area network (WBAN) consists of small, low-power sensors used to monitor human physiological values remotely, which enables physicians to remotely monitor the health of patients. Communication security in WBANs is essential because it involves human physiological data. Key agreement and authentication are the primary issues in the security of WBANs. To agree upon a common key, the nodes exchange information with each other using wireless communication. This information exchange process must be secure enough or the information exchange should be minimized to a certain level so that if information leak occurs, it does not affect the overall system. Most of the existing solutions for this problem exchange too much information for the sake of key agreement; getting this information is sufficient for an attacker to reproduce the key. Set reconciliation is a technique used to reconcile two similar sets held by two different hosts with minimal communication complexity. This paper presents a broadcast-based key agreement scheme using set reconciliation for secure communication in WBANs. The proposed scheme allows the neighboring nodes to agree upon a common key with the personal server (PS), generated from the electrocardiogram (EKG) feature set of the host body. Minimal information is exchanged in a broadcast manner, and even if every node is missing a different subset, by reconciling these feature sets, the whole network will still agree upon a single common key. Because of the limited information exchange, if an attacker gets the information in any way, he/she will not be able to reproduce the key. The proposed scheme mitigates replay, selective forwarding, and denial of service attacks using a challenge-response authentication mechanism. The simulation results show that the proposed scheme has a great deal of adoptability in terms of security, communication overhead, and running time complexity, as compared to the existing EKG-based key agreement scheme.=20