International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Security Issues’ in Cloud Computing and its Solutions. IJCERT JOURNAL
Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
Challenges and Proposed Solutions for Cloud ForensicIJERA Editor
Cloud computing is a heavily evolving topic in information technology (IT). Rather than creating, deploying and managing a physical IT infrastructure to host their software applications, organizations are increasingly deploying their infrastructure into remote, virtualized environments, often hosted and managed by third parties. Due to this large scale, in case an attack over the network of cloud, it’s a great challenge to investigate to cloud. There is a very low research done to develop the theory and practice of cloud forensic. The investigator has huge challenge of getting the IP address of the culprit as there is dynamic IP in cloud computing. Also one among many problems is that the customer is only concerned of security and threat of unknown. The cloud service provider never lets customer see what is behind "virtual curtain" which leads customer more doubting for the security and threat issue. In cloud forensics, the lack of physical access leads to big challenge for investigator. In this paper we are presenting few common challenges which arise in cloud forensic and proposed solution to it. We will also discuss the in brief about cloud computing and cloud forensic.
In cloud computing IT (Information Technology) related resources like infrastructure, platform and software can be utilized using web based tools and application through internet. Here Organizations are moving to the cloud computing some faster than others. However, moving to the cloud presents the organization with a number of risks to assess. Information security is the most critical risk for many organizations. This is because the intellectual property, trade secrets, personally identifiable information,
or other sensitive information can be powered by protecting information. This paper classified cloud
security based on the three service models of cloud computing SaaS, PaaS and IaaS. Attributes for each
type of security has also identified and briefly described here. We compared securities provided in different
services by world's best known cloud service providing companies such as Amazon AWS, Google App Engine, Windows Azure etc. considering cloud security category. Furthermore, we included recommendations for organizations who have decided to move their data into the cloud, but confused to choose the best service provider for their organization regarding information security.
Cloud Computing Security Issues and ChallengesCSCJournals
Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.
Trust based Mechanism for Secure Cloud Computing Environment: A Surveyinventionjournals
Ubiquitous computing has revolutionized interaction of humans and machines. Cloud computing has been mainly used for storing data and various computational purposes. It has changed the face of using the internet. But, as we know every technology has its pros and cons. Securing cloud environment is the most challenging issue for the researchers and developers. Main aspects which cloud security should cover are authentication, authorization, data protection etc. Establishing trust between cloud service providers (CSP) is the biggest challenge, when someone is discussing about cloud security. Trust is a critical factor which mainly depends on perception of reputation and self-assessment done by both user and CSP. The trust model can act as security strength evaluator and ranking service for cloud application and services. For establishing trust relationship between two parties, mutual trust mechanism is reliable, as it does verification from both sides. There are various trust models which mainly focuses on securing one party i.e., they validate either user or service node. In this survey paper, the study of various trust models and their various parameters are discussed.
Security Issues’ in Cloud Computing and its Solutions. IJCERT JOURNAL
Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
Challenges and Proposed Solutions for Cloud ForensicIJERA Editor
Cloud computing is a heavily evolving topic in information technology (IT). Rather than creating, deploying and managing a physical IT infrastructure to host their software applications, organizations are increasingly deploying their infrastructure into remote, virtualized environments, often hosted and managed by third parties. Due to this large scale, in case an attack over the network of cloud, it’s a great challenge to investigate to cloud. There is a very low research done to develop the theory and practice of cloud forensic. The investigator has huge challenge of getting the IP address of the culprit as there is dynamic IP in cloud computing. Also one among many problems is that the customer is only concerned of security and threat of unknown. The cloud service provider never lets customer see what is behind "virtual curtain" which leads customer more doubting for the security and threat issue. In cloud forensics, the lack of physical access leads to big challenge for investigator. In this paper we are presenting few common challenges which arise in cloud forensic and proposed solution to it. We will also discuss the in brief about cloud computing and cloud forensic.
In cloud computing IT (Information Technology) related resources like infrastructure, platform and software can be utilized using web based tools and application through internet. Here Organizations are moving to the cloud computing some faster than others. However, moving to the cloud presents the organization with a number of risks to assess. Information security is the most critical risk for many organizations. This is because the intellectual property, trade secrets, personally identifiable information,
or other sensitive information can be powered by protecting information. This paper classified cloud
security based on the three service models of cloud computing SaaS, PaaS and IaaS. Attributes for each
type of security has also identified and briefly described here. We compared securities provided in different
services by world's best known cloud service providing companies such as Amazon AWS, Google App Engine, Windows Azure etc. considering cloud security category. Furthermore, we included recommendations for organizations who have decided to move their data into the cloud, but confused to choose the best service provider for their organization regarding information security.
Cloud Computing Security Issues and ChallengesCSCJournals
Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.
Trust based Mechanism for Secure Cloud Computing Environment: A Surveyinventionjournals
Ubiquitous computing has revolutionized interaction of humans and machines. Cloud computing has been mainly used for storing data and various computational purposes. It has changed the face of using the internet. But, as we know every technology has its pros and cons. Securing cloud environment is the most challenging issue for the researchers and developers. Main aspects which cloud security should cover are authentication, authorization, data protection etc. Establishing trust between cloud service providers (CSP) is the biggest challenge, when someone is discussing about cloud security. Trust is a critical factor which mainly depends on perception of reputation and self-assessment done by both user and CSP. The trust model can act as security strength evaluator and ranking service for cloud application and services. For establishing trust relationship between two parties, mutual trust mechanism is reliable, as it does verification from both sides. There are various trust models which mainly focuses on securing one party i.e., they validate either user or service node. In this survey paper, the study of various trust models and their various parameters are discussed.
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
Today, in the world of communication, connected systems is growing at a rapid pace. To accommodate this growth the need for computational power and storage is also increasing at a similar rate. Companies are investing a large amount of resources in buying, maintaining and ensuring availability of the system to their customers. To mitigate these issues, cloud computing is playing a major role [1]. The underlying concept of cloud computing dates back to the ‘50s but the term entering into widespread usage can be traced to 2006 when Amazon.com announced the Elastic Compute Cloud. In this paper, we will discuss about cloud security approaches. We have used the term “CloudDrain” to define data leakage in case of security compromise.
A survey on data security in cloud computing issues and mitigation techniqueseSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Abstract: Cloud computing model are obtaining ubiquitous authorization due to the heterogeneous convenience they provide. Although, the
security & privacy problems are the main considerable encumbrance holding back the universal adoption of this new emerging technology.
Various researches are concentrated on enhancing the security on Software as well as Hardware levels on the cloud. But these interpretations do
not mainly furnish the complete security way and therefore the data security compute (measure) are still kept under the access control of service
provider. Trusted Computing is another research concept. In actuality, these furnish a set of tools controlled by the third party technologies to
secure the Virtual Machines from the cloud computing providers. These approaches provides the tools to its consumers to assess and monitor the
aspects of security their data, they don’t allocate the cloud consumers with high control capability. While as the new emerging DCS approach
aims to provide the security of data owners of their data. But the DCS approach concept is elucidate in many ways and there is not a
standardized framework of cloud computing environment model for applying this approach.
Cloud computing has changed the entire process that distributed computing used to present e.g. Grid
computing, server client computing. Cloud computing describes recent developments in many existing IT
technologies and separates application and information resources from the underlying infrastructure.
Cloud computing security is an important aspect of quality of service from cloud service providers.
Security concerns arise as soon as one begins to run applications beyond the designated firewall and move
closer towards the public domain. In violation of security in any component in the cloud can be disaster for
the organization (the customer) as well as for the provider. In this paper, we propose a cloud security
model and security framework that identifies security challenges in cloud computing.
Cloud computing is a model which uses the mixture concept of “software-as-a-service” and “utility computing”, and provides
various on-demand services in a convenient way requested end users. It is internet based where resources are shared and the
information is available for on demand service users. Security issue in Cloud computing is the important and critical issues
because the resources are distributed. Both the Cloud provider and the cloud consumer should be fully sure that the cloud is safe
enough from all the external threats so that the customer does not face any kind of problem like loss or theft of their valua ble
data. There is also a possibility where a malicious user can penetrate the cloud by imitate an authorized user, and affect with a
virus to the entire cloud and affects many customers who are sharing the infected cloud. In this paper we firstly lists the
parameters that affects the security of the cloud then it explores the security issues of cloud computing and the troubles faced by
providers and consumers about their data, privacy, and infected application and security issues. It also presents some security
solutions for tackling these issues and problems.
Study on Secure Cryptographic Techniques in Cloudijtsrd
Cloud Computing is turning into an increasing number of popular day by day. If the safety parameters are taken care properly many organizations and authorities corporations will flow into cloud technology.one usage of cloud computing is statistics storage. Cloud affords considerable capability of garage for cloud users. It is more reliable and flexible to users to shop and retrieve their facts at whenever and everywhere. It is an increasingly more growing technology. Mariam Fatima | M Ganeshan | Saif Ulla Shariff "Study on Secure Cryptographic Techniques in Cloud" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-4 , June 2021, URL: https://www.ijtsrd.compapers/ijtsrd42363.pdf Paper URL: https://www.ijtsrd.comcomputer-science/computer-network/42363/study-on-secure-cryptographic-techniques-in-cloud/mariam-fatima
The paradigm called “Cloud computing” acts as a mechanism for attaining the resources of shared technology and infrastructure cost-effectively. The on-demand services are accomplished to execute the various operations across the network. Regularly, the last client doesn't know about the area of open physical assets and devices. Developing, using, and dealing with their applications 'on the cloud', which includes virtualization of assets that keeps and guides itself are led by arranged activities to clients. Calculation experience the new methodology of cloud computing which perhaps keeps the world and can set up all the human necessities. At the end of the day, cloud computing is the ensuing normal step in the development of on-request data innovation administrations and items. The Cloud is an allegory for the Internet and is an idea for the secured confused foundation; it likewise relies upon drawing network graphs on a computer. In this work, thorough investigations of distributed computing security and protection concerns are given. The work distinguishes both the identified and unidentified attacks, vulnerabilities in the cloud, security attacks and also the solutions to control these threats and attacks. Moreover, the restrictions of the present solutions and offers various perceptions of security viewpoints are distinguished and explored. At long last, a cloud security system is given in which the different lines of protection and the reliance levels among them are identified.
A traditional computing environment requires a costly
infrastructure to offer a better service to users. The introduction
of cloud computing has changed the working environment from
traditional to virtual. A larger number of IT companies are
utilizing the cloud. On the one hand, the cloud attracts more
number of consumers by offering services with minimized
capital cost and virtual infrastructure. On the other hand, there
are a risk and security challenges in cloud computing that
makes the user not to move completely towards it. The cloud
environment is more vulnerable to security breaches and data
theft. Moreover, insider attacks are more frequent in larger
enterprises. An unauthenticated user can cause more damage
to company reputation. The cloud service providers are trying
to provide a secure work environment for users. However,
there is a lack of global standards and policies to invoke
security measures in cloud computing. This study aims to
highlight and classify security challenges and trust issues in the
cloud environment.
The survey was conducted in various institutions and
governmental organizations in Saudi Arabia to study the
opinions of stakeholders on cloud computing security
challenges and risks.
Links:
http://sites.google.com/site/ijcsis/
https://google.academia.edu/JournalofComputerScience
https://www.linkedin.com/in/ijcsis-research-publications-8b916516/
http://www.researcherid.com/rid/E-1319-2016
Cloud computing has sweeping impact on the human productivity. Today it’s used for Computing, Storage, Predictions and Intelligent Decision Making, among others. Intelligent Decision-Making using Machine Learning has pushed for the Cloud Services to be even more fast, robust and accurate. Security remains one of the major concerns which affect the cloud computing growth however there exist various research challenges in cloud computing adoption such as lack of well managed service level agreement (SLA), frequent disconnections, resource scarcity, interoperability, privacy, and reliability. Tremendous amount of work still needs to be done to explore the security challenges arising due to widespread usage of cloud deployment using Containers. We also discuss Impact of Cloud Computing and Cloud Standards. Hence in this research paper, a detailed survey of cloud computing, concepts, architectural principles, key services, and implementation, design and deployment challenges of cloud computing are discussed in detail and important future research directions in the era of Machine Learning and Data Science have been identified.
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
Today, in the world of communication, connected systems is growing at a rapid pace. To accommodate this growth the need for computational power and storage is also increasing at a similar rate. Companies are investing a large amount of resources in buying, maintaining and ensuring availability of the system to their customers. To mitigate these issues, cloud computing is playing a major role [1]. The underlying concept of cloud computing dates back to the ‘50s but the term entering into widespread usage can be traced to 2006 when Amazon.com announced the Elastic Compute Cloud. In this paper, we will discuss about cloud security approaches. We have used the term “CloudDrain” to define data leakage in case of security compromise.
A survey on data security in cloud computing issues and mitigation techniqueseSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Abstract: Cloud computing model are obtaining ubiquitous authorization due to the heterogeneous convenience they provide. Although, the
security & privacy problems are the main considerable encumbrance holding back the universal adoption of this new emerging technology.
Various researches are concentrated on enhancing the security on Software as well as Hardware levels on the cloud. But these interpretations do
not mainly furnish the complete security way and therefore the data security compute (measure) are still kept under the access control of service
provider. Trusted Computing is another research concept. In actuality, these furnish a set of tools controlled by the third party technologies to
secure the Virtual Machines from the cloud computing providers. These approaches provides the tools to its consumers to assess and monitor the
aspects of security their data, they don’t allocate the cloud consumers with high control capability. While as the new emerging DCS approach
aims to provide the security of data owners of their data. But the DCS approach concept is elucidate in many ways and there is not a
standardized framework of cloud computing environment model for applying this approach.
Cloud computing has changed the entire process that distributed computing used to present e.g. Grid
computing, server client computing. Cloud computing describes recent developments in many existing IT
technologies and separates application and information resources from the underlying infrastructure.
Cloud computing security is an important aspect of quality of service from cloud service providers.
Security concerns arise as soon as one begins to run applications beyond the designated firewall and move
closer towards the public domain. In violation of security in any component in the cloud can be disaster for
the organization (the customer) as well as for the provider. In this paper, we propose a cloud security
model and security framework that identifies security challenges in cloud computing.
Cloud computing is a model which uses the mixture concept of “software-as-a-service” and “utility computing”, and provides
various on-demand services in a convenient way requested end users. It is internet based where resources are shared and the
information is available for on demand service users. Security issue in Cloud computing is the important and critical issues
because the resources are distributed. Both the Cloud provider and the cloud consumer should be fully sure that the cloud is safe
enough from all the external threats so that the customer does not face any kind of problem like loss or theft of their valua ble
data. There is also a possibility where a malicious user can penetrate the cloud by imitate an authorized user, and affect with a
virus to the entire cloud and affects many customers who are sharing the infected cloud. In this paper we firstly lists the
parameters that affects the security of the cloud then it explores the security issues of cloud computing and the troubles faced by
providers and consumers about their data, privacy, and infected application and security issues. It also presents some security
solutions for tackling these issues and problems.
Study on Secure Cryptographic Techniques in Cloudijtsrd
Cloud Computing is turning into an increasing number of popular day by day. If the safety parameters are taken care properly many organizations and authorities corporations will flow into cloud technology.one usage of cloud computing is statistics storage. Cloud affords considerable capability of garage for cloud users. It is more reliable and flexible to users to shop and retrieve their facts at whenever and everywhere. It is an increasingly more growing technology. Mariam Fatima | M Ganeshan | Saif Ulla Shariff "Study on Secure Cryptographic Techniques in Cloud" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-4 , June 2021, URL: https://www.ijtsrd.compapers/ijtsrd42363.pdf Paper URL: https://www.ijtsrd.comcomputer-science/computer-network/42363/study-on-secure-cryptographic-techniques-in-cloud/mariam-fatima
The paradigm called “Cloud computing” acts as a mechanism for attaining the resources of shared technology and infrastructure cost-effectively. The on-demand services are accomplished to execute the various operations across the network. Regularly, the last client doesn't know about the area of open physical assets and devices. Developing, using, and dealing with their applications 'on the cloud', which includes virtualization of assets that keeps and guides itself are led by arranged activities to clients. Calculation experience the new methodology of cloud computing which perhaps keeps the world and can set up all the human necessities. At the end of the day, cloud computing is the ensuing normal step in the development of on-request data innovation administrations and items. The Cloud is an allegory for the Internet and is an idea for the secured confused foundation; it likewise relies upon drawing network graphs on a computer. In this work, thorough investigations of distributed computing security and protection concerns are given. The work distinguishes both the identified and unidentified attacks, vulnerabilities in the cloud, security attacks and also the solutions to control these threats and attacks. Moreover, the restrictions of the present solutions and offers various perceptions of security viewpoints are distinguished and explored. At long last, a cloud security system is given in which the different lines of protection and the reliance levels among them are identified.
A traditional computing environment requires a costly
infrastructure to offer a better service to users. The introduction
of cloud computing has changed the working environment from
traditional to virtual. A larger number of IT companies are
utilizing the cloud. On the one hand, the cloud attracts more
number of consumers by offering services with minimized
capital cost and virtual infrastructure. On the other hand, there
are a risk and security challenges in cloud computing that
makes the user not to move completely towards it. The cloud
environment is more vulnerable to security breaches and data
theft. Moreover, insider attacks are more frequent in larger
enterprises. An unauthenticated user can cause more damage
to company reputation. The cloud service providers are trying
to provide a secure work environment for users. However,
there is a lack of global standards and policies to invoke
security measures in cloud computing. This study aims to
highlight and classify security challenges and trust issues in the
cloud environment.
The survey was conducted in various institutions and
governmental organizations in Saudi Arabia to study the
opinions of stakeholders on cloud computing security
challenges and risks.
Links:
http://sites.google.com/site/ijcsis/
https://google.academia.edu/JournalofComputerScience
https://www.linkedin.com/in/ijcsis-research-publications-8b916516/
http://www.researcherid.com/rid/E-1319-2016
Cloud computing has sweeping impact on the human productivity. Today it’s used for Computing, Storage, Predictions and Intelligent Decision Making, among others. Intelligent Decision-Making using Machine Learning has pushed for the Cloud Services to be even more fast, robust and accurate. Security remains one of the major concerns which affect the cloud computing growth however there exist various research challenges in cloud computing adoption such as lack of well managed service level agreement (SLA), frequent disconnections, resource scarcity, interoperability, privacy, and reliability. Tremendous amount of work still needs to be done to explore the security challenges arising due to widespread usage of cloud deployment using Containers. We also discuss Impact of Cloud Computing and Cloud Standards. Hence in this research paper, a detailed survey of cloud computing, concepts, architectural principles, key services, and implementation, design and deployment challenges of cloud computing are discussed in detail and important future research directions in the era of Machine Learning and Data Science have been identified.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Security of Data in Cloud Environment Using DPaaSIJMER
The rapid development of cloud computing is giving way to more cloud services, due to
which security of services of cloud especially data confidentiality protection, becomes more critical.
Cloud computing is an emerging computing style which provides dynamic services, scalable and payper-use.
Although cloud computing provides numerous advantages, a key challenge is how to ensure
and build confidence that the cloud can handle user data securely. This paper highlights some major
security issues that exist in current cloud computing environments. The status of the development of
cloud computing security, the data privacy analysis, security audit, information check and another
challenges that the cloud computing security faces have been explored. The recent researches on data
protection regarding security and privacy issues in cloud computing have partially addressed some
issues. The best option is to build data-protection solutions at the platform layer. The growing appeal
of data protection as a service is that it enables to access just the resources you need at minimal
upfront expense while providing the benefits of enterprise-class data protection capabilities. The
paper proposes a solution to make existing developed applications for simple cloud Systems
compatible with DPaaS. The various security challenges have been highlighted and the various
necessary metrics required for designing DPaaS have been investigated.
Methodologies for Resolving Data Security and Privacy Protection Issues in Cl...AJASTJournal
Because of its accessibility and flexibility, cloud technology is among the most notable innovations in today's world. Having many service platforms, such as GoogleApps by Google, Amazon, Apple, and so on, is well accepted by large enterprises. Distributed cloud computing is a concept for enabling every-time, convenient, on-demand network access to processing resources including servers, storage devices, networks, and services that may be mutually configured. The major security risks for cloud computing as identified by the Cloud security alliance (CSA) have been examined in this study. Also, methods for resolving issues with cloud computing technology's data security and privacy protection were systematically examined
Because of its accessibility and flexibility, cloud technology is among the most notable innovations in today's world. Having many service platforms, such as GoogleApps by Google, Amazon, Apple, and so on, is well accepted by large enterprises. Distributed cloud computing is a concept for enabling every-time, convenient, on-demand network access to processing resources including servers, storage devices, networks, and services that may be mutually configured. The major security risks for cloud computing as identified by the Cloud security alliance (CSA) have been examined in this study. Also, methods for resolving issues with cloud computing technology's data security and privacy protection were systematically examined.
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...Zac Darcy
Cloud computing is an emerging model of service provision that has the advantage of minimizing costs
through sharing and storage of resources combined with a demand provisioning mechanism relying on
pay-per-use business model. Cloud computing features direct impact on information technology (IT)
budgeting but pose detrimental impacts on privacy and security mechanisms especially where sensitive
data is to be held offshore by third parties. Even though cloud computing environment promises new
benefits to organizations, it also presents its fair share of potential risks. It is considered as a double edge
sword considering the privacy and security standpoints. However, despite its potential to offer a low cost
security, customer organizations may increase the risks by storing their sensitive information in the cloud.
Therefore, this study focuses on privacy and security issues that pose a challenge in maintaining a level of
assurance that is sufficient enough to sustain confidence in potential users.
In this study, survey questions were sent to different non-profit and government organizations, which
assisted in collecting fundamental information. The data was acquired by conducting surveys in OpenStack
Company to identify the critical vulnerabilities in the cloud computing platform in order to provide the
recommended solutions.
So, analysis will be made on how the cloud’s characteristics such as the nature of the architecture,
attractiveness, as well as, vulnerability are tightly related to privacy and security issues. Privacy and
security are complex issues for which there is no standard and the relationship between them is necessarily
complicated. The study also highlight on the inherent challenge to data privacy because it typically results
in data to be presented in an encryption from the data owner. Thus, the study aimed at obtaining a common
goal to provide a comprehensive review of the existing security and privacy issues in cloud environments,
and identify and describe the most representative of the security and privacy attributes and present a
relationship among them.
Finally, in order to ensure that the standard measure of validity is achieved, validity test was conducted in
order to ensure that the study is free from errors. Various recommendations were provided. The study also
explored various areas that require future directions for each attribute, which comprise of multi-domain
policy integration and a secure service composition to design a comprehensive policy-based management
framework in the cloud environments.
Lastly, the recommendations will provide the potential for security and privacy approaches that can be
implemented to improve the cloud computing environment to ensure that a level of trust is achieved
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...Zac Darcy
Cloud computing is an emerging model of service provision that has the advantage of minimizing costs
through sharing and storage of resources combined with a demand provisioning mechanism relying on
pay-per-use business model. Cloud computing features direct impact on information technology (IT)
budgeting but pose detrimental impacts on privacy and security mechanisms especially where sensitive
data is to be held offshore by third parties. Even though cloud computing environment promises new
benefits to organizations, it also presents its fair share of potential risks. It is considered as a double edge
sword considering the privacy and security standpoints. However, despite its potential to offer a low cost
security, customer organizations may increase the risks by storing their sensitive information in the cloud.
Therefore, this study focuses on privacy and security issues that pose a challenge in maintaining a level of
assurance that is sufficient enough to sustain confidence in potential users.
Cloud computing is set of resources and services offered through the Internet. Cloud
services are delivered from data centers located throughout the world. Cloud computing
facilitates its consumers by providing virtual resources via internet. The biggest challenge in
cloud computing is the security and privacy problems caused by its multi-tenancy nature and the
outsourcing of infrastructure, sensitive data and critical applications. Enterprises are rapidly adopting
cloud services for their businesses, measures need to be developed so that organizations can be assured
of security in their businesses and can choose a suitable vendor for their computing needs. Cloud
computing depends on the internet as a medium for users to access the required services at any time on
pay-per-use pattern. However this technology is still in its initial stages of development, as it suffers
from threats and vulnerabilities that prevent the users from trusting it. Various malicious activities
from illegal users have threatened this technology such as data misuse, inflexible access control and
limited monitoring. The occurrence of these threats may result into damaging or illegal access of
critical and confidential data of users. In this paper we identify the most vulnerable security
threats/attacks in cloud computing, which will enable both end users and vendors to know a bout
the k ey security threats associated with cloud computing and propose relevant solution directives to
strengthen security in the Cloud environment. We also propose secure cloud architecture for
organizations to strengthen the security.
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...cscpconf
Deployment of using cloud services as a new approach to keep people's platforms, Infrastructure and applications has become an important issue in the world of communications technology. This is a very useful paradigm for humans to obtain their essential needs simpler, faster ,more flexible, and safer than before. But there are many concerns about this system challenge. Security is the most important challenge for cloud systems. In this paper we design and explain the procedure of implementation of a new method for cloud services based on multi clouds on our platform which supplies security and privacy more than other clouds. We introduce some confidentiality and security methods in each layer to have a secure access to requirements. The architecture of our method and the implementation of method on our selected platform for each layer are introduced in this paper.
Design and implement a new cloud security method based on multi clouds on ope...csandit
Deployment of using cloud services as a new approach to keep people's platforms,
Infrastructure and applications has become an important issue in the world of communications
technology. This is a very useful paradigm for humans to obtain their essential needs simpler,
faster ,more flexible, and safer than before. But there are many concerns about this system
challenge. Security is the most important challenge for cloud systems. In this paper we design
and explain the procedure of implementation of a new method for cloud services based on multi
clouds on our platform which supplies security and privacy more than other clouds. We
introduce some confidentiality and security methods in each layer to have a secure access to
requirements. The architecture of our method and the implementation of method on our selected
platform for each layer are introduced in this paper.
Public Key Encryption algorithms Enabling Efficiency Using SaaS in Cloud Comp...Editor IJMTER
The Most great challenging in Cloud computing is Security. Here Security plays key role
in this paper proposed concept mainly deals with security at the end user access. While coming to the
end user access that are connected through the public networks. Here the end user wants to access his
application or services protected by the unauthorized persons. In this area if we want to apply
encryption or decryption methods such as RSA, 3DES, MD5, Blow fish. Etc.,
Whereas we can utilize these services at the end user access in cloud computing. Here there is
problem of encryption and decryption of the messages, services and applications. They are is lot of
time to take encrypt as well as decrypt and more number of processing capabilities are needed to use
the mechanism. For that problem we are introducing to use of cloud computing in SaaS model. i.e.,
scalable is applicable in this area so whenever it requires we can utilize the SaaS model.
In Cloud computing use of computing resources (hardware and software) that are delivered as a
service over Internet network. In advance earlier there is problem of using key size in various
algorithm like 64 bit it take some long period to encrypt the data.
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTINGijsptm
In the digital world using technology and new technologies require safe and reliable environment, and it also requires consideration to all the challenges that technology faces with them and address these challenges. Cloud computing is also one of the new technologies in the IT world in this rule there is no exception. According to studies one of the major challenges of this technology is the security and safety required for providing services and build trust in consumers to transfer their data into the cloud. In this paper we attempt to review and highlight security challenges, particularly the security of data storage in a cloud environment. Also, provides some offers to enhance the security of data storage in the cloud
computing systems that by using these opinions can be overcome somewhat on the problems.
Security threat issues and countermeasures in cloud computingJahangeer Qadiree
Cloud computing field has reached to the highest level of technical heights. The security problems of cloud computing hinders
its development. It is totally internet based technology where the resources and information shared on a distributed network. So
it is important for both provider as well as consumer to provide the security and trust to share the data for developing clou d
computing applications. Because now organizations are now moving fast towards the cloud. So there is the possibility of threats
that will harm the data on the cloud. In our paper we mainly focuses on security threats of cloud computing system also we
mention some solutions and countermeasures on these security problems
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
1. Anu Bhakthadas et al Int. Journal of Engineering Research and Applications www.ijera.com
ISSN : 2248-9622, Vol. 4, Issue 5( Version 2), May 2014, pp.189-193
www.ijera.com 189 | P a g e
Securing Data Transfer in Cloud Environment
K. S. Wagh*, Rasika Jathar**, Sonal Bangar***, Anu Bhakthadas****
*(Department of Computer Engineering, PUNE University, INDIA)
** (Department of Computer Engineering, PUNE University, INDIA)
*** (Department of Computer Engineering, PUNE University, INDIA)
**** (Department of Computer Engineering, PUNE University, INDIA)
ABSTRACT
Data security and access control is one of the most challenging ongoing research work in cloud computing, due
to users outsourcing their sensitive data to cloud providers. The various existing solutions that use pure
cryptographic techniques to mitigate these security and access control problems suffer from heavy
computational overhead on the data owner as well as the cloud service provider for key distribution and
management. Cloud storage moves the user’s data to large data centers, that are remotely located, on which user
does not have any control. This unique feature of the cloud poses many new security challenges which need to
be clearly understood and resolved.
Keywords – Cloud Computing, Decryption, Digital Signature, Encryption, Integrity, Message Digest.
I. Introduction
Cloud computing is a utilization of computer
resources that are available on demand and access via
a network . These services are broadly divided into
three categories: Infrastructure-as-a-Service (IaaS),
Platform-as-a-Service (PaaS) and Software-as-a-
Service (SaaS). The name cloud computing was
inspired by the cloud symbol that's often used to
represent the Internet in flowcharts and diagrams.
Cloud computing is one of today’s hottest
research areas due to its ability to reduce costs
associated with computing while increasing
scalability and flexibility for computing services.
Cloud computing has emerged as the modern
technology which developed in last few years, and is
considered as the next big thing, in years to come.
Since it is new, so it faces new security issues and
new challenges as well[1]. In the last few years it is
grown up from just being a concept to a major part of
the IT industry. Cloud computing is widely accepted
as the adoption of SOA, virtualization, and utility
computing, it generally works on three type of
architecture and these are: SaaS, PaaS, and IaaS.
There are different issue and challenges with each
cloud computing technology.
Contrary to traditional computing practices,
in a cloud computing environment, data and the
application are controlled by the service provider.
This leads to a natural concern about the safety of the
data and also its protection from internal as well as
external threats. Despite of all these concerns,
advantages such as on demand infrastructure, reduced
cost of maintenance, pay as you go, elastic scaling
etc. are major reasons for enterprises to decide on
cloud computing environments. Storing of user data
in the cloud despite its advantages has many
interesting security concerns which need to be
extensively investigated for making it a reliable
solution to the problem of avoiding local storage of
data. All these various advantages offered by the
cloud can be enjoyed while using services offered by
a private cloud by paying some charges but the same
thing can be enjoyed by using a public cloud at the
least cost or no cost. But using public cloud services
also comes with an additional threat regarding the
security of data stored at public cloud.
II. SECURITY ISSUES
In a typical scenario where an application is
hosted in a cloud, there are two broad security
questions that arise :
– How secure is the Data?
– How secure is the Code?
Cloud computing environment is assumed as
a potential cost saver as well as provider of higher
service quality. Security,
Availability, Reliability, Data Integrity,
Confidentiality, Access control, Authentication is the
major quality concerns of cloud service users. In one
of the prominent challenge among all other quality
challenges.
2.1Security Advantages In Cloud Environments
Current cloud service providers operate very
large systems. They have complex processes and
expert personnel for maintaining their systems, which
small enterprizes may not even have access. Thus,
there are many direct and indirect security advantages
for the cloud users. Here we present some of the main
RESEARCH ARTICLE OPEN ACCESS
2. Anu Bhakthadas et al Int. Journal of Engineering Research and Applications www.ijera.com
ISSN : 2248-9622, Vol. 4, Issue 5( Version 2), May 2014, pp.189-193
www.ijera.com 190 | P a g e
security advantages of a cloud computing
environment:
Data Centralization In a cloud environment, the
cloud service provider takes care of storage issues
and small businesses need not spend a lot of money
on physical storage devices. Cloud based storage
provides a way to centralize the data in a faster and
potentially cheaper manner. This is very useful for
small businesses, which cannot spend more money
on security parameters to secure the data.
Incident Response IaaS providers can put up a
dedicated forensic server that can be used on demand
basis. As soon as, a security violation takes place in
the cloud environment, the server can be brought
online. In some investigation cases, even a backup of
the environment can be easily made and put onto the
cloud without affecting the normal course of
business.
Forensic Image Verification Time Some cloud
storage implementations expose a cryptographic
check sum or hash. For example, Amazon S3
generates MD5 (Message-Digest algorithm 5) hash
automatically when you store an object. Thus in
theory, the need to generate time consuming MD5
checksums using external tools is eliminated.
Logging In a traditional computing paradigm by and
large, logging is considered an afterthought.
Allocating insufficient disk space makes logging
either non-existent or minimal. However, in a cloud,
storage the need for standard logs is automatically
solved.
III. Problem Statement
Cloud security is becoming a key differentiator and
competitive edge between cloud providers. By
applying more stronger security techniques and
practices, cloud security may soon be more secure
than the level that IT departments achieve using their
own hardware and software.
A key hurdle to moving IT systems to the
cloud is the lack of trust on the cloud provider. The
cloud provider, in turn, also needs to enforce strict
security policies, which in turn requires additional
trust in the clients. To improve the mutual trust
between consumer and cloud provider, a good trust
foundation needs to be in place. Cloud computing can
mean different things to different people. The privacy
and security concerns will surely differ between a
consumer using a public cloud application and a
medium-sized enterprise using a customized suite of
business applications on a cloud platform and this
brings a different package of benefits and risks. What
remains constant, though, is the real value that the
user seeks to protect. For an individual, the value
which is at risk can range from loss of civil liberties
to the contents of bank accounts. For a business, the
value runs from important trade secrets to continuity
of business operations and public reputation. Much of
this is quite hard to estimate and translate into
standard metrics of value. The task in this transition
is to compare the opportunities of cloud adoption
with the risks associated with the same.
If cloud computing is so great, then why
isn’t everyone doing it? Because the cloud act as a
big black box nothing inside the cloud is visible to
client and this leads to two main issues that are :
Integrity It is degree of confidence that the data in
the cloud is protected against accidential or
intentional alteration without authorization. Thus it
implies that data should be honestly stored on the
cloud servers and any violation can be detected.
Privacy In this concept providers ensured that all
critical data example credit card number are masked
and only authorized users have access for it. In 2009
a major incident in SAAS cloud happened with
Google Docs. Google Docs allows users to edit
document online and share these documents with
other users. But once these documents shared with
any one it was accessible for everyone. Thus in era of
personal privacy personal data should really protect.
IV. Literature Survey
In 1990 the world was introduced to the
internet and we began to see distributed computing
power realized on large scale. Today we have the
ability to utilize scalable distributed computing
environment within the confines of internet, such a
practice is known as cloud computing. As we already
know there is lots of hype associated with cloud
computing.
Cloud computing is a huge topic for that
matter please note that we are still discovering many
security issues which will challenge to cloud
computing because cloud computing is still work in
progress and it is rapidly evolving. During a keynote
speech to the Brookings Institution policy forum,
cloud Computing for Business and
Society,[Microsoft General Counsel Brad] Smith also
highlighted data from a survey commissioned by
Microsoft measuring attitudes on cloud computing
among business leaders and the general
population[9]. The survey found that while 58
percent of the general population and 86 percent of
senior business leaders are excited about the potential
of cloud computing, but more than 90 percent of
these same people are concerned about the access,
security and privacy of their own data in the cloud.
3. Anu Bhakthadas et al Int. Journal of Engineering Research and Applications www.ijera.com
ISSN : 2248-9622, Vol. 4, Issue 5( Version 2), May 2014, pp.189-193
www.ijera.com 191 | P a g e
Figure 1: Survey showing issues related to cloud
As we go through the graph of rate of issues
and challenges over cloud it shows that security is
more demanding as compared to other issues.[10]
In [3] the author says that the US National
Institute of Standards and Technology (NIST), an
agency of the Commerce Department Technology
Administration, has created a cloud computing
security group. This group considers its role as
promoting the effective and secure use of the
technology within government and industry by
providing technical guidance and promoting
standards NIST has recently released its draft wide to
adopting and using the Security Content Automation
Protocol which identifies a quite of specifications for
organizing and expressing security-related
information in standard ways, as well as related data,
such as identifiers for software flaws and security
configuration issues. Its application includes
maintaining enterprise systems security. In addition
to NIST efforts, the industry itself can affect an
enterprise approach to cloud security. If there is
application of due diligence and development of a
policy of self-regulation to ensure that security is
effectively implemented among all clouds, then this
policy can also help in facilitating law-making. By
combining industry best practices with the oversight
NIST and other entities are still developing, we can
effectively address cloud computing future security
needs.
In [4] an introduction to cloud computing
has been presented that is expected to be adopted by
the governments, manufacturers and the
academicians in the very near future. The author also
gives an overall clue of all existing techniques for
cloud data security and methods proposed for
ensuring data authentication using TPA.
In [6] the author elaborates the various
unresolved issues threatening cloud computing
adoption and affecting the various stake-holders
associated with it. The author presents an approach
which is aimed at developing an understanding of the
security threats that hamper the security and privacy
of a user. The various characteristics of a secure
cloud infrastructure (public or private) have been
discussed and also its challenges and the ways to
solve them. The author also highlights various
security concerns related to the three basic services
provided by a Cloud computing environment and the
solutions to prevent them.
In [7] the author has worked towards
facilitating the client in getting a proof of integrity of
the data which he wishes to store in the cloud storage
servers with bare minimum costs and efforts. The
scheme was proposed by the author to reduce the
computational and storage overhead of the client as
well as to minimize the computational overhead of
the cloud storage server.
In [1] author suggests authentication and
encryption for secure data transmission from one
cloud to other cloud that requires secure and
authenticated data with elliptic curve cryptography.
The author has made use of Elliptic curve
cryptography to provide confidentiality and
authentication of data between clouds.
In [2] author considers the cloud
environment as a new computing platform to which
the classic methodology of security research can be
applied. The author determines to employ an
attribute-driven methodology to conduct their review.
In [8] the author analyses the basic problem
of cloud’s data security. With the analysis of the
architecture of HDFS, they get the data security
requirements of cloud computing and set up a
mathematical data model for cloud computing.
V. Proposed Work
5.1 Creating Web Application For Campus
Management
First of all, the Admin of the web portal
would verify its users. The users who can access this
web application from browser are Student, TPO, and
HR. If the user is verified successfully the admin
would approve the particular user. After the college
TPO or company admin have been approved now the
college TPO can in turn approve the college students.
All these users access application which is placed
over "APPLICATION SERVER". Application server
is safe server. All security credentials are stored in
application server. It is accessed by trusted person
say Third Party Auditor (TPA) after regular intervals
of time.
Data of this web application will be stored
over "DATABASE" server (public cloud). Data will
be transferred from Application server to Database
Server.
Our motto is to secure the data transfer from
one cloud (i.e. application server) to other cloud (i.e.
database server). We will maintain data integrity and
privacy using our strong security mechanism. Data
4. Anu Bhakthadas et al Int. Journal of Engineering Research and Applications www.ijera.com
ISSN : 2248-9622, Vol. 4, Issue 5( Version 2), May 2014, pp.189-193
www.ijera.com 192 | P a g e
will be encrypted using public key of database server
and sent to database server. While retrieving data
database server will send data to application server
by encrypting data by respective user’s public key.
Figure 2: Architecture
So if company will have their some
selection criteria process that is 60 percent or 50
percent then according to that they will fire the query
and will get the list of deserving candidate. Between
all these transaction there can be a person or a middle
man attacker who can exchange the real data stored
on cloud with his dummy data and false information
can be provided to the company.
5.2Secure Data Transfer From Cloud To Cloud
Let us assume that we have two
organizations A and B. A and B act as public clouds
with data, software and applications. A want to send
data to B’s cloud securely and data should be
authenticated.
Figure 3: Data Transfer
We are here trying to send a secure data
from A to B by applying digital signature and data
encryption. Suppose B wants an XML document
from A’s cloud then B’s user will place a request to
A’s user. A’s user select corresponding XML
document from A’s cloud data storage and then apply
the hash function, it will give message digest. Sign
the message digest with his private key by using A’s
software. It is called digital signature. Encrypt
digitally signed signature with B’s public key.
Encrypted cipher message will be send to B. B’s
software decrypt the cipher message to XML
document with his private key and verify the
signature with A’s public key.
5.3File Transfer
In File Transfer Module, students can
upload their resume, certificates and images while
filling students academic information form. Those
files will be transmitted in encrypted format and will
be stored in cloud in plain text format. Whenever
company wants to select the students for recruitment
process, they will fire the query based on criteria then
they will get the list of deserving students. They can
also download the resume of selected student for
viewing extra information related to them.
Attacks on File As there is need to provide security
to the data, there is also need to provide security to
the uploaded file. This is because attacker can attack
the file and he will able to do following various types
of attacks:-
1. Reading contents of file.
2. Viewing and copying of image present in
resume.
3. Attacker can also modify the contents of file.
4. Attacker can misuse the authorized documents
like Certificates.
VI. Conclusion
In this paper presented strong security
techniques to secure the data files of a data owner in
the cloud infrastructure. In our proposed scheme, we
have mainly tried to maintain the integrity and
privacy of the stored data. The public key, hash, and
private key ciphers used between the sender and
receiver ensure a secure environment at the cloud.
Future extensions include conducting an online
aptitude test for the eligible students and providing
security to the same.
References
[1] Veerraju Gampala. Data security in cloud
computing with elliptic curve cryptography.
International Journal of Soft Computing and
Engineering (IJSCE), 2, 2012..
[2] Zhifeng Xiao and Senior Member Yang
Xiao. Security and privacy in cloud
computing. IEEE COMMUNICATIONS
SURVEYS and TUTORIALS, 15.
[3] Lori M. Kaufman John Harauz. Data
security in the world of cloud computing.
IEEE Computer and Reliability society,
August
[4] Party Auditor Indrajit Rajput. Enhanced data
security in cloud computing with third party
auditor. International Journal of Advanced
Research in Computer Science and Software
Engineering, 3.
[5] Jens-Matthias Bohli. Security and privacy-
enhancing multicloud architectures. IEEE
TRANSACTIONS ON DEPENDABLE AND
5. Anu Bhakthadas et al Int. Journal of Engineering Research and Applications www.ijera.com
ISSN : 2248-9622, Vol. 4, Issue 5( Version 2), May 2014, pp.189-193
www.ijera.com 193 | P a g e
SECURE COMPUTING, 10, JULY/
AUGUST 2013.
[6] Amit Sangroya. Towards analyzing data
security risks in cloud computing
environments. JULY/AUGUST 2010.
[7] Ashutosh Saxena Sravan Kumar R. Data
integrity proofs in cloud storage. 2011..
[8] Gu Yaqiang Zhang Quan Tang Chaojing Dai
Yuefa, Wu Bo. Data security model for
cloud computing. November 21-22, 2009.
[9] http://www.microsoft.com/presspass/press/2
010/jan10/1-20BrookingsPR.mspx.