SlideShare a Scribd company logo

Running head SESSION HIJACKING & CLOUD COMPUTING .docx

Download as DOCX, PDF
C
charisellington63520

Running head: SESSION HIJACKING & CLOUD COMPUTING 1 SESSION HIJACKING & CLOUD COMPUTING 20 Preventing Session Hijacking in Cloud Computing Sasha Melanie Personal Research Paper 20th October 2015 Abstract The idea of Cloud processing is turning out to be a well-known concept every passing day particularly in the field of computing and information technology. It refers to both applications that are conveyed as administrations over the Internet and also as resources (software and hardware) in the data centres. With this kind of advancement, the cloud computing technology raises many security concerns. There are several vulnerabilities that come along with cloud computing that may be exploited by attackers through security threats such as session hijacking. This paper gives an overview of the cloud as well as session hijacking highlighting the key vulnerability areas that every organization need to put into consideration before any implementation of cloud computing. The paper gives the basis for further research that would help curb the challenge of session hijacking in cloud computing. TABLE OF CONTENTS Abstract 2 CHAPTER ONE 5 1.0 INTRODUCTION 5 1.1 Motivation for the study 6 1.2 Premises of the study 7 1.3 Problem Statement 7 1.4 Technical objectives of the study 7 CHAPTER TWO 9 2.0 RELATED WORK 9 2.1 Issues with Cloud Computing 9 2.2 ANALYSIS OF SESSION HIJACKING 9 2.2.1 Cookies: 10 2.2.2 TCP session capturing 10 2.3 PREVENTING SESSION HIJACKING 11 2.3.2 Information encryption programming 11 2.3.3 Virus Detection Applications 12 2.3.4 Digitized Signature 12 2.3.5 Computerized Authentication 13 2.3.6 Firewalls 14 2.3.7 Surf Anonymously 14 CHAPTER THREE 16 3.0 RESEARCH METHODOLOGY AND DESIGN 16 3.1 Introduction 16 3.2 Research Design 16 3.3 Data Collection Instruments 16 3.4 Methods of data Analysis and expected results 17 3.5 Time tables 17 3.6 Conclusion 18 REFERENCES 19 CHAPTER ONE1.0 INTRODUCTION Enthusiasm towards Cloud processing arrangements is fast developing. Therefore, they have as of now been embraced in diverse situations, for example, person to person communication, business applications, and substance conveyance systems. Distributed computing is the start of a system based figuring over the web that is thought to be the component of two new registering models, the Client-Cloud processing, and the Terminal-Cloud figuring that would make entire eras of users and business (Mell & Grance, 2011). It is additionally the start of another Internet-based administration economy, for example, the Internet-driven, Web-based, on interest, Cloud applications and figuring economy. Bursztein et al., gives a more organized definition, who characterize a Cloud as a " parallel and disseminated framework comprising of an accumulation of interconnected and virtualized PCs that are progressively provisioned and exhibi.

Education
1 of 18
Running head: SESSION HIJACKING & CLOUD COMPUTING 1 SESSION HIJACKING & CLOUD COMPUTING 20 Preventing Session Hijacking in Cloud Computing Sasha Melanie Personal Research Paper 20th October 2015 Abstract The idea of Cloud processing is turning out to be a well-known concept every passing day particularly in the field of computing and information technology. It refers to both applications that are conveyed as administrations over the Internet and also as resources (software and hardware) in the data centres. With this kind of advancement, the cloud computing technology raises many security concerns. There are several vulnerabilities that come along with cloud computing that may be exploited by attackers through security threats such as session hijacking. This paper gives an overview of the cloud as well as session
hijacking highlighting the key vulnerability areas that every organization need to put into consideration before any implementation of cloud computing. The paper gives the basis for further research that would help curb the challenge of session hijacking in cloud computing. TABLE OF CONTENTS Abstract 2 CHAPTER ONE 5 1.0 INTRODUCTION 5 1.1 Motivation for the study 6 1.2 Premises of the study 7 1.3 Problem Statement 7 1.4 Technical objectives of the study 7 CHAPTER TWO 9 2.0 RELATED WORK 9 2.1 Issues with Cloud Computing 9 2.2 ANALYSIS OF SESSION HIJACKING 9 2.2.1 Cookies: 10 2.2.2 TCP session capturing 10 2.3 PREVENTING SESSION HIJACKING 11 2.3.2 Information encryption programming 11 2.3.3 Virus Detection Applications 12 2.3.4 Digitized Signature 12 2.3.5 Computerized Authentication 13 2.3.6 Firewalls 14 2.3.7 Surf Anonymously 14 CHAPTER THREE 16
3.0 RESEARCH METHODOLOGY AND DESIGN 16 3.1 Introduction 16 3.2 Research Design 16 3.3 Data Collection Instruments 16 3.4 Methods of data Analysis and expected results 17 3.5 Time tables17 3.6 Conclusion 18 REFERENCES 19 CHAPTER ONE1.0 INTRODUCTION Enthusiasm towards Cloud processing arrangements is fast developing. Therefore, they have as of now been embraced in diverse situations, for example, person to person communication, business applications, and substance conveyance systems. Distributed computing is the start of a system based figuring over the web that is thought to be the component of two new registering models, the Client-Cloud processing, and the Terminal-Cloud figuring that would make entire eras of users and business (Mell & Grance, 2011). It is additionally the start of another Internet-based administration economy, for example, the Internet-driven, Web-based, on interest, Cloud applications and figuring economy. Bursztein et al., gives a more organized definition, who characterize a Cloud as a " parallel and disseminated framework comprising of an accumulation of interconnected and virtualized PCs that are progressively provisioned and exhibited as one or more bound together registering assets in light of administration level assertion". One of the key components describing Cloud
figuring is the capacity of conveying both base and programming as administrations. There are several security threats that come along with cloud computing such as session hijacking. The term Session hijacking stand for the misuse of quickly running session. Now and then it frequently alludes as a session key, it is utilized to pick up the unapproved increase to a framework or adventure administrations in the PC. At the point when an enchantment treat that is utilized to verify the client to the server is stolen and utilized for the unapproved handbag is alluded as session seizing. By and large it applies to the web designers, as HTTP cookies are utilized to keep up the session on a website can be effectively stolen by an aggressor or the assailant can use by obtaining entrance to the PC where he can locate the shared cookies (Dacosta et al., 2012).1.1 Motivation for the study Distributed computing has based on industry improvements leveraging so as to the date from the 1980s outsourced framework administrations, facilitated applications and programming as an administration (Mell & Grance, 2011). In all parts, the systems utilized are not unique. In total, it is something altogether different. The distinctions give both advantages and issues to the association coordinating with the cloud. The expansion of versatility and pay-as-you-go to this accumulation of advances makes distributed computing convincing to Chief Information Officers (CIO’s) in organizations of all sizes. Cloud combination presents interesting difficulties to occurrence handlers and additionally to those in charge of getting ready and arranging the agreement for cloud administrations. The difficulties are further entangled when there is a predominant observation that the cloud coordination is "inside the security Edge, or the association has been expressed in composed that an assertion required the supplier to be protected, this must be adequate (ComPUtING, 2011). This kind of intuition may be innocent at the same time, shockingly, it is not uncommon. The cloud supplier may have a
lot of implicit securities or they may not. Whether they do or not, episode taking care of Incident Handling (IH) groups will in the long run face occurrences identified with the joining, requiring getting ready for taking care of occurrences in this new environment (Dinh et al., 2013). The effects of cloud mix warrant a watchful examination by an association before execution. A presentation of a troublesome innovation, for example, distributed computing can make both definition and documentation of administrations, approaches, and techniques hazy in a given domain. Therefore, there is the need for any organization to understand clearly cloud computing and everything it entails to have a secure implementation that is free from attacks. 1.2 Premises of the study This study gives an overview of cloud computing and discuss what security on Cloud computing means. It also discusses what session hijacking is and the ways in which it can be mitigated and eliminated. Furthermore, the study makes it easy for the reader to understand what the benefits and vulnerabilities of moving toward Cloud computing are. It is additionally surely known that comprehensive danger and security control is not prescribed by all Cloud figuring usage. The level of control ought to dependably rely on upon former assessment. Be that as it may, there are still part of open examination territories on enhancing Cloud processing security, some of those are; Forensics and confirmation gathering components, asset segregation instruments and interoperability between cloud suppliers.1.3 Problem Statement Distributed computing is the rising innovation that empower clients to get to their assets on-interest premise. These assets can be got to through the web. It is accentuation on the pay per use idea. Numerous organizations have begun moving towards cloud advancement and give administrations to the vast volume of clients. It offers clients with moment accessibility, adaptability and sharing of assets. In any case, there are bunches of obstacles and obstructions in the reception of cloud are security and protection issues. At the point when the
ventures or people store their information on to the cloud, it must be shielded from unapproved clients/programmers getting to their information. It represents a noteworthy security challenge regarding the information since the capacity area of information is not known not. So keeping the information sheltered and securing the information protection is one of the key testing exploration meets expectations in distributed computing 1.4 Technical objectives of the study The research objectives of the study are: i. To evaluate the concept of cloud computing the security issues associated with it. ii. To find out what session hijacking in cloud computing means iii. To evaluate how session hijacking attack happens iv. To examine detection and the prevention techniques of session hijacking attack CHAPTER TWO2.0 RELATED WORK2.1 Issues with Cloud Computing Currently, cloud computing presents a genuine worry with information being concentrated outside the control of organizations. Touchy information will now be under the control of an outsider, and as indicated by a few specialists this is a consistent issue and some vibe that this is most likely going
to be the end of secret records administration (Zissis & Lekkas, 2012). With regards to the divulgence arrangements, a few individuals don't know where to take a stand and intentionally or unconsciously impart key data and to information out on the outside space that worry turns out to be considerably more basic. With everything open through the web, business will be reliant on the system and the administration supplier's base. Business will stop if the system/web is down. As showed by Zissis & Lekkas, right now in the IT world when there is the need to investigate an issue, one point of preference to support us is that the application logs and the database are inside of the premises of the undertaking. With the movement of the cloud, this perspective will be lost and in this way uncommon bolster or contract tying needs will arrive between the administration supplier and the business for e-disclosure. With business delicate inward information being kept up by the merchant the reliance on the seller's one of a kind Application Program Interface (API) and exclusive interfaces could make a conceivable lock-in with the merchant. On the off chance that under some situation the business is disappointed with the merchant, moving to another seller implies information should be reformatted and changed over which can be tedious and costly (Feng et al., 2011).2.2 ANALYSIS OF SESSION HIJACKING The most widely used method of following a client login state is using cookies. The procedure is very basic, go to a page and enter the login id and secret key. In the event that the data gave the right, the following reaction is like a treat that interestingly distinguishes a specific client. So as to check the login qualifications, cookies checked for every page of the site, and it confirms your creativity by being in place until you sign out (Bharti et al., 2013).2.2.1 Cookies: At the point when the client runs a machine, the machine stores a little content record that is called as cookies. Cookies are plain content; they don't contain any executable codes. A site page or disjoin teaches a specific program to store the data and
sent it back at whatever point there is a solicitation taking into account certain tenets. Lion's share of locales recognizes the clients by these treats. A client login state is finished by utilizing cookies. The procedure is very straightforward, go to a page and enter the login id and secret word. In the event that the data gave the right, the following reaction is like a cookie that exceptionally recognizes a specific client. With a particular final objective to find out the login capabilities, cookies are checked for every page of the site, and it confirms your creativity by being in place until you sign out (Bursztein et al., 2012).2.2.2 TCP session capturing In the TCP session capturing, the assailant assumes control over the TCP session between the two PCs. As the vast majority of the verification is done at the beginning of the session, this permits the programmer to increase over the machines. One of the regular techniques utilized is source-steered of IP parcels. It is by and large centre in the centre sort of assault, where a programmer a point B catches the discussion between the A and C by urging the bundles to go through the assailant’s computer (Oti & Hayfron, 2014). Despite the fact that the source directing is killed, the aggressor can utilize a technique called visually impaired capturing, where the assailant tries to figure the reaction between the two machines. On the off chance that he is fruitful, then the programmer sends an order yet he can never see the reaction yet however a typical summon is similar to the secret word, which permits to access from some other spot in the system Subashini & Kavitha, (2011). One of the reasons for such an assault is to bring about the disavowal of administration assault toward one side point with the goal that it won't react. This assault can drive the machine to crash, or it can constrain the system association for overwhelming bundle misfortune.2.3 PREVENTING SESSION HIJACKING2.3.2 Information encryption programming The Internet as said before keeps running on intermediary servers and through host servers. The intermediary servers serve
as the centre for application benefits that permit an assortment of conventions, for example, Telnet, SMTP, FTP, and HTTP and so forth to exchange data (Oti & Hayfron, 2014). Host servers then again utilize these administrations, however, are not associated specifically with different servers. In case, there is any intermediary server application, the customer associated with the intermediary server that starts the association with the outer server. Sometimes relying upon the sort of intermediary server utilized, the inner customers can perform redirection without the client being mindful of it. The intermediary server then starts the association through determined organization. This keeps the clients from being assaulted by outside servers as intermediary servers require validation before access is conceded. The entrance control list convention must be overhauled before the client or framework is permitted to have entry to the system. More advanced intermediary servers called Application Layer Gateways, or ALGs can further improve security by designing and blocking subsections of conventions. For instance, an ALG for FTP can permit "get" order and forbid "put" summon so that the clients can't put any records on the remote server. This kind of shifting of charges is successful when contrasted with the host servers that just has the ability of the completely permit server to communicate with different servers/clients or thoroughly deny the administration (Bharti et al., 2013).2.3.3 Virus Detection Applications Now and again one peruses of vindictive bugs and infections like Melissa and Love Bug that keep running in email script and focus on the clients by entering their frameworks and wreck programs and so forth. A reason bugs and infections effortlessly get to clients' framework is because of the way that these objective Microsoft items, for example, Internet Explorer and Outlook Express The most well-known interface among buyer IE is helpless against assaults as well as being focused by culprits. The viewpoint, for instance, is a powerless instrument as it naturally opens email as read when a client taps on another email. Thus, the infection is activated notwithstanding when the
client endeavors to erase the spontaneous email by tapping on it (Broad, 2013). Broad additionally asserts that "The shots of a PC infection getting to your framework may be under 1% or more prominent than 10% relying upon where you surf, who sends you email connections, and so forth., yet in the end an infection will draw near to you- - if not really pulverize information and consequently deny you of hours of diligent work." For this reason, there is more explanation behind taking prudent measures for infection assaults. To detect and mitigate threats, Broad prescribes clients to introduce an in number programming that is hostile enough to prevent infections. Moreover, the client additionally has the decision of utilizing Netscape as an interface and Eudora for email perusing. These items, however, may not bolster the greater part of the administrations that Microsoft brings to the table yet they keep infections from assaulting the entire framework. Eudora, for instance, is a sheltered email program and can be utilized to control spontaneous messages also.2.3.4 Digitized Signature The critical part of the computerized correspondence is that the Internet does not offer secure transmission. Online email sessions particularly are being hacked, and messages read o a general premise. Programmers can sniff open sessions and get passwords in content structure; they may hack into corporate records through checking apparatuses for producing passwords secured email accounts and so on. To neutralize these occasions of security rupture, advanced marks have been made through Public Key Infrastructure or PKI (Wedman et al., 2013). The PKI is essentially an advanced information transmission device for secure Internet communication. The PKI depends on encryption involving keys to ensure the computerized data. The trustworthiness and classification of the computerized data are guaranteed as it is just available for the planned collector. The sender has an open key that can use to encode a message; the message is then sent to the collector. The collector as a private key that he can use to unscramble the data. The PKI is affirmed,
issued and oversaw by neighbourhood accreditation power. Like this just the sender, recipient, and the confirmation power can have admittance to the data being sent. Today there are different sorts of PKI and oversaw by a large group of confirmation houses. As per Wedman (2013), in spite of the positive side of PKI, the innovation is not without pitfalls of its own. One is that the PKI accreditation is not a proof that data won't be gotten to by outside clients. Rather it only ensures that the organization that issues the PKI will secure the keys issued to the clients. A large group of PKI organizations, for example, RSA Security, Entrust, and Verisign have ended up and declare themselves as advanced affirmation powers though this has not been recognized by the administration or any official substance (Broad, 2013). Therefore, there are some enterprises that don't completely hold onto PKI as they realize that the freeware form of the apparatuses are accessible to everybody, and it is hard to prevent assailants from formulating approaches to go into the accreditation center point and get to keys information.2.3.5 Computerized Authentication Computerized authentications are a standout amongst the most utilized security strategies. They are given by outside accreditation power that checks the candidate's character and creates authentication for lawful exchanges. The authentications guarantee that the electronic message, for example, charge card data and other individual points of interest are not altered amid transmission on the Internet. The computerized marks depend on encryption calculation for scrambling and unscrambling of the same. The two most normal security conventions in computerized accreditation are SSL (secure attachments layer) by Netscape and SET (secure electronic exchange) by Visa International. These have been created to guarantee that charge card clients' security when they are exchanging on the web. The SET uses computerized declarations to recognize the purchaser, server and shipper bank. In such manner the SET representative's open key cryptography to secure the messages (Valacich & Schneider, 2014)2.3.6 Firewalls
Firewalls essentially work on multilevel security by first raising a boundary between the system that is the private system and the Internet. The firewall then screens the activity with particular attributes and permit it to go through entryways to the client machine. At the point when an advanced movement does not agree to the firewall criteria, then the data can't go through the passages in this manner avoiding unapproved activity, for example, infections and bugs from going into the PC. The most imperative piece of building a firewall is setting criteria for parcels to have an entry or denied at the portals. Contingent upon the way of the activity system managers can set up the sorts firewalls (Broad, 2013)2.3.7 Surf Anonymously As indicated by Wedman et al., (2013) clients can maintain a strategic distance from assailants by surfing secretly. Surfers tend to client either IE or Netscape for their skimming reason. These programs not just are most regularly utilized they are additionally powerless against online aggressors. For instance, they may give out data that are put away as Cookies or get to be held up in the machine's store. Individual data, for example, passwords, information shared, mailing records or Mastercard data, and so on stays open to the aggressors the length of the client is online and not logged out of the site. Correspondingly, sites dispatch mystery projects to publicize or keep an eye on client exercises called Fries that get to be stopped into the program. These are intended to peruse keystrokes and logged for publicizing utilization.
CHAPTER THREE3.0 RESEARCH METHODOLOGY AND DESIGN3.1 Introduction This part depicts the examination technique that was utilized in doing the study; it also contains the target population, and the sampling design, test of reliability and validity, data collection procedures and data analysis.3.2 Research Design According to Takhar & Ghorbani, (2015), a research design is a master plan/framework or blueprint specifying the strategies and techniques for gathering and investigating the required data. The study will receive illustrative exploration outline. This kind of exploration configuration reports things the way they are and endeavours to depict such things as could reasonably be expected conduct, mentalities, qualities, and attributes. This exploration design will also be suitable because it will be concerned with describing the characteristics of particular individual or group of individuals. The study will be aimed at describing the state of affairs as it is and, therefore, consider the descriptive research design to be the most appropriate for this study. As asserted by Takhar & Ghorbani, (2015), a descriptive study tries to discover answers to who, what, when, where, and sometimes how questions.3.3 Data Collection Instruments The research will focus on data sources such as institution library, online educational libraries, peer-reviewed articles books and journals also available online. The justification for the use of online sources is that they are economical to use in terms of time and money. They also permit a greater depth of response.3.4 Methods of data Analysis and expected results Data collected from all the sources will be edited and coded for analysis. It will be analyzed quantitatively and qualitatively. Quantitative information will be investigated through the utilization of elucidating measurements .charts, tables, and
percentages for data representation. The qualitative information will be dissected through substance investigation. It is normal that the data collected from the different sources will be analyzed and interpreted making it easily understood by the reader. The outcomes of this analysis are expected to teach the reader on cloud computing and session hijacking as well as the best ways of ensuring security in cloud computing.3.5 Time tables DESCRIPTION START DATE DURATION (days) END DATE Research topics of interest 01-Dec-14 90 01-Mar-15 Develop research questions and aims 04-Mar-15 8 11-Mar Reading on literature review 13-Mar-15 22 03-Apr-15 Write up proposal 05-Apr-15 29 03-May-15 Submit research proposal 05-May-15 22 26-May-15 Continue lit review and data collection 15-Jun-15 36 20-Jul-15
Analyse collected data from lit review 27-Jul-15 8 03-Aug-15 Write up lit review, methodology, and analysis 10-Aug-15 18 27-Aug-15 Write up conclusion, introduction and discussion 31-Aug-15 8 07-Jul-15 Send sample pages to supervisor 14-Sep-15 11 24-Sep-15 Write up the reflection and action plan paper 28-Sep-15 8 05-Oct-15 Proof read of dissertation and binding 12-Oct-15 8 19-Oct-15 Hand in dissertation 20-Oct-15 1 20-Oct-15 3.6 Conclusion Distributed computing can be seen as a subset of framework processing as they have the same advances and keep up the key ideas of the newly disseminated figuring worldview. It can offer practicality, conveying moment IT system base to new clients in any possible division. Rather than spending significant measures of cash and time building up a fresh out of the plastic new system, clients can 'module' to a current cloud framework
and be up and running immediately. Also, Cloud figuring offers the possibility to retrieve topographical hindrances to convey processing energy to groups that beforehand did not have practical access. For instance, through satellite broadband associations, remote third world areas can as of now get entrance to first world centralized computers. Everything they need is to be outfitted with ease essential portable PC equipment. This innovation offers colossal open doors and is prone to change profoundly the way individuals utilize the Internet in the coming years. By adding to a general reception system, or essentially simply perceiving the significance of the more extensive variables specified above, clients and associations can lessen the potential dangers, for example, session capturing and guarantee they get the most extreme conceivable advantage from their adventure into the cloud. The study above has unmistakably explained the powerlessness issue of session capturing and the routes in which people and association can work day and night to execute productive yet secure appropriated processing advances. Nonetheless, it ought to be noticed that distributed computing is a constantly advancing idea, and more research should be done on methods for improving the security prerequisites for its foundation and additional methods for conquering the security risk of session capturing REFERENCES Bursztein, E., Soman, C., Boneh, D., & Mitchell, J. C. (2012, April). Sessionjuggler: secure web login from an untrusted terminal using session hijacking. In Proceedings of the 21st international conference on World Wide Web (pp. 321-330). ACM. Bharti, A. K., Goyal, M., & Chaudhary, M. (2013). A Review on Detection of Session Hijacking and Ip Spoofing. International Journal of Advanced Research in Computer Science, 4(9). Broad, J. (2013). Risk Management Framework: A Lab-Based Approach to Securing Information Systems. Newnes.
ComPUtING, C. (2011). Cloud computing privacy concerns on our doorstep. Communications of the ACM, 54(1). Dinh, H. T., Lee, C., Niyato, D., & Wang, P. (2013). A survey of mobile cloud computing: architecture, applications, and approaches. Wireless communications and mobile computing, 13(18), 1587-1611. Dacosta, I., Chakradeo, S., Ahamad, M., & Traynor, P. (2012). One-time cookies: Preventing session hijacking attacks with stateless authentication tokens. ACM Transactions on Internet Technology (TOIT), 12(1), 1. Feng, D. G., Zhang, M., Zhang, Y., & Xu, Z. (2011). Study on cloud computing security. Journal of software, 22(1), 71-83. http://searchmidmarketsecurity.techtarget.com/tip/Defending- against-Firesheep-How-to-prevent-a-session-hijacking-attack. Mell, P., & Grance, T. (2011). The NIST definition of cloud computing. Oti, S. B., & Hayfron-Acquah, J. B. (2014). Practical Security Approaches against Border Gateway Protocol (BGP) Session Hijacking Attacks between Autonomous Systems. Journal of Computer and Communications, 2014. Subashini, S., & Kavitha, V. (2011). A survey on security issues in service delivery models of cloud computing. Journal of network and computer applications, 34(1), 1-11. Takhar-Lail, A., & Ghorbani, A. (2015). Market Research Methodologies: Multi-Method and Qualitative. Wedman, S., Tetmeyer, A., & Saiedian, H. (2013). An analytical study of web application session management mechanisms and HTTP session hijacking attacks. Information Security Journal: A Global Perspective, 22(2), 55-67. Valacich, J., & Schneider, C. (2014). Information Systems Today: Managing in the Digital World with MyITLab. Policy Statement. Zissis, D., & Lekkas, D. (2012). Addressing cloud computing security issues. Future Generation computer systems, 28(3), 583-592.
Running head SESSION HIJACKING & CLOUD COMPUTING .docx

Recommended

Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...Zac Darcy
 
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...Zac Darcy
 
B018211016
B018211016B018211016
B018211016IOSR Journals
 
Outsourcing control
Outsourcing controlOutsourcing control
Outsourcing controlShahbaz Sidhu
 
Cloud Computing Security Issues and Challenges
Cloud Computing Security Issues and ChallengesCloud Computing Security Issues and Challenges
Cloud Computing Security Issues and Challengespaperpublications3
 
Discussion 1Cloud computing offers the ability to share informat
Discussion 1Cloud computing offers the ability to share informatDiscussion 1Cloud computing offers the ability to share informat
Discussion 1Cloud computing offers the ability to share informatVinaOconner450
 
It auditing to assure a secure cloud computing
It auditing to assure a secure cloud computingIt auditing to assure a secure cloud computing
It auditing to assure a secure cloud computingingenioustech
 
Student Number SxxxxxxxEmail Assignm.docx
Student Number SxxxxxxxEmail Assignm.docxStudent Number SxxxxxxxEmail Assignm.docx
Student Number SxxxxxxxEmail Assignm.docxhanneloremccaffery
 

Recommended

Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...Zac Darcy
 
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...Zac Darcy
 
B018211016
B018211016B018211016
B018211016IOSR Journals
 
Outsourcing control
Outsourcing controlOutsourcing control
Outsourcing controlShahbaz Sidhu
 
Cloud Computing Security Issues and Challenges
Cloud Computing Security Issues and ChallengesCloud Computing Security Issues and Challenges
Cloud Computing Security Issues and Challengespaperpublications3
 
Discussion 1Cloud computing offers the ability to share informat
Discussion 1Cloud computing offers the ability to share informatDiscussion 1Cloud computing offers the ability to share informat
Discussion 1Cloud computing offers the ability to share informatVinaOconner450
 
It auditing to assure a secure cloud computing
It auditing to assure a secure cloud computingIt auditing to assure a secure cloud computing
It auditing to assure a secure cloud computingingenioustech
 
Student Number SxxxxxxxEmail Assignm.docx
Student Number SxxxxxxxEmail Assignm.docxStudent Number SxxxxxxxEmail Assignm.docx
Student Number SxxxxxxxEmail Assignm.docxhanneloremccaffery
 
A Survey on Cloud Computing Security – Challenges and Trust Issues
A Survey on Cloud Computing Security – Challenges and Trust IssuesA Survey on Cloud Computing Security – Challenges and Trust Issues
A Survey on Cloud Computing Security – Challenges and Trust IssuesIJCSIS Research Publications
 
Cloud Computing Security Issues and Challenges
Cloud Computing Security Issues and ChallengesCloud Computing Security Issues and Challenges
Cloud Computing Security Issues and ChallengesCSCJournals
 
B1802041217
B1802041217B1802041217
B1802041217IOSR Journals
 
Cloud computing seminar report
Cloud computing seminar reportCloud computing seminar report
Cloud computing seminar reportshafzonly
 
SECURE CLOUD ARCHITECTURE
SECURE CLOUD ARCHITECTURESECURE CLOUD ARCHITECTURE
SECURE CLOUD ARCHITECTUREacijjournal
 
What is the future of cloud security linked in
What is the future of cloud security linked inWhat is the future of cloud security linked in
What is the future of cloud security linked inJonathan Spindel
 
A Survey of Cloud Computing Security Issues and Consequences
A Survey of Cloud Computing Security Issues and ConsequencesA Survey of Cloud Computing Security Issues and Consequences
A Survey of Cloud Computing Security Issues and ConsequencesAssociate Professor in VSB Coimbatore
 
Ad4502189193
Ad4502189193Ad4502189193
Ad4502189193IJERA Editor
 
Trends in the IT Profession Annotated BibliographyAdemola Adeleke.docx
Trends in the IT Profession Annotated BibliographyAdemola Adeleke.docxTrends in the IT Profession Annotated BibliographyAdemola Adeleke.docx
Trends in the IT Profession Annotated BibliographyAdemola Adeleke.docxwillcoxjanay
 
MIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudMIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudKumar Goud
 
J3602068071
J3602068071J3602068071
J3602068071ijceronline
 
Review on Security Aspects for Cloud Architecture
Review on Security Aspects for Cloud Architecture Review on Security Aspects for Cloud Architecture
Review on Security Aspects for Cloud Architecture IJECEIAES
 
07 20252 cloud computing survey
07 20252 cloud computing survey07 20252 cloud computing survey
07 20252 cloud computing surveyIAESIJEECS
 
Read the Discussions below and give a good replyDiscussion 1..docx
Read the Discussions below and give a good replyDiscussion 1..docxRead the Discussions below and give a good replyDiscussion 1..docx
Read the Discussions below and give a good replyDiscussion 1..docxmakdul
 
Trends in cloud computingTRENDS IN CLOUD COMPUTINGAB.docx
Trends in cloud computingTRENDS IN CLOUD COMPUTINGAB.docxTrends in cloud computingTRENDS IN CLOUD COMPUTINGAB.docx
Trends in cloud computingTRENDS IN CLOUD COMPUTINGAB.docxjuliennehar
 
The Riisk and Challllenges off Clloud Computtiing
The Riisk and Challllenges off Clloud ComputtiingThe Riisk and Challllenges off Clloud Computtiing
The Riisk and Challllenges off Clloud ComputtiingIJERA Editor
 
Cloud Computing – The Best Form of IT Delivery
Cloud Computing – The Best Form of IT DeliveryCloud Computing – The Best Form of IT Delivery
Cloud Computing – The Best Form of IT DeliverySoftweb Solutions
 
First step to the cloud white paper
First step to the cloud white paperFirst step to the cloud white paper
First step to the cloud white paperNewton Day Uploads
 
cloud of things paper
cloud of things papercloud of things paper
cloud of things paperAssem mousa
 
in addition to these questions also answer the following;Answer .docx
in addition to these questions also answer the following;Answer .docxin addition to these questions also answer the following;Answer .docx
in addition to these questions also answer the following;Answer .docxcharisellington63520
 
In an environment of compliancy laws, regulations, and standards, in.docx
In an environment of compliancy laws, regulations, and standards, in.docxIn an environment of compliancy laws, regulations, and standards, in.docx
In an environment of compliancy laws, regulations, and standards, in.docxcharisellington63520
 
In American politics, people often compare their enemies to Hitler o.docx
In American politics, people often compare their enemies to Hitler o.docxIn American politics, people often compare their enemies to Hitler o.docx
In American politics, people often compare their enemies to Hitler o.docxcharisellington63520
 

More Related Content

Similar to Running head SESSION HIJACKING & CLOUD COMPUTING .docx

A Survey on Cloud Computing Security – Challenges and Trust Issues
A Survey on Cloud Computing Security – Challenges and Trust IssuesA Survey on Cloud Computing Security – Challenges and Trust Issues
A Survey on Cloud Computing Security – Challenges and Trust IssuesIJCSIS Research Publications
 
Cloud Computing Security Issues and Challenges
Cloud Computing Security Issues and ChallengesCloud Computing Security Issues and Challenges
Cloud Computing Security Issues and ChallengesCSCJournals
 
Cloud computing seminar report
Cloud computing seminar reportCloud computing seminar report
Cloud computing seminar reportshafzonly
 
SECURE CLOUD ARCHITECTURE
SECURE CLOUD ARCHITECTURESECURE CLOUD ARCHITECTURE
SECURE CLOUD ARCHITECTUREacijjournal
 
What is the future of cloud security linked in
What is the future of cloud security linked inWhat is the future of cloud security linked in
What is the future of cloud security linked inJonathan Spindel
 
Trends in the IT Profession Annotated BibliographyAdemola Adeleke.docx
Trends in the IT Profession Annotated BibliographyAdemola Adeleke.docxTrends in the IT Profession Annotated BibliographyAdemola Adeleke.docx
Trends in the IT Profession Annotated BibliographyAdemola Adeleke.docxwillcoxjanay
 
MIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudMIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudKumar Goud
 
Review on Security Aspects for Cloud Architecture
Review on Security Aspects for Cloud Architecture Review on Security Aspects for Cloud Architecture
Review on Security Aspects for Cloud Architecture IJECEIAES
 
07 20252 cloud computing survey
07 20252 cloud computing survey07 20252 cloud computing survey
07 20252 cloud computing surveyIAESIJEECS
 
Read the Discussions below and give a good replyDiscussion 1..docx
Read the Discussions below and give a good replyDiscussion 1..docxRead the Discussions below and give a good replyDiscussion 1..docx
Read the Discussions below and give a good replyDiscussion 1..docxmakdul
 
Trends in cloud computingTRENDS IN CLOUD COMPUTINGAB.docx
Trends in cloud computingTRENDS IN CLOUD COMPUTINGAB.docxTrends in cloud computingTRENDS IN CLOUD COMPUTINGAB.docx
Trends in cloud computingTRENDS IN CLOUD COMPUTINGAB.docxjuliennehar
 
The Riisk and Challllenges off Clloud Computtiing
The Riisk and Challllenges off Clloud ComputtiingThe Riisk and Challllenges off Clloud Computtiing
The Riisk and Challllenges off Clloud ComputtiingIJERA Editor
 
Cloud Computing – The Best Form of IT Delivery
Cloud Computing – The Best Form of IT DeliveryCloud Computing – The Best Form of IT Delivery
Cloud Computing – The Best Form of IT DeliverySoftweb Solutions
 
First step to the cloud white paper
First step to the cloud white paperFirst step to the cloud white paper
First step to the cloud white paperNewton Day Uploads
 
cloud of things paper
cloud of things papercloud of things paper
cloud of things paperAssem mousa
 

Similar to Running head SESSION HIJACKING & CLOUD COMPUTING .docx (19)

A Survey on Cloud Computing Security – Challenges and Trust Issues
A Survey on Cloud Computing Security – Challenges and Trust IssuesA Survey on Cloud Computing Security – Challenges and Trust Issues
A Survey on Cloud Computing Security – Challenges and Trust Issues
 
Cloud Computing Security Issues and Challenges
Cloud Computing Security Issues and ChallengesCloud Computing Security Issues and Challenges
Cloud Computing Security Issues and Challenges
 
B1802041217
B1802041217B1802041217
B1802041217
 
Cloud computing seminar report
Cloud computing seminar reportCloud computing seminar report
Cloud computing seminar report
 
SECURE CLOUD ARCHITECTURE
SECURE CLOUD ARCHITECTURESECURE CLOUD ARCHITECTURE
SECURE CLOUD ARCHITECTURE
 
What is the future of cloud security linked in
What is the future of cloud security linked inWhat is the future of cloud security linked in
What is the future of cloud security linked in
 
A Survey of Cloud Computing Security Issues and Consequences
A Survey of Cloud Computing Security Issues and ConsequencesA Survey of Cloud Computing Security Issues and Consequences
A Survey of Cloud Computing Security Issues and Consequences
 
Ad4502189193
Ad4502189193Ad4502189193
Ad4502189193
 
Trends in the IT Profession Annotated BibliographyAdemola Adeleke.docx
Trends in the IT Profession Annotated BibliographyAdemola Adeleke.docxTrends in the IT Profession Annotated BibliographyAdemola Adeleke.docx
Trends in the IT Profession Annotated BibliographyAdemola Adeleke.docx
 
MIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudMIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the Cloud
 
J3602068071
J3602068071J3602068071
J3602068071
 
Review on Security Aspects for Cloud Architecture
Review on Security Aspects for Cloud Architecture Review on Security Aspects for Cloud Architecture
Review on Security Aspects for Cloud Architecture
 
07 20252 cloud computing survey
07 20252 cloud computing survey07 20252 cloud computing survey
07 20252 cloud computing survey
 
Read the Discussions below and give a good replyDiscussion 1..docx
Read the Discussions below and give a good replyDiscussion 1..docxRead the Discussions below and give a good replyDiscussion 1..docx
Read the Discussions below and give a good replyDiscussion 1..docx
 
Trends in cloud computingTRENDS IN CLOUD COMPUTINGAB.docx
Trends in cloud computingTRENDS IN CLOUD COMPUTINGAB.docxTrends in cloud computingTRENDS IN CLOUD COMPUTINGAB.docx
Trends in cloud computingTRENDS IN CLOUD COMPUTINGAB.docx
 
The Riisk and Challllenges off Clloud Computtiing
The Riisk and Challllenges off Clloud ComputtiingThe Riisk and Challllenges off Clloud Computtiing
The Riisk and Challllenges off Clloud Computtiing
 
Cloud Computing – The Best Form of IT Delivery
Cloud Computing – The Best Form of IT DeliveryCloud Computing – The Best Form of IT Delivery
Cloud Computing – The Best Form of IT Delivery
 
First step to the cloud white paper
First step to the cloud white paperFirst step to the cloud white paper
First step to the cloud white paper
 
cloud of things paper
cloud of things papercloud of things paper
cloud of things paper
 

More from charisellington63520

in addition to these questions also answer the following;Answer .docx
in addition to these questions also answer the following;Answer .docxin addition to these questions also answer the following;Answer .docx
in addition to these questions also answer the following;Answer .docxcharisellington63520
 
In an environment of compliancy laws, regulations, and standards, in.docx
In an environment of compliancy laws, regulations, and standards, in.docxIn an environment of compliancy laws, regulations, and standards, in.docx
In an environment of compliancy laws, regulations, and standards, in.docxcharisellington63520
 
In American politics, people often compare their enemies to Hitler o.docx
In American politics, people often compare their enemies to Hitler o.docxIn American politics, people often compare their enemies to Hitler o.docx
In American politics, people often compare their enemies to Hitler o.docxcharisellington63520
 
In addition to the thread, the student is required to reply to 2 oth.docx
In addition to the thread, the student is required to reply to 2 oth.docxIn addition to the thread, the student is required to reply to 2 oth.docx
In addition to the thread, the student is required to reply to 2 oth.docxcharisellington63520
 
In addition to reading the Announcements, prepare for this d.docx
In addition to reading the Announcements, prepare for this d.docxIn addition to reading the Announcements, prepare for this d.docx
In addition to reading the Announcements, prepare for this d.docxcharisellington63520
 
In Act 4 during the trial scene, Bassanio says the following lin.docx
In Act 4 during the trial scene, Bassanio says the following lin.docxIn Act 4 during the trial scene, Bassanio says the following lin.docx
In Act 4 during the trial scene, Bassanio says the following lin.docxcharisellington63520
 
In a Word document, please respond to the following questions.docx
In a Word document, please respond to the following questions.docxIn a Word document, please respond to the following questions.docx
In a Word document, please respond to the following questions.docxcharisellington63520
 
In a Word document, create A Set of Instructions. (you will want.docx
In a Word document, create A Set of Instructions. (you will want.docxIn a Word document, create A Set of Instructions. (you will want.docx
In a Word document, create A Set of Instructions. (you will want.docxcharisellington63520
 
In a two page response MLA format paperMaria Werner talks about .docx
In a two page response MLA format paperMaria Werner talks about .docxIn a two page response MLA format paperMaria Werner talks about .docx
In a two page response MLA format paperMaria Werner talks about .docxcharisellington63520
 
In a paragraph (150 words minimum), please respond to the follow.docx
In a paragraph (150 words minimum), please respond to the follow.docxIn a paragraph (150 words minimum), please respond to the follow.docx
In a paragraph (150 words minimum), please respond to the follow.docxcharisellington63520
 
In a paragraph form, discuss the belowThe client comes to t.docx
In a paragraph form, discuss the belowThe client comes to t.docxIn a paragraph form, discuss the belowThe client comes to t.docx
In a paragraph form, discuss the belowThe client comes to t.docxcharisellington63520
 
In a minimum of 300 words in APA format.Through the advent o.docx
In a minimum of 300 words in APA format.Through the advent o.docxIn a minimum of 300 words in APA format.Through the advent o.docx
In a minimum of 300 words in APA format.Through the advent o.docxcharisellington63520
 
In a paragraph form, post your initial response after reading th.docx
In a paragraph form, post your initial response after reading th.docxIn a paragraph form, post your initial response after reading th.docx
In a paragraph form, post your initial response after reading th.docxcharisellington63520
 
In a minimum 250-word paragraph, discuss at least one point the auth.docx
In a minimum 250-word paragraph, discuss at least one point the auth.docxIn a minimum 250-word paragraph, discuss at least one point the auth.docx
In a minimum 250-word paragraph, discuss at least one point the auth.docxcharisellington63520
 
In a hostage crisis, is it ethical for a government to agree to gran.docx
In a hostage crisis, is it ethical for a government to agree to gran.docxIn a hostage crisis, is it ethical for a government to agree to gran.docx
In a hostage crisis, is it ethical for a government to agree to gran.docxcharisellington63520
 
In a double-spaced 12 Font paper  How did you immediately feel a.docx
In a double-spaced 12 Font paper  How did you immediately feel a.docxIn a double-spaced 12 Font paper  How did you immediately feel a.docx
In a double-spaced 12 Font paper  How did you immediately feel a.docxcharisellington63520
 
In a follow-up to your IoT discussion with management, you have .docx
In a follow-up to your IoT discussion with management, you have .docxIn a follow-up to your IoT discussion with management, you have .docx
In a follow-up to your IoT discussion with management, you have .docxcharisellington63520
 
In a COVID-19 situation identify the guidelines for ethical use of t.docx
In a COVID-19 situation identify the guidelines for ethical use of t.docxIn a COVID-19 situation identify the guidelines for ethical use of t.docx
In a COVID-19 situation identify the guidelines for ethical use of t.docxcharisellington63520
 
In a 750- to 1,250-word paper, evaluate the implications of Internet.docx
In a 750- to 1,250-word paper, evaluate the implications of Internet.docxIn a 750- to 1,250-word paper, evaluate the implications of Internet.docx
In a 750- to 1,250-word paper, evaluate the implications of Internet.docxcharisellington63520
 
In a 600 word count (EACH bullet point having 300 words each) di.docx
In a 600 word count (EACH bullet point having 300 words each) di.docxIn a 600 word count (EACH bullet point having 300 words each) di.docx
In a 600 word count (EACH bullet point having 300 words each) di.docxcharisellington63520
 

More from charisellington63520 (20)

in addition to these questions also answer the following;Answer .docx
in addition to these questions also answer the following;Answer .docxin addition to these questions also answer the following;Answer .docx
in addition to these questions also answer the following;Answer .docx
 
In an environment of compliancy laws, regulations, and standards, in.docx
In an environment of compliancy laws, regulations, and standards, in.docxIn an environment of compliancy laws, regulations, and standards, in.docx
In an environment of compliancy laws, regulations, and standards, in.docx
 
In American politics, people often compare their enemies to Hitler o.docx
In American politics, people often compare their enemies to Hitler o.docxIn American politics, people often compare their enemies to Hitler o.docx
In American politics, people often compare their enemies to Hitler o.docx
 
In addition to the thread, the student is required to reply to 2 oth.docx
In addition to the thread, the student is required to reply to 2 oth.docxIn addition to the thread, the student is required to reply to 2 oth.docx
In addition to the thread, the student is required to reply to 2 oth.docx
 
In addition to reading the Announcements, prepare for this d.docx
In addition to reading the Announcements, prepare for this d.docxIn addition to reading the Announcements, prepare for this d.docx
In addition to reading the Announcements, prepare for this d.docx
 
In Act 4 during the trial scene, Bassanio says the following lin.docx
In Act 4 during the trial scene, Bassanio says the following lin.docxIn Act 4 during the trial scene, Bassanio says the following lin.docx
In Act 4 during the trial scene, Bassanio says the following lin.docx
 
In a Word document, please respond to the following questions.docx
In a Word document, please respond to the following questions.docxIn a Word document, please respond to the following questions.docx
In a Word document, please respond to the following questions.docx
 
In a Word document, create A Set of Instructions. (you will want.docx
In a Word document, create A Set of Instructions. (you will want.docxIn a Word document, create A Set of Instructions. (you will want.docx
In a Word document, create A Set of Instructions. (you will want.docx
 
In a two page response MLA format paperMaria Werner talks about .docx
In a two page response MLA format paperMaria Werner talks about .docxIn a two page response MLA format paperMaria Werner talks about .docx
In a two page response MLA format paperMaria Werner talks about .docx
 
In a paragraph (150 words minimum), please respond to the follow.docx
In a paragraph (150 words minimum), please respond to the follow.docxIn a paragraph (150 words minimum), please respond to the follow.docx
In a paragraph (150 words minimum), please respond to the follow.docx
 
In a paragraph form, discuss the belowThe client comes to t.docx
In a paragraph form, discuss the belowThe client comes to t.docxIn a paragraph form, discuss the belowThe client comes to t.docx
In a paragraph form, discuss the belowThe client comes to t.docx
 
In a minimum of 300 words in APA format.Through the advent o.docx
In a minimum of 300 words in APA format.Through the advent o.docxIn a minimum of 300 words in APA format.Through the advent o.docx
In a minimum of 300 words in APA format.Through the advent o.docx
 
In a paragraph form, post your initial response after reading th.docx
In a paragraph form, post your initial response after reading th.docxIn a paragraph form, post your initial response after reading th.docx
In a paragraph form, post your initial response after reading th.docx
 
In a minimum 250-word paragraph, discuss at least one point the auth.docx
In a minimum 250-word paragraph, discuss at least one point the auth.docxIn a minimum 250-word paragraph, discuss at least one point the auth.docx
In a minimum 250-word paragraph, discuss at least one point the auth.docx
 
In a hostage crisis, is it ethical for a government to agree to gran.docx
In a hostage crisis, is it ethical for a government to agree to gran.docxIn a hostage crisis, is it ethical for a government to agree to gran.docx
In a hostage crisis, is it ethical for a government to agree to gran.docx
 
In a double-spaced 12 Font paper  How did you immediately feel a.docx
In a double-spaced 12 Font paper  How did you immediately feel a.docxIn a double-spaced 12 Font paper  How did you immediately feel a.docx
In a double-spaced 12 Font paper  How did you immediately feel a.docx
 
In a follow-up to your IoT discussion with management, you have .docx
In a follow-up to your IoT discussion with management, you have .docxIn a follow-up to your IoT discussion with management, you have .docx
In a follow-up to your IoT discussion with management, you have .docx
 
In a COVID-19 situation identify the guidelines for ethical use of t.docx
In a COVID-19 situation identify the guidelines for ethical use of t.docxIn a COVID-19 situation identify the guidelines for ethical use of t.docx
In a COVID-19 situation identify the guidelines for ethical use of t.docx
 
In a 750- to 1,250-word paper, evaluate the implications of Internet.docx
In a 750- to 1,250-word paper, evaluate the implications of Internet.docxIn a 750- to 1,250-word paper, evaluate the implications of Internet.docx
In a 750- to 1,250-word paper, evaluate the implications of Internet.docx
 
In a 600 word count (EACH bullet point having 300 words each) di.docx
In a 600 word count (EACH bullet point having 300 words each) di.docxIn a 600 word count (EACH bullet point having 300 words each) di.docx
In a 600 word count (EACH bullet point having 300 words each) di.docx
 

Recently uploaded

Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfClass 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfakmcokerachita
 
Pharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfPharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfMahmoud M. Sallam
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17Celine George
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
Biting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfBiting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfadityarao40181
 
Final demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxFinal demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxAvyJaneVismanos
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxBlooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxUnboundStockton
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerunnathinaik
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxsocialsciencegdgrohi
 

Recently uploaded (20)

Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfClass 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdf
 
Pharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfPharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdf
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
Biting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfBiting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdf
 
Final demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxFinal demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptx
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxBlooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docx
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developer
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
 

Running head SESSION HIJACKING & CLOUD COMPUTING .docx

  • 1. Running head: SESSION HIJACKING & CLOUD COMPUTING 1 SESSION HIJACKING & CLOUD COMPUTING 20 Preventing Session Hijacking in Cloud Computing Sasha Melanie Personal Research Paper 20th October 2015 Abstract The idea of Cloud processing is turning out to be a well-known concept every passing day particularly in the field of computing and information technology. It refers to both applications that are conveyed as administrations over the Internet and also as resources (software and hardware) in the data centres. With this kind of advancement, the cloud computing technology raises many security concerns. There are several vulnerabilities that come along with cloud computing that may be exploited by attackers through security threats such as session hijacking. This paper gives an overview of the cloud as well as session
  • 2. hijacking highlighting the key vulnerability areas that every organization need to put into consideration before any implementation of cloud computing. The paper gives the basis for further research that would help curb the challenge of session hijacking in cloud computing. TABLE OF CONTENTS Abstract 2 CHAPTER ONE 5 1.0 INTRODUCTION 5 1.1 Motivation for the study 6 1.2 Premises of the study 7 1.3 Problem Statement 7 1.4 Technical objectives of the study 7 CHAPTER TWO 9 2.0 RELATED WORK 9 2.1 Issues with Cloud Computing 9 2.2 ANALYSIS OF SESSION HIJACKING 9 2.2.1 Cookies: 10 2.2.2 TCP session capturing 10 2.3 PREVENTING SESSION HIJACKING 11 2.3.2 Information encryption programming 11 2.3.3 Virus Detection Applications 12 2.3.4 Digitized Signature 12 2.3.5 Computerized Authentication 13 2.3.6 Firewalls 14 2.3.7 Surf Anonymously 14 CHAPTER THREE 16
  • 3. 3.0 RESEARCH METHODOLOGY AND DESIGN 16 3.1 Introduction 16 3.2 Research Design 16 3.3 Data Collection Instruments 16 3.4 Methods of data Analysis and expected results 17 3.5 Time tables17 3.6 Conclusion 18 REFERENCES 19 CHAPTER ONE1.0 INTRODUCTION Enthusiasm towards Cloud processing arrangements is fast developing. Therefore, they have as of now been embraced in diverse situations, for example, person to person communication, business applications, and substance conveyance systems. Distributed computing is the start of a system based figuring over the web that is thought to be the component of two new registering models, the Client-Cloud processing, and the Terminal-Cloud figuring that would make entire eras of users and business (Mell & Grance, 2011). It is additionally the start of another Internet-based administration economy, for example, the Internet-driven, Web-based, on interest, Cloud applications and figuring economy. Bursztein et al., gives a more organized definition, who characterize a Cloud as a " parallel and disseminated framework comprising of an accumulation of interconnected and virtualized PCs that are progressively provisioned and exhibited as one or more bound together registering assets in light of administration level assertion". One of the key components describing Cloud
  • 4. figuring is the capacity of conveying both base and programming as administrations. There are several security threats that come along with cloud computing such as session hijacking. The term Session hijacking stand for the misuse of quickly running session. Now and then it frequently alludes as a session key, it is utilized to pick up the unapproved increase to a framework or adventure administrations in the PC. At the point when an enchantment treat that is utilized to verify the client to the server is stolen and utilized for the unapproved handbag is alluded as session seizing. By and large it applies to the web designers, as HTTP cookies are utilized to keep up the session on a website can be effectively stolen by an aggressor or the assailant can use by obtaining entrance to the PC where he can locate the shared cookies (Dacosta et al., 2012).1.1 Motivation for the study Distributed computing has based on industry improvements leveraging so as to the date from the 1980s outsourced framework administrations, facilitated applications and programming as an administration (Mell & Grance, 2011). In all parts, the systems utilized are not unique. In total, it is something altogether different. The distinctions give both advantages and issues to the association coordinating with the cloud. The expansion of versatility and pay-as-you-go to this accumulation of advances makes distributed computing convincing to Chief Information Officers (CIO’s) in organizations of all sizes. Cloud combination presents interesting difficulties to occurrence handlers and additionally to those in charge of getting ready and arranging the agreement for cloud administrations. The difficulties are further entangled when there is a predominant observation that the cloud coordination is "inside the security Edge, or the association has been expressed in composed that an assertion required the supplier to be protected, this must be adequate (ComPUtING, 2011). This kind of intuition may be innocent at the same time, shockingly, it is not uncommon. The cloud supplier may have a
  • 5. lot of implicit securities or they may not. Whether they do or not, episode taking care of Incident Handling (IH) groups will in the long run face occurrences identified with the joining, requiring getting ready for taking care of occurrences in this new environment (Dinh et al., 2013). The effects of cloud mix warrant a watchful examination by an association before execution. A presentation of a troublesome innovation, for example, distributed computing can make both definition and documentation of administrations, approaches, and techniques hazy in a given domain. Therefore, there is the need for any organization to understand clearly cloud computing and everything it entails to have a secure implementation that is free from attacks. 1.2 Premises of the study This study gives an overview of cloud computing and discuss what security on Cloud computing means. It also discusses what session hijacking is and the ways in which it can be mitigated and eliminated. Furthermore, the study makes it easy for the reader to understand what the benefits and vulnerabilities of moving toward Cloud computing are. It is additionally surely known that comprehensive danger and security control is not prescribed by all Cloud figuring usage. The level of control ought to dependably rely on upon former assessment. Be that as it may, there are still part of open examination territories on enhancing Cloud processing security, some of those are; Forensics and confirmation gathering components, asset segregation instruments and interoperability between cloud suppliers.1.3 Problem Statement Distributed computing is the rising innovation that empower clients to get to their assets on-interest premise. These assets can be got to through the web. It is accentuation on the pay per use idea. Numerous organizations have begun moving towards cloud advancement and give administrations to the vast volume of clients. It offers clients with moment accessibility, adaptability and sharing of assets. In any case, there are bunches of obstacles and obstructions in the reception of cloud are security and protection issues. At the point when the
  • 6. ventures or people store their information on to the cloud, it must be shielded from unapproved clients/programmers getting to their information. It represents a noteworthy security challenge regarding the information since the capacity area of information is not known not. So keeping the information sheltered and securing the information protection is one of the key testing exploration meets expectations in distributed computing 1.4 Technical objectives of the study The research objectives of the study are: i. To evaluate the concept of cloud computing the security issues associated with it. ii. To find out what session hijacking in cloud computing means iii. To evaluate how session hijacking attack happens iv. To examine detection and the prevention techniques of session hijacking attack CHAPTER TWO2.0 RELATED WORK2.1 Issues with Cloud Computing Currently, cloud computing presents a genuine worry with information being concentrated outside the control of organizations. Touchy information will now be under the control of an outsider, and as indicated by a few specialists this is a consistent issue and some vibe that this is most likely going
  • 7. to be the end of secret records administration (Zissis & Lekkas, 2012). With regards to the divulgence arrangements, a few individuals don't know where to take a stand and intentionally or unconsciously impart key data and to information out on the outside space that worry turns out to be considerably more basic. With everything open through the web, business will be reliant on the system and the administration supplier's base. Business will stop if the system/web is down. As showed by Zissis & Lekkas, right now in the IT world when there is the need to investigate an issue, one point of preference to support us is that the application logs and the database are inside of the premises of the undertaking. With the movement of the cloud, this perspective will be lost and in this way uncommon bolster or contract tying needs will arrive between the administration supplier and the business for e-disclosure. With business delicate inward information being kept up by the merchant the reliance on the seller's one of a kind Application Program Interface (API) and exclusive interfaces could make a conceivable lock-in with the merchant. On the off chance that under some situation the business is disappointed with the merchant, moving to another seller implies information should be reformatted and changed over which can be tedious and costly (Feng et al., 2011).2.2 ANALYSIS OF SESSION HIJACKING The most widely used method of following a client login state is using cookies. The procedure is very basic, go to a page and enter the login id and secret key. In the event that the data gave the right, the following reaction is like a treat that interestingly distinguishes a specific client. So as to check the login qualifications, cookies checked for every page of the site, and it confirms your creativity by being in place until you sign out (Bharti et al., 2013).2.2.1 Cookies: At the point when the client runs a machine, the machine stores a little content record that is called as cookies. Cookies are plain content; they don't contain any executable codes. A site page or disjoin teaches a specific program to store the data and
  • 8. sent it back at whatever point there is a solicitation taking into account certain tenets. Lion's share of locales recognizes the clients by these treats. A client login state is finished by utilizing cookies. The procedure is very straightforward, go to a page and enter the login id and secret word. In the event that the data gave the right, the following reaction is like a cookie that exceptionally recognizes a specific client. With a particular final objective to find out the login capabilities, cookies are checked for every page of the site, and it confirms your creativity by being in place until you sign out (Bursztein et al., 2012).2.2.2 TCP session capturing In the TCP session capturing, the assailant assumes control over the TCP session between the two PCs. As the vast majority of the verification is done at the beginning of the session, this permits the programmer to increase over the machines. One of the regular techniques utilized is source-steered of IP parcels. It is by and large centre in the centre sort of assault, where a programmer a point B catches the discussion between the A and C by urging the bundles to go through the assailant’s computer (Oti & Hayfron, 2014). Despite the fact that the source directing is killed, the aggressor can utilize a technique called visually impaired capturing, where the assailant tries to figure the reaction between the two machines. On the off chance that he is fruitful, then the programmer sends an order yet he can never see the reaction yet however a typical summon is similar to the secret word, which permits to access from some other spot in the system Subashini & Kavitha, (2011). One of the reasons for such an assault is to bring about the disavowal of administration assault toward one side point with the goal that it won't react. This assault can drive the machine to crash, or it can constrain the system association for overwhelming bundle misfortune.2.3 PREVENTING SESSION HIJACKING2.3.2 Information encryption programming The Internet as said before keeps running on intermediary servers and through host servers. The intermediary servers serve
  • 9. as the centre for application benefits that permit an assortment of conventions, for example, Telnet, SMTP, FTP, and HTTP and so forth to exchange data (Oti & Hayfron, 2014). Host servers then again utilize these administrations, however, are not associated specifically with different servers. In case, there is any intermediary server application, the customer associated with the intermediary server that starts the association with the outer server. Sometimes relying upon the sort of intermediary server utilized, the inner customers can perform redirection without the client being mindful of it. The intermediary server then starts the association through determined organization. This keeps the clients from being assaulted by outside servers as intermediary servers require validation before access is conceded. The entrance control list convention must be overhauled before the client or framework is permitted to have entry to the system. More advanced intermediary servers called Application Layer Gateways, or ALGs can further improve security by designing and blocking subsections of conventions. For instance, an ALG for FTP can permit "get" order and forbid "put" summon so that the clients can't put any records on the remote server. This kind of shifting of charges is successful when contrasted with the host servers that just has the ability of the completely permit server to communicate with different servers/clients or thoroughly deny the administration (Bharti et al., 2013).2.3.3 Virus Detection Applications Now and again one peruses of vindictive bugs and infections like Melissa and Love Bug that keep running in email script and focus on the clients by entering their frameworks and wreck programs and so forth. A reason bugs and infections effortlessly get to clients' framework is because of the way that these objective Microsoft items, for example, Internet Explorer and Outlook Express The most well-known interface among buyer IE is helpless against assaults as well as being focused by culprits. The viewpoint, for instance, is a powerless instrument as it naturally opens email as read when a client taps on another email. Thus, the infection is activated notwithstanding when the
  • 10. client endeavors to erase the spontaneous email by tapping on it (Broad, 2013). Broad additionally asserts that "The shots of a PC infection getting to your framework may be under 1% or more prominent than 10% relying upon where you surf, who sends you email connections, and so forth., yet in the end an infection will draw near to you- - if not really pulverize information and consequently deny you of hours of diligent work." For this reason, there is more explanation behind taking prudent measures for infection assaults. To detect and mitigate threats, Broad prescribes clients to introduce an in number programming that is hostile enough to prevent infections. Moreover, the client additionally has the decision of utilizing Netscape as an interface and Eudora for email perusing. These items, however, may not bolster the greater part of the administrations that Microsoft brings to the table yet they keep infections from assaulting the entire framework. Eudora, for instance, is a sheltered email program and can be utilized to control spontaneous messages also.2.3.4 Digitized Signature The critical part of the computerized correspondence is that the Internet does not offer secure transmission. Online email sessions particularly are being hacked, and messages read o a general premise. Programmers can sniff open sessions and get passwords in content structure; they may hack into corporate records through checking apparatuses for producing passwords secured email accounts and so on. To neutralize these occasions of security rupture, advanced marks have been made through Public Key Infrastructure or PKI (Wedman et al., 2013). The PKI is essentially an advanced information transmission device for secure Internet communication. The PKI depends on encryption involving keys to ensure the computerized data. The trustworthiness and classification of the computerized data are guaranteed as it is just available for the planned collector. The sender has an open key that can use to encode a message; the message is then sent to the collector. The collector as a private key that he can use to unscramble the data. The PKI is affirmed,
  • 11. issued and oversaw by neighbourhood accreditation power. Like this just the sender, recipient, and the confirmation power can have admittance to the data being sent. Today there are different sorts of PKI and oversaw by a large group of confirmation houses. As per Wedman (2013), in spite of the positive side of PKI, the innovation is not without pitfalls of its own. One is that the PKI accreditation is not a proof that data won't be gotten to by outside clients. Rather it only ensures that the organization that issues the PKI will secure the keys issued to the clients. A large group of PKI organizations, for example, RSA Security, Entrust, and Verisign have ended up and declare themselves as advanced affirmation powers though this has not been recognized by the administration or any official substance (Broad, 2013). Therefore, there are some enterprises that don't completely hold onto PKI as they realize that the freeware form of the apparatuses are accessible to everybody, and it is hard to prevent assailants from formulating approaches to go into the accreditation center point and get to keys information.2.3.5 Computerized Authentication Computerized authentications are a standout amongst the most utilized security strategies. They are given by outside accreditation power that checks the candidate's character and creates authentication for lawful exchanges. The authentications guarantee that the electronic message, for example, charge card data and other individual points of interest are not altered amid transmission on the Internet. The computerized marks depend on encryption calculation for scrambling and unscrambling of the same. The two most normal security conventions in computerized accreditation are SSL (secure attachments layer) by Netscape and SET (secure electronic exchange) by Visa International. These have been created to guarantee that charge card clients' security when they are exchanging on the web. The SET uses computerized declarations to recognize the purchaser, server and shipper bank. In such manner the SET representative's open key cryptography to secure the messages (Valacich & Schneider, 2014)2.3.6 Firewalls
  • 12. Firewalls essentially work on multilevel security by first raising a boundary between the system that is the private system and the Internet. The firewall then screens the activity with particular attributes and permit it to go through entryways to the client machine. At the point when an advanced movement does not agree to the firewall criteria, then the data can't go through the passages in this manner avoiding unapproved activity, for example, infections and bugs from going into the PC. The most imperative piece of building a firewall is setting criteria for parcels to have an entry or denied at the portals. Contingent upon the way of the activity system managers can set up the sorts firewalls (Broad, 2013)2.3.7 Surf Anonymously As indicated by Wedman et al., (2013) clients can maintain a strategic distance from assailants by surfing secretly. Surfers tend to client either IE or Netscape for their skimming reason. These programs not just are most regularly utilized they are additionally powerless against online aggressors. For instance, they may give out data that are put away as Cookies or get to be held up in the machine's store. Individual data, for example, passwords, information shared, mailing records or Mastercard data, and so on stays open to the aggressors the length of the client is online and not logged out of the site. Correspondingly, sites dispatch mystery projects to publicize or keep an eye on client exercises called Fries that get to be stopped into the program. These are intended to peruse keystrokes and logged for publicizing utilization.
  • 13. CHAPTER THREE3.0 RESEARCH METHODOLOGY AND DESIGN3.1 Introduction This part depicts the examination technique that was utilized in doing the study; it also contains the target population, and the sampling design, test of reliability and validity, data collection procedures and data analysis.3.2 Research Design According to Takhar & Ghorbani, (2015), a research design is a master plan/framework or blueprint specifying the strategies and techniques for gathering and investigating the required data. The study will receive illustrative exploration outline. This kind of exploration configuration reports things the way they are and endeavours to depict such things as could reasonably be expected conduct, mentalities, qualities, and attributes. This exploration design will also be suitable because it will be concerned with describing the characteristics of particular individual or group of individuals. The study will be aimed at describing the state of affairs as it is and, therefore, consider the descriptive research design to be the most appropriate for this study. As asserted by Takhar & Ghorbani, (2015), a descriptive study tries to discover answers to who, what, when, where, and sometimes how questions.3.3 Data Collection Instruments The research will focus on data sources such as institution library, online educational libraries, peer-reviewed articles books and journals also available online. The justification for the use of online sources is that they are economical to use in terms of time and money. They also permit a greater depth of response.3.4 Methods of data Analysis and expected results Data collected from all the sources will be edited and coded for analysis. It will be analyzed quantitatively and qualitatively. Quantitative information will be investigated through the utilization of elucidating measurements .charts, tables, and
  • 14. percentages for data representation. The qualitative information will be dissected through substance investigation. It is normal that the data collected from the different sources will be analyzed and interpreted making it easily understood by the reader. The outcomes of this analysis are expected to teach the reader on cloud computing and session hijacking as well as the best ways of ensuring security in cloud computing.3.5 Time tables DESCRIPTION START DATE DURATION (days) END DATE Research topics of interest 01-Dec-14 90 01-Mar-15 Develop research questions and aims 04-Mar-15 8 11-Mar Reading on literature review 13-Mar-15 22 03-Apr-15 Write up proposal 05-Apr-15 29 03-May-15 Submit research proposal 05-May-15 22 26-May-15 Continue lit review and data collection 15-Jun-15 36 20-Jul-15
  • 15. Analyse collected data from lit review 27-Jul-15 8 03-Aug-15 Write up lit review, methodology, and analysis 10-Aug-15 18 27-Aug-15 Write up conclusion, introduction and discussion 31-Aug-15 8 07-Jul-15 Send sample pages to supervisor 14-Sep-15 11 24-Sep-15 Write up the reflection and action plan paper 28-Sep-15 8 05-Oct-15 Proof read of dissertation and binding 12-Oct-15 8 19-Oct-15 Hand in dissertation 20-Oct-15 1 20-Oct-15 3.6 Conclusion Distributed computing can be seen as a subset of framework processing as they have the same advances and keep up the key ideas of the newly disseminated figuring worldview. It can offer practicality, conveying moment IT system base to new clients in any possible division. Rather than spending significant measures of cash and time building up a fresh out of the plastic new system, clients can 'module' to a current cloud framework
  • 16. and be up and running immediately. Also, Cloud figuring offers the possibility to retrieve topographical hindrances to convey processing energy to groups that beforehand did not have practical access. For instance, through satellite broadband associations, remote third world areas can as of now get entrance to first world centralized computers. Everything they need is to be outfitted with ease essential portable PC equipment. This innovation offers colossal open doors and is prone to change profoundly the way individuals utilize the Internet in the coming years. By adding to a general reception system, or essentially simply perceiving the significance of the more extensive variables specified above, clients and associations can lessen the potential dangers, for example, session capturing and guarantee they get the most extreme conceivable advantage from their adventure into the cloud. The study above has unmistakably explained the powerlessness issue of session capturing and the routes in which people and association can work day and night to execute productive yet secure appropriated processing advances. Nonetheless, it ought to be noticed that distributed computing is a constantly advancing idea, and more research should be done on methods for improving the security prerequisites for its foundation and additional methods for conquering the security risk of session capturing REFERENCES Bursztein, E., Soman, C., Boneh, D., & Mitchell, J. C. (2012, April). Sessionjuggler: secure web login from an untrusted terminal using session hijacking. In Proceedings of the 21st international conference on World Wide Web (pp. 321-330). ACM. Bharti, A. K., Goyal, M., & Chaudhary, M. (2013). A Review on Detection of Session Hijacking and Ip Spoofing. International Journal of Advanced Research in Computer Science, 4(9). Broad, J. (2013). Risk Management Framework: A Lab-Based Approach to Securing Information Systems. Newnes.
  • 17. ComPUtING, C. (2011). Cloud computing privacy concerns on our doorstep. Communications of the ACM, 54(1). Dinh, H. T., Lee, C., Niyato, D., & Wang, P. (2013). A survey of mobile cloud computing: architecture, applications, and approaches. Wireless communications and mobile computing, 13(18), 1587-1611. Dacosta, I., Chakradeo, S., Ahamad, M., & Traynor, P. (2012). One-time cookies: Preventing session hijacking attacks with stateless authentication tokens. ACM Transactions on Internet Technology (TOIT), 12(1), 1. Feng, D. G., Zhang, M., Zhang, Y., & Xu, Z. (2011). Study on cloud computing security. Journal of software, 22(1), 71-83. http://searchmidmarketsecurity.techtarget.com/tip/Defending- against-Firesheep-How-to-prevent-a-session-hijacking-attack. Mell, P., & Grance, T. (2011). The NIST definition of cloud computing. Oti, S. B., & Hayfron-Acquah, J. B. (2014). Practical Security Approaches against Border Gateway Protocol (BGP) Session Hijacking Attacks between Autonomous Systems. Journal of Computer and Communications, 2014. Subashini, S., & Kavitha, V. (2011). A survey on security issues in service delivery models of cloud computing. Journal of network and computer applications, 34(1), 1-11. Takhar-Lail, A., & Ghorbani, A. (2015). Market Research Methodologies: Multi-Method and Qualitative. Wedman, S., Tetmeyer, A., & Saiedian, H. (2013). An analytical study of web application session management mechanisms and HTTP session hijacking attacks. Information Security Journal: A Global Perspective, 22(2), 55-67. Valacich, J., & Schneider, C. (2014). Information Systems Today: Managing in the Digital World with MyITLab. Policy Statement. Zissis, D., & Lekkas, D. (2012). Addressing cloud computing security issues. Future Generation computer systems, 28(3), 583-592.