A traditional computing environment requires a costly
infrastructure to offer a better service to users. The introduction
of cloud computing has changed the working environment from
traditional to virtual. A larger number of IT companies are
utilizing the cloud. On the one hand, the cloud attracts more
number of consumers by offering services with minimized
capital cost and virtual infrastructure. On the other hand, there
are a risk and security challenges in cloud computing that
makes the user not to move completely towards it. The cloud
environment is more vulnerable to security breaches and data
theft. Moreover, insider attacks are more frequent in larger
enterprises. An unauthenticated user can cause more damage
to company reputation. The cloud service providers are trying
to provide a secure work environment for users. However,
there is a lack of global standards and policies to invoke
security measures in cloud computing. This study aims to
highlight and classify security challenges and trust issues in the
cloud environment.
The survey was conducted in various institutions and
governmental organizations in Saudi Arabia to study the
opinions of stakeholders on cloud computing security
challenges and risks.
Links:
http://sites.google.com/site/ijcsis/
https://google.academia.edu/JournalofComputerScience
https://www.linkedin.com/in/ijcsis-research-publications-8b916516/
http://www.researcherid.com/rid/E-1319-2016
Cloud computing has become one of the most interesting topics in the IT world today. Cloud model of computing as a resource has changed the landscape of computing as it promises of increased greater reliability, massive scalability, and decreased costs have attracted businesses and individuals alike. It adds capabilities to Information Technology’s. Over the last few years, cloud computing has grown considerably in Information Technology. As more and more information of individuals and companies are placed in the cloud, there is a growing concern about the safety of information. Many Companies that are considered to be giants in software industry like Microsoft are joining to develop Cloud services [1]. Despite the hype about the cloud, customers are reluctant to deploy their business in the cloud. Security issues is one of the biggest concerns that has been affecting the growth of cloud computing .It adds complications with data privacy and data protection continues to affect the market. Users need to understand the risk of data breaches in the cloud environment. The paper highlights issues related to cloud computing.
A survey on data security in cloud computing issues and mitigation techniqueseSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Abstract: Distributed computing is a situated of IT administrations that are given to a client more than a system on a rented premise and with the capacity to scale up or down their administration necessities. Generally cloud registering administrations are conveyed by an outsider supplier who possesses the foundation. It favorable circumstances to specify yet a couple incorporate versatility, strength, adaptability, productivity and outsourcing non-center exercises. Distributed computing offers an imaginative plan of action for associations to receive IT benefits without forthright speculation. Notwithstanding the potential increases accomplished from the distributed computing, the associations are moderate in tolerating it because of security issues and difficulties connected with it. Security is one of the significant issues which hamper the development of cloud. The thought of giving over vital information to another organization is troubling; such that the shoppers should be cautious in comprehension the dangers of information breaks in this new environment. This paper presents a point by point examination of the distributed computing security issues furthermore, difficulties concentrating on the distributed computing sorts and the administration conveyance sorts.Keywords: Cloud Computing, Scalability, Infrastructure, IT.
Title: Cloud Computing Security Issues and Challenges
Author: Nishant Katiyar
ISSN 2350-1022
International Journal of Recent Research in Mathematics Computer Science and Information Technology
Paper Publications
I want to thank everyone who attended this presentation at AFCOM Data Center World Fall 2011 in Orlando, FL.
Studies show the number of data centers deploying virtual cloud computing will rapidly increase in the next five years. Other studies show that the number of Internet attacks and their level of sophistication will also grow significantly. This session identifies approaches to reduce the risk of business disruptions resulting from inadequate virtual security controls in a data center. It will cover utilizing best practices for security configurations, measuring information security status, and making rational decisions about security investments.
Connect with me if you have any questions or need additional information.
Please favorite this if you like it. I look forward to seeing you again soon.
Regards,
Hector Del Castillo
http://linkd.in/hdelcastillo
Cloud computing has become one of the most interesting topics in the IT world today. Cloud model of computing as a resource has changed the landscape of computing as it promises of increased greater reliability, massive scalability, and decreased costs have attracted businesses and individuals alike. It adds capabilities to Information Technology’s. Over the last few years, cloud computing has grown considerably in Information Technology. As more and more information of individuals and companies are placed in the cloud, there is a growing concern about the safety of information. Many Companies that are considered to be giants in software industry like Microsoft are joining to develop Cloud services [1]. Despite the hype about the cloud, customers are reluctant to deploy their business in the cloud. Security issues is one of the biggest concerns that has been affecting the growth of cloud computing .It adds complications with data privacy and data protection continues to affect the market. Users need to understand the risk of data breaches in the cloud environment. The paper highlights issues related to cloud computing.
A survey on data security in cloud computing issues and mitigation techniqueseSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Abstract: Distributed computing is a situated of IT administrations that are given to a client more than a system on a rented premise and with the capacity to scale up or down their administration necessities. Generally cloud registering administrations are conveyed by an outsider supplier who possesses the foundation. It favorable circumstances to specify yet a couple incorporate versatility, strength, adaptability, productivity and outsourcing non-center exercises. Distributed computing offers an imaginative plan of action for associations to receive IT benefits without forthright speculation. Notwithstanding the potential increases accomplished from the distributed computing, the associations are moderate in tolerating it because of security issues and difficulties connected with it. Security is one of the significant issues which hamper the development of cloud. The thought of giving over vital information to another organization is troubling; such that the shoppers should be cautious in comprehension the dangers of information breaks in this new environment. This paper presents a point by point examination of the distributed computing security issues furthermore, difficulties concentrating on the distributed computing sorts and the administration conveyance sorts.Keywords: Cloud Computing, Scalability, Infrastructure, IT.
Title: Cloud Computing Security Issues and Challenges
Author: Nishant Katiyar
ISSN 2350-1022
International Journal of Recent Research in Mathematics Computer Science and Information Technology
Paper Publications
I want to thank everyone who attended this presentation at AFCOM Data Center World Fall 2011 in Orlando, FL.
Studies show the number of data centers deploying virtual cloud computing will rapidly increase in the next five years. Other studies show that the number of Internet attacks and their level of sophistication will also grow significantly. This session identifies approaches to reduce the risk of business disruptions resulting from inadequate virtual security controls in a data center. It will cover utilizing best practices for security configurations, measuring information security status, and making rational decisions about security investments.
Connect with me if you have any questions or need additional information.
Please favorite this if you like it. I look forward to seeing you again soon.
Regards,
Hector Del Castillo
http://linkd.in/hdelcastillo
Enhancing Data Integrity in Multi Cloud StorageIJERA Editor
Cloud computing is a way to increase the capacity or add capabilities dynamically without investing in new infrastructure, training new personnel, or licensing new software. Cloud is surrounded by many security issues like securing data and examining the utilization of cloud by the cloud computing vendors. Security is one of the major issues which reduce the growth of cloud computing. A large number of clients or data owners store their data on servers in the cloud and it is provided back to them whenever needed. The data provided should not be jeopardized. Data integrity should be taken into account so that the data is correct, consistent and accessible. For ensuring the integrity in cloud computing environment, cloud storage providers should be trusted. Dealing with single cloud providers is predicted to become less secure with customers due to risks of service availability, failure and the possibility of malicious insiders in the single cloud. This paper deals with multi cloud environments to resolve these issues. The integrity of the data in multi cloud storage has been provided with the help of trusted third party using cryptographic algorithm.
Cloud Computing Security Issues and ChallengesCSCJournals
Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.
Security of Data in Cloud Environment Using DPaaSIJMER
The rapid development of cloud computing is giving way to more cloud services, due to
which security of services of cloud especially data confidentiality protection, becomes more critical.
Cloud computing is an emerging computing style which provides dynamic services, scalable and payper-use.
Although cloud computing provides numerous advantages, a key challenge is how to ensure
and build confidence that the cloud can handle user data securely. This paper highlights some major
security issues that exist in current cloud computing environments. The status of the development of
cloud computing security, the data privacy analysis, security audit, information check and another
challenges that the cloud computing security faces have been explored. The recent researches on data
protection regarding security and privacy issues in cloud computing have partially addressed some
issues. The best option is to build data-protection solutions at the platform layer. The growing appeal
of data protection as a service is that it enables to access just the resources you need at minimal
upfront expense while providing the benefits of enterprise-class data protection capabilities. The
paper proposes a solution to make existing developed applications for simple cloud Systems
compatible with DPaaS. The various security challenges have been highlighted and the various
necessary metrics required for designing DPaaS have been investigated.
Abstract--The paper identifies the issues and the solution to overcome these problems. Cloud computing is a subscription based service where we can obtain networked storage space and computer resources. This technology has the capacity to admittance a common collection of resources on request. It is the application provided in the form of service over the internet and system hardware in the data centers that gives these services. But having many advantages for IT organizations cloud has some issues that must be consider during its deployment. The main concern is security privacy and trust. There are various issues that need to be dealt with respect to security and privacy in a cloud computing scenario [4].
Keywords--Cloud, Issues, Security, Privacy, Resources, Technology.
The Riisk and Challllenges off Clloud ComputtiingIJERA Editor
Cloud computing is a computing technology aiming to share storage, computation, and services transparently
among a massive users. Current cloud computing systems pose serious limitation to protecting the confidentiality
of user data. Since the data share and stored is presented in unencrypted forms to remote machines owned and
operated by third party service providers despite it sensitivity (example contact address, mails), the risks of
disclosing user confidential data by service providers may be quite high and the risk of attacking cloud storage
by third party is also increasing. The purpose of this study is to review researches done on this technology,
identify the security risk and explore some techniques for protecting users‟ data from attackers in the cloud.
Security in Cloud Computing For Service Delivery Models: Challenges and Solut...IJERA Editor
Cloud computing, undoubtedly, is a path to expand the limits or add powerful capabilities on-demand with
almost no investment in new framework, training new staff, or authorizing new software. Though today
everyone is talking about cloud but, organizations are still in dilemma whether it’s safe to deploy their business
on cloud. The reason behind it; is nothing but Security. No cloud service provider provides 100% security
assurance to its customers and therefore, businesses are hesitant to accept cloud and the vast benefits that come
along with it. The absence of proper security controls delimits the benefits of cloud. In this paper, a review on
different cloud service models and a survey of the different security challenges and issues while providing
services in cloud is presented .The paper focuses on the security issues specific to service delivery model (SaaS,
IaaS and PaaS) of cloud environment. This paper also explores the various security solutions currently being
applied to protect cloud from various kinds of intruders.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
Public Key Encryption algorithms Enabling Efficiency Using SaaS in Cloud Comp...Editor IJMTER
The Most great challenging in Cloud computing is Security. Here Security plays key role
in this paper proposed concept mainly deals with security at the end user access. While coming to the
end user access that are connected through the public networks. Here the end user wants to access his
application or services protected by the unauthorized persons. In this area if we want to apply
encryption or decryption methods such as RSA, 3DES, MD5, Blow fish. Etc.,
Whereas we can utilize these services at the end user access in cloud computing. Here there is
problem of encryption and decryption of the messages, services and applications. They are is lot of
time to take encrypt as well as decrypt and more number of processing capabilities are needed to use
the mechanism. For that problem we are introducing to use of cloud computing in SaaS model. i.e.,
scalable is applicable in this area so whenever it requires we can utilize the SaaS model.
In Cloud computing use of computing resources (hardware and software) that are delivered as a
service over Internet network. In advance earlier there is problem of using key size in various
algorithm like 64 bit it take some long period to encrypt the data.
Cloud computing is a revolutionary way of storing and accessing data with five essential characteristics, three service models, and four deployment models. Businesses have realized the tremendous potentiality and benefits of cloud computing and have accepted the technology, but still a small amount of scepticism hovers around. In defiance of its potential characteristics, the organizations risk their sensitive data by storing it in the cloud. In this paper, we have identified various privacy and security challenges associated with the novelty of cloud computing. The security and privacy challenge listed in this paper perceives demand for implementation of sophisticated technologies to deal with them. Gopal K. Shyam | Mir Abdul Samim Ansari"Security Concerns in Cloud Computing" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-2 | Issue-5 , August 2018, URL: http://www.ijtsrd.com/papers/ijtsrd18306.pdf http://www.ijtsrd.com/computer-science/distributed-computing/18306/security-concerns-in-cloud-computing/gopal-k-shyam
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
Cloud computing is very useful then also its own set of cons discourage cloud users to choose them as a best option. The multitenant architecture of cloud exposed to several threats such as improper trust management at service provider site, Storage security, Shared technology vulnerabilities, data lost/leakage during transit, unauthorized access of data. This paper studied review work on cloud steganography.
Security Issues’ in Cloud Computing and its Solutions. IJCERT JOURNAL
Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
International Journal of Computational Engineering Research(IJCER)ijceronline
International Journal of Computational Engineering Research(IJCER) is an intentional online Journal in English monthly publishing journal. This Journal publish original research work that contributes significantly to further the scientific knowledge in engineering and Technology.
A Comprehensive Review on Data Security and Threats for Data Management in Cl...AJASTJournal
The cloud is a network of virtual computers that are linked together and may exhibit and offer computational capabilities continuously depending on certain Service Level Agreements (SLAs) that have been agreed between the parties to a contract between the clients and the internet provider. Cloud computing has several benefits, including endless computational resources, cheap cost, security controls, hypervisor protection, instantaneous elasticity, high throughput, and fault-tolerant solutions with increased performance. Since cloud computing is a comparatively recent computing model, there exists a lot of uncertainty about how well confidentiality of all levels, including host, network, data levels, and implementation, can be achieved. As a result, there still are important obstacles to cloud computing adoption. These constraints include security issues concerning privacy, compliance, and legal issues. When databases and software applications are moved from the cloud to large data centers, data management becomes a major challenge. Numerous security issues may develop while using cloud computing, including issues with privacy and control, virtualization and accessibility issues, confidentiality, management of credentials and identities, authentication of responding devices, and authenticity. In this paper, an effort is made to offer a comprehensive review of data security and threats in cloud computing.
Enhancing Data Integrity in Multi Cloud StorageIJERA Editor
Cloud computing is a way to increase the capacity or add capabilities dynamically without investing in new infrastructure, training new personnel, or licensing new software. Cloud is surrounded by many security issues like securing data and examining the utilization of cloud by the cloud computing vendors. Security is one of the major issues which reduce the growth of cloud computing. A large number of clients or data owners store their data on servers in the cloud and it is provided back to them whenever needed. The data provided should not be jeopardized. Data integrity should be taken into account so that the data is correct, consistent and accessible. For ensuring the integrity in cloud computing environment, cloud storage providers should be trusted. Dealing with single cloud providers is predicted to become less secure with customers due to risks of service availability, failure and the possibility of malicious insiders in the single cloud. This paper deals with multi cloud environments to resolve these issues. The integrity of the data in multi cloud storage has been provided with the help of trusted third party using cryptographic algorithm.
Cloud Computing Security Issues and ChallengesCSCJournals
Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.
Security of Data in Cloud Environment Using DPaaSIJMER
The rapid development of cloud computing is giving way to more cloud services, due to
which security of services of cloud especially data confidentiality protection, becomes more critical.
Cloud computing is an emerging computing style which provides dynamic services, scalable and payper-use.
Although cloud computing provides numerous advantages, a key challenge is how to ensure
and build confidence that the cloud can handle user data securely. This paper highlights some major
security issues that exist in current cloud computing environments. The status of the development of
cloud computing security, the data privacy analysis, security audit, information check and another
challenges that the cloud computing security faces have been explored. The recent researches on data
protection regarding security and privacy issues in cloud computing have partially addressed some
issues. The best option is to build data-protection solutions at the platform layer. The growing appeal
of data protection as a service is that it enables to access just the resources you need at minimal
upfront expense while providing the benefits of enterprise-class data protection capabilities. The
paper proposes a solution to make existing developed applications for simple cloud Systems
compatible with DPaaS. The various security challenges have been highlighted and the various
necessary metrics required for designing DPaaS have been investigated.
Abstract--The paper identifies the issues and the solution to overcome these problems. Cloud computing is a subscription based service where we can obtain networked storage space and computer resources. This technology has the capacity to admittance a common collection of resources on request. It is the application provided in the form of service over the internet and system hardware in the data centers that gives these services. But having many advantages for IT organizations cloud has some issues that must be consider during its deployment. The main concern is security privacy and trust. There are various issues that need to be dealt with respect to security and privacy in a cloud computing scenario [4].
Keywords--Cloud, Issues, Security, Privacy, Resources, Technology.
The Riisk and Challllenges off Clloud ComputtiingIJERA Editor
Cloud computing is a computing technology aiming to share storage, computation, and services transparently
among a massive users. Current cloud computing systems pose serious limitation to protecting the confidentiality
of user data. Since the data share and stored is presented in unencrypted forms to remote machines owned and
operated by third party service providers despite it sensitivity (example contact address, mails), the risks of
disclosing user confidential data by service providers may be quite high and the risk of attacking cloud storage
by third party is also increasing. The purpose of this study is to review researches done on this technology,
identify the security risk and explore some techniques for protecting users‟ data from attackers in the cloud.
Security in Cloud Computing For Service Delivery Models: Challenges and Solut...IJERA Editor
Cloud computing, undoubtedly, is a path to expand the limits or add powerful capabilities on-demand with
almost no investment in new framework, training new staff, or authorizing new software. Though today
everyone is talking about cloud but, organizations are still in dilemma whether it’s safe to deploy their business
on cloud. The reason behind it; is nothing but Security. No cloud service provider provides 100% security
assurance to its customers and therefore, businesses are hesitant to accept cloud and the vast benefits that come
along with it. The absence of proper security controls delimits the benefits of cloud. In this paper, a review on
different cloud service models and a survey of the different security challenges and issues while providing
services in cloud is presented .The paper focuses on the security issues specific to service delivery model (SaaS,
IaaS and PaaS) of cloud environment. This paper also explores the various security solutions currently being
applied to protect cloud from various kinds of intruders.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
Public Key Encryption algorithms Enabling Efficiency Using SaaS in Cloud Comp...Editor IJMTER
The Most great challenging in Cloud computing is Security. Here Security plays key role
in this paper proposed concept mainly deals with security at the end user access. While coming to the
end user access that are connected through the public networks. Here the end user wants to access his
application or services protected by the unauthorized persons. In this area if we want to apply
encryption or decryption methods such as RSA, 3DES, MD5, Blow fish. Etc.,
Whereas we can utilize these services at the end user access in cloud computing. Here there is
problem of encryption and decryption of the messages, services and applications. They are is lot of
time to take encrypt as well as decrypt and more number of processing capabilities are needed to use
the mechanism. For that problem we are introducing to use of cloud computing in SaaS model. i.e.,
scalable is applicable in this area so whenever it requires we can utilize the SaaS model.
In Cloud computing use of computing resources (hardware and software) that are delivered as a
service over Internet network. In advance earlier there is problem of using key size in various
algorithm like 64 bit it take some long period to encrypt the data.
Cloud computing is a revolutionary way of storing and accessing data with five essential characteristics, three service models, and four deployment models. Businesses have realized the tremendous potentiality and benefits of cloud computing and have accepted the technology, but still a small amount of scepticism hovers around. In defiance of its potential characteristics, the organizations risk their sensitive data by storing it in the cloud. In this paper, we have identified various privacy and security challenges associated with the novelty of cloud computing. The security and privacy challenge listed in this paper perceives demand for implementation of sophisticated technologies to deal with them. Gopal K. Shyam | Mir Abdul Samim Ansari"Security Concerns in Cloud Computing" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-2 | Issue-5 , August 2018, URL: http://www.ijtsrd.com/papers/ijtsrd18306.pdf http://www.ijtsrd.com/computer-science/distributed-computing/18306/security-concerns-in-cloud-computing/gopal-k-shyam
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
Cloud computing is very useful then also its own set of cons discourage cloud users to choose them as a best option. The multitenant architecture of cloud exposed to several threats such as improper trust management at service provider site, Storage security, Shared technology vulnerabilities, data lost/leakage during transit, unauthorized access of data. This paper studied review work on cloud steganography.
Security Issues’ in Cloud Computing and its Solutions. IJCERT JOURNAL
Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
International Journal of Computational Engineering Research(IJCER)ijceronline
International Journal of Computational Engineering Research(IJCER) is an intentional online Journal in English monthly publishing journal. This Journal publish original research work that contributes significantly to further the scientific knowledge in engineering and Technology.
A Comprehensive Review on Data Security and Threats for Data Management in Cl...AJASTJournal
The cloud is a network of virtual computers that are linked together and may exhibit and offer computational capabilities continuously depending on certain Service Level Agreements (SLAs) that have been agreed between the parties to a contract between the clients and the internet provider. Cloud computing has several benefits, including endless computational resources, cheap cost, security controls, hypervisor protection, instantaneous elasticity, high throughput, and fault-tolerant solutions with increased performance. Since cloud computing is a comparatively recent computing model, there exists a lot of uncertainty about how well confidentiality of all levels, including host, network, data levels, and implementation, can be achieved. As a result, there still are important obstacles to cloud computing adoption. These constraints include security issues concerning privacy, compliance, and legal issues. When databases and software applications are moved from the cloud to large data centers, data management becomes a major challenge. Numerous security issues may develop while using cloud computing, including issues with privacy and control, virtualization and accessibility issues, confidentiality, management of credentials and identities, authentication of responding devices, and authenticity. In this paper, an effort is made to offer a comprehensive review of data security and threats in cloud computing.
A Comprehensive Review on Data Security and Threats for Data Management in Cl...AJASTJournal
The cloud is a network of virtual computers that are linked together and may exhibit and offer computational capabilities continuously depending on certain Service Level Agreements (SLAs) that have been agreed between the parties to a contract between the clients and the internet provider. Cloud computing has several benefits, including endless computational resources, cheap cost, security controls, hypervisor protection, instantaneous elasticity, high throughput, and fault-tolerant solutions with increased performance. Since cloud computing is a comparatively recent computing model, there exists a lot of uncertainty about how well confidentiality of all levels, including host, network, data levels, and implementation, can be achieved. As a result, there still are important obstacles to cloud computing adoption. These constraints include security issues concerning privacy, compliance, and legal issues. When databases and software applications are moved from the cloud to large data centers, data management becomes a major challenge. Numerous security issues may develop while using cloud computing, including issues with privacy and control, virtualization and accessibility issues, confidentiality, management of credentials and identities, authentication of responding devices, and authenticity. In this paper, an effort is made to offer a comprehensive review of data security and threats in cloud computing.
The Management of Security in Cloud Computing Ramgovind.docxcherry686017
The Management of Security in Cloud Computing
Ramgovind S, Eloff MM, Smith E
School of Computing, University of South Africa, Pretoria, South Africa
[email protected]; {eloff, smithe}@unisa.ac.za
Abstract—Cloud computing has elevated IT to newer limits
by offering the market environment data storage and capacity
with flexible scalable computing processing power to match
elastic demand and supply, whilst reducing capital expenditure.
However the opportunity cost of the successful implementation of
Cloud computing is to effectively manage the security in the
cloud applications. Security consciousness and concerns arise as
soon as one begins to run applications beyond the designated
firewall and move closer towards the public domain. The purpose
of the paper is to provide an overall security perspective of Cloud
computing with the aim to highlight the security concerns that
should be properly addressed and managed to realize the full
potential of Cloud computing. Gartner’s list on cloud security
issues, as well the findings from the International Data
Corporation enterprise panel survey based on cloud threats, will
be discussed in this paper.
Keywords- Cloud computing; Security; Public cloud, Private
cloud, Hybrid Cloud, policies, cloud transparency
I. INTRODUCTION
The success of modern day technologies highly depends on
its effectiveness of the world’s norms, its ease of use by end
users and most importantly its degree of information security
and control. Cloud computing is a new and emerging
information technology that changes the way IT architectural
solutions are put forward by means of moving towards the
theme of virtualisation: of data storage, of local networks
(infrastructure) as well as software [1-2].
In a survey undertaken by the International Data
Corporation (IDC) group between 2008 and 2009, the majority
of results point to employing Cloud computing as a low-cost
viable option to users [3]. The results also show that Cloud
computing is best suited for individuals who are seeking a
quick solution for startups, such as developers or research
projects and even e-commerce entrepreneurs. Using Cloud
computing can help in keeping one’s IT budget to a bare
minimum. It is also ideally suited for development and testing
scenarios. It is the easiest solution to test potential proof of
concepts without investing too much capital. Cloud computing
can deliver a vast array of IT capabilities in real time using
many different types of resources such as hardware, software,
virtual storage once logged onto a cloud. Cloud computing can
also be part of a broader business solution whereby prioritised
applications utilise Cloud computing functionality whilst other
critical applications maintain organisational resources as per
normal. This allows for cost saving whilst maintaining a secure
degree of control within an orgainsation.
Cloud computing can be seen as a service-oriented ...
International Journal of Engineering Research and Development (IJERD)IJERD Editor
journal publishing, how to publish research paper, Call For research paper, international journal, publishing a paper, IJERD, journal of science and technology, how to get a research paper published, publishing a paper, publishing of journal, publishing of research paper, reserach and review articles, IJERD Journal, How to publish your research paper, publish research paper, open access engineering journal, Engineering journal, Mathemetics journal, Physics journal, Chemistry journal, Computer Engineering, Computer Science journal, how to submit your paper, peer reviw journal, indexed journal, reserach and review articles, engineering journal, www.ijerd.com, research journals,
yahoo journals, bing journals, International Journal of Engineering Research and Development, google journals, hard copy of journal
Methodologies for Enhancing Data Integrity and Security in Distributed Cloud ...IIJSRJournal
Usually, cloud infrastructure is used individually by businesses, whereas the hybrid cloud would be a blend of two or many kinds of clouds. Because as clouds become increasingly common, safety issues also expanding. Because of such cybersecurity threats, numerous experts suggested procedures as well as ways to assure internet confidentiality. Providers of cloud-based services were accountable for the complete safety of cloud information. Nevertheless, since the clouds are accessible (easily accessible over the World wide web), much research has been conducted on cloud storage cybersecurity. This paper describes methods for enhancing security and reliability in decentralized cloud-based solutions, as well as suggests a few security solution methods of implementation.
Security threat issues and countermeasures in cloud computingJahangeer Qadiree
Cloud computing field has reached to the highest level of technical heights. The security problems of cloud computing hinders
its development. It is totally internet based technology where the resources and information shared on a distributed network. So
it is important for both provider as well as consumer to provide the security and trust to share the data for developing clou d
computing applications. Because now organizations are now moving fast towards the cloud. So there is the possibility of threats
that will harm the data on the cloud. In our paper we mainly focuses on security threats of cloud computing system also we
mention some solutions and countermeasures on these security problems
Cloud data security and various cryptographic algorithms IJECEIAES
Cloud computing has spread widely among different organizations due to its advantages, such as cost reduction, resource pooling, broad network access, and ease of administration. It increases the abilities of physical resources by optimizing shared use. Clients’ valuable items (data and applications) are moved outside of regulatory supervision in a shared environment where many clients are grouped together. However, this process poses security concerns, such as sensitive information theft and personally identifiable data leakage. Many researchers have contributed to reducing the problem of data security in cloud computing by developing a variety of technologies to secure cloud data, including encryption. In this study, a set of encryption algorithms (advance encryption standard (AES), data encryption standard (DES), Blowfish, Rivest-Shamir-Adleman (RSA) encryption, and international data encryption algorithm (IDEA) was compared in terms of security, data encipherment capacity, memory usage, and encipherment time to determine the optimal algorithm for securing cloud information from hackers. Results show that RSA and IDEA are less secure than AES, Blowfish, and DES). The AES algorithm encrypts a huge amount of data, takes the least encipherment time, and is faster than other algorithms, and the Blowfish algorithm requires the least amount of memory space.
Cloud computing is a progressive innovation that has achieved new extravagances in the field of
Information Technology. It gives a wellspring of information and application programming stockpiling as
colossal server farms called 'mists', which can be gotten to with the assistance of a system association.
These mists boost the capacities of undertakings with no additional set-up, faculty or permitting costs.
Mists are for the most part sent utilizing Public, Private or Hybrid models relying on the necessities of the
client. In this paper, we have explored the distributed computing engineering, concentrating on the
elements of the Public, Private and Hybrid cloud models. There is a dire need to examine the performance
of a cloud environment on several metrics and enhance its usability and capability. This paper aims at
highlighting important contributions of various researchers in domains like computational power,
performance provisioning, Load balancing and SLAs.
Cloud computing is a model which uses the mixture concept of “software-as-a-service” and “utility computing”, and provides
various on-demand services in a convenient way requested end users. It is internet based where resources are shared and the
information is available for on demand service users. Security issue in Cloud computing is the important and critical issues
because the resources are distributed. Both the Cloud provider and the cloud consumer should be fully sure that the cloud is safe
enough from all the external threats so that the customer does not face any kind of problem like loss or theft of their valua ble
data. There is also a possibility where a malicious user can penetrate the cloud by imitate an authorized user, and affect with a
virus to the entire cloud and affects many customers who are sharing the infected cloud. In this paper we firstly lists the
parameters that affects the security of the cloud then it explores the security issues of cloud computing and the troubles faced by
providers and consumers about their data, privacy, and infected application and security issues. It also presents some security
solutions for tackling these issues and problems.
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTINGijsptm
In the digital world using technology and new technologies require safe and reliable environment, and it also requires consideration to all the challenges that technology faces with them and address these challenges. Cloud computing is also one of the new technologies in the IT world in this rule there is no exception. According to studies one of the major challenges of this technology is the security and safety required for providing services and build trust in consumers to transfer their data into the cloud. In this paper we attempt to review and highlight security challenges, particularly the security of data storage in a cloud environment. Also, provides some offers to enhance the security of data storage in the cloud
computing systems that by using these opinions can be overcome somewhat on the problems.
Trust based Mechanism for Secure Cloud Computing Environment: A Surveyinventionjournals
Ubiquitous computing has revolutionized interaction of humans and machines. Cloud computing has been mainly used for storing data and various computational purposes. It has changed the face of using the internet. But, as we know every technology has its pros and cons. Securing cloud environment is the most challenging issue for the researchers and developers. Main aspects which cloud security should cover are authentication, authorization, data protection etc. Establishing trust between cloud service providers (CSP) is the biggest challenge, when someone is discussing about cloud security. Trust is a critical factor which mainly depends on perception of reputation and self-assessment done by both user and CSP. The trust model can act as security strength evaluator and ranking service for cloud application and services. For establishing trust relationship between two parties, mutual trust mechanism is reliable, as it does verification from both sides. There are various trust models which mainly focuses on securing one party i.e., they validate either user or service node. In this survey paper, the study of various trust models and their various parameters are discussed.
Introduction to Cloud Computing and Cloud InfrastructureSANTHOSHKUMARKL1
Introduction, Cloud Infrastructure: Cloud computing, Cloud computing delivery models and services, Ethical issues, Cloud vulnerabilities, Cloud computing at Amazon, Cloud computing the Google perspective, Microsoft Windows Azure and online services, Open-source software platforms for private clouds.
How to Create Map Views in the Odoo 17 ERPCeline George
The map views are useful for providing a geographical representation of data. They allow users to visualize and analyze the data in a more intuitive manner.
This is a presentation by Dada Robert in a Your Skill Boost masterclass organised by the Excellence Foundation for South Sudan (EFSS) on Saturday, the 25th and Sunday, the 26th of May 2024.
He discussed the concept of quality improvement, emphasizing its applicability to various aspects of life, including personal, project, and program improvements. He defined quality as doing the right thing at the right time in the right way to achieve the best possible results and discussed the concept of the "gap" between what we know and what we do, and how this gap represents the areas we need to improve. He explained the scientific approach to quality improvement, which involves systematic performance analysis, testing and learning, and implementing change ideas. He also highlighted the importance of client focus and a team approach to quality improvement.
Synthetic Fiber Construction in lab .pptxPavel ( NSTU)
Synthetic fiber production is a fascinating and complex field that blends chemistry, engineering, and environmental science. By understanding these aspects, students can gain a comprehensive view of synthetic fiber production, its impact on society and the environment, and the potential for future innovations. Synthetic fibers play a crucial role in modern society, impacting various aspects of daily life, industry, and the environment. ynthetic fibers are integral to modern life, offering a range of benefits from cost-effectiveness and versatility to innovative applications and performance characteristics. While they pose environmental challenges, ongoing research and development aim to create more sustainable and eco-friendly alternatives. Understanding the importance of synthetic fibers helps in appreciating their role in the economy, industry, and daily life, while also emphasizing the need for sustainable practices and innovation.
The Roman Empire A Historical Colossus.pdfkaushalkr1407
The Roman Empire, a vast and enduring power, stands as one of history's most remarkable civilizations, leaving an indelible imprint on the world. It emerged from the Roman Republic, transitioning into an imperial powerhouse under the leadership of Augustus Caesar in 27 BCE. This transformation marked the beginning of an era defined by unprecedented territorial expansion, architectural marvels, and profound cultural influence.
The empire's roots lie in the city of Rome, founded, according to legend, by Romulus in 753 BCE. Over centuries, Rome evolved from a small settlement to a formidable republic, characterized by a complex political system with elected officials and checks on power. However, internal strife, class conflicts, and military ambitions paved the way for the end of the Republic. Julius Caesar’s dictatorship and subsequent assassination in 44 BCE created a power vacuum, leading to a civil war. Octavian, later Augustus, emerged victorious, heralding the Roman Empire’s birth.
Under Augustus, the empire experienced the Pax Romana, a 200-year period of relative peace and stability. Augustus reformed the military, established efficient administrative systems, and initiated grand construction projects. The empire's borders expanded, encompassing territories from Britain to Egypt and from Spain to the Euphrates. Roman legions, renowned for their discipline and engineering prowess, secured and maintained these vast territories, building roads, fortifications, and cities that facilitated control and integration.
The Roman Empire’s society was hierarchical, with a rigid class system. At the top were the patricians, wealthy elites who held significant political power. Below them were the plebeians, free citizens with limited political influence, and the vast numbers of slaves who formed the backbone of the economy. The family unit was central, governed by the paterfamilias, the male head who held absolute authority.
Culturally, the Romans were eclectic, absorbing and adapting elements from the civilizations they encountered, particularly the Greeks. Roman art, literature, and philosophy reflected this synthesis, creating a rich cultural tapestry. Latin, the Roman language, became the lingua franca of the Western world, influencing numerous modern languages.
Roman architecture and engineering achievements were monumental. They perfected the arch, vault, and dome, constructing enduring structures like the Colosseum, Pantheon, and aqueducts. These engineering marvels not only showcased Roman ingenuity but also served practical purposes, from public entertainment to water supply.
The Indian economy is classified into different sectors to simplify the analysis and understanding of economic activities. For Class 10, it's essential to grasp the sectors of the Indian economy, understand their characteristics, and recognize their importance. This guide will provide detailed notes on the Sectors of the Indian Economy Class 10, using specific long-tail keywords to enhance comprehension.
For more information, visit-www.vavaclasses.com
The French Revolution, which began in 1789, was a period of radical social and political upheaval in France. It marked the decline of absolute monarchies, the rise of secular and democratic republics, and the eventual rise of Napoleon Bonaparte. This revolutionary period is crucial in understanding the transition from feudalism to modernity in Europe.
For more information, visit-www.vavaclasses.com
Palestine last event orientationfvgnh .pptxRaedMohamed3
An EFL lesson about the current events in Palestine. It is intended to be for intermediate students who wish to increase their listening skills through a short lesson in power point.
Students, digital devices and success - Andreas Schleicher - 27 May 2024..pptxEduSkills OECD
Andreas Schleicher presents at the OECD webinar ‘Digital devices in schools: detrimental distraction or secret to success?’ on 27 May 2024. The presentation was based on findings from PISA 2022 results and the webinar helped launch the PISA in Focus ‘Managing screen time: How to protect and equip students against distraction’ https://www.oecd-ilibrary.org/education/managing-screen-time_7c225af4-en and the OECD Education Policy Perspective ‘Students, digital devices and success’ can be found here - https://oe.cd/il/5yV
MARUTI SUZUKI- A Successful Joint Venture in India.pptx
A Survey on Cloud Computing Security – Challenges and Trust Issues
1. A Survey on Cloud Computing Security –
Challenges and Trust Issues
Nabeel Mohammad Abdullah Al-Jaser
College of Computer
Qassim University
Qassim - Saudi Arabia
nabel142436@gmail.com
ABSTRACT
A traditional computing environment requires a costly
infrastructure to offer a better service to users. The introduction
of cloud computing has changed the working environment from
traditional to virtual. A larger number of IT companies are
utilizing the cloud. On the one hand, the cloud attracts more
number of consumers by offering services with minimized
capital cost and virtual infrastructure. On the other hand, there
are a risk and security challenges in cloud computing that
makes the user not to move completely towards it. The cloud
environment is more vulnerable to security breaches and data
theft. Moreover, insider attacks are more frequent in larger
enterprises. An unauthenticated user can cause more damage
to company reputation. The cloud service providers are trying
to provide a secure work environment for users. However,
there is a lack of global standards and policies to invoke
security measures in cloud computing. This study aims to
highlight and classify security challenges and trust issues in the
cloud environment.
The survey was conducted in various institutions and
governmental organizations in Saudi Arabia to study the
opinions of stakeholders on cloud computing security
challenges and risks.
General Terms
Cloud Computing, Security, Trust, Survey.
Keywords
Service Models, Challenges, Risks.
1. INTRODUCTION
The term “Cloud” is used as a metaphor to represent Internet.
It is used to indicate the complex infrastructure of a network
that stores a huge number of data. The concept of CC differs
from the computer network and other old-style computing
concepts. It is scalable and follows the technique of
encapsulation to represent an abstract entity [1]. The client can
access a different level of service that can be configured,
dynamically.
In the present situation, Cloud Computing (CC) has become a
new trend in the field of computing to store data in remote
computers, where they can access this data using Internet
applications. Once an Enterprise has adopted (CC), it should
take into account the benefits it could achieve and the
shortcomings and the changes in the usage-practices that the
CC might do. It is flexible and cost-effective and it is a better
alternative to procure and maintain complex hardware and
software. A study developed by [2], which is based on cloud
services, shown that the cloud services had maintained a strong
growth throughout the recent years. The challenges in CC
should be sorted out before migrating applications to the cloud
for providing an improved service to the stakeholders.
The outcome of a broader search on CC reveals that security is
one of the primary challenges of CC, should be resolved to
provide a better operating environment for organizations.
Even in the secured environment, some threats and security
breaches are discovered and cause a monetary or data loss for
an organization. Therefore, finding the issues in security and
developing a solution to handle these issues are the necessary
steps to implement CC in an organization [3].
This paper aims to select the security and trust issues in CC and
to investigate common solutions used to overcome the potential
security threats. The research questions that are handled in this
study:
1. What are the challenges related to security in cloud
computing?
2. What are the existing solutions to deal with security issues
in CC?
3. How does an organization deal with a specific security
issue, which does not have strategies to mitigate risk?
The structure of this study is organized as follows. The
overview and background of CC are explained in the next
section. Section III provides an overview of the security
challenges and risks in the cloud computing models. Section IV
shows the survey results and discusses the outcomes. Finally,
section V concludes the thesis with the output of this thesis with
its future directions.
2. BACKGROUND
Cloud Computing became one of the most familiar
technologies for distributing and retrieving data. The invention
of CC has provided a new way to connect a set of systems and
share resources. These resources could be managed with
limited efforts or interaction [4]. CC provides many benefits
that can be achieved. These benefits could range from reducing
cost, increasing storage, and increasing flexibility. When
organizations use CC services and resources, the expenses
come down to its minimal levels. On the other hand, CC
increases the data storage since the data is stored in many
remote computers or servers rather than limited storage local
computers. Moreover, it provides high flexibility of storing,
retrieving, and controlling the data in addition to reaching them
whenever and wherever needed, not as the traditional systems
work.
2.1 Cloud Service Models
The concept of CC model is to provide real-time operations to
users to access a network and avail several services through a
protected environment. CC characteristics are real-time on-
demand services where a user can individually utilize
computing capabilities automatically with no need for any
interfaces. On the other hand, the availability of broader
network capabilities leads users to access remote systems and
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 18, No. 5, May 2020
7 https://sites.google.com/site/ijcsis/
ISSN 1947-5500
2. mobile devices. Some of the features of CC are pooling of
resources, faster elasticity, and controlled services. Figure 1
shows the service models in a cloud environment. The service
models are broadly classified as applications, platforms, and
infrastructure.
Fig. 1: Cloud Service Models
In SaaS, the SP provides for users or customers a set of
resources installed onto cloud infrastructure that supported
with the required applications [5]. A consumer using this
service can control his content as well as the application-
hosting environment, but on the other hand, he will not get any
control over the infrastructure itself. While in PaaS, the SPs
give consumers the ability to deploy a platform onto their cloud
infrastructure with the corresponding applications. In contrast,
they will not be able to accomplish or control the cloud
infrastructure, but they will be able to control and monitor
applications and possibly configure the vital settings for the
application-hosting environment [6]. IaaS enables customers to
avail of some fundamental computing utilities such as storage,
networks, a pool of services, and so on. By accessing this
environment, the user can control the operating system, data
space, applications and limit the services to a limited number
of users for selected components such as Amazon EC2, Rack
space, Nimbus [7].
2.2 Cloud Deployment Models
The cloud services can be deployed on some models includes
private, hybrid, community, and public deployment models for
availing the benefits of cloud computing [8][9]. These models
are illustrated in Figure 2.
Fig. 2: Cloud Deployment Models
Public cloud: This kind of cloud is developed for large
industrial groups, communities, and the public. The
infrastructure is made for the organizations that are providing
services via clouds.
Private cloud: This cloud is used to deploy services for an
organization that designs it as it is the only one who has the
right to access the cloud even if it is managed by third a party
which might be located somewhere else.
Hybrid cloud: In this type of deployment model, two or more
clouds could be integrated, such as private, public, or a
community by standardized technology that enables the
portability of application as well as data.
Community cloud: Sometimes the need can arise to share the
cloud infrastructure by many organizations with the need to
support a precise community with some interesting anxieties.
This model can be created by an outsider or any third party and
not only the organization itself.
The use of these deployments models and services can change
the way that the systems are interlinked in a way the work is
accomplished in the organization by making the resources that
are used by the cloud computing more dynamic and expandable
[10]. In this case, when the consumer uses more resources than
usual, then he has to spend more money, and on the other hand,
he needs to pay less money when he uses fewer resources [11].
In this manner, the cost of the user or organization's usage will
be reduced, and this can increase the opportunity of managing
resources.
2.3 Security in Cloud Computing
The implementation of cloud security in small scale companies
could not be cost-effective for the management. The
management will tend to share common clouds with other
organizations. When multiple organizations share a common
resource then there is a risk of misuse of data. During this kind
of situation, maintaining the privacy of data and secure it from
hackers and malware is the primary challenges for SPs [12].
2.3.1 Data Security
Data protection or security is the primary service to be applied
in the cloud to protect user transactions. The term
confidentiality refers to the process of protecting data stored in
a third-party location or outside the organization boundary.
Some measures should be taken to protect data from any
threats.
The process of archiving data in a remote location or server
raises some issues related to data privacy and confidentiality.
Some of these challenges are discussed below [13]:
1. The primary challenge of CC is data privacy. Users’
personal information, confidential business transactions, and
Government information have to be secured properly in CC.
There is no protocol or any policy in CC to assure the
confidentiality of data to users.
2. The service level agreement should be established
between the organization and Cloud SP to maintain the privacy
of users’ data. It will support organizations to minimize data
loss and risk-oriented to data confidentiality.
3. The rights such as obligations, status, privacy, and
confidentiality can be modified or changed by a user through
cloud SP. The user can make a request to SP based on type and
category of users’ information
4. An unauthenticated usage of remote storage can lead to
access the important files such as the legal status information
of personal and business. It may cause damage to the reputation
of an organization.
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 18, No. 5, May 2020
8 https://sites.google.com/site/ijcsis/
ISSN 1947-5500
3. 5. Disclosing the information on the storage location of
information about privacy and confidentiality may cause
adverse effects to cloud protection. A false obligation to
process or store data into a remote location can cause damage
to data privacy.
6. Information can be stored in multiple legal locations,
however, the legal consequences will differ for each location.
7. The cloud SP can access the user civil records to verify
their past activities. They can check whether a user is linked
with any criminal activity or not.
8. Sometimes the information cannot be accessed by an
authenticated user due to legal agreement between SP and
organization. It may cause a user not to retrieve important data
in time.
2.3.2 Data Integrity
The constraints and transactions of a database can support an
isolated system to maintain data integrity. However, it is not
easy to maintain it for a distributed database, where data is
stored in multiple locations. Therefore, the CC environment
should apply an effective mechanism to maintain data integrity
for cloud storage [14].
The lack of controls or methods for data integrity can impose
many problems/issues in the cloud environment. Developers
and management staff should handle data integrity carefully
and not compromise for any kind of cloud-based application.
An improper data integrity control can lead to data
manipulation or even loss of data. In some rare cases, the SP
can remove rarely used data and failed to inform users about
the data removal [15]. There is a lack of universal policy for
exchanging data in a cloud environment. It will give restricted
access to users and allow users to access limited resources.
2.3.3 Data Availability
Data availability is one of the prime issues in a cloud
environment. Users can experience downtime errors while
accessing important data or information [16]. Therefore, a
service level agreement should mention the downtime of the
server, so that the client will not face any problems and adjust
their timings for accessing data.
3. SECURITY CHALLENGES
Security is the primary issue for an organization during the
transition from a traditional networking system to a cloud
environment. The transaction of data from one to another place
is too hard in cloud systems due to security threats. The
consumer should be vigilant during the transaction of data and
understand the risk of data threats in CC environment [17]. The
cloud SP cannot carry out any technical countermeasures for
malicious activities without understanding the clients’
infrastructure.
In SaaS, the user must rely on the SP to find appropriate
security restrictions, and the SP must work to create privacy for
each user to prevent their data from being overlapped.
Therefore, it is difficult for the user to confirm that the SP has
implemented all security restrictions and the service is
available at any time and any place [18].
Users are greatly disturbed by the absence of operations over
the data and information to store and secure it in a form of SaaS.
They are also facing trust issues like spying on data, service
breach, and data unavailability that could cause monetary and
legal obligations.
Vulnerabilities in web applications lead to a security
vulnerability in an application, sasin this scenario, all
customers who use the cloud can be affected in the event of any
vulnerability. The challenge with SaaS security does not differ
from a web application, but some issues related to Internet
security like network firewall and protective measures (IDS
and IPS) that could not solve a problem as a whole, the security
problems cannot be defended by applications effectively at the
network level and needs defenses at a level of service.
In a SaaS-based environment, there should be trust between the
user and the SP in terms of data security, and the SP must
provide a mechanism to protect data and applications [19].
When an organization stores sensitive data for it in the cloud,
SPs must provide physical and logical security. Easy access to
data, and upon additional security checks to detect security
gaps in applications and fear of harmful employees in the
organization who can use the less secured modules in the data
security model.
In the cloud environment, data is communicated through the
Internet. Users will not have confidence in network security
when data flows in an information leakage medium, and this
encourages the intruder to use the data package to analyze the
weakness in network security. Moreover, security problems
must be considered and controlled at the lowest levels of
application such as network and host infiltration, and SPs
should pay attention to this element.
Weaknesses in the cloud computing environment are related to
all applications, such as applications that are relevant to the
Internet and engineering applications directed from device to
device. So, we must consider the load balance in the basic
systems in the security problem.
Cloud service such as PaaS aims to provide developers with an
opportunity to develop a useful application on a platform. It
will be more scalable than SaaS at a low cost for the customer
and provide features. It provides safety features and
functionalities, where compact capabilities are not perfect.
With IaaS, a programmer makes a better monitor of security in
the absence of a protection gap in a virtual simulation. As a
concept, virtual systems may be able to solve these problems,
however, in normal practice, there are a lot of problems in
safety.
4. SURVEY RESULTS & DISCUSSION
The Survey is a method of collecting original data in a large
population that is difficult to observe directly. Surveys
typically help researchers to understand generalize results to a
population by preparing questions and distributing them to a
sample from the population.
The survey has been prepared to obtain the users' opinions that
help to define common vulnerabilities, challenges, and major
threats in CC.
The questionnaire was distributed to the participant by a link
that was made online to view it and solve questions. A number
of participants in the questionnaire are 169 participants. 59.2%
of participants work in the public and governmental sectors,
which means 100 people out of 169, while 40.8% of them (69
participants) work in the private sectors.
4.1 Security and Privacy Issues
Data privacy has always been important. An individual entity
may contain the personal data of millions of customers—data
that requires to maintain the privacy and safeguard the
customers' identities safe and secured as possible, and support
the organization to save the company's reputation. Figure 3
shows the importance of privacy and security for participants
in the conducted questionnaire (1: Nothing, 2: Not good, 3:
Good, 4: Best, 5: Enormous).
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 18, No. 5, May 2020
9 https://sites.google.com/site/ijcsis/
ISSN 1947-5500
4. Fig. 3: Importance of privacy and security
Some companies have written security policies to be referred
to and to apply security procedures better. The answer to a
question if your institution has formal written cloud security
policies, 38.5% of participants their establishments do not have
written security policies, and 31.4% do not know if the
institution has a written policy or not, while 30.2% only have
written policies.
The services provided by SP must be reliable and safe for
beneficiaries to trust them. The SP must be qualified with
relevant certificates to increase reliability. According to
respondents, 34.9% do not know whether their institutions are
eligible or not. while 27.2% had a third party responsible for
certificates to support trust issues. Figure 4 illustrates these
responses to question whether SPs that provide cloud services
to enterprises are qualified or not.
Fig. 4: The rate of SP qualifications
There are several security techniques used in cloud computing
to build trust among customers and cloud SPs. Companies
differ according to the security levels used in trust. 26.6% of
participants in the questionnaire do not know whether their
institution or organization any security techniques to achieve
trust. While 4.7% only of respondents their establishments do
not use any techniques to support confidence. A service-level
agreement (SLA) is the most popular technique used in scanned
institutions (28.4%). It is a commitment between a cloud SP
and a customer. Relevant service aspects such as quality,
availability, and responsibilities are agreed upon among the SP
and the service user. 17.8% of participants their institutions use
claims-based access control, while 8.9%, use the security
coding service as a way to support confidence between SPs and
their consumers. The security levels vary according to the
nature of the establishment and its security requirements.
Figure 5 shows a set of popular ways used to establish trust.
Fig. 5: Trust techniques that used in institutions
The security levels vary according to the nature of the
establishment and its security requirements, in which a
company has a required safety level according to the nature of
its work.
In the survey, the main security services (authentication, access
control, data confidentiality, data integrity, and non-
repudiation) have been evaluated by participants. In SaaS, most
respondents think that applying security services is very
important for application and software services. The security
categories of the PaaS model were evaluated as follows. Half
of the respondents see that authentication and data integrity
procedures are not important for platform services, while
another half believes that it is very important. Most of the
participants ensure the necessity of using access control
techniques to protect platform-related services against any
potential threats. In terms of data confidentiality and
nonrepudiation, most of the respondents consider that
confidentiality and assurance of services are important for
platform services. The necessity of security requirements for
the infrastructure services was evaluated by the survey
participants. A large percentage of participants (60%) believe
that authentication and access control procedures are not
important for infrastructure services, while the rest see it as
more important. In terms of data confidentiality and
nonrepudiation, 50% of respondents consider that
confidentiality and assurance of services are important for
infrastructure services. While the importance of data integrity
is less than confidentiality.
4.2 Cloud Security Challenges and Risks
In the conducted survey, common vulnerabilities in the cloud
environment were investigated according to the opinions of
participants. 17.8% of participants don’t have information on
vulnerabilities may affect the performance of their cloud
environment. The covered vulnerabilities in the questionnaire
summarized as follows:
• Cloud-based techniques nature such as virtualization
and web services.
• Poor key management and control.
• Weak authentication and authorization services.
• Storage and data recovery risks.
• Network-based security implementations.
Figure 4.16 shows the convergence of the results obtained,
which reflects the effect of vulnerabilities on CC environments
in different areas.
Fig. 6: The effect of common security vulnerabilities
Regarding attacks facing the establishments through CC, the
results were 40.8% considered a denial of service the greatest
threat to cloud computing security. While 30.8% see theft of
service attack threatens CC resources. The results for other
threats were as shown in Figure 7; 29% for Phishing, 19.5%
chose Cloud malware injection, 16% selected Botnets, 15.4%
for VM rollback attack, 14.8% considered Cross VM side
channels an essential threat effect CC, 13% said they had
targeted that share Memory is the problem, and 7.7% for Audio
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 18, No. 5, May 2020
10 https://sites.google.com/site/ijcsis/
ISSN 1947-5500
5. Steganography. Only 11.8% of participants in the questionnaire
did not know which threat and attack consider the most
effective attack threatens resources and services on cloud
computing.
Fig. 7: The most effective attack threatens CC
4.3 Security Solutions and Defenses
Several solutions and methods have been proposed researchers
and developers to defend against possible threats in CC
environments. This study focuses on a set of methods that the
organization may adopt to ensure security in CC. 29.6% of
respondents believe that Encryption or Hash calculation
methods are the best way must be used by institutions to ensure
security. While 25.4% considered building Secure frameworks
will be more suite for CC environments. Unfortunately, 20.1%
of participants in the questionnaire do not know which method
used by their institution to provide security. Figure 4.18 shows
all results on approaches might be introduced by institutions to
ensure security in cloud computing.
Fig. 8: Approaches used by institutions to ensure security
5. CONCLUSION
Cloud computing offers several benefits to enterprise and
individual users. Many enterprises are initiating to change their
working environment from traditional to virtual mode.
However, the security issues are making them reluctant to
deploy cloud. A simple error in a security measure can cause
serious problems to the cloud operating environment. The
growth of new technologies is providing more security tools
and techniques to the cloud. Though, in the current situation,
there is no global standard and protocols to provide a protective
environment to cloud users.
This study has focused on security challenges and trust issues
in the cloud. A survey is conducted with a set of 169
participants. A set of questions was prepared to understand the
respondent’s knowledge about cloud security and trust issues.
The participants were requested to respond to the queries in a
controlled environment. The questionnaire was structured as
multiple-choice questions. The responses were collected and
analyzed to generate knowledge or recommendation.
The outcome of this survey has shown that at least 20% of
respondents did not know any information regarding cloud
security. Some participants could not provide any ideas or
suggestions for improving cloud security. It is evident from the
study that the organization must educate the employees to
understand the consequences of data theft and other security
flaws in a cloud environment. The future work of this study is
to investigate the possibilities and strategies to improve the
level of security of the cloud.
6. REFERENCES
[1] S. Kannan, M. Roberts, P. Mayes, D. Brelsford, J. F.
Skovira, Workload Management with LoadLeveler,
Poughkeepsie, NY, USA: IBM Redbooks, 2001.
[2] Marston, S., Li, Z., Bandyopadhyay, S., Zhang, J.
and Ghalsasi, A. Cloud computing - the business
perspective. Decision Support Systems, 2011; 51 (1):
176–189.
[3] Voorsluys, W., Brober, J. and Buyya, R. Introduction
to cloud computing. In: Buyya, R., Broberg, J. and
Goscinski, A. (eds.), Cloud Computing Principles
and Paradigms. New Jersey: John Wiley & Sons Inc;
2011.
[4] Khalil H A Al-Shqeerat, Faiz M A Al-Shrouf,
Mohammad R Hassan and Hassen Fajraoui. Cloud
Computing Security Challenges in Higher
Educational Institutions - A Survey. International
Journal of Computer Applications 161(6):22-29,
March 2017.
[5] Peng, G.C. and Nunes, J.M.B. Surfacing ERP
exploitation risks through a risk ontology. Industrial
Management & Data Systems, 2009; 109 (7): 926–
942.
[6] D. A. Patterson, "The Data Center is the Computer",
Communications of the ACM, vol. 51, no. 1, pp. 105-
105, Jan. 2008.
[7] Hussein NH, Khalid A (2016) A survey of cloud
computing security challenges and solutions. Int J
Comput Sci Inf Secur 14(1):52.
[8] J. Shneidman, C. Ng, D. C. Parkes, A. AuYoung, A.
C. Snoeren, A. Vahdat, B. N. Chun, "Why Markets
Could (But Don't Currently) Solve Resource
Allocation Problems in Systems", Proceedings of the
10th Workshop on Hot Topics in Operating Systems
(HotOS X), June 2005.
[9] C. A. Waldspurger, T. Hogg, B. A. Huberman, J. O.
Kephart, W. S. Stornetta, "Spawn: A Distributed
Computational Economy", IEEE Transactions on
Software Engineering, vol. 18, no. 2, pp. 103-117,
Feb. 1992.
[10] M. Crouhy, D. Galai, R. Mark, The Essentials of Risk
Management, New York, NY, USA:McGraw-Hill,
2006.
[11] Tim Mather, Subra Kumaraswamy, and Shahed
Latif, "Cloud Security and Privacy", s.l.; O'Reilly,
2009.
[12] Mell, P. and Grance, T. The NIST definition of cloud
computing - recommendations of the National
Institute of Standards and Technology,
http://csrc.nist.gov/publications/nistpubs/800-
145/SP800-145.pdf.
[13] Salesforce.com outage hits thousands of businesses,
DOI=http://news.cnet.com/8301-1001_3-10136540-
92.html.
[14] Bernd Grobauer, Tobias Walloschek and Elmar
Stöcker, "Understanding Cloud-Computing
Vulnerabilities", IEEE Security and Privacy, 10 Jun.
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 18, No. 5, May 2020
11 https://sites.google.com/site/ijcsis/
ISSN 1947-5500
6. 2010, IEEE computer Society Digital Library, IEEE
Computer Society.
[15] Armbrust, M., Fox, A., Griffith, R., Joseph, A.D.,
Katz, R., Konwinski, A., Lee, G., Patterson, D.,
Rabkin, A., Stoica, I. and Zaharia, M. A view of
cloud computing. Communications of the ACM,
2010; 53 (4): 50–58.
[16] Alneyadi S, Sithirasenan E, Muthukkumarasamy V
(2016) A survey on data leakage prevention systems.
J Netw Comput Appl 62:137–152.
[17] Jyothi P, Anuradha R, Vijayalata DY (2013)
Minimizing internal data theft in cloud through
disinformation attacks. Int J Adv Res Comput
Commun Eng 2(9).
[18] Hobson, D. Global Secure Systems: Into the Cloud
we go.....have we thought about security issues?
DOI= http://www.globalsecuritymag.com/David-
Hobson-Global-Secure-Systems,20090122,7110.
1/2009.
[19] Cavoukian A (2010) The 7 foundational principles:
implementation and mapping of fair information
practices.
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 18, No. 5, May 2020
12 https://sites.google.com/site/ijcsis/
ISSN 1947-5500