The evolution of IoT and cloud computing technologies presents opportunities for developing smart education systems. However, concerns persist regarding data security and user privacy, especially in applications with sensitive data. This paper proposes a holistic approach to mitigate these risks, addressing both phishing and insider threats. To protect web applications against common vulnerabilities, the paper recommends strong encryption methods to prevent them using Elliptic Curve Cryptography and Advanced Encryption Standard for encrypting and generating secure keys. Furthermore, certain weaknesses in applications like geolocation exploitation and email authentication have been outlined in this context with specific reference to University Management Systems which is associated to Telemedical Information System. Possible mitigation measures include use of encryption and strict access control methods, as well as user awareness training. In this paper, we have used Ciphertext-Policy Attribute-Based Encryption for TMIS and ECC with AES for UMS to ensure protection against possible threats, thus preserving user privacy and system integrity.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Security and Privacy in Web Application: Efficient Encryption Using ECC and Attribute-Based Encryption

  • S. Naundhini,
  • S. Anushaa,
  • Dharminder Chaudhary

摘要

The evolution of IoT and cloud computing technologies presents opportunities for developing smart education systems. However, concerns persist regarding data security and user privacy, especially in applications with sensitive data. This paper proposes a holistic approach to mitigate these risks, addressing both phishing and insider threats. To protect web applications against common vulnerabilities, the paper recommends strong encryption methods to prevent them using Elliptic Curve Cryptography and Advanced Encryption Standard for encrypting and generating secure keys. Furthermore, certain weaknesses in applications like geolocation exploitation and email authentication have been outlined in this context with specific reference to University Management Systems which is associated to Telemedical Information System. Possible mitigation measures include use of encryption and strict access control methods, as well as user awareness training. In this paper, we have used Ciphertext-Policy Attribute-Based Encryption for TMIS and ECC with AES for UMS to ensure protection against possible threats, thus preserving user privacy and system integrity.